How to create LVM

How to create LVM partition in linux, LVM is a logical volume manager it manages disk drivers and similar mass-storage devices.

 The commands used in LVM are,
  • Physical Volume = pv
  • Volume Group = vg
  • Logical Volume = lv

Step 1: Find the disk volume using fdisk -l, ex: /dev/sdb

Step 2: Create Phycial volume 

# pvcreate /dev/sdb

Step 3: Create Voume Group

# vgcreate vg0 /dev/sdb

vg0: Volume group name can be any name

Step 4: Create Logical Volume

# lvcreate -l 100%FREE -n lv0 vg0

100%FREE: Utilizing 100% of the disk space
lv0: Logical Volume name can be any name

Step 5: Format the disk with ext3 or ext4 filesystem

#mkfs.ext3 /dev/vg0/lv0

or 

#mkfs.ext4 /dev/vg0/lv0 (for RHEL 6)

Step 6: Add fstab entry for permanent mount

#vi /etc/fstab

/dev/vg0/lv0   /data    ext3    default   0 0

/data: Directory
ext3:  File system type

Step 7: mount the disk 

#mount /dev/vg0/lv0 /data

or

#mount -a


Read More...

How to change hostname in linux without reboot

We can change the hostname (server name) in linux without rebooting the linux box.

Step 1: edit /etc/hosts file and set the hostname
#vi /etc/hosts
   10.0.0.4                 digitalinux.digitalinux.com   digitalinux

10.0.0.4: Server Ip address
digitalinux: Server name
digitalinux.com: domain name
digitalinux.digitalinux.com: FQDN

Step 2: edit /etc/sysconfig/network and change the hostname
#vi /etc/sysconfig/network
  HOSTNAME=digitalinux.digitalinux.com

Change the hostname as above

Step 3: Change hostname without reboot
# hostname digitalinux.digitalinux.com


Read More...

3D Desktop

Available Packages: Compiz, Beryl

 Compiz:

By installing the package compiz and enabling the Desktop Effects in the system menu.
rpm –ivh compiz-0.0.13-0.36.20060817git.el5.i386.rpm --aid
System -> Preferences -> Desktop Effects
Now By accessing the following keys to get the 3D Desktop:
          Ctrl + Alt + Arrow keys, & Using Mouse.


 Beryl:

Copy the Beryl packages in to a directory /var/ftp/pub/Beryl
Adding an entry in the 
/etc/yum.repo.d/<server1>.repo
vim /etc/yum.repo.d/server1.repo
      [Beryl]
       name=server1 SERVER repository
       baseurl=file:///var/ftp/pub/Beryl
       gpgcheck=0
       createrepo -v /var/ftp/pub/Beryl
       yum install –y beryl*
For client machines 
add an entry in the 
/etc/yum.repos.d/<client>.repo
vim /etc/yum.repo.d/client.repo
      [Beryl]
       name=Client Server Repository
       baseurl=ftp://192.168.0.254/pub/Beryl
       gpgcheck=0
       yum install –y beryl*

 Starting the beryl settings

Applications -> System Tools -> select Beryl Manager
Right click on the Beryl Manager icon in the time toolbar and select Beryl Settings Manager, Now the options are Displayed, change the settings as you wish.
Now By accessing the following keys to get the 3D Desktop:
          Ctrl + Alt + Arrow keys, & Using Mouse




Read More...

WEB PROXY

-->
PACKAGES NEEDED FOR CONFIGURATION
squid


IF THE PACKAGES ARE NOT AVAILABLE INSTALL THROUGH YUM INSTALLER
yum install squid
THE MAIN CONFIGURATION CAN BE EDITED AS FOLLOWS
vim /etc/squid/squid.conf
http_port 3128

 SEARCH FOR THE WORD /OUR_NETWORKS, THEN ENTER THE FOLLOWING LINES

acl example src 192.168.0.0/255.255.255.0
http_access allow example

      --> You can now refer to this network as "example" elsewhere in the configuration file.
     --> src means that the IP specified is the source Ip(s) for this acl
DAEMON SERVICES SHOULD BE STARTED AND ENABLED AFTER REBOOT
service squid start/restart/reload
chkconfig squid on

      --> To set the proxy settings in Firefox, navigate to 
Edit->Preferences. In the General settings, click on the Connection Settings... button. Click the Manual proxy configuration radio button. Add localhost in the HTTP Proxy: box, and 3128 in the Port: box. Click OK to accept the changes.
     --> Try accessing a web page somewhere.



Read More...

How to Install VMWare on Linux

-->

INSTALL VMWARE ON LINUX
1.mount 192.168.0.154:/dumps /media
2.cd /media/VMWARE
3.rpm -ivh VMware-server-1.0.1-29996.i386.rpm
4.yum install gcc kernel-devel xinetd -y
5.vmware-config.pl
6.cat vmware-server.key


 TO EXTRACT WINDOWS IMAGE
1.scp nanju@192.168.0.154:/home/nanju/suma/raj.tar.bz2 .
2.tar jxvf raj.tar.bz2 -C /var/lib/vmware

Read More...

CONFIGURE SAMBA SERVER



CONFIGURE SAMBA SERVER
Step 1.mkdir /samba
Step 2.chmod a+w /samba
Step 3.yum install samba -y
Step 4.vim /etc/samba/smb.conf
    [public]
        comment = Only users
        path = /samba
        public = yes
        browseable=yes
        writable = yes
        printable = no
        write list = +staff
Step 5.service smb restart



OPTIONS THAT CAN BE GIVEN IN FILE
Step 1.If browseable=yes ->we CAN see the shared dir
  If browseable=no -> we CANNOT see the shared dir
Step 2.If public=yes    ->Allows anonymous Login
  If public=no     ->Stops  anonymous Login
Step 3.writable = no     ->uploading is denied  for BOTH the users.
   writable = yes    ->uploading is allowed for BOTH the users
Step 4
     a. writable =no +   ->Allows only u1 to upload files, but
     b. write list =u1   both writable=no and writelist=u1 shuld b enabled
Step 5.hosts allow=127. 192.168.0.20 ->Allow only 192.168.0.20 ip to access share, other ips are denied


CLIENT COMMANDS  
Step 1.smbclient -L //192.168.0.48/share  ->List directories shared
Step 2. smbclient //192.168.0.48/share   ->Anonymous Login
   get <file>
   put <file>     
Step 3a. To generat passwd to allow for non-anonymous login
      1. smbpasswd -a u1
      2. service smb restart 
Step 3b. smbclient //192.168.0.48/share -U u1  ->Non Anonymous Login
    get <file>
    put <file>
Read More...

PORT MONITORING TOOLS


PORT MONITORING TOOLS


SHOWS all applications running in local machine:


1. pkg:-net-tools-1.60-73                              -> installed by default
   netstat  -tulpn  |grep <service>
   t->tcp  u->udp  l->listening  p->pid  n->numericip
2. pkg:-nmap-4.11-1.1                                  -> installed by default
   nmap   <ip.address>   |grep <service>





SHOWS all applications running in entire network:


1. yum  install  wireshark
   Applications-->Internet-->wireshark-->capture
2. pkg:-tcpdump-3.9.4-11.el5                           -> installed by default
   tcpdump  -c  <ip.address>   |grep <service>

Read More...

TCP WRAPPERS


Services which contain libwrap module can use hosts.deny to control Access
ldd  /usr/sbin/vsftpd    |grep libwrap
ldd  /usr/sbin/sendmail  |grep libwrap
ldd  /usr/sbin/sshd      |grep libwrap



To Restrict a host/network  to control access to a Service.


1.  Using Hostname/Domainname
   vim /etc/hosts.deny
-> vsftpd  *.example.com                     ->All hosts in example.com denied to access ftp
-> vsftpd  server.example.com                ->Host server in example.com denied to access


2.  Using  Ipaddress/Network
    vim /etc/hosts.deny
-> vsftpd  192.168.1.0/255.255.255.0         ->All hosts in 1.0 N/W denied.
-> vsftpd  192.168.1.4                       ->Host 1.4 denied.


3.  To  Deny all Except few.
    vim /etc/hosts.deny
->  sshd:ALL  EXCEPT   matrix.com            ->Any domain other than matrix.com                                              are denied the Access to ssh.


4. To  Allow all Except few.
   vim /etc/hosts.allow
-> ALL  *.example.com  EXCEPT  *.matrix.com  ->Any domain other than matrix.com                                              are Allowed to Access.


Both entries allow/deny can be given in either hosts.allow or hosts.deny file
Read More...

SSH Configuration


SSH Configuration


--> Pkg     -openssh
    Daemon  -sshd
    Portnum -22
    Files   -/etc/ssh/sshd_config
            .ssh/*
---> vim /etc/ssh/sshd_config



1. line 13  -> change port num.
   Port  53
   service sshd restart
   client connecting to your machine should connect giving like this
   ssh  -p 53  <server ip>  ,Only then it connects.


2. line 37   -> Allow/stop user to ssh
   AllowUsers  u1
   DenyUsers   u2
   service sshd restart
   This stops a client to connect as u2 and can connect as only u1 user.


3. line 37   -> Allow/stop user to ssh
   AllowGroups  asia
   DenyGroups   america
   service sshd restart
   This stops a client to connect as any members of america, and can connect
   as any member os america.


4. line 38  -> Login grace time.
   LoginGraceTime 1m  
   service sshd restart
   Once you connect to sshserver, you haf to provide passsword within a min,
   or connection fails.


5. line 39  -> Root login allowed/not-allowed
   PermitRootLogin no
   service sshd restart
   This stops a client to ssh as root user,anb can connect as normal user only


6. line 41  -> Password prompts
   MaxAuthTries 1
   service sshd restart
   Password is prompted only twice within which he has to give right password
   to authenticate.


7. line 96  -> Stop Gui Access
   X11Forwarding no
   service sshd restart
   Thou the client connects to your server using ssh -X <server.ip>, they
   wont be able to connect to GUI of Server


8.  Generating  Public/Private key
--> To generate the key     ->Generates id_dsa,id_dsa.pub files under .ssh dir
    ssh-keygen  -t   dsa
--> To copy key to client machine   ->copies id_dsa to .ssh of clients machine
    ssh-copy-id  -i   /root/.ssh/id_dsa    <clients.ip>
Read More...

Syslog Server


Configure Syslog server
Step 1.vim  /etc/sysconfig/syslog
   sysLOGD_OPTIONS = "r"
Step 2.service syslog restart
Step 3. tailf /var/log/message



To redirect all clients log message to file called remote
Step 1.vim /etc/syslog.conf
Step 2.*.*    /var/log/remote    


Clients to redirect there logs to syslogserver(192.168.0.45)
Step 1.vim /etc/syslog.conf
       *.*      @192.168.0.45
Step 2.service syslog restart
   


Read More...