Differences between revisions 1 and 13 (spanning 12 versions)
Revision 1 as of 2010-01-21 12:40:31
Size: 284
Editor: PieterSmit
Comment:
Revision 13 as of 2021-06-06 00:25:15
Size: 4089
Editor: PieterSmit
Comment: Remove spam
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
 * Setup and instalation notes.  * Set-up and installation notes.
Line 11: Line 11:
 * Start / Stop a service.
   {{{
    $ sudo /sbin/service httpd stop
    $ sudo /sbin/chkconfig httpd off
    OR
    System->Admin->Services
   }}}
 * YUM
   {{{
     yum localinstall xxxxx.rpm
     yum clean dbcache / all
   }}}
 * Persistent Kernel Configuration sysctl, add to /proc/sys
   {{{
     sysctl -a
     sysctl -p << Process sysctl.conf
   }}}
 * fdisk & partitions
  {{{
     partprove << reinitializes the kernel's in-memory version of the partition table
     e2label /dev/sdX MYfsLabel
       mount LABEL-MYfsLabel /mnt
     blkid << show all labels
     tune2fs -o acl,user_xattr /dev/sda2 << set default mount options., check with dumpe2fs
  }}}
 * ACL's (mounted with -o acl)
   * New files inherit default ACL from dir, mv and cp -p preserve ACL's
   {{{
   getfacl
   setfacl
   -m modify, -x remove, d-default set on dir
   }}}
 * Files in use
   {{{
      fuser -v /mnt/home << who is using file system
      fuser -km /mnt/home << kill all actions on a filesystem
      mount -o remount,rw /
      mount --bind /something /anotherthing

   }}}

 * NFS Filesystems /etc/fstab , activated by /etc/init.d/netfs
   {{{
      mount -t nfs server1:/var/ftp/pub /mnt/server1
      Line in /etc/fstab
      server1:/var/ftp/pub /mnt/server1 nfs defaults 0 0
   }}}
 * Automounter (autofs RPM) U5-P137
     /etc/auto.master: << contains dir in fs, and yet another config file with further specific mount options.
       /misc /etc/auto.misc
       /net -hosts << -hosts allow browsing of nfs shares (could also use -g flag)
       /home/guests /etc/auto.home.guests
       /- /etc/auto.direct << /- Allows auto.direct to mount anywhere in file-system

     /etc/auto.misc:
       server1 -ro,soft server1:/var/ftp/pub
       or
       cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom

     /etc/auto.home.guests
       * -fstype=nfs server1:/home/guests/& << Mounts nfs on server1 with same name as dir access local in /home/guests

 * Password
   * /etc/login.defs
   * modify user with # chage [opt] uname
   * groupadd -g 200 sales (GID=200)
   * Add Group: # usermod -a -G sales joshua ( without -a remove other groups)

 * Quota System
   1. Add to '''fstab''' entry '''usrquota''' or '''grpquota''', then mount -o remount /home
   1. crate quote db in top fs dir, # '''quotacheck -cug''' (use quotacheck -c /home to update)
   1. Start or stop quotas, '''quotaon''', '''quotaoff'''
   1. Set quota # '''edquota USER 4096 5120 40 50 /foo'''
   1. Copy user1 policy to user2 # edquota -p user1 user2
   
  * SELinux (user:role:type:sensitivity:category)
    1. # chcon -t tmp_t /etc/hosts << change security context.
    1. List all types # chcon --reference
    1. #restorecon /root/*
    * Modes Enforcing, Permissive, Disabled
      * /etc/sysconfig/selinux
      * system-config-securitylevel
      * getenforce and setenforce 0|1
      * GRUB selinux=0
 * NIS
   * # yum install portmap
   * # '''getent''' passwd

 * tcp_wrappers
   1. check with # ldd EXE
   1. /etc/hosts.allow
         sshd: ALL EXCEPT .cracker.org EXCEPT trusted.cracker.org
  
 * Samba
   {{{
   /etc/samba/smb.conf << well commented.
   # testparm << check syntax

   ads - Active Directory member, add with #net ads join -U Administrator

   encrypted passwords stored in /etc/samba/passdb.tdb
   add user with # smbpasswd -a user
   modify # smbpasswd user
   User needs local account translated through /etc/samba/smbusers or '''winbindd''' service.

   smbclient -L ''hostname'' << view shares

   mount -t cifs //stationX /mnt/samba -o user=Piet,dom=MyDomain,uid=500,file_mode=664

   }}}

RedHat

  • Set-up and installation notes.
  • Add new yum repo 
    •      sudo wget -P /etc/yum.repos.d/  ftp://server1/pub/gls/server1.repo
  • Start / Stop a service. 
    •     $ sudo /sbin/service httpd stop
    $ sudo /sbin/chkconfig httpd off
    OR
    System->Admin->Services
  • YUM 
    •      yum localinstall xxxxx.rpm
     yum clean dbcache / all
  • Persistent Kernel Configuration sysctl, add to /proc/sys 
    •      sysctl -a
     sysctl -p   << Process sysctl.conf

  • fdisk & partitions 

    •      partprove   << reinitializes the kernel's in-memory version of the partition table
     e2label /dev/sdX MYfsLabel
       mount LABEL-MYfsLabel /mnt
     blkid   << show all labels
     tune2fs -o acl,user_xattr /dev/sda2   << set default mount options., check with dumpe2fs
  • ACL's (mounted with -o acl)
    • New files inherit default ACL from dir, mv and cp -p preserve ACL's 
         getfacl
   setfacl
   -m modify,  -x remove,   d-default set on dir
  • Files in use 
    •       fuser -v /mnt/home    << who is using file system
      fuser -km /mnt/home   << kill all actions on a filesystem
      mount -o remount,rw  /
      mount --bind /something /anotherthing
  • NFS Filesystems /etc/fstab , activated by /etc/init.d/netfs 
    •       mount -t nfs server1:/var/ftp/pub  /mnt/server1
      Line in /etc/fstab
      server1:/var/ftp/pub  /mnt/server1  nfs  defaults  0 0
  • Automounter (autofs RPM) U5-P137

    • /etc/auto.master: << contains dir in fs, and yet another config file with further specific mount options.

      • /misc /etc/auto.misc

        /net -hosts << -hosts allow browsing of nfs shares (could also use -g flag) /home/guests /etc/auto.home.guests /- /etc/auto.direct << /- Allows auto.direct to mount anywhere in file-system

      /etc/auto.misc:
      • server1 -ro,soft server1:/var/ftp/pub or cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
      /etc/auto.home.guests

      • -fstype=nfs server1:/home/guests/& << Mounts nfs on server1 with same name as dir access local in /home/guests

  • Password
    • /etc/login.defs
    • modify user with # chage [opt] uname
    • groupadd -g 200 sales (GID=200)
    • Add Group: # usermod -a -G sales joshua ( without -a remove other groups)
  • Quota System

    1. Add to fstab entry usrquota or grpquota, then mount -o remount /home

    2. crate quote db in top fs dir, # quotacheck -cug (use quotacheck -c /home to update)

    3. Start or stop quotas, quotaon, quotaoff

    4. Set quota # edquota USER 4096 5120 40 50 /foo

    5. Copy user1 policy to user2 # edquota -p user1 user2
    • SELinux (user:role:type:sensitivity:category)

      1. # chcon -t tmp_t /etc/hosts << change security context.

      2. List all types # chcon --reference
      3. #restorecon /root/*
      4. Modes Enforcing, Permissive, Disabled
        • /etc/sysconfig/selinux
        • system-config-securitylevel
        • getenforce and setenforce 0|1
        • GRUB selinux=0
  • NIS
    • # yum install portmap

    • # getent passwd

  • tcp_wrappers
    1. check with # ldd EXE
    2. /etc/hosts.allow
      • sshd: ALL EXCEPT .cracker.org EXCEPT trusted.cracker.org
  • Samba 
    •    /etc/samba/smb.conf   << well commented.
   # testparm   << check syntax

   ads - Active Directory member, add with #net ads join -U Administrator

   encrypted passwords stored in  /etc/samba/passdb.tdb
   add user with # smbpasswd -a user
   modify # smbpasswd user
   User needs local account translated through /etc/samba/smbusers or '''winbindd''' service.

   smbclient -L ''hostname''    << view shares

   mount -t cifs //stationX  /mnt/samba -o user=Piet,dom=MyDomain,uid=500,file_mode=664

...

CategoryLinux

LinuxRedhat (last edited 2021-06-06 00:25:15 by PieterSmit)