Red Hat Certified Engineer

Red Hat Certified Engineer (RHCE) began in 1999 and has been earned by over 20,000 Linux experts.
Independent surveys have ranked the RHCE program as #1 overall for all of IT.*
* CertCities.com named RHCE the #1 “Hot Cert” in all of IT for 2006

Red Hat Certified Security Specialist

Red Hat Certified Security Specialist (RHCSS) is a new security certification that proves advanced skills
in using Red Hat Enterprise Linux, SELinux, and Red Hat Directory Server to meet the security
requirements of today’s enterprise environment.

RHCT/RHCE track overview:

RH033 Red Hat Linux Essentials

For individuals with no command-line experience in Linux or UNIX who want to develop skills for using
and customizing Red Hat Enterprise Linux workstations.

RH133 System Administration

For users of Linux/UNIX who want to start building skills in systems administration on Red Hat
Enterprise Linux to a level where they can attach and configure a workstation on an existing network.

RH253 Red Hat Linux Networking & Security Administration

Teaches skills necessary to setup a Red Hat Enterprise Linux server and configure common network
services and security at a basic level.

Linux History
1 By the beginning of the 90s home PCs were finally powerful enough to run a full blown UNIX.
Linus Torvalds, a young man studying computer science at the university of Helsinki, thought it
would be a good idea to have some sort of freely available academic version of UNIX, and
promptly started to code.
2 He started to ask questions, looking for answers and solutions that would help him get UNIX on
his PC. Below is one of his first posts in comp.os.minix, dating from 1991:

From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds)

Newsgroups: comp.os.minix
Subject: Gcc-1.40 and a posix-question
Message-ID: <1991Jul3.100050.9886@klaava.Helsinki.FI>
Date: 3 Jul 91 10:00:50 GMT
Hello netlanders,
Due to a project I'm working on (in minix), I'm interested in the posix
standard definition. Could somebody please point me to a (preferably)
machine-readable format of the latest posix rules? Ftp-sites would be
nice.
From the start, it was Linus' goal to have a free system that was completely compliant with the
original UNIX.That is why he asked for POSIX standards, POSIX still being the standard for UNIX.

Structure of LINIX
1 The kernel is the core of the system controlling hardware and performing lowlevel functions.
2 The shell is the command interpreter (user interface).
3 Two hundred + utility programs provide functions like file copy, text edit, software compilation
and so on.

The kernel
 The kernel is the "core" of any computer system: it is the "software" which allows users
to share computer resources.
1 The kernel interacts directly with system hardware, implements the file system,
manages memory, enforces security, performs I/o. If the system is muti-user, the kernel
provides the system timesharing capability.

General Shell functions

1 Interprets user commands
 2 Commands can be directly entered by the user, or can be read from a file called the shell
script or shell program
3 The shell reads commands from the script line per line and searches for those commands on
the system
4 Apart from passing commands to the kernel, the main task of a shell is providing a user
environment, which can be configured individually using shell resource configuration files

Shell types
1 sh or Bourne Shell
2 bash or Bourne Again shell
3 csh or C shell:
4 tcsh or Turbo C shell
5 ksh or the Korn shell

Hardware requirements for RHEL 5 Installation:

 CPU Speed - 600 Mhz and Above
 RAM - 256 MB
 HDD - 5 GB
 CD / DVD Rom Media - 12xx Faster

Basic commands for Linux

ls:
#ls - to list files and folders
#ls –l - to list files and folders, with these components
#ls –a - List all files and folder (Including hidden files)
#ls –la - List files and folders, with these components (Including hidden files)
#ls –il - List all files and filders, with these components and inodes
#ll - same as ls –l
#ls –l <file> - List particular file components
#ls –ld <folder> - List particular folder components
#ls –F - Listing & differentiate files and folder
#ls –lZ - to list a file components of SELinux
#ls –si - List only files & folders inodes
#ls –g - don’t list on user owner for files & folders
#ls /usr/bin | sort –r | more - list all files of reverse the result of alphabetical from /usr/bin
#lsof - to check what files are open your system
#less <file1> - list a file contents (cursor movements up and down)
#more <file> - list a file contents (cursor movements down only)
#ls > filelist - standard ls output redirect to “filelist”

cat:
#cat > file1 - Create new file1
#cat >> file1 - Edit an existing file1
#cat file - to list a file contents
#zcat file.gz - to list a Zip file contents
#cat –A file1 - to check end of lines for files whether space or not
#cat –b file1 - to check number of lines for a file
#cat /dev/null > /root/file1 - file1 contents are come into zero
#cat > file1 file2 - copy contents from file2 to file1

touch:
#touch <file> - create an emty file
#touch <file1> <file2>…. - create more than one file at a time

#gedit <file> - Gnome text editor for GUI

Adding Application Launchers:

To manually create an application launcher:
Example: assume the application is gedit
1. Right-click on a blank area of the desktop and choose Create Launcher
2. When the dialog opens, fill in the following fields
Type: Application
Name: Gnome editor
Command: /usr/bin/gedit
Comment: Text editer
Icon: <select>
3.Click OK

mkdir:
#mkdir <dir> - create a directory
#mkdir –p <dir/dir1> - create a directory in directory at a time

date:
#date - List system date & time
#date MMddhhmmyyyy- to set on system date & time
Eg: #date 102512502008
#date –u 102512502008 - to set Universal time
#date “+%m” - to list number of current month
#date “+%d” - to list number of current date
#date “+%y” - to list number of current year
#date “+%D” - to list number of current date, month, year

cal:
#cal - to list current month calendar
#cal 2000 | more - to list 2000 year calendar
#cal 5 2000 - to list a particular month and year calendar

wc:
#wc <file1> - to list counts of words, lines, characters for a file
#wc –l <file1> - to list number of lines for a file
#wc –c <file1> - to list number of character for a file
#wc –w <file1>- to list number of words for a file

bc:
#bc - An arbitrary precision calculator language
bc 1.06
Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc.
This is free software with ABSOLUTELY NO WARRANTY.
For details type `warranty'.
6*5
30
10+15
25

cmp:
#cmp <file1> <file2> - Compare two files
#cmp –l <file1> <file2> - Print the byte number (decimal) and the differing byte values
(octal) for each difference.

#alias c=clear - Create an alias or assign a short form for a command

#c - clear the screen
#watch -d cat /etc/passwd - showing output fullscreen
#mail root < /etc/passwd - mail goes to root user of passwd file contents

diff:
#diff <file1> <file2> - find differences between two files
#diff –c <file1> <file2> - differences Use the context output format between two files
#diff3 <file1> <file2> <file3> - find differences between three files
#diff –l file1 file2 >> /root/print - file differences are store in /root/print

ispell:
#ispell /etc/sysconfig/network - spell check to specified file contents
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=server1.example.com
NISDOMAIN=RHCE

-----------------------------------------------------------
1) IV 3) IRV
2) IPA

-----------------------------------------------------------
i) Ignore I) Ignore all
r) Replace R) Replace all
a) Add l) Add Lower
b) Abort x) Exit
-----------------------------------------------------------
?(here enter the above option)

head:
#head file1 - output the first part of a file
#head –c 10 <file1> - output the first 10 character of a file
#head –n 3 <file1> - output the first 3 lines of a file

tail:
#tail /etc/passwd - output the last part of a file
#tail –n5 /etc/passwd - output the last 5 lines of a file

#awk -F ":" '{print $1}' /etc/passwd - pattern scanning and processing

#gawk -F ":" '{print $1}' /etc/passwd - pattern scanning and processing

pwd
#pwd - Present working directory

echo:
#echo - display a line of text
#echo –-version - output version information and exit
#echo $PATH - Path of the user(mostly user command are stored in the below path)
#echo $(date) - to list out date & time
#echo $HOME - to list out user home directory
#echo $OSTYPE - list OS type (eg. Linux-gnu)
#echo “I Finished my projects on $(date)” >> /root/project
1 line of text are stored in the file of “project”
Helping Commands
#man <command> - format and display the command on-line manual pages
#info <command> - read Info a command
#<command> --help - List a Command help
#man ls >> /root/list - “ls” command man page store in /root/list

cp:
#cp file1 file2 - to copy a file
#cp file1 /root/file2 - to copy a file in to a folder
#cp –r dir1 dir2 - to copy a directory
#scp file1 root@172.24.0.1:/root/file2 - copy a file from one host to another host
#scp –r dir1 root@172.24.0.1:/root/ - copy a directory from one host to another host

mv:
#mv file1 file2 - rename a file from file1 in to file2
#mv file1 /root - move a file1 in to a directory

rm:
#rm file1 - remove a file
#rm –f file - remove a file without asking any confirmation
#rm –r dir1 - remove a directory
#rm –rf dir1 - remove a directory without asking any confirmation

tar:
#tar –cvf <file1.tar> <file1> - create a tar file
#tar –xvf file1.tar - to extract a tar file
#tar –xvzf file1.rar.gz - to extract zipped tar file
x-extract; v-verbose; z-zip; f-file;

cd:
#cd /dir1/dir2 - Change the current directory to dir
#cd .. - come from dir2 to dir1
#cd - come back to home directory

gpg:
#gpg -c file1 - to create an encryption file
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/pubring.gpg' created
Enter passphrase:
Repeat passphrase:(change file1 to file1.gpg)
#gpg file1.gpg - to decrypt on encrypted file
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: CAST5 encrypted data
Enter passphrase:

find:
#find / -name <file> - search for file in a directory hierarchy
#find /etc –name <file> - search for file in a /etc directory
#find /etc > /tmp/myfile & - listed etc folder contents are store in /tmp/myfile
#locate <filename> - find files by name

#type <command> - locate the path for a command

#whereis <command> - locate the binary, source, and manual page files for a command
#whatis <command> - search the whatis database for a command
#which <command> - which - shows the full path of (shell) commands

File compress
#gzip file1 - to create a zip file(file1 to file1.gz)
#gunzip file1.gz - to extract a zipped file
#bzip2 - to create a zip file(file1 to file1.bz2)
#bunzip2 file1.bz2 - to extract a zipped file
#zip <file1.z> <file1> - to create zip or compress (archive) files
#unzip file1.z - extract compressed files in a ZIP archive

shutdown:
#shutdown - system shutdown
#shutdown -h +10 - system shutdown after 10 min
#shutdown -r now - system shutdown now
#shutdown -h +5 "System needs a rest" - shutdown system after 5 min

reboot:
#reboot - system reboot
#reboot –f - force reboot
#halt - system halt
#poweroff - system power off

#lsmod - lists the modules that are currently loaded into the kernel
#modinfo <module> - list out a particular module information
#rmmod <module> - removes a module from the kernel
#modprobe <module> - automatically load modules to kernel

System Configuration Commands:

#system-config-authentication - Setting authentication for system
#system-config-packages - Installation package management
#system-config-date - Change to system date
#system-config-printer - printer configuration of GUI mode
#system-config-securitylevel - setting system firewall configuration
#system-config-language - change to system language setting
#system-config-selinux - setting SElinux firewall for system
#system-config-lvm - Create a LVM for GUI mode
#system-config-services - setting system background service configuration
#system-config-soundcard - setting system sound configuration
#system-config-network-cmd - list out Ethernet status of system
#system-config-time - Change to system time
#system-config-display - Change to display properties
#system-config-keyboard - Change to keyboard properties
#system-config-mouse - Change to mouse configuration

#timeconf - Change to system time

#setup - system configuration tool for all service
#lokkit - setting system firewall configuration
#authconfig-tui - setting authentication service

Running again Red Hat setup agent:

#vim /etc/sysconfig/firstboot
RUN_FIRSTBOOT=NO – to change YES
#firstboot - Now the Red Hat setup agent screen will be appear

vi or vim - Is a screen-oriented text editor

Command mode = ESC

Movement command: Inserting text:

h, j, k, l left, down, up, right a append after cursor
w, W, b, B forward, backward by word i insert before cursor
H top of the screen A append to end of line
M middle of the screen I insert at start of line
L last line of the screen o open a line below current line
Ctrl-F forward one screen O open a line above current line
Ctrl-B backward one screen r replace char
Ctrl-D forward half screen
Ctrl-U backward half screen

Delete text: Save and exit

x current character ZZ write if changes and quit
dh previous character :wq write and quit
dw current word :w filename save to new file
Db previous word :q! quit vi
dd entire line
d$ to end of line
d0 (zero) to start of line
ndd next n lines

Search
/pattern <RETURN> forward for a pattern
?pattern <RETURN> backward for a pattern
n repeat previous search
N repeat previous search in reverse direction

Undelete
p insert after cursor
P insert before cursor

Goto line
:linenumber
nG Goto line n
:7 Goto line 7

Undo
u the latest change
U all changes on a line

#vim -x <file1> - Use encryption when writing files

Enter encryption key:
Enter same key again: (we can’t able to access without key)

#vim file1 file2 - copy some contents from file1 to file2

Esc + no.of lines + yy (copy some lines from file1)
:n (go to file2)
p (paste to file2)

uname:
#uname –a - print all system information
#uname –r - print the kernel release versions
#uname –s - print the kernel name
#uname –n - print the network node hostname
#uname –m - print the machine hardware name
#uname –p - print the processor type or "unknown"

#uptime - tell how long the system has been running

#vmstat -
#last - list out system last login status
#awk -F ":" '{print $1}' /etc/passwd - pattern scanning and processing
#getent passwd | sort -t ":" -k 3 -g | more - get entries from administrative database

chattr:
#chattr +i or a <file> - to change attribute or read only a file
#lsattr <file> - we can check a file whether attribute or not
#chattr –i or a <file> - release from attribute

Scheduling Tasks: cron,at

at:
#at 13:00 - executes jobs at a specified time
at> touch aaa
at> <EOT>
job 1 at 2008-04-24 13:00
#at 12:09 July 15 2008 - executes jobs at a specified date & time
#at –l - to list jobs queue
2 2008-07-15 12:09 a root
1 2008-04-24 13:00 a root
# at -d 2 - to remove a specified job

cron:
#crontab –e
#crontab –eu <user>
minute hour day-month month day(s)-week task
0 2 * * 1-5 tar cf /home/ backp /home/projects
0 2 * * Mon-Fri tar cf /home/backp /home/projects
0 2 * * 0,3,5 tar cf /home/backp /home/projects
12 12 * * * /bin/cp /root/hai /mnt/raj

#chkconfig crond on
#service crond restart

#cat /var/spool/cron/root - root user crontab file

#cat /var/spool/cron/<user> - normal user crontab file

#crontab –l - list out root cron entry

#crontab –lu <user> - list out user cron entry from root

System Run levels: telinit, init, and shutdown

The following runlevels are defined by default under Red Hat Enterprise Linux:
1 . 0 . Halt (or) Shutdown
2 . 1 . Single-user text mode
3 . 2 . multiuser mode without NFS
4 . 3 . Full multi-user text mode
5 . 4 . Not used
6 . 5 . Full multi-user graphical mode (with an X-based login screen)
7 . 6 . Reboot

#runlevel - check the system default runlevel

N5
#vim /etc/inittab - system runlevel configuration file
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
Line no:18 id:5:initdefault: - that lines define your system default runlevel
(ID – 5 it is defined that the system default runlevel is GUI)

Add more user interface terminals in system:

(no of system default user interface terminal is 6)
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
Line no:51 7:2345:respawn:/sbin/mingetty tty7 – add a new line for terminal 7

# Run xdm in runlevel 5

x:5:respawn:/etc/X11/prefdm –nodaemon - If we put in # symbol before this lines the
system will not boot at GUI mode

# system-config-services - GUI mode runlevel configuration

init or telinit:
switching to one runlevel to another runlevel using the following commands:
#init 0 or #telinit 0 - system halt or power off
#init 1 or #telinit 1 - single user mode
#init 2 or #telinit 2 - multiuser mode
#init 3 or #telinit 3 - full multiuser mode
#init 5 or #telinit 5 - GUI or graphical mode
#init 6 or #telinit 6 - system reboot
#init s or #telinit s - single user mode
#init S or #telinit S - single user mode

System Monitoring
System Processes:
#ps - list out current terminal process
#ps –au - List all system terminal process
#ps –ef - list all system process
#ps aux | less
#pidof <process> - list out system process id
#ps aux | grep emacs - list out system process information
#ps aux | egrep cron - same as grep
#ps aux | fgrep cron - same as grep
#pgrep sendmail - list out system process information
#pstree - display the tree of process
#ps –U root –u root –N - see every process except running as root
#ps –u <user> - see process run by a user
#top - displays currently running processes and important information about
them including their memory and CPU usage.
#gnome-system-monitor - displays GUI mode system running process
#dmesg - list out disk boot message
#dmesg –c - clear all the disk boot message

kill:
#kill <Process ID> - terminate a process
#killall <Process name> - kill process by name

#vmstat - Monitoring bandwidth and CPU utilization

#lsof - lists information about files opened by processes
#lsof | grep sshd - list information about files opened by a process

Memory Usage:
#free - displays the total amount of physical memory and swap space
#free –m - shows the same information in megabytes
#uptime - Prints the system uptime

Data backup
#dump -f /mnt/backup /root/file1 - file1 backup are stored in /mnt/backup
#restore –ivf /mnt/backup - restore backup file
restore > ls
restore > add root
Make node ./root
restore > ls
2 ./ 2 ../ 1438977 *root/
restore > extract
Extract requested files
You have not read any volumes yet.
Unless you know which volume your file(s) are on you should start
with the last volume and work towards the first.
Specify next volume # (none if no more volumes): 1
extract file ./root/anaconda-ks.cfg
Add links
Set directory mode, owner, and times.
set owner/mode for '.'? [yn] n
restore > quit

Linux filesystem
File system:
The file system provides the structure in which information is stored on the Computer.
Information is stored in files, primarily on hard disks inside the computer.
File System Hierarchy Standard (FHS) for Linux:

Directory Description
/ - root directory of the entire file system hierarchy.
/bin - Essential command binaries that need to be available in single user mode
/boot - Boot loader files
/dev - Essential devices
/etc - Host-specific system-wide configuration files
/home - Users' home directories - containing saved files, personal settings etc
/lib - Libraries essential for the binaries in /bin/ and /sbin
/media - Mount points for removable media such as CD-ROMs
/mnt - Temporarily mounted filesystem
/opt - Optional application software packages
/sbin - Essential system command binaries
/root - Home directory for the root user
/proc - Virtual filesystem documenting kernel and process status as text files
/srv - Site-specific data which is served by the system
/tmp - Temporary files
/usr - Secondary hierarchy for user data, contains the majority of user utilities and
Applications
/var - Variable files, such as logs, spool files, and temporary e-mail files

Linux filesystem format types:

Minix - is the filesystem used in the Minix operating system
Ext - is an elaborate extension of the minix filesystem
ext2 - high performance disk filesystem used by Linux for fixed disks as
well as removable media
ext3 - is a journaling version of the ext2 filesystem
msdos - is the filesystem used by DOS, Windows, and some OS/2 computers
vfat - extended DOS filesystem used by Microsoft Win 95 and Windows NT
proc - pseudo-filesystem which is used as an interface to kernel data
structures
hpfs - is the High Performance Filesystem, used in OS/2
nfs - is the network filesystem used to access disks located on remote
computers
smb - is a network filesystem that supports the SMB protocol
tmps - is a temporary file system
mntfs - is a mounting file system
swapfs - is a swap file system
ufs - is a unix file system

File Systems:
#df - reports the system's disk space usage
#df –h - human-readable format for system's disk space usage
#du –hs /etc/passwd - displays the estimated amount of space being used by files in a
Directory
#du –hcs * - list out all file size in a directory or disk,

Hardware:
#yum install hwbrowser* - install system hardware browser tool
#hwbrowser - displays GUI mode system hardware browser
#lspci - to list all PCI devices
#lspci –v - verbose information all PCI devices
#cd /proc - The contents of the proc directory can also be used to gather
#ls - more detailed system information
#vim /proc/filesystems - displays a list of the file system types currently supported by
the kernel
#vim /proc/devices - number and name of the device (Character & Block devices)
#vim /proc/cpuinfo - identifies the type of processor used by your system
#vim /proc/iomem - current map of the system's memory for each physical device
#vim /proc/ioports - list of currently registered port used for input or output
communication with a device.
#vim /proc/meminfo - reports valuable information about the systems RAM usage.
#vim /proc/modules - displays a list of all modules loaded into the kernel
#vim /proc/partitions - contains partition block allocation information
#vim /proc/mounts - list of all mounts in use by the system
#vim /proc/uptime - how long the system has been on since its last restart
#vim /proc/version - list the version of the Red Hat Linux kernel
#vim /proc/net/arp - list the hardware address to an IP address on a system

#/etc/sysconfig/authconfig
The /etc/sysconfig/authconfig file sets the following authorization to be used on the host..
1 MD5 authentication
2 Kerberos authentication
3 LDAP authentication
.
# /etc/sysconfig/autofs
The /etc/sysconfig/autofs file defines custom options for the automatic mounting of devices.

#vim /etc/sysconfig/clock
The /etc/sysconfig/clock file controls the interpretation of values read from the system hardware clock.

#vim /etc/sysconfig/desktop
The /etc/sysconfig/desktop file specifies the desktop for new users and the display manager to
run when entering runlevel 5.

#vim /etc/sysconfig/i18n
The /etc/sysconfig/i18n file sets the default language, any supported languages, and the default
system font.

#vim /etc/sysconfig/init
The /etc/sysconfig/init file controls how the system appears and functions during the boot
process.

Managing Files and Directories

File System Terms

1 Extension
2 Path
3 Permission
4 Inode

File Types
Compressed and Archived Files:
1 .bz2. - a file compressed with bzip2
2 .gz. - a file compressed with gzip
3 .tar. - a file archived with tar (short for tape archive),
4 .tbz or .tar.bz. - a tarred and bzipped file
5 .tgz or .tar.gz. - a tarred and gzipped file

File Formats:
1 .au - audio file
2 .gif - GIF image file (short for Graphics Interchange Format)
3 .html or .htm - HTML file (short for Hyper Text Markup Language)
 4 .jpg - JPEG image fle (short for Joint Photographic Experts Group)
5 .pdf - electronic image of a document; (PDF-Portable Document Format)
6 .png - PNG image file (short for Portable Network Graphic)
7 .ps - PostScript file; formatted for printing
8 .txt - plain ASCII text file
9 .wav - audio file
10 .xpm - image file (short for X Pixelmap)

System Files:
1 .conf a configuration file; sometimes use the .cfg extension, as well
2 .lock a lock file; determines whether a program or device is in use
3 .rpm a Red Hat Package Manager file used to install software

Programming and Scripting Files:

1 .c - a C program language source code file
2 .cpp - a C++ program language source code file
3 .h - a C or C++ program language header file
4 .o - a program object file
5 .pl - a Perl script
6 .py - a Python script
7 .so - a library file
8 .sh - a shell script
9 .tcl - a TCL script

File and Folder Administration

File components
1 File name
2 File types
3 Data blocks
4 Inodes

File types
1 d = directory
2 l = symbolic link
3 s = socket
4 p = named pipe
5 - = regular file
6 c = character (unbuffered) device file
7 b = block (buffered) device file

#ls –l <file1>
Permission field Links Owner Group Bytes modification
| | | | | | |
drwxrwxrwx 4 root root 122 Dec 12 18:02 file1

File Permissions:
- rw- r-- r-- - The permissions are shown on the left-hand side of the file
| | | |
T U G O T – types; U-user; G-group; O-others;

Note: Default system permission for file = -rw-r--r--(644)

Default system permission for folder = drwxr-xr-x (755)

Ten characters are shown

1 The first character determines whether it’s a regular or a special file
2 The remaining nine characters are grouped in threes, These are determine User, Group and
others permission for file.

Numeric Value for permission

r - read - 4 read - This is only found in the read field.
w - write - 2 write - This is only found in the write field
x - execute - 1 execute - This is only found in the execute field
s - setuid - This is only found in the execute file

Permissions vs Numeric
r+w+x -7 w+x -3
r+w -6 w -2
r+x -5 x -1
r -4

Permission change to file and dir:

#chmod u+r <file/dir - give to write permission for user of the file
#chmod g+r+w <file/dir> - give to read and write permission for group of the file
#chmod u-x <file/dir> - get execute permission from user for a file
#chmod 775 <file/dir> - give to user, group and others permission at a time

umask
#umask 555 - masking read and write permission for user, group and others
#umask 777 - masking all permission for user,group and others

#touch file1
#ls –l file1
---------- 1 root root 0 May 16 15:44 file1

Change owner of the file or dir:

#ls –l file1
-rw-r--r-- 1 root root 0 May 16 16:19 file1
#chown user1 file1 - to change user owner for file or dir
#ls –l
-rw-r--r-- 1 user1 root 0 May 16 16:19 file1

#chown stg:sysadmin file1 - to change user and group owner for a file
#ls –l file1
-rw-r--r-- 1 stg sysadmin 0 May 16 16:19 file1
#chgrp sysuser file - to change group owner of the file

ACL – Accesss Control List

#fdisk /dev/had - create a partition
Command (m for help):n
First cylinder (4791-4869, default 4791):
Last cylinder or +size or +sizeM or +sizeK (4791-4869, default 4869): +500M
Command (m for help):w
#partprobe
#mkfs.ext /dev/hda5 - format a partition
#mkdir /data - create a directory for partition mount
#mount /dev/hda5 /data - mount partition a directory

#vim /etc/fstab - to edit in file for permanent mount and ACL

/dev/hda5 /data ext3 defaults,acl 0 0
:wq!
#mount –a
#mount –o remount,acl /data - remount for ACL

#setfacl –m u:user1:rwx /data - setting ACL for user1 in /data

or
#setfacl –m u:user1:7 /data
# getfacl /data - to list ACL information for /data
# file: data
# owner: root
 # group: 505
user:user1:rwx
user::rwx
group::r-x
other::r-x
note: Now user1 can able to access (read,write,excecute) /data

# setfacl -x u:user1 /data - to remove ACL entry from a directory

User and Group Administration

User configuration:
#useradd <user> - create a new user
Or
#adduser <user> - create a new user
#passwd <user> - setting password a user
Changing password for user ram.
New UNIX password:
BAD PASSWORD: it is WAY too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

#su - <user> - switching user or login to user

#pwd
/home/<user> - default home directory for user

#id - list UID and GID for a user

#id –u - list login UID for a user
#id –g - list login GID for a user
#id <user> - list UID and GID for a user

#mkdir /data - create dir for setting user home directory

#useradd –d /data/user1 user1 – create a user at another directory
#su – user1 - switching to a user
#pwd
/data/user1 - list out user1 home directory

#exit - exit from login user or process

#logout - exit from login user or process

User management files:

* /etc/passwd * /etc/shadow

#grep user1 /etc/passwd

user1:x:500:501::/home/user1:/bin/bash
user1 – username; 500-UID; 501-GID; x - passwd ;
/home/user1-user home directory; /bin/bash – login shell;

#grep user1 /etc/shadow

user1:$1$hoyAUH3r$prcM0AUK0CimVsImXoR4h0:13983:0:99999:7:::
user1 – username;
$1$hoyAUH3r$pimVsImXoR4h0 – shadow password encryption key for user1
13983 - account valid date
99999 - max password age
0 - min password age
7 - warning days before password expiry

Setting user & group ID:

#useradd –u 510 <user> - setting user ID for new user.
#usermod –u 510 <user> - change user ID for existing user
#useradd –g 510 <user> - setting group ID for new user
#usermod –g 510 <user> - change group ID for existing user
#useradd –u 510 –g 515 <user> - setting both UID & GID for new user
#usermod –u 510 –g 515 <user> - change both UID & GID for existing user

Setting Primary & Secondary group:

#useradd –g <group> <user> - setting primary group for user
#usermod –g <group> <user> - change primary group for existing user
#useradd –G <group> <user> - setting secondary group for a user
#usermod –G <group> <user>- setting secondary group for existing user
#useradd –g <p.group> -G <s.group> <user> - setting both Primary & secondary group for user
Example:
#groupadd sysadmin - add a new group
#useradd –G sysadmin stg - setting secondary group sysadmin for stg user

#grep stg /etc/passwd

stg:x:500:501::/home/stg:/bin/bash - the UID is 500, primary GID is 501

#grep sysadmin /etc/group

sysadmin:x:500:stg - sysadmin is secondary group for stg user
stg:x:501: - stg is primary group for stg user

note:
Whenever we will create a user automatically one group will be create that group name is
same as user name. This group is the primary group of that user

User rename:
#usermod –l <new name> <old name> - rename a user

Changing shell for User:

#usermod –s /sbin/nologin <user> - to change nologin shell for user
#chsh <user> - setting new shell for user
Changing shell for stg.
New shell [/bin/bash]: /sbin/nologin
Shell changed.

Password lock:
#passwd -l <user1> - password lock for a user1
#grep user1 /etc/shadow - to check whether password lock or not for user1
user1:!!$1$hoyAUH3r$prcM0AUK0CimVsImXoR4h0:13983:0:99999:7:::
!! - that symbol define is whether password lock or not
#passwd -u <user1> - password unlock for a user1

Password Aging
#chage –l <user1> - list out password status for user1
Last password change : Apr 12, 2008
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires :7

#usermod –e 2005-03-05 <user1> - Account expires : Dec 03, 2005

#chage –E never <user1> - to remove account expiry for user1
#chage –d 2005-12-10 <user1> - to setting last password change date for user1
#chage –I 3 <user1> - to setting Inactivation days for user1
#chage –m 5 <user1> - Minimum number of days between password change
#chage –M 999 <user1> - Maximum number of days between password change
#chage –w 2 <user1> - Number of days of warning before password expires
or
#chage <user1> - to setting Account Expiry, Inactivation date, Warning,
Maximum & minimum date user1 at a time.
Changing the aging information for stg
Enter the new value, or press ENTER for the default

Minimum Password Age [0]:

Maximum Password Age [99999]:
Last Password Change (YYYY-MM-DD) [2000-12-10]:
Password Expiration Warning [7]:
Password Inactive [-1]:
Account Expiration Date (YYYY-MM-DD) [1969-12-31]:

Group configuration:
#groupadd <group> - create new group
#groupadd –g 505 <group> - setting group ID for new group
#groupmod –g 512 <group1> - setting group ID for existing group
#groupmod –n <new name> <old name> - group rename for a group
#gpasswd <group> - setting passwd for a group
#grep group1 /etc/gshadow
group1:ExNL83L8h2AcY::

#gpasswd -a stg123 sysadmin - add a user in secondary group sysadmin

#gpasswd -d stg123 sysadmin - remove a user from secondary group sysadmin

#vim /etc/group - group administration file

#vim /etc/gshadow - group passwd management file

#man 5 group. - The file containing group information for the system.
#man 5 passwd. - The file containing user information for the system.
#man 5 shadow . - containing passwd and account expiration information for a system

#pwck /etc/passwd - verify integrity of password file

#pwck /etc/shadow - verify integrity of shadow file
#pwck /etc/group - verify integrity of group file

#grpck /etc/gshadow - verify integrity of gshadow file

#grpck /etc/group - verify integrity of group file

User Information:
#finger - displays information about the system login users
#finger <user1> - displays information about the system users
Login: stg Name: (null)
Directory: /home/stg Shell: /bin/bash
Never logged in.
No mail.
No Plan.

#finger –s <user1> - displays information about the system users

Login Name Tty Idle Login Time Office Office Phone
stg * * No logins

#chfn -o Manager <user1> - to setting office Name for user1

#chfn -f Jane <user1> - to setting Full name for user1
#chfn –p 985687947 <user1> - to setting another phone number for user1
#chfn –h 044567894 <user1> - to setting home phone number for user1
#chfn <user1>
Changing finger information for user1.
Name [stgword]: raaj
Office [45686993]: manager
Office Phone [45686993]: 538463
Home Phone [6993]: 5623365
Finger information changed.

#who - show who is logged on

root pts/1 2008-04-22 13:57 (172.24.0.2)

#who –a - listing system terminal status, login users, process status,

runlevel etc..
#who –r - list at system runlevel
#who –b - time of last system boot
#who –d - print dead processes
#who –q - count all login names and number of users logged on

#whoami - Print the user name with the current effective user ID
#who am i - show who is logged on
#id - Print the user name with the current user ID & Group ID

#w - Show who is logged on and what they are doing

GUI user & group configuration:

#system-config-rootpassword
#system-config-users

#vim /etc/login.defs - system users management file

MAIL_DIR /var/spool/mail (mail box for system users)

PASS_MAX_DAYS 99999 (passwd expiry maximum)

PASS_MIN_DAYS 0 (passwd expiry minimum)
PASS_MIN_LEN 5 (minimum password length)
PASS_WARN_AGE 7 (password expiry warning date)

UID_MIN 500 (minimum normal UID)

UID_MAX 60000 (maximum normal UID)
GID_MIN 500 (minimum normal GID)
GID_MAX 60000 (maximum normal GID)

CREATE_HOME yes (setting home directory while create a new user)

USERGROUPS_ENAB yes (setting groups while create a new user)

SUDO - Give selective super user powers to users or a group of users

Sudo is a program which can be used by normal users to execute programs as super user or
any other user - provided they are given the rights to do so.

#vim /etc/sudoers (or) - Sudo configuration file

#visudo
To give a specific group of users limited root privileges, edit the file with visudo as follows:
Line no:21
User_Alias ADMINS=user1,user2,group1 – list users and groups allowed to use the sudo
command
The command alias sections are:
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
Cmnd_Alias LOCATE = /usr/sbin/updatedb
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
Cmnd_Alias DRIVERS = /sbin/modprobe
Cmnd_Alias ADMIN = /usr/sbin/useradd /usr/bin/passwd
Line no:77
ADMINS ALL=STORAGE - only give to specified command alias section(STORAGE) for
users and group
 user1 ALL=ALL - give to all command alias privilege for a particular user

user1 ALL=/usr/sbin/useradd - Allows user to add a new user the as root

%group1 ALL=/sbin/shutdown -h now - Allows members of the users group1 to
shutdown this system
user1 172.20.10.10=/usr/sbin/useradd - users can run a command on which machines

%group1 172.20.10.10=ALL !DRIVERS - give to all privilege except DRIVER

user1 ALL=ALL !DRIVERS -give to all privilege except DRIVER command alias for a user

%group1 ALL=ALL !DRIVERS - give to all privilege except DRIVER command alias for group

user ALL=(ALL) NOPASSWD: ALL - Same thing without a password

%group1 ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING

- Allows members of the ‘group1’ group to run networking,
software, service management and more.

System Devices :File

Floppy drive:
First floppy (Microsoft A: drive) = /dev/fd0
Second floppy (Microsoft B: drive) = /dev/fd1

Hard drive:
IDE1 hard drive/CD-DVD master IDE drive = /dev/hda
(primary IDE1 connector) slave IDE drive = /dev/hdb
IDE2 hard drive/CD-DVD master IDE drive = /dev/hdc
(secondary IDE2 connector) slave IDE drive = /dev/hdd

SCSI / SATA hard drive First SCSI drive = /dev/sda

SCSI CD/DVD drive Second SCSI drive = /dev/sdb
… Twenty-seventh SCSI drive = /dev/sdaa and so on

Parallel port drives First IDE drive = /dev/pd1

First tape drive = /dev/pt1

Linux partition:(Using “fdisk” Command)

#fdisk - list all disk information
#fdisk –l - to list all system partition

Create a partition:
#fdisk /dev/hda - create a partition for first primary IDE
#fdisk /dev/sdc - create a partition for the third SCSI disk
#fdisk /dev/eda - create a partition for the first PS/2 ESDI drive
#fdisk /dev/rd/c0d0 or fdisk /dev/ida/c0d0 - create a partition for RAID devices

The number of cylinders for this disk is set to 4870.

There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): m

Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
 l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition's system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)

Command (m for help): p (print partition information)

Disk /dev/hdc: 40.0 GB, 40060403712 bytes

255 heads, 63 sectors/track, 4870 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System

/dev/hdc1 * 1 1275 10241406 7 HPFS/NTFS
/dev/hdc2 1276 4869 28868805 f W95 Ext'd (LBA)
/dev/hdc5 1276 3187 15358108+ b W95 FAT32
/dev/hdc6 3188 3200 104391 83 Linux
/dev/hdc7 3201 4475 10241406 83 Linux
/dev/hdc8 4476 4736 2096451 82 Linux swap / Solaris

Command (m for help): n

Command action
l logical (5 or over)
p primary partition (1-4)
l
First cylinder (4765-4869, default 4765):
Using default value 4765
Last cylinder or +size or +sizeM or +sizeK (4765-4869, default 4869): +500M

Chage partion system ID:

Command (m for help): t
Partition number (1-13): 13
Hex code (type L to list codes): l (list known partition type)
Hex code (type L to list codes): 8e (give to hex code for partition type)
Changed system type of partition 13 to 8e (Linux LVM)

Delete a partition:
Command (m for help): d
Partition number (1-13): 13

Command (m for help):wq

The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.

#partprobe - inform the OS of partition table changes

Format a Partition:
#mkfs.ext3 /dev/hda13 - format a partition
or
#mkfs –t ext3 /dev/hda13 - format a partition

Mount a partition:
#mkdir /data - create a directory for mount
#mount /dev/hda13 /data - mount a partition under /data
#vim /etc/fstab - to enter the below entry in file for permanent mount
/dev/hda13 /data ext3 defaults 00
:wq!

#mount –a - mount all file systems mentioned in /etc/fstab

#mount - to list out all mounted file system in linux
/dev/hdc7 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/hdc6 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
/proc on /var/named/chroot/proc type none (rw,bind)
/var/run/dbus on /var/named/chroot/var/run/dbus type none (rw,bind)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)

#df –h - displays the amount of disk space available on the file system
Filesystem Size Used Avail Use% Mounted on
/dev/hdc7 9.5G 5.0G 4.1G 56% /
/dev/hdc6 99M 11M 83M 12% /boot
tmpfs 470M 0 470M 0% /dev/shm
/dev/hda13 476M 0 476M 0% /data

#cat /etc/mtab - List out all partition & its mount information
#cat /proc/mounts

Data erase for partition:

#umount /data - unmount a partition from mount point

# fsck -t ext3 /dev/hda13 - erases all data on the specified partition

fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
/dev/hdc13: clean, 14/26104 files, 8966/104388 blocks

#fsck.ext3 /dev/hda13 - Check all data on the specified partition

e2fsck 1.39 (29-May-2006)
/dev/hdc13: clean, 14/26104 files, 8966/104388 blocks

#mount /dev/hda13 /data - mount again cleaned partition to /data

#fsck /dev/hda13 - checking an ext3 filesystem for /dev/hda13
fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
/dev/hdc13 is mounted.

WARNING!!! Running e2fsck on a mounted filesystem may cause

SEVERE filesystem damage.
Do you really want to continue (y/n)? yes

/dev/hdc13: clean, 14/26104 files, 8966/104388 blocks

Linux partition:(Using “parted” Command)
# parted
 GNU Parted 1.8.6
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) help - Help menu

(parted) print - print all partition information

Model: ATA VMware Virtual I (scsi)
Disk /dev/sda: 16.1GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos

Number Start End Size Type File system Flags

1 32.3kB 107MB 107MB primary ext3 boot
2 107MB 8497MB 8390MB primary ext3
3 8497MB 9122MB 625MB primary linux-swap
4 9122MB 16.1GB 6983MB extended
5 9122MB 9221MB 98.7MB logical ext3

(parted) mkpart - create new partition

Partition type? [logical]?
File system type? [ext2]? ext3
Start? 9222
End? 9321

(parted) rm 6 - remove a partition

(parted) quit - quit from parted program

(parted) mkfs - make filesystem a format

Warning: The existing file system will be destroyed and all data on the partition will be lost. Do
you want to continue?
Yes/No? yes
Partition number? 5
File system? [ext2]?
Note: Support for creating ext2 file systems is not implemented ext3.

Adding Swap Space (add a swap partition)

#swapoff /dev/hda3
#fdisk /dev/sda
The number of cylinders for this disk is set to 1958.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help):p

Disk /dev/sda: 16.1 GB, 16106127360 bytes
255 heads, 63 sectors/track, 1958 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System

/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 1033 8193150 83 Linux
/dev/sda3 1034 1109 610470 82 Linux swap / Solaris

Command (m for help):d

Partition number (1-4): 3
Command (m for help): n
Command action
e extended
 p primary partition (1-4)
p
Partition number (1-4): 3
First cylinder (1034-1958, default 1034):
Using default value 1034
Last cylinder or +size or +sizeM or +sizeK (1034-1958, default 1958): +750M

Command (m for help): t

Partition number (1-4): 3
Hex code (type L to list codes): 82
Changed system type of partition 3 to 82 (Linux swap / Solaris)

Command (m for help): wq

The partition table has been altered!
You have new mail in /var/spool/mail/root
[root@system100 ~]# partprobe /dev/sda

#mkswap /dev/sda3
Setting up swapspace version 1, size = 756719 kB
#swapon /dev/sda3

Adding Swap Space (add a swap file)

Sometime if you do not have any free space available in ur system It is recommended
#dd if=/dev/zero of=/swapfile bs=1024 count=65536
#mkswap /swapfile
Setting up swapspace version 1, size = 67104 kB
#swapon /swapfile

#vim /etc/fstab - enable swap at boot time

/swapfile swap swap defaults 00

#cat /proc/swaps - view the system swap information

Filename Type Size Used Priority
/dev/sda3 partition 738980 23076 -2
/swapfile file 65528 0 -3

IP NETWORKING
#ifconfig - check IP address / netmask /broadcast/MAC address Etc..
#ifconfig eth0 - to check specific Ethernet Interface properties
#ifconfig eth0 172.24.0.10 netmask 255.255.0.0 broadcast 172.24.255.255
- setting IP Address for a specific Ethernet interface
#ifconfig eth0 arp - Enable use of the ARP protocol on this interface
#ifconfig eth0 –arp - Disable use of the ARP protocol on this interface
#ifconfig eth0 up - Setting Ethernet interface to be up
#ifconfig eth0 down - Setting Ethernet interface to be down

#netconfig - setting IP address for a Ethernet

#ifup eth0 - Ethernet interface up
#ifdown eth0 - Ethernet interface down
#system-config-network-tui - Setting IP address on TUI mode
#system-config-network-gui - Setting IP address on GUI mode
#system-config-network-cmd - Setting IP address on Command mode
#dmesg | grep eth0 - List out NIC information
#ip route ls - list out the multiple Ethernet cards I/O status.

Network Configuration Files

#vim /etc/hosts
#vim /etc/resolv.conf
#vim /etc/sysconfig/network
#vim /etc/sysconfig/network-scripts/ifcfg-eth0
Assign Virtual IP on a single Ethernet Interface
#cd /etc/sysconfig/network-scripts
#cp ifcfg-eth0 ifcfg-eth0:1
#vim ifcfg-eth0:1
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
NETWORK=192.168.1.0
NETMASK=255.255.255.0
IPADDR=192.168.1.35
GATEWAY=192.168.1.1
:wq!

#chkconfig network on
#service network restart
#ifconfig
eth0 Link encap:Ethernet HWaddr 00:11:11:BB:04:32
inet addr:172.24.254.254 Bcast:172.24.255.255 Mask:255.255.0.0
inet6 addr: fe80::211:11ff:febb:432/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10601566 errors:0 dropped:0 overruns:0 frame:0
TX packets:10611716 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:678410632 (646.9 MiB) TX bytes:577259667 (550.5 MiB)

eth0:1 Link encap:Ethernet HWaddr 00:11:11:BB:04:32

inet addr:192.168.1.35 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

route:
#route - show the IP routing table
#route add –net 172.24.0.0 netmask 255.255.0.0 dev eth0
- add a routing for a network
#route add –host 172.24.0.2 dev eth0 - add a routing table for a host
#route del –host 172.24.0.2 - delete a routing table for a host

#kudzu - detects and configures new and/or changed hardware on a system

Print Commands
#lpr <file1> - The basic print command. lpr filename prints that file.
#lpr -l - lists print job numbers
#lpq - Query the print queue for status.
#lprm - Remove a specific job, from the printer queue

LVM Logical Volume Manager

In computer storage, logical volume management or LVM is a method of allocating space on mass
storage devices that is more flexible than conventional partitioning schemes.

There are now two version of LVM for Linux

1 LVM 1 - The version that is in the 2.4 series kernel
2 LVM 2 - The latest and greatest version of LVM for Linux

Physical Volume (PV)

A physical volume is typically a hard disk, though it may well just be a device that 'looks' like a hard
disk.

Create the Physical Volumes (PVs)

Create a partition:
#fdisk /dev/hda - create a partition for first primary IDE
Command (m for help): n
Command action
l logical (5 or over)
p primary partition (1-4)

l
First cylinder (4765-4869, default 4765):
Using default value 4765
Last cylinder or +size or +sizeM or +sizeK (4765-4869, default 4869): +500M

Chage partion system ID:

Command (m for help): t
Partition number (1-13): 13
Hex code (type L to list codes): l (list known partition type)
Hex code (type L to list codes): 8e (give to hex code for partition type)
Changed system type of partition 13 to 8e (Linux LVM)

Command (m for help): w

#partprobe - inform the OS of partition table changes
#mkfs.ext3 /dev/hdc6 - format a partition

#pvcreate /dev/hda6 - create physical volume for LVM

#pvdisplay - to display the physical volume information
#pvremove /dev/hda6 - to remove physical volume

volume group (VG)

The Volume Group is the highest level abstraction used within the LVM. It gathers together a collection
of Logical Volumes and Physical Volumes into one administrative unit

Create the Volume Groups (VGs)

#vgcreate <myvol> /dev/hdc6 - to create a volume group
#vgdisplay - to displays the volume group information
#vgremove - to remove volume group
#vgextend <myvol> /dev/hda7- to extend the existing volume group size

Volume group name: myvol

Logical Volume name: sysvol

Create the Logical Volume (LVs)

#lvcreate –L 120M –n <myvol> <sysvol>
- Create a Logical volume partition size of 120MB
#lvextend –L +50M /dev/myvol/sysvol - Extend the existing LVM
#lvextend –L 250M /dev/myvol/sysvol - Resize the existing LVM
#lvremove /dev/myvol/sysvol - remove LVM from Volume group
#lvdisplay - listout the LVM information

#resize2fs /dev/myvol/sysvol - we should apply “resize2fs” after extended or resized LVM

#mkfs.ext3 /dev/myvol/sysvol - format LVM partition

#mkdir /data - create a directory for LVM mount
#mount /dev/myvol/sysvol /data - LVM partition mount on /data

#vim /etc/fstab - enter the mount information of LVM for permanent mount
/dev/myvol/sysvol /data ext3 defaults 00
:wq!
#mount –a

Quota management for user and group

Create a partition:
#fdisk /dev/hda - create a partition for first primary IDE
Command (m for help): n
Command action
l logical (5 or over)
p primary partition (1-4)
l
First cylinder (4765-4869, default 4765):
Using default value 4765
Last cylinder or +size or +sizeM or +sizeK (4765-4869, default 4869): +500M

Command (m for help): w

#partprobe - inform the OS of partition table changes
#mkfs.ext3 /dev/hdc6 - format a partition

#useradd stg - create a user for quota

#passwd stg - enter password for stg user
#mkdir /data - create a directory for quota
#mount /dev/hdc6 /data - mount partition on /data

#vim /etc/fstab
/dev/hdc6 /data ext3 defaults,usrquota 0 0
:wq!
#mount –a
#mount –o remount, usrquota /data
#quotacheck /data
#ls /data - to check it whether “aquota.user” created or not
aquota.user lost+found

#edquota -u stg - enter quota value for user stg

Disk quotas for user stg (uid 505):
Filesystem blocks soft hard inodes soft hard
/dev/hdc6 0 0 0 0 0 0
Blocks – size in Kb;
Inode – no.of files;
Soft - min
Hard - max

#edquota –t - Setting grace period for quota user

Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
Filesystem Block grace period Inode grace period
/dev/hdc9 1days 7days

#quotaon –a - quota service on

#repquota –v /document - check whether the above quota status correct or not

RAID - Redundant Arrays of Independent Disks

RAID combines two or more physical hard disks into a single logical unit by using either special
hardware or software.

Type of RAID:
1 Software RAID (" Operating system based ")
2 Hardware RAID (“Physical hardware based”)

RAID Standard Level:

1 RAID 0 (striping across multiple drives)
2 RAID 1 (mirroring two drives)
3 RAID 2 (Hamming Code ECC Disk)
4 RAID 3 (Striped data bytes set with dedicated parity)
5 RAID 4 (Striped data blocks set with dedicated parity)
 6 RAID 5 (data striping with parity)

Linux Raid Levels:

1 RAID 0 (striping across multiple drives)
2 RAID 1 (mirroring two drives)
3 RAID 5 (data striping with parity)

RAID 0:
#fdisk /dev/hda- create two partition for Raid
Command (m for help): n
First cylinder (4765-4869, default 4765):
Last cylinder or +size or +sizeM or +sizeK (4765-4869, default 4869): +500M
Command (m for help): n
First cylinder (4765-4869, default 4765):
Last cylinder or +size or +sizeM or +sizeK (4765-4869, default 4869): +500M
Command (m for help): w

#partprobe - inform the OS of partition table changes

#mkfs.ext3 /dev/hda6 - format a partition
#mkfs.ext3 /dev/hda7 - format a partition

#mdadm –-create /dev/md0 –-level=0 –-raid-device=2 /dev/had{6,7} (or)

#mdadm - -verbose - -create /dev/md0 - -level=1 - -raid-devices=2 /dev/hdc6 /dev/hdc7
#cat /proc/mdstate
#mdadm –-detail /dev/md0

Create the mdadm.conf Configuration File

#mdadm --detail --scan –-verbose
#mdadm --detail --scan --verbose > /etc/mdadm.conf

#mkfs.ext3 /dev/md0 (or)

#mke2fs -j /dev/md0
#mkdir /backup
#mount /dev/md0 /backup

#vim /etc/fstab
/dev/md0 /backupext3 defaults 00
:wq!
#mount –a

#mdadm –-manage /dev/md0 –-stop - stop raid device

#mdadm –-manage /dev/md0 –-fail /dev/hda7 (or) - faulty raid device
#mdadm –v /dev/md0 -f /dev/hdc7
Raid Level 5
#mdadm --create /dev/md0 --level=5 --raid-device=3 --spare-device=1 /dev/sda{8,9,10,11]
#mdadm –-manage /dev/md0 –-remove /dev/hda7 (or) - to remove faulty device
#mdadm –v /dev/md0 -r /dev/hdc7

#mdadm –-manage /dev/md0 –-add /dev/hda8 (or) - to add again raid device
#mdadm –v /dev/md0 -a /dev/hdc8

NETFILTER
Netfilter tables and Chains:

Filterpoint Table
filter nat mangle
Input * - *
Forward * - *
Output * * *
Prerouting - * *
Postrouting - * *
Nat – Network Address Translation
Mangle – This table is rarely used
Filter – Main packets filter

Netfilter Packets flow:

Prerouting - This filtering points deal with packets first upon arrival (nat).
Forward - Handles packets being routed through the local system (filter).
Input - Handles packets destined for the local system, after routing decision (filter).
Output - Handles packets after they have left their sending process, and prior to
postrouting (nat and filter).
Postrouting - Handles packets immediately prior to leaving the system (nat).

Filter all port from a particular IP

#iptables –A INPUT –s 192.168.1.5 –j REJECT

Filter all port from a particular network

#iptables –A INPUT –s 192.168.1.0/255.255.255.0 –j REJECT

Filter ftp port from a particular IP

#iptables –A INPUT –s 192.168.1.5 –tcp –dport 21 –j REJECT

Filter ftp port from a particular IP

#iptables –A INPUT –s 192.168.1.0/255.255.0.0 –tcp –dport 21 –j ACCEPT

Allow all port from a particular IP

#iptables –A INPUT –s 192.168.1.5 –j REJECT

Allow ftp port from a particular IP

#iptables –A INPUT –s 192.168.1.0/255.255.0.0 –tcp –dport 21 –j ACCEPT

#iptables –L
#iptables –F
#chkconfig iptables on
#service iptables save
#service iptables restart
#cat /etc/sysconfig/iptables
#iptables –D input 1

TCP Wrappers:
#

Remote system Administration

Command Line Remote Administration tool:
1 rsh
2 telnet
3 ftp
4 rlogin
5 rcp
6 rexec
7 ssh

SSH terminal Server

#yum install ssh*
#chkconfig sshd on
#service sshd restart

Assign diffrent port on ssh service

#vim /etc/ssh/sshd_config
Line No: 15
 Port 22 (default port - we can assign any one of the tcp port)

SSH RSA keys generation with authentication for remote login users:
(A user should login without password)
User1: raaj & User2:ganesh
In User1 (raaj)
[raaj@localhost ~]$ssh ganesh@172.24.254.254
login as: ganesh
ganesh@172.24.254.254's password:
[ganesh@localhost ~]$

In User2 (ganesh)
[ganesh@localhost ~]$ssh raaj@172.24.254.254
login as: raaj
raaj@172.24.254.254's password:

[raaj@localhost ~]$exit
[ganesh@localhost ~]$exit
[raaj@localhost ~]$

In User1 (raaj) - Generate RSA key from user1

[raaj@localhost ~]$ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): (Enter)
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): (Enter)
Enter same passphrase again:(Enter)
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
fb:0e:f0:86:39:69:3f:ae:e2:29:cb:98:63:d7:9e:7c root@localhost.localdomain

[raaj@localhost ~]$cd /home/raaj/.ssh

[raaj@localhost ~]$ls
[raaj@localhost ~]$scp id_rsa.pub ganesh@172.24.254.254:/home/ganesh/.ssh/authorized_keys

Now the user could be login without password.

[raaj@localhost ~]$ssh ganesh@172.24.254.254

SSH(Secure SHell) Login from remote host

#ssh root@172.24.254.254
The authenticity of host '172.20.250.250 (172.20.250.250)' can't be established.
RSA key fingerprint is 2a:4f:d3:03:ea:70:8e:98:dc:8f:1d:15:36:7f:09:ae.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.20.250.250' (RSA) to the list of known hosts.
root@172.20.250.250's password:

Screen – SSH Terminal multiplexer

Screen is a great tool for managing a remote computer with only a command line interface
available. Besides allowing multiple shells sessions,screen also lets you disconnect from it, and
then reconnect to that same screen session later.

#yum install screen - Install screen terminal multiplexer

#screen - go to next screen
#screen –ls - list out the screen status
Ctrl+a d - Detach screen from terminal
Ctrl+a n - move to next window
Ctrl+a “ - view the list of windows
Ctrl+a p - View previous windows
 Ctrl+a c - Create a new windows
Ctrl+a w - show the list of windows in the title bar
Ctrl+a Shift+a - Rename current window

Terminal service Client:(TSC)

If you are using Windows Remote Desktop connection to connect from one windows bx
to another, you will probably find the tsclient tool a good way to connect to a Windows
Desktop from linux

#yum install rdesktop tsclient - Install tsclient tool

#tsclient & - Open to TSC Client tools

telnet,rsh, rlogin, rexec

security reasons, rexec, rsh, and rlogin are not enabled by default in Linux
#yum install rsh-server - Install Package
#yum install telnet-server - Install Telnet server package
#serviceconf - Open configuration window for telnet, rsh, rlogin, rexec from GUI mode
(Here enable rsh, rlogin, rexec services)
(or)
#vim /etc/xinetd.d/telnet - telnet server configuration file
#vim /etc/xinetd.d/rlogin - rlogin server configuration file
#vim /etc/xinetd.d/rsh - rsh server configuration file
#vim /etc/xinetd.d/rexec - rexec server configuration file
disable = yes - this line in all configuration files
we need to change
disable = no
#service xinetd restart - restart services

Note: all users except root will be able to use rexec, rsh, and rlogin.
If you wanted to enable root login using rexec, rsh, and rlogin, add the following lines to /etc/securetty

#vim /etc/securetty - This will allow up to 10 telnet sessions to the server as root
rexec
rsh
rlogin
pts/0
pts/1

#telnet 172.20.250.250
login:
password:
#rsh 172.20.250.250 -l raaj - Remote Login user raaj using rsh
#rlogin 172.20.250.250 -l raaj - Remote Login user raaj using rlogin
# rexec 172.20.250.250 -l raaj hostname - execute a command from remote user host
Password:
system100.example.com

Check and Remove Bad Super-block on Filesystem:

#fsck - check and repair a linux file system
#fsck /dev/hda1 - check and repair a particular Linux file system
#dmesg | more - The program helps users to print out their bootup messages
#e2fsck - check a linux ext2/ext3 file system.
#e2fsck /dev/hda5 - check a particular Linux ext2/ext3 file system.
#e2fsck –b 8193 /dev/hda6 - a backup superblock can be found at block 8193
#dd if=/dev/hda5 of=/dev/hda6 - convert and copy a disk to another disk

Creating And Compiling A C++ Program With g++

#yum install gcc* - Install Linux compiler
#vim hello.cpp - create a C++ file called hello.cpp
Type the following lines of code in vim:
#include <iostream.h>
using namespace std;
int main()
{
cout << "Hello World !\n";
return 0;
}

#g++ -o hello hello.cpp - To compile your program type

#./hello - Executing A Compiled c++ Program

Troubleshooting:
Login Error

1.Password change
#passwd root

2. Fix the login shell

#grep root /etc/passwd
#chmod –s /bin/bash root
#chsh root
Changing shell for root.
New shell [/sbin/nologin]:/bin/bash

3. Password lock
#passwd –l root
#grep root /etc/shadow
#passwd –u root

4.Files check
#vim /etc/passwd
#grep root /etc/password
#vim /etc/shadow
#grep root /etc/shadow

5.Files attribute
#lsattr /etc/passwd
----ia------- /etc/passwd
#lsattr /etc/shadow
----ia------- /etc/shadow
#chattr –ia /etc/passwd
#chattr –ia /etc/shadow

6.Check Files Permission

Default file permission for “/etc/securetty” – 0644
Default file permission for “/bin/login” - 0755
#chmod 755 /bin/login
#chmod 644 /etc/securetty

7.Check the “/etc/securetty” file

#vim /etc/securetty
console
vc/1
..
vc/11
tty1
..
tty11
#cat –A /etc/securetty - check end of the line
8.File & Folder rename
#mv /bin/login /bin/.login
#mv /lib/security /lib/securetty

9.Account expired
#usermod –e 2005-03-05 <user1> - Account expires : March 05, 2005
#chage –l root
#chage –E never root

10.Check and Remove these below words from user environmental variable file scripts
exit, logout, sleep
#vim /etc/bashrc
#vim /etc/profile
#vim /etc/profile.d/*.sh
#vim /root/.bashrc
#vim /root/.bash_profile

#grep exit /etc/bashrc /etc/profile /etc/profile.d/*.sh /root/.bashrc /root/.bash_profile

#grep logout /etc/bashrc /etc/profile /etc/profile.d/*.sh /root/.bashrc /root/.bash_profile
#grep sleep /etc/bashrc /etc/profile /etc/profile.d/*.sh /root/.bashrc /root/.bash_profile
#vim /etc/bashrc
?sleep or /exit

11.check PAM authentication file

#vim /etc/pam.d/login - check first 5 lines
auth pam_securetty.so
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth

#vim /etc/pam.d/password
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth

#mv /etc/pam.d/remote /etc/pam.d/login

#authconfig-tui - please check the value like below
[*] Use MD5 Passwords
[*] Use Shadow Passwords

12.check the system startup file.

#vim /etc/rc.d/rc.local
touch /var/lock/subsys/local - Keep only this line.

13.Not exist attribute command

#lsattr /etc/passwd
#lsattr /etc/shadow
#mv /etc/passwd /etc/passwd1 (or) #mv /etc/shadow /etc/shadow1
#cp –r /etc/passwd1 /etc/passwd - we can edit the above files

NIS Server Configuration

#yum install make*
#yum install yp*
#mkdir -p /rhome/station1
#useradd -d /rhome/station1/nisuser1 nisuser1
#passwd nisuser1
#vim /etc/exports
/rhome *(rw,sync)
#service nfs restart

# vim /etc/passwd
nisuser1:x:501:501::/rhome/nisuser1:/bin/bash \\ make it
#vim /var/yp/Makefile
Line No: 109 all: passwd group hosts \\ make it
#vim /etc/ypserv.conf
Line No: 38 & 39 * :* : shadow.byname : port
* :* : passwd.adjunct.byname : port
#vim /etc/sysconfig/network
NISDOMAIN=RHCE
#chkconfig ypserv on
#chkconfig yppasswdd on
#chkconfig ypxfrd on
#service ypserv restart
#service yppasswdd restart
#service ypxfrd restart
#nisdomainname (or) domainname
#/usr/lib/yp/ypinit –m
next host to add: server1.example.com
next host to add: 172.24.254.254
next host to add:
The current list of NIS servers looks like this:
server1.example.com
172.24.254.254

Is this correct? [y/n: y]y

#rpcinfo -p localhost

NIS Client
#yum install ypbind*
#yum install authconfig*
#authconfig-tui
[*] Use NIS --Next

Domain: RHCE
Server: 172.24.254.254
#ypcat passwd
#vim /etc/auto.master
/rhome /etc/auto.misc
#vim /etc/auto.misc
* -rw,sync,intr 172.24.254.254:/rhome/station1/&
#chkconfig autofs on
#chkconfig ypbind on
#service ypbind restart
#service autofs restart
#su – nisuser1