Linux Basis For Interview
Linux Basis For Interview
Boot Process:
BIOS = > initialize I/O devices and identifies the BOOT device
MBR => Master boot Record 512 B (446 – Boot loader/GRUB , 66 – File system Table)
GRUB => Grand Unified Boot Loader (LILO -old kernel version doest support multi OS, grub supports)
Grub Loaded in Memory by MBR & it can read ext3 directly where as lilo doest
2 stages
(II).Loads bootloader –show the splash screen and executes kernel and initrd images.
default=0
timeout=5
splash image=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.el5PAE)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
initrd /boot/initrd-2.6.18-194.el5PAE.img
KERNEL :
Mount the root filesystem and executes /sbin/init program (1st program started by kernel)
Kernel uses initial ramdisk Initrd as temp root file system until kernel loaded in original root system.
INITRD:
It’s a temp root file system. mounted during system boot to support the two stages of boot process, Its
consists of directories and executables which allows the real root file system to be mounted.(insmod- tool to
install kernel modules)
Location: /boot/initrd.img.versions
INITTAB:
Note: if default run level is not mention in rhe5 it will ask for EnterRunlevel , in rhel6 it will start init 3
0-Halt / Shutdown
4 – unused
5 – graphical
6 – reboot
Note : scripts in /etc/rc.d/rc0.d has S – start ,K –kill ,and Sequence no for order of execution
After the execution of scripts we get the User login screen .It will contains the terminal details also tty etc
Commands :
FSTAB:
Files which contains the mount points which will be loaded at the time of booting.
File Syntax
Mount Options
(ro – read only ,rw – read write , user- user can mount , 11.02AMonly root can mount , exec – scripts can be
executed , noexec – script / binaries cannot be executed , noauto – it will not mount automatically , auto –
mount automatically , sync input and output will done synchronise ,nosysc, suid , usrquota, grpquota)
METADATA :
Contains details and backups about the super blocks .Data of data
SUPERBLOCK :
INODE :
(Index node) UNIX or Linux never stores file creation time, this is favourite question asked in UNIX/Linux sys admin
job interview
Type of Users
Linux consists of three types of users. (each user and group have unique uid and gid )
1.System User (id 0 -499 )
2.Local User (> 499)
3.Root User : id 0
While creating a user the /etc/default/useradd will be referred for creating home directory ,
allocating shell ,Home directory etc.
/etc/login.defs User related controls can be set there (umask , password expire, mail etc)
While creating a User , Three files will be gets updated
/etc/passwd , /etc/shadow , /etc/group
Assigning Password: passwd username ( before assigning Password the used is in locked stat)
Options:
-f = force the user to change the passwd for next logon
-h =changes the home directory
-n = minimum days -w warn days -x max days
Passwd encryption - MD5 Message Digest version 5 & DES Data Encryption Standard
Userdel
#userdel username (or) userdel –r username (deletes the user home directory)
pwck & grpck used to verify the passwd group and shadow files
#Cat /etc/default/useradd
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
Configuration files
/etc/group
groupname : encrypted passwd : gid : grouplists (contains users list which belongs to group)
/etc /shadow
1. username:
2. Encrypted passwd
3. Last passwd changed - shows the date in which the password was lastly changed
4. Min passwd Age - min no of days left before the user changes his passwd
5. Max passwd Age - max no of days left before the user changes his passwd
6. Warn days - no of days the user get the warn messages for his passwd change
7. Passwd Inactive days - no of days after the passwd expires and account disabled
8. Account Expire - date when the user account gets expires
9. Flag -kept unused for future purpose
pwconv
Creates new shadow file by referring existing passwd file
pwunconv
Creates passwd file by referring passwd and shadow file and removed shadow. or shadow-
Permissions for Files and Folder will be assigned based on the default UMASK value.
Default Permissions
Root Normal User 4-write
644 for file 665 for file 2-read
755 for folder 775 for folder 1-execute
Changing Permissions
We can change the file permissions in two ways
(i) Letters method
(ii) Number method
Number Method :-
# chmod 777 filename
# chmod 422 filename
Letter Method :-
#chmod [ u g o a ] [ + - = ] [ r w x ]
a (every one)
setuid : ( S,4 ) the user who access the file will get the privilege of owner of that file ( scripts )
Eg: /etc/passwd file ,when useradd command executed by user its get modified with root privilege
setgid : (G ,2)
the user who currently accessing the files and folders will get the owners group permissions.
(for Directories setgid will be assigned )(mails dir )
Stickybit: ( t ,1)
The owner of the file can able to delete the file if sticky bit is assigned.can be assigned for
folder and file.(tmp will be assigned with sticky bit)
By using ACL We can assign the permission to user or group who are all related or non related to
Owners group. ACL can be set to directory or files
Filesystem should be loaded in ACL options (make entry in fstab in options with ACL)
#Setfacl -mR u:nat: rw /home/natdir (-R for Recursive assigned for all the files in that directory )
#getfacl filename
#setfacl –b natdir (it will remove the ACL for the Directory , -R for recursive)
Hardlinks :
Softlinks :
-----------------------------------------------------------------------
To Create / Initialize PV
#pvcreate /dev/sda1
If we are using whole hdd as pv then it should not contain partition table so for removing partition table we
need to rewrite the first 512 MB
# dd If =/dev/zero of=/dev/sda bs=512 count=1
To remove PV from a VG
# vgreduce vgname /dev/sda5
To remove/delete PV permantly
# pvremove /dev/sda5
To display the VG
Vgs , vgdisplay , vgscan
Changing attributes of VG
# vgchange
For deactivate / activating VG
Eg: #vgchange -a n vgname & to activate #vgchange –a y vgname (-l for no of logical volumes)
VG split
#vgremove existing vgname newvgname /dev/sda8
(/dev/sda8 will be added to the newvg from the existing vgname)
VGMerge
#vgmerge -v newvg oldvg (oldvg will be merged with newvg )
(vg to be merged should be inactive)
(ii) Removing a Unused PV from VG (check with the PVSCAN for usage)
#vgreduce vgname /dev/sda7
(iii) Removing Used PV from VG (check with the PVSCAN for Usage)
#pvmove /dev/sda7 /dev/sda6
#vgreduce vgname /dev/sd7
Renaming a VG
# vgrename old_name new_vg_name
Remove a VG
#vgremove vgname
To Create a LV
# lvcreate –L 5G -n lvname vg1 (default lvname is lvol)
(or)
#lvcreate –l 50% -n lvname vg1
#lvcreate -l 100%FREE -n lvname vg1
#lvcreate –l 10 -n lvname vg1 (10- PE-extends)
#lvcreate –l 100 -n lvname vg1 /dev/sda4:0-50 /dev/sda5:0-100
The LV spread across the Sda4 area PE 0-50 & PE 0-100 of /dev/sda5
2.Run e2fsck
#e2fsck -f /dev/vg1/lv1
For checking the details regarding the existing RAID array we can use the below command.
If any disks are found faulty then we can unmount the array and make the array inactive using below command
#mdadm -S /dev/md0
After this we can add new disk and make the desired changes in the "/etc/mdadm.conf" file and reboot the
system.
SWAP :
Free size from Hardisk it can be used by system as a virtual memory .In linux normally swap size will be
double of RAM size.
Disk Quota :
Allocating disk space for the specific user.Need to assign usrquota grpquota options in fstab entry.
Hardlimit
Softlimit
Grace period
#quotacheck –cavug (a – check all quota enabled file system ,v- verbose,u –user ,g- group,c-create quota
database)
Quota ckech is used to scan the file system for disk usage and updates the quota record file
quota.user
for monitoring
/etc/cron.daily/quotacheck
Quotacheck.avug
Backuping Tools
DD command :
Cdrom
Tar Command:
c create , v verbose , w user acknowledgment , f argument for mentioning the file name.
Features:
Speed (at first backup its backups whole data and next time only backups changed blocks )
Security (transferring using SSH )
LessBandwidth (data will be compressed while sending and decompressed at receiving end)
Network backup
Syntax
Local :
Local to network
Remote Shell
--delete delete the files in target location which are all not available in Source.
-W whole file
Network Configuration
Vim /etc/sysconfig/network
NETWORKING = yes
HOSTNAME=nat.rhel.com
GATEWAY =
GATEWAYDEV = (device eth0)
NISDOMAIN =
Vim /etc/resolv.conf
DEVICE =
BOOTPROTO =
ONBOOT =
IPADDR =
NETMASK =
USRCTRL =
IPV6INIT =
HWADDR =
NM_CONTROLLED =
Vim /etc/hosts
Its a method of data transfer over the network ,a standard network protocol
After installation you will be created with the /ftp/pub directory in /var
By default anonymous user will be enabled (can able to read, download but unable to upload )
#vim /etc/vsftpd/vsftpd.conf
Anonymous
anonymous_enable=NO
local_enable=YES this to allow local users to log in (uncomment = disable)
anon_upload_enable=YES (anonymous can upload ,uncomment = disable)
WRITE_ENABLE=YES TO ENABLE THE UPLOAD
Chroot
Users in the chroot is will get their home directory as the root directory. So that the user cannot able to
access other directory except his home directory. Chroot users also known as JAILED Users
chroot_list_enable=YES
chroot_local_users=yes
chroot_list_file=/etc/vsftpd/chroot_list
/etc/vsftpd/ftpusers
Users in the ftpuser are not allowed for login , if we are commenting any user in this file,it will allow the
user for accessing the FTP
If userlist_enable=no
ftp refers ftpusers file ,if it is yes it will look ftpusers and user_list
THEN,
Access :
ftp://10.30.37.250
Package : nfs-utilis
Port : 2049
Service :service nfs start/stop/restart
:Service portmap
Configuration file : /etc/exports
Enabling :chkconfig nfs on
Installation:
#mkdir nfs_share
Change the Permission for others also (change according to you need )
#vim /etc/exports
/nat_share *.rhel.com(rw,no_root_squash)
rw read& write
Chkconfig portmap on
Chkconfig nfs on
#showmount –e localhost/ipaddress
exports –v
The process of continuous retries of data is call Hard mounting. This guarantee the consistency of
data .Waits upto Server response.
With Soft mount repeated RPC failures will make the NFS operation fail.Data consistency is not
guarantee
rpcbind :-This the primary Daemon upon which all gets reply.RPC manages all applications that is using RPC
Specification.By default it uses port 111.need to run on both server and client.
NfsLock :Used to allow nfs clients to lock the files on server via RPC process
df - command used to check the disk usage of nfs mounted file system
#crontab -e
# crontab –u user-l
30 13,18 * * * /home/nat/salaryscript.sh
Runs at 1 PM and 6 PM
Put * * * * * cmd
*/10 * * * * cmd
Keyword Equivalent
@yearly 0 0 1 1 *
@daily 0 0 * * *
@hourly 0 * * * *
@reboot Run at startup.
Crondtab –e
Anacron like cron ,if pc is down the job will be started once the pc gets up. (desktop and Laptops )
Monitoring tools
TOP
Real time view of running system process. update for every seconds.
System Uptime
No of users currently logged in
Load Average
Task details – running, sleeping , stopped , zombie
CPU usage
Memory (total memory , used , free , buffer )
Swap memory details
Process id , User , Priority, command , cpu & mem usage
VMStat
W – Command we can check the user who are all logged in and what they are doing ,it will show what they
are currently executing
FREE : # free command show the free and user memory details , swap memory details and buffers.
# IOSTAT :
SAR : collects and report the System activity (systat package need to install )
sar- a
# sar –u
Sar –d shows the activities of individual block devices (mount point , lun , partations )
tps – Transactions per second (this includes both read and write)
rtps – Read transactions per second
wtps – Write transactions per second
bread/s – Bytes read per second
bwrtn/s – Bytes written per second
SAR - N :-
#sar -n option
DEV – Displays network devices vital statistics for eth0, eth1, etc.,
EDEV – Display network device failure statistics
NFS – Displays NFS client activities
NFSD – Displays NFS server activities
SOCK – Displays sockets in use for IPv4
IP – Displays IPv4 network traffic
EIP – Displays IPv4 network errors
ICMP – Displays ICMPv4 network traffic
EICMP – Displays ICMPv4 network errors
TCP – Displays TCPv4 network traffic
ETCP – Displays TCPv4 network errors
UDP – Displays UDPv4 network traffic
SOCK6, IP6, EIP6, ICMP6, UDP6 are for IPv6
ALL – This displays all of the above information. The output will be very long.
NETSTAT :-
Netstat command displays the various network related information such as Network connection ,
PORTS routing table, interface statistics etc.,
We can check how many ports are in open , using ports form which ipaddress etc
#netstart -a
IPTRAF :-
Package : iptraf
NMAP :-
Network Mapper – open source network tool for exploration ,security scanning.
#nmap 10.30.37.123
Tcpdump :-
The tcpdump is simple command that dump traffic on a network.Detailed network traffic analysis
--------------------------------------------
SAMBA : -
It uses the SMB protocols – Server Message Block . Sharing linux and windows
Port : 445
Service : service smb start , service nmbd start
#smbclient –l localhost –N ( suppresses the normal password prompt from the client to the user )
#vi /etc/samba/smb.conf
public ==> share can be accessed by guest
browseable ==> share is visible in browse lists
writable ==> resource is read and write enabled
printable ==> resource is a printer, not a disk
group ==> all connections to the share use the specified GROUP as the primary group
From Client :
--------------------------------------------
:ypbind,yp-tools,portmap,authconfig,authconfig-gtk (client)
#vim /etc/sysconfig/network
NISDOMAIN =”rhce”
Create a directory and create the user and assign the directory as its home directory
Create passwd
#/usr/bin/yp/ypinit –m
From client
#authconfig-tui enter the Nis domain name ypbind should start automatically.
--------------------------------------------
AutoMounting :-
Package : autofs
#vim /etc/auto.master
#vim /etc/auto.misc
--------------------------------------------
SQUID :-
"/etc/squid/blocked.domains.acl"
WEBSERVER
Package : httpd
Port : 80
#vim /etc/httpd/conf/httpd.conf
NameVirtualHost 10.30.37.254:80
<VirtualHost 10.30.37.254:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html/KB-1.1/
ServerName www.nat1.com
</VirtualHost>
<Directory /var/www/virtual>
Allow Override Auth Config
</Directory>
-------------------------------------------------------------------------
cat /proc/meminfo
LPT1, LPT2 and LPT3 would therefore be referred to as /dev/lp0, /dev/lp1 Serial ports are identified as /dev/ttyS0
You might be tempted to uncomment this out so you no longer have to type that sudo password.
xinetd listens for incoming requests over a network and launches the appropriate service for that request.
[2]
Requests are made using port numbersas identifiers and xinetd usually launches another daemon to handle
the request. It can be used to start services with both privileged and non-privileged port numbers
a daemon (pron.: /ˈdeɪmən/ or /ˈdiːmən/)[1] is a computer program that runs as a background process, rather
than being under the direct control of an interactive user. Traditionally daemon names end with the letter d: for
example, syslogd is the daemon that implements the system logging facility and sshd is a daemon that services
incomingSSH connections.
In a Unix environment, the parent process of a daemon is often, but not always, the init process. A daemon is
usually created by a process forking a child process and then immediately exiting, thus causing init to adopt the
child process. In addition, a daemon or the operating system typically must perform other operations, such as
dissociating the process from any controlling terminal(tty). Such procedures are often implemented in various
convenience routines such as daemon(3) in Unix.
Systems often start daemons at boot time and serve the function of responding to network requests, hardware
activity, or other programs by performing some task. Daemons can also configure hardware (like udevd on
some GNU/Linux systems), run scheduled tasks (like cron), and perform a variety of other tasks.
Ll command alias
Ls display the directory contents
The more command pauses when the screen fills up and waits for you to press the spacebar before it rolls out
another screenful of text. A legend at the bottom of the screen tells you what percentage of the file has been
displayed so far.
The less command works like more except that it lets you move both forward and backward in the file while the
command is running--use the B key on your keyboard to back up one screen and the spacebar to move forward
and show the next screen.
Options include: -s for subject, -c for carbon copy, -b for blind carbon copy
Kernel – a small program that communicated the user application and the hardware
Shell - The command interpreter is the interface between the user and the operating system
ls -l long listing
ls -a list all files and directories
ls -R Recursive order
ls -r reverse order
ls -i to list inode numbers
ll same as 'ls -l'
VI 1 command mode
2 insert mode (edit mode)
3 extended command mode
1,$s/cat/dog/gi
to find cat,CAT,Cat,cAT and replace with dog in complete file
MORE : it will show the pages .unable to scroll , space used to see next screen of file contents
LINUX SYSTEM
Installation and configuration of various type of Linux operating system into different type hardware.
File System Management.
User and Group Management.
Working on LVM for dynamically extending and reducing partition size.
Configuring and Managing LVM & RAID.
Setting up Disk Quota management as per the customer requirements.
Installing and Managing Package by using YUM and RPM.
TCP/IP Configuration of Clients and Servers, Assigning IP address, Gateways, Name servers, net masks, host names,
domain names etc for individual machines and setting up the network.
Installation and configuration of VSFTP.
Installation and Configuring DHCP .
Installation and Configuration of DNS.
Configuring and Managing File sharing using SAMBA for linux to Windows).
Configuring and Managing File sharing using NFS.
Setting up a secure open SSH server and disabling the use of FTP and telnet to increase the network security.
Job Scheduling and Automating process using CRON.
Monitoring Disk, CPU and memory & Network utilization (Monitoring tools -TOP ,PS, NAGIOS ).
Setting up ACL to set owner and group permissions.
Configuration on POSTFIX and SENDMAIL for mail access.
Configuration of SQUID.
Managing Servers Using WEBMIN Management tool.
Performing backups, restoration, analyzing logs and troubleshooting error as per day to day operation.
Installing and configuring NIS.
Configuring Linux Network Installation PXE BOOT, KICKSTART.
Installation and Configuration of LDAP.
Installation and configuration RHEL Cluster.
Handled Severs Remotely (RMM,VMESX).
A Kickstart file contains a series of options, to be passed to the Anaconda installer, that describes how to set up the
system. It may also include custom scripts to be run before or after the installation.
1. The machine is booted from a CD/DVD, a USB device or over a network using PXE and the network protocols
Dynamic Host Configuration Protocol and Trivial File Transfer Protocol.
2. The Kickstart file is downloaded from the boot media or network (most common).
3. An Anaconda installation is automatically launched and reads the Kickstart file for the location of the Installation
Tree. The tree can reside on the boot media or network.
4. After accessing the Installation Tree, the installer attempts an unattended installation. If any required information is
missing from the Kickstart file, or the file is configured incorrectly, the installer may prompt the user for additional
information.
You can install mysql using any one of the following medium.
Type the following command to install mysql server using the RHN or CentOS repo:
Edit /etc/my.cnf, enter (please note that following are sample values, you need to adjust them as per your
requirements):
# vi /etc/my.cnf
You can configure mysql query cache as follows (add in [mysqld] section) to speed up mysql:
query_cache_type = 1
query_cache_limit = 1M
query_cache_size = 32M
# For MyISAM #
key_buffer_size = 24M
myisam_recover = FORCE,BACKUP
# LOGGING #
log_queries_not_using_indexes = 1
slow_query_log = 1
slow_query_log_file = /var/lib/mysql/mysqld-slow-query.log
tmp_table_size = 32M
max_heap_table_size = 32M
max_connections = 500
thread_cache_size = 50
open_files_limit = 65535
table_definition_cache = 4096
table_open_cache = 512
Save and close the file. You can reload or restart the changes as follows:
# /sbin/service mysqld restart
OR
# /sbin/service mysqld reload
Most of the Linux distro comes with MySQL. If you want use MySQL, my recommendation is that you download
the latest version of MySQL and install it yourself. Later you can upgrade it to the latest version when it becomes
available. In this article, I will explain how to install the latest free community edition of MySQL on Linux
platform.
Download mySQL from mysql.com . Please download the community edition of MySQL for your appropriate
Linux platform. I downloaded the “Red Hat Enterprise Linux 5 RPM (x86)”. Make sure to download MySQL
Server, Client and “Headers and libraries” from the download page.
MySQL-client-community-5.1.25-0.rhel5.i386.rpm
MySQL-server-community-5.1.25-0.rhel5.i386.rpm
MySQL-devel-community-5.1.25-0.rhel5.i386.rpm
2. Remove the existing default MySQL that came with the Linux distro
Do not perform this on an system where the MySQL database is getting used by some application.
This will also display the following output and start the MySQL daemon automatically.
Starting MySQL.[ OK ]
Giving mysqld 2 seconds to start
Install the “Header and Libraries” that are part of the MySQL-devel packages.
Note: When I was compiling PHP with MySQL option from source on the Linux system, it failed with the
following error. Installing the MySQL-devel-community package fixed this problem in installing PHP from
source.
configure: error: Cannot find MySQL header files under yes.
Note that the MySQL client library is not bundled anymore!
At a bare minimum you should set a password for the root user as shown below:
The best option is to run the mysql_secure_installation script that will take care of all the typical security related
items on the MySQL as shown below. On a high level this does the following items:
[local-host]# /usr/bin/mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
You can check the MySQL installed version by performing mysql -V as shown below:
[local-host]# mysql -V
mysql Ver 14.14 Distrib 5.1.25-rc, for redhat-linux-gnu (i686) using readline 5.1
Connect to the MySQL database using the root user and make sure the connection is successfull.
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>
You can use the rpm command to install vsFTPd as shown below.
Once vsFTPd is installed, make sure it starts the next time you boot Linux. You can use the ‘chkconfig’ command to make
the vsFTPd start working when you reboot the system.
[root@RHEL04 ~]# chkconfig vsftpd on
The vsftpd RPM installs the daemon (/usr/sbin/vsftpd), its configuration and related files, as well as FTP directories onto
the system.
The following list shows the main files and directories related to vsftpd configuration:
• /etc/rc.d/init.d/vsftpd: The initialization script (initscript) used by the /sbin/service command to start, stop, or reload
vsftpd.
• /etc/pam.d/vsftpd: The Pluggable Authentication Modules (PAM) configuration file for vsftpd.
• /etc/vsftpd/ftpusers: A list of users not allowed to log into vsftpd. By default, this list includes the root, bin, and
daemon users, among others, since sending the username and password credentials of sensitive users using clear text is
not secure.
• /etc/vsftpd/user_list: This file can be configured to either deny or allow access to the users listed, depending on
whether the userlist_deny directive is set to YES (default) or NO in /etc/vsftpd/vsftpd.conf. If /etc/vsftpd.user_list is
used to grant access to users, the usernames listed must not appear in /etc/vsftpd.ftpusers.
• /var/ftp/: — The directory containing files served by vsftpd. It also contains the /var/ftp/pub/ directory for anonymous
users. Both directories are world-readable, but writable only by the root user.
All configuration of vsftpd can be done by its configuration file, /etc/vsftpd/vsftpd.conf. Each directive is on its own line
within the file and follows the following format:
<directive>=<value>
The following is a list of directives which control the overall behavior of the vsftpd daemon.
• listen: When enabled, vsftpd runs in standalone mode. This value is set to YES by default. This directive cannot be
used in conjunction with the listen_ipv6 directive.
• listen_ipv6: When enabled, vsftpd runs in standalone mode, but listen only to IPv6 sockets. This directive cannot be
used in conjunction with the listen directive.
Anonymous access features can be changed for your FTP server by editing the vsftpd.conf file and changing related
entries to YES or NO in the file. The main setting related with anonymous access are:
• anonymous_enable: Enabled by default. Use a setting of NO, and then restart the server to turn off anonymous access.
• anon_mkdir_write_enable: Allows or disallows creating of new directories.
• anon_upload_enable: Controls whether anonymous users can upload files (also depends on the global write_enable
setting).
• anon_world_readable_only: Allows anonymous users to download only files with world-readable (444) permission
• no_anon_password: When enabled, the anonymous user is not asked for a password. The default value is NO.
• banner_file: Specifies the file containing text displayed when a connection is established to the server. This option
overrides any text specified in the ftpd_banner directive.
• cmds_allowed — Specifies a comma-delimited list of FTP commands allowed by the server. All other commands are
rejected.
• ftpd_banner: When enabled, the string specified within this directive is displayed when a connection is established to
the server. This option can be overridden by the banner_file directive. By default vsftpd displays its standard banner.
• local_enable: When enabled, local users are allowed to log into the system.
• userlist_deny: If userlist_deny=NO, only allow users in userlist_file. If userlist_deny=YES (default), never allow users
in userlist_file, and do not even prompt for a password.
• userlist_enable: When enabled, the users listed in the file specified by the userlist_file directive are denied access.
• userlist_file: Specifies the file referenced by vsftpd when the userlist_enable directive is enabled. This file is created
when vsftp is installed and is located in /etc/vsftpd/user_list.
• ftp_username: Specifies the local user account (listed in /etc/passwd) used for the anonymous FTP user. The home
directory specified in /etc/passwd for the user is the root directory of the anonymous FTP user. The default user is ftp
and default home folder is /var/ftp/.
• chroot_list_enable: When enabled, the local users listed in the file specified in the chroot_list_file directive are placed
in a chroot jail upon log in. If enabled in conjunction with the chroot_local_user directive, the local users listed in the file
specified in the chroot_list_file directive are not placed in a chroot jail upon log in. The default value is NO.
• chroot_list_file: Specifies the file containing a list of local users referenced when the chroot_list_enable directive is set
to YES. The default value is /etc/vsftpd/chroot_list.
• chroot_local_user: When enabled, local users are change-rooted to their home directories after logging in. The default
value is NO.
• write_enable: When enabled, FTP commands which can change the file system are allowed.
• accept_timeout: Specifies the amount of time for a client using passive mode to establish a connection. The default
value is 60.
• anon_max_rate: Specifies the maximum data transfer rate for anonymous users in bytes per second. The default value
is 0, which does not limit the transfer rate.
• connect_timeout: Specifies the maximum amount of time a client using active mode has to respond to a data
connection, in seconds. The default value is 60.
• idle_session_timeout: Specifies the maximum amount of time between commands from a remote client. Once
triggered, the connection to the remote client is closed.
• listen_address: Specifies the IP address on which vsftpd listens for network connections. There is no default value for
this directive.
• listen_address6: Specifies the IPv6 address on which vsftpd listens for network connections when listen_ipv6 is set to
YES. There is no default value for this directive.
• listen_port: Specifies the port on which vsftpd listens for network connections. The default value is 21.
• local_max_rate: Specifies the maximum rate data is transferred for local users logged into the server in bytes per
second. The default value is 0, which does not limit the transfer rate.
• max_clients: Specifies the maximum number of simultaneous clients allowed to connect to the vsFTPd server when it is
running in standalone mode. Any additional client connections to the vsFTPd server would result in an error message.
The default value is 0, which does not limit connections.
Release:
Red hat Linux 5.2
Problem:
Users are notable to login to system. Error Message "GDM Couldn't write the authorization
file"
Solution:
1.Log in as root user.
2. Check root (/ file system usage)
3. Found the root (/) file system is used 100%
4. Deleted files under /tmp location and unwanted other file
5. Found /var/log/messages file is occupying 5.07 GB space
6. Cleared messages file content
echo 1 > /var/log/messages
7. Tested the root (/) file system is having more then 65% free space.
8. Rebooted system ad checked all the users able to login.
Kernel panic
Release:
RedHat Linux 5.x
Problem:
System not booting into Operating system. Showing kernel panic error - File system
check filed for /home, Manually run file system check.
Solution:
Type root password in CTRL+D Prompt, Press enter and get into maintenance mode.
Enter fdisk -l command and get list of available partition's
/dev/hda1
/dev/hda2
/dev/hda3
/dev/hda4 Extended
/dev/hda5
/dev/hda6
/dev/hda7
/dev/hda8 Linux Swap.
e2label /dev/hdax
/dev/hda1 /boot
/dev/hda2 /home
/dev/hda3 /
/dev/hda5 /usr
/dev/hda6 /var
/dev/hda7 /tmp
Since the /home is separate file system, Confirm the file system /home (/dev/dha2)
is not mounted by entering mount command. If file system is not mounted run fsck
from maintenance mode.
fsck /dev/hda2
Note:-
It is not recommended to run file system check for mounted file system. If the
file system is mounted in maintenance mode un-mount it and run Fsck. If un-mount
fails boot system from Red hat linux OS Installation CD, Enter into rescue mode by
Skipping file system mounting and run file system check (fsck).
Solution
Recovering corrupted File system in RHEL ID
: 21901
Type : Solution | Updated On : Jul 26, 2012 03:26 PM Status : Approved
Category: Operating Systems > RedHat Linux
Release:
Red Hat Enterprise Linux 3.x / 4.x
Problem:
Server is giving file system inconsistency error while booting. Asking root
password for maintenance.
Solution:
Trouble shooting in Linux rescue,
Note:
The above solution is specific for the system which is configured with LVM for
root filesystem. In place of /dev/Volume00/LogVol00, you have to place appropriate
devices name for root filesystem which can be get from fdisk -l output.
How to simplify the installation of Oracle Database 11g on Oracle Linux 6 by installing the oracle-rdbms-server-11gR2-
preinstall RPM package.
Note: This article applies to Oracle Linux 6. A previous article, "How I Simplified Oracle Database
Installation on Oracle Linux," describes how to perform a similar task on Oracle Linux 5.
Before installing Oracle Database 11g on a system, you need to preconfigure the operating environment
since the database requires certain software packages, package versions, and tweaks to kernel
parameters. (Be sure to review the appropriate Oracle Database installation guide to familiarize yourself
with hardware, software, and operating system requirements.)
If you'd like to download
software, participate in forums,
and get access to other
On Oracle Linux, I discovered that there is a remarkably easy way to address
technical how-to goodies in
these installation prerequisites: First install an RPM package called oracle- addition to content like this,
rdbms-server-11gR2-preinstall. This RPM performs a number of become an OTN member. No
preconfiguration steps, including the following: spam!
Automatically downloading and installing any additional software packages and specific
package versions needed for installing Oracle Grid Infrastructure and Oracle Database 11g Release 2 (11.2.0.3), with package
dependencies resolved via yum or up2date capabilities.
Creating the user oracle and the groups oinstall (for OraInventory) and dba (for OSDBA), which are used during
database installation. (For security purposes, this user has no password by default and cannot log in remotely. To enable remote
login, please set a password using the passwd tool.)
Modifying kernel parameters in /etc/sysctl.conf to change settings for shared memory, semaphores, the maximum
number of file descriptors, and so on.
Setting hard and soft shell resource limits in /etc/security/limits.conf, such as the locked-in memory address space,
the number of open files, the number of processes, and core file size.
Setting numa=off in the kernel for x86_64 machines.
The remainder of this article steps through the procedure that I used for installing oracle-rdbms-server-
11gR2-preinstall on Oracle Linux via the Oracle public yum repository. I started with a system running
Oracle Linux Release 6 Update 3 for x86_64, a 64-bit version of Oracle Linux that I downloaded from
the Oracle software delivery cloud (requires registration or login). First, I set up a yum configuration file
that pointed to the correct repository, and then I installed the oracle-rdbms-server-11gR2-preinstall
RPM from that repository.
Here are the steps for preconfiguring a system for Oracle Database installation using oracle-rdbms-
server-11gR2-preinstall:
1. As an authorized user (for example, root), retrieve the file that configures repository locations:
2.
3. # cd /etc/yum.repos.d
4.
5. # wget http://public-yum.oracle.com/public-yum-ol6.repo
6.
7. Using a text editor, modify the file, changing the field enabled=0 to enabled=1 to reflect repositories that correspond to the
machine's operating system release.
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/latest/$basearch/
gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=1
[ol6_UEK_latest]
baseurl=http://public-yum.oracle.com/repo/OracleLinux/OL6/UEK/latest/$basearch/
gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=1
Because the target system is running Oracle Linux Release 6 Update 3 for x86_64, which installs
the Oracle Unbreakable Enterprise Kernel by default, there are two repositories to enable,
[ol6_latest] and [ol6_UEK_latest].
8. Next, install the oracle-rdbms-server-11gR2-preinstall RPM using the yum install command.
The output in Listing 1 shows how the installation checks dependencies and then downloads and
installs the required packages.
Resolving Dependencies
Dependencies Resolved
================================================================================
================================================================================
Installing:
oracle-rdbms-server-11gR2-preinstall
Transaction Summary
================================================================================
Install 15 Package(s)
Installed size: 61 M
--------------------------------------------------------------------------------
Running rpm_check_debug
Running Transaction
Installed:
oracle-rdbms-server-11gR2-preinstall.x86_64 0:1.0-6.el6
Dependency Installed:
cloog-ppl.x86_64 0:0.15.7-1.2.el6
compat-libcap1.x86_64 0:1.10-1
compat-libstdc++-33.x86_64 0:3.2.3-69.el6
cpp.x86_64 0:4.4.6-4.el6
gcc.x86_64 0:4.4.6-4.el6
gcc-c++.x86_64 0:4.4.6-4.el6
glibc-devel.x86_64 0:2.12-1.80.el6_3.4
glibc-headers.x86_64 0:2.12-1.80.el6_3.4
kernel-uek-headers.x86_64 0:2.6.32-300.32.1.el6uek
ksh.x86_64 0:20100621-16.el6
libaio-devel.x86_64 0:0.3.107-10.el6
libstdc++-devel.x86_64 0:4.4.6-4.el6
mpfr.x86_64 0:2.4.1-6.el6
ppl.x86_64 0:0.10.2-11.el6
Complete!
The yum installation logs messages about kernel changes in the file /var/log/oracle-rdbms-
server-11gR2-preinstall/results/orakernel.log, and it makes backups of current system
settings in the directory /var/log/oracle-rdbms-server-11gR2-preinstall/backup.
9. At this point, the system is ready for the installation of Oracle Database. For example, to install Oracle Database 11g Release 2,
follow the directions in Chapter 4, "Installing Oracle Database," of the Database Installation Guide for Linux."
Here are the steps I followed while installing Oracle Database 11g Release 2 in my test
environment. Make sure you review all documentation and follow recommended best practices
before installing into your production environment.
Note: Please note that the installer in earlier releases of 11g Release 2 (11.2.0.1 and 11.2.0.2)
will show "missing package" failures; e.g. for the pdksh package. These can safely be ignored,
the ksh package (which is the successor of pdksh) has already been installed by the preinstall
RPM. This bug was fixed in version 11.2.0.3 of the installer.
The Oracle Universal Installer performs a number of checks, verifying that the necessary OS
packages and versions are installed. In addition, it checks kernel parameters set by the oracle-
rdbms-server-11gR2-preinstall installation. During the kernel settings check, the installer might
flag a few settings as "failed," and you should investigate these failures. In some cases, you still
might be able to continue with the database installation. If you check kernel settings in
/etc/sysctl.conf, you'll see that oracle-rdbms-server-11gR2-preinstall has modified and
added the necessary settings to ensure the minimum requirements are met, as defined in section
2.10.1, "Displaying and Changing Kernel Parameter Values," in Chapter 2, "Oracle Database
Preinstallation Requirements," of the Oracle Database Installation Guide 11g Release2 (11.2) for
Linux. Below is the list of requirements:
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.shmall = 2097152
kernel.shmmax = 4294967295
kernel.shmmni = 4096
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
If necessary, you can (as root) edit the file /etc/sysctl.conf to specify a setting manually, for
example:
# vi /etc/sysctl.conf
# /sbin/sysctl -p
The Oracle Universal Installer performs additional checks, such as verifying the glibc version,
sufficient disk space, environmental variable and path settings, and sufficient physical memory
and swap space. Generally, installing oracle-rdbms-server-11gR2-preinstall takes care of the
prerequisites so that you can proceed directly with installing the database.
a. As root, create a parent directory in a file system that has sufficient space to be the target location for the downloaded
files:
b.
c. # mkdir /home/OraDB11g
d.
e. # cd /home/OraDB11g
f.
The amount of disk space needed in the file system varies according to the specific
installation type, but roughly twice the size of the zip archives, or 5 GB, is enough to house
the software and data files.
g. Into this target directory, download the installation media files from the Oracle Database Software Downloads page on
Oracle Technology Network.
h. Extract the files:
i.
j. # unzip linux.x64_11gR2_database_1of2.zip
k.
l. # unzip linux.x64_11gR2_database_2of2.zip
m.
n. Log in as the user oracle. Change directory to the database directory and enter the following command to run the
Oracle Universal Installer:
o.
p. $ cd /home/OraDB11g/database
q.
r. $ ./runInstaller
s.
Final Thoughts
Installing the oracle-rdbms-server-11gR2-preinstall RPM can save time when installing Oracle
Database 11g on Oracle Linux. The RPM addresses most Oracle Database installation prerequisites
and greatly simplifies the installation process.
See Also
And here are some additional resources from the Oracle Database Documentation Library
(http://www.oracle.com/pls/db112/homepage). Relevant subsections from the Oracle Database
Installation Guide 11g Release 2 (11.2) for Linux
(http://download.oracle.com/docs/cd/E11882_01/install.112/e16763/toc.htm) with currently valid URLs
are as follows:
"About the Oracle RDBMS Pre-Install and Oracle Validated RPMs" from Chapter 1, "Overview of Oracle Database Installation":
http://download.oracle.com/docs/cd/E11882_01/install.112/e16763/install_overview.htm#BABDBHCJ
Chapter 2, "Oracle Database Preinstallation Requirements":
http://download.oracle.com/docs/cd/E11882_01/install.112/e16763/pre_install.htm#BABFDGHJ
"Downloading Oracle Software" from Chapter 4, "Installing Oracle Database," which describes how to download installation files
from the Oracle Technology Network Website: http://docs.oracle.com/cd/E11882_01/install.112/e16763/inst_task.htm#autoId6
Also see the blog entry "Oracle RDBMS Server 11gR2 Pre-Install RPM for Oracle Linux 6 has been
released": https://blogs.oracle.com/linux/entry/oracle_rdbms_server_11gr2_pre
DUMPS
NIC Bonding in RHEL6
Release
RHEL 6
Problem
Need to configure NIC channel bonding in RHEL 6
Solution
Red Hat Enterprise Linux allows administrators to bind multiple network interfaces together into a single channel using
the bonding kernel module and a special network interface called a channel bonding interface. Channel bonding enables two
or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy. The behavior
of the bonded interfaces depends upon the mode, either hot standby or load balancing service.
For each configured channel bonding interface, there must be a corresponding entry in
/etc/modprobe.d/<bonding>.conf file
In this example we are configuring bond0 and file name is bonding.conf
[root@praji2 modprobe.d]# cat /etc/modprobe.d/bonding.conf
alias bond0 bonding
To view all existing bonds we can run following command, it will list bond0
[root@praji2 network-scripts]# cat /sys/class/net/bonding_masters
bond0
To view the existing mode of bonding we can use following command
[root@praji2 network-scripts]# cat /sys/class/net/bond0/bonding/mode
balance-rr 0
For verifying bonding , we can use following command. It will list bonding details
[root@praji2 network-scripts]# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.5.0 (November 4, 2008)
bonding modes
Several policies are available in bonding, this mode can be set using directive mode=<value>
The <value> can be one of:
balance-rr or 0 — Sets a round-robin policy for fault tolerance and load balancing. Transmissions are received and sent
out sequentially on each bonded slave interface beginning with the first one available.
active-backup or 1 — Sets an active-backup policy for fault tolerance. Transmissions are received and sent out via the
first available bonded slave interface. Another bonded slave interface is only used if the active bonded slave interface fails.
balance-xor or 2 — Sets an XOR (exclusive-or) policy for fault tolerance and load balancing. Using this method, the
interface matches up the incoming request's MAC address with the MAC address for one of the slave NICs. Once this link is
established, transmissions are sent out sequentially beginning with the first available interface.
broadcast or 3 — Sets a broadcast policy for fault tolerance. All transmissions are sent on all slave interfaces.
802.3ad or 4 — Sets an IEEE 802.3ad dynamic link aggregation policy. Creates aggregation groups that share the same
speed and duplex settings. Transmits and receives on all slaves in the active aggregator. Requires a switch that is 802.3ad
compliant.
balance-tlb or 5 — Sets a Transmit Load Balancing (TLB) policy for fault tolerance and load balancing. The outgoing
traffic is distributed according to the current load on each slave interface. Incoming traffic is received by the current slave. If
the receiving slave fails, another slave takes over the MAC address of the failed slave.
balance-alb or 6 — Sets an Active Load Balancing (ALB) policy for fault tolerance and load balancing. Includes transmit
and receive load balancing for IPV4 traffic. Receive load balancing is achieved through ARP
************************************************
Setting the Partition
# pvremove /dev/ram15
Labels on physical volume "/dev/ram15" successfully wiped
Volume Group Administration
vgdisplay.
vgchange -a n my_volume_group
(Vgchange used for changing the parameters)
The following example creates a linear logical volume out of extents 0 through 25 of physical
volume /dev/sda1 and then continues laying out the logical volume at extent 100.
lvcreate -l 100 -n testlv testvg /dev/sda1:0-25:100-
lvreduce -l -3 vg00/lvol1
# vgextend vg /dev/sdd1
# lvmdiskscan
PVSCAN / PVDISPLAY
pvchange -x n /dev/sda1
pvchange –x y /dev/sda1
-l (for PE size)