RedHat

• Set-up and installation notes.
• Add new yum repo

  •      sudo wget -P /etc/yum.repos.d/  ftp://server1/pub/gls/server1.repo

• Start / Stop a service.

  •     $ sudo /sbin/service httpd stop
        $ sudo /sbin/chkconfig httpd off
        OR
        System->Admin->Services

• YUM

  •      yum localinstall xxxxx.rpm
         yum clean dbcache / all

• Persistent Kernel Configuration sysctl, add to /proc/sys

  •      sysctl -a
         sysctl -p   << Process sysctl.conf

• fdisk & partitions

  •      partprove   << reinitializes the kernel's in-memory version of the partition table
         e2label /dev/sdX MYfsLabel
           mount LABEL-MYfsLabel /mnt
         blkid   << show all labels
         tune2fs -o acl,user_xattr /dev/sda2   << set default mount options., check with dumpe2fs

• ACL's (mounted with -o acl)
  • New files inherit default ACL from dir, mv and cp -p preserve ACL's

       getfacl
       setfacl
       -m modify,  -x remove,   d-default set on dir

• Files in use

  •       fuser -v /mnt/home    << who is using file system
          fuser -km /mnt/home   << kill all actions on a filesystem
          mount -o remount,rw  /
          mount --bind /something /anotherthing

• NFS Filesystems /etc/fstab , activated by /etc/init.d/netfs

  •       mount -t nfs server1:/var/ftp/pub  /mnt/server1
          Line in /etc/fstab
          server1:/var/ftp/pub  /mnt/server1  nfs  defaults  0 0

• Automounter (autofs RPM) U5-P137

  • /etc/auto.master: << contains dir in fs, and yet another config file with further specific mount options.

    • /misc /etc/auto.misc

      /net -hosts << -hosts allow browsing of nfs shares (could also use -g flag) /home/guests /etc/auto.home.guests /- /etc/auto.direct << /- Allows auto.direct to mount anywhere in file-system

    /etc/auto.misc:
    • server1 -ro,soft server1:/var/ftp/pub or cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
    /etc/auto.home.guests

    • -fstype=nfs server1:/home/guests/& << Mounts nfs on server1 with same name as dir access local in /home/guests

• Password
  • /etc/login.defs
  • modify user with # chage [opt] uname
  • groupadd -g 200 sales (GID=200)
  • Add Group: # usermod -a -G sales joshua ( without -a remove other groups)
• Quota System

  1. Add to fstab entry usrquota or grpquota, then mount -o remount /home

  2. crate quote db in top fs dir, # quotacheck -cug (use quotacheck -c /home to update)

  3. Start or stop quotas, quotaon, quotaoff

  4. Set quota # edquota USER 4096 5120 40 50 /foo

  5. Copy user1 policy to user2 # edquota -p user1 user2
  • SELinux (user:role:type:sensitivity:category)

    1. # chcon -t tmp_t /etc/hosts << change security context.

    2. List all types # chcon --reference
    3. #restorecon /root/*
    4. Modes Enforcing, Permissive, Disabled
       • /etc/sysconfig/selinux
       • system-config-securitylevel
       • getenforce and setenforce 0|1
       • GRUB selinux=0
• NIS
  • # yum install portmap

  • # getent passwd

• tcp_wrappers
  1. check with # ldd EXE
  2. /etc/hosts.allow
     • sshd: ALL EXCEPT .cracker.org EXCEPT trusted.cracker.org
• Samba

  •    /etc/samba/smb.conf   << well commented.
       # testparm   << check syntax
    
       ads - Active Directory member, add with #net ads join -U Administrator
    
       encrypted passwords stored in  /etc/samba/passdb.tdb
       add user with # smbpasswd -a user
       modify # smbpasswd user
       User needs local account translated through /etc/samba/smbusers or '''winbindd''' service.
    
       smbclient -L ''hostname''    << view shares
    
       mount -t cifs //stationX  /mnt/samba -o user=Piet,dom=MyDomain,uid=500,file_mode=664

...

CategoryLinux