linux training vnr

7/15/2019 Linux Training VNR

http://slidepdf.com/reader/full/linux-training-vnr 1/182

LINUX TUTORIAL

1



CHAPTER - 1 LINUX INTRODUCTIONCHAPTER - 2 LINUX STRUTURE & BASIC COMMANDS

CHAPTER - 3 LINUX INSTALLATION

CHAPTER - 4 LINUX BOOT PROCESS & RUN LEVELS

CHAPTER - 5 LINUX FILESYSTEM STRUTURE & FILESYSTEM PERMISSIONSCHAPTER - 6 USERS & GROUPS

CHAPTER - 7 NETWORK MANAGEMENTCHAPTER - 8 DISK ADMINISTRATION

CHAPTER - 9 PACKAGE MANAGEMENT (RPMS)

CHAPTER - 10 AUTOMATED TASKS & SCHEDULEING

CHAPTER - 11 COMPRESS / BACKUP FILES USING TAR

CHAPTER - 12 DOMAIN NAME SERVICE (DNS)

CHAPTER - 13 DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP)CHAPTER - 14 TELNET & FILE TRANSFER PROTOCOL (FTP)

CHAPTER - 15 FIREWALL & IPTABLES

CHAPTER - 16 NETWORK FILE SYSTEM (NFS)

CHAPTER - 17 SAMBA

CHAPTER - 18 APACHE (HTTP)CHAPTER - 19 SENDMAILCHAPTER - 20 NETWORK INFORMATION SERVICE (NIS)

CHAPTER - 21 LINUX DATABASE (MySQL)

CHAPTER - 22 HOST MONITORING & HOST HEALTH CHECK LOGS

CHAPTER - 23 IMPORTANT CONFIGURATION FILES & IMPORTANT PORT NUMBER

2



CHAPTER - 1

3



UNIX O/S

HP-UX

Supported platforms:PA-RISC, IA-64

(where the PA - Precision Architecture and RISC -

reduced instruction setcomputer)

PA-RISC has beensucceeded by the Itanium

Latest stable release O/S: HP-UX 11i v3

IBM AIX

Supported platforms:ROMP, IBM POWER,PowerPC, IBM PS/2,System/370, ESA/390

Latest stable O/S release: AIX 7.1 TL2

SOLARIS(earlier SunOS now known as

Oracle Solaris)

Supported platforms:SPARC, IA-32, x86-64,

PowerPC (Solaris 2.5.1 only)

Latest stable O/S release:Solaris 11.1

LINUX

Some popular mainstream Linux distributions include:Debian (and its derivatives such as Ubuntu and Linux Mint),

Red Hat Enterprise Linux (and its derivatives such as Fedora andCentOS),

Mandriva/Mageia (result of fusion of the French distributionMandrakelinux or Mandrake Linux and the Brazilian distribution

Conectiva Linux),and

openSUSE (and its commercial derivative SUSE Linux EnterpriseServer)

#Red Hat Enterprise Linux#Supported platforms:

x86, x86-64; Power Architecture; S/390; z/Architecture[2]Latest stable O/S release: RHEL 6.4, RHEL 5.9

#Mandriva Linux#

Supported platforms:Current: x86 (i386, i486, i586, i686), x86-64, SPARC V9, SPARC64

Latest stable O/S release: Mandriva 2011

#Debian Linux#Supported platforms:

i386, AMD64, PowerPC, SPARC, ARM, MIPS, S390, IA-64Latest stable O/S release: Debian 6.0.7 (Squeeze)

#SUSE Linux Enterprise Server#

Supported platforms:IA-32, x86-64, s390x, PowerPC, ItaniumLatest stable O/S release: SUSE 11 SP2

4



5



LINUX (LIH-NUCKS)

Official OS Free OS(Red Hat Enterprises Linux) ( Red Hat 9, Fedora)

6



INTRODUCTION TO LINUX

• Linux is quite possibly the most important freesoftware achievement.

• It has been developed into an operating systemfor business, education and personalproductivity.

• Linux (pronounced with a short I, as in LIH-nucks) is a UNIX operating system clone.

7



History of Linux

• UNIX is one of the most popular operating systems worldwide because of its large support base anddistribution.

• It was originally developed at AT&T as a multitasking operating system for minicomputers and mainframes inthe 1970‘s, but has since grown to become one of the

most widely used operating systems.

• Linux is a free version of UNIX developed in 1991 by LINUS TORVALDS at the university of Helsinki inFinland.

8



About Linux

• Linus Torvalds originally developed Linux as ahobby project.

• Minix, a small UNIX system developed by

Andy Tanenbaum, inspired it• The Linux kernel uses no code from AT&T or

any other proprietary source.

• On October 5, 1991, Linus announced the first―official‖ version of Linux ,which was version0.02.

9



Famous Linux Distributions

> 300 Linux Distributions

– Slackware (one of the oldest, simple and stable distro.)

– Red Hat Linux

• RHEL (commercially support)

• Fedora (free)

– CentOS (free RHEL, based in England) – SuSe ( based in German)

– Gentoo (Source code based)

– Debian (one of the few called GNU/Linux)

– Ubuntu (based in South Africa)

– Knoppix (first LiveCD distro.) – Caldera Linux

– Mandrake Linux

– Open Linux

– Aryabhat Linux

10



Why Linux?

• Linux is a UNIX like operating systems

• Multi-user, Multi-tasking and Multi ProcessorSupport

• There are no royalty or license fees

― A Linux Distribution has thousands of

dollars worth of software for no cost or a coupleof dollars if purchased on CD/DVD ―

11



• Software Development Supports

• Linux runs on nearly any CPU

• Linux works very well as a personal computerUNIX for the desktop

• Linux works well for server operations

• X-Window system (An excellent window systemcalled X)

12



Hardware Requirement

CPU:Minimum : Pentium-classRecommended : 200 Mhz Pentium-class or better

Hard Disk Space:Minimum : 650 MB

Recommended : 2.5 GBFull Installation : 4.5 GB

* Additional Space will be required for file storage.

Memory:

Minimum for text-mode : 64MBMinimum for graphical : 128MBRecommended for graphical: 192MB

13



CHAPTER - 2

14



Getting Started

• The structure of a Linux System

• Kernel & Shell

• Login and Logout

• Basic Linux Commands

15



The Structure of Linux system

User commands

Shell

Kernel File Systems

Device Drivers

Hardware

User commands includes executable

programs and scripts

The shell interprets user commands.

It is responsible for finding the

commands and starting their execution. Several different shells

are available. Bash is popular,

The kernel manages the hardware

resources for the rest of the system.

16



The Structure of Linux system

User

Shell (Application Programs )

Kernel

hardware devices

Fig - I

17



Fig - II

18



• Hardware Devices :

The lower most layer is the hardware components

(i.e. physical components like your motherboard, hard disk drive,floppy drive, memory, etc…)

• Kernel :

When your system is booted, the Linux kernel will

be loaded into the memory of your system and after that thekernel will control the entire operating system.

• Shell :

Shell is an interpreter through which a user can

interact with kernel.

Shell is program or command.

An application program may be a image editor, word processor, music player, Games, and etc…..

19

B i C d



Basic Commands

• ls Listing the file and directory

syn: # ls <options> <Destination directory>

example: # ls – l

• man Help

example: # man ls• pwd Present working directory

# pwd

• mkdir Creating Directory

# mkdir ksn

• cd Changing the directory

# cd ksn

20



To Create a file

• There are four type file creation

1. Cat2. Touch

3. Vi editor

4. Gedit

21



Cat Command

it‘s used to one of the file creation and right now give some content.

• To Create a file# cat >ksn

welcome to

accel it academy ^D• To add a Content

# cat >>ksn Vadapalani

^D

• To view the content in a file# cat ksn

welcome to Accel it academy Vadapalani

# 22



Touch Command

• it‘s used to Empty file creation.

# touch ksn

#

23



Gedit Command

• It‘s file create and modify in X Windows Terminal

#geditor

# gedit <filename>

# gedit ksn

24



Vi editor

• This type of file create and modify in CUI andGUI terminal mode.

• It‘s a editing tool.

• We can worked on three modes1. ESC mode

2. Insert mode

3. Command mode

Syntax : # vi <Filename>

Example : # vi ksn

25



• Esc a – Curser move the next position switch to insert mode.

• Esc i – Curser move to the beginning of the line and switch to insert mode.

• Esc A – Curser move to the end of the line and switch to insert mode.

• Esc o – Insert the new line below the curser position and switch to insert mode.• Esc O – Insert the new line above the curser position and switch to insert mode.

• Esc r – Replace the single character.

• Esc R – Replace the enter line after the curser position

• Esc s – Deleted current character and switch to insert mode.

• Esc S – Deleted the enter line

• Esc x – To delete a character.

Esc k

Esc h Esc l

Esc g

• Esc gg – Move the curser to beginning of the first line.

• Esc GG – Move the curser to the beginning of the lost line.26



• Esc w – Move the curser to beginning of the next word.

• Esc d – Move the curser to the beginning of previous word.

• Esc dd – Delete the current line‘s.

•Esc dw

–delete the current word‘s.

• Esc yy – Copy the current line.

• Esc yw – Copy the current word.

• Esc p – Paste the line and words.

• Esc u – Undo.

• Esc + Ctr + r – Redo.

• Esc : set nu – To display enter line with numbering.

• Esc : q – Quite without save file.

• Esc : q! – Force quite without save file.

• Esc : wq – To save and Quit.• Esc : wq! – To force save and quit.

27



• rmdir - To remove the directory

• rm – r - To remove the directory

• rm - To remove the file.

• type cat - To find out the location of the command

• file ksn - To view the type of file• wc - To view the no, of lines (l) , no, of word (w), no, of characters (c) in

file

• mv - To move the file

• cp - To copy the file and directory

• head - 10 ksn – To view the top 10 lines in a file• tail – 10 ksn - To view the bottom 10 lines in a file

• sort ksn - To saw the order wise in a file ( numerical(-n) and reverse (-r)

• grep -To search for the string

• aspell – c ksn – To check the correct content in a file

• hostname ksn – To change the hostname in ksn

• exit -To logout M/C

• logout - To logout M/C

• clear - To clear the screen

28



• who - who logged in to our system currently

• whoami - To show the current user

• tty - To show the current terminals

• echo - To display the typed message

• wall - To send the broadcast message

• Write - To send the message in particular user

• date - To show the date and time

• cal - To show the calendar

• bc - Calculator

29



CHAPTER - 3

30



Installation of REDHAT Linux

― Do Lab ―

Better

31

The X Window System (GUI)



The X-Window System (GUI)and

Command Mode System (CUI)• The heart of Red Hat Linux is the kernel

• For many users, the face of the operating system

is the graphical environment provided by the X Windows System, also called X.

• For Advanced users, the face of the operating system is the command line user interface (for

fast performance and fast execution)

32



CHAPTER - 4

33



Linux Boot Process & Run Level

34



35

POST (P lf )



• POST : (Power on self test )

If will test what are commanded connected to the mother board and

they are properly working or not.

• BSL : (Boot Strap Loader )

If will search the correct position and the booting file in thesecondary storage device, normally it‘ll search the MBR.

• MBR : (Master Boot Record )

The Information about the boot loader.

• Boot Loader :1. GRUB – Grant unified boot loader (default install in Linux)

2. LILO - Linux Loader

GRUB file path ― /etc/grub.conf ‖

LILO file Path ― /etc/lilo.conf ‖

36



RUN LEVEL

• Init 0 – Halt• Init 1 – Single-user mode• Init 2 – Multi-user without Networking (user-definable)• Init 3 – Full multi-user mode (CUI)

• Init 4 – Not used (use-definable)• Init 5 – Full multi-user mode (with an x-based screen or GUI )• Init 6 – Reboot• To show the current run level

# runlevel• To change the run level

# vi /etc/inittabid:3:initdefault

37



CHAPTER - 5

38



Linux File System Structure

39



40



Directory Tree(r oot)

When you log on the the

Linux OS using your

username you are

automatically located in

your home directory.

41



• The /dev Directory :

The directory contains file system entries which represent device

that are attached to the system.

• The /etc Directory : The directory is reserved for configuration file that are local to your

machine.

• The /lib Directory :

The directory should contain only those libraries that are needed toexecute the binaries in /bin and /sbin.

• The /dev Directory :

The directory refers to temporarily mounted file systems, such as

CD-ROMs and floppy disks.• The /opt Directory :

The directory provides an area for usually large, static application

software package to be stored.

42

• Th /p Di t



• The /proc Directory :

The directory contains special ― file‖ that either extract

information from or send information to the kernel.

• The /sbin Directory : The directory is for executables used only by the root user.

• The /bin Directory :

The directory is for executables used only by the users.

• The /usr Directory : The directory is for files that can be shared across a whole site.

• The /var Directory :

The directory ― … variable data files. This include spool

directory and file, administrative and logging data, and transient and temporary files‖.

• The /root Directory :

This is home directory for the administrator.

43

Th /h



• The /home Directory :

The directory have the home directory for the user‘s.

• The /boot Directory : The directory have the kernel and booting files.

• The /tmp Directory :

The directory only temporarily files stores.

• The /lost + found Directory :

The directory used by function to placed the files.

Examples : linking files.

44



Files Permission

• To change the permission to file and directory‘s

-/- - -/- - - /- - -

45



Types of the Files

• - Regular file

• d Directory

• b Block device

• l Linking files

• c Character files

46

Default permission in file and



Default permission in file anddirectory

• File

- / r w -/r - - /r - -

• Directory

d / r w x /r – x /r – x

47

Fil i i b i



File permission can be assign two

ways

• Symbolic method.

• Numeric 0r Absolute method.

48



Symbolic Method

• + To add a Permission

• - To remove a permission

• = To assign permission to equal

• U User or Owner

• G Group

• O Other‘s or Public • a All (user, group, and other‘s)

49



Examples

• To create a file# touch ksn

# ls – l

-/ r w - / r - - /r - -• To change the permission

Ex 1: # chmod < Permission> <file or directory># chmod g+wx ksn

-/ r w -/r w x /r - -Ex 2: # chmod a=rw ksn

- / r w - /r w - /r w –

50



Numeric or Absolute Method

• Permission can be assigned using numeric word.

51



Examples

• Syntax :#chmod <permission> <File or Directory >

# chmod U G O file or dir

• Example:

#chmod 742 ksn

d/ r w x / r - - /- w -

# chmod 312 ksn- / - w x /- - x / - w –

― Do Practice‖

52



Advance or Special Permission

• This file permission assign to a execute file.

( Directory)

Setuid = 4

Setgid = 2

Stickybit = 1

53

T i i i d



• To assign execute permission user, group, andothers means.

Setuid – Set user identify – sSetgid – Set group identify – s

Stickybit – Other identify – t

• Can ‗t to assign execute permission user, group,and others means.

Setuid – Set user identify – S

Setgid – Set group identify – S

Stickybit – Other identify – T

54



Examples

- / - - S or s /- - S or s /- - T or T

Identify

• Syntax :

#chmod <permission> <File or Directory ># chmod ID U G O file or dir

To assign the user, group, and others• Example:

#chmod 5742 ksn

d/ r w s / r - - /- w T

# chmod 7241 ksn- / - w S /r - S / - - t

― Do Practice‖ 55



CHAPTER - 6

56



USERS & GROUPS

57



USERS Administration

58

• Linux we can create up to 65535 users



• Linux we can create up to 65535 users.

• Each user will be assign the unique id starting from 0 to65535.

• User id from 0 to 99 is assigned for build user.

• We can assign the user id from 100 to 65535.

• By default system will assign the user id starting from 500.

User Account Database

59



Simple Creation in Terminal

• Syntax : # useradd <username> or

# adduser <username>

• Example:

# useradd ksn

by default system create:

Home directory : /ksn

User ID : 500Group ID : 500

Shell : /bin/sh

60



Manual Creation in Terminal• Syntax : # useradd <options> <username> or

# adduser <options> <username>

• Example:

# useradd -u 100 – s /bin/bash ksn

• Options :-u – To set the user ID.

-g – To set the group ID.

-G – To set the secondary group ID.

-c – Commands.

-s – To specify the shell (ksh, bash, and t-csh or csh).

ksh Korn shell

bash Bourne again shell

c-sh Turbo compiler shell61

• To modify the user accounts:



• To modify the user accounts:

# usermod – u 200 – s /bin/bash ksn

to change the user ID (200) and shell (bash) in ksn user.

• To deleting an user‘s: # userdel ksn (to delete a without home directory)

# userdel – r ksn (to delete a with home directory)

• To set password the user:#passwd ksn

New password : *****

Retype password: *****• To set without password the user:

# passwd – d ksn (-d means without password).

62



Group Administration in Terminal

• A group contain similar type of user as it members.( Collection of users called as group)

• The Group Add :

Syntax : #groupadd [-g GID ] group name

Example : #groupadd – g 100 Linux-Admin

• The Group Modify:

Syntax : # groupmod [ -g new gid ] [ -n new name] group name

Example : #groupmod – g 109 – n mail-Admin Linux-Admin

• The Delete a Group:

Example : #groupdel Linux-Admin

63



Graphical Mode (User & Group)

64



CHAPTER - 7

65



Network Management

66

Linux TCP/IP Network Configuration Files:

Fil D ripti n



File Description

/etc/resolve.conf List DNS servers for internet domain name

resolution.

Manual page for: /etc/resolv.conf

/etc/hosts Lists hosts to be resolved locally (not by DNS).Manual page for: /etc/hosts

/etc/nsswitch.conf List order of host name search. Typically look at local

files, then NIS server, then DNS server.

Manual page for: /etc/nsswitch.conf

Red Hat/Fedora/CentOS: /etc/sysconfig/network Specify network configuration. eg. Static IP, DHCP,

NIS, etc.

Red Hat/Fedora/CentOS: /etc/sysconfig/network-

scripts/ifcfg-device Specify TCP network information.

Ubuntu/Debian: /etc/network/interfaces Specify network configuration and devices. eg. Static

IP and info, DHCP, etc.

TCP Wrappers (Network Security)/etc/hosts.allow Allows only the specific ports, services and networks/etc/hosts.deny Rejects only the specific ports, services and networks

Special routing information may be specified, if necessary, in the file(Red Hat/Fedora): /etc/sysconfig/static-routes(SUSE): /etc/sysconfig/network/routes 67


Define network parameters using Unix command line interface:



Define network parameters using Unix command line interface:

Define IP address:

Examples:

ifconfig eth0 XXX.XXX.XXX.XXX netmask 255.255.255.0 broadcast XXX.XXX.XXX.255

ifconfig eth1 192.168.10.12 netmask 255.255.255.0 broadcast 192.168.10.255configuration file:

(Red Hat/Fedora): /etc/sysconfig/network-scripts/ifcfg-device

(SUSE): /etc/sysconfig/network/ifcfg-eth-id-XX:XX:XX:XX:XX)

Query NIC with ethtool:

Command Descriptionethtool -g eth0 Queries ethernet device for rx/tx ring parameter information.

ethtool -a eth0 Queries ethernet device for pause parameter information.

ethtool -c eth0 Queries ethernet device for coalescing information.

ethtool -i eth0 Queries ethernet device for associated driver information.

ethtool -d eth0 Prints a register dump for the specified ethernet device.

ethtool -k eth0 Queries ethernet device for offload information.

ethtool -S eth0 Queries ethernet device for NIC and driver statistics.

mii-tool - view, manipulate media-independent interface status syntax: mii-tool <ethernet device>

ethtool - Display or change ethernet card settings syntax: ethtool <ethernet device>

ifconfig – Display the ethernet IP information syntax: ifconfig -a <ethernet device>

route - show / manipulate the IP routing table (Static route)

syntax: route -e (or) route -v (or) netstat -rn 68

Manipulate routes:




p

Option Description

add or del or neither Add or delete route information. If not specified then print route table information.

-host XXX.XXX.XXX.XXX Add a single computer host identified by the IP address.

-net XXX.XXX.XXX.XXX Add a network identified by the network address, to the route.

gw XXX.XXX.XXX.XXX Specify the network gateway.netmask XXX.XXX.XXX.XXXSpecify the network netmask.

default Of all the routes specified, identify one as the default network route.

(typically the gateway is specified as the default route)

Show routing table: route -e (or) route -v (or) netstat -rn

Access individual computer host specified via network interface card eth1:route add -host 123.213.221.231 eth1

Access ISP network identified by the network address and netmask using network interface card eth0:

route add -net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0

Conversly: route del -net 10.13.21.0 netmask 255.255.255.0 gw 192.168.10.254 eth0

Specify default gateway to use to access remote network via network interface card eth0:

route add default gw 201.51.31.1 eth0(Gateway can also be defined in /etc/sysconfig/network)

Specify two gateways for two network destinations: (i.e. one external, one internal private network. Tworouters/gateways will be specified.)

Add internet gateway as before: route add default gw 201.51.31.1 eth0

Add second private network: route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.10.254 eth0

69




Enable IP Forwarding:

1) Turn on IP forwarding to allow Linux computer to act as a gateway or router.echo 1 > /proc/sys/net/ipv4/ip_forward2) Another method is to alter the Linux kernel config file: /etc/sysctl.conf Set the following value:

net.ipv4.ip_forward = 1

Useful Linux networking commands:

/etc/rc.d/init.d/network start - command to start, restart or stop the network

(or)/etc/init.d/network start

netstat - Display connections, routing tables, stats etc

List all connected processes: netstat -nap

Show network statistics: netstat -sDisplay routing table info: netstat -rn

Display port listening: netstat -antup | grep -i listen

Display interface statistics: netstat -i

ping - send ICMP ECHO_REQUEST packets to network hosts. Use Cntl-C to stop ping.

synatx: ping <IP Address or Hostname> (or) ping -c1 <IP Address or Hostname>

traceroute - print the route packets take to network host. synatx: traceroute <IP Address or Hostname>

tcpdump - print the network traffic on the ethernet synatx: tcpdump -ni <ethernet device>

70



CHAPTER - 8

71



Disk Administration

72



Devices• Devices are either block devices or character devices.

• A Character device is one from which you can read a sequenceof character. Example: Keyboard.

• A block device is one that stores data and offers access to allparts equally, It‘s also referred as random access devices.

Example : Hard disk.

• /dev/hda - IDE Hard disk – Primary Master.

• /dev/hdb - IDE Hard disk – Primary Slave.

• /dev/hdc - IDE Hard disk – Secondary Master.• /dev/hdd - IDE Hard disk – Secondary Slave.

• /dev/sda - First SCSI Hard disk.

• /dev/sdb - Second SCSI Hard disk.

73

• /dev/fd0 - Floppy Disk Drive.



ppy

• /dev/cdrom - Cdrom Drive – Linked to corresponding hard disk device file according to the configuration.

• /dev/hda1 - First partition in the primary master IDE hard disk drive .

• /dev/hda2 - Second partition in the primary master IDE hard disk drive .

• /dev/sda1 - First partition in the first SCSI hard disk drive.• Mount - For accessing a block device you have to mount it in

the different devices. The location you are mounting the device is called the mounting point.

# mount <device path> <mounting point># mount /dev/cdrom /root/ksn

• Umount - Is used to unmount a mount file systems.

# umount /root/cdrom74

• The /etc/mtab file :



/ /

The file contains the information about the currently mountedfile systems. This file will automatically updated when you are mounting orunmounting partitions.

• The /etc/fstab file :

Is a text file which contain the information of the file system. This file reads during the system startup and the file specified in it will get mountedautomatically.

• Creating New File systems : After formatting a block device like floppy you have to make

file system on the floppy .

Syntax : # mkfs – t fstype device name

Example : #mkfs – t ext2 /dev/fd0

File system:

Ext2 --- Extended 2

Ext3 --- Extended 3

75

Disk partition Steps :



Disk partition Steps :• To show the partition:

# fdisk – l

• To create a partition:Example : Secondary IDE hard disk means ( /dev/hdb )

#fdisk /dev/hdbcommand (m for help) : m

command (m for help) : n

command action

l logical (5 or over)

p Primary (1 – 4 )press l

First Cylinder (400 – 2437, default 400) : 400

last cylinder or +size or +sizeM or +sizeK (400-2437, default 2437) : 500

command (m for help) : w

• Reboot your machine: # reboot

• Create a file system:Example : /dev/hdb8

# mkfs – t ext3 /dev/hdb8

• To mount the partition:

# mount /dev/hdb8 /ksn

76

LVM



LVM

Storage Architecture

2 PVs

2 PVs (Physical Volumes can be more than 2)

77




VG with 2 PVs

VG

PV PV

78




VG with 2 PVs and 1 LV

LV

PV PV VG

79

Logical Volume Manager (LVM)



80




81




82




83




84




85




86




87




88




89



CHAPTER - 9

90

RPMS



RPMS

Red Hat Package Management Services

91

RPM (Red Hat Package Manager)•

P k i ll ti f ft li ti Th t b i t ll d d t



• Package is a collection of software or application. That can be installed or update ordeleted for Linux operating system.

• rpm is a powerful Package Manager for Red Hat, Suse and Fedora Linux. It can be

used to build, install, query, verify, update, and remove/erase individual softwarepackages. A Package consists of an archive of files, and package information, including name, version, and description:

• First Mount the CDROM

# mount /dev/cdrom /ksn

#cd /ksn

#ls - l

1. Install

2. Update

3. Refresh or Reinstall4. Delete

5. Query

92



93



CHAPTER - 10

94

Automated Tasks



or

Schedule• In Linux, task can be configured to run

automatically with in a specified period of

time, on a specified date.

1. at

2. cron

95

at : To schedule a one-time job at specific time.



j pSyntax : # at HH:MM formatExample: # at 10:30 pm

at> power off Ctrl + d

Cron :

Cron is a daemon that can be used to schedule the execution of recurring task according to a combination of the time, day of the month, month, day of the week,

and week. ― /etc/crontab ‖ ( * means – Everyday)

Syntax : #crontab filenameExample : # crontab backup

steps : #cat >>backupmin hrs day month week command(0-59) (0-23) (1-31) (1-12) (0-6)

45 11 * * * power off # crontab -l (-l means List the schedule)

96

Display Cron Table using Option -l (-l stands for list)

This allows you to edit the crontab of the current user.

# t b l



# crontab -l

53 00 * * 7 /bin/sh /home/root/bin/server-backup

This will display the cron jobs of other users, combine -l with -u option.

# crontab -u oracle -l

01 00 * * * /bin/sh /home/oracle/bin/rman-backup

Delete All Cron Jobs using Option -r (-r stands for remove)

This will remove all the cron job entries of the current user

# crontab -l


01 00 * * * /bin/sh /home/root/bin/check-user-quota

# crontab -r

# crontab -l

no crontab for root

-i stands for interactive mode. Combining -i with -r will ask you a confirmation before removing all thecrontab entries.

# crontab -ircrontab: really delete root's crontab? n

This allows cron jobs to remove for other users, combine -r with -u option.


01 00 * * * /bin/sh /home/oracle/bin/rman-backup

# crontab -u oracle -r


no crontab for oracle 97

Tweaking Other Users Crontab using Option -u (-u stands for user)

If you don’t specify -u username, crontab commands wil be executed on the current user.

t b l



crontab -l

crontab -e

crontab -r

If you specify -u username, the crontab command will be executed on the given username

crontab -u oracle -lcrontab -u oracle -e

crontab -u oracle -r

Edit Cron Table using Option -e (-e stands for edit)

This allows you to edit the crontab of the current user.

# crontab -e


When you save your edits and come out of the Vim editor, it will display oone of the following messages,depending on whether you made any changes or not.

# crontab -e

crontab: no changes made to crontab

# crontab -ecrontab: installing new crontab

This allows cron jobs of other users, combine -e with -u option.

# crontab -u oracle -e

crontab: installing new crontab

98



CHAPTER – 11

The Ultimate Tar Command

Tutorial with 10 PracticalExamples

99

On Unix platform, tar command is the primary archiving utility. Understanding various tarcommand options will help you master the archive file manipulation.

1. Creating an archive using tar command



Creating an uncompressed tar archive using option cvf

This is the basic command to create a tar archive.

$ tar cvf archive_name.tar dirname/

c – create a new archive; v – verbosely list files which are processed; f – following is the archivefile name

Creating a tar gzipped archive using option cvzf

The above tar cvf option, does not provide any compression. To use a gzip compression on the

tar archive, use the z option as shown below.

$ tar cvzf archive_name.tar.gz dirname/ z – filter the archive through gzipNote: .tgz is same as .tar.gz

Note: I like to keep the ‘cvf’ (or tvf, or xvf) option unchanged for all archive creation (or view, or

extract) and add additional option at the end, which is easier to remember. i.e cvf for archive

creation, cvfz for compressed gzip archive creation, cvfj for compressed bzip2 archive creation

etc., For this method to work properly, don’t give – in front of the options.

Creating a bzipped tar archive using option cvjf Create a bzip2 tar archive as shown below:

$ tar cvfj archive_name.tar.bz2 dirname/

j – filter the archive through bzip2

gzip vs bzip2: bzip2 takes more time to compress and decompress than gzip. bzip2 archival size

is less than gzip.

Note: .tbz and .tb2 is same as .tar.bz2 100

2. Extracting (untar) an archive using tar commandExtract a *.tar file using option xvf

Extract a tar file using option x as shown below:



$ tar xvf archive_name.tar

x – extract files from archive

Extract a gzipped tar archive ( *.tar.gz ) using option xvzf

Use the option z for uncompressing a gzip tar archive.$ tar xvfz archive_name.tar.gz

Extracting a bzipped tar archive ( *.tar.bz2 ) using option xvjf

Use the option j for uncompressing a bzip2 tar archive.

$ tar xvfj archive_name.tar.bz2

Note: In all the above commands v is optional, which lists the file being processed.

3. Listing an archive using tar commandView the tar archive file content without extracting using option tvf

You can view the *.tar file content before extracting as shown below.

$ tar tvf archive_name.tar

View the *.tar.gz file content without extracting using option tvzf

You can view the *.tar.gz file content before extracting as shown below.

$ tar tvfz archive_name.tar.gz View the *.tar.bz2 file content without extracting using option tvjf

You can view the *.tar.bz2 file content before extracting as shown below.

$ tar tvfj archive_name.tar.bz2

4. Listing out the tar file content with less command

When the number of files in an archive is more, you may pipe the output of tar to less like the

below $ less XML-Parser-2.36.tar.gz 101

5. Extract a single file from tar, tar.gz, tar.bz2 fileTo extract a specific file from a tar archive, specify the file name at the end of the tar xvf

command as shown below. The following command extracts only a specific file from a large tar



file.

$ tar xvf archive_file.tar /path/to/file

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as

shown below.$ tar xvfz archive_file.tar.gz /path/to/file

$ tar xvfj archive_file.tar.bz2 /path/to/file

6. Extract a single directory from tar, tar.gz, tar.bz2 file

To extract a single directory (along with it’s subdirectory and files) from a tar archive, specify

the directory name at the end of the tar xvf command as shown below. The following extracts

only a specific directory from a large tar file.$ tar xvf archive_file.tar /path/to/dir/

To extract multiple directories from a tar archive, specify those individual directory names at

the end of the tar xvf command as shown below.

$ tar xvf archive_file.tar /path/to/dir1/ /path/to/dir2/

Use the relevant option z or j according to the compression method gzip or bzip2 respectively as

shown below.$ tar xvfz archive_file.tar.gz /path/to/dir/

$ tar xvfj archive_file.tar.bz2 /path/to/dir/

7. Extract group of files from tar, tar.gz, tar.bz2 archives using regular expression

You can specify a regex, to extract files matching a specified pattern. For example, following tar

command extracts all the files with pl extension.

$ tar xvf archive_file.tar --wildcards '*.pl ' 102

8. Adding a file or directory to an existing archive using option -r

You can add additional files to an existing tar archive as shown below. For example, to append a



file to *.tar file do the following:

$ tar rvf archive_name.tar newfile

This newfile will be added to the existing archive_name.tar. Adding a directory to the tar is

$ tar rvf archive_name.tar newdir/ Note: You cannot add file or directory to a compressed archive. If you try to do so, you will get

“tar: Cannot update compressed archives” error as shown below.

$ tar rvfz archive_name.tgz newfile

tar: Cannot update compressed archives

9. Finding the difference between an archive and file system can be done even for a

compressed archive. It also shows the same output as above excluding the lines with Verify.Finding the difference between gzip archive file and file system

$ tar dfz file_name.tgz

Finding the difference between bzip2 archive file and file system

$ tar dfj file_name.tar.bz2

10. Estimate the tar archive size

estimates the tar file size ( in KB ) before you create the tar file.$ tar -cf - /directory/to/archive/ | wc -c

20480

estimates the compressed tar file size ( in KB ) before you create the tar.gz, tar.bz2 files.

$ tar -czf - /directory/to/archive/ | wc -c

$ tar -cjf - /directory/to/archive/ | wc -c 103



CHAPTER - 12

104

DNS



DNS

Domain name Service

or

Berkely Internet Name Domain (BIND)

105



• An IP address helps a computer system toidentify itself in a network.

• Referring hosts by their IP address is convenient

for computers, but humans have an easier time working with names.

• There are two types of zones.

Forwards zone (.zone)

Reverse zone (.local)

106

1. To check the package# rpm –qa bind* (package name=bind)



2. To config the hosts

# vi /etc/hosts

10.0.0.9 ksn.king.com ksn

# vi /etc/sysconfig/network

NETWORK=yes

HOSTNAME=ksn

3. To assign the IP address

# setup or netconfig or neat

4. To create a zones:# cd /var/named

#cp named.local ksn.local

#cp localhost.zone ksn.zone

107

A DNS zone file is a text database file that describes a portion of the domain name system (DNS) called a DNS zone.A zone contains mappings between domain names and IP addresses and other resources, organized in form of resource

records (RR).

There are different types of DNS Resource Records (RRs) The most common types of Resource Records (RRs) are listed



There are different types of DNS Resource Records (RRs). The most common types of Resource Records (RRs) are listed

below.

"A" (Address) type Resource Record

An "A" (Address) type Resource Record is an "IPv4 host record" and it is the most common type. An "A" type is simply a

static mapping of a hostname to an IPv4 address."AAAA" (IPv6 Address) type Resource Record

An "AAAA" (IPv6 Address) type Resource Record is an "IPv6 host record", which is used to map a host name to an IPv6

address.

"MX" (Mail eXchanger) Resource Record

An "MX" (Mail eXchanger) Resource Record is specifically for mail servers. It's a special type of service-specifier record. It

identifies a mail server for the domain.

"CNAME" (Canonical Name) Resource Record

A "CNAME" (Canonical Name) Resource Record is an alias record. By creating a CNAME record, we can make the same

physical server respond to two different hostnames.

"PTR" (Pointer) type Resource Record

A "PTR" (Pointer) type Resource Record resolve IP addresses into hostnames.

"NS" (Name Server) record

"NS" (Name Server) records specify the authoritative DNS servers for a domain."SOA" (Start Of Authority) record

"SOA" (Start Of Authority) record is the first record in the zone file. An "SOA" record is only present in a zone file located on

authoritative DNS servers. "SOA" (Start Of Authority) specifies

• The primary authoritative DNS server for the zone (domain).

• The e-mail address of the zone's (domain's) administrator.

• Timing related information to the secondary DNS servers like refresh or expire interval, serial number to indicate the

version of the zone file etc. 108

A sample forward lookup zone directive and forward lookup zone file is copied below. You can see the differentResource Records (RRs) like SOA, NS, A, and CNAME in the zone file.

Sample forward lookup zone directive in /etc/named.conf file



109

Sample forward lookup zone directive in /etc/named.conf file

zone "ksn.com" IN {

type master;

file "ksn.com.zone.db";

allow-query { 192.168.1.0/24; };};

Corresponding forward lookup zone file

$ORIGIN .

$TTL 86400 ; 1 day

ksn.com IN SOA RHEL04.ksn.com. admin.ksn.com. (

2009072845 ; serial

10800 ; refresh (3 hours)

900 ; retry (15 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS RHEL04.ksn.com.

NS RHEL05.ksn.com.

$ORIGIN ksn.com.

ftp CNAME RHEL04.ksn.com

RHEL04 A 192.168.1.104

RHEL05 A 192.168.1.105

RHEL06 A 192.168.1.106

www A 192.168.1.104

A sample reverse lookup zone directive in /etc/named.conf file and corresponding reverse look up zone file is copiedbelow.

Sample reverse lookup zone directive in /etc/named.conf file



Sample reverse lookup zone directive in /etc/named.conf file

zone "1.168.192.in-addr.arpa" IN {

type master;

file "1.168.192.in-addr.arpa";

allow-update { none; };};

Corresponding reverse lookup zone file

$TTL 86400

@ IN SOA RHEL04.ksn.com. root.RHEL04.ksn.com.(

2009072852 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS RHEL04.ksn.com.

104 IN PTR RHEL04.ksn.com.



110

• To update the service

# service named restart



# service named restart

# service network restart

• To check the result in client side or server side:

# nslookup 192.168.1.0

# nslookup admin.ksn.com

# nslookup www.ksn.com

111



CHAPTER - 13

112



DHCP

(Dynamic Host Configuration Protocol )

113

DHCP



DHCP

• DHCP is network protocol for automatically assigning TCP / IPinformation to client machines.

• Port number : server = 547

client = 546

• Package name : dhcpd• Daemon name : dhcpd

• Configure file : ― /etc/dhcpd.conf ―

Red Hat/CentOS/Fedora: /etc/dhcpd.conf

(See /usr/share/doc/dhcp-3.X/dhcp.conf.sample)• By Default lease duration

8 day‘s Minimum

999 day‘s Maximum

114

DHCP lease (or) DORA Process



DHCP lease (or) DORA Process

DHCP DHCP

Client Server

D Discover

O OfferR Request

A Acknowledgement

115

Dynamic Host Configuration Protocol (DHCP) Lease ProcessThe process of leasing an IP address occurs in the following four phases:



116

• Discovery (Message from DHCP client to DHCP Server): The DHCP client broadcasts a

DHCP discover message on the network containing its MAC address to find a DHCP

server running in the network.

• Offer (Message from DHCP server to DHCP client): Each DHCP server on the network

that receives the request responds with a DHCP offer message. An offered IP address is

included in the message.

• Request (Message from DHCP client to DHCP Server): When a DHCP client receives a

DHCPOffer packet, it responds by broadcasting a DHCPRequest packet that contains

the offered IP address, and shows acceptance of the offered IP address. If multiple

DHCP servers respond, the client selects the first offer it receives and broadcasts a

DHCP request for the IP address. The message is broadcast on the network because

the client has not yet been assigned an IP address; it has only been offered one.

• Acknowledge (Message from DHCP server to DHCP client): The DHCP server

responds with a DHCPACK (acknowledgment) granting the client's request to use the IP

address. The DHCPACK also contains information about any DHCP options that have

been configured on the server (such as the IP address of the DNS server).

Dynamic Host Configuration Protocol (DHCP) configuration file (/etc/dhcpd.conf) sample conf fileddns-update-style interim;

ignore client-updates;

subnet 192 168 1 0 netmask 255 255 255 0 {



subnet 192.168.1.0 netmask 255.255.255.0 {

# --- default gateway

option routers 192.168.1.1;

option subnet-mask 255.255.255.0;# option nis-domain "domain.org";

option domain-name "omnisecu.com";

option domain-name-servers 192.168.1.1;

# option time-offset + 19800; # Eastern Standard Time

# option ntp-servers 192.168.1.1;

# option netbios-name-servers 192.168.1.1;# --- Selects point-to-point node (default is hybrid). Don't change this unless# -- you understand Netbios very well

# option netbios-node-type 2;

# range dynamic-bootp 192.168.0.128 192.168.0.254;

range 192.168.1.210 192.168.1.220;

default-lease-time 21600;

max-lease-time 43200;

# we want the nameserver to appear at a fixed address

# host ns {

# next-server marvin.redhat.com;

# hardware ethernet 12:34:56:78:AB:CD;

# fixed-address 207.175.42.254;

# } 117

• ddns-update-style interim: Confirms Dynamic DHCP.

• ignore client-updates: This setting don't allow users on client computers to change their host names.

b 192 168 0 0 k 255 255 255 0 D ib k i h dd f 192 168 0 0 d b



• subnet 192.168.0.0 netmask 255.255.255.0 Describes a network with an address of 192.168.0.0 and a subnet

mask of 255.255.255.0. This allows the local DHCP server to assign addresses in the range 192.168.0.1 to

192.168.0.254 to different computers on this network. If you've configured a different network IP address, you'll

want to change these settings accordingly.• option routers: Lists the default router.

• option subnet-mask: Specifies the subnet mask for the local network.

• option nis-domain: Specifies the NIS domain name

• option domain-name: Domain name for the network

• option domain-name-servers DNS Server for the network

• option time-offset: Lists the difference from Greenwich Mean Time.

• option ntp-servers Network Time Protocol (NTP) servers

• option netbios-name-servers: WINS (Windows Internet Name Servers) Servers. Used for NetBIOS name

resolution.

• range dynamic-bootp: BOOTP range

• default-lease-time: Specifies the lease time for IP address information, in seconds.• max-lease-time Specifies the maximum lease time for IP address information, in seconds.

• next-server: Boot server for network computers

Linux Dynamic Host Configuration Protocol (DHCP) leases file is /var/lib/dhcpd/dhcpd.leases.

118

Dynamic Host Configuration Protocol (DHCP) Client Configuration The command used to set up a DHCP client is the "dhclient" command, or "system-config-network" GUI tool.

Make sure that the /etc/sysconfig/network configuration file includes the following line:

NETWORKING=yes



NETWORKING=yes

Next, make sure that the /etc/sysconfig/network-scripts/ifcfg-eth0 script contains the following lines (if you're

using a different network device, modify the appropriate file in /etc/sysconfig/network-scripts directory):

BOOTPROTO='dhcp'ONBOOT='yes'

The next time when the client is rebooted, it will get the IP address information automatically from the DHCP

server configured in the network.

Starting DHCP server:

/etc/rc.d/init.d/dhcpd start

To Obtain DHCP IP on client server /etc/init.d/network start

119



CHAPTER - 14

120



Network Services

Telnet & FTP

121

Telnet



• Terminal emulation Network.• It‘s used to remote login to a telnet server.

• It‘s based on CUI

• Package name : telnet-server

• Port Number : 23

• ssh: Secure Shell it‘s used to login as a root ,

login as a another machine.

122

Lab Steps :



• Server side :1. To check the package

# rpm – qa telnet-server*2. To config the service file

# vi /etc/xinetd.d/telnet- - - - - - - -- - - - - - - -Disable : yes ( u are change the ―no‖ ) #vi /etc/xinetd.d/rlogin- - - - - - - -- - - - - - - -Disable : yes ( u are change the ―no‖ )

3. To update Service # service xinetd restart

• Client side :#telnet 10.0.0.9 (server IP address)-----only client login

or#rlogin 10.0.0.9

#ssh 10.0.0.9 ------only root login123

FTP (File Transfer Protocol )



( )• FTP is used for transforming file between different machines ,

also S/W different Platform.

• Port Number : 20, 21

• Package Name : vsftpd (very secure file transfer protocol ).

• Daemon Name : vsftpd

• Configuration file :

― /etc/vsftpd/vsftpd.conf ― (main config file)

―/etc/vsftpd/ftpusers ― (Users whose name are set in thisfile will not allowed to login from ftp)

― /etc/vsftpd/user_list ― ( remove entry form the file, Users whose names are set in this file are also not allowed to loginfrom ftp even they are not prompt for password. )

― / var/log/vsftpd.log ― (to logs regarding ftp )

124

• Server Side :1. To check the Package:# rpm – qa vsftpd*

2 To enable the service



2. To enable the service# service vsftpd restart

• Client Side:1. To any (Operating System ) Platform :

#ftp 10.0.0.9user name : ksnpassword : *****ftp> get ksn

ftp>put shankarftp>bye

#

put To upload files on serverget To download files from server

mput To upload all filesmget To download all files? To see all available command on ftp promptscd To change remote directory lcd To change local directory.

125



CHAPTER - 15

126



Firewall with IP tables

127

• The Linux kernel contains advanced tools for packet filtering, the process of controlling network packets as they attempt to enter, move through, and exityour system.



• Structure:

#iptables [-t <table-name>] <command> <chain-name> <parameter-1>

<option -1> <parameter – n> <option – n>• Commands :

-A – Append the iptables rule to end of the specified chain.

-D – Deletes a rule in a particular chain by number in a chain.

• INPUT:

All incoming package are checked against rules in the change.• OUTPUT:

All outgoing package are checked against rules in the change.

• Packet Paten :

-s – All the packet are checked for a specific source IP.

• Block :

-j – The Packet‘s is drop , no massage send to the requesting computer.

• Reject :

The Packet‘s drop, an error massage send to the requesting computer.

128

Lab Steps



p

• To set Firewall :# iptables – A INPUT – s 10.0.0.18 – j DROP

• To delete the Firewall :

# iptables – A OUTPUT – s 10.0.0.18 – j DROP• To set the total down the network in server:

# ifconfig eth0 down

• To set the total up the network in server :# ifconfig eth0 up

129



CHAPTER - 16

130



NFS

( Network File System )

131

• Introduced by SUN Microsystems, to share the files and binary between UNIX done operating system.• It needs three protocols :

rpc.portmapper

rpc.nfsd



p

rpc.mountd

• In NFS we have to export the mount point to be shared and it will be mounted on a client machine.

• Port 2049 is used by NFS

• /etc/exports Configuration File

ro — Mounts of the exported file system are read-only. Remote hosts are not able to make changes to the data

shared on the file system. To allow hosts to make changes to the file system, the read/write ( rw ) option must be

specified.

wdelay — Causes the NFS server to delay writing to the disk if it suspects another write request is imminent.

This can improve performance by reducing the number of times the disk must be accessed by separate writecommands, reducing write overhead. The no_wdelay option turns off this feature, but is only available when

using the sync option.

root_squash — Prevents root users connected remotely from having root privileges and assigns them the user

ID for the user nfsnobody . This effectively "squashes" the power of the remote root user to the lowest local

user, preventing unauthorized alteration of files on the remote server. Alternatively, the no_root_squash option

turns off root squashing. To squash every remote user, including root, use the all_squash option. To specify theuser and group IDs to use with remote users from a particular host, use the anonuid and anongid options,

respectively. In this case, a special user account can be created for remote NFS users to share and specify

(anonuid=<uid-value>,anongid=<gid-value> ), where <uid-value> is the user ID number and <gid-value> is the

group ID number.

132

NFS SERVER SIDE

cat >> /etc/exports

/d01 *(rw,insecure,no_root_squash,async)



cat /etc/hosts.allow --- client IP

# cat >>/etc/hosts.allow

lockd rpcbind rquotad portmap mountd rpc.mountd rpc.nfsd statd:127.0.0.1 client ip

(RHEL 5)

service portmap start

service nfslock start

service nfs start

(RHEL 6)Configure SELinux for NFS Export # setsebool -P nfs_export_all_rw 1

service rpcbind restart

service nfs restart

service nfslock restart

Check share mount :rpcinfo -p

exportfs -v

exportfs -a

exportfsnfsstat

133

NFS CLIENT SIDE

# cat >>/etc/hosts.allow

lockd rpcbind rquotad portmap mountd rpc.mountd rpc.nfsd statd:127.0.0.1 server ip



(RHEL 5)

service portmap start

service nfslock startservice netfs start

(RHEL 6)

service rpcbind restart

service netfs restart

service nfslock restart

Service rpcidmapd start

# showmount -e <NFS SERVER>

# mount – t nfs/nfs4 10.223.2.175:/d01 /d01

cat >> /etc/fstab

10.223.2.175:/d01 /d01 nfsrw,rsize=32768,wsize=32768,nfsvers=3,proto=tcp,hard,nointr,bg,timeo=300,actimeo=0 1 2 nfs3

10.223.2.175:/d01 /d01 nfs4 rw,bg,hard,nointr,rsize=32768,wsize=32768,proto=tcp,timeo=600,actimeo=0 1 2 nfs4

134



CHAPTER - 17

135



SAMBA

136

• With samba you can share a Linux file systemwith windows 95 98 2000 or NT



with windows 95, 98, 2000 or NT.

• You can share a windows 95, 98, or NT FATfile system with Linux.

• You can also share printers connected to either

Linux or windows 95, 98, 2000, or NT.• The samba suite of SMB protocol utilities

consists components.

• The smb daemon provides the file and printservice to smb clients.

137

Lab Steps• Linux Machines :



Linux Machines :1. To check the package

# rpm – qa samba*

2. To create a directory #mkdir /opt/ksn# chmod 777 /opt/ksn

3. To share the directory

# vi /etc/exports

/opt/ksn *(rw,sync)

4. To config the service file

#vi /etc/samba/smb.conf (go to last line entry the contented )

[ksn]

path = /opt/ksn

valid users = ksn, shankar

writable = yes

#5. To set the samba password

#smbpasswd – a ksn

6. To enable the service

# service nfs restart

#service smb restart 138

Windows Base



Right click the My Network Places

Select search for computer

Type the Linux (samba) IP address

Select & Login

139



CHAPTER - 18

140



APACHE

141

Apache Web Server



• The name Apache appeared during the early development of the software because it was

― a-patchy‖ server.

• Port Number : 80• Package Name : httpd

• Daemon Name : httpd

• To Configuration File― /etc/httpd/conf/httpd.conf ―

142

Lab Steps

T h k h k



• To check the package# rpm – qa httpd*

• To config the service file# vi /etc/httpd/conf/httpd.conf

1032 line: servername ksn.king.com.• To Create or Put in html file

# cd /var /www/html# vi index.html (don‘t change the html name)

<html><head> <title> test </title>

• To update the service# service httpd restart• To open Mozila in Linux m/c or internet explore in windows base

type : www.king.com or IP address

143

http://www.king.com/

http://www.king.com/



CHAPTER - 19

144



SENDMAIL

145

Send mail



• It‘s used to mail purpose. Lab Steps:

1. To Check the package

# rpm – qa sendmail*

2. To modify the access file# vi /etc/mail/access

ksn.king.com RELAY

local host RELAY

127.0.0.1 RELAY 10.0.0.9 RELAY

146

3. To config the service file# cd /etc/mail

#vi sendmail.mc

line 123 : Local _Domain (‗ ksn.king.com‘)



4. To change

# m4 sendmail.mc> /etc/sendmail.cf

5. To check # pgrep – l sendmail

6. To config the xinetd file

#cd /etc/xinetd.d

# vi imaps

Disables = yes (u are change ‗ no ‗)

#vi imap

Disables = yes (u are change ‗ no ‗) # vi ipop2 and ipop2 and ipops3

Disables = yes (u are change ‗ no ‗)

7. To update the service

# service sendmail restart

# service xinted restart

Result :

1. To send the mail to ksn

# mail ksn ( ksn mean user)

u are enter the some one test

2. To check the mail so login to ksn user

# mail

147



CHAPTER - 20

148



NIS

(Net Work Information Service)

149



• The Network Information service (NIS) is asimple, generic client/server database system.

• The most common use for it is sharing

password and group files across a network.• NIS, developed by SUN Microsystems as part it

its SunOS operating system.

150

Lab Steps Server Side• To Check the Package



To Check the Package# rpm – qa yp*

• If must DNS• To assign domainname

# domainname king.com• To create the NIS

# /usr/lib/yp/ypinit – m--------------------------ctrl+d

press : y • To Config the nsswitch file

# vi /etc/nsswitch.conf

line 33 passwd: file nis34 shadow: file nis35 group : file nis38 host: file nis dns

151

• To update the service# service ypbind restart

# service ypserv restart

2. Client Side :

T h d i



• To set the domain name

# domainname king.com

• To set the NIS domainname# vi /etc/sysconfig/network

NETWORK = yes

HOSTNAME = ksn

NISDOMAIN = king.com

• To edit the /etc/yp.conf file

# vi /etc/yp.conf

domain king.com server ksn• To config the ‗ /etc/nsswitch.conf ‗ file

# vi /etc/nsswitch.conf

line 33 passwd: file nis

34 shadow: file nis

35 group : file nis

38 host: file nis dns

• To enable the service

# service ypserv start

# service ypbind start

• # authconfig

to set the NIS domain

152



CHAPTER - 21

153



MySQL

154

You can install mysql using any one of the following medium.

a) Install MySQL package using RHN or CentOS repo.

b) Install MySQL rpms from CD/DVD media.

Red Hat Enterprise Linux install Mysql database server

T p th f ll in mm nd t in t ll m ql r r in th RHN r C ntOS r p

http://www.cyberciti.biz/faq/category/mysql/



Type the following command to install mysql server using the RHN or CentOS repo:

Redhat Enterprise Linux - RHEL 5 / 6 MySQL installation Type the following command as root user:# yum install mysql-server mysql

or

# rpm – ivh mysql*

Start MySQL Service To start the mysql server type the following command:

# chkconfig mysqld on

# /etc/init.d/mysqld start

Setup the mysql root password

Type the following command to setup a password for root user:# mysqladmin -u root password NEWPASSWORD

Test the mysql connectivity

Type the following command to connect to MySQL server:

$ mysql -u root -p 155

Configure the mysql server -- Save and close the file. # /sbin/service mysqld restart (or) reload

Edit /etc/my.cnf, enter (please note that following are sample values

# vi /etc/my.cnf You can configure mysql query cache as follows (add in [mysqld] section) to speed up mysql:

query_cache_type = 1



q y_ _ yp

query_cache_limit = 1M

query_cache_size = 32M You can setup MyISAM buffer size and recover options:

# For MyISAM #

key_buffer_size = 24M

myisam_recover = FORCE,BACKUP

Log slow queries for troubleshooting as follows:

# LOGGING #

log_queries_not_using_indexes = 1

slow_query_log = 1

slow_query_log_file = /var/lib/mysql/mysqld-slow-query.log

Set caches and other limits as follows:

tmp_table_size = 32Mmax_heap_table_size = 32M

max_connections = 500

thread_cache_size = 50

open_files_limit = 65535

table_definition_cache = 4096

=

156



CHAPTER - 22

157

Server Monitoring tools20 Linux System Monitoring Tools Every SysAdmin Should Know



Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most Linuxdistributions are equipped with tons of monitoring. These tools providemetrics which can be used to get information about system activities. Youcan use these tools to find the possible causes of a performance problem.

The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as: Finding out bottlenecks.

Disk (storage) bottlenecks. CPU and memory bottlenecks. Network bottlenecks.

158

Monitoring tools20 Linux System Monitoring Tools Every SysAdmin Should Know



20 Linux System Monitoring Tools Every SysAdmin Should Know

Need to monitor Linux server performance? Try these built-in commands and a few add-on tools. Most Linuxdistributions are equipped with tons of monitoring. These tools providemetrics which can be used to get information about system activities. You

can use these tools to find the possible causes of a performance problem.

The commands discussed below are some of the most basic commands when it comes to system analysis and debugging server issues such as:

Finding out bottlenecks. Disk (storage) bottlenecks. CPU and memory bottlenecks. Network bottlenecks.

159

#1: top - Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it

displays the most CPU-intensive tasks running on the server and updates the list every five seconds.



Hot Key Usage

t Displays summary information off and on.

m Displays memory information off and on.

A

Sorts the display by top consumers of

various system resources. Useful for quick

identification of performance-hungry tasks

on a system.

f

Enters an interactive configuration screen for

top. Helpful for setting up top for a specific

task.

oEnables you to interactively select the

ordering within top.

r Issues renice command.

k Issues kill command.

z Turn on or off color/mono

160

#2: vmstat - System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.

# vmstat 3

Displa Memor Utilization Slabinfo



Display Memory Utilization Slabinfo

# vmstat -mGet Information About Active / Inactive Memory Pages

# vmstat -a=> Related: How do I find out Linux Resource utilization to detect system bottlenecks?

#3: w - Find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.# w username

# w vivek

#4: uptime - Tell How Long The System Has Been Running (system load averages for the past 1, 5, and

15 minutes)

The uptime command can be used to see how long the server has been running. The current time, how long the

system has been running, how many users are currently logged on, and the system load averages for the past 1, 5,and 15 minutes.

# uptime

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1

- 3 and SMP s stems 6-10 load value mi ht be acce table.

161

#5: ps - Displays The Processes

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:

# ps -A

Show Long Format Output



Show Long Format Output

# ps -Al

To turn on extra full mode (it will show command line arguments passed to process):

# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes# ps -AlLm

Print All Process On The Server

# ps ax

# ps axu

Print A Process Tree

# ps -ejH# ps axjf

# pstree

162

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label

# ps axZ

# ps -eM

See Every Process Running As User Vivek



See Every Process Running As User Vivek

# ps -U vivek -u vivek u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm

# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=OR

# pgrep lighttpdOR

# pgrep -u vivek php-cgi

Display The Name of PID 55977# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# s -auxf sort -nr -k 3 head -10

163

#6: free - Memory Usage

The command free displays the total amount of free and used physical and swap memory in the system, as well as

the buffers used by the kernel.

# free

=> Related: :



=> Related: :

Linux Find Out Virtual Memory PAGESIZE

Linux Limit CPU Usage Per ProcessHow much RAM does my Ubuntu / Fedora Linux desktop PC have?

#7: iostat - Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices,

partitions and network filesystems (NFS).

# iostat

=> Related: : Linux Track NFS Directory / Disk I/O Stats

#8: sar - Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:

# sar -n DEV | more

To display the network counters from the 24th:# sar -n DEV -f /var/log/sa/sa24 | more

You can also display real time usage using sar:# sar 4 5

=> Related: : How to collect Linux system utilization data into a file

164

#9: mpstat - Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P

ALL to display average CPU utilization per processor:

# mpstat -P ALL

=> Related: : Linux display each multiple SMP CPU processors utilization individually



=> Related: : Linux display each multiple SMP CPU processors utilization individually.

#10: pmap - Process Memory Usage The command pmap report memory map of a process. Use this command to find out causes of memory

bottlenecks.

# pmap -d PID To display process memory information for pid # 47394, enter:

# pmap -d 47394

The last line is very important:mapped: 933712K total amount of memory mapped to files

writeable/private: 4304K the amount of private address spaceshared: 768000K the amount of address space this process is sharing with others

Related: : Linux find the memory used by a program / process using pmap command

#11 and #12: netstat and ss - Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections,and multicast memberships. ss command is used to dump socket statistics. It allows showing information similar

to netstat. See the following resources about ss and netstat commands:

ss: Display Linux TCP / UDP Network and Socket Information

Get Detailed Information About Particular IP address Connections Usin netstat Command

165

#13: iptraf - Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that

generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet

load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

Network traffic statistics by TCP connection



Network traffic statistics by TCP connection

IP traffic statistics by network interface

Network traffic statistics by protocolNetwork traffic statistics by TCP/UDP port and by packet size

Network traffic statistics by Layer2 address

#14: tcpdump - Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of

TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:

# tcpdump -i eth1 'udp port 53' To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example,

SYN and FIN packets and ACK-only packets, enter:# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

To display all FTP session to 202.54.1.5, enter:

# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20'

To display all HTTP session to 192.168.1.5:# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'

Use wireshark to view detailed information about files, enter:# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

#15: strace - System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use

to trace the rocess and see What it is doin

166

#16: /Proc file system - Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel

information. See Linux kernel /proc documentations for further details. Common /proc examples:

# cat /proc/cpuinfo

# cat /proc/meminfo

# cat /proc/zoneinfo



# cat /proc/zoneinfo

# cat /proc/mounts

17#: Nagios - Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily

monitor all your hosts, network equipment and services. It can send alert when things go wrong and again whenthey get better. FAN is "Fully Automated Nagios". FAN goals are to provide a Nagios installation including most

tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it

easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in

order to improve the user experience around Nagios.

18#: Cacti - Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and

graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods,

and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that

makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide dataabout network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and

configure Cacti network graphing tool under CentOS / RHEL.

167

#19: KDE System Guard - Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over

ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and

remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can

return simple values or more complex information like tables. For each type of information, one or more displays

are provided. Displays are organized in worksheets that can be saved and loaded independently from each other.



are provided. Displays are organized in worksheets that can be saved and loaded independently from each other.

So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

Fig.05 KDE System Guard

#20: Gnome System Monitor - Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes,usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your

system. Although not as powerful as the KDE System Guard, it provides the basic information which may be

useful for new users:

Displays various basic information about the computer's hardware and software.

Linux Kernel versionGNOME version

Hardware

Installed memory

Processors and speedsSystem Status

Currently available disk spaceProcesses

Memory and swap space

Network usage

File Systems

Lists all mounted files stems alon with basic information about each

168

Bonus: Additional Tools



A few more tools:

nmap - scan your server for open ports.

lsof - list open files, network connections and much more.

ntop web based tool - ntop is the best tool to see network usage in a way similar to what top command doesfor processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution

of traffic for UDP, TCP, DNS, HTTP and other protocols.

Conky - Another good monitoring tool for the X Window System. It is highly configurable and is able to

monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures,processes, network interfaces, battery power, system messages, e-mail inboxes etc.

GKrellM - It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, localand remote mailboxes, and many other things.

vnstat - vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network

traffic for the selected interface(s).

htop - htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.

mtr - mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.

169

20 Linux Log Files that are Located under /var/log Directory

Server Health Check (logs)



If you spend lot of time in Linux environment, it is essential that you know where the log files are located, and

what is contained in each and every log file.

When your systems are running smoothly, take some time to learn and understand the content of various log

files, which will help you when there is a crisis and you have to look though the log files to identify the issue.

The following are the 20 different log files that are located under /var/log/ directory. Some of these log files are

distribution specific. For example, you‘ll see dpkg.log on Debian based systems (for example, on Ubuntu).

/var/log/messages – Contains global system messages, including the messages that are logged during

system startup. There are several things that are logged in /var/log/messages including mail, cron, daemon,

kern, auth, etc.

/var/log/dmesg – Contains kernel ring buffer information. When the system boots up, it prints number of

messages on the screen that displays information about the hardware devices that the kernel detects during boot process. These messages are available in kernel ring buffer and whenever the new message comes the

old message gets overwritten. You can also view the content of this file using the dmesg command.

/var/log/auth.log – Contains system authorization information, including user logins and authentication

machinsm that were used.

/var/log/boot.log – Contains information that are logged when the system boots

170

/var/log/daemon.log – Contains information logged by the various background daemons that runs on the

system /var/log/dpkg.log – Contains information that are logged when a package is installed or removed using

dpkg command (dpkg to install and remove a debian package)

/var/log/kern.log – Contains information logged by the kernel. Helpful for you to troubleshoot a custom-

built kernel.



/var/log/lastlog – Displays the recent login information for all the users. This is not an ascii file. You

should use lastlog command to view the content of this file. /var/log/maillog /var/log/mail.log – Contains the log information from the mail server that is running

on the system. For example, sendmail logs information about all the sent items to this file

/var/log/user.log – Contains information about all user level logs /var/log/Xorg.x.log – Log messages from the X

/var/log/alternatives.log – Information by the update-alternatives are logged into this log file. On Ubuntu,

update-alternatives maintains symbolic links determining default commands.

/var/log/btmp – This file contains information about failed login attemps. Use the last command to view the btmp file. For example, ―last -f /var/log/btmp | more‖

/var/log/cups – All printer and printing related log messages /var/log/anaconda.log – When you install Linux, all installation related messages are stored in this log file

/var/log/yum.log – Contains information that are logged when a package is installed using yum

var/log/cron – Whenever cron daemon (or anacron) starts a cron job, it logs the information about the cron

job in this file /var/log/secure – Contains information related to authentication and authorization privileges. For example,

sshd logs all the messages here, including unsuccessful login. /var/log/wtmp or /var/log/utmp – Contains login records. Using wtmp you can find out who is logged

into the system. who command uses this file to display the information. /

var/log/faillog – Contains user failed login attemps. Use faillog command to display the content of this file.

171



CHAPTER - 23

172

Important configurationfiles in RHEL



files in RHELFor Configuring Ethernet card :-

/etc/hosts (Uses to maintain IP to Hostname to IP convention )

/etc/resolv.conf (DNS Servers for connectivity)

/etc/sysconfig/network (Contains gateway, hostname etc.)

/etc/sysconfig/network-scripts/ifcfg-eth0 (Defualt Network card configuration like IP, MAC address, Subnet

mask etc.)

/etc/hosts.allow (Security - TCP wrappers to allow network)

/etc/hosts.deny (Security - TCP wrappers to reject network)

173

For adduser command :-



/etc/passwd (File contains info about user like UserID, shell, Username, Defualt Directory etc.)

/etc/shadow (File contains mainly encrypted password of a user)

/etc/group (Contains info about groups)

/etc/gshadow (Info about group & related users)

/etc/login.defs (File defines the site-specific configuration for the shadow password suite)

/etc/shells (Contains name of all the types of shells available)

Configuration file for the color ls utility :-

/etc/DIR_COLORS

174

Configuration file for the grub loader and other related files:-

/etc/grub.conf - Symbolic link of below file

/boot/grub/grub.conf (Grand Unified Boot Loader configuration file)



/boot/vmlinuz-2.6.18-128.el5 (Kernel file, cant be edited just included for your reference)

/boot/initrd-2.6.18-128.el5.img (Initial RAM Disk image)

Configuration files for boot processes :-

/etc/fstab (descriptive information about the various file systems.)

/etc/inittab (This file describes how the INIT process should set up the system in a certain run-level.)

/etc/rc.d/rc.sysinit (starts networking subsystems.)

/etc/rc.d/rc (This file is responsible for starting/stopping services when the runlevel changes.)

/etc/rc.d/init.d/functions (This file contains functions to be used by most or all shell scripts in the /etc/init.d

directory. Symbolic link - /etc/init.d/functions )

/etc/rc.d/rc*.d/ (contains all startup and kill scripts. Symbolic link - /etc/rc*.d )

175

Other Configuration files :-

/etc/redhat-release (printing the banner at login screen.)

/etc/shutdown.allow (allowing only specified users to shutdown.)

/etc/profile (System wide environment and startup programs, for login setup)



p p p g g p

/etc/inputrc (for terminal settings.)

/etc/profile.d/*.sh (shell scripts needed for login.)

/etc/bashrc (System wide functions and aliases.)

/etc/modules.conf (aliases for modules are set.)

/etc/exports (NFS Server Configuration File, Linux to Linux file transfer)

/etc/vsftpd/vsftpd.conf (FTP Configuration File)

/etc/samba/smb.conf (Samba Server Configuration file, Linux - Windows & Linux - Linux with authentication)

/etc/httpd/conf/httpd.conf (Web server Apache configuration file)

/etc/squid/squid.conf (Proxy Server Configuration file, Bydefualt uses Port No. 3128)

/sbin/shutdown (Used to reboot or shutdown pc)

/sbin/min ett Virtual consoles

176

Import Port numbers



177

Import Port numbers



178

Import Port numbers



179

Import Port numbers



180

Advantages of RHEL6 over RHEL5

Red Hat Enterprise Linux (RHEL) is an open source, linux based operating system developed by Red Hat Inc. It is popularly used as server operating system. Its first release was the RHEL 2.1 which was released in the year 2002. After the first version of RHEL, new and better versions quickly followed like RHEL 3,4,5,etc. Now in 2010, the newest version has been released. It isRHEL 6. Now in this post lets discuss the main advantages of RHEL6 over RHEL5.

• A new level of virtualization



RHEL6 introduces the use of KVM (Kernel-based Virtual Machine) as its hypervisor. In the earlier releases Xen hypervisor was used. The main advantage of KVM is that a new kernel should not be installed like in Xen. It also supports the installation of many virtual operating systems like Windows, Linux, Solaris,etc. It is easy to manage.• Ext4 is made the default filesystem

Ext4 has many new advantages than Ext3 which is used in earlier versions of RHEL. Ext4 is comparatively faster and easy tomanage. It supports supports up to 100TB with the addition of Scalable Filesystem Add-one.• Improved level of Security

RHEL6 has advanced level of security. SELinux (Security Enhanced Linux) features are improved and a new set of SELinuxrules has been added to provide security to virtual machines from hackers and attackers. This new feature is called SVirt.

• New Networking FeaturesRHEL6 is released with improved and new networking features. It supports IPv6. It uses NFSv4 (Network File Transfer) for

the sharing of files in the network rather than NFSv3. It also supports iSCSI (internet Small Computer System Interface)partitions. The network manager in RHEL6 supports Wi-Fi capabilities.• Use of Drivers

RHEL6 has drivers for speeding up operations under KVM, VMware and Xen.• Increase in the support period provided by Red Hat.

RHEL6 has a long period of support provided by Redhat. It provides updates for 7 years and also a extra 3 years of service aspaid service. Therefore it means that its period of support is twice the period of support provided by other linux distributors likeUbuntu , Debian, etc.• Improvements of minor updates

Red Hat releases minor versions such as 6.1, 6.2, 6.3 & 6.4. These minor versions are the accumulated updates of the major version. The new minor releases will not only contain bug fixes but will also have major changes and new features.RHEL6 has been released with many new feature which make RHEL6 more useful than RHEL5. RHEL6 is somewhat similar toFedora 12, so the Fedora users should find RHEL6 familiar. Due to all these reasons the release of RHEL6 is a huge step of

advancement and also an achievement in the field of o en source

181



Thank you

linux training vnr

Documents