Quantcast
Channel: GoLinuxHub
Viewing all 392 articles
Browse latest View live

How to set environment (PATH) variable permanently in Linux

December 27, 2013, 10:57 am
$
0
0
There is a time when every Linux Administrator gets stuck at a point of his career when he/she has to set a custom path or any other environment variable permanently in the Linux machine.

Suppose you have added a new path to the PATH variable using the shell but you might observe that every time you switch terminal the PATH variable does not works.

Solution
To make this issue to be resolved permanently you need to add the variable inside .bashrc or .bash_profile file inside the home folder of the user.

For example, you want to add a PATH variable for root user so you need to add the path inside ~/.bashrc or ~/.bash_profile

Now the confusion comes which file should we place the variable or inside both the files?

Difference between .bashrc and .bash_profile


Every time you login to a Linux (Red Hat) machine .bash_profile file is executed
but
In case you are already logged in and you open a new terminal then .bashrc file is executed

So, basically you can put the environment variable inside any of the two files. As per me I would advice you to put the same inside .bash_profile.

WHY?


Have a look at .bash_profile file
# less ~/.bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
        . ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATH
export PATH=$PATH:/usr/local/samba/bin
You can see in the highlighted part in blue in the above part, every time .bash_profile is executed it also runs .bashrc along with it. As you can see I have added an extra PATH variable for my samba so that I do not need to set it every time I log in.


Search

How to give permission to user to run some commands in Linux

December 27, 2013, 10:33 pm
$
0
0
In Linux you can easily give permissions to user on a command basis, according to which that user will be allowed to run only those commands as super user and apart from those he/she would act as a normal user with normal privilege.

There can be cases when you want your user to be allowed to restart some particular service or run some specific commands with super user privilege so in that case you just need to make an entry for that user in sudoers file.

Let me show you how to do so

The file responsible to providing such permissions to users is /etc/sudoers

You can either open the file using vi to edit or there is an alternate and BETTER option to edit the sudoer file i.e using visudo command

One question should come to your mind

Why should I use visudo command instead of directly editing the file with vi or any other editor?

Well the answer is in case you are editing the sudoers file using vi editor and you use any wrong syntax and save and exit the file then it might even become hard for the root user to log back in and edit the file again. As vi editor would not check for any syntax error inside the file.
That is the reason you should always prefer to use visudo because even in case you make any syntax error then visudo will prompt you before making and changes and exiting.
# visudo
Let us understand the syntax before starting the exercise

This is the syntax which you will have to follow in order to give any user any sort of command related permission
%group        host=(Service Account)       Commands
%group : Permission will be applicable to all the users in this group
host : From all these hosts users can run the mentioned commands
Service Account : The commands would be run with the privilege of mentioned Service Account
Commands : List of commands

Suppose you want to give your user permission to run network and apache server restart permission
# visudo
%test  192.168.0.100=(root)  /etc/init.d/network, /etc/init.d/httpd
So, in the above line we are telling our Linux machine, Allow all the users of test group from 192.168.0.61 to run network and apache server related commands using root privilege

Let use try to run these commands as test user
# su - test
$ sudo /etc/init.d/network restart
[sudo] password for test:
Shutting down interface eth0:  Device state: 3 (disconnected)
                                                           [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/3
                                                           [  OK  ]
Well it worked as expected

But what would happen in case test user tries to run any command for which he is not authenticated
$ sudo /etc/init.d/vsftpd restart
[sudo] password for test:
test is not allowed to run sudo on localhost.  This incident will be reported.
Oops the incident has been reported, but where will you check these reports?
# tail /var/log/secure
Sep 27 13:04:26 test sudo:     test : TTY=pts/1 ; PWD=/home/test ; USER=root ; COMMAND=/etc/init.d/network restart
Sep 27 13:09:23 test sudo:     test : user NOT authorized on host ; TTY=pts/1 ; PWD=/home/test ; USER=root ; COMMAND=/etc/init.d/vsftpd restart
Please let me know your success and failures

How to preserve Symbolic links with tar command in Unix/Linux

December 28, 2013, 10:12 pm
$
0
0
Well there are times when you have to take backup of your Linux machine and copy it some other location but at the same time you don't want to loose all the symlinks which are their in your machine. If you do a normal compression/decompression, then you will loose all your symbolic links which is not a good idea for a production environment specially.

If you go through the man page of tar
# man tar
 -h, --dereference
 follow symlinks; archive and dump the files they point to
So, as of now we need to use -h argument along with tar command but how and when?

Suppose I want to copy my home directory to some other location and my home directory consists of few symlinks
# cd /home/test
# ls -l
-rw-r--r--. 1 root root 0 Sep 28 12:45 1
lrwxrwxrwx. 1 root root 1 Sep 28 12:46 10 -> 5
-rw-r--r--. 1 root root 0 Sep 28 12:45 2
-rw-r--r--. 1 root root 0 Sep 28 12:45 3
-rw-r--r--. 1 root root 0 Sep 28 12:45 4
-rw-r--r--. 1 root root 0 Sep 28 12:45 5
lrwxrwxrwx. 1 root root 1 Sep 28 12:46 6 -> 1
lrwxrwxrwx. 1 root root 1 Sep 28 12:46 7 -> 2
lrwxrwxrwx. 1 root root 1 Sep 28 12:46 8 -> 3
lrwxrwxrwx. 1 root root 1 Sep 28 12:46 9 -> 4
As you can see there are many symlinks which exists in the test home directory. Now let us compress and copy to some other location

NOTE: You need to compress the directory without"-h" argument as you can see below
[root@test home]# tar -czvf test.tar.gz test/
test/
test/2
test/4
test/.gnome2/
test/1
test/.bash_history
test/8
test/.emacs
test/5
test/.bash_logout
test/9
test/10
test/.bashrc
test/.bash_profile
test/.mozilla/
test/.mozilla/extensions/
test/.mozilla/plugins/
test/6
test/7
test/3
Move the zipped file to another location
[root@test home]# mv test.tar.gz /tmp/
[root@test home]# cd /tmp/

While extracting the directory make sure you use "-h" argument as shown below
[root@test tmp]# tar -xhzvf test.tar.gz
test/
test/2
test/4
test/.gnome2/
test/1
test/.bash_history
test/8
test/.emacs
test/5
test/.bash_logout
test/9
test/10
test/.bashrc
test/.bash_profile
test/.mozilla/
test/.mozilla/extensions/
test/.mozilla/plugins/
test/6
test/7
test/3
[root@test tmp]# cd test
Now let us verify if it worked
[root@test test]# ls -l
total 0
-rw-r--r--. 1 root root 0 Sep 28 12:45 1
lrwxrwxrwx. 1 root root 1 Sep 28 12:49 10 -> 5
-rw-r--r--. 1 root root 0 Sep 28 12:45 2
-rw-r--r--. 1 root root 0 Sep 28 12:45 3
-rw-r--r--. 1 root root 0 Sep 28 12:45 4
-rw-r--r--. 1 root root 0 Sep 28 12:45 5
lrwxrwxrwx. 1 root root 1 Sep 28 12:49 6 -> 1
lrwxrwxrwx. 1 root root 1 Sep 28 12:49 7 -> 2
lrwxrwxrwx. 1 root root 1 Sep 28 12:49 8 -> 3
lrwxrwxrwx. 1 root root 1 Sep 28 12:49 9 -> 4

So. the magic did happened. Let me know your success and failures

Follow the below links for more tutorials


How to extract files to different directory using tar in Unix/Linux

December 28, 2013, 11:10 pm
$
0
0
Most of us extract the compressed file in the same directory but what if you get into a situation you need to extract it at some other location?

You just need to add one extra argument
# tar -xzvf file.tar.gz -C /destination/path
For eg
# pwd
/home
# tar -czvf test.tar.gz test/
So, now our test directory is compressed. let us extract it inside /tmp staying under /home
[root@test home]# tar -xzvf test.tar.gz -C /tmp/
# cd /tmp
# ls -l
drwx------. 4 test test 4096 Sep 28 12:46 test

Easy and simple. Let me know your success and failures

Follow the below links for more tutorials


Multiple connections to a server or shared resource by same user

December 29, 2013, 12:11 am
$
0
0
Error:
Multiple connections to a server or shared resource by same user, using more than one username, are not allowed. Disconnect all previous connections to the server or shared resource and try again
This is generally a windows error which comes across when you try to access some share with multiple username/password on the same machine. But it is related to Linux as it also happens when you try to access the same samba share with different login credentials using the same windows machine.

Solution:
Windows by default stores a cache of all the network drives accessed so that next time when you try to access the same path it will take the credentials from the cache without prompting for username/password again.

In such cases you need to clear the cache. How do we do that?

Go to your windows machine and open the cmd prompt
C:\Users\Deepak>net use
New connections will be remembered.

Status       Local     Remote                    Network

-------------------------------------------------------------------------------
OK                     \\192.168.0.100\IPC$        Microsoft Windows Network
The command completed successfully.
As you see above a single cache entry is there in my windows machine for //192.168.0.100, so next time if I try to access this share with some other username/password, I would get the same error.

So we will have to clear this cache
C:\Users\Deepak>net use /delete \\192.168.0.100\IPC$
\\10.10.10.40\IPC$ was deleted successfully.

C:\Users\Deepak>net use
New connections will be remembered.

There are no entries in the list.
Now the cache list is empty and you can try to re-connect the share with new credential

Follow the below links for more tutorials


How to do Ethernet/NIC bonding/teaming in Red Hat Linux

January 3, 2014, 11:30 pm
$
0
0
NICteaming/bonding is used mostly in scenarios where you cannot afford to loose connectivity due to ethernet failover issues and also it has many other advantages like to distribute bandwidth, fault tolerance etc

Let us start with the configuration steps
Make sure you have two(at least) physical Ethernet cards in your Linux machine.

Edit the configuration files of both the Ethernet cards with the options as shown below
# less /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
MASTER=bond0
USERCTL=no
SLAVE=yes
BOOTPROTO=none
TYPE=Ethernet
ONBOOT=yes
# less /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no
Create a new file inside /etc/sysconfig/network-scripts/ifcfg-bond0 with the parameters as shown below
# less /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
IPADDR=192.168.0.100
NETWORK=192.168.0.1
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
And finally append/make these following changes in below mentioned file as shown
# vi /etc/modprobe.conf
alias bond0 bonding
options bond0 mode=1 miimon=100

Here, you can use different values for mode and miimon

What is mode in NIC Teaming in Linux?

You can configure NIC Teaming for various purposes. So while configuration you will have to specify the purpose you want to utilise NIC Teaming.
Here are the list of available options
mode=0 : Load Balancing
mode=1 : Fault Tolerance

balance-rr: Frames are transmitted in a round-robin fashion without hashing, to truly load balance.

802.3ad: This mode is the official standard for link aggregation, and includes many configurable options for how to balance the traffic.

balance-xor: Traffic is hashed and balanced according to the receiver on the other end. This mode is also available as part of 802.3ad.

broadcast: This mode is not really link aggregation - it simply broadcasts all traffic out both interfaces, which can be useful when sending data to partitioned broadcast domains for high availability. If using broadcast mode on a single network, switch support is recommended.

balance-tlb: Outgoing traffic is load balanced, but incoming only uses a single interface. The driver will change the MAC address on the NIC when sending, but incoming always remains the same.

balance-alb: Both sending and receiving frames are load balanced using the change MAC address trick.

What is miimon in NICTeaming?

Specifies (in milliseconds) how often MII link monitoring occurs. This is useful if high availability is required because MII is used to verify that the NIC is active. To verify that the driver for a particular NIC supports the MII tool, type the following command as root:
# ethtool <interface_name> | grep "Link detected:"

# ethtool eth0 | grep "Link detected:"
        Link detected: yes

# ethtool eth1 | grep "Link detected:"
        Link detected: yes
So for our demo purpose we will use mode 1 make NIC bonding for Fault Tolerance

Now time to load the bonding module
# modprobe bonding
Restart the network interface to make the changes affect
# service network restart
Verify if your configuration has worked properly using below command
# cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.4.0-1 (October 7, 2008)

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: eth0
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 5f:5g:56:3v:23:54

Slave Interface: eth1
MII Status: up
Speed: 1000 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: 4f:76:23:v4:76:f6

Check your network status

# ifconfig
bond0     Link encap:Ethernet  HWaddr R5:4G:45:6H:14:54
          inet addr:192.168.0.100 Bcast:192.168.0.1  Mask:255.255.255.0
          UP BROADCAST RUNNING MASTER MULTICAST  MTU:1500  Metric:1
          RX packets:675166546 errors:0 dropped:0 overruns:0 frame:0
          TX packets:60123345 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:717558660669 (668.2 GiB)  TX bytes:680121390699 (633.4 GiB)

eth0      Link encap:Ethernet  HWaddr 5F:5G:56:3V:23:54
          UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
          RX packets:675130834 errors:0 dropped:0 overruns:0 frame:0
          TX packets:601230970 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:717553120481 (668.2 GiB)  TX bytes:680121390699 (633.4 GiB)
          Interrupt:169 Memory:96000000-96012800

eth1      Link encap:Ethernet  HWaddr 4F:76:23:V4:76:F6
          UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
          RX packets:35302 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5540188 (5.2 MiB)  TX bytes:0 (0.0 b)
          Interrupt:122 Memory:94000000-94012800

Let me know your success and failures

Follow the below links for more tutorials

Multiple connections to a server or shared resource by same user
How to extract files to different directory using tar in Unix/Linux
How to preserve Symbolic links with tar command in Unix/Linux
How to give permission to user to run some commands in Linux
How to set environment (PATH) variable permanently in Linux
How to mount windows share on linux

How to install/uninstall/upgrade rpm package with/without dependencies

January 4, 2014, 3:49 am
$
0
0
A RPM package abbreviated as Red Hat Package Manager refers to Red Hat package installed on Fedora, CentOS, OEL and all Red Hat source code derived OS.

To know more about a rpm package click on the below link
Understanding RPM package

Installing from the downloaded rpm package


Use -ivh switch along with rpm command as shown below
# cd /root/rpms
# rpm -ivh cvs-1.11.23-16.el6.i686.rpm
Preparing...                ########################################### [100%]
   1:cvs                    ########################################### [100%]

Installing directly from the package available on web.


But for this you need to have the proper link of the rpm you want to download or install
# rpm -ivh ftp://ftp.pbone.net/mirror/ftp.centos.org/6.5/os/i386/Packages/cvs-1.11.23-16.el6.i686.rpm
Retrieving ftp://ftp.pbone.net/mirror/ftp.centos.org/6.5/os/i386/Packages/cvs-1.11.23-16.el6.i686.rpm
warning: /var/tmp/rpm-tmp.z3VsTc: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:cvs ########################################### [100%]


Installing a package forcefully without dependencies


Use --force argument along with -ivh switch as shown below to install forcefully without dependencies
# rpm -ivh vsftpd-2.2.2-11.el6_4.1.i686.rpm --force
warning: vsftpd-2.2.2-11.el6_4.1.i686.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:vsftpd ########################################### [100%]


Upgrading a package


Use -Uvh switch along with rpm command
# rpm -q vsftpd
vsftpd-2.0.5-28.el5.i386
# rpm -Uvh vsftpd-2.2.2-11.el6_4.1.i686.rpm
warning: vsftpd-2.2.2-11.el6_4.1.i686.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:vsftpd ########################################### [100%]


Removing a package


You can uninstall a package using -e switch along with rpm command

NOTE: Before removing a package make sure you get the complete name of the package using the below command
# rpm -qa | grep cvs
cvs-1.11.23-16.el6.i686
# rpm -e cvs-1.11.23-16.el6.i686

How to give normal user root privileges using sudo in Linux/Unix

January 10, 2014, 9:24 am
$
0
0
In this post I will be very brief on the topic we need to do. As for more knowledge on sudo command and sudoers file follow the below link
How to give permission to user to run some commands in Linux

As per my knowledge there are two methods to do the same. I have tested these commands and methods in Red Hat Linux.

Method 1
# visudo
Add an extra line in the last and make this entry
deepak    ALL=(ALL)   ALL

Using this above line you are telling your Linux box to give full permission for user deepak on all the hosts and all the commands
[deepak@test ~]$ sudo /etc/init.d/network restart
[sudo] password for test:
Shutting down interface eth0:  Device state: 3 (disconnected)
                                                           [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                            [  OK  ]
Bringing up interface eth0:  Active connection state: activated
Active connection path: /org/freedesktop/NetworkManager/ActiveConnection/1
                                                           [  OK  ]


Method 2
Add the user to wheel group
# usermod -G wheel deepak
Verify the same
# cat /etc/group | grep wheel
wheel:x:10:root,deepak
Now uncomment this line from sudoers file
# visudo
## Allows people in group wheel to run all commands
 %wheel ALL=(ALL)       ALL
The reason we did this because be default root is a member of wheel group so in case you want to give root level permission to any normal user then add him/her in wheel group.
$ sudo /etc/init.d/vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

Please let me know your success and failures

Follow the below links for more tutorials


Search

How to unlink/delete a symbolic in Linux

January 10, 2014, 10:17 am
$
0
0
In my earlier post I had shown you in detail the steps to create a soft link and hard link in Linux. If you have missed it you can read about the same in below link
How to create Soft Link (Symlink) and Hard Link in Linux

In this post I will show you simple steps to unlink the symlink

Suppose you have a link as shown below
# ls -l
drwxr-xr-x.  2 root root  4096 Sep 12 13:55 Desktop
lrwxrwxrwx   1 root root     7 Jan 10 23:34 shortcut -> Desktop
Here shortcut is a symlink for Desktop

Method 1
NOTE: Always remember you have to remove the shortcut link which is created and not the original directory.
# rm shortcut

NOTE: symlink is the one which you will see in blue colour

Method 2
# unlink shortcut/
unlink: cannot unlink `shortcut/': Not a directory


Why am I getting this error?

It is because there is a forward slash at the end of the link which should not be there as it is a link and not a directory so you need to specify only the link which has to be removed/deleted.

Let us try again
# unlink shortcut
Now the command ran without any error. The same can be verified using "ls -l"

Follow the below links for more tutorials


How to create user without useradd command in Linux

January 12, 2014, 1:47 am
$
0
0
Follow these steps to create a user without using useradd command in Red Hat Linux.

Step 1
Add an entry of user details in /etc/passwd
# vi /etc/passwd
user:x:501:501:test user:/home/user:/bin/bash
Step 2
You will have to create a group with same name. So add a new entry in /etc/group
# vi /etc/group
user:x:501:
Step 3
Assign a password to the user
# passwd user
Changing password for user user.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Now let us try to login with our newly created user
# su - user
-bash-4.1$
You should see [user@test ~]$ instead of -bash-4.1$ prompt. So why does this happens?

Let us check the contents of its home directory
-bash-4.1$ ls -al
drwxr-xr-x 2 root root 4096 Jan 12 14:27 .
drwxr-xr-x. 3 root root 4096 Jan 12 14:27 ..
So, as you see none of the default contents of a normal user home directory is missing.

Final Step 4
NOTE:/etc/skel directory contains all the defaults files which are present inside the home folder of any user

So, copy the contents from /etc/skel inside /home/user using the below command
[root@test ~]# cp -v /etc/skel/.* /home/user/
cp: omitting directory `/etc/skel/.'
cp: omitting directory `/etc/skel/..'
`/etc/skel/.bash_logout' -> `/home/user/.bash_logout'
`/etc/skel/.bash_profile' -> `/home/user/.bash_profile'
`/etc/skel/.bashrc' -> `/home/user/.bashrc'
`/etc/skel/.emacs' -> `/home/user/.emacs'
cp: omitting directory `/etc/skel/.gnome2'
cp: omitting directory `/etc/skel/.mozilla'
Now re login to the user
[root@test user]# su - user
[user@test ~]$
And you are good to go.

IMPORTANT NOTE: But one more thing, did you noticed I didn't touched /etc/shadow file while it also contains all the user related details. As soon as we assign a password to the user an entry for that user is created inside /etc/shadow

NOTE: Do not manually edit /etc/shadow file because it contains the encrypted password section which is automatically generated
# cat /etc/shadow | grep user
user:$6$HG.agA9Q$X2scLxur6G6FIW0eb1ArgAQcnioNLJmeBjDX.FAvfchXUhElwVKhwa3hHCFMI/vNUdr3fgqcge2PTEaKFfzXW/:16082::::::
Let me know your success and failures


How to create password less ssh connection for multiple non-root users

January 12, 2014, 4:19 am
$
0
0
I had done password less shh authentication between multiple Linux box a couple of time but this time I had to do the same for normal user. I thought it would be same and actually it is the same but still there are few things which we might miss out and also it becomes a bit complicated and confusing as I did so for them I thought I should give some tips.

Question
You have to create a password less ssh connection between 3 Linux box for non root user i.e a normal user deepak.

Pre-requisites
User deepak should exist on all the 3 Linux box

Server details
server 1
IP 192.168.0.101

server 2
IP 192.168.0.102

server 3
IP 192.168.0.103

Making password less connection from Server 1

On server 1
Login as user deepak
[deepak@server101 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/deepak/.ssh/id_rsa):
Created directory '/home/deepak/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/deepak/.ssh/id_rsa.
Your public key has been saved in /home/deepak/.ssh/id_rsa.pub.
The key fingerprint is:
f8:c3:78:b7:6d:89:01:3e:44:bc:3c:df:70:72:04:0c deepak@server101.example

With the above command we have created a pair of public and private key using RSA type authentication.

Click the link to know more about RSA and DSA type of authentication

Now to create a password less ssh connection we need to copy id_rsa.pub to the remote server i.e server 2 and server 3
[deepak@server101 ~]$ scp .ssh/id_rsa.pub 192.168.0.102:/home/deepak/
[deepak@server101 ~]$ scp .ssh/id_rsa.pub 192.168.0.103:/home/deepak/
On server 2
Create .ssh directory in your home folder as it will not be present by default
NOTE: Make sure the permission on .ssh is 700
[deepak@server102 ~]$ mkdir .ssh
[deepak@server102 ~]$ ls -al | grep .ssh
drwx------ 2 deepak deepak  4096 Jan 10 23:24 .ssh
This next step you are appending the contents of the copied id_rsa.pub from server 1 into your authorized_keys file

NOTE: By default authorized_keys file will not be present. The below command will automatically create this file and append the output of cat into it.
[deepak@server102 ~]$ cat id_rsa.pub >> .ssh/authorized_keys
NOTE: Make sure the permission on authorized_keys is 600
[deepak@server102 ~]$ ls -al .ssh/
-rw------- 1 deepak deepak   1616 Jan 11 04:21 authorized_keys
To view the contents of the contents of copied id_rsa.pub into authorized_keys
[deepak@server102 ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvaI3NDGXRQ922OJBh3nYmjkWwA6m0A7leiciIhXV1NxntM38K2Y8XIvCd3FPruguyB97P2r4mDpHPGtT5X4ZSWP8hrTxVcRmG8PfX0UelkquPikjC3Mj3XbQZC6H7rKLv4qwLR8PayBkdD004NIvhYAbE+5F5UCuDtOdcvoDDfV1pjVq44ZwyZyl1P3oui8GJpTkJ+isI0RASY3HOm50OTy+6XH/5HQLaPkc+0MMtc8D1y1xMqJ26cntsZLzEInuwbVSgUxuzJ/z9+j+Y4f7CJaEDC3fo8YFooQ8VxTdm5aXjeMMYu2mDpTfNn5GIXLCCwhk6kV5M3pdKpF7iPtQ== deepak@server101.example
The same has to be done on server 3

On Server 3
NOTE: Make sure the permission on .ssh is 700
[deepak@server103 ~]$ mkdir .ssh
[deepak@server103 ~]$ ls -al | grep .ssh
drwx------ 2 deepak deepak 4096 Jan 10 23:24 .ssh
[deepak@server103 ~]$ cat id_rsa.pub >> .ssh/authorized_keys
Restart your ssh services on Server 1 for the changes to take affect
# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
Using the above steps we have successfully created a password less authentication from
server 1 ------> server 2
server 1 ------> server 3
For the same has to be done from server 2 and server 3 with each other. So we will have to generate rsa keys on server 2 and server 3 as well.

Making password less connection from Server 2

On server 2
Login as user deepak
[deepak@server102 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/deepak/.ssh/id_rsa):
Created directory '/home/deepak/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/deepak/.ssh/id_rsa.
Your public key has been saved in /home/deepak/.ssh/id_rsa.pub.
The key fingerprint is:
n9:b3:87:34:ed:bg:12:bg:23:vf:23:vf:23:d3:3d:f4 deepak@server102.example

Now to create a password less ssh connection we need to copy id_rsa.pub to the remote server i.e server 1 and server 3
[deepak@server102 ~]$ scp .ssh/id_rsa.pub 192.168.0.101:/home/deepak/
[deepak@server102 ~]$ scp .ssh/id_rsa.pub 192.168.0.103:/home/deepak/

On server 1
This next step you are appending the contents of the copied id_rsa.pub from server 2 into your authorized_keys file
[deepak@server101 ~]$ cat id_rsa.pub >> .ssh/authorized_keys

The same has to be done on server 3

On Server 3
[deepak@server103 ~]$ cat id_rsa.pub >> .ssh/authorized_keys

Restart your ssh services on Server 2 for the changes to take affect
# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

Using the above steps we have successfully created a password less authentication from
server 2 ------> server 1
server 2 ------> server 3

Making password less connection from Server 3

On server 3
Login as user deepak
[deepak@server103 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/deepak/.ssh/id_rsa):
Created directory '/home/deepak/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/deepak/.ssh/id_rsa.
Your public key has been saved in /home/deepak/.ssh/id_rsa.pub.
The key fingerprint is:
98:f4:98:f5:12:54:2d:5g:54:bg:5c:bg:12:fr:23:de deepak@server103.example

Now to create a password less ssh connection we need to copy id_rsa.pub to the remote server i.e server 1 and server 2
[deepak@server103 ~]$ scp .ssh/id_rsa.pub 192.168.0.101:/home/deepak/
[deepak@server103 ~]$ scp .ssh/id_rsa.pub 192.168.0.102:/home/deepak/

On server 1
This next step you are appending the contents of the copied id_rsa.pub from server 3 into your authorized_keys file
[deepak@server101 ~]$ cat id_rsa.pub >> .ssh/authorized_keys

The same has to be done on server 2

On Server 2
[deepak@server102 ~]$ cat id_rsa.pub >> .ssh/authorized_keys

Restart your ssh services on Server 3 for the changes to take affect
# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
Using the above steps we have successfully created a password less authentication from
server 3 ------> server 1
server 3 ------> server 2
So finally if you view the contents of your authorized_keys file in each user's home location you should be able to see something like this
[deepak@server103 ~]$ cat .ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2pKXrVmdyJrVlds5qfuTMa5TugOb6loZTUkijgkvNRztSZ1AFesXWwMS+JaifQaX6bqdkWeZU5lCQeBHrNrc7wTFtChMx85so6S46o9Nfv0Q5qk7e2a0O2rLtww8NlBDp4b1tMU1HXFIIJDM0KwlvSlBtYIHqufvPxzIiK3R1kp87ZGMDg+sPHFOm8DRut0QFCV65174XM3GaMIhksN+xs5V53JKBp70rLhtTikPYb7nzmWIGqs8W6N/YsZpTxEmGhOLwGznY079aEIVLIotSqPt7t0s+vh/lyaImCOUzJiNGqkMXjCLo40QA2YGCc4yetJ4DxBkPTwVnlRmUYZRmw== deepak@server101.example
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvaI3NDGXRQ922OJBh3nYmjkWwA6m0A7leiciIhXV1NxntM38K2Y8XIvCd3FPruguyB97P2r4mDpHPGtT5X4ZSWP8hrTxVcRmG8PfX0UelkquPikjC3Mj3XbQZpC6H7rKLv4qwLR8PayBkdD004NIvhYAbE+5F5UCuDtOdcvoDDfV1pjVq44ZwyZyl1P3oui8GJpTkJ+iscI0RASY3HOm50OTy+6XH/5HQLaPkc+0MMtc8D1y1xMqJ26cntsZLzEInuwbVSgUxuzJ/z9+j+Y4f7CJaEDC3fo8YFooQ8VxTdm5aXjeMMYu2mDpTfNn5GIXLCCwhk6kV5M3pdKpF7iPtQ== deepak@server102.example
It should have two entries for each server you have configured password less authentication using RSA encryption

IMPORTANT NOTE: For creating password less ssh authentication between multiple Linux machine using normal users make sure the two permissions are implemented or else the password less ssh authentication won't work
Permission 600 on authorized_keys file and
Permission 700 on .ssh directory

Follow the below links for more tutorials

Multiple connections to a server or shared resource by same user
How to extract files to different directory using tar in Unix/Linux
How to preserve Symbolic links with tar command in Unix/Linux
How to give permission to user to run some commands in Linux
How to set environment (PATH) variable permanently in Linux
How to mount windows share on linux

How does a DNS query works when you type a URL on your browser?

January 19, 2014, 1:04 am
$
0
0
Ever Wondered How does a DNS query works? I mean what happens exactly when you type www.golinuxhub.com on your browser. Honestly most of us are not bothered unless the web page doesnot opens.

Anyways let me tell you what happens back end when you type a website name on a browser. We will go step by step and I will try to explain all the terminology coming on our way.

What is DNS?

It is a short abbreviation for Domain Name Server. DNS is a very vast topic and not possible to cover completely by me but to be brief it is nothing but can be considered a Telephone directory of all the web Address all over the Internet. The same way you can't remember the telephone numbers of all your friends, so you use a telephone directory using names for each number. Similarly DNS uses a hostname mapping to different IP Address saving your time to memorise those digits with simple names.

What is FQDN?

It is a short abbreviation for Fully Qualified Domain Name. Let me explain this one to you with an example

For Eg www.example.com is a FQDN where www is the hostname, example is the domain name and .com is TLD(Top Level Domain)

Now What is Top Level Domain (TLD) ?

A top-level domain (TLD) is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last label of a fully qualified domain name.The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last label of a fully qualified domain name.

Question
What happens when we type www.golinuxhub.com on the browser?

Answer

Step 1 (Local DNS cache)
The first thing your browser will look for any DNS cache stored in the memory for that address. In case it finds a cache then it won't do any further enquiry and will open the page from the cache.

Step 2 (ISP Recursive DNS servers)
Suppose there is no DNS cache for www.golinuxhub.com in your browser. Next thing it will query your ISP Recursive nameservers. The ISP's contain Recursice DNS servers which does the DNS query on your behalf. Basically they don't keep any information about the DNS and their names records, instead they store a cache for the page from and earlier requests made.

Step 3 (root servers)
Next the query is sent to root nameservers.They will respond to our query with a lookup from right to left in a domain name i.e. www.golinuxhub.com.

What is a root nameserver?

These are the nameservers which keep details of all the nameservers all around the world which are updated automatically every millisecond. Basically there are 13 root servers acting almost around the globe from a.root-servers.net through m.root-servers.net each associated with an IP Address.

Now the query doesn't ends here as root servers may contain the list of all nameservs but they don't have the record of authoritative detail for any nameserver. So these root servers will redirect you to the TLD nameservers responsible for .com domains.

For more information n root servers you can follow this blog
blog.cann.org

Step 4 (TLD servers)
The TLD nameservers will now look up for the query provided by the root servers. At this stage they will ask the .com server regarding the details for www.golinuxhub.com. Here the .com server will reply that they do not the the address of www.golinuxhub.com but they do know where you can find it i.e authoritative nameservers.

Step 5 (Authoritative nameservers)
Now the authoritative nameservs are the one which contains all the information about any domain name which are stored in DNS records i.e A, CNAME, PTR, MX records etc.

Now here since we want an authoritative answer for domain www.golinuxhub.com, that means we are basically asking for Address (A) record for that nameserver. The A record would contain the list of IP Addresses on which the webpage is configured.

Step 6 (ISP Recursive DNS cache)
This A record is retrieved using the DNS recursive nameservers, so they will keep a copy of the record in it's cache to resolve it their itself without making any further queries for any request made to the same webpage.

How long these cache will be stored with ISP?

Every record is defined with a TTL value i.e. Total Time to Live according to which the cache will be stored up till a defined period of TTL after which the ISP DNS will again have to resend the query to get a new copy of the record and follow the above procedure to open the same webpage.

Step 7 (Browser Cache)
The browser now since got the look up IP for golinuxhub.com it will open up the webpage for you. Now your computer will also store a record of the cache for this page locally. So that the information can be collected instantly without making any further requests when same webpage is tried to access in future.

These 7 steps process takes only a few seconds or also milliseconds depending upon your internet speed to finish.

I hope I made my self clear. Keep surfing.

Follow the below links for more tutorials

How to create password less ssh connection for multiple non-root users
How to create user without useradd command in Linux
How to unlink/delete a symbolic in Linux
How to give normal user root privileges using sudo in Linux/Unix
How to do Ethernet/NIC bonding/teaming in Red Hat Linux
How to install/uninstall/upgrade rpm package with/without dependencies
Multiple connections to a server or shared resource by same user
How to extract files to different directory using tar in Unix/Linux
How to preserve Symbolic links with tar command in Unix/Linux

What is a Kernel in Linux?

January 19, 2014, 2:15 am
$
0
0
This is the first question which should come to your mind when you start reading and knowing Linux because without knowing what a kernel is you can not move ahead.

Let me help you understand kernel

Question
What is Linux Kernel?

Answer
It acts as an interpreter between Linux OS and its hardware. It is the fundamental component of Linux OS and contains hardware drivers for the devices installed on the system. The kernel is a part of the system which loads first and it stays on the memory.

What is monolithic kernel?

A monolithic kernel is set up so that all the drivers are compiled in the kernel. There's no need for the user to load any modules. However when you install new drivers, you need to recompile the kernel. As a result kernel becomes larger and slower ans requires more memory.

What is modular kernel?

A modular kernel is set up so that most hardware drivers are compiled as modules. As a result you don't have to recompile the kernel when installing new hardware devices.

In practice kernels are combination of monolithic and modular kernels where some drivers are compiled into the kernel and some are compiled as modules.

Some bullet points
The Linux kernel acts as a mediator between system's hardware and software.
It is also responsible for memory management and multiplexing
It divides a CPUs processing capacity between application so that they can run simultaneously

Follow the below links for more tutorials



Interview Questions on Linux Filesystems

January 25, 2014, 1:33 am
$
0
0
1. What is the filesystem used in Rhel 5 and Rhel 6?
Ans: ext3 for RHEL 5 and ext4 for RHEL 6

2. What is the difference between ext3 and ext4 filesystem?
Ans:
Ext3
Maximum individual file size can be from 16 GB to 2 TB
Overall ext3 file system size can be from 2 TB to 32 TB

Ext4
Maximum individual file size can be from 16 GB to 16 TB
Overall maximum ext4 file system size is 1 EB (exabyte). 1 EB = 1024 PB (petabyte). 1 PB = 1024 TB (terabyte).

3. What is the command used to check any hardware changes made on the system in Linux?
Ans: kudzu
4. Is it possible to increase swap partition? If yes then how?
Ans: Yes, Follow the below link
How to increase size of swap partition

5. What is a swap partition ? What is the recommended swap partition for 8 GB RAM?
Ans: Swap partition is a feature used in Linux which uses the space allocated to it from the physical hard drive and is utilized by te system when RAM memory goes full.

Amount of RAM in the System Recommended Amount of Swap Space
4GB of RAM or less a minimum of 2GB of swap space
4GB to 16GB of RAM a minimum of 4GB of swap space
16GB to 64GB of RAM a minimum of 8GB of swap space
64GB to 256GB of RAM a minimum of 16GB of swap space
256GB to 512GB of RAM a minimum of 32GB of swap space

6. What is the procedure you follow to extend a LVM partition?
Ans: lvextend -L +1G /dev/VolGroup/LogVol1
This will extend the partition size by +1 GB
resize2fs /dev/VolGroup/LogVol1
7. What is the command to view all the available partitions on the system?
Ans: fdisk -l
8. What is the command to view all the mounted partitions on the system?
Ans: mount
9. What is the use of mtab directory?
Ans: It contains a list of all the mounted directories or partitions on the system

10. How do you make permanent changes to any file inside /proc directory?
Ans: sysctl -p
11. What is the default mode when you enter single user mode?
Ans: read only for the first time but once you change it to read write then from next time onward it will be read write

12. Explain the procedure to fix a case when a system is unable to boot due to improper entry in fstab
Ans: Boot into single user mode and make the necessary corrections inside fstab

13. What does the last two sections define in fstab file?
Ans: The 5th column tells the dump information if whether the partition has to be backed up. It it is "0" the
filesystem will be ignored
The 6th column tells the order in which fsck command would check the filesystem on boot. If it is "0" then fsck won't check the filesystem

14. What is the command to display all the logical volume available in the system?
Ans: lvdisplay
15. How do you mount a windows share on Linux? Is it possible?
Ans: Follow the below link
How to mount Windows share in Linux?

16. What is the difference between NFS share and a Samba share?
Ans: NFS sharing is done between linux to Linux where Samba sharing can be done between Linux-Linux and Linux-windows

17. What is the default permission applied on the user when you mount a NFS permission on any local directory in your system?
Ans: no user permission which is a system account in all the machines having normal user level privileges unless no_root_squash or any other permission specification is not provided on the share

18. What is the command to view all the kernel parameters?
Ans: sysctl -a

19. What is . and .. in very directory of Linux system?
Ans: Follow the below link
What is . and .. inside each directory path in Linux?

20. What is the command to view all the variables in your system?
Ans: set

21. How can you make a custom environment variable permanent so that it works even after reboot?
Ans: Follow the below link
How to set environment variable path permanently

Interview Questions on Linux User Management

January 25, 2014, 1:46 am
$
0
0
1. How can you create a user without useradd command
Ans: Follow the below link
How to create a user without useradd command?

2. What is the default permission on user's home directory?
Ans: 700

3. What is the difference between .bash_profile and .bashrc?
Ans: Every time you login to a Linux (Red Hat) machine .bash_profile file is executed
but
In case you are already logged in and you open a new terminal then .bashrc file is executed

4. What is the command to create a user with a pre defined uid, shell and home directory?
Ans: useradd -m -d /path/to/home -s /bin/bash -u 550 deepak
5. Explain each field of /etc/passwd
Ans: deepak:x:512:512:User:/home/deepak:/bin/bash
1st field: username
2nd field: x tells that an encrypted password is stored in /etc/shadow
3rd field: uid
4th field: gid
5th field: Description
6th field: home directory
7th field: default login shell
6. How to change primary group for any user?
Ans: usermod -g groupname  username
7. If I delete a user, does it's home directory gets deleted? If not then what is the command to delete the home directory of user along with the user
Ans: No.
# userdel -r username
8. Name any 3 files which are automatically created inside any user's home directory when a user is added
Ans: .bashrc
.bash_profile
.bash_history
9. What is the command to view all the currently logged in users?
Ans: w
10. What is the command to change and view the expiry date for any user?
Ans: chage
11. What are the details you get with finger command?
Ans: Login Details
Mail
Home directory
Last login
12. How can you give a normal user all the root level privileges?
Ans: Add the user to wheel group and uncomment the wheel group line in sudoers file
Give the user all command permission in sudoers

13. Name any 3 groups of which root is a member by default
Ans: root
bin
daemon
sys
adm
disk
wheel
14. How can you give sudo access to any user without asking him to provide passord every time he runs a command?
Ans: Add an extra parameter NOPASSWD in sudoers file while giving the user permission to run root level commands

15. Why do we use visudo rather than editing the file with vi or any other editor?
Ans: Follow this link
A guide on visudo and its usage

Search

Interview Questions on Linux Networking

January 25, 2014, 2:40 am
$
0
0
1. How do you perform NIC teaming?
Ans: Follow the below link
NIC Bonding in Red Hat Linux

2. What is the difference between TCP and UDP protocol?
Ans: 

  • TCP is a connection oriented protocol and contain the information of sender as well as receiver.
  • Eg: HTTP.FTP, Telnet
  • TCP is slower than UDP due to its error checking mechanism
  • UDP protocols are connection less packets have no information to where they are going. These type of ports are generally used for broadcasting. 
  • For eg: DNS, DHCP
  • UDP are faster
3. What are the benifits of NIC Teaming?
Ans: Load balancing
Fault Tolerance
Failover

4. Mention all the network configuration files you would check to configure your ethernet card
Ans: /etc/sysconfig/network-scripts/ifcfg-eth*
/etc/sysconfig/network
/etc/resolv.conf
/etc/nsswitch.conf
5. What is the the use of /etc/resolv.conf?
Ans: It contains the details of nameserver i.e details of your DNS server which helps us connect to Internet

6. What is the use of /etc/hosts file?
Ans: To map any hostname to its relevant IP

7. What is the command to check all the open ports of your machine?
Ans: nmap localhost
8. What is the command to check all the listening ports and services of your machine?
Ans: netstat -ntlp
9. How can you make a service run automatically after boot?
Ans: using chkconfig command

10. What are the 6 run levels of linux? And how can you configure your script to run only when the system boots into GUI and not to any other runlevel
Ans: 0 power off
1 single user
2 multi user without network
3 multiuser with network
4 development purpose
5 GUI
6 Restart

chkconfig --level 5 service_name on
chkconfig --level 1234 service_name off
11. What is a 3 way handshake protocol? Give an example of it
Ans: SYN - system 1 sends SYN signal to rmote system
SYN-ACK - remote sysstem receives the syn signal and sends ack signal
ACK - system again receives ack signal from remote system and connection is established

12. What are the possible ways to check if your system is listening to port 67
Ans: nmap localhost | grep 67
netstat -ntlp | grep 67

Interview Questions on Linux Permissions

January 25, 2014, 10:31 am
$
0
0
1.What is the difference between SUID and SGID?
Understanding special permission SUID
Understanding special permission SGID

2. What is Sticky Bit permission?
Understanding special permission Sticky Bit

3. What is umask?
In computing, umask is a command that determines the settings of a mask that controls which file permissions are set for files and directories when they are created. It also refers to a function that sets the mask, and to the mask itself, which is formally known as the file mode creation mask.

4. What is the default umask value for useradd command and where is it defined?
Default umask value for useradd: 077
/etc/login.defs
5. Will you be able to cd into a directory with only read permission?
No, we need execute permission along with read to cd into directory

6. What is -R argument used for along with chmod command?
To recursively apply the permission to all the directories including sub directories and files

7. How can you restrict a normal as well as root user from making any changes as well as deleting any file?
chattr command
Increase security using extended file attributes
8. What is the + plus sign you see at the end of permissions for some directories?
http://www.golinuxhub.com/2013/12/what-is-plus-sign-in-permission-in-linux.html

9. How do you give acl in Linux?
Give individual permission usinf setfacl

10. What is the difference between small t and capital T when applying sticky bit permission?
Before applying Sticky Bit with executable permission
# chmod 775 /statusupdate
# ls -l
drwxrwxr-x. 3 root root 4096 Oct 17 07:07 statusupdate
After Sticky Bit with executable permission
# chmod 1775 /statusupdate
# ls -l drwxrwxr-t. 3 root root 4096 Oct 17 07:07 statusupdate
Now as you see a small (t) since the directory had executable permission

Before applying sticky bit without executable permission
# chmod 774 /statusupdate
# ls -l
drwxrwxr--. 3 root root 4096 Oct 17 07:07 statusupdate
After Sticky Bit without executable permission
# chmod 1774 /statusupdate
# ls -l
drwxrwxr-T. 3 root root 4096 Oct 17 07:07 statusupdate

Linux Interview General Questions

January 25, 2014, 10:57 am
$
0
0
1. Explain in detail the Linux booting procedure
  1. When a Linux machine is powered on BIOS loads up first.
It will prompt you to select boot device which can be Hard disk, CD-ROM, Floppy drive, Network etc
By default generally it will boot with hard disk

  2. Next comes your MBR
This will load and execute the GRUB boot loader menu

  3. GRUB stands for Grand Unified Boot Loader
This will display the a splash screen with the contents of /boot/grub/grub.conf
List of available and installed kernels will be shown, if not selected default kernel will be loaded

  4. Kernel
Mounts the root files system as specified by "root=" parameter inside /boot/grub/grub.conf file
Next it will execute /sbin/init program

  5. Init
This will boot the linux machine in the default run level as specified by /etc/inittab

  6. Runlevel
All the scripts loaded inside the selected runlevel from step 5 will be executed These scripts are placed inside

/etc/rc.d/rcx.d/
Here x is the runlevel value which will be varying from 0-6
Scripts starting from S would load at startup and those starting with K would kill the process at shutdown. These incident will take place as per the numerical value assigned to them.
For ex: s13network will load prior than s15 sendmail

  7. Next your login screen will come up

2. How many commands do you know which can be used to view the contents of any file?
7 commands to view the contents of a file

3. How will you delete a symlink
How to delete or remove any symlink

4. How will you check if your machine is 64-bit compatible?
# uname -m
5. How can you add a banner or login message in Linux?
By editing these two files
/etc/issue
/etc/motd
For more details follow below link
How to show a login message after login prompt in Linux

6. How will you check the bit size of your machine?
How to find the bit size of your Linux machine

7. How will you check the release version of your Linux machine?
# cat /etc/redhat-release
8. What is the difference between normal kernel and kernel-PAE?
kernel in 32 bit machine supports max of 4 GB RAM but kernel PAE in 32 bit linux machine supports till 64 GB RAM

9. Tell me the command to find all the commands in your linux machine with only 2 words
# find /bin /sbin/usr/bin /usr/sbin -name ?? -type f
10. Which file is generally used to configure kickstart?
anaconda.cfg
11. What is the command use to compress a dir using gzip compression?
# tar -czvf myfil.tar.gzip  orig_file
12. What is the command use to compress a dir using bzip2 compression?
# tar -cjvf myfil.tar.bzip2  orig_file
13. Which log file will you check for all authentication related messages?
/var/log/secure
14. What is the command to create multiple directories using one command?
Using -p argument along with mkdir command

SYSLOG Tutorial

January 25, 2014, 10:46 pm
$
0
0
Syslog is one of the most important standards used in Linux as it is the key file which helps you determine the different level of logs which are getting generated and stored every second while you are working on your Linux box. Syslog can be taken as "System Log".

The main configuration file for syslog is

For RHEL 5 and older
/etc/syslog.conf
For RHEL 6
/etc/rsyslog.conf

Benefits of syslog

  • Helps analyze the root cause for any trouble or problem caused
  • Reduce overall downtime helping to troubleshoot issues faster with all the logs
  • Improves incident management by active detection of issues
  • Self-determination of incidents along with auto resolution
  • Simplified architecture with different level of severity like error,info,warning etc


The syslog.conf file is the main configuration file for the syslogd which logs system messages on *nix Systems.  This file specifies rules for logging. Every rule consists of two fields, a selector field and an action field.  These two fields are separated by one or more spaces or tabs.  The selector field specifies a pattern of facilities and priorities belonging to the specified action.

Selectors

The selector field itself again consists of two parts, a facility and a priority, separated by a period (''.'').  Both parts are case insensitive.

For example
Kern.none, mail.info etc
Here
Kern = Facility
None = severity or priority

Facility

The facility is one of the following keywords: auth, authpriv, cron, daemon, kern, lpr, mail, mark, news, security (same as auth), syslog, user, uucp and local0 through local7.  The keyword security should not be used anymore and mark is only for internal use and therefore should not be used in applications.

Anyway, you may want to specify and redirect these messages here.  The facility specifies the subsystem that produced the message, i.e. all mail programs log with the mail facility (LOG_MAIL) if they log using syslog.

Facility Number

Keyword
Facility
Description
0
kern
kernel messages
1
user
user level messages
2
mail
mail system
3
daemon
system daemons
4
auth
security/authorization messages
5
syslog
messages generated internally by syslogd
6
lpr
line printer subsystem
7
news
network news subsystem
8
uucp
UUCP subsystem
9
clock daemon

10
authpriv
security/authorization messages
11
ftp
FTP daemon
12
-
NTP susbsystem
13
-
log audit
14
-
log alert
15
cron
clock daemon
16
local0
local use 0 (local0)
17
local1
local use 1 (local1)
18
local2
local use 2 (local2)
19
local3
local use 3 (local3)
20
local4
local use 4 (local4)
21
local5
local use 5 (local5)
22
local6
local use 6 (local6)
23
local7
local use 7 (local7)

Severity Levels

The priority is one of the following keywords, in ascending order: debug, info, notice, warning, warn (same as warning), err, error (same as err), crit, alert, emerg, panic (same as emerg).  The keywords error, warn and panic are deprecated and should not be used anymore. The priority defines the severity of the message
Integer
Facility
0
Emergency: System is unusable
1
Alert: Action must be taken immediately
2
Critical: critical conditions
3
Error: Error conditions
4
Warning: Warning conditions
5
Notice: Normal but significant conditions
6
Informational: Informational messages
7
Debug: Debug level messages

You can specify multiple facilities with the same priority pattern in one statement using the comma ('','') operator.  You may specify as much facilities as you want. Multiple selectors may be specified for a single action using the semicolon ('';'') separator.  Remember that each selector in the selector field is capable to overwrite the preceding ones.  Using this behavior you can exclude some priorities from the pattern.

Examples

Log all the critical events on your Linux machine in a separate log file inside /var/log with a name of critical.log
Append this line inside /etc/syslog.conf
*.=crit            /var/log/critical.log
Log all the kernel related messages in separate log file inside /var/log/firewall.log
Add a new line
Kern.*       /var/log/firewall.log

Add a new entry at the end of the below line
# Log anything (except mail) of level info or higher.
# don’t log private authentication messages!
# don’t log kernel related events and messages
*.info;mail.none;authpriv.none;cron.none;kern.none               /var/log/messages
Redirect all the error logs to a remote user root and Deepak on their terminals
# Messages of the priority alert will be directed
# to the operator
#
*.err                      root,deepak
Log all the firewall warning level messages inside /var/log/firewall-warning.log
Kern.warn                                           /var/log/firewall-warning.log

Support for Remote Logging

These modifications provide network support to the syslogd facility.  Network support means that messages can be forwarded from one node running syslogd to another node running syslogd where they will be actually logged to a disk file.

The strategy is to have syslogd listen on a unix domain socket for locally generated log messages.  This behavior will allow syslogd to inter-operate with the syslog found in the standard C library.  At the same time syslogd listens on the standard syslog port for messages forwarded from other hosts.  To have this work  correctly the /etc/services file must have the following entry:
Syslog 514/udp
If this entry is missing syslogd neither can receive remote messages nor send them, because the UDP port can’t be opened.  Instead syslogd will die immediately, blowing out an error message.

For example,
to forward ALL messages to a remote host uses the following syslog.conf entry:
                   # Sample syslogd configuration files to
                   # Messages to a remote host forward all.
                   *.*            @hostname
To forward all kernel messages to a remote host the configuration file would be as follows:
                   # Sample configuration files to forward all kernels
                   # messages to a remote host.

                   kern.*         @hostname

Follow the below links for more tutorials
What is a Kernel in Linux?
How does a DNS query works when you type a URL on your browser?
How to create password less ssh connection for multiple non-root users
How to create user without useradd command in Linux
How to unlink/delete a symbolic in Linux
How to give normal user root privileges using sudo in Linux/Unix
How to do Ethernet/NIC bonding/teaming in Red Hat Linux
How to install/uninstall/upgrade rpm package with/without dependencies
How to extract files to different directory using tar in Unix/Linux
How to preserve Symbolic links with tar command in Unix/Linux
How to give permission to user to run some commands in Linux

What is the difference between DNS A record and CNAME record ?

January 27, 2014, 6:22 am
$
0
0

A record

  • It is the Address records also known as host records
  • Points to the IP address reflecting the domain
  • Used for forward lookup of any domain name

For example:
Our website is configured on 50.63.202.15 IP so the A record of my domain name will point towards that IP.

Every time a query for golinuxhub.com is made the internet will lookup for contents stored on the machine with 50.63.202.15 this IP.

Can I use multiple A records for a single domain?
Yes, there can be multiple A records for a single domain but only that is not going to help you with failover in case you are planning for one. Using multiple A records for a single domain will help you create a round robin configuration.

For example you have used two IPs 192.168.0.1 and 192.168.0.2 for same domain name example.com so when a user hits the lookup query for example.com, the query would land on your nameservers. Now there the query can pick any of the A record entry and will load the page. So, basically the back end user does not gets to know the server from which the website was picked and loaded. There might be a possibility that simultaneously if another request is made for the same domain, another A record might be picked up for different user.

CNAME Record

  • It is short abbreviation for Canonical Name
  • Provides an alias name for same hostname
  • Helps create subdomains

NOTE: You can not create a CNAME record for the domain name itself (it should be done with A record)

For example:
golinuxhub.com is a domain name whereas www.golinuxhub.com is a sub domain name

Example using A records and CNAME records
                 IN  NS example.com.
example.com.     IN  A 192.168.0.100

www.example.com  IN CNAME example.com.
ftp.example.com  IN CNAME example.com.
test.example.com IN CNAME example.com.
In the above example I have defined the nameserver for my machine and the A record determines the IP address pointing to the name server

Also I have used CNAME record to use multiple sub domain names for the same nameserver i.e. www, ftp, test etc
Viewing all 392 articles
Browse latest View live
Search