Professional Documents
Culture Documents
Linux 1
Linux 1
Linux 1
Think about an OS like a car engine. An engine can run on its own, but it becomes a
functional car when it’s connected with a transmission, axles, and wheels.
Without the engine running properly, the rest of the car won’t work.
The Linux® kernel is the main component of a Linux operating system (OS) and is
the core interface between a computer’s hardware and its processes. It
communicates between the 2, managing resources as efficiently as possible.
The kernel is so named because—like a seed inside a hard shell—it exists within
the OS and controls all the major functions of the hardware, whether it’s a
phone, laptop, server, or any other kind of computer.
1. Memory management: Keep track of how much memory is used to store what, and
where
2. Process management: Determine which processes can use the central processing
unit (CPU), when, and for how long
3. Device drivers: Act as mediator/interpreter between the hardware and processes
4. System calls and security: Receive requests for service from the processes
1. The hardware: The physical machine—the bottom or base of the system, made up
of memory (RAM) and the processor or central processing unit (CPU), as well as
input/output (I/O) devices such as storage, networking, and graphics. The CPU
performs computations and reads from, and writes to, memory.
2. The Linux kernel: The core of the OS. (See? It’s right in the middle.) It’s
software residing in memory that tells the CPU what to do.
3. User processes: These are the running programs that the kernel manages. User
processes are what collectively make up user space. User processes are also known
as just processes. The kernel also allows these processes and servers to
communicate with each other (known as inter-process communication, or IPC).
Kernel ==> It is the core/heart of any OS. It can interact with the system H/W
directly.
What is the kernel file name? Where does kernel reside?
vmlinuz is the name and it resides with the /boot directory
How to see the kernel version? uname -r
Kernel interacts with system H/W using System Calls (are some special 'C'
functions)
eg. ioctl(), fork() rtc.
Shell ==> is a utility program which acts as an interface between the user and the
kernel. User processes
would be running here.
Shell also works as an interpreter which translates human language to machine
language and vice versa.
Unix variants ==> SCO Unix / IBM AIX / HP-UX / Oracle Solaris
---------------------------------------------------
Linux Distribution ==> Kernel + GNU Utils + Shell
Distributions ==> Slackware / Oracle Linux / Suse Linux / Ubuntu / CentOS /
Fedora / RHEL
Redhat ==> Redhat Linux [ FREE ] --> 4 / 5 / 6 / 7 / 8 / 9
Enterprise Distribution ==> RHEL [ Redhat Enterprise Linux ] --> RHEL8
Community Distribution ==> Fedora / CentOS
Linux Commands
-------------
1. Create a user and assign a password
useradd student
passwd student
Note: By default, root user will have home directory as /root and non-root users
will have home directory
within /home
7. Shell commands have 3 basic parts - Command to run / Options to adjust the
command behavior / Arguments
ls -l /tmp
ls -lR database
================================================================
14. who ==> To list the currently logged-in users
who am i / whoami ==> To list the current user only
15. history ==> To list all commands which we have executed
!NO ==> To recall a command from hsitory
history -c ==> To clear the history
history -d NO ==> To delete a specific command from history
To display the value of HISTSIZE Environment variable ==> echo $HISTSIZE
To set a custom value for HISTSIZE variable ==> HISTSIZE=100
18. Linux Editors ==> vi [ Visual Editor ]==> Default editor of Unix
vim [ Visual Improved ] ==> Default editor of Linux
nano => simple editor just like notepad
gedit => Graphical Editor
gvim => Graphical version of vim
vi / vim commands==>
-------------------
i => Insert Mode
a => Append Mode
x => To delete a single character
dd => To delete a line
2 yy(yank) p => Copies 2 lines and paste
2 dd p => Deletes 2 lines and paste
o => To insert a line below
O => To insert a line above
u => Undo the last operation
/expression => To search for an expression
:nohl => To remove highlights
:wq => To save and Quit
:w! => Save without Quit
:q! => Quit without Save
:se nu => To display the line numbers
:set nonumber => To remove the line numbers
Find and Replace ==> :%s/linux/RHEL/g ==> It will replace all occurances of
linux by RHEL
19. Linux Filesystem Hierarchy -> All files in Linux system are stored on file
systems, which are organized into
a single inverted tree of directories known as file-system hierarchy.
Note : In RHEL7, 2 popular display managers are available - GNOME and KDE. The
default desktop
environment in RHEL8 is provided by "Wayland"
==========================================
System Initialization / Booting Sequence
==========================================
Red Hat Enterprise Linux 8 Boot Process
1. The machine is powered on. The system firmware, either modern UEFI or older
BIOS, runs a Power On Self Test (POST) and starts to initialize some of the
hardware.
2.The system firmware searches for a bootable device, either configured in the UEFI
boot firmware or by searching for a Master Boot Record (MBR) on all disks, in the
order configured in the BIOS.
3. The system firmware reads a boot loader from disk and then passes control of the
system to the boot loader. On a Red Hat Enterprise Linux 8 system, the boot loader
is the GRand Unified Bootloader version 2 (GRUB2).
4. GRUB2 loads its configuration from the /boot/grub2/grub.cfg file and displays a
menu where you can select which kernel to boot.
5. After you select a kernel, or the timeout expires, the boot loader loads the
kernel and initramfs from disk and places them in memory. An initramfs is an
archive containing the kernel modules for all the hardware required at boot,
initialization scripts, and more. On Red Hat Enterprise Linux 8, the initramfs
contains an entire usable system by itself.
6. The boot loader hands control over to the kernel, passing in any options
specified on the kernel command line in the boot loader, and the location of the
initramfs in memory.
7. The kernel initializes all hardware for which it can find a driver in the
initramfs, then executes /sbin/init from the initramfs as PID 1. On Red Hat
Enterprise Linux 8, /sbin/init is a link to systemd.
8. The systemd instance from the initramfs executes all units for the initrd.target
target. This includes mounting the root file system on disk on to the /sysroot
directory.
9. systemd looks for a default target, either passed in from the kernel command
line or configured on the system.
------------------------------------
Repairing File System Issues at Boot
====================================
The following table lists some common errors and their results::
-----------------------------------------------------------------------------------
--------------------------------------------------
Problem Result
-----------------------------------------------------------------------------------
--------------------------------------------------
Corrupt file system----------------------------------> systemd attempts to repair
the file system. If the problem is too severe for an
automatic fix, the system
drops the user to an emergency shell.
Nonexistent device or UUID referenced in /etc/fstab --> systemd waits for a set
amount of time, waiting for the device to become available
If the device does not become available, the system drops the user to an emergency
shell after the timeout.
Nonexistent mount point in /etc/fstab-----------------> The system drops the user
to an emergency shell.
Incorrect mount option specified in /etc/fstab--------> The system drops the user
to an emergency shell.
In all cases, administrators can also use the emergency target to diagnose and fix
the issue, because no file systems are mounted before the emergency shell is
displayed.
===============================================
User and Group Administration ==>
===============================================
a. A user account is used to provide security boundary for a specifc user
b. 3 main types of user accounts - superuser [ Privileged user ], system users
and regular
users [non-privileged users]
The name of superuser is root and the it has UID 0
Users do NOT interactively login using system user accounts
c. id command can be used to display user information
d. Every user is assigned a unique UID by the OS
e. To create a user ==> useradd <username>
By default, system uses the /etc/passwd file to store user information.
Each line in /etc/passwd file contains information about one user and it
contains 7 fields
separated by ':'
username:password(x):UID:GID:GECOS Field:Home Directory:Login Shell
d. userdel <username> ==> deletes a user account but home directory still
exists
usrdel -r <username> ==> deletes a user account along with the home
directory
e. usermod -c "DevOps Enginner" sarah
f. User password are stored in a file called /etc/shadow
g. How to Lock a user account?
usermod -L(Lock) <username>
usermod -U(Unlock) <username>
g. UID Ranges :
UID 0 is reserved for root user
UID 1-200 is a range of "system users" assigned statically to system
processes by Redhat
UID 201-999 is a range of "system users" used by system processes that
do not own files in the
filesystem.
UID 1000+ is the range of "regular users"
h. User and group specific default values are stored in /etc/login.defs
===========================================================================
Managing User Passwords
------------------------------
1. User Passwords are stored in /etc/shadow file and Group passwords are stored
in /etc/gshadow file
2. Format of /etc/shadow file :
<user_name>:Encrypted_Password:The_Day_Password_Last_Changed:Minimum number of
days between password change:
Maximum number of days between password change:Warning Period:Inactivity Period
3. Setup password policies using chage command. All changes would be recorded
within /etc/shadow file
useradd devops
grep devops /etc/shadow [ We should see !! in the password field ]
passwd devops [ We should see an encrypted password in the password field ]
chage -l devops [ list the password policies fordevops user ]
==> Set Min. no. of days to 3, Max. no. of days 30, Warning period to 5 and
Inactivity period to 2
chage -m 3 -M 30 -W 5 -I 2 devops
To set the account expiry date to 31.12.2021
chage -E 2021-12-31 devops
To revert back the expiry date to "never"
chage -E -1 devops
grep devops /etc/shadow
4. To create a password-less linux user
passwd -d devops
5. To force a user to change his/her password at next login :
chage -d 0 devops
c. the encrypted hash :: The salt and the unencrypted password are combined
and encrypted to
generate the encrypted hash of the password
passwd <username>
Enter password : redhat
Retype password : redhat
A salt value will be generated randomly and the it will combined with the
unencrypted password
i.e. redhat here and then the combined string would be encrypted using the
hashing algorithm.
===================================================================================
==========
Linux Filesystem Permissions
--------------------------------
1. File permissions control access to files
2. Linux users types --> Owner(u) / Group Owner(g) / Others(o)
3. Basic Permissions --> 3 types --> read(r-->4) / write(w-->2) / execute(x-->1)
4. ls -l /tmp ==> The first character of the long listing is the File Type,
interpreted like this -
7 Fundamental File Types ::
a. - => is an ordinary file [ text / program / binary / audio / video
file ]
b. d => is a directory
c. l => is a soft link
d. b => is a block device file
e. c => is a character device file
f. s => is a socket file
g. p => is a named pipe
What is the command to display the file type ? ==> file <filename>
Note: In Linux, we do not have any drive letter concept like windows. We have mount
point which is nothing
but a directory. This directory needs to be mapped with the disk partition. This
mapping process is known
as Mounting. We use the mount command for this mounting/mapping process.
Lab:
===
Section 1 :: Create a partition of 100 MB. Create an extended partition and assign
rest of the disk space to it.
Create a logical partition of 1 GB
Section 2 :: Format the primary partition using xfs filesystem and mount it
under /mnt/primary
Format the logical partition using ex4 filesystem and mount it
under /mnt/logical
Linux native filesystems ==> ext2 / ext3 / ext4 / xfs [ default filesystem in
RHEL7/RHEL8 ]
Command (m for help): p [ to list the partitions available in the partition table ]
Command (m for help): n [ create a new partition ]
First Sector : <Press Enter>
Last Sector : +100M
Command (m for help): w [ to save ]
Command (m for help): q [ to quit from fdisk ]
Command (m for help): d [ to delete a partition ]
Exit from fdisk utility.
Run the udevadm settle command to register the changes means mkaing the system
wait to detect the new partition
and to create the associated device file under /dev/directory.
Note: It is recommended that we use the UUID value for the partition instead of
using the device name
UUID="4ebd0de5-fe18-4d3f-b109-6ef1a3af19c9" /mnt/primary xfs
defaults 0 0
To get the UUID value, run the blkid command ==> blkid /dev/sdb1
-----------------------------------------------------------------------
A swap space is an area os a disk under the control ofthe Linux kernel memory
management subsystem.
The combiled system RAM plus swap space is called Virtual Memory.
LVM1 ==> To increase volume size, we had to unmount it and then extend it.
LVM2 ==> Online extension of volume is possible
Lab:
----
1. Create a partition of 2 GB. Convert it to Linux LVM partition.
2. Create a PV using that partition.
3. Create a VG called vg1 using the PV
4. Create an LV called lv1 having 50 extents. Assign this LV to the VG called vg1
5. Create ext4 filesystem on the lv1 LV
6. Mount the LV into /mnt/lv1
7. Create another LV called lv2 having 60 extents. Assign this LV to the same VG
called vg1
8. Create xfs filesystem on lv2 LV.
9. Mount the LV called lv1 into /mnt/lv2
===================================================================================
1. Extend the logical volume called lv1 by 200 MB keeping the existing data intact
lvextend -L +200M /dev/vg1/lv1
If the Logical volume is having ext3/ext4 filesystem,
resize2fs /dev/vg1/lv1 [ this command will actually resize the LV
online ]
But if the Logical Volume is having xfs filesystem, then the command would
be
xfs_growfs /dev/vg1/lv1
OR
xfs_growfs /mnt/lv1
===================================================================================
=
Extend the VG
----------------
1. Create PV
2. Extend the VG by using the newly created PV
vgextend vg1 <new_pv_name>
-----------------------------------------------------------------------------------
---
Remove LV
--------
1. Unmount the volume
umount /mnt/lv1
umount /mnt/lv2
2. Remove the entries from /etc/fstab
3. Remove LV
lvremove /dev/vg1/lv1
lvremove /dev/vg1/lv2
4. Remove VG
vgremove vg1
5. Remove PV
pvremove /dev/sdb1 /dev/sdb2
6. Delete the partitions using fdisk
==============================================================
User Profiles
-------------
~/.bash_profile ==> We can setup some startup script or startup message
~/.bashrc ==> We can configure variables, aliases etc.
================================================
Standard I/O Pipes / Redirect I/O channels to files / Combining commands using
Pipes
-----------------------------------------------------------------------------------
A running program, or process, needs to read input from somewhere and write output
to
somewhere. A command run from the shell prompt normally reads its input from the
keyboard and
sends its output to its terminal window.
A process uses numbered channels called file descriptors to get input and send
output. All
processes start with at least three file descriptors. Standard input (channel 0)
reads input from
the keyboard. Standard output (channel 1) sends normal output to the terminal.
Standard error
(channel 2) sends error messages to the terminal.
Redirection
-----------
1. Input
echo "Hello World" > hello
cat < hello ....is internally translated as cat 0< hello
2. Output
cat hello > myhello ..is internally translated as cat hello 1>myhello
3. Error
cat hello123 ...hello123 file does not exist
cat hello123 2>helloerror
----------------------------------------------------------------------------
Examples of Input Redirection ::
==> Save the current system date and time to a file called /tmp/saved-timestamp
date > /tmp/saved-timestamp
==> Copy the last 5 lines from /etc/passwd to a file called /tmp/passwd
tail -n 5 /etc/passwd > /tmp/passwd
==> Search the location of passwd file in the entire filesystem hierarchy and store
the output to a file /tmp/passwd.out
find / -name passwd 1>/tmp/pass.out
==> Search the location of passwd file in the entire filesystem hierarchy and store
the output to a file /tmp/passwd.out and store the errors to another file called
/tmp/passwd.error
find / -name passwd 1>/tmp/passwd.out 2>/tmp/passwd.error
Constructing Pipelines
---------------------
A pipeline is a sequence of one or more commands separated by the pipe character.
A pipe connects the standard output of the left-hand side command to the standard
output of the right-hand side command.
Examples
-------
ls -l /dev | less
cat /etc/passwd | head -n 15 > passwd.15
======================================================================
Managing Networking
----------------------------
Upto RHEL5 ==> network service ===> service network start ===> /etc/init.d/network
start
In RHEL6 ==> NetworkManager
In RHEL7/8 ==> NetworkManager is the default networking service
Network Interface Name : Upto RHEL6 ==> eth0, eth1....[eth stands for ethernet ]
RHEL7/RHEL8 ==>
--> Ethernet interfaces begin with en
--> WLAN inetrfaces begin with wl
--> WWAN interfaces begin with ww
The rest of the interface name after the type will be based on information provided
by server's firmware or determined by the
location of the device in the PCI topology.
=> oN indicates that this is an on-board device and the server's firmware
provided index number. So eno1 is an on-board
Ethernet device 1.
=> sN indicates that this device is in PCI hotplug slot N. So ens3 is an Ethernet
card in PCI hotplug slot 3
Lab
---
1. Note down the IP configuration of your system by using ifconfig and ip command.
2. How to display the MAC address of the NIC?
3. Display the default gateway. ==> route -n /// netstat -r
4. Note the DNS server IP from /etc/resolv.conf file
5. What is location of the Interface Configuration files?
6. Configure network for your linux server -
IP Address : 192.168.1.100
Subnet Mask : 255.255.255.0
Default Gateway : 192.168.1.1
DNS Server IP : 192.168.1.254
The interface should be configured to be activated onboot.
7. What is the command to change the system name temporarily?
8. What is the command to change the system name permanently? What is the name of
the file that stores the hostname?
===================================================================================
=====
System Admin tools ==> setup / system-config-*
To check ==>
ntpq
ntpq> peer ==> displays the NTP server name with which my system is
synchronized
RHEL7/8 ==>
chronyc sources -c
sync command
------------
sync command in Linux is used to synchronize cached writes to persistent storage.
If one or more files are specified, sync only them, or their containing file
systems.
Run sync if you anticipate the system to be unstable, or the storage device to
become suddenly unavailable, and you want to ensure all data is written to disk.
========================================================================
Controlling Services and Daemons
------------------------------------------------------------------------
Prior to RHEL7, we used to manage the services using the service and chkconfig
command.
But in RHEL7 and RHEL8, we use a single command called systemctl to manage the
services.
The systemd daemon manages startup for Linux, including service startup and service
management. It activates
system resources, server daemons and other processes both at boot time and on a
running system.
Daemons
-------
1. Daemons are processes that either wait or run in the background, performing
various tasks.
2. Generally, daemons start automatically at boot time and continue to run until
shutdown or until they are
manually stopped.
3. It is a convention that daemin names end with the letter called 'd'. eg. httpd /
sshd / chronyd
Service
-------
1. is nothing but a process which may not keep on running always
2. On-demand start/stop
------------------------------------------
In RHEL7 & RHEL8 ==>
systemctl start sshd
systemctl stop sshd
systemctl restart sshd
systemctl reload sshd
systemctl status sshd
To put a service into the system startup so that the service gets started
automatically whenever the system
is started :: systemctl enable sshd
systemctl enable sshd --now ==> Will start and enable the sshd service
===========================================================
Package Management
---------------------
Install/Remove/Update/Query
1. rpm does NOT have a repository concept and it does NOT support dependency
resolution but yum has support
for both
2. DNF is an advanced version of yum
To list the currently installed packages ==> rpm -qa <==> yum list installed
To query a package ==> rpm -q <package_name> <==> yum list installed
<package_name>
To remove a package ==> rpm -e <package_name> <==> yum remove <package_name>
To install a package ==> rpm -ivh samba...rpm <==> yum install samba
To display the owning package for a file ==> rpm -qf /etc/passwd <==> yum
whatprovides /etc/passwd
To list the files within a package ==> rpm -ql <package_name>
To update the system ==> yum update
To display information about a package ==> rpm -qi <package_name> <==> yum info
<package_name>
To list the available and installed groups ==> yum group list
To install a group ==> yum group install "Group_Name"
To remove a group ==> yum group remove "Group_Name"
To display a summary of installed and removed packageas/yum transactions ==> yum
history
To display info about a particular yum transaction ==> yum history info
<transaction_no>
To reverse a yum transaction ==> yum history undo transaction_no
========================
Runlevel vs. Target
====================
Runlevel indicates the running state of the system
0 ==> Halt
1 ==> Single User Mode
2 ==> Multi-user without network support
3 ==> Multi-user with network support. CLI mode
4 ==> Unassigned
5 ==> GUI.. X-Window System
6 ==> Reboot
-------------------------------------------------------------------------
graphical.target ==> System supports multi-user, graphical and text-based logins.
multi-user.target ==> System supports multiple users, text-based login only
rescue.target ==> sulogin prompt, root filesystem gets mounted in read-write mode
emergency.target ==> sulogin prompt, system root gets mounted in read-only mode
=============================================================================
Linux Filesystem Permissions
--------------------------------
1. File permissions control access to files
2. Linux users types --> Owner(u) / Group Owner(g) / Others(o)
3. Basic Permissions --> 3 types --> read(r-->4) / write(w-->2) / execute(x-->1)
4. ls -l /tmp ==> The first character of the long listing is the File Type,
interpreted like this -
7 Fundamental File Types ::
a. - => is an ordinary file [ text / program / binary / audio / video
file ]
b. d => is a directory
c. l => is a soft link
d. b => is a block device file
e. c => is a character device file
f. s => is a socket file
g. p => is a named pipe
What is the command to display the file type ? ==> file <filename>
Special Permissions
-------------------
3 Special Permissions -
a. suid [ Set User ID ==> s ==> 4 ] ==> can be implemented on Owner(u)
b. sgid [ Set Group ID ==> s ==> 2 ] ==> can be implemented on Group(g)
c. sticky bit [ t ==> 1 ] ==> ==> can be implemented on others(o)
===================================================================================
=========
Network File Sharing Services --> NFS / FTP / SMB
-----------------------------------------------------------------------------------
--------
NFS ==> Network File System. It allows remote hosts to mount file systems over a
network
and interact with those filesystems as though they are mounted locally. This
enables us to consolidate resources onto centralized servers in a network.
Firewall
-------
systemctl status firewalld
firewall-cmd --list-all
firewall-cmd --list-services
firewall-cmd --list-ports
===================================================================
Installing and Configuring FTP Server
-------------------------------------
FTP = File Transfer Protocol. Used for transferring files (upload/download) across
systems in the network.
Ports : 20 ( Data ) 21 ( Connection )
Package : vsftpd [ Very Secure FTP Daemon ]
/etc/vsftpd/ftpusers ==> List the users who can NOT login to FTP server
Lab :
---
1. Install vsftpd package. Start and Enable the service
2. Install the ftp client
3. Try to login to FTP srever as anonymous/ftp user and it should be allowed. Make
necessary changes in
vsftpd.conf to disallow anonumous user login.
4. Create 2 users called ftpuser1 and ftpuser2
5. Run the FTP command from root and then login to FTP server as ftpuser1 and
ftpuser2 respectively and
upload some files. It should work.
6. By default root login is disabled in FTP server. Consult necessary files to
enable root login for
testing purpose.
7. Allow FTP ports through Firewall -
firewall-cmd --permanent --add-port=20/tcp
firewall-cmd --permanent --add-port=21/tcp
firewall-cmd --reload
10. Enable and Monitor FTP logs
vim /etc/vsftpd/vsftpd.conf
xferlog_enable=YES ==> This will enable FTP server logging
tail /var/log/xferlog
===================================================
Configuring SAMBA Server
==================================================
What is SMB?
Server Message Block(SMB) / CIFS (Common Internet File System) is the standard
file-sharing protocol for Microsoft servers
and clients.
[private]
path = /confidential
browseable = yes
valid users = fred, @dba
write list = fred
=====================================================================
Shell Scripts
-------------
#!/bin/bash
clear
echo "Welcome To DXC Technology"
--------------------------------
#!/bin/bash
echo "Enter a number :"
read num1
echo "Enter another number :"
read num2
sum=$[$num1+$num2]
echo "The sum is : $sum"
--------------------------------
#!/bin/bash
groupadd group1
useradd user1
echo redhat | passwd --stdin user1 &>/dev/null
usermod -G group1 user1
---------------------------------
-------------------------------
#!/bin/bash
for x in `seq 1 10`
do
echo $x
done
--------------------------------------------------------------------
Troubleshooting
==================
Resetting the ROOT Password
--------------------------
Append rd.break ===> system breaks just before the system hands control from the
initramfs to
the actual system.
At this point, the system presents a root shell with the actual root filesystem on
the disk
mounted as read-only on /sysroot.
We need to remount the / filesystem as RW ==> mount -o remount,rw /sysroot
Switch into the chroot jail, where /sysroot is treated as the root of the file-
system tree.
chroot /sysroot
passwd root
Make sure that all unlabelled files, including /etc/shadow at this point, get
relabelled during
boot.
touch /.autorelabel
=============================
Transferring files using Secure Copy
------------------------------------
1. OpenSSH is useful for running shell commands on remote systems.
2. scp [ Secure Copy] command is used to securely copy files to remote systems.
scp /etc/hosts root@RemoteServerIP:/archive
scp /etc/passwd student@RemoteServerIP:/tmp
--------------------------------------------------------
To interactively upload or download files from an SSH server, sftp [ Secure File
Transfer Program ] can be used.
Just like scp command, sft also uses [user@]host to identify the target system
sftp root@RemoteServerIP
sftp> mkdir backup
sftp> cd backup
sftp> put /etc/hosts ==> This command will upload /etc/hosts file to the
remote directory called backup
sftp> get hosts ==> This will download hosts file from the remote directory
to the local system
Run sftp command to get connected to the remote host
sftp root@RemoteServerIP
Create a directory called backup in the remote server and change the directory
to /root/backup
Upload /etc/hosts file from the local system to remote system's /root/backup
directory
Upload /etc/passwd file from the local system to remote system's /root/backup
directory
Download the passwd file from the remote system's /root/backup directory to the
local system
----------------------------------------------------------------------------------
Synchronizing files between systems securely
----------------------------------------------
rsync - a fast, versatile, remote (and local) file-copying tool
rsync tool can be used for taking incremental backup
The rsync command is another tool to securely copy files from one system to another
system over the network.
It uses an algorithm that minimizes the amount of data copied by synchronizing only
the changed portions of the
files.
It differs from scp in that if 2 files or directories are similar between two
servers, rsync copies only the
differences between the files, while scp would still copy everything.
========================================
Selinux ==> Security Enahnced Linux
======================================
Selinux Modes :
1. Enforcing (1) - deny access and record the logs if policy is not matched
2. Permissive (0) - Warning-only mode.. allows access with a warning
message and records log even if the policy gets
mismatched
3. Disabled - no selinux policy is being checked
Here, the type of the subject(httpd) does not match with the type of the
object(/webcontent). So, even if we give 777
permission to /webcontent directory, still httpd won't be able to access the
content(index.html) of /webcontent
========================
Automated Installation
=======================
You can automate the installation of Red Hat Enterprise Linux using a feature
called Kickstart. Using Kickstart, you specify everything Anaconda needs to
complete an installation, including disk partitioning, network interface
configuration, package selection, and other parameters, in a Kickstart text file.
By referencing the text file, Anaconda performs the installation without further
user interaction.
==> A network server available at install time using FTP, HTTP, or NFS.
==> An available USB disk or CD-ROM.
==> A local hard disk on the system to be installed.
inst.ks=http://server/dir/file
eg. inst.ks=http://192.168.1.254/ks-config/ks.cfg
inst.ks=ftp://server/dir/file
inst.ks=nfs:server:/dir/file
====================================
Network teaming
--------------
Network teaming is method for linking NICs together logically to allow for failover
or higher throughput. Teaming is a new implementation that
does not affect the older bonding driver in the Linux kernel; it offers an
alternate implementation.
Red Hat Enterprise Linux 7 implements network teaming with a small kernel driver
and a userspace daemon, teamd. The kernel handles network packets
efficiently and teamd handles logic and interface processing. Software, called
runners, implement load balancing and active-backup
logic, such as roundrobin.
==========================
Patching
---------------
Patches are updates that incorporate changes in source code. They can be applied to
the Linux kernel or to applications and other systems code running on a Linux
server. ... Patch management is basically the process of acquiring, testing and in-
stalling multiple code changes (patches) to systems software and applications.
You can use the Red Hat Enterprise Linux kernel live patching solution to patch a
running kernel without rebooting or restarting any processes.
With this solution, system administrators: