LINUX >vmlinuz initrd=initrd.img linux repo=http://192.168.75.101/LinuxCBT/EL-6/Misc/RHEL6 resolution=800x600 ip=192.168.75.20 netmask=255.255.255.0 gateway=192.168.75.1 dns=192.168.75.101 VNC Install >vmlinuz initrd=initrd.img linux repo=http://192.168.75.101/LinuxCBT/EL-6/Misc/RHEL6 resolution=800x600 ip=192.168.75.20 netmask=255.255.255.0 gateway=192.168.75.1 dns=192.168.75.101 vnc vncpassword=abc123 Graphic Install >vmlinuz initrd=initrd.img xdriver=vesa nomodeset linux repo=http://192.168.75.101 /LinuxCBT/EL-6/Misc/RHEL6 resolution=800x600 ip=192.168.75.21 netmask=255.255.255.0 gateway=192.168.75.1 dns=192.168.75.101 Linux was initially written by Linux Torvalds in 1991 for IBM compatable computers. Linux was kernel that was written by referring to book on unix internals002E The list of servers available in RedHat Enterprise Linux are
For Hard drive installations transfer all the ISO images into an ext2 or vfat partition on one of the hard drives in the system on which you are about to install. This partition cannot be formatted during installation because the installation program must access these ISO files during the entire installation.
For NFS installation copy all the ISO image files into the shared directory on the NFS server. For an FTP and HTTP installation, use the following steps to share the contents of each ISO image in its own directory on the FTP and HTTP server:
1. In the shared directory on the FTP/HTTP server for each ISO image create a subdirectory called discX, where X is the number of the ISO image starting with the number 1.
2. For each ISO image, loopback mount it into its corresponding discX directory with the command.
Syntax: mount –o loop <name>.iso /shared/directory/discX.
Now the installation program can access all the installation files from the network server. Next, start the installation with the instructions.
Adding Updates to Installation Media or Source
Sometimes updates or bug fixes to the Red Hat installation program are released, similar to the way updates are released for the packages that make up the OS. Since the code for the installation program is on the installation media or in the shared directory containing the installation source, you need a way to use this updated code for the installation program, which are essential updated Python files. The updates are distributed as an update image, which is usually named updates.img. If an update image is available for your version of Red Hat Enterprise Linux and it is necessary to install the OS on your system, provide the image to the installation program using one the following locations:
àFloppy disk. After starting the installation, type linux updates at the boot: prompt.
àimages/ directory of installation tree or first installation CD, with the filename
updates.img. If the image is found, the updates in it are automatically used for
installation. This requires all the files from the ISO for disc 1 to be copied to the
disc1/ directory on the network share instead of just loopback mounting it so that
the images/ directory can be created.
àFTP or HTTP server, with the filename updates.img. After starting the installation,
type linux updates=ftp://<path> or linux updates=http://<path> where <path>
is the directory containing the updates image.
To install the Linux using PXE boot use the following steps:
1. Create an installation tree for the network install and make it available to the systems being installed.
2. Configure the tftp server
3. Configure the DHCP Server.
4. Boot the system to start the installation.
Setting Up Basic Partitions during installations
To use standard disk partitions,complete the following steps for each partition as below.
àClick New
àEnter a mount point such as / or /boot
àSelect Swap as the filesystem type if the partitions is to be used as swap space. Select ext3 for all other linux partitions.
àSelect the allowable drives if multiple drives exist. Basic partition cannot span over more than one physical drive. If more than one is selected,the partition will be created on one of the selected drives depending on the free disk space available on the selected drives and the desired size of the partition.
àThe partiton size can be set as fixed size, a vairable size upto a specific size depending on the amount of free disk space,or the total amount of free disk space available on one of the allowable drives selected.
àOptionally,select whether to force the partition to be a primary partition. This is necessary for some partitions such as /boot/efi on Itanium systems.
Setting up LVM during Installation
LVM is a storage management solution that allows administrators to divide hard drive space into physical volumes which can then be combined into Logical volume group (LVG)which are then divided into Logical volumes(LV) on which the filesystem and mount point are created.
To partition with LVM during the installation either allow the installation program to create the default layout or create the custom layout.
Steps
1.Create a standard disk partition for the /boot partiton because it can’t be within a LVM.
2.Create a physical volumes . A PV’s must be created for each physical hard drive you want to use for logical volumes. Click New again, except this time select physical volume(LVM) as the filesystem type.
3. Create the volume group. From the partitions list screen. Click LVM. The size of the VG is set by the number of physical extents which is 32MB by default. It is not recommended you modify the physical extent size.
4. Create the logical volumes (LV) inside the volume groups. An LV must be created for the root(/) mount point and for the swap space. Additional LVs such as /home and /tmp are optional. To create a logical volume from the partition list, select the VG in which to create it, and click Edit.
Note : service nfs status
anaconda-ks.cfg contains the recently installed system image, # redhat-config-kickstart then File-open select the anaconda-ks.cfg file from the Files , In the Installation Method select HTTP and enter HTTP server IP address and enter the path of the image file (eg:/i386).
Now save the file with ks.cfg. mount a floppy and copy ks.cfg to /mnt/floppy
Now restart and select the boot.iso CD-Rom. And at the boot prompt type
Boot: linux ks=floppy
Creating the Kickstart File
A kickstart file is a plain text file with each kickstart directive on a separate line. A sample text editor should be used to write or modify the file. Do not use a program that automatically line wraps because each directive must be on its own line.
The directives listed in the kickstart file must be grouped as follows.
1.Command section
2. %package section
3. %pre and %post section
If you have already performed an installation, a kickstart file based on the installation is written to /root/anaconda-ks.cfg.
Command Section
The command section consists of directives to answer all the questions from the interactive version of the installation program. They can be listed in any order as long as they all appear before the %package, %pre, and %post sections. This section groups them in categories to make it easier to determine which directives are suitable for your needs.
Notice that some commands are required. If any required directives are missing from the kickstart file, the automated installation will pause on the screen for which no information was provided in the kickstart file. To continue the installation, the administrator must complete the instructions for the screen and click Next.
This section divides the kickstart commands into categories based on their usage: installation,basic setup, partitioning, and additional. Some directives such as the install directive require related directives to be listed on separate lines. If a directive is followed by an equals sign (=), a value must follow it. Also notice that some directives are required.
Configuring the tftp server
Information such as the IP address or hostname of the network server sharing the installation tree to use must be retrieved by the client to be installed.
The server running this xinetd service can be the same system used as the NFS,FTP, HTTP server exporting the installation tree.
The following information need to be set for the tftp server
1. Operating system Identifer- One unique word that describes which installations tree the PXE server point the client to.
2. This is used for the unique directory name.
3. Protocol for installations: Protocol used to export the installation tree on the server. Must be one of NFS,HTTP,FTP. If any anonymous FTP is required, uncheck the Anonymous FTP option and enter the username and password for the FTP server.
4. KickStart location(optional): If also performing a kickstart installation, the location of the Kickstart file. The location can be a local file on the PXE server or a URL such as http://server.example.com/ksfiles/ks.cfg.
5. Network server IP Address: IP address or hostname of the NFS,FTP,HTTP server exporting the installation tree. If a hostname is used, the server must be able to resolve it to a valid IP address.
6. Installation tree location: Directory on the network server containing the installation tree. Must contain the images/pxeboot/ directory.
Setting up the tftp server files
First, setup the /tftpboot/linux-install/<os-ident>/ directory and populate it with the files necessary to start the installation program via PXE(all commands must be executed by the root user).
1. The /tftpboot/ directory is created by the tftp-server package. Create the /tftpboot/linux-install/ directory.
2. Copy the /usr/lib/syslinux/prelinux.0 file installed by the syslinux package into the newly created /tftpboot/linux-install/ directory.
3. Cp /usr/lib/syslinux/prelinux.0 /tftpboot/linux-install/
4. Create the /tftpboot/linux-install/msg/ directory.
5. Copy all the .msg files from the isolinux/directory in the installation tree or from the first installation CD in the newly created /tftpboot/linux-install/msg/ directory.
Use the following steps to configure the files specific to the Red Hat Linux version and variant to be installed.
1. Create the /tftpboot/linux-install/<os-ident>/directory where <os-ident> is a unique identifier for the version and variant of Red Hat Linux to install via PXE. For eg. RHEL5Server can be used to RedHatEnterpriseLinux5Server
2. Copy the initrd.img andvmlinuz files from the images/pxeboot/ directory of the installation tree or the first installation CD into the /tftpboot/linux-install/<os-ident>/ directory.
3. If performing a kickstart installation copy the file in the /tftproot/linux-install/<os-ident> directory as well as the ks.cfg filename.
Use the following steps to configure the files specific to the systems connecting to the
PXE server for installation:
1. Create the /tftpboot/linux-install/pxelinux.cfg/ directory on the PXE server.
2. The /tftpboot/linux-install/prelinux.cfg/ directory should contain a file for each system to be installed where the filename is the IP address or hostname of the system to be installed. If the system to be installed does not have a configuration file based on its IP address, the configuration information in the file named default is used.
Example pxelinux.cfg/ File default local
timeout 100
prompt 1
display msgs/boot.msg
F1 msgs/boot.msg
F2 msgs/general.msg
F3 msgs/expert.msg
F4 msgs/param.msg
F5 msgs/rescue.msg
F7 msgs/snake.msg
label local
localboot 1
label 0
localboot 1
label 1
kernel <os-ident>/vmlinuz
append initrd=<os-ident>/initrd.img ramdisk_size=6878 \
method=<method> ip=dhcp
Enabling and starting the tftp Service
After configuring the tftp server and which clients are allowed to connect to it, to PXE boot to network installation of Red Hat Linux, enable the service at boot time and start it.
The commands are
Chkconfig –level 345 xinetd on
Chkconfig –level 345 tftp on
If it is not started type : service xinetd start
Enabling the PXE Booting service on the DHCP Server
allow booting;
allow bootp;
class “pxeclients” {
match if substring (option vendor-class-identifier,0,9)=”PXEClient”;
next-server <server-ip address>
filename “linux-install/pxelinux.0”;
}
To enable or disable Kdump later execute the system-config-kdump command to start a graphical application for configuration it.
Linux Basics
· #rpm –q man[It displays the package version of man]
· Manuals has 9 sections
· root# manpath
o /usr/local/share/man:/usr/share/man:/usr/x11R6/man:/usr/local/man
o /usr/share/man section has 9 manuals from man1..man9.
· Manuals has 9 sections
Section 1 (User commands)
It describes the user commands and tools like, file manipulation,shells,compilers, webbrowsers,file and image viewers and editors…
Emacs was written by Richard Stallman
n # rpm –q man gives you the version of man. Or you can use “rpm –qi man”.
List of manuals in linux
Man1 - contains user tools such as ls,cp,mv,rm etc..
Man2 – contains the system calls typically used by programmers.
Man3 – contains the C-library calls
Man4 – contains the device driver info
Man5 – contains the configuration files
Man6 – contains the manual files related to the games, contains the information in the form of documentation
Man7 – contains the packages.
Man8 – contains the system tools
Man9 – contains the final documentation
The folders under the /root are
Bin – which contains the basic binary, like cp,ls,cp,mv,date,kill,PS….
Example # which –ls
Ls –boot contains the kernal related files.
/dev – contains the devices information,
# df –h command
/etc – contains the host specific configuration files and are in ASCII specific format.
/home – contains the documents and settings
/initrd(initialization of RAM disk) –temporary mount
/lost+found – fragmentation,disk problems. It contains the errors that are partially deleted. It helps in locating the very fragmented and accidentally deleted but not fully deleted,
/misc – it can be used by various application something like /tmp.
/mnt – contains the removable media devices.
Example – mount /mnt/floppy/ Mounts the floppy drive.
Example – umount /mnt/floppy/ Unmounts the floppy drive.
/opt – contains the add-on applications
/proc – it is virtual directory it doesn’t store on Hard disk ,it is stored on RAM, it contains the runtime system information.
# rpm –qf /bin/ls
#ls –a displays everything that is hidden. The hidden files are identified as there will be decimal before their name like “.bash.metacity”.
#ls-A – displays the files including the hidden files but not in the current directory and parent directory.
#ls- ali – displays the inodes of the files on the disk.
#ls –r display the list in reverse order. Llly u can use #ls –rl
#ls-F – visual classification of files with special characters using ls –F. thus the output will be /- directory, nothing-normal life,@ - link file,* - executable file.
#ls-n – displays the uid,gid in numeric format instead of names.
#ls –t – Sorts the files based on the last modification time
#ls –l /etc – displays all the files under the directory
#ls-h – displays the file size in the human readable format.
# alias dir=’dir - -color=tty’ – we can create the alias for the entire command.
#find /bin –name –ls – used to find the path of the binary.
#locate – works faster then #find but uses the database. Locate doesn’t search the files on the disk rather than it searches for file paths in the database. The locate database file is located at /var/lib/mlocate.db. There is another utility called “updatedb”. When you execute the updated it scans the entire system and updates the mlocate.db database file.
We can also configure the ‘updatedb’ utility as per our needs. This can be achieved by updating the updatedb.conf. This is a configuration file that updatedb reads before updating the database. updatedb.conf is located under /etc/.
# cat /etc/updatedb.conf
PRUNE_BIND_MOUNTS="yes"
PRUNENAMES=".git .bzr .hg .svn"
PRUNEPATHS="/tmp /var/spool /media"
PRUNEFS="NFS nfs nfs4 rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre_lite tmpfs usbfs udf fuse.glusterfs fuse.sshfs ecryptfs fusesmb devtmpfs"
updatedb.conf file contains information in the form of VARIABLES=VALUES. These variables can be classified into :
§ PRUNEFS : A whitespace-separated list of file system types (as used in /etc/mtab) which should not be scanned by updatedb. The file system type matching is case-insensitive. By default, no file system types are skipped. When scanning a file system is skipped, all file systems mounted in the subtree are skipped too, even if their type does not match any entry in PRUNEFS.
§ PRUNENAMES : A whitespace-separated list of directory names (without paths) which should not be scanned by updatedb. By default, no directory names are skipped. Note that only directories can be specified, and no pattern mechanism (e.g. globbing) is used.
§ PRUNEPATHS : A whitespace-separated list of path names of directories which should not be scanned by updatedb. Each path name must be exactly in the form in which the directory would be reported by locate. By default, no paths are skipped.
§ PRUNE_BIND_MOUNTS : One of the strings 0, no, 1 or yes. If PRUNE_BIND_MOUNTS is 1 or yes, bind mounts are not scanned by updatedb. All file systems mounted in the subtree of a bind mount are skipped as well, even if they are not bind mounts. By default, bind mounts are not skipped.
tar command
1. Creating an archiving using tar command.
Creating a uncompressed tar archive using option cvf
# tar cvf archive_name.tar /dirname
c-create an new archive
v- verbosely list files which are exposed
f-following is the archive file name
2. Creating a tar gzipped archive using option cvzf, the above tar cvf option doesnot provide any compression, to use gzip compression on the tar archive use the “z” option.
$ tar cvzf archive_name.tar.gz dirname/
z—filter the archive through gzip.
Note: .tgz is same as the .tar.gz
Creating a bzipped tar archive using option cvjf,
Eg: $ tar cvjf archive_name.tar.bz2 dirname/
j – filter the archive through bzip2.
Note : gzip vs bzip2, bzip2 takes more time to compress and decompress than gzip, bzip2 archival is less than the gzip.
3. Extracting (untar) an archive using tar command
Extract a *.tar file option xvf.
Eg: $ tar xvf archive_name.tar
x- extracts the files from the archive.
Extract a gzipped tar archive *.tar.gz using option xvzf
Use the option z for uncompressing a gzip tar archive.
4.Listing an archive using tar command
$ tar tvf archive_name.tar
5. Extracting a single file from tar,tar.gz,tar.bz2 file
To extract a specific file from tar, specify the file name at the end of the tar xvf.
$ tar xvf archive_file.tar /path/to/file
6. Extract a single directory from tar, tar.gz, tar.bz2 file
To extract a single directory (along with it’s subdirectory and files) from a tar archive, specify the directory name at the end of the tar xvf command as shown below. The following extracts only a specific directory from a large tar file.
$ tar xvf archive_file.tar /path/to/dir/
To extract multiple directories from a tar archive, specify those individual directory names at the end of the tar xvf command as shown below.
$ tar xvf archive_file.tar /path/to/dir1/ /path/to/dir2/
Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.
$ tar xvfz archive_file.tar.gz /path/to/dir/
$ tar xvfj archive_file.tar.bz2 /path/to/dir/
7. Extract group of files from tar,tar.gz,tar.bz2 archives using regular expression
$ tar xvf archive_file.tar – wildcards ‘*.pl’
8. Adding a file or directory to an existing archive using option –r
To append a file to tar
$ tar rvf archive_name.tar newfile
Adding a directory to the tar is also similar
$ tar rvf archive_name.tar newdir/
Note: You can’t add a file or directory to compressed archive.
9. Verify files available in tar using option –W
As part of verification you can verify the archive file that got created using the option W
Ex: $ tar cvfW filename.tar /dir (If an output line starts with verify and there is no differs line then the file/directory is ok.
Note: for a compressed file you can’t do the verification
10. Estimate the tar archive size
$ tar –cf - /directory/to/archive/ | wc –c
Output redirection to a file
$ ls > test_outputfile
Input redirection from a file
$ cat < bin_out
To create variable in linux we can use echo or export.
Eg: $ export linuxcbt=thebest.
Eg: echo $cbt.
We can unset the variable like $unset linuxcbt.
To check use $ env | grep linuxcbt.
To create human readable command we use alias.
$ alias df=”df-h”
Note Type alias to see various alias
Alias’s can be place in .bashrc.
Uptime utility tells you how long the system is running and the number of users connected and load average of the system.
# cat /proc/meminfo – will show the current running memory. And physical memory and swap memory.
# cd proc and #cat cpuinfo
#free displays the total amount of memory, and displays the swap information. And #/usr/bin/free. And #rpm –qf /usr/bin/free it gives the procps-2.0.11-6
# watch utility , displays or runs the commands every 2 seconds that which we have given with the watch command. Eg #watch free.
#top command displays the various commands provides the information like total processors,cpu states,memory free,swap memory,
ctrl+shift+d -- opens a new tab
#vmstat is a one line statement which display the concise information related to the various processors,memory,swap,io,system,cpu usage.
#gnome-system-monitor – it is the graphical version of the list of processors.
#ps – command displays the various processes and
#ps-aux displays various PID,cpu usage,memory,RSS,VSS,TTY,STAT,START,TIME, Command.
#ps-aux | grep gnome-system , it will displays the process names which begin with gnome-system.
#kill <processed> -- kill the process.
Navigation in vi editor j,k,l,h and shift+G to top and G to bottom and to go to specific line enter line number and press shift+G. To delete a specific character from the file go to the character and press x, and to undo the delete operation press u.
#rpm –q emacs
Type #emacs & to work both with shell script and window mode
fdisk –l : it will displays various partitions in linux system.
The first hard disk is called HDA and stored under the /dev
#df – disk full command will displays the partitions and swap partitions and size in MB,KB. And #df- h displays in MB and GB.
The normal partition can be identified by ID 83 and swap partition ID is 82.
If you see the l in the file permissions it is symbolic link, like “lrwxrwxrwx”
Go to /dev there we find the b in the file permissions means the block type.
Filetypes
# ls – F, if the file is having * at the end then it is called executable entry.
To know the file details type # file uname.
Types of files
- =file
d=directory
c= character device files.
b=block devices
s=unix domain sockets
p=named pipes
l= symbolic link
To see the list along with inodes
# ls -li
Each partition contains the inodes contains certain no of block with 8K.
To create a soft link for a file type
# ln –s bin_out link_bin_out, it will create a link with different color and with 7bytes.
To create a hard link for a file type, Hard link creates an another copy
#ln bin_out link_bin_out
To mount the floppy
# mount /dev/fd0 – where 0 represents the first floppy disk.
GUI mounting is # gfloppy
To unmount the device
#umount /dev/fd0
#mke2fs /dev/fd0 it will create the ext2 extension on floppy disk.
To mount with CD-Rom drive.
Which mkisofs, which helps in creating the root
mkisofs –o redhat9_cdl.iso –J –A –V –v –R /mnt/cdrom<target>.
# cat/etc/redhat-release displays the current version of the redhat linux.
To reboot system
#reboot
To boot from the nfs type
Boot: linux ks:nfs:192.168.1.2:/install/ks.cfg
#cat meminfo displays the memory,swap,memtotal,memoryfree
IPTables : It is the Firewall/NAT package . initially it is called as ipchains, but it has number of shortcomings. To rectify this the Netfilter organization decide to create a new product called iptables.
Pros(+):
- Better integration with the Linux kernel with the capability loading iptables specific kernel modules designed for improved speed and reliability.
- Stateful packet inspection. This means that the firewall keeps track of each connection passing through it and in certain cases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS.
-Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from localy attacjed servers to other networks in spite of their IP addresses.
- Better network address translation.
- Support for transparent integration with such web proxy programs as Squid.
- A rate limiting feature that helps iptables block some types of denial of service(DoS) attacks.
25 Most Frequently Used Linux IPTables Rules Examples
1. Delete Existing Rules
Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this.
iptables -F
(or)
iptables --flush
2. Set Default Chain Policies
The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below.
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
When you make both INPUT, and OUTPUT chain’s default policy as DROP, for every firewall rule requirement you have, you should define two rules. i.e one for incoming and one for outgoing.
In all our examples below, we have two rules for each scenario, as we’ve set DROP as default policy for both INPUT and OUTPUT chain.
If you trust your internal users, you can omit the last line above. i.e Do not DROP all outgoing packets by default. In that case, for every firewall rule requirement you have, you just have to define only one rule. i.e define rule only for incoming, as the outgoing is ACCEPT for all packets.
Note: If you don’t know what a chain means, you should first familiarize yourself with the IPTables fundamentals.
3. Block a Specific ip-address
Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the “x.x.x.x” in the following example to the specific ip-address that you like to block.
This is helpful when you find some strange activities from a specific ip-address in your log files, and you want to temporarily block that ip-address while you do further research.
You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address.
4. Allow ALL Incoming SSH
The following rules allow ALL incoming ssh connections on eth0 interface.
Note: If you like to understand exactly what each and every one of the arguments means, you should read How to Add IPTables Firewall Rules
5. Allow Incoming SSH only from a Sepcific Network
The following rules allow incoming ssh connections only from 192.168.100.X network.
In the above example, instead of /24, you can also use the full subnet mask. i.e “192.168.100.0/255.255.255.0″.
6. Allow Incoming HTTP and HTTPS
The following rules allow all incoming web traffic. i.e HTTP traffic to port 80.
The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.
When you are allowing incoming connections from outside world to multiple ports, instead of writing individual rules for each and every port, you can combine them together using the multiport extension as shown below.
The following example allows all incoming SSH, HTTP and HTTPS traffic.
The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server.
Please note that this is slightly different than the incoming rule. i.e We allow both the NEW and ESTABLISHED state on the OUTPUT chain, and only ESTABLISHED state on the INPUT chain. For the incoming rule, it is vice versa.
The following rules allow outgoing ssh connection only to a specific network. i.e You an ssh only to 192.168.100.0/24 network from the inside.
The following rules allow outgoing secure web traffic. This is helpful when you want to allow internet traffic for your users. On servers, these rules are also helpful when you want to use wget to download some files from outside.
Note: For outgoing HTTP web traffic, add two additional rules like the above, and change 443 to 80.
You can also load balance your incoming web traffic using iptables firewall rules.
This uses the iptables nth extension. The following example load balances the HTTPS traffic to three different ip-address. For every 3th packet, it is load balanced to the appropriate server (using the counter 0).
The following rules allow outside users to be able to ping your servers.
The following rules allow you to ping from inside to any of the outside servers.
You should allow full loopback access on your servers. i.e access using 127.0.0.1
On the firewall server where one ethernet card is connected to the external, and another ethernet card connected to the internal servers, use the following rules to allow internal network talk to external network.
In this example, eth1 is connected to external network (internet), and eth0 is connected to internal network (For example: 192.168.1.x).
The following rules allow outgoing DNS connections.
If you are running NIS to manage your user accounts, you should allow the NIS connections. Even when the SSH connection is allowed, if you don’t allow the NIS related ypbind connections, users will not be able to login.
The NIS ports are dynamic. i.e When the ypbind starts it allocates the ports.
First do a rpcinfo -p as shown below and get the port numbers. In this example, it was using port 853 and 850.
Now allow incoming connection to the port 111, and the ports that were used by ypbind.
The above will not work when you restart the ypbind, as it will have different port numbers that time.
There are two solutions to this: 1) Use static ip-address for your NIS, or 2) Use some clever shell scripting techniques to automatically grab the dynamic port number from the “rpcinfo -p” command output, and use those in the above iptables rules.
The following rules allows rsync only from a specific network.
If you are running MySQL, typically you don’t want to allow direct connection from outside. In most cases, you might have web server running on the same server where the MySQL database runs.
However DBA and developers might need to login directly to the MySQL from their laptop and desktop using MySQL client. In those case, you might want to allow your internal network to talk to the MySQL directly as shown below.
The following rules allow mail traffic. It may be sendmail or postfix.
The following rules allow IMAP/IMAP2 traffic.
The following rules allow IMAPS traffic.
The following rules allow POP3 access.
The following rules allow POP3S access.
The following iptables rule will help you prevent the Denial of Service (DoS) attack on your webserver.
In the above example:
The following example routes all traffic that comes to the port 442 to 22. This means that the incoming ssh connection can come from both port 22 and 422.
If you do the above, you also need to explicitly allow incoming connection on the port 422.
You might also want to log all the dropped packets. These rules should be at the bottom.
First, create a new chain called LOGGING.
Next, make sure all the remaining incoming connections jump to the LOGGING chain as shown below.
Next, log these packets by specifying a custom “log-prefix”.
Finally, drop these packets.
To configure the Security Level
#lokkit – it is the character based tool.
Different Login Shells available while creating the user
/bin/ash
/bin/bash
/bin/bash2
/bin/bsh
/bin/csh
/bin/sh
/bin/tcsh
/sbin/nologin
#ntsysv is a shell command for services,which is similar to the SystemSettings-> ServerSettings->Services
To start calculator type #gnome calculator
To start Users and Groups type #redhat-config-users.
#cat /passwd – displays all the passwords users groups information
àDownload the john ripper for strong passwords.
The fields available are
linuxcbt:x:501:501:Linux User:/home/linuxcbt:/bin/bash
First column: user name – Linuxcbt
Second column: Field for password- because we are using shadow passwords we see x.
Third column : user id.
Fourth column: group id is similar to the user id. By default the user id belongs to the same group .
Fifth column: this is the description column
Sixth column: this is the default home directory.
Seventh column: default shell
The temp directory has the t in the permissions list, which states that it is temp directory, and the contents in that directory can be deleted by the user who has created the contents.
To configure the network
#Redhat-config-network, this can be seen in the shell mode as # cat ifcg-eth0
#cd /etc
#cd sysconfig
#cd network-scripts
Four major networking files within linux environment
1. /etc/sysconfig/network – contains global info
hostname,
network=yes/no
defalt gateway
2. /etc/sysconfig/network-scripts/ifcfg-eth0 – first NIC
3. /etc/resolv.conf – contains DNS servers and search order
nameserver 24.151.8.210
4. /etc/hosts –
#ping –c 3 localhost
4-Steps PING process to test network connectivity/stack
1.ping localhost
2. ping neighbor
3.ping default gateway
4.ping remote host
DHCP Client components
/sbin/dhclient—scripts- performs DORA –gets address for client
/var/lib/dhcp—various leases
/etc/sysconfig/network – scripts/ifcfg-eth0—BOOTPROTO=none
/etc/resolv.conf – contains DNS severs and optionally search domains and
nameserver
To restart the network service
# service network reload/restart
rdesktop is used to connect to the windows server syntax is
#rdesktop –g 550x450 192.168.1.100
TCP/IP ports
Linux clients communicate using ports
TCP/IP supports 16-bit ports=2 to the power 16=65536
Web browser à web server communication
1024 & > -à 80
Well-known ports 0-1023
HTTP=80
HTTPS=443
POP3=110
SMTP=25
To open or modify the network settings for eth0
1. #cd /etc/sysconfig/network-scripts/
2. # ls
3. cat ifcg-eth0
DEVICE=eth0
BOOTPROTO=STATIC
BROADCAST=192.168.1.255
IPADDR=192.168.1.2
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
To view the network go to # cat /etc/sysconfig/
#Cat network
resolve.conf contains the nameserver configuration or name resolution.
The leases file can be found in the /etc/var/dhcp/dhclient-eth0.leases
It contains the recent changes in the dhcp configuration,
1. interface
2. fixed-address
3.option subnet-mask
4.option routers
5. option dhcp-lease-time
6. option dhcp-message-type
7.option domain-name-servers
8. option dhcp-server-identifier
9. option dhcp-renewal-time
10. option dhcp-rebinding-time
11. option domain-name
12. renew
13. rebind
14. expire
The network time proctocol can be found under the /etc/ntp.conf.
To check the ntp type #ntpq- p
VNC is a remote display system which allows you to view a computing environment not only on the machine where it is running. But from anywhere on the internet and from a wide variety of machine architectures. This package contains a client which allow you to connect to other desktops running a VNC server. This package includes all improvements from TightVNC 1.2 distribution.
Scp command allows files to be copied to from or between different hosts. It uses ssh for data transfer and provides the same authentication and same level of security as ssh.
Examples
Copy the file “foobar.txt” from a remote host to the local host
$ scp <your_username@remotehost.edu:foobar.txt> </some/local/directory>
Scp performance
By default scp uses the Triple-DES cipher to encrypt the data being sent. Using the Blowfish cipher has been shown to increase speed. This can be done by using option
-c blowfish in the command line
$scp –c blowfish some_file your_username@remotehost.edu:~
$scp vnc-server-3.3.3r2-51.1.i386.rpm 192.168.1.80:
Vnc srver options
-name <desktop-name>
-depth <depth>
-gemotry<width>x<height>
-pixelformat rgb<nnn>
-pixelformat bgr<NNN>
#Vncserver –depth 16 –gemotry 550x450
You can move to vnc and move the password files
You can kill the vncserver process
#vncserver –kill :1
To see the runlevel
#runlevel
Where runlevel displays the current runlevel and previous runlevel
eg # runlevel
N 5
runlevel 3 and 5 are system preferable runlevels which support GUI.
To see the list of available runlevels #cat inittab
Rescue mode allows us from typically situations like
1.forgotten root password. <linux resuce>
2.Failed hardware parts like fail of hard drives
3. Software problems(another operating system)
4. MBR becomes corrupt
5.Partition changes
You can view the information in /etc/grub.conf.
Rescue mode requires bootable media
1.Floppy Disk
2. CDROM
Upon boot/attempting linux rescue once prompted
type “linux rescue”
Change the directory to /cdrom/images/ and dump the bootdisk.img into floppy disk.
#dd if=bootdisk.img of=/dev/fd0 for this we don’t need need to mount the floppy disk.
In the rescue mode there are 2 virtual consoles
1.CTRL+ALT+F1 2.CTRL+ALT+F2.
Change directory to mnt type mkdir sysimage and next cd sysimage/ next chroot /mnt/sysimage
Packages
#redhat-config-packages
Rpm packages manager maintains the database in the /var/lib/rpm
# file basenames(Berkeley DB(Has,version 8))
Rpm modes in 5 modes
1.Installation
2.Upgrade/Update
3.Remove
4.Query
5.Verify
#rpm –Vp(verify package) <package name>
# rpm –K <packagename> , which checks whether the package is change in the transaction or not.It checks the md5 signature if it is OK then everything is OK.
Boot Process
1.BIOS checks the peripherals and RAM whether they exist or not
2.Search the MBR of the primary hard drive and checks the first stage(first sector) loader.
3. MBR references step 1 loader within 512 bytes.
4. step 2 loader called from step 1 loader and loaded into RAM
5. Default step 2 loader in GRUB and optionally LILO(Linux loader).
6. GRUB is loaded into memory
7. GRUB locates kernel (vmlinuz-version) from /boot partition
8. GRUB creates RAMDISK which takes the section of memory for initrd(initramdisk), [init is the process continues loading all the services and mounting the partitions and contains the modules that are required for loading. And it is much faster than any other memory.],don’t remove the initrd.
9. GRUB handsoff to kernel
10. kernel handsoff boot process to /sbin/init
11.init loads daemons and mounts partitions /etc/fstab
12. user receives login screen.
Various process are stored in <init.d> a
And various run levels are stored in /etc/rc.d.
GRUB Features
1. Provides a pre-OS command environment
2. can boot OS’s above 1024th cylinder or 528MB.
3.Can read directly ext2 and ext3 partitions
/boot—vmlinuz-version(kernel)
/boot/grub/grub.conf
7-RunLevels
/etc/rc.d/rc 0 – halts(simply shutdown the system)
Halt can be used by system administrators
/etc/rc.d/rc 1 – single user mode =linux single
/etc/rc.d/rc 2 – custom server with minimal scripts(multiuser without NFS)
/etc/rc.d/rc 3 – simply shell access.(Full multiuser mode)
/etc/rc.d/rc 4 – custom purpose.(user defined)(un used)
/etc/rc.d/rc 5 –it is GUI mode.(#startX) -- X11.
/etc/rc.d/rc 6 – reboot(init 6)
Kernel passes control upon boot to /sbin/init.
1. /etc/rc.d/rc.sysinit – setup of script environment
2. /etc/inittab – determine what program and process are to be runned at various levels. ( for default runlevel)
3. /etc/rc.d/init.d/functions file –
4. executes the scripts in appropriate runlevel -- /etc/rc.d/rc5.d – where it contains the Kill scripts and Start scripts. And kill scripts run first and start scripts runs next.
a)runs K scripts(kill scripts) -- /etc/rc.d/rc5.d where contains the process with the K and number like K05saslauthd, where scripts with less number starts first.
b)runs S scripts(start scripts) eg S08iptables
You can store the custom scripts under the #rc.local directory
* Under the rc.d first script that runs rc.sysinit | less[ runs once at boot time,host name localhost
Daemon Management
The three common Daemon/Service management tools
1. redhat-config-services
2.ntsysv
3.chkconfig
3.1 chkconfig –- add <name>
3.2 chkconfig -- del <name>
All of the daemons are reside in init.d
The files reside in init.d are real daemons. Like http,smb,ntpd,xfs,sshd, vncserver…
Go to #init.d/rc5.d/
#redhat-config-services
To know the list of services running type
# /sbin/chkconfig --list
A number of graphical tools are also available for administering services. On RedHat9 type #redhat-config-services
The equivalent command on RedHat core/enterprise is
#system-config-services
#ntsysv – updates the current run level.
chkconfig – is another daemon
chkconfig – level 5 httpd <on|of|reset>
chkconfig - -[ level <levels>] <name> <on|of|reset>
User profiles
User profiles schema
/etc/skel (skelton directory) contains the files which control the bash environment.
/etc/skel , contains the .bash_logout,.bash_profile,.bashrc,.emacs,.gtkrc
[When a new user is created these files are copyed to the <user>/home directory.]
{ when the user login are start using the environment and start using commands a file called .bash_history file is created.}
.bashrc – contains the scripts the aliases
/etc/profile – contains global settings that are inherited by everyone – PATH
Useradd – copies /etc/skel info to the user’s HOME directory.
/etc/profile – contains Linux system wide environment and startup programs. It is used by all users with bash,ksh,sh shell. Usually used to set PATH variable , user limits and other settings for user. It only runs for login shell. If you wanted to make large changes or application specific changes use /etc/profile.d directory. This file starts by setting up some helper functions and some basic parameters. It specifies some bash history parameters and for security purposes, disables keeping a permanent history file for the root user. It also sets a default user prompt. It then calls small, single purpose scripts in the /etc/profile.d directory to provide most of the initialization.
Quota implementation Steps
i) check quota RPM –rpm –q quota
ii) modify /etc/fstab – usrquota,grpquota
iii) remount the file sytem – umount /mount or reboot.
iv) quotacheck – acug(a –checks all file systems identified in the /etc/fstab file as read/write with disk quotas,c-create,g- checks group quotas,u – checks user quotas only,v – verbose,m – the filesystem cant be mounted).
v)quotacheck –cug , will create two files with aquota.group,aquota.user
#quotacheck –vugm / will checks and displays the files and directories under /.
vi) #edquota /linuxcbt -- will displays the disk quotas for linuxcbt user
vii) #quota linuxcbt -- will displays the quota for user linuxcbt.
#du – stands for disk usage in terms of file size.
[It can be used with folders to get the total disk usage.
Syntax: # du –a , it shows the disk usage of all the files and directories. It is bcoz if –a is not used then only directories that are occupying some disk are listed.
Syntax: display output in human readable form using –h
# du –ah ,–h is used to get the output in the human readable format.
Syntax: display grand total in the output using –c
# du –ahc, -c one can get the total usage in the output.
Syntax: Display only the total count using –s
# du –sh, -s displays the total size in form of a summary.
Synatx: Customize the block size in output through –block-size
# du –ac, the output is represented in terms of number of 1024 bytes blocks.
Suppose if require the output to be in number of 2048 bytes block, then in this case the flag ‘-block-size’ can be used.
# du –ahc –block-size=2048
# repquota / -- displays all the users quotas on device /dev/hd2 and Block grace time , Inode grace time, Block limits, File limits.
Contains the <Block limits>used-used-soft-hard-grace,<File limits> used-soft-hard-grace.
To disable the quota # quotaoff –vugm
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
1. modify /etc/fstab – add usrquota and /org grpquota
[fstab, first column contains the device name,second column contains the mount point, third column contains the filesystem,fourth column contains the mount options,fifth column contains the dump options, sixth column contains the filesystem check.]
2. umount and mount the file system – umount/mount reboot the system.
3.
1st & 2nd columns- they tell the mount command exactly the same thing that you tell mount when you mount stuff manually,what is the device or partition and what is the mount point. The mount point specified for a device in /etc/fstab is default mount point. That is the directory where the device will be mounted if you don’t specify any other mount point when mounting the device.
3rd columns – the third column in /etc/fstab specifies the filesystem type of the device or partition, many different filesystems are supported but we’ll take a look at the most common ones only.
1.ext2,ext3 , very likely your linux partitions are Ext3. Ext3 used to be the standard filesystem for linux, but these days, ext3 and reiserFS are usually the default filesystems for almost every new Linux distro. Ext3 is a newer filesystem type that differs from ext2 in that its journaled,meaning that if you turn the computer off without properly shutting down, you shouldn’t lose any data and your system shouldn’t spend ages doing filesystem checks the next time you boot up.
reiserFS, the filesystem name is self-explanatory. The filesystem type “swap” is used in your swap partitions.
Vfat and ntfs, your USB stick is most likely formatted as vfat(known as FAT32). Your windows partitions are probably either VFat or NTFS.
auto, no this isn’t filesystem type. The option auto simply means that the filesystem type is detected automatically. If you take a look at the example fstab above, you’ll see that the floppy and CD-ROM both have “auto” as their filesystem type.
4th column – this column lists all the mount options for the device or partition. This is also the most confusing column in the fstab file.
a)auto and noauto – with the auto option, the device will be mounted automatically. auto,is the default option. If you don’t want the device to be mounted automatically use the noauto option in /etc/fstab. With noauto the device can be mounted only explicitly.
b) user and nouser – these are very userful options. The user option allows normal users to mount the device, whereas nouser lets only the root to mount the device. nouser , is the default which is a major cause of headache for new Linux users. If you’re not able to mount your cd-rom, floppy, windows partition or something else as a normal use, add the user option into /etc/fstab.
c)exec and noexec – exec lets you execute binaries that are on that partition whereas noexec doesn’t let you do that,noexec might be useful for a partition that contains binaries you don’t want to execute on your system, or that cant even be executed on your system. This might be the case of a windows partition.
exec is the default option, which is a good thing. Imagine what would happen if you accidentally used the noexec option with Linux root partition.
ro – mount the filesystem read-only.
rw—mount the filesystem read-write. Again using this option might cure the headache of many new linux users who are tearing their hair off because they cant write to their floppies,windows partitions,…
sync,async – how the input and output to the filesystem should be done. sync, means its done synchronously. If you look at the example fstab, you’ll notice that this is the option used with the floppy, this means that when you copy a file to the floppy the changes are physically written to the floppy at the same time you issue the copy command. async,is the default, it may be wise to use sync with the floppy especially if youre used to the way its done in windows and have a tendency to remove floppies before unmounting them first.
default—uses the default options that are rw,suid,dev,exec,auto,nouser, async.
5th and 6th columns:Dump and fsck options
Dump, is a back utility and fsck is a filesystem check utility. It checks it and uses the number to decide if a filesystem should be backed up, if it’s zero, dump will ignore that filesystem. The 6th column is a fsck option, fsck looks at the number in the 6th column to determine in which order the filesystems should be checked. If its zero, fsck wont check the filesystem.
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
RPM Facts
1.RPM is free –GPL
2. stores info. About packages in a database. /var/lib/rpm/.
3. file packages, [RPM usage requires root access]. RPM operates in 5 modes – install,upgrade,remove,verify,query.
PUBLIC Key
# cd /usr/share/rhn/,
# cat RPM-GPG-KEY, the public key can be used to verify RPM packages built and signed by Red Hat Software using ‘rpm –K’ using the GNU GPG package.
# rpm – import /usr/share/rhn/RPM-GPG-KEY
SYSLOG
Log File Viewer
# gnome-system-log
Or Applications->System->Log File viewer
System Logging
Log files are used to troubleshoot
Ascertain the systems status/health
redhat-logviewer – consolidates many common logs /etc/sysconfig/redhat-logviewer.
SYSLOGD = daemon/service – config file = /etc/syslog.conf
Facilities = device/service type/kernel/application type
Levels = debug – emergency levels 0 – 7.
0 =log_debug
1=log_info
2=log_notice
3= log_warning
4=log_errors
5=log_critical
6=log_alert
7=log_emergency
Facilities
Log_kernel
Log_user
Log_mail
Log_daemon
Log_auth
Log_lpr
Log_local0 – Log_local7
# cd/etc
# ls –ali syslog.conf
e.g. facility= Cisco Pix Firewall
Levels = 0 to 7.
e.g. facility =Sendmail
Levels = 0 to 7.
/etc/syslog.conf – contains 2 columns
facility.level destination
kern.* /dev/console
*.info;mail.none,
authpriv.none; /var/log/messages
cron.none
authpriv* /var/log/secure
mail.* /var/log/maillog
cron.* /var/log/cron
*.emerg *
file.uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
SyslogD created LOG files contain 4 columns
Date Time Hostname application message
Logrotate
The logrotate program is used to provide the administrator with an up-to-date record of events taking place on the system. The logrotate may also be used to back up log files, so copies may be used to establish patterns for system use.
Logrotate, it allows automatic rotation,compression,removal and mailing of log files.
Each log file may be handled daily,weekly,monthly, or when it grows too large
If you want to do modification to logrotate
# cat /etc/logrotate.d/httpd (OR) # ls –ali logrotate.conf
Weekly, rotate 52, compress,missingok,notifempty,sharedscripts,postrotate
weekly: log files are rotated if the current weekday is less then the weekday of the last rotation or if more then a week has passed since the last rotation
rotate 52: log files are rotated 52 times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
compress: old version of log files are compressed with gzip to save disk space.
missingok: if the log file is missing , go on to the next one without issuing an error message.
notifyempty : do not rotate the log if it is empty.
sharedscripts: normally, prerotate and postrotate scripts are run for each log which is rotated, meaning that a single script may be run multiple time for log file entries which match multiple files. If sharedscript is specified, the scripts are only run once, no matter how many logs match the wildcarded pattern.if none of the logs in the pattern require rotating, the scripts will not be run at all.
postrotate: /bin/kill –HUP ‘cat /var/run/httpd.pid 2’ 2> /dev/null || true endscript: The lines between postrotate and endscript are executed after the log file is rotated. These directives may only appear inside a log file definition.
1. the logrotate configuration
2. setting defaults for logrotate
3. using the include option to read other configuration files
4. seting rotation parameters for specific files
5. using the include option to override defaults.
Network Administration
# which ping -- /bin/ping
rpm –qf /bin/ping -- iputils-20020927
# ping –s 24 (specify the size) -c (count) 5 www.google.com
#ping –i(interval from 1sec to) .5 –c 5 www.google.com
# ping –i .02 –q(quite mode) www.google.com
Traceroute:
# which traceroute /usr/sbin/traceroute
# rom –qf /usr/sbin/traceroute traceroute-1.4a12-9
# traceroute 182.168.1.1
#traceroute relys on icmp protocols.
ICMP relies upon
Type 11 & type 3
11=time exceded
3= unreachable
MTR usage(ping\traceroute) –
#which mtr /usr/sbin/mtr
# rpm –qf /usr/sbin/mtr. mtr-0.52-2
#mtr www.google.com
ARP usage
#which arp /sbin/arp
#rpm –qf /sbin/arp net-tools-1.60-12
# arp
Contains Address HWtype HWaddress Flag mask Iface
#arp –a
arp tables are generally built based mac address and devices on local subnet. arp protocol relies on broadcast.
# arp –d 192.168.1.1 will removes the 192.168.1.1
VMware Wosktation allows to run ESXi as virtual machine (virtual environment as virtual machine – kind of funny). It can be very useful to evaluate, experiment and learn vSphere at home. This can be also very helpful if we want ot run virtual appliances which are compatible with ESX only. I will show how easy is to install ESXi 5 as virtual machine on VMware Workstation 9.
First step is to register on VMware portal and download vSphere Hypervizor (ESXi) – current version when that article is written is version 5. Once you register and download software VMware will issue serial number for ESXi as this software is available for free with limited number of features – for details check article on VMware web page “VMware vSphere Architectures Compared“.
Once software is downloaded it’s time to create virtual machine on VMware Workstation. For that in VMware Workstation console go to File and click New Virtual Machine…
New Virtual Machine Wizard will start and allow you to choose Typical (recommended) or Custom (advanced) configuration for new virtual machine. Choose Custom (advanced) and click Next.
Next screen gives us ability to choose hardware compatibility for virtual machine components. By default it is set to Workstation 9.0 and we leave it that way. Click Next to proceed with New Virtual Machine Wizard.
Now it’s time to indicate source of installation media for operating system for our new virtual machine. I have all ISO images located in E:\ISO and image for ESXi Hypervisor installation is named VMware-VMvisor-Installer-5.0.0.update01-623860.x86_64.iso, so I indicate that as source of installation files. As you can see on screen below VMware Workstation automatically detected that I want to install VMware ESXi 5. Once installation image is defined click Next to proceed to next step of virtual machine creation process.
Now make sure you have correct operating system selected for guest. As we installing ESXi 5 indicate VMware ESX / VMware ESXi 5 as Guest Operating System and click Next to proceed.
Now it’s time to assign name for our virtual machine (by default VMware Workstation will generate name based on Guest Operating system choice). Adjust name and path for your virtual machine accordingly and click Next to proceed. In this example I will stay with default name and location (I have all virtual machines stored in E:\VMware).
Processor Configuration allows to configure number of processors and cores per processor virtual machine will have. By default VMware Workstation 9.0 will propose 2 processors with 1 core per processor for ESXi 5. let’s stick with this and click Next to proceed.
Our virtual machine needs some memory as well, so I assign 4096MB (4GB) of memory, so once ESXi will be installed I will have some resources to run some virtual machines on it for testing purposes. Amount of memory assigned to guest operating system depends of course how much memory your machine has. Once amount of memory is defined click Next to proceed.
Network configuration on next screen by default indicates Use network address translation (NAT) for new virtual machine. This is most convenient option if you want to have connectivity from virtual machine and networking on VMware Workstation is in default post installation state. With more advanced configurations you might want to assign network to some other virtual interface if you have some structure prepared for test systems. For now we choose NAT and click Next to proceed.
Hard disk controller type is proposed by VMware Workstation based on Guest Operating System indicated earlier, so we can leave it as recommended and click Next to proceed.
As we creating new virtual machine there is no hard disk for it yet. It is time to indicate to VMware Workstation to Create a new virtual hard disk and then click Next to proceed.
Recommended type of hard disk for our ESXi is SCSI hard disk, so we stick with this and click Next to proceed.
As my plan is to run relatively small virtual machines on virtualized ESXi platform I go with 40GB as maximum disk size. I also decide to Store virtual disk as a single file. Then click Next to proceed.
Once all parameters for virtual hard disk are defined it’s time to define location for file which will store content of the virtual hard disk and also name virtual hard disk file. I will stick with default name proposed by VMware Workstation and will not change location of the file, which means file will be stored in default virtual machine folder. Then click Next to proceed.
Now summary screen, click Finish and we ready to turn on our virtual machine
Once virtual machine is powered on ESXi boot loader will show up for a while and after few seconds installer will start loading.
You can observe progress of ESXi installed loading and track information about modules which are loaded during that stage.
After a while installer will display much nicer screen with basic information about system on which installation takes place (number and type of processors, amount of memory). At the bottom of the screen progress bar will indicate how far from installer being loaded are we.
Once installer is loaded Welcome to the VMware ESXi 5.0.0 Installation dialog window shows. Press Enter to continue or if you want to cancel installation the Esc.
Before ESXi will be installed of course mandatory is to accept terms and conditions of EULA. Press F11 to confirm that you agree and to proceed with installation.
Installer will scan system to identify all devices and select appropriate drivers for components in our system.
One of the components detected will be hard disk and we can decide on which hard disk we want to install ESXi. As there is only one hard disk in our ESXi just press Enter to proceed with installation (if ESXi would have more hard disks then it is possible to decide where ESXi Hypervisor will be placed and which space will be used for virtual machines hosted by ESXi. In that case as there is only one hard disk choice is simple).
Keyboard layout choice is next step of installation process. Locate layout you want to use on the list, highlight it and press Enter to continue.
Now ESXi requires password for root user. It is highly recommended not to leave root password blank.
All details provided, now last scan before final decision about ESXi installation.
And now final decision… ESXi installer informs that whole content of the hard disk will be lost as disk will be repartitioned. Press F11 to agree and proceed with installation.
Installer prepared hard disk and is copying hypervisor files. It might take few minutes.
Once installation is finished press Enter to reboot system.
Installer will shutdown all services and reboot the computer after a while.
After reboot ESXi will boot on virtual machine.
Vmware ESXi 5 is starting up and progress bar indicates how far from fully functional system we are.
Once system is started in yellow part of the screen URL to the server can be seen. By default ESXi defines IP address for itself as dynamic and we assigned ESXi network interface to NAT interface on VMware Workstation, which by default has DHCP server. We have fully functional VMware ESXi 5.0.0 installed as virtual machine![clip_image028[1]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzR3UkN9KiuaU28zMSqa3PVQOz9OLyCcXn7qgRAILt2x1ZJ51lzwgTxUOHnniFMsdYyJ5Tl0K0OcYqlv6WYHLCBUZ9Y5SCXALjlLzi4gzKqPDti0dDffKJjnGz1pXXly4OfD0lJPmdwUg/?imgmax=800 "clip_image028[1]")
It’s time to try how it works.
First we need to download and install vSphere client. Simplest way to do that is to use IE on the computer where we have VMware Workstation with ESXi as virtual machine installed. Once ESXi is started it shows URL https://192.168.44.138/. When you go to that URL then web page with link to vSphere Client will show up. Download and install client on your machine.
Then start client software. Enter IP address of ESXi host, username (root) and password assigned during installation.
After a while you will see ESXi management console.
Now ESXi 5 is ready to host virtual machines![clip_image028[2]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFrz_C0gOertoNRzjTNHznQ7EMDMTj7TBgIlh52okbPIdrm0xmAo1gf-uzE0cvWBuFrimZxrQrQtDPP7_5LnYunvyjrdU7Dzp9oYwgFG2hK54cFryg7sOmb27Nq5ukIF1DhIy_DY2fuUE/?imgmax=800 "clip_image028[2]")
We just installed ESXi Hypervisor as virtual machine on VMware Workstation 9.0.
Linux Interview questions and answers
1. who owns the data dictionary
A: The SYS user owns the data dictionary. The SYS and SYSTEM users are created when the database is created.
2.You routinely compress old log files. You now need to examine a log from two months ago. In order to view its contents without first having to decompress it.
A: zcat à The zcat utility allows you to examine the contents of a compressed file much the same way that cat displays a file.
3. You suspect that you have two commands with the same name as the command is not producing the expected results. What command can you use to determine the location of the command being run
A: # which – The which command searches your path until it finds a command that matches the command you are looking for and displays its full path.
4. You locate a command in the /bin directory but do not know what it does. What command can you use to determine its purpose.
A: # whatis – this command displays a summary line from the man page for the specific command.
5. when you issue the command ls –l , the first character of the resulting display represents the files
A: the first character of the permissions block designates the type of file that is being displayed.
6. what utility can you use to show a dynamic listing of running process
A: the “top” utility shows a listing of all running processes that is dynamically updated.
7. where is standard output usually directed
A: to the screen or display.
8. what daemon is responsible for tracking events on your system.
A: # syslogd – the syslogd daemon is responsible for tracking system information and saving it to specified log files.
9. You have a file called phonenos that is almost 4000 lines long. What text filter can you use to split it into four pieces each 1000 lines long.
A: # split – the split text filter will divide files into equally sized pieces. The default length of each piece is 1000 lines.
10. you would like to temporarily change your command line editor to be vi, what command should you type to change it.
A: # set –o vi ,, the set command is used to assign environment variables. In this case you are instructing your shell to assign vi as your command line editor.
11. what account is created when you install linux
A: whenever you install Linux “root” is user created at it is super user.
12. What command should you use to check the number of files and disk space used and each users defined quotas
A: # repquota – this command is used to get a report on the status of the quotas you have set including the amount of allocated space and amount of used space.
13. In order to run fsck on the root partition, the root partition must be mounted as
A: readonly -- you can’t run fsck on a partition that is mounted as read-write.
14. in order to improve your systems security you decide to implement shadow password.
A: #pwconv – this command creates the file /etc/shadow and changes all passwords to x in the /etc/passwd file.
15. The top utility can be used to change the priority of a running process.
A: Both nice and top utilities provide the capability to change the priority of a running process.
16. What file defines the levels of messages written to system log files.
A: kernel.h – to determine the various levels of messages that are defined on your system.
17. what can you type at a command line to determine which shell you are using
A: echo $shell, the name and patch to the shell you are using is saved to the SHELL environment variable. You can then use the echo command to print out the value of any variable by preceding the variables name with $. Therefore,typing $shell will display the name of your shell.
18. when you create a new partition you need to designate its size by defining the starting and ending
A: cylinders, when creating a new partition you must first specify its starting cylinder. You can then either specify its size or the ending cylinder.
19. How are devices represented in UNIX.
A: All devices are represented by files called special files that are located in /dev directory. Thus,device files and other files are named and accessed in the same way. A regular file is just an ordinary data file in the disk. A ‘block special file’ represents a device with characteristic similar to a disk. A ‘character special file’ represents a device with characteristic similar to a keyboard.
20. What is ‘inode’.
A: The inode contains info about the file-size,its location, time of last access, time of last modification, permission and so on. Directories are also represented as files and have an associated inode. In addition to description about the file, the inode contains pointers to the data blocks of the file. If the file is large, inode has indirect pointer to a block of pointers to additional data blocks. A block is typically 8k. inode consists of the following fields: File owner identifier-File type-File access permissions-file access times – Number of links—File size – Location of the file data.
21. Brief about the directory representation in UNIX
A: A unix directory is a file containing a correspondence between filename and inodes. A directory is a special file that the kernel maintains. Only kernel modifies directories, but processes can read directories. The contents of a directory are a list of filename and inode number pairs. When new directories are created kernel makes two entries name ‘.’( refers to directory itself) and ‘..’ (refers to parent directory). System call for creating directory is mkdir(pathname,mode).
22. What are the Unix system calls for I/O.
A:open(pathname,flag,mode)-open file create(pathname,mode)—create file close(file desc)—close an open file read(filedesc,buffer,bytes)—read data from an open file write(filedes,buffer,bytes)—duplicate an existing file descriptor dup2(oldfd,newfd)—duplicate to a desired file descriptor fcntl(filedes,cmd,arg)—change properties of an open file ioctl(filedes,request,arg) – change the behavior of an open file. The difference between fcntl and ioctl is that the former is intended for any open file, while the latter is for device-specific operations.
23. How do you change File Access permissions
A: Every file has following attributes. Owner’s UserID , Owner’s group ID(16 bit) File access mode word ‘rwx-rwx-rwx’(user permission- group permission- others permissions). To change the access mode we use chmod(filename,mode).
Ex. To change mode of myfile to ‘rw-rw-r-‘ we give the args as
Chmod(myfile,0664). Each operation is represented by discrete values ‘r’ is 4,’w’ is ‘2’,’x’ is 1. Therefore for ‘rw’ the value is 6.
Ex2. To change mode of myfile to ‘rwxr-r’ we give the args as chmod(myfile,0744).
24. What are links and symbolic links in UNIX file system.
A: A link is a second name for a file. Links can be used to assign more than one name to a file but can’t be used to assign a directory more than one name or link filenames on different computers.
Symbolic link ‘is’ a file that only contains the name of another file. Operation on the symbolic link is directed to the file pointed by the it. Both the limitations of links are eliminated in symbolic links.
Syntax: ln filename1 filename2.
Symbolic link: ln –s filename1 filename2.
Examples to create symbolic links: $ ln –s {/path/to/file-name} {link-name}
$ ln –s /shared/sales/data/file.txt sales.data.txt
$ ln –l sales.data.txt
Examples to delete the symbolic link:
$ rm {link-name}
$ rm sales.data.txt
$ ls –l
UNIX create a Hardlink command
$ ln {file.txt} {hard-link}
$ ln /tmp/file link-here
Delete a hard link
$ rm {hard-link}
$ rm link-here.
25. what is FIFO.
A: FIFO are otherwise called as ‘named pipes’,it is a special file which is said to be data transient. Once data is read from named pipe it can’t be read again. Also, data can be readonly in the order written. It is used in interprocess communication where a process writes to one end of the pipe(producer) and the other reads from the other end(consumer).
26.How do you create special files like named pipes and device files.
A: The system call mknod creates special files in the following sequence.
1. kernel assigns new inode.
2. sets the file type to indicate that the file is a pipe,directory or special file.
3. if it is a device file it makes the other entries like major,minor device numbers.
27. Discuss the mount and unmount system calls.
A: The privileged mount system call is used to attach a file system to a directory of another file system; the unmount system call detaches a file system. When you mount another file system on to your directory, you are essentially splicing one directory tree onto a branch in another directory tree. The first argument to mount call is the mount point, that is, a directory in the current file naming system. The second argument is the file system to mount to that point. When you insert a cdrom to your unix systems drive the file system in the cdrom automatically mounts to /dev/cdrom in your system.
28.How does the inode map to data block of a file.
A: inode has 13 block addresses. The first 10 are direct block addresses of the first 10 data blocks in the file. The 11th address points to a one-level index block. The 12th address points to a two-level(double in-direction) index block. The 13th address points to a three-level (triple in-direction) index block. This provides a very large maximum file size with efficient access to large files, but also small files are accessed directly in one disk read.
29.What is a shell
A: A shell is an interactive user interface to an operating system services that allows an user to enter commands as character strings or through a graphical user interface. The shell converts them to system calls to the OS or forks off a process to execute the command. system call results and other information from the OS are presented to the user through an interactive interface. Commonly used shells are sh,csh,ks etc..
30.Brief about the initial process sequence while the system boots up.
A: while booting special process called the ‘swapper’ or ‘scheduler’ is created with process-id 0. The swapper manages memory allocation for processes and influences CPU allocation. The swapper inturn creates 3 children: the process dispatcher,vhand and dbflush with IDs 1,2,3. This is done by executing the file /etc/init. Process dispatcher gives birth to the shell. Unix keeps track of all the processes in an internal data structure called the Process Table.
31.What are various IDs associated with a process.
A:unix identifies each process with a unique integer called “process id”. The process that executes the request for creation of a process is called the ‘parent process’ whose PID is ‘Parent process ID’. Every process is associated with a particular user called the ‘owner’ who has privileges over the process. The identification for the user is ‘User ID’ which determines the access privileges for accessing resources like files. getPID() – process id. Getppid() – parent process id. Getuid() – user id. Geteuid() – effective user id.
32. Explain fork() system call.
A: The ‘fork() used to create a new process from an existing process. The new process is called the child process, and the existing process is called the parent. We can tell which is which by checking the return value from ‘fork()’. The parent gets the child’s PID returned to him, but the child gets 0 returned to him.
33.Predict the output of the following program code
main() { fork(); printf(“Hello world”);}
A: Hello world! Hello world !.
The fork creates a child that is a duplicate of the parent process. The child begins from the fork(). All the statements after the call to fork() will be executed twice(once by the parent process and other by child). The statement before fork() is executed only by the parent process.
34. List the system calls used for process management
A: fork(), to create a new process . exec(), to execute a new program in a process. wait(), to wait until a created process completes its execution. exit(),to exit from a process execution. getPID() to get the process identifier of the current process. getppid() to get parent process identifier. nice() to bias the existing priority of a process. brk() to increase/decrease the data segment size of a process.
35. How can you get/set an environment variable from a program.
A: getting the value of an environment variable is done by using ‘getenv()’. Setting the value of an environment variable is done by using ‘putenv()’.
36. How can a parent and child process communicate.
A: A parent and child can communicate through any of the normal inter-process communication schemes, but also have some special ways to communicate that take advantage of their relationship as a parent and child. One of the most obvious is that the parent can get the exit status of the child.
37. What is a zombie
A: when a program forks and the child finished before the parent the kernel still keeps some of its information about the child in case the parent might need it.
For example, the parent may need to check the childs exit status, to be able to get this information the parent calls ‘wait()’, in the interval between the child terminating and the parent calling ‘wait()’. The child is said to be a ‘zombie’, the child will have a ‘Z’ in its status field to indicate this.
38.What are the process states in UNIX.
A: As a process executes it changes state according to its circumstances. Unix processes have the following states.
Running: the process is either running or it is ready to run.
Waiting: the process is waiting for an event or for a resource.
Stopped: the process has been stopped usually by receiving a signal.
Zombie: the process is dead but have not been removed from the process table.
What happens when you execute a program.
A: When you execute a program on your UNIX system, the system creates a special environment for that program. This environment contains everything needed for the system to run the program as if no other program were running on the system. Each process has process context, which is everything that is unique about the state of the program you are currently running. Every time you execute a program the UNIX system does a fork, which performs a series of operations to create a process context and then execute your program in that context. The steps include the following: Allocate a slot in the process table, a list of currently running programs kept by UNIX. Assign a unique process identifier (PID) to the process. iCopy the context of the parent, the process that requested the spawning of the new process. Return the new PID to the parent process. This enables the parent process to examine or control the process directly. After the fork is complete, UNIX runs your program.
What Happens when you execute a command?
A: When you enter ‘ls’ command to look at the contents of your current working directory, UNIX does a series of things to create an environment for ls and the run it: The shell has UNIX perform a fork. This creates a new process that the shell will use to run the ls program. The shell has UNIX perform an exec of the ls program. This replaces the shell program and data with the program and data for ls and then starts running that new program. The ls program is loaded into the new process context, replacing the text and data of the shell. The ls program performs its task, listing the contents of the current directory.
What is a Daemon?
A: A daemon is a process that detaches itself from the terminal and runs, disconnected, in the background, waiting for requests and responding to them. It can also be defined as the background process that does not belong to a terminal session. Many system functions are commonly performed by daemons, including the sendmail daemon, which handles mail, and the NNTP daemon, which handles USENET news. Many other daemons may exist. Some of the most common daemons are: init: Takes over the basic running of the system when the kernel has finished the boot process. inetd: Responsible for starting network services that do not have their own stand-alone daemons. For example, inetd usually takes care of incoming rlogin, telnet, and ftp connections. cron: Responsible for running repetitive tasks on a regular schedule.
What is ‘ps’ command for?
A: The ps command prints the process status for some or all of the running processes. The information given are the process identification number (PID),the amount of time that the process has taken to execute so far etc.
How would you kill a process?
A: The kill command takes the PID as one argument; this identifies which process to terminate. The PID of a process can be got using ‘ps’ command.
What is an advantage of executing a process in background?
A: The most common reason to put a process in the background is to allow you to do something else interactively without waiting for the process to complete. At the end of the command you add the special background symbol, &. This symbol tells your shell to execute the given command in the background.
Example: cp *.* ../backup& (cp is for copy)
How do you execute one program from within another?
A: The system calls used for low-level process creation are execlp() and execvp(). The execlp call overlays the existing program with the new one , runs that and exits. The original program gets back control only when an error occurs. execlp(path,file_name,arguments..); //last argument must be NULL A variant of execlp called execvp is used when the number of arguments is not known in advance. execvp(path,argument_array); //argument array should be terminated by NULL.
What is IPC? What are the various schemes available?
A: The term IPC (Inter-Process Communication) describes various ways by which different process running on some operating system communicate between each other. Various schemes available are as follows: Pipes: One-way communication scheme through which different process can communicate. The problem is that the two processes should have a common ancestor (parent-child relationship). However this problem was fixed with the introduction of named-pipes (FIFO). Message Queues : Message queues can be used between related and unrelated processes running on a machine. Shared Memory: This is the fastest of all IPC schemes. The memory to be shared is mapped into the address space of the processes (that are sharing). The speed achieved is attributed to the fact that there is no kernel involvement. But this scheme needs synchronization. Various forms of synchronisation are mutexes, condition-variables, read-write locks, record-locks, and semaphores.
What is the difference between Swapping and Paging?
A: Swapping: Whole process is moved from the swap device to the main memory for execution. Process size must be less than or equal to the available main memory. It is easier to implementation and overhead to the system. Swapping systems does not handle the memory more flexibly as compared to the paging systems. Paging: Only the required memory pages are moved to main memory from the swap device for execution. Process size does not matter. Gives the concept of the virtual memory. It provides greater flexibility in mapping the virtual address space into the physical memory of the machine. Allows more number of processes to fit in the main memory simultaneously. Allows the greater process size than the available physical memory. Demand paging systems handle the memory more flexibly.
What is major difference between the Historic Unix and the new BSD release of Unix System V in terms of Memory Management?
A: Historic Unix uses Swapping – entire process is transferred to the main memory from the swap device, whereas the Unix System V uses Demand Paging – only the part of the process is moved to the main memory. Historic Unix uses one Swap Device and Unix System V allow multiple Swap Devices.
What is the main goal of the Memory Management?
A: It decides which process should reside in the main memory, Manages the parts of the virtual address space of a process which is non-core resident, Monitors the available main memory and periodically write the processes into the swap device to provide more processes fit in the main memory simultaneously.
What is a Map?
A: A Map is an Array, which contains the addresses of the free space in the swap device that are allocatable resources, and the number of the resource units available there. This allows First-Fit allocation of contiguous blocks of a resource. Initially the Map contains one entry – address (block offset from the starting of the swap area) and the total number of resources. Kernel treats each unit of Map as a group of disk blocks. On the allocation and freeing of the resources Kernel updates the Map for accurate information.
What scheme does the Kernel in Unix System V follow while choosing a swap device among the multiple swap devices?
A: Kernel follows Round Robin scheme choosing a swap device among the multiple swap devices in Unix System V.
What is a Region?
A: A Region is a continuous area of a process’s address space (such as text, data and stack). The kernel in a ‘Region Table’ that is local to the process maintains region. Regions are sharable among the process.
What are the events done by the Kernel after a process is being swapped out from the main memory?
A: When Kernel swaps the process out of the primary memory, it performs the following: Kernel decrements the Reference Count of each region of the process. If the reference count becomes zero, swaps the region out of the main memory, Kernel allocates the space for the swapping process in the swap device, Kernel locks the other swapping process while the current swapping operation is going on, The Kernel saves the swap address of the region in the region table.
Is the Process before and after the swap are the same?
A: Process before swapping is residing in the primary memory in its original form. The regions (text, data and stack) may not be occupied fully by the process, there may be few empty slots in any of the regions and while swapping Kernel do not bother about the empty slots while swapping the process out. After swapping the process resides in the swap (secondary memory) device. The regions swapped out will be present but only the occupied region slots but not the empty slots that were present before assigning. While swapping the process once again into the main memory, the Kernel referring to the Process Memory Map, it assigns the main memory accordingly taking care of the empty slots in the regions.
What do you mean by u-area (user area) or u-block?
A: This contains the private data that is manipulated only by the Kernel. This is local to the Process, i.e. each process is allocated a u-area.
What are the entities that are swapped out of the main memory while swapping the process out of the main memory?
A: All memory space occupied by the process, process’s u-area, and Kernel stack are swapped out, theoretically. Practically, if the process’s u-area contains the Address Translation Tables for the process then Kernel implementations do not swap the u-area.
What is Fork swap?
A: fork() is a system call to create a child process. When the parent process calls fork() system call, the child process is created and if there is short of memory then the child process is sent to the read-to-run state in the swap device, and return to the user state without swapping the parent process. When the memory will be available the child process will be swapped into the main memory.
What is Expansion swap?
A: At the time when any process requires more memory than it is currently allocated, the Kernel performs Expansion swap. To do this Kernel reserves enough space in the swap device. Then the address translation mapping is adjusted for the new virtual address space but the physical memory is not allocated. At last Kernel swaps the process into the assigned space in the swap device. Later when the Kernel swaps the process into the main memory this assigns memory according to the new address translation mapping.
How the Swapper works?
A: The swapper is the only process that swaps the processes. The Swapper operates only in the Kernel mode and it does not uses System calls instead it uses internal Kernel functions for swapping. It is the archetype of all kernel process.
What is GRUB
A: GNU GRUB is a multiboot loader it was derived from GRUB(Grand Unified Bootloader) which was originally designed and implemented by Erich Stefan Boleyn.
Briefly a boot loader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the operating system kernel software.
Boot Process
BIOS—Basic Input/Output system executes MBR
MBR – Master Boot Record executes GRUB
GRUB – Grand Unified Bootloader executes kernel
Kernel – Kernel executes /sbin/init
Init – Init executes runlevel programs
RunLevel – Runlevel programs are executed from /etc/rc.d/rc*.d/
a. BIOS
b. MBR
c. GRUB
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.el5PAE)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
initrd /boot/initrd-2.6.18-194.el5PAE.img
d. Kernel
e. Init
Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.
Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level
If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.
Typically you would set the default run level to either 3 or 5.
f. Runlevel programs
Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.
Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.
Programs starts with S are used during startup. S for startup.
Programs starts with K are used during shutdown. K for kill.
There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.
For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.
There you have it. That is what happens during the Linux boot process.
Which files are called for user profile by default when a user gets login
A: $HOME/.bash_profile, $HOME/.bash_bashrc
Which file needs to update if srequired to change default runlevel 5 to 3
A:File is /etc/inittab and required to change below lines:
id:5:initdefault: to id:3:initdefault:
What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..
A: FINGER command can be used i.g; finger username
What is inode number
A:An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode stores basic information about a regular file, directory, or other file system object inode number also called as index number, it consists following attributes:
File type (executable, block special etc)
Permissions (read, write etc)
Owner,Group,File Size,File access, change and modification time (remember UNIX or Linux never stores file creation time, this is favorite question asked in UNIX/Linux sys admin job interview)
File deletion time,Number of links (soft/hard),
Extended attribute such as append only or no one can delete file including root user (immutability),Access Control List (ACLs)
Following command will be used to show inodes of file and folders:
ls -i
Following command will show complete info about any file or folders with inode number
stat file/folder
Files/Folders can also be deleted using inode numbers with following command:
find out the inode number using ‘ls -il’ command then run below command
find . -inum inode_number -exec rm -i {} \;
How can we increase disk read performance in single command.
A: # blockdev command. The read performace of a disk can be improved by increasing a parameter called “Read+Ahead” using ‘blockdev’ command. By default the LinuxOS will read 128 KB data in advance so that it is already in memory cache before the program needs it.
To check the current ‘blockdev’ status of all block device.
# blockdev –report.
#blockdev – report
To check the ‘Read-Ahead’ value of an individual disk
# blockdev – getra /dev/sda, sda is disk here.
To change the ‘Read-Ahead’ value to 8mb
# blockdev –setra 16384 /dev/sda
To make it permanent upon system reboot, just add this command entry in /etc/rc.local
Command to change user password expiration time
A:CHAGE
Command used to lock user password
A:usermod –L username
How many default number of shells available and what are their names
A:SH,BASH,CSH,TCSH,NOLOGIN,KSH.
Which file defines the attributes like UID, PASSWORD expiry, HOME Dir create or not while adding user.
A:/etc/login.defs
command used for changing authentication of linux system to LDAP/NIS/SMB/KERBOS.
A:authconfig.
Command used for changing the attributes of any file
A:chattr
What is the path of network (ethX) configuration files
A:/etc/sysconfig/network-scripts/ethX
How can we change speed and make full duplex settings for eth0
A:
We can do this with below given 2 methods:
ethtool -s eth0 speed 100 duplex full
ethtool -s eth0 speed 10 duplex half
OR
mii-tool -F 100baseTx-HD
mii-tool -F 10baseT-HD
File which stores the DNS configuration at client side
/etc/resolve.conf
Main configuration file and command used for exporting NFS directories and it’s deamons.
A: /etc/exports and exportfs -av , deamons are quotad, portmapper, mountd, nfsd and nlockmgr/status.
What is command to check ports running/used over local machine.
A:netstat -antp
What is the command to check open ports at remote machine
nmap
What is the difference between soft and hard links
Soft Links => 1) Soft link files will have different inode numbers then source file
2) If original file deleted then soft link file be of no use
3) Soft links are not updated
4) Can create links between directories
5) Can cross file system boundaries
Hard Links => 1) Hard links will have the same inode number as source file
2) Hard links can not link directories
3) Can not cross file system boundaries
4) Hard links always refers to the source, even if moved or removed
How to setup never expired user password
chage -E never username
Restricting insertion into file if full permission are assigned to all
chattr +i filename
Display or Kill all processes which are accessing any folder/file
Display User who are using file/folder : fuser -u file/folder
Kill All Processes which are using file/folder: fuser -k file/folder
Kill any user’s all processes
killall -u username
How can we have daily system analysis and reports over mail
# use logwatch
How can we rotate logs using logrotate without performing any operation like move and gzip’ng over original file and then creating new file (which is very lengthy process)
We can use “logrotate”‘s “copytruncate” option which will simply copy original file and truncate original file.
Command to collect detailed information about the hardware and setup of your system.
dmidecode , sysreport
Command to check PCI devices vendor or version
A: #lspci
What is the difference between cron and anacron
Cron :
1) Minimum granularity is minute (i.e Jobs can be scheduled to be executed
every minute)
2) Cron job can be scheduled by any normal user ( if not restricted by super
user )
3) Cron expects system to be running 24 x 7. If a job is scheduled, and
system is down during that time, job is not executed
4) Ideal for servers
5) Use cron when a job has to be executed at a particular hour and minute
Anacron :
1) Minimum granularity is only in days
2) Anacron can be used only by super user ( but there are workarounds to
make it usable by normal user )
3) Anacron doesn’t expect system to be running 24 x 7. If a job is scheduled,
and system is down during that time, it start the jobs when the system
comes back up.
4) Ideal for desktops and laptops
5) Use anacron when a job has to be executed irrespective of hour and
minute
Default Port numbers used by ssh,ftp,http,https,telnet,smtp,pop3,pop3s, imap,imaps.
# SSH 22, ftp 20/21, http 80, https 443, SMTP/SMPTS 25/465, POP3/POP3S 110/995, IMAP/IMAPS 143/993.
How to setup ACLs in following case:
1) Create a file FILE1 and this should be read,write,executable for all user but Read only for user USER1
2) Copy FILE1 ACLs to FILE2 ACL
3) Delete a USER1′s rule for FILE1 which were setup in step 1)
A: 1) touch FILE1 ; chmod 777 FILE1 ; setfacl -m u:USER1:r FILE1
2) getfacl FILE1 | setfacl –set-file=- FILE2
3) setfacl -x u:USER1 FILE1
How to make USB bootable?
A:Write efidisk.img from RHEL 6 DVD images/ subdirectory to USB
dd if=efidisk.img of=/dev/usb (usb device name)
How can we check disk/device status/failure/errors using smartctl utility?
Try following to check:
Enable/Disable SMART on device/disk : smartctl -s on /dev/sda
Check device SMART health : smartctl -H /dev/sda
Check device SMART capabilities : smartctl -c /dev/sda
Enable/Disable automatic offline testing on device : smartctl -o on/off /dev/sda
Show device SMART vendor-specific Attributes and values : smartctl -A /dev/sda
Show device log [TYPE : error, selftest, selective, directory,background,
scttemp[sts,hist]] : smartctl -l TYPE /dev/sda
Run test on device [TEST: offline short long conveyance select,M-N pending,N
afterselect,[on|off] scttempint,N[,p] : smartctl -t /dev/sda
What is the difference between ext2 vs ext3 vs ext4?
A:Ext2
Ext3
You can convert a ext2 file system to ext3 file system directly (without backup/restore).
Ext4
Disable ping to avoid network/ICMP flood
Set following in /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all = 1
Then “sysctl -p”
or
echo “1″ > /proc/sys/net/ipv4/icmp_echo_ignore_all
What is SYN Flood, ICMP Flood
A:
SYN Flood : A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a fake/forged sender address. Each of these packets is handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet(Acknowledge), and waiting for a packet in response from the sender address(response to the ACK Packet). However,
because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server is able to make, keeping it from responding to legitimate requests until after the attack ends
ICMP Flood : There are three types of ICMP Flood :
1) Smurf Attack : http://en.wikipedia.org/wiki/Smurf_attack
2) Ping Flood : http://en.wikipedia.org/wiki/Ping_flood
3) Ping of Death : http://en.wikipedia.org/wiki/Ping_of_death
What is the difference between Unix vs Linux Kernels?
A:
1. Monolithic Vs Micro-kernel Approach
Monolithic kernels are those where all the kernel code runs as a single process while Micro-kernel kernels are those where the core of a kernel (that controls the different pieces of OS) runs in one process while other services like device drivers etc run as different processes. Linux follows monolithic approach while there are a couple of exceptions in Unix-Like kernels that follow Micro-kernel approach.
2. Adding/Removing features to kernel
While traditional Unix/Unix-like systems require static linking of new modules being added, Linux supports a powerful feature where-in kernel components like device drivers etc can be loaded and unloaded dynamically. This feature is known as Loadable kernel modules (LKM). Any new component can be added/removed as an LKM to the kernel. This means there is no need to compile the whole kernel again. Also, if a component is not needed, it can easily be unloaded. This feature makes Linux kernel very flexible.
3. Kernel Threading
Many Unix-Like kernels are organized as a set of kernel threads. A kernel thread can be thought of as an independent execution flow. A kernel thread can run user process or some kernel code. The basic Idea is to do context switches between the kernel threads which is less expensive than context switches between processes as threads operate in same address space. While many Unix-Like OS use kernel threads for process context switching, Linux uses kernel threads only for executing some kernel code periodically.
4. Multi-threaded application support
Almost all modern OS, be it Unix-Like or Linux distributions, support multi-threading. A multi-threaded application is one which creates more than one execution flows. These independent execution flows are known as threads. Threads are light weight processes. In most of the Unix-Like systems, light weight processes are based on kernel threads while in Linux these LWP are created by a call to function clone() which lets the application to create a separate process like fork() does but the difference being that with clone() the newly generated process can share its physical memory, opened files, address space etc. As these newly created process works in a shared environment, so they are given a different name ‘threads’. So we see that Linux and Unix/Unix-Like differ in the way multi-threaded environment is handled internally.
5. STREAMS
Streams I/O subsystem is included in most of the Unix kernels and has become a preferred interface for writing device drivers, terminal drivers etc. While on the other hand there is nothing like Streams in Linux.
6. Preemptive Vs Non-Preemptive Kernels
Preemptive kernels are the kernels which can preempt the currently executing process. It means that a process which is currently executing can be forcibly interrupted if a process with higher priority is ready for execution. On the other hand, Non preemptive kernels are those where a running process cannot be forcibly interrupted even if a higher priority process is ready for execution. Normally, Linux OS are Non preemptive while some of the Unix systems like Solaris 2.x etc are fully preemptive. Usually Real time OS have fully preemptive kernels. These days we have Linux Real time OS which have fully preemptive kernels.
How to setup Password less remote login/ssh?
Use “ssh-keygen -t dsa or rsa” at local system for creating public and private keys.
Then copy /root/.ssh/id_dsa.pub to remote_server by name /root/.ssh/authorized_keys
Change permissions of /root/.ssh/authorized_keys file at remote_server “chmod 0600 ~/.ssh/authorized_keys”
Now try to login from local system to remote_server “ssh root@remote_server”
Command to see default kernel image file
“grubby –default-kernel”
How to create lvm mirror
lvcreate -L 50G -m1 -n LVMmirror vg0
Command to check last runlevel
who -r
What do you mean by File System?
File System is a method to store and organize files and directories on disk. A file system can have different formats called file system types. These formats determine how the information is stored as files and directories.
What is the requirement of udev daemon?
Create and remove device nodes or files in /dev/ directory
What are block and character devices?
Both the devices are present in /dev directory
Block device files talks to devices block by block [1 block at a time (1 block = 512 bytes to 32KB)].
Examples: – USB disk, CDROM, Hard Disk (sda, sdb, sdc etc….)
Character device files talk to devices character by character.
Examples: – Virtual terminals, terminals, serial modems, random numbers (tty{0,1,2,3……})
How to Convert ext2 to ext3 File System?
A: tune2fs -j /dev/{device-name}
File required to modify for setting up kernel parameters permanent
A: /etc/sysctl.conf
Commands used to install, list and remove modules from kernel
A:
Installing/adding a module:
insmod mod_name
modprobe mod_name
List installed modules : lsmod
Removing a module : modprobe -r mod_name
How to create swap using a file and delete swap
Adding swap :
dd if=/dev/zero of=/opt/myswap bs=1024 count=4
mkswap /opt/myswap
swapon -a
For adding this myswap at boot time, add following in /etc/fstab file:
/opt/myswap swap swap defaults 0 0
Deleting Swap :
Run “swapoff /opt/myswap” command
Remove the entry from /etc/fstab file
Remove /opt/myswap file (using rm command)
What vmstat show
A:vmstat (virtual memory statistics) is a computer system monitoring tool that collects and displays summary information about operating system memory, processes, interrupts, paging and block I/O
What is tmpfs File System
A: tmpfs is a common name for a temporary file storage facility on many Unix-like operating systems. It is intended to appear as a mounted file system, but stored in volatile memory instead of a persistent storage device. A similar construction is a RAM disk, which appears as a virtual disk drive and hosts a disk file system.
Everything stored in tmpfs is temporary in the sense that no files will be created on the hard drive; however, swap space is used as backing store in case of low memory situations. On reboot, everything in tmpfs will be lost.
The memory used by tmpfs grows and shrinks to accommodate the files it contains and can be swapped out to swap space.
What is the difference between screen and script commands?
A:Screen is an screen manager with VT100/ANSI terminal emulation and used to take GNU screen session remotely or locally and while Script make typescript of terminal session
Screen : needs to be detached, should not be exited to access remotely/locally
Script : creates a file and store all the terminal output to this file
How can we check which process is assigned to which processor?
A:Run “ps -elFL” and find out the PSR column which is showing the processor number to the process
How can we check vendor, version, release date, size, package information etc… of any installed rpm?
rpm -qi package-name ,
Ex: #rpm -qi ypbind-1.19-12.el5
What is the role of ‘Kudzu’
A: Kudzu is used to detect new hardware.
What happens when you add a new device after installation
A: the kudzu program runs each time the system boots and performs a hardware probe. If a new hardware is found, kudzu attempts to map it to a kernel module. If successful the information is saved and the device is configured.
How to list PCI devices on your server or system
A:# lspci command
How to verify all installed packages.
A: rpm –va
If you are getting error ‘package is already installed’ but to install package any how, what option you will use
A: In this case you can use ‘ –replacepkgs ‘
# rpm –ivh –replacepkgs test-1.0-1.i386.rpm’
What are the advantages of YUM?
Automatic resolution of software dependencies.
Multiple software locations at one time.
Ability to specify particular software versions or architectures.
What is YUM?
YUM stands for Yellow dog Updater, Modified because it is based on YUP, the Yellow dog Updater. Where does the name Yellow dog come from? Yellow Dog is a version of Linux for the Power Architecture hardware and is RPM-based, just like Red Hat Enterprise Linux and Fedora. YUP, and later YUM, were written by the Linux community as a way to maintain an RPM-based system.
What is CUPS?CUPS stands for "Common UNIX Printing System". CUPS is a open source printing system developed by Apple Inc. CUPS uses the Internet Printing Protocol (IPP) to allow local printing and print sharing.What is the location of log files for CUPS?The log files for the CUPS printing system are located in the /var/log/cups/ directory.
Which protocol is required to allow local printing and print sharing?
A:Internet Printing Protocol (IPP) is required to allow local printing and print sharing.
What is the role of /etc/resolv.conf file?
A: In this file we sets the DNS servers (using their IP addresses) and the search domain. The values of the DNS servers are often added when the network is activated because the data can be provided by DHCP or a similar service.
Which deamon is required to start Network services?network
# /etc/init.d/network start
What is the maximum size of a single LV?
A: For 2.4 based kernels, the maximum LV size is 2TB.
For 32-bit CPUs on 2.6 kernels, the maximum LV size is 16TB.
For 64-bit CPUs on 2.6 kernels, the maximum LV size is 8EB.
How are snapshots in LVM2 different from LVM1?
In LVM2 snapshots are read/write by default, whereas in LVM1, snapshots were read only.
What is LVM?LVM stands for Logical Volume Manager. LVM, is a storage management solution that allows administrators to divide hard drive space into physical volumes (PV), which can then be combined into logical volume groups (VG), which are then divided into logical volumes (LV) on which the filesystem and mount point are created.Q: - What are the steps to create LVM?- Create physical volumes by “pvcreate” command
#pvcreate /dev/sda2
- Add physical volume to volume group by “vgcreate” command
#vgcreate VLG0 /dev/sda2
- Create logical volume from volume group by “lvcreate” command.
#lvcreate -L 1G -n LVM1 VLG0
Now create file system on /dev/sda2 partition by “mke2fs” command.
#mke2fs -j /dev/VLG0/LVM1.
Q: - What is the difference between LVM and RAID?
RAID provides redundancy but LVM doesn’t provide Redundancy.
Q: - What are LVM1 and LVM2?
LVM1 and LVM2 are the versions of LVM.
LVM2 uses device mapper driver contained in 2.6 kernel version.
LVM 1 was included in the 2.4 series kernels.
Q: - What is Volume group (VG)?
The Volume Group is the highest level abstraction used within the LVM. It gathers together a collection of Logical Volumes and Physical Volumes into one administrative unit.Q: - What is physical extent (PE)?Each physical volume is divided chunks of data, known as physical extents; these extents have the same size as the logical extents for the volume group.Q: - What is logical extent (LE)?Each logical volume is split into chunks of data, known as logical extents. The extent size is the same for all logical volumes in the volume group.
Q: - Explain LVM snapshot?
LVM snapshots allow the administrator to create a new block device which presents an exact copy of a logical volume, frozen at some point in time
Which kernel module is required for software RAID
A: md – module.
Every command in Linux is a
answer : executable program
2. How long can a filename in Linux be?
Correct answer: 255 characters
3. What is the shortcut to the login directory?
Correct answer: cd + enter key
4. The hierarchy of a series of directories branching in a user system starts from
Correct answer: /home
5. Saving open files, flush the system cache and other necessary system maintenance are allowed by.
Correct answer: logging off the system
6. Which directory contains configuration files that stores system and application setting?
Correct answer: /etc
7. Which command is used to find data files, programs, directories that match the search argument?
Correct answer: locate
8. Applications written to provide a GUI shell for Unix and Linux are called
Correct answer: x window
9. The advantage of using NFS rather than Samba for file sharing in Linux is
Correct answer: compatibility with Windows file sharing
10. Which framework is provided for the programs to interchange information about Linux OS?
Correct answer: Resource Definition Framework
11. To implement new application on IBM z/10. Which of the following options need to be considered if it to be implemented in Linux?
Correct answer: Red Hat Linux does not support all the devices supported by IBM z/OS
12. Which of the following has greater market share of Linux SW/HW environment?
Correct answer: Linux on z10
13. Which of the following commands can be run to remove all the rules in an iptables table?
Correct answer: iptables -F
14. Which of the following is the BEST way to set up SSH(Secure Shell) for communicating between Systems without needing passwords?
Correct answer: Use ssh-keygen for generating public-private keys.
15. How much usable space is available, when a Linux system is configured with a RAID 5 array that consists of six 20 GB hard disk drives?
Correct answer: 100Gb
Formula: S*(N-1)
here S=size
N=number of HDD. remember it is only for RAID5
16. Which of the following commands can be used to check for file corruption?
Correct answer: md5sum
17. Which of the following allows to secure remote command line access?
Correct answer: SSH(Secure Shell)
18. Which of the following supports for creating a Linux VPN (Virtual Private Network)?
Correct answer: 3DES
19. Which of the following commands delete the files from the /tmp directory, issued by non-root user?
Correct answer: su -c "rm -rf /tmp/*"
20. Which configuration does cardmgr read at Linux system startup?
Correct answer: PCMCIA cards
21. When a computer system is reported problems with inodes and blocks, which of the following is the problem and its solution to rectify it?
Correct answer: The file system has become corrupt and needs to be repaired.
22. Which Linux command will successfully mounts a USB drive?
Correct answer: mount /dev/sda1 /mnt/usb
23. ___________ is a common tool for determining services and ports running on a remote Linux.
Correct answer: nmap
24. For supporting new diskless client workstations, which of the following services needs to be installed on a server?
Correct answer: PXE (Preboot eXecution Environment) and tftpd
25. Which of the following will kill the process 1010 by an administrator(logged in as a standard user)? The process 1010 was started by the root user.
Correct answer: su -c "kill 1010"
26. Which of the following Linux commands could be used to find what processor was detected on boot, when a laptop system is slow/
Correct answer: POST
27. How to accomplish the LILO boot configuration updation for supporting a newly installed IDE hard drive?
Correct answer: Edit lilo.conf and run "lilo -v -v"
1. Which of the following below are true functionalities of Kernel?
answer: Allocates time and memory to programs
2. Which of the following below are true functionalities of shell?
Answer: Authenticates user Interprets commands
3. Which command is used to find what is in your home directory?
Correct answer: % ls
4. cd home to get back to your home-directory?
answer: False
5. Which command is used to clear the screen?
Correct Answer: Clear
6. The head command writes the first _____________ lines of a file to the screen.
answer: ten
7. What is used to search files for specified words or patterns?
answer: grep
8. > symbol is used to redirect the output of a command
answer: True
9. Pipe symbol is represented by
answer: |
10. Which character is used to match exactly one character?
answer: ?
11. Which command is used to see the online manual?
answer: man
12. A process is identified by a unique
answer: pid
13. A process can run only in the background
Answer: True
14. Which command reduces the size of a file?
answer: gzip
15. Find command can search for?
nswer: Files
16. How can we find the current value for shell variables?
answer: Set command
17. What is the difference between PATH and path?
answer: PATH and path specify directories to search for commands and programs
Both variables always represent the same directory list
Altering either automatically causes the other to be changed
18. What is the default number of shell commands saved in the history list of .cshrc file?
Correct answer: 200
19. What is the difference between linux file system and windows file system?
answer: Under Windows, the various partitions are detected at boot and assigned a drive letter whereas Under Linux, unless you mount a partition or a device, the system does not know of the existence of that partition or device.
20. What is the content of /etc directory?
answer: it contains all configuration file
21. /temp is a type of filesystem directory
answer: False
22. The basic function of ______________ is to search files for lines (or other units of text) that contain a
answer: awk
23. Which of the following below is/are true for Date command?
answer: It can work w/o arguments
How secured is LINUX.Explain
A:Security is the most important aspect of an operating system. Linux consists of PAM(Pluggable authentication modules), it provides a layer b/n application and actual authentication mechanism. It is a library of loadable modules which are called by the application for authentication. It also allows the administrator to control when a user can log in. All PAM applications are configured in the directory ‘/etc/pam.d’ or in a file ‘etc/pam.conf’. PAM is controlled using the configuration file or the configuration directory.
Can Linux computer be made a router so that several machines may share a single Internet connection? How?
Yes a Linux machine can be made a router. This is called “IP Masquerade.” IP Masquerade is a networking function in Linux similar to the one-to-many (1: Many) NAT (Network Address Translation) servers found in many commercial firewalls and network routers. The IP Masquerade feature allows other “internal” computers connected to this Linux box (via PPP, Ethernet, etc.) to also reach the Internet as well. Linux IP Masquerading allows this functionality even if the internal computers do not have IP addresses
In order to apply a filesystem to your new partitions you must format them. What command would you use to create the ext2 filesystem
A:mke2fs, it creates the new file system on your partition.
Linux Directory Structure (File System Structure)
A:1. / – Root
2. /bin – User Binaries
3. /sbin – System Binaries
4. /etc – Configuration Files
5. /dev – Device Files
6. /proc – Process Information
7. /var – Variable Files
8. /tmp – Temporary Files
9. /usr – User Programs
10. /home – Home Directories
11. /boot – Boot Loader Files
12. /lib – System Libraries
13. /opt – Optional add-on Applications
14. /mnt – Mount Directory
15. /media – Removable Media Devices
16. /srv – Service Data
Exam objectives
Red Hat reserves the right to add, modify, and remove objectives. Such changes will be made public in advance through revisions to this document.
RHCSA exam candidates should be able to accomplish the tasks below without assistance. These have been grouped into several categories.
Understand and use essential tools
· Access a shell prompt and issue commands with correct syntax.
· Use input-output redirection (>, >>, |, 2>, etc.).
· Use grep and regular expressions to analyze text.
· Access remote systems using ssh and VNC.
· Log in and switch users in multiuser runlevels.
· Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2.
· Create and edit text files.
· Create, delete, copy, and move files and directories.
· Create hard and soft links.
· List, set, and change standard ugo/rwx permissions.
· Locate, read, and use system documentation including man, info, and files in /usr/share/doc.
· Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.
· Operate running systems
· Boot, reboot, and shut down a system normally.
· Boot systems into different runlevels manually.
· Use single-user mode to gain access to a system.
· Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes.
· Locate and interpret system log files.
· Access a virtual machine's console.
· Start and stop virtual machines.
· Start, stop, and check the status of network services.
Configure local storage
· List, create, delete, and set partition type for primary, extended, and logical partitions.
· Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical Volumes.
· Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot.
· Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label.
· Add new partitions and logical volumes, and swap to a system non-destructively.
· Create and configure file systems
· Create, mount, unmount, and use ext2, ext3, and ext4 file systems.
· Mount, unmount, and use LUKS-encrypted file systems.
· Mount and unmount CIFS and NFS network file systems.
· Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
· Extend existing unencrypted ext4-formatted logical volumes.
· Create and configure set-GID directories for collaboration.
· Create and manage Access Control Lists (ACLs).
· Diagnose and correct file permission problems.
· Deploy, configure, and maintain systems
· Configure networking and hostname resolution statically or dynamically.
· Schedule tasks using cron.
· Configure systems to boot into a specific runlevel automatically.
· Install Red Hat Enterprise Linux automatically using Kickstart.
· Configure a physical machine to host virtual guests.
· Install Red Hat Enterprise Linux systems as virtual guests.
· Configure systems to launch virtual machines at boot.
· Configure network services to start automatically at boot.
· Configure a system to run a default configuration HTTP server.
· Configure a system to run a default configuration FTP server.
· Configure a system to use time services.
· Install and update software packages from Red Hat Network, a remote repository, or from the local file system.
· Update the kernel package appropriately to ensure a bootable system.
· Modify the system bootloader.
· Manage users and groups
· Create, delete, and modify local user accounts.
· Change passwords and adjust password aging for local user accounts.
· Create, delete, and modify local groups and group memberships.
· Configure a system to use an existing LDAP directory service for user and group information.
· Manage security
· Configure firewall settings using system-config-firewall or iptables.
· Set enforcing and permissive modes for SELinux.
· List and identify SELinux file and process context.
· Restore default file contexts.
· Use boolean settings to modify system SELinux settings.
· Diagnose and address routine SELinux policy violations
AutoFS
A package that provides support for automounting removable media or network shares when they are inserted or accessed.
Autofs , uses template files for configuration which are located in /etc/autofs. The main template is called “auto.master” which can point to one or more other templates for specific media types.
#/etc/autofs/auto.master
The first value on each line determines the base directory under which all the media in a template are mounted, the second value is which template to use,. The default base path is /media,but you can change this to any other location you prefer.
/etc/autofs/auto.master
/media/misc /etc/autofs/auto.misc --timeout=5
/media/net /etc/autofs/auto.net --timeout=60
The optional parameter timeout sets the amount of seconds after which to unmount directories.
The base directory will be created if it does not exist on your system. The base directory will be mounted on to load the dynamically loaded media,which means any content in the base directory will not be accessible while autofs is on. This procedure is however non-destructive so if you accidentially automount into a live directory you can just change the location in auto.master and restart autofs to regain the original contents.
If you still want to automount to a target non-empty directory and want to have the original files available even after the dynamically loaded directories are mounted you can use autofs to mount them to another directory and create soft links.
#ln –s /var/autofs/net/share_name /media/share_name
Alternatively you can autofs mount your media to a specific folder rather than inside a common folder.
1./etc/autofs/auto.master
/etc/autofs/auto.template
2. /etc/autofs/auto.template
/path/to/folder -options :device/path
/home/user/usbstick -fstype=auto,async,nodev,nosuid,umask=00 :dev/sdb1
Open the file /etc/nsswitch.conf and add an entry for automount
# automount: files
When you are done configuring your templates launch the Autofs daemon as root
# systemctl start autofs
To start the daemon on boot
# systemctl enable autofs
Devices are now automatically mounted when they are accessed they will remain mounted as long as you access them.
Removable media
Open /etc/autofs/auto.misc, to add remove or edit miscellaneous devices
# /etc/autofs/auto.misc
autofs, this is an automounter map and it has the following format
key[-mount-options-separated-by-comma] location
nfs -fstype=nfs,intr 192.168.75.132:/srv/nfs
#service autofs restart
#vim /etc/auto.master
+auto.master
/remote /etc/auto.remote
#vim /etc/auto.remote
nfs -fstype=nfs,intr 192.168.75.132:/srv/nfs
# service autofs restart
SELinux(SELinux)(#sestatus) is a mandatory access control security mechanism implemented in the kernel. SELinux follows the model of least-privilege more closely. By default under a strict enforcing setting,everything is denied and then a series of exceptions policies are written that give each element of the system only the access required to function.
Selinux has three basic modes of operation of which Enforcing is set as the installation default mode. This is an additional qualifier of targeted or mis which control how pervasive SELinux rules are applied with targeted begin the less stringent level.
Enforcing: the default mode which will enable and enforce the selinux security on the system denying access and logging actions.
Permissive: in Permissive mode, selinux is enabled but will not enforce the security policy only warm and log actions. Permissive mode is useful for troubleshooting SELinux issues.
Disabled: SELinux is turned off.
#dig – DNS lookup utility(dig- domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name servers that were queried.
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.
#nano- this is a GNU replacement for pico. Works and looks like pico but it is smaller better and licenced under the GPL.
# nano session1.txt (Starts the editor and opens the file session1.txt)
With command line FTP how can I transfer a group of files without typing out all their names
A:The FTP get and put commands only transfer single files. To transfer multiple files you can use the commands mget and mput.
Transferring files from your computer to another
1. To transfer files to another computer open an FTP connection to that computer
2. To move files from the current directory of your computer use the mput command.
Eg: # mput my*
The asterisk(*) is a wildcard that tells FTP to match all files starting with my
you can also use a question mark(?) to match a single letter. To interrupt the series of transfers ctrl+c and FTP will ask you whether you want to continue.
3. When prompted enter “y” to transfer each file. To turn this feature off, because you begin transferring files at the FTP prompt enter
# prompt
Transferring files from a different computers to yours
1.Open an FTP connection to another computer
2.To retrieve files, use the mget command
Mget myfile?
3. if prompted enter “y” to transfer each file.
[Steps
1. #sftp 192.168.75.101
# cd /LinuxCBT
# cd EL-6
# ls
sftp> mput anaconda-ks.cfg ks.cfg
]
Enter the fstp command at the command line
# ks=http://192.168.75.101/LinuxCBT/EL-6/ks.cfg
To verify
# which lftp
#which wget
/usr/bin/wget
# wget http://192.168.75.101/LinuxCBT/EL-6/ks.cfg
Wget
GNU Wget is a free utility for non-interactive download of files from the Web. It supports HTTP, HTTPS, and FTP protocols, as well as retrieval through HTTP proxies.
Wget is non-interactive, meaning that it can work in the background, while the user is not logged on. This allows you to start a retrieval and disconnect from the system, letting Wget finish the work. By contrast, most of the Web browsers require constant user's presence, which can be a great hindrance when transferring a lot of data.
Wget can follow links in HTML pages and create local versions of remote web sites, fully recreating the directory structure of the original site. This is sometimes referred to as ``recursive downloading.'' While doing that, Wget respects the Robot Exclusion Standard (/robots.txt). Wget can be instructed to convert the links in downloaded HTML files to the local files for offline viewing.
Wget has been designed for robustness over slow or unstable network connections; if a download fails due to a network problem, it will keep retrying until the whole file has been retrieved. If the server supports regetting, it will instruct the server to continue the download from where it left off.
Rescue Single modes
Linux OR Unix Interview Questions
1) What is GRUB
Ans GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn.
Briefly, a boot loader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the operating system kernel software (such as the Hurd or Linux). The kernel, in turn, initializes the rest of the operating system (e.g. GNU)
2) Explain Linux Boot Process
Ans http://www.thegeekstuff.com/2011/02/linux-boot-process/
3) Which files are called for user profile by default when a user gets login
Ans $HOME/.bash_profile, $HOME/.bash_bashrc
4) Which file needs to update if srequired to change default runlevel 5 to 3
Ans File is /etc/inittab and required to change below lines:
id:5:initdefault: to id:3:initdefault:
5) What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..
Ans FINGER command can be used i.g; finger username
6) What is inode number
Ans An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode stores basic information about a regular file, directory, or other file system object iNode number also called as index number, it consists following attributes:
File type (executable, block special etc)
Permissions (read, write etc)
Owner
Group
File Size
File access, change and modification time (remember UNIX or Linux never stores file creation
time, this is favorite question asked in UNIX/Linux sys admin job interview)
File deletion time
Number of links (soft/hard)
Extended attribute such as append only or no one can delete file including root user (immutability)
Access Control List (ACLs)
Following command will be used to show inodes of file and folders:
ls -i
Following command will show complete info about any file or folders with inode number
stat file/folder
Files/Folders can also be deleted using inode numbers with following command:
find out the inode number using 'ls -il' command then run below command
find . -inum inode_number -exec rm -i {} \;
7) How can we increase disk read performance in single command
Ans blockdev command
This is sample output - yours may be different.
# Before test
$ blockdev --getra /dev/sdb
256
$ time dd if=/tmp/disk.iso of=/dev/null bs=256k
2549+1 records in
2549+1 records out
668360704 bytes (668 MB) copied, 6,84256 seconds, 97,7 MB/s
real 0m6.845s
user 0m0.004s
sys 0m0.865s
# After test
$ blockdev --setra 1024 /dev/sdb
$ time dd if=/tmp/disk.iso of=/dev/null bs=256k
2435+1 records in
2435+1 records out
638390272 bytes (638 MB) copied, 0,364251 seconds, 1,8 GB/s
real 0m0.370s
user 0m0.001s
sys 0m0.370s
8) .... command to change user password expiration time
Ans CHAGE
9) Command used to lock user password
Ans usermod -L username
10) How many default number of Shells available and what are their names?
Ans SH, BASH, CSH, TCSH, NOLOGIN, KSH
11) Which file defines the attributes like UID, PASSWORD expiry, HOME Dir create or not while adding user
Ans /etc/login.defs
12) ...... command used for changing authentication of linux system to LDAP/NIS/SMB/KERBOS
authconfig
13) ...... command used for changing the attributes of any file
chattr
14) What is the path of network (ethX) configuration files
/etc/sysconfig/network-scripts/ethX
15) How can we change speed and make full duplex settings for eth0
We can do this with below given 2 methods:
ethtool -s eth0 speed 100 duplex full
ethtool -s eth0 speed 10 duplex half
OR
mii-tool -F 100baseTx-HD
mii-tool -F 10baseT-HD
16) File which stores the DNS configuration at client side
/etc/resolve.conf
17) Main configuration file and command used for exporting NFS directories and it's deamons.
/etc/exports and exportfs -av , deamons are quotad, portmapper, mountd, nfsd and nlockmgr/status
18) What is command to check ports running/used over local machine
netstat -antp
19) What is the command to check open ports at remote machine
nmap
20) What is the difference between soft and hard links
Soft Links => 1) Soft link files will have different inode numbers then source file
2) If original file deleted then soft link file be of no use
3) Soft links are not updated
4) Can create links between directories
5) Can cross file system boundaries
Hard Links => 1) Hard links will have the same inode number as source file
2) Hard links can not link directories
3) Can not cross file system boundaries
4) Hard links always refers to the source, even if moved or removed
21) How to setup never expired user password
chage -E never username
22) Restricting insertion into file if full permission are assigned to all
chattr +i filename
23) Display or Kill all processes which are accessing any folder/file
Display User who are using file/folder : fuser -u file/folder
Kill All Processes which are using file/folder: fuser -k file/folder
24) Kill any user's all processes
killall -u username
25) How can we have daily system analysis and reports over mail
Use logwatch
26) How can we rotate logs using logrotate without performing any operation like move and gzip'ng over original file and then creating new file (which is very lengthy process)
We can use "logrotate"'s "copytruncate" option which will simply copy original file and truncate original file :)
27) Command to collect detailed information about the hardware and setup of your system
dmidecode , sysreport
28) Command to check PCI devices vendor or version
lspci
29) What is the difference between cron and anacron
Cron :
1) Minimum granularity is minute (i.e Jobs can be scheduled to be executed
every minute)
2) Cron job can be scheduled by any normal user ( if not restricted by super
user )
3) Cron expects system to be running 24 x 7. If a job is scheduled, and system is down during that time, job is not executed
4) Ideal for servers
5) Use cron when a job has to be executed at a particular hour and minute
Anacron :
1) Minimum granularity is only in days
2) Anacron can be used only by super user ( but there are workarounds to
make it usable by normal user )
3) Anacron doesn’t expect system to be running 24 x 7. If a job is scheduled,
and system is down during that time, it start the jobs when the system comes back up.
4) Ideal for desktops and laptops
5) Use anacron when a job has to be executed irrespective of hour and minute
30) Default Port numbers used by ssh,ftp,http,https,telnet,smtp,pop3, pop3s,imap,imaps.
SSH 22, ftp 20/21, http 80, https 443, SMTP/SMPTS 25/465, POP3/POP3S 110/995, IMAP/IMAPS 143/99331) How to setup ACLs in following case:
1) Create a file FILE1 and this should be read,write,executable for all user but Read only for user USER1
2) Copy FILE1 ACLs to FILE2 ACL
3) Delete a USER1's rule for FILE1 which were setup in step 1)
Ans 1) touch FILE1 ; chmod 777 FILE1 ; setfacl -m u:USER1:r FILE1
2) getfacl FILE1 | setfacl --set-file=- FILE2
3) setfacl -x u:USER1 FILE1
32) How to make USB bootable?
Write efidisk.img from RHEL 6 DVD images/ subdirectory to USB
dd if=efidisk.img of=/dev/usb (usb device name)
33) How can we check disk/device status/failure/errors using smartctl utility?
Try following to check:
Enable/Disable SMART on device/disk : smartctl -s on /dev/sda
Check device SMART health : smartctl -H /dev/sda
Check device SMART capabilities : smartctl -c /dev/sda
Enable/Disable automatic offline testing on device : smartctl -o on/off /dev/sda
Show device SMART vendor-specific Attributes and values : smartctl -A /dev/sda
Show device log [TYPE : error, selftest, selective, directory,background,
scttemp[sts,hist]] : smartctl -l TYPE /dev/sda
Run test on device [TEST: offline short long conveyance select,M-N pending,N
afterselect,[on|off] scttempint,N[,p] : smartctl -t /dev/sda
34) What is the difference between ext2 vs ext3 vs ext4?
Ans http://www.thegeekstuff.com/2011/05/ext2-ext3-ext4/
35) Disable ping to avoid network/ICMP flood
Ans Set following in /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all = 1
Then "sysctl -p"
or
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
36) What is SYN Flood, ICMP Flood
Ans SYN Flood : A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a fake/forged sender address. Each of these packets is handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet(Acknowledge), and waiting for a packet in response from the sender address(response to the ACK Packet). However, because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server is able to make, keeping it from responding to legitimate requests until after the attack ends
ICMP Flood : There are three types of ICMP Flood :
1) Smurf Attack : http://en.wikipedia.org/wiki/Smurf_attack
2) Ping Flood : http://en.wikipedia.org/wiki/Ping_flood
3) Ping of Death : http://en.wikipedia.org/wiki/Ping_of_death
37) What is the difference between Unix vs Linux Kernels?
Ans Please find below given link :http://www.thegeekstuff.com/2012/01/linux-unix-kernel/
38) How to setup Password less remote login/ssh?
Ans Use "ssh-keygen -t dsa or rsa" at local system for creating public and private keys
Then copy /root/.ssh/id_dsa.pub to remote_server by name /root/.ssh/authorized_keys
Change permissions of /root/.ssh/authorized_keys file at remote_server "chmod 0600 ~/.ssh/authorized_keys"
Now try to login from local system to remote_server "ssh root@remote_server"
39) Command to see default kernel image file
Ans "grubby --default-kernel"
40) How to create lvm mirror
Ans lvcreate -L 50G -m1 -n LVMmirror vg0
41) Command to check last runlevel
Ans who -r
42) What do you mean by File System?
Ans File System is a method to store and organize files and directories on disk. A file system can have different formats called file system types. These formats determine how the information is stored as files and directories.
43) What is the requirement of udev daemon?
Ans Create and remove device nodes or files in /dev/ directory
44) What are block and character devices?
Ans Both the devices are present in /dev directory
Block device files talks to devices block by block [1 block at a time (1 block = 512 bytes to 32KB)].
Examples: - USB disk, CDROM, Hard Disk (sda, sdb, sdc etc....)
Character device files talk to devices character by character.
Examples: - Virtual terminals, terminals, serial modems, random numbers (tty{0,1,2,3......})
45) How to Convert ext2 to ext3 File System?
Ans tune2fs -j /dev/{device-name}
46) File required to modify for setting up kernel parameters permanent
Ans /etc/sysctl.conf
47) Commands used to install, list and remove modules from kernel
Ans Installing/adding a module:
insmod mod_name
modprobe mod_name
List installed modules : lsmod
Removing a module : modprobe -r mod_name
48) How to create swap using a file and delete swap
Ans Adding swap :
dd if=/dev/zero of=/opt/myswap bs=1024 count=4
mkswap /opt/myswap
swapon -a
For adding this myswap at boot time, add following in /etc/fstab file:
/opt/myswap swap swap defaults 0 0
Deleting Swap :
Run "swapoff /opt/myswap" command
Remove the entry from /etc/fstab file
Remove /opt/myswap file (using rm command)
49) What vmstat show
Ans vmstat (virtual memory statistics) is a computer system monitoring tool that collects and displays summary information about operating system memory, processes, interrupts, paging and block I/O
50) What is tmpfs File System
Ans Reference : http://en.wikipedia.org/wiki/Tmpfs
tmpfs is a common name for a temporary file storage facility on many Unix-like operating systems. It is intended to appear as a mounted file system, but stored in volatile memory instead of a persistent storage device. A similar construction is a RAM disk, which appears as a virtual disk drive and hosts a disk file system.
Everything stored in tmpfs is temporary in the sense that no files will be created on the hard drive; however, swap space is used as backing store in case of low memory situations. On reboot, everything in tmpfs will be lost.
The memory used by tmpfs grows and shrinks to accommodate the files it contains and can be swapped out to swap space.
51) What is the difference between screen and script commands?
Ans Screen is an screen manager with VT100/ANSI terminal emulation and used to take GNU screen session remotely or locally and while Script make typescript of terminal session
Screen : needs to be detached, should not be exited to access remotely/locally
Script : creates a file and store all the terminal output to this file
52) How can we check which process is assigned to which processor?
Ans Run "ps -elFL" and find out the PSR column which is showing the processor number to the process
53) How can we check vendor, version, release date, size, package information etc... of any installed rpm?
Ans) rpm -qi package-name , for example:
rpm -qi ypbind-1.19-12.el5
- Basic Server
- Database server
- Web Server
- Virtual Host
- Desktop
- Software Development Workstation
- Minimal
- Load Balancer
- RedHat Enterprise Linux
- Resilient storage
- Scalable filesystem support
- Backup Client
- Base
- Compatibility libraries
- Console internet tools
- Debugging tools
- Dial-up networking support
- Directory client
- FCoE storage client
- Hardware monitoing utilities
- Infiniband support
- Java platform
- Large systems performance
- Legacy UNIX compatibility
- Mainframe Access
- Network File system client
- Networking Tools
- Performance Tools
- Perl support
- Printing client
- Scientific support
- Security tools
- Smart car support
- Storage availability tools
- iSCSI Storage client
- Backup Server
- CIFS server
- Directory server
- E-mail server
- FTP server
- NFS file server
- Network infrastructure server
- Network storage server
- Print server
- Server platform
- System administration tools
- PHP support
- TurboGears application framework
- Web Server
- Web Servlet Engine
- MySQL Database client
- MySQL Database server
- PostgreSQL Database client
- PostgreSQL database server
- Messaging client support
- Messaging server support
- SNMP support
- System management
- Web-base enterprise management
Example: boot: linux askmethod
For Hard drive installations transfer all the ISO images into an ext2 or vfat partition on one of the hard drives in the system on which you are about to install. This partition cannot be formatted during installation because the installation program must access these ISO files during the entire installation.
For NFS installation copy all the ISO image files into the shared directory on the NFS server. For an FTP and HTTP installation, use the following steps to share the contents of each ISO image in its own directory on the FTP and HTTP server:
1. In the shared directory on the FTP/HTTP server for each ISO image create a subdirectory called discX, where X is the number of the ISO image starting with the number 1.
2. For each ISO image, loopback mount it into its corresponding discX directory with the command.
Syntax: mount –o loop <name>.iso /shared/directory/discX.
Now the installation program can access all the installation files from the network server. Next, start the installation with the instructions.
Adding Updates to Installation Media or Source
Sometimes updates or bug fixes to the Red Hat installation program are released, similar to the way updates are released for the packages that make up the OS. Since the code for the installation program is on the installation media or in the shared directory containing the installation source, you need a way to use this updated code for the installation program, which are essential updated Python files. The updates are distributed as an update image, which is usually named updates.img. If an update image is available for your version of Red Hat Enterprise Linux and it is necessary to install the OS on your system, provide the image to the installation program using one the following locations:
àFloppy disk. After starting the installation, type linux updates at the boot: prompt.
àimages/ directory of installation tree or first installation CD, with the filename
updates.img. If the image is found, the updates in it are automatically used for
installation. This requires all the files from the ISO for disc 1 to be copied to the
disc1/ directory on the network share instead of just loopback mounting it so that
the images/ directory can be created.
àFTP or HTTP server, with the filename updates.img. After starting the installation,
type linux updates=ftp://<path> or linux updates=http://<path> where <path>
is the directory containing the updates image.
To install the Linux using PXE boot use the following steps:
1. Create an installation tree for the network install and make it available to the systems being installed.
2. Configure the tftp server
3. Configure the DHCP Server.
4. Boot the system to start the installation.
Setting Up Basic Partitions during installations
To use standard disk partitions,complete the following steps for each partition as below.
àClick New
àEnter a mount point such as / or /boot
àSelect Swap as the filesystem type if the partitions is to be used as swap space. Select ext3 for all other linux partitions.
àSelect the allowable drives if multiple drives exist. Basic partition cannot span over more than one physical drive. If more than one is selected,the partition will be created on one of the selected drives depending on the free disk space available on the selected drives and the desired size of the partition.
àThe partiton size can be set as fixed size, a vairable size upto a specific size depending on the amount of free disk space,or the total amount of free disk space available on one of the allowable drives selected.
àOptionally,select whether to force the partition to be a primary partition. This is necessary for some partitions such as /boot/efi on Itanium systems.
Setting up LVM during Installation
LVM is a storage management solution that allows administrators to divide hard drive space into physical volumes which can then be combined into Logical volume group (LVG)which are then divided into Logical volumes(LV) on which the filesystem and mount point are created.
To partition with LVM during the installation either allow the installation program to create the default layout or create the custom layout.
Steps
1.Create a standard disk partition for the /boot partiton because it can’t be within a LVM.
2.Create a physical volumes . A PV’s must be created for each physical hard drive you want to use for logical volumes. Click New again, except this time select physical volume(LVM) as the filesystem type.
3. Create the volume group. From the partitions list screen. Click LVM. The size of the VG is set by the number of physical extents which is 32MB by default. It is not recommended you modify the physical extent size.
4. Create the logical volumes (LV) inside the volume groups. An LV must be created for the root(/) mount point and for the swap space. Additional LVs such as /home and /tmp are optional. To create a logical volume from the partition list, select the VG in which to create it, and click Edit.
Note : service nfs status
anaconda-ks.cfg contains the recently installed system image, # redhat-config-kickstart then File-open select the anaconda-ks.cfg file from the Files , In the Installation Method select HTTP and enter HTTP server IP address and enter the path of the image file (eg:/i386).
Now save the file with ks.cfg. mount a floppy and copy ks.cfg to /mnt/floppy
Now restart and select the boot.iso CD-Rom. And at the boot prompt type
Boot: linux ks=floppy
Creating the Kickstart File
A kickstart file is a plain text file with each kickstart directive on a separate line. A sample text editor should be used to write or modify the file. Do not use a program that automatically line wraps because each directive must be on its own line.
The directives listed in the kickstart file must be grouped as follows.
1.Command section
2. %package section
3. %pre and %post section
If you have already performed an installation, a kickstart file based on the installation is written to /root/anaconda-ks.cfg.
Command Section
The command section consists of directives to answer all the questions from the interactive version of the installation program. They can be listed in any order as long as they all appear before the %package, %pre, and %post sections. This section groups them in categories to make it easier to determine which directives are suitable for your needs.
Notice that some commands are required. If any required directives are missing from the kickstart file, the automated installation will pause on the screen for which no information was provided in the kickstart file. To continue the installation, the administrator must complete the instructions for the screen and click Next.
This section divides the kickstart commands into categories based on their usage: installation,basic setup, partitioning, and additional. Some directives such as the install directive require related directives to be listed on separate lines. If a directive is followed by an equals sign (=), a value must follow it. Also notice that some directives are required.
Configuring the tftp server
Information such as the IP address or hostname of the network server sharing the installation tree to use must be retrieved by the client to be installed.
The server running this xinetd service can be the same system used as the NFS,FTP, HTTP server exporting the installation tree.
The following information need to be set for the tftp server
1. Operating system Identifer- One unique word that describes which installations tree the PXE server point the client to.
2. This is used for the unique directory name.
3. Protocol for installations: Protocol used to export the installation tree on the server. Must be one of NFS,HTTP,FTP. If any anonymous FTP is required, uncheck the Anonymous FTP option and enter the username and password for the FTP server.
4. KickStart location(optional): If also performing a kickstart installation, the location of the Kickstart file. The location can be a local file on the PXE server or a URL such as http://server.example.com/ksfiles/ks.cfg.
5. Network server IP Address: IP address or hostname of the NFS,FTP,HTTP server exporting the installation tree. If a hostname is used, the server must be able to resolve it to a valid IP address.
6. Installation tree location: Directory on the network server containing the installation tree. Must contain the images/pxeboot/ directory.
Setting up the tftp server files
First, setup the /tftpboot/linux-install/<os-ident>/ directory and populate it with the files necessary to start the installation program via PXE(all commands must be executed by the root user).
1. The /tftpboot/ directory is created by the tftp-server package. Create the /tftpboot/linux-install/ directory.
2. Copy the /usr/lib/syslinux/prelinux.0 file installed by the syslinux package into the newly created /tftpboot/linux-install/ directory.
3. Cp /usr/lib/syslinux/prelinux.0 /tftpboot/linux-install/
4. Create the /tftpboot/linux-install/msg/ directory.
5. Copy all the .msg files from the isolinux/directory in the installation tree or from the first installation CD in the newly created /tftpboot/linux-install/msg/ directory.
Use the following steps to configure the files specific to the Red Hat Linux version and variant to be installed.
1. Create the /tftpboot/linux-install/<os-ident>/directory where <os-ident> is a unique identifier for the version and variant of Red Hat Linux to install via PXE. For eg. RHEL5Server can be used to RedHatEnterpriseLinux5Server
2. Copy the initrd.img andvmlinuz files from the images/pxeboot/ directory of the installation tree or the first installation CD into the /tftpboot/linux-install/<os-ident>/ directory.
3. If performing a kickstart installation copy the file in the /tftproot/linux-install/<os-ident> directory as well as the ks.cfg filename.
Use the following steps to configure the files specific to the systems connecting to the
PXE server for installation:
1. Create the /tftpboot/linux-install/pxelinux.cfg/ directory on the PXE server.
2. The /tftpboot/linux-install/prelinux.cfg/ directory should contain a file for each system to be installed where the filename is the IP address or hostname of the system to be installed. If the system to be installed does not have a configuration file based on its IP address, the configuration information in the file named default is used.
Example pxelinux.cfg/ File default local
timeout 100
prompt 1
display msgs/boot.msg
F1 msgs/boot.msg
F2 msgs/general.msg
F3 msgs/expert.msg
F4 msgs/param.msg
F5 msgs/rescue.msg
F7 msgs/snake.msg
label local
localboot 1
label 0
localboot 1
label 1
kernel <os-ident>/vmlinuz
append initrd=<os-ident>/initrd.img ramdisk_size=6878 \
method=<method> ip=dhcp
Enabling and starting the tftp Service
After configuring the tftp server and which clients are allowed to connect to it, to PXE boot to network installation of Red Hat Linux, enable the service at boot time and start it.
The commands are
Chkconfig –level 345 xinetd on
Chkconfig –level 345 tftp on
If it is not started type : service xinetd start
Enabling the PXE Booting service on the DHCP Server
allow booting;
allow bootp;
class “pxeclients” {
match if substring (option vendor-class-identifier,0,9)=”PXEClient”;
next-server <server-ip address>
filename “linux-install/pxelinux.0”;
}
To enable or disable Kdump later execute the system-config-kdump command to start a graphical application for configuration it.
Linux Basics
· #rpm –q man[It displays the package version of man]
· Manuals has 9 sections
· root# manpath
o /usr/local/share/man:/usr/share/man:/usr/x11R6/man:/usr/local/man
o /usr/share/man section has 9 manuals from man1..man9.
· Manuals has 9 sections
Section 1 (User commands)
It describes the user commands and tools like, file manipulation,shells,compilers, webbrowsers,file and image viewers and editors…
Emacs was written by Richard Stallman
n # rpm –q man gives you the version of man. Or you can use “rpm –qi man”.
List of manuals in linux
Man1 - contains user tools such as ls,cp,mv,rm etc..
Man2 – contains the system calls typically used by programmers.
Man3 – contains the C-library calls
Man4 – contains the device driver info
Man5 – contains the configuration files
Man6 – contains the manual files related to the games, contains the information in the form of documentation
Man7 – contains the packages.
Man8 – contains the system tools
Man9 – contains the final documentation
The folders under the /root are
Bin – which contains the basic binary, like cp,ls,cp,mv,date,kill,PS….
Example # which –ls
Ls –boot contains the kernal related files.
/dev – contains the devices information,
# df –h command
/etc – contains the host specific configuration files and are in ASCII specific format.
/home – contains the documents and settings
/initrd(initialization of RAM disk) –temporary mount
/lost+found – fragmentation,disk problems. It contains the errors that are partially deleted. It helps in locating the very fragmented and accidentally deleted but not fully deleted,
/misc – it can be used by various application something like /tmp.
/mnt – contains the removable media devices.
Example – mount /mnt/floppy/ Mounts the floppy drive.
Example – umount /mnt/floppy/ Unmounts the floppy drive.
/opt – contains the add-on applications
/proc – it is virtual directory it doesn’t store on Hard disk ,it is stored on RAM, it contains the runtime system information.
# rpm –qf /bin/ls
#ls –a displays everything that is hidden. The hidden files are identified as there will be decimal before their name like “.bash.metacity”.
#ls-A – displays the files including the hidden files but not in the current directory and parent directory.
#ls- ali – displays the inodes of the files on the disk.
#ls –r display the list in reverse order. Llly u can use #ls –rl
#ls-F – visual classification of files with special characters using ls –F. thus the output will be /- directory, nothing-normal life,@ - link file,* - executable file.
#ls-n – displays the uid,gid in numeric format instead of names.
#ls –t – Sorts the files based on the last modification time
#ls –l /etc – displays all the files under the directory
#ls-h – displays the file size in the human readable format.
# alias dir=’dir - -color=tty’ – we can create the alias for the entire command.
#find /bin –name –ls – used to find the path of the binary.
#locate – works faster then #find but uses the database. Locate doesn’t search the files on the disk rather than it searches for file paths in the database. The locate database file is located at /var/lib/mlocate.db. There is another utility called “updatedb”. When you execute the updated it scans the entire system and updates the mlocate.db database file.
We can also configure the ‘updatedb’ utility as per our needs. This can be achieved by updating the updatedb.conf. This is a configuration file that updatedb reads before updating the database. updatedb.conf is located under /etc/.
# cat /etc/updatedb.conf
PRUNE_BIND_MOUNTS="yes"
PRUNENAMES=".git .bzr .hg .svn"
PRUNEPATHS="/tmp /var/spool /media"
PRUNEFS="NFS nfs nfs4 rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre_lite tmpfs usbfs udf fuse.glusterfs fuse.sshfs ecryptfs fusesmb devtmpfs"
updatedb.conf file contains information in the form of VARIABLES=VALUES. These variables can be classified into :
§ PRUNEFS : A whitespace-separated list of file system types (as used in /etc/mtab) which should not be scanned by updatedb. The file system type matching is case-insensitive. By default, no file system types are skipped. When scanning a file system is skipped, all file systems mounted in the subtree are skipped too, even if their type does not match any entry in PRUNEFS.
§ PRUNENAMES : A whitespace-separated list of directory names (without paths) which should not be scanned by updatedb. By default, no directory names are skipped. Note that only directories can be specified, and no pattern mechanism (e.g. globbing) is used.
§ PRUNEPATHS : A whitespace-separated list of path names of directories which should not be scanned by updatedb. Each path name must be exactly in the form in which the directory would be reported by locate. By default, no paths are skipped.
§ PRUNE_BIND_MOUNTS : One of the strings 0, no, 1 or yes. If PRUNE_BIND_MOUNTS is 1 or yes, bind mounts are not scanned by updatedb. All file systems mounted in the subtree of a bind mount are skipped as well, even if they are not bind mounts. By default, bind mounts are not skipped.
tar command
1. Creating an archiving using tar command.
Creating a uncompressed tar archive using option cvf
# tar cvf archive_name.tar /dirname
c-create an new archive
v- verbosely list files which are exposed
f-following is the archive file name
2. Creating a tar gzipped archive using option cvzf, the above tar cvf option doesnot provide any compression, to use gzip compression on the tar archive use the “z” option.
$ tar cvzf archive_name.tar.gz dirname/
z—filter the archive through gzip.
Note: .tgz is same as the .tar.gz
Creating a bzipped tar archive using option cvjf,
Eg: $ tar cvjf archive_name.tar.bz2 dirname/
j – filter the archive through bzip2.
Note : gzip vs bzip2, bzip2 takes more time to compress and decompress than gzip, bzip2 archival is less than the gzip.
3. Extracting (untar) an archive using tar command
Extract a *.tar file option xvf.
Eg: $ tar xvf archive_name.tar
x- extracts the files from the archive.
Extract a gzipped tar archive *.tar.gz using option xvzf
Use the option z for uncompressing a gzip tar archive.
4.Listing an archive using tar command
$ tar tvf archive_name.tar
5. Extracting a single file from tar,tar.gz,tar.bz2 file
To extract a specific file from tar, specify the file name at the end of the tar xvf.
$ tar xvf archive_file.tar /path/to/file
6. Extract a single directory from tar, tar.gz, tar.bz2 file
To extract a single directory (along with it’s subdirectory and files) from a tar archive, specify the directory name at the end of the tar xvf command as shown below. The following extracts only a specific directory from a large tar file.
$ tar xvf archive_file.tar /path/to/dir/
To extract multiple directories from a tar archive, specify those individual directory names at the end of the tar xvf command as shown below.
$ tar xvf archive_file.tar /path/to/dir1/ /path/to/dir2/
Use the relevant option z or j according to the compression method gzip or bzip2 respectively as shown below.
$ tar xvfz archive_file.tar.gz /path/to/dir/
$ tar xvfj archive_file.tar.bz2 /path/to/dir/
7. Extract group of files from tar,tar.gz,tar.bz2 archives using regular expression
$ tar xvf archive_file.tar – wildcards ‘*.pl’
8. Adding a file or directory to an existing archive using option –r
To append a file to tar
$ tar rvf archive_name.tar newfile
Adding a directory to the tar is also similar
$ tar rvf archive_name.tar newdir/
Note: You can’t add a file or directory to compressed archive.
9. Verify files available in tar using option –W
As part of verification you can verify the archive file that got created using the option W
Ex: $ tar cvfW filename.tar /dir (If an output line starts with verify and there is no differs line then the file/directory is ok.
Note: for a compressed file you can’t do the verification
10. Estimate the tar archive size
$ tar –cf - /directory/to/archive/ | wc –c
Output redirection to a file
$ ls > test_outputfile
Input redirection from a file
$ cat < bin_out
To create variable in linux we can use echo or export.
Eg: $ export linuxcbt=thebest.
Eg: echo $cbt.
We can unset the variable like $unset linuxcbt.
To check use $ env | grep linuxcbt.
To create human readable command we use alias.
$ alias df=”df-h”
Note Type alias to see various alias
Alias’s can be place in .bashrc.
Uptime utility tells you how long the system is running and the number of users connected and load average of the system.
# cat /proc/meminfo – will show the current running memory. And physical memory and swap memory.
# cd proc and #cat cpuinfo
#free displays the total amount of memory, and displays the swap information. And #/usr/bin/free. And #rpm –qf /usr/bin/free it gives the procps-2.0.11-6
# watch utility , displays or runs the commands every 2 seconds that which we have given with the watch command. Eg #watch free.
#top command displays the various commands provides the information like total processors,cpu states,memory free,swap memory,
ctrl+shift+d -- opens a new tab
#vmstat is a one line statement which display the concise information related to the various processors,memory,swap,io,system,cpu usage.
#gnome-system-monitor – it is the graphical version of the list of processors.
#ps – command displays the various processes and
#ps-aux displays various PID,cpu usage,memory,RSS,VSS,TTY,STAT,START,TIME, Command.
#ps-aux | grep gnome-system , it will displays the process names which begin with gnome-system.
#kill <processed> -- kill the process.
Navigation in vi editor j,k,l,h and shift+G to top and G to bottom and to go to specific line enter line number and press shift+G. To delete a specific character from the file go to the character and press x, and to undo the delete operation press u.
#rpm –q emacs
Type #emacs & to work both with shell script and window mode
fdisk –l : it will displays various partitions in linux system.
The first hard disk is called HDA and stored under the /dev
#df – disk full command will displays the partitions and swap partitions and size in MB,KB. And #df- h displays in MB and GB.
The normal partition can be identified by ID 83 and swap partition ID is 82.
If you see the l in the file permissions it is symbolic link, like “lrwxrwxrwx”
Go to /dev there we find the b in the file permissions means the block type.
Filetypes
# ls – F, if the file is having * at the end then it is called executable entry.
To know the file details type # file uname.
Types of files
- =file
d=directory
c= character device files.
b=block devices
s=unix domain sockets
p=named pipes
l= symbolic link
To see the list along with inodes
# ls -li
Each partition contains the inodes contains certain no of block with 8K.
To create a soft link for a file type
# ln –s bin_out link_bin_out, it will create a link with different color and with 7bytes.
To create a hard link for a file type, Hard link creates an another copy
#ln bin_out link_bin_out
To mount the floppy
# mount /dev/fd0 – where 0 represents the first floppy disk.
GUI mounting is # gfloppy
To unmount the device
#umount /dev/fd0
#mke2fs /dev/fd0 it will create the ext2 extension on floppy disk.
To mount with CD-Rom drive.
Which mkisofs, which helps in creating the root
mkisofs –o redhat9_cdl.iso –J –A –V –v –R /mnt/cdrom<target>.
# cat/etc/redhat-release displays the current version of the redhat linux.
To reboot system
#reboot
To boot from the nfs type
Boot: linux ks:nfs:192.168.1.2:/install/ks.cfg
#cat meminfo displays the memory,swap,memtotal,memoryfree
IPTables : It is the Firewall/NAT package . initially it is called as ipchains, but it has number of shortcomings. To rectify this the Netfilter organization decide to create a new product called iptables.
Pros(+):
- Better integration with the Linux kernel with the capability loading iptables specific kernel modules designed for improved speed and reliability.
- Stateful packet inspection. This means that the firewall keeps track of each connection passing through it and in certain cases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS.
-Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from localy attacjed servers to other networks in spite of their IP addresses.
- Better network address translation.
- Support for transparent integration with such web proxy programs as Squid.
- A rate limiting feature that helps iptables block some types of denial of service(DoS) attacks.
25 Most Frequently Used Linux IPTables Rules Examples
1. Delete Existing Rules
Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this.
iptables -F
(or)
iptables --flush
2. Set Default Chain Policies
The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below.
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
When you make both INPUT, and OUTPUT chain’s default policy as DROP, for every firewall rule requirement you have, you should define two rules. i.e one for incoming and one for outgoing.
In all our examples below, we have two rules for each scenario, as we’ve set DROP as default policy for both INPUT and OUTPUT chain.
If you trust your internal users, you can omit the last line above. i.e Do not DROP all outgoing packets by default. In that case, for every firewall rule requirement you have, you just have to define only one rule. i.e define rule only for incoming, as the outgoing is ACCEPT for all packets.
Note: If you don’t know what a chain means, you should first familiarize yourself with the IPTables fundamentals.
3. Block a Specific ip-address
Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the “x.x.x.x” in the following example to the specific ip-address that you like to block.
BLOCK_THIS_IP="x.x.x.x"
iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP
This is helpful when you find some strange activities from a specific ip-address in your log files, and you want to temporarily block that ip-address while you do further research.
You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address.
iptables -A INPUT -i eth0 -s "$BLOCK_THIS_IP" -j DROP
iptables -A INPUT -i eth0 -p tcp -s "$BLOCK_THIS_IP" -j DROP
4. Allow ALL Incoming SSH
The following rules allow ALL incoming ssh connections on eth0 interface.
iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
Note: If you like to understand exactly what each and every one of the arguments means, you should read How to Add IPTables Firewall Rules
5. Allow Incoming SSH only from a Sepcific Network
The following rules allow incoming ssh connections only from 192.168.100.X network.
iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
In the above example, instead of /24, you can also use the full subnet mask. i.e “192.168.100.0/255.255.255.0″.
6. Allow Incoming HTTP and HTTPS
The following rules allow all incoming web traffic. i.e HTTP traffic to port 80.
iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.
iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
7. Combine Multiple Rules Together using MultiPorts
When you are allowing incoming connections from outside world to multiple ports, instead of writing individual rules for each and every port, you can combine them together using the multiport extension as shown below.
The following example allows all incoming SSH, HTTP and HTTPS traffic.
iptables -A INPUT -i eth0 -p tcp -m multiport --dports 22,80,443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 22,80,443 -m state --state ESTABLISHED -j ACCEPT
8. Allow Outgoing SSH
The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server.
iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
Please note that this is slightly different than the incoming rule. i.e We allow both the NEW and ESTABLISHED state on the OUTPUT chain, and only ESTABLISHED state on the INPUT chain. For the incoming rule, it is vice versa.
9. Allow Outgoing SSH only to a Specific Network
The following rules allow outgoing ssh connection only to a specific network. i.e You an ssh only to 192.168.100.0/24 network from the inside.
iptables -A OUTPUT -o eth0 -p tcp -d 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
10. Allow Outgoing HTTPS
The following rules allow outgoing secure web traffic. This is helpful when you want to allow internet traffic for your users. On servers, these rules are also helpful when you want to use wget to download some files from outside.
iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
Note: For outgoing HTTP web traffic, add two additional rules like the above, and change 443 to 80.
11. Load Balance Incoming Web Traffic
You can also load balance your incoming web traffic using iptables firewall rules.
This uses the iptables nth extension. The following example load balances the HTTPS traffic to three different ip-address. For every 3th packet, it is load balanced to the appropriate server (using the counter 0).
iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 0 -j DNAT --to-destination 192.168.1.101:443
iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 1 -j DNAT --to-destination 192.168.1.102:443
iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 2 -j DNAT --to-destination 192.168.1.103:443
12. Allow Ping from Outside to Inside
The following rules allow outside users to be able to ping your servers.
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
13. Allow Ping from Inside to Outside
The following rules allow you to ping from inside to any of the outside servers.
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
14. Allow Loopback Access
You should allow full loopback access on your servers. i.e access using 127.0.0.1
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
15. Allow Internal Network to External network.
On the firewall server where one ethernet card is connected to the external, and another ethernet card connected to the internal servers, use the following rules to allow internal network talk to external network.
In this example, eth1 is connected to external network (internet), and eth0 is connected to internal network (For example: 192.168.1.x).
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
16. Allow outbound DNS
The following rules allow outgoing DNS connections.
iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT
17. Allow NIS Connections
If you are running NIS to manage your user accounts, you should allow the NIS connections. Even when the SSH connection is allowed, if you don’t allow the NIS related ypbind connections, users will not be able to login.
The NIS ports are dynamic. i.e When the ypbind starts it allocates the ports.
First do a rpcinfo -p as shown below and get the port numbers. In this example, it was using port 853 and 850.
rpcinfo -p | grep ypbind
Now allow incoming connection to the port 111, and the ports that were used by ypbind.
iptables -A INPUT -p tcp --dport 111 -j ACCEPT
iptables -A INPUT -p udp --dport 111 -j ACCEPT
iptables -A INPUT -p tcp --dport 853 -j ACCEPT
iptables -A INPUT -p udp --dport 853 -j ACCEPT
iptables -A INPUT -p tcp --dport 850 -j ACCEPT
iptables -A INPUT -p udp --dport 850 -j ACCEPT
The above will not work when you restart the ypbind, as it will have different port numbers that time.
There are two solutions to this: 1) Use static ip-address for your NIS, or 2) Use some clever shell scripting techniques to automatically grab the dynamic port number from the “rpcinfo -p” command output, and use those in the above iptables rules.
18. Allow Rsync From a Specific Network
The following rules allows rsync only from a specific network.
iptables -A INPUT -i eth0 -p tcp -s 192.168.101.0/24 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 873 -m state --state ESTABLISHED -j ACCEPT
19. Allow MySQL connection only from a specific network
If you are running MySQL, typically you don’t want to allow direct connection from outside. In most cases, you might have web server running on the same server where the MySQL database runs.
However DBA and developers might need to login directly to the MySQL from their laptop and desktop using MySQL client. In those case, you might want to allow your internal network to talk to the MySQL directly as shown below.
iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT
20. Allow Sendmail or Postfix Traffic
The following rules allow mail traffic. It may be sendmail or postfix.
iptables -A INPUT -i eth0 -p tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT
21. Allow IMAP and IMAPS
The following rules allow IMAP/IMAP2 traffic.
iptables -A INPUT -i eth0 -p tcp --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 143 -m state --state ESTABLISHED -j ACCEPT
The following rules allow IMAPS traffic.
iptables -A INPUT -i eth0 -p tcp --dport 993 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 993 -m state --state ESTABLISHED -j ACCEPT
22. Allow POP3 and POP3S
The following rules allow POP3 access.
iptables -A INPUT -i eth0 -p tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 110 -m state --state ESTABLISHED -j ACCEPT
The following rules allow POP3S access.
iptables -A INPUT -i eth0 -p tcp --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 995 -m state --state ESTABLISHED -j ACCEPT
23. Prevent DoS Attack
The following iptables rule will help you prevent the Denial of Service (DoS) attack on your webserver.
iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT
In the above example:
- -m limit: This uses the limit iptables extension
- –limit 25/minute: This limits only maximum of 25 connection per minute. Change this value based on your specific requirement
- –limit-burst 100: This value indicates that the limit/minute will be enforced only after the total number of connection have reached the limit-burst level.
24. Port Forwarding
The following example routes all traffic that comes to the port 442 to 22. This means that the incoming ssh connection can come from both port 22 and 422.
iptables -t nat -A PREROUTING -p tcp -d 192.168.102.37 --dport 422 -j DNAT --to 192.168.102.37:22
If you do the above, you also need to explicitly allow incoming connection on the port 422.
iptables -A INPUT -i eth0 -p tcp --dport 422 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 422 -m state --state ESTABLISHED -j ACCEPT
25. Log Dropped Packets
You might also want to log all the dropped packets. These rules should be at the bottom.
First, create a new chain called LOGGING.
iptables -N LOGGING
Next, make sure all the remaining incoming connections jump to the LOGGING chain as shown below.
iptables -A INPUT -j LOGGING
Next, log these packets by specifying a custom “log-prefix”.
iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7
Finally, drop these packets.
iptables -A LOGGING -j DROP
To configure the Security Level
#lokkit – it is the character based tool.
Different Login Shells available while creating the user
/bin/ash
/bin/bash
/bin/bash2
/bin/bsh
/bin/csh
/bin/sh
/bin/tcsh
/sbin/nologin
#ntsysv is a shell command for services,which is similar to the SystemSettings-> ServerSettings->Services
To start calculator type #gnome calculator
To start Users and Groups type #redhat-config-users.
#cat /passwd – displays all the passwords users groups information
àDownload the john ripper for strong passwords.
The fields available are
linuxcbt:x:501:501:Linux User:/home/linuxcbt:/bin/bash
First column: user name – Linuxcbt
Second column: Field for password- because we are using shadow passwords we see x.
Third column : user id.
Fourth column: group id is similar to the user id. By default the user id belongs to the same group .
Fifth column: this is the description column
Sixth column: this is the default home directory.
Seventh column: default shell
The temp directory has the t in the permissions list, which states that it is temp directory, and the contents in that directory can be deleted by the user who has created the contents.
To configure the network
#Redhat-config-network, this can be seen in the shell mode as # cat ifcg-eth0
#cd /etc
#cd sysconfig
#cd network-scripts
Four major networking files within linux environment
1. /etc/sysconfig/network – contains global info
hostname,
network=yes/no
defalt gateway
2. /etc/sysconfig/network-scripts/ifcfg-eth0 – first NIC
3. /etc/resolv.conf – contains DNS servers and search order
nameserver 24.151.8.210
4. /etc/hosts –
#ping –c 3 localhost
4-Steps PING process to test network connectivity/stack
1.ping localhost
2. ping neighbor
3.ping default gateway
4.ping remote host
DHCP Client components
/sbin/dhclient—scripts- performs DORA –gets address for client
/var/lib/dhcp—various leases
/etc/sysconfig/network – scripts/ifcfg-eth0—BOOTPROTO=none
/etc/resolv.conf – contains DNS severs and optionally search domains and
nameserver
To restart the network service
# service network reload/restart
rdesktop is used to connect to the windows server syntax is
#rdesktop –g 550x450 192.168.1.100
TCP/IP ports
Linux clients communicate using ports
TCP/IP supports 16-bit ports=2 to the power 16=65536
Web browser à web server communication
1024 & > -à 80
Well-known ports 0-1023
HTTP=80
HTTPS=443
POP3=110
SMTP=25
To open or modify the network settings for eth0
1. #cd /etc/sysconfig/network-scripts/
2. # ls
3. cat ifcg-eth0
DEVICE=eth0
BOOTPROTO=STATIC
BROADCAST=192.168.1.255
IPADDR=192.168.1.2
NETMASK=255.255.255.0
NETWORK=192.168.1.0
ONBOOT=yes
To view the network go to # cat /etc/sysconfig/
#Cat network
resolve.conf contains the nameserver configuration or name resolution.
The leases file can be found in the /etc/var/dhcp/dhclient-eth0.leases
It contains the recent changes in the dhcp configuration,
1. interface
2. fixed-address
3.option subnet-mask
4.option routers
5. option dhcp-lease-time
6. option dhcp-message-type
7.option domain-name-servers
8. option dhcp-server-identifier
9. option dhcp-renewal-time
10. option dhcp-rebinding-time
11. option domain-name
12. renew
13. rebind
14. expire
The network time proctocol can be found under the /etc/ntp.conf.
To check the ntp type #ntpq- p
VNC is a remote display system which allows you to view a computing environment not only on the machine where it is running. But from anywhere on the internet and from a wide variety of machine architectures. This package contains a client which allow you to connect to other desktops running a VNC server. This package includes all improvements from TightVNC 1.2 distribution.
Scp command allows files to be copied to from or between different hosts. It uses ssh for data transfer and provides the same authentication and same level of security as ssh.
Examples
Copy the file “foobar.txt” from a remote host to the local host
$ scp <your_username@remotehost.edu:foobar.txt> </some/local/directory>
Scp performance
By default scp uses the Triple-DES cipher to encrypt the data being sent. Using the Blowfish cipher has been shown to increase speed. This can be done by using option
-c blowfish in the command line
$scp –c blowfish some_file your_username@remotehost.edu:~
$scp vnc-server-3.3.3r2-51.1.i386.rpm 192.168.1.80:
Vnc srver options
-name <desktop-name>
-depth <depth>
-gemotry<width>x<height>
-pixelformat rgb<nnn>
-pixelformat bgr<NNN>
#Vncserver –depth 16 –gemotry 550x450
You can move to vnc and move the password files
You can kill the vncserver process
#vncserver –kill :1
To see the runlevel
#runlevel
Where runlevel displays the current runlevel and previous runlevel
eg # runlevel
N 5
runlevel 3 and 5 are system preferable runlevels which support GUI.
To see the list of available runlevels #cat inittab
Rescue mode allows us from typically situations like
1.forgotten root password. <linux resuce>
2.Failed hardware parts like fail of hard drives
3. Software problems(another operating system)
4. MBR becomes corrupt
5.Partition changes
You can view the information in /etc/grub.conf.
Rescue mode requires bootable media
1.Floppy Disk
2. CDROM
Upon boot/attempting linux rescue once prompted
type “linux rescue”
Change the directory to /cdrom/images/ and dump the bootdisk.img into floppy disk.
#dd if=bootdisk.img of=/dev/fd0 for this we don’t need need to mount the floppy disk.
In the rescue mode there are 2 virtual consoles
1.CTRL+ALT+F1 2.CTRL+ALT+F2.
Change directory to mnt type mkdir sysimage and next cd sysimage/ next chroot /mnt/sysimage
Packages
#redhat-config-packages
Rpm packages manager maintains the database in the /var/lib/rpm
# file basenames(Berkeley DB(Has,version 8))
Rpm modes in 5 modes
1.Installation
2.Upgrade/Update
3.Remove
4.Query
5.Verify
#rpm –Vp(verify package) <package name>
# rpm –K <packagename> , which checks whether the package is change in the transaction or not.It checks the md5 signature if it is OK then everything is OK.
Boot Process
1.BIOS checks the peripherals and RAM whether they exist or not
2.Search the MBR of the primary hard drive and checks the first stage(first sector) loader.
3. MBR references step 1 loader within 512 bytes.
4. step 2 loader called from step 1 loader and loaded into RAM
5. Default step 2 loader in GRUB and optionally LILO(Linux loader).
6. GRUB is loaded into memory
7. GRUB locates kernel (vmlinuz-version) from /boot partition
8. GRUB creates RAMDISK which takes the section of memory for initrd(initramdisk), [init is the process continues loading all the services and mounting the partitions and contains the modules that are required for loading. And it is much faster than any other memory.],don’t remove the initrd.
9. GRUB handsoff to kernel
10. kernel handsoff boot process to /sbin/init
11.init loads daemons and mounts partitions /etc/fstab
12. user receives login screen.
Various process are stored in <init.d> a
And various run levels are stored in /etc/rc.d.
GRUB Features
1. Provides a pre-OS command environment
2. can boot OS’s above 1024th cylinder or 528MB.
3.Can read directly ext2 and ext3 partitions
/boot—vmlinuz-version(kernel)
/boot/grub/grub.conf
7-RunLevels
/etc/rc.d/rc 0 – halts(simply shutdown the system)
Halt can be used by system administrators
/etc/rc.d/rc 1 – single user mode =linux single
/etc/rc.d/rc 2 – custom server with minimal scripts(multiuser without NFS)
/etc/rc.d/rc 3 – simply shell access.(Full multiuser mode)
/etc/rc.d/rc 4 – custom purpose.(user defined)(un used)
/etc/rc.d/rc 5 –it is GUI mode.(#startX) -- X11.
/etc/rc.d/rc 6 – reboot(init 6)
Kernel passes control upon boot to /sbin/init.
1. /etc/rc.d/rc.sysinit – setup of script environment
2. /etc/inittab – determine what program and process are to be runned at various levels. ( for default runlevel)
3. /etc/rc.d/init.d/functions file –
4. executes the scripts in appropriate runlevel -- /etc/rc.d/rc5.d – where it contains the Kill scripts and Start scripts. And kill scripts run first and start scripts runs next.
a)runs K scripts(kill scripts) -- /etc/rc.d/rc5.d where contains the process with the K and number like K05saslauthd, where scripts with less number starts first.
b)runs S scripts(start scripts) eg S08iptables
You can store the custom scripts under the #rc.local directory
* Under the rc.d first script that runs rc.sysinit | less[ runs once at boot time,host name localhost
Daemon Management
The three common Daemon/Service management tools
1. redhat-config-services
2.ntsysv
3.chkconfig
3.1 chkconfig –- add <name>
3.2 chkconfig -- del <name>
All of the daemons are reside in init.d
The files reside in init.d are real daemons. Like http,smb,ntpd,xfs,sshd, vncserver…
Go to #init.d/rc5.d/
#redhat-config-services
To know the list of services running type
# /sbin/chkconfig --list
A number of graphical tools are also available for administering services. On RedHat9 type #redhat-config-services
The equivalent command on RedHat core/enterprise is
#system-config-services
#ntsysv – updates the current run level.
chkconfig – is another daemon
chkconfig – level 5 httpd <on|of|reset>
chkconfig - -[ level <levels>] <name> <on|of|reset>
User profiles
User profiles schema
/etc/skel (skelton directory) contains the files which control the bash environment.
/etc/skel , contains the .bash_logout,.bash_profile,.bashrc,.emacs,.gtkrc
[When a new user is created these files are copyed to the <user>/home directory.]
{ when the user login are start using the environment and start using commands a file called .bash_history file is created.}
.bashrc – contains the scripts the aliases
/etc/profile – contains global settings that are inherited by everyone – PATH
Useradd – copies /etc/skel info to the user’s HOME directory.
/etc/profile – contains Linux system wide environment and startup programs. It is used by all users with bash,ksh,sh shell. Usually used to set PATH variable , user limits and other settings for user. It only runs for login shell. If you wanted to make large changes or application specific changes use /etc/profile.d directory. This file starts by setting up some helper functions and some basic parameters. It specifies some bash history parameters and for security purposes, disables keeping a permanent history file for the root user. It also sets a default user prompt. It then calls small, single purpose scripts in the /etc/profile.d directory to provide most of the initialization.
Quota implementation Steps
i) check quota RPM –rpm –q quota
ii) modify /etc/fstab – usrquota,grpquota
iii) remount the file sytem – umount /mount or reboot.
iv) quotacheck – acug(a –checks all file systems identified in the /etc/fstab file as read/write with disk quotas,c-create,g- checks group quotas,u – checks user quotas only,v – verbose,m – the filesystem cant be mounted).
v)quotacheck –cug , will create two files with aquota.group,aquota.user
#quotacheck –vugm / will checks and displays the files and directories under /.
vi) #edquota /linuxcbt -- will displays the disk quotas for linuxcbt user
vii) #quota linuxcbt -- will displays the quota for user linuxcbt.
#du – stands for disk usage in terms of file size.
[It can be used with folders to get the total disk usage.
Syntax: # du –a , it shows the disk usage of all the files and directories. It is bcoz if –a is not used then only directories that are occupying some disk are listed.
Syntax: display output in human readable form using –h
# du –ah ,–h is used to get the output in the human readable format.
Syntax: display grand total in the output using –c
# du –ahc, -c one can get the total usage in the output.
Syntax: Display only the total count using –s
# du –sh, -s displays the total size in form of a summary.
Synatx: Customize the block size in output through –block-size
# du –ac, the output is represented in terms of number of 1024 bytes blocks.
Suppose if require the output to be in number of 2048 bytes block, then in this case the flag ‘-block-size’ can be used.
# du –ahc –block-size=2048
# repquota / -- displays all the users quotas on device /dev/hd2 and Block grace time , Inode grace time, Block limits, File limits.
Contains the <Block limits>used-used-soft-hard-grace,<File limits> used-soft-hard-grace.
To disable the quota # quotaoff –vugm
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
1. modify /etc/fstab – add usrquota and /org grpquota
[fstab, first column contains the device name,second column contains the mount point, third column contains the filesystem,fourth column contains the mount options,fifth column contains the dump options, sixth column contains the filesystem check.]
2. umount and mount the file system – umount/mount reboot the system.
3.
1st & 2nd columns- they tell the mount command exactly the same thing that you tell mount when you mount stuff manually,what is the device or partition and what is the mount point. The mount point specified for a device in /etc/fstab is default mount point. That is the directory where the device will be mounted if you don’t specify any other mount point when mounting the device.
3rd columns – the third column in /etc/fstab specifies the filesystem type of the device or partition, many different filesystems are supported but we’ll take a look at the most common ones only.
1.ext2,ext3 , very likely your linux partitions are Ext3. Ext3 used to be the standard filesystem for linux, but these days, ext3 and reiserFS are usually the default filesystems for almost every new Linux distro. Ext3 is a newer filesystem type that differs from ext2 in that its journaled,meaning that if you turn the computer off without properly shutting down, you shouldn’t lose any data and your system shouldn’t spend ages doing filesystem checks the next time you boot up.
reiserFS, the filesystem name is self-explanatory. The filesystem type “swap” is used in your swap partitions.
Vfat and ntfs, your USB stick is most likely formatted as vfat(known as FAT32). Your windows partitions are probably either VFat or NTFS.
auto, no this isn’t filesystem type. The option auto simply means that the filesystem type is detected automatically. If you take a look at the example fstab above, you’ll see that the floppy and CD-ROM both have “auto” as their filesystem type.
4th column – this column lists all the mount options for the device or partition. This is also the most confusing column in the fstab file.
a)auto and noauto – with the auto option, the device will be mounted automatically. auto,is the default option. If you don’t want the device to be mounted automatically use the noauto option in /etc/fstab. With noauto the device can be mounted only explicitly.
b) user and nouser – these are very userful options. The user option allows normal users to mount the device, whereas nouser lets only the root to mount the device. nouser , is the default which is a major cause of headache for new Linux users. If you’re not able to mount your cd-rom, floppy, windows partition or something else as a normal use, add the user option into /etc/fstab.
c)exec and noexec – exec lets you execute binaries that are on that partition whereas noexec doesn’t let you do that,noexec might be useful for a partition that contains binaries you don’t want to execute on your system, or that cant even be executed on your system. This might be the case of a windows partition.
exec is the default option, which is a good thing. Imagine what would happen if you accidentally used the noexec option with Linux root partition.
ro – mount the filesystem read-only.
rw—mount the filesystem read-write. Again using this option might cure the headache of many new linux users who are tearing their hair off because they cant write to their floppies,windows partitions,…
sync,async – how the input and output to the filesystem should be done. sync, means its done synchronously. If you look at the example fstab, you’ll notice that this is the option used with the floppy, this means that when you copy a file to the floppy the changes are physically written to the floppy at the same time you issue the copy command. async,is the default, it may be wise to use sync with the floppy especially if youre used to the way its done in windows and have a tendency to remove floppies before unmounting them first.
default—uses the default options that are rw,suid,dev,exec,auto,nouser, async.
5th and 6th columns:Dump and fsck options
Dump, is a back utility and fsck is a filesystem check utility. It checks it and uses the number to decide if a filesystem should be backed up, if it’s zero, dump will ignore that filesystem. The 6th column is a fsck option, fsck looks at the number in the 6th column to determine in which order the filesystems should be checked. If its zero, fsck wont check the filesystem.
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
RPM Facts
1.RPM is free –GPL
2. stores info. About packages in a database. /var/lib/rpm/.
3. file packages, [RPM usage requires root access]. RPM operates in 5 modes – install,upgrade,remove,verify,query.
PUBLIC Key
# cd /usr/share/rhn/,
# cat RPM-GPG-KEY, the public key can be used to verify RPM packages built and signed by Red Hat Software using ‘rpm –K’ using the GNU GPG package.
# rpm – import /usr/share/rhn/RPM-GPG-KEY
SYSLOG
Log File Viewer
# gnome-system-log
Or Applications->System->Log File viewer
System Logging
Log files are used to troubleshoot
Ascertain the systems status/health
redhat-logviewer – consolidates many common logs /etc/sysconfig/redhat-logviewer.
SYSLOGD = daemon/service – config file = /etc/syslog.conf
Facilities = device/service type/kernel/application type
Levels = debug – emergency levels 0 – 7.
0 =log_debug
1=log_info
2=log_notice
3= log_warning
4=log_errors
5=log_critical
6=log_alert
7=log_emergency
Facilities
Log_kernel
Log_user
Log_mail
Log_daemon
Log_auth
Log_lpr
Log_local0 – Log_local7
# cd/etc
# ls –ali syslog.conf
e.g. facility= Cisco Pix Firewall
Levels = 0 to 7.
e.g. facility =Sendmail
Levels = 0 to 7.
/etc/syslog.conf – contains 2 columns
facility.level destination
kern.* /dev/console
*.info;mail.none,authpriv.none; /var/log/messages
cron.none
authpriv* /var/log/secure
mail.* /var/log/maillog
cron.* /var/log/cron
*.emerg *
file.uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
SyslogD created LOG files contain 4 columns
Date Time Hostname application message
Logrotate
The logrotate program is used to provide the administrator with an up-to-date record of events taking place on the system. The logrotate may also be used to back up log files, so copies may be used to establish patterns for system use.
Logrotate, it allows automatic rotation,compression,removal and mailing of log files.
Each log file may be handled daily,weekly,monthly, or when it grows too large
If you want to do modification to logrotate
# cat /etc/logrotate.d/httpd (OR) # ls –ali logrotate.conf
Weekly, rotate 52, compress,missingok,notifempty,sharedscripts,postrotate
weekly: log files are rotated if the current weekday is less then the weekday of the last rotation or if more then a week has passed since the last rotation
rotate 52: log files are rotated 52 times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
compress: old version of log files are compressed with gzip to save disk space.
missingok: if the log file is missing , go on to the next one without issuing an error message.
notifyempty : do not rotate the log if it is empty.
sharedscripts: normally, prerotate and postrotate scripts are run for each log which is rotated, meaning that a single script may be run multiple time for log file entries which match multiple files. If sharedscript is specified, the scripts are only run once, no matter how many logs match the wildcarded pattern.if none of the logs in the pattern require rotating, the scripts will not be run at all.
postrotate: /bin/kill –HUP ‘cat /var/run/httpd.pid 2’ 2> /dev/null || true endscript: The lines between postrotate and endscript are executed after the log file is rotated. These directives may only appear inside a log file definition.
1. the logrotate configuration
2. setting defaults for logrotate
3. using the include option to read other configuration files
4. seting rotation parameters for specific files
5. using the include option to override defaults.
Network Administration
# which ping -- /bin/ping
rpm –qf /bin/ping -- iputils-20020927
# ping –s 24 (specify the size) -c (count) 5 www.google.com
#ping –i(interval from 1sec to) .5 –c 5 www.google.com
# ping –i .02 –q(quite mode) www.google.com
Traceroute:
# which traceroute /usr/sbin/traceroute
# rom –qf /usr/sbin/traceroute traceroute-1.4a12-9
# traceroute 182.168.1.1
#traceroute relys on icmp protocols.
ICMP relies upon
Type 11 & type 3
11=time exceded
3= unreachable
MTR usage(ping\traceroute) –
#which mtr /usr/sbin/mtr
# rpm –qf /usr/sbin/mtr. mtr-0.52-2
#mtr www.google.com
ARP usage
#which arp /sbin/arp
#rpm –qf /sbin/arp net-tools-1.60-12
# arp
Contains Address HWtype HWaddress Flag mask Iface
#arp –a
arp tables are generally built based mac address and devices on local subnet. arp protocol relies on broadcast.
# arp –d 192.168.1.1 will removes the 192.168.1.1
How-to : Installing ESXi 5 on VMware Workstation 9
VMware Wosktation allows to run ESXi as virtual machine (virtual environment as virtual machine – kind of funny). It can be very useful to evaluate, experiment and learn vSphere at home. This can be also very helpful if we want ot run virtual appliances which are compatible with ESX only. I will show how easy is to install ESXi 5 as virtual machine on VMware Workstation 9.
First step is to register on VMware portal and download vSphere Hypervizor (ESXi) – current version when that article is written is version 5. Once you register and download software VMware will issue serial number for ESXi as this software is available for free with limited number of features – for details check article on VMware web page “VMware vSphere Architectures Compared“.
Once software is downloaded it’s time to create virtual machine on VMware Workstation. For that in VMware Workstation console go to File and click New Virtual Machine…
New Virtual Machine Wizard will start and allow you to choose Typical (recommended) or Custom (advanced) configuration for new virtual machine. Choose Custom (advanced) and click Next.
Next screen gives us ability to choose hardware compatibility for virtual machine components. By default it is set to Workstation 9.0 and we leave it that way. Click Next to proceed with New Virtual Machine Wizard.
Now it’s time to indicate source of installation media for operating system for our new virtual machine. I have all ISO images located in E:\ISO and image for ESXi Hypervisor installation is named VMware-VMvisor-Installer-5.0.0.update01-623860.x86_64.iso, so I indicate that as source of installation files. As you can see on screen below VMware Workstation automatically detected that I want to install VMware ESXi 5. Once installation image is defined click Next to proceed to next step of virtual machine creation process.
Now make sure you have correct operating system selected for guest. As we installing ESXi 5 indicate VMware ESX / VMware ESXi 5 as Guest Operating System and click Next to proceed.
Now it’s time to assign name for our virtual machine (by default VMware Workstation will generate name based on Guest Operating system choice). Adjust name and path for your virtual machine accordingly and click Next to proceed. In this example I will stay with default name and location (I have all virtual machines stored in E:\VMware).
Processor Configuration allows to configure number of processors and cores per processor virtual machine will have. By default VMware Workstation 9.0 will propose 2 processors with 1 core per processor for ESXi 5. let’s stick with this and click Next to proceed.
Our virtual machine needs some memory as well, so I assign 4096MB (4GB) of memory, so once ESXi will be installed I will have some resources to run some virtual machines on it for testing purposes. Amount of memory assigned to guest operating system depends of course how much memory your machine has. Once amount of memory is defined click Next to proceed.
Network configuration on next screen by default indicates Use network address translation (NAT) for new virtual machine. This is most convenient option if you want to have connectivity from virtual machine and networking on VMware Workstation is in default post installation state. With more advanced configurations you might want to assign network to some other virtual interface if you have some structure prepared for test systems. For now we choose NAT and click Next to proceed.
Hard disk controller type is proposed by VMware Workstation based on Guest Operating System indicated earlier, so we can leave it as recommended and click Next to proceed.
As we creating new virtual machine there is no hard disk for it yet. It is time to indicate to VMware Workstation to Create a new virtual hard disk and then click Next to proceed.
Recommended type of hard disk for our ESXi is SCSI hard disk, so we stick with this and click Next to proceed.
As my plan is to run relatively small virtual machines on virtualized ESXi platform I go with 40GB as maximum disk size. I also decide to Store virtual disk as a single file. Then click Next to proceed.
Once all parameters for virtual hard disk are defined it’s time to define location for file which will store content of the virtual hard disk and also name virtual hard disk file. I will stick with default name proposed by VMware Workstation and will not change location of the file, which means file will be stored in default virtual machine folder. Then click Next to proceed.
Now summary screen, click Finish and we ready to turn on our virtual machine
Once virtual machine is powered on ESXi boot loader will show up for a while and after few seconds installer will start loading.
You can observe progress of ESXi installed loading and track information about modules which are loaded during that stage.
After a while installer will display much nicer screen with basic information about system on which installation takes place (number and type of processors, amount of memory). At the bottom of the screen progress bar will indicate how far from installer being loaded are we.
Once installer is loaded Welcome to the VMware ESXi 5.0.0 Installation dialog window shows. Press Enter to continue or if you want to cancel installation the Esc.
Before ESXi will be installed of course mandatory is to accept terms and conditions of EULA. Press F11 to confirm that you agree and to proceed with installation.
Installer will scan system to identify all devices and select appropriate drivers for components in our system.
One of the components detected will be hard disk and we can decide on which hard disk we want to install ESXi. As there is only one hard disk in our ESXi just press Enter to proceed with installation (if ESXi would have more hard disks then it is possible to decide where ESXi Hypervisor will be placed and which space will be used for virtual machines hosted by ESXi. In that case as there is only one hard disk choice is simple).
Keyboard layout choice is next step of installation process. Locate layout you want to use on the list, highlight it and press Enter to continue.
Now ESXi requires password for root user. It is highly recommended not to leave root password blank.
All details provided, now last scan before final decision about ESXi installation.
And now final decision… ESXi installer informs that whole content of the hard disk will be lost as disk will be repartitioned. Press F11 to agree and proceed with installation.
Installer prepared hard disk and is copying hypervisor files. It might take few minutes.
Once installation is finished press Enter to reboot system.
Installer will shutdown all services and reboot the computer after a while.
After reboot ESXi will boot on virtual machine.
Vmware ESXi 5 is starting up and progress bar indicates how far from fully functional system we are.
Once system is started in yellow part of the screen URL to the server can be seen. By default ESXi defines IP address for itself as dynamic and we assigned ESXi network interface to NAT interface on VMware Workstation, which by default has DHCP server. We have fully functional VMware ESXi 5.0.0 installed as virtual machine
![clip_image028[1]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSwKP0rHUCE0JtRNGKxCh6oc_MacWQvTP7TrJFAsB1-tVoJU-E26u0mx2mZbYiKHbbSDK_pNIQx-TrsPRYACbZd4A25Ek5edSltV_jnB_ImAx-zULxXrFsJylsbfoEpgABY274rZ4waDI/s1600-h/clip_image028%25255B1%25255D%25255B2%25255D.gif "clip_image028[1]"){kind=small}
It’s time to try how it works.
First we need to download and install vSphere client. Simplest way to do that is to use IE on the computer where we have VMware Workstation with ESXi as virtual machine installed. Once ESXi is started it shows URL https://192.168.44.138/. When you go to that URL then web page with link to vSphere Client will show up. Download and install client on your machine.
Then start client software. Enter IP address of ESXi host, username (root) and password assigned during installation.
After a while you will see ESXi management console.
Now ESXi 5 is ready to host virtual machines
![clip_image028[2]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpbStuLqDHzvOi4OjVJ_RFaOQbfJgvjbi1_PEvQ2daSA7T-KJN0t5MHYCUJCy9ukZPx_eWPFuSr7WCmVm3qpN5sS3p2bmQ71vc-mnhYBW7A2qaSl3yZ0NlGJN7Zl4bYEbCRvHeL91i028/s1600-h/clip_image028%25255B2%25255D%25255B2%25255D.gif "clip_image028[2]"){kind=small}
We just installed ESXi Hypervisor as virtual machine on VMware Workstation 9.0.Linux Interview questions and answers
1. who owns the data dictionary
A: The SYS user owns the data dictionary. The SYS and SYSTEM users are created when the database is created.
2.You routinely compress old log files. You now need to examine a log from two months ago. In order to view its contents without first having to decompress it.
A: zcat à The zcat utility allows you to examine the contents of a compressed file much the same way that cat displays a file.
3. You suspect that you have two commands with the same name as the command is not producing the expected results. What command can you use to determine the location of the command being run
A: # which – The which command searches your path until it finds a command that matches the command you are looking for and displays its full path.
4. You locate a command in the /bin directory but do not know what it does. What command can you use to determine its purpose.
A: # whatis – this command displays a summary line from the man page for the specific command.
5. when you issue the command ls –l , the first character of the resulting display represents the files
A: the first character of the permissions block designates the type of file that is being displayed.
6. what utility can you use to show a dynamic listing of running process
A: the “top” utility shows a listing of all running processes that is dynamically updated.
7. where is standard output usually directed
A: to the screen or display.
8. what daemon is responsible for tracking events on your system.
A: # syslogd – the syslogd daemon is responsible for tracking system information and saving it to specified log files.
9. You have a file called phonenos that is almost 4000 lines long. What text filter can you use to split it into four pieces each 1000 lines long.
A: # split – the split text filter will divide files into equally sized pieces. The default length of each piece is 1000 lines.
10. you would like to temporarily change your command line editor to be vi, what command should you type to change it.
A: # set –o vi ,, the set command is used to assign environment variables. In this case you are instructing your shell to assign vi as your command line editor.
11. what account is created when you install linux
A: whenever you install Linux “root” is user created at it is super user.
12. What command should you use to check the number of files and disk space used and each users defined quotas
A: # repquota – this command is used to get a report on the status of the quotas you have set including the amount of allocated space and amount of used space.
13. In order to run fsck on the root partition, the root partition must be mounted as
A: readonly -- you can’t run fsck on a partition that is mounted as read-write.
14. in order to improve your systems security you decide to implement shadow password.
A: #pwconv – this command creates the file /etc/shadow and changes all passwords to x in the /etc/passwd file.
15. The top utility can be used to change the priority of a running process.
A: Both nice and top utilities provide the capability to change the priority of a running process.
16. What file defines the levels of messages written to system log files.
A: kernel.h – to determine the various levels of messages that are defined on your system.
17. what can you type at a command line to determine which shell you are using
A: echo $shell, the name and patch to the shell you are using is saved to the SHELL environment variable. You can then use the echo command to print out the value of any variable by preceding the variables name with $. Therefore,typing $shell will display the name of your shell.
18. when you create a new partition you need to designate its size by defining the starting and ending
A: cylinders, when creating a new partition you must first specify its starting cylinder. You can then either specify its size or the ending cylinder.
19. How are devices represented in UNIX.
A: All devices are represented by files called special files that are located in /dev directory. Thus,device files and other files are named and accessed in the same way. A regular file is just an ordinary data file in the disk. A ‘block special file’ represents a device with characteristic similar to a disk. A ‘character special file’ represents a device with characteristic similar to a keyboard.
20. What is ‘inode’.
A: The inode contains info about the file-size,its location, time of last access, time of last modification, permission and so on. Directories are also represented as files and have an associated inode. In addition to description about the file, the inode contains pointers to the data blocks of the file. If the file is large, inode has indirect pointer to a block of pointers to additional data blocks. A block is typically 8k. inode consists of the following fields: File owner identifier-File type-File access permissions-file access times – Number of links—File size – Location of the file data.
21. Brief about the directory representation in UNIX
A: A unix directory is a file containing a correspondence between filename and inodes. A directory is a special file that the kernel maintains. Only kernel modifies directories, but processes can read directories. The contents of a directory are a list of filename and inode number pairs. When new directories are created kernel makes two entries name ‘.’( refers to directory itself) and ‘..’ (refers to parent directory). System call for creating directory is mkdir(pathname,mode).
22. What are the Unix system calls for I/O.
A:open(pathname,flag,mode)-open file create(pathname,mode)—create file close(file desc)—close an open file read(filedesc,buffer,bytes)—read data from an open file write(filedes,buffer,bytes)—duplicate an existing file descriptor dup2(oldfd,newfd)—duplicate to a desired file descriptor fcntl(filedes,cmd,arg)—change properties of an open file ioctl(filedes,request,arg) – change the behavior of an open file. The difference between fcntl and ioctl is that the former is intended for any open file, while the latter is for device-specific operations.
23. How do you change File Access permissions
A: Every file has following attributes. Owner’s UserID , Owner’s group ID(16 bit) File access mode word ‘rwx-rwx-rwx’(user permission- group permission- others permissions). To change the access mode we use chmod(filename,mode).
Ex. To change mode of myfile to ‘rw-rw-r-‘ we give the args as
Chmod(myfile,0664). Each operation is represented by discrete values ‘r’ is 4,’w’ is ‘2’,’x’ is 1. Therefore for ‘rw’ the value is 6.
Ex2. To change mode of myfile to ‘rwxr-r’ we give the args as chmod(myfile,0744).
24. What are links and symbolic links in UNIX file system.
A: A link is a second name for a file. Links can be used to assign more than one name to a file but can’t be used to assign a directory more than one name or link filenames on different computers.
Symbolic link ‘is’ a file that only contains the name of another file. Operation on the symbolic link is directed to the file pointed by the it. Both the limitations of links are eliminated in symbolic links.
Syntax: ln filename1 filename2.
Symbolic link: ln –s filename1 filename2.
Examples to create symbolic links: $ ln –s {/path/to/file-name} {link-name}
$ ln –s /shared/sales/data/file.txt sales.data.txt
$ ln –l sales.data.txt
Examples to delete the symbolic link:
$ rm {link-name}
$ rm sales.data.txt
$ ls –l
UNIX create a Hardlink command
$ ln {file.txt} {hard-link}
$ ln /tmp/file link-here
Delete a hard link
$ rm {hard-link}
$ rm link-here.
25. what is FIFO.
A: FIFO are otherwise called as ‘named pipes’,it is a special file which is said to be data transient. Once data is read from named pipe it can’t be read again. Also, data can be readonly in the order written. It is used in interprocess communication where a process writes to one end of the pipe(producer) and the other reads from the other end(consumer).
26.How do you create special files like named pipes and device files.
A: The system call mknod creates special files in the following sequence.
1. kernel assigns new inode.
2. sets the file type to indicate that the file is a pipe,directory or special file.
3. if it is a device file it makes the other entries like major,minor device numbers.
27. Discuss the mount and unmount system calls.
A: The privileged mount system call is used to attach a file system to a directory of another file system; the unmount system call detaches a file system. When you mount another file system on to your directory, you are essentially splicing one directory tree onto a branch in another directory tree. The first argument to mount call is the mount point, that is, a directory in the current file naming system. The second argument is the file system to mount to that point. When you insert a cdrom to your unix systems drive the file system in the cdrom automatically mounts to /dev/cdrom in your system.
28.How does the inode map to data block of a file.
A: inode has 13 block addresses. The first 10 are direct block addresses of the first 10 data blocks in the file. The 11th address points to a one-level index block. The 12th address points to a two-level(double in-direction) index block. The 13th address points to a three-level (triple in-direction) index block. This provides a very large maximum file size with efficient access to large files, but also small files are accessed directly in one disk read.
29.What is a shell
A: A shell is an interactive user interface to an operating system services that allows an user to enter commands as character strings or through a graphical user interface. The shell converts them to system calls to the OS or forks off a process to execute the command. system call results and other information from the OS are presented to the user through an interactive interface. Commonly used shells are sh,csh,ks etc..
30.Brief about the initial process sequence while the system boots up.
A: while booting special process called the ‘swapper’ or ‘scheduler’ is created with process-id 0. The swapper manages memory allocation for processes and influences CPU allocation. The swapper inturn creates 3 children: the process dispatcher,vhand and dbflush with IDs 1,2,3. This is done by executing the file /etc/init. Process dispatcher gives birth to the shell. Unix keeps track of all the processes in an internal data structure called the Process Table.
31.What are various IDs associated with a process.
A:unix identifies each process with a unique integer called “process id”. The process that executes the request for creation of a process is called the ‘parent process’ whose PID is ‘Parent process ID’. Every process is associated with a particular user called the ‘owner’ who has privileges over the process. The identification for the user is ‘User ID’ which determines the access privileges for accessing resources like files. getPID() – process id. Getppid() – parent process id. Getuid() – user id. Geteuid() – effective user id.
32. Explain fork() system call.
A: The ‘fork() used to create a new process from an existing process. The new process is called the child process, and the existing process is called the parent. We can tell which is which by checking the return value from ‘fork()’. The parent gets the child’s PID returned to him, but the child gets 0 returned to him.
33.Predict the output of the following program code
main() { fork(); printf(“Hello world”);}
A: Hello world! Hello world !.
The fork creates a child that is a duplicate of the parent process. The child begins from the fork(). All the statements after the call to fork() will be executed twice(once by the parent process and other by child). The statement before fork() is executed only by the parent process.
34. List the system calls used for process management
A: fork(), to create a new process . exec(), to execute a new program in a process. wait(), to wait until a created process completes its execution. exit(),to exit from a process execution. getPID() to get the process identifier of the current process. getppid() to get parent process identifier. nice() to bias the existing priority of a process. brk() to increase/decrease the data segment size of a process.
35. How can you get/set an environment variable from a program.
A: getting the value of an environment variable is done by using ‘getenv()’. Setting the value of an environment variable is done by using ‘putenv()’.
36. How can a parent and child process communicate.
A: A parent and child can communicate through any of the normal inter-process communication schemes, but also have some special ways to communicate that take advantage of their relationship as a parent and child. One of the most obvious is that the parent can get the exit status of the child.
37. What is a zombie
A: when a program forks and the child finished before the parent the kernel still keeps some of its information about the child in case the parent might need it.
For example, the parent may need to check the childs exit status, to be able to get this information the parent calls ‘wait()’, in the interval between the child terminating and the parent calling ‘wait()’. The child is said to be a ‘zombie’, the child will have a ‘Z’ in its status field to indicate this.
38.What are the process states in UNIX.
A: As a process executes it changes state according to its circumstances. Unix processes have the following states.
Running: the process is either running or it is ready to run.
Waiting: the process is waiting for an event or for a resource.
Stopped: the process has been stopped usually by receiving a signal.
Zombie: the process is dead but have not been removed from the process table.
What happens when you execute a program.
A: When you execute a program on your UNIX system, the system creates a special environment for that program. This environment contains everything needed for the system to run the program as if no other program were running on the system. Each process has process context, which is everything that is unique about the state of the program you are currently running. Every time you execute a program the UNIX system does a fork, which performs a series of operations to create a process context and then execute your program in that context. The steps include the following: Allocate a slot in the process table, a list of currently running programs kept by UNIX. Assign a unique process identifier (PID) to the process. iCopy the context of the parent, the process that requested the spawning of the new process. Return the new PID to the parent process. This enables the parent process to examine or control the process directly. After the fork is complete, UNIX runs your program.
What Happens when you execute a command?
A: When you enter ‘ls’ command to look at the contents of your current working directory, UNIX does a series of things to create an environment for ls and the run it: The shell has UNIX perform a fork. This creates a new process that the shell will use to run the ls program. The shell has UNIX perform an exec of the ls program. This replaces the shell program and data with the program and data for ls and then starts running that new program. The ls program is loaded into the new process context, replacing the text and data of the shell. The ls program performs its task, listing the contents of the current directory.
What is a Daemon?
A: A daemon is a process that detaches itself from the terminal and runs, disconnected, in the background, waiting for requests and responding to them. It can also be defined as the background process that does not belong to a terminal session. Many system functions are commonly performed by daemons, including the sendmail daemon, which handles mail, and the NNTP daemon, which handles USENET news. Many other daemons may exist. Some of the most common daemons are: init: Takes over the basic running of the system when the kernel has finished the boot process. inetd: Responsible for starting network services that do not have their own stand-alone daemons. For example, inetd usually takes care of incoming rlogin, telnet, and ftp connections. cron: Responsible for running repetitive tasks on a regular schedule.
What is ‘ps’ command for?
A: The ps command prints the process status for some or all of the running processes. The information given are the process identification number (PID),the amount of time that the process has taken to execute so far etc.
How would you kill a process?
A: The kill command takes the PID as one argument; this identifies which process to terminate. The PID of a process can be got using ‘ps’ command.
What is an advantage of executing a process in background?
A: The most common reason to put a process in the background is to allow you to do something else interactively without waiting for the process to complete. At the end of the command you add the special background symbol, &. This symbol tells your shell to execute the given command in the background.
Example: cp *.* ../backup& (cp is for copy)
How do you execute one program from within another?
A: The system calls used for low-level process creation are execlp() and execvp(). The execlp call overlays the existing program with the new one , runs that and exits. The original program gets back control only when an error occurs. execlp(path,file_name,arguments..); //last argument must be NULL A variant of execlp called execvp is used when the number of arguments is not known in advance. execvp(path,argument_array); //argument array should be terminated by NULL.
What is IPC? What are the various schemes available?
A: The term IPC (Inter-Process Communication) describes various ways by which different process running on some operating system communicate between each other. Various schemes available are as follows: Pipes: One-way communication scheme through which different process can communicate. The problem is that the two processes should have a common ancestor (parent-child relationship). However this problem was fixed with the introduction of named-pipes (FIFO). Message Queues : Message queues can be used between related and unrelated processes running on a machine. Shared Memory: This is the fastest of all IPC schemes. The memory to be shared is mapped into the address space of the processes (that are sharing). The speed achieved is attributed to the fact that there is no kernel involvement. But this scheme needs synchronization. Various forms of synchronisation are mutexes, condition-variables, read-write locks, record-locks, and semaphores.
What is the difference between Swapping and Paging?
A: Swapping: Whole process is moved from the swap device to the main memory for execution. Process size must be less than or equal to the available main memory. It is easier to implementation and overhead to the system. Swapping systems does not handle the memory more flexibly as compared to the paging systems. Paging: Only the required memory pages are moved to main memory from the swap device for execution. Process size does not matter. Gives the concept of the virtual memory. It provides greater flexibility in mapping the virtual address space into the physical memory of the machine. Allows more number of processes to fit in the main memory simultaneously. Allows the greater process size than the available physical memory. Demand paging systems handle the memory more flexibly.
What is major difference between the Historic Unix and the new BSD release of Unix System V in terms of Memory Management?
A: Historic Unix uses Swapping – entire process is transferred to the main memory from the swap device, whereas the Unix System V uses Demand Paging – only the part of the process is moved to the main memory. Historic Unix uses one Swap Device and Unix System V allow multiple Swap Devices.
What is the main goal of the Memory Management?
A: It decides which process should reside in the main memory, Manages the parts of the virtual address space of a process which is non-core resident, Monitors the available main memory and periodically write the processes into the swap device to provide more processes fit in the main memory simultaneously.
What is a Map?
A: A Map is an Array, which contains the addresses of the free space in the swap device that are allocatable resources, and the number of the resource units available there. This allows First-Fit allocation of contiguous blocks of a resource. Initially the Map contains one entry – address (block offset from the starting of the swap area) and the total number of resources. Kernel treats each unit of Map as a group of disk blocks. On the allocation and freeing of the resources Kernel updates the Map for accurate information.
What scheme does the Kernel in Unix System V follow while choosing a swap device among the multiple swap devices?
A: Kernel follows Round Robin scheme choosing a swap device among the multiple swap devices in Unix System V.
What is a Region?
A: A Region is a continuous area of a process’s address space (such as text, data and stack). The kernel in a ‘Region Table’ that is local to the process maintains region. Regions are sharable among the process.
What are the events done by the Kernel after a process is being swapped out from the main memory?
A: When Kernel swaps the process out of the primary memory, it performs the following: Kernel decrements the Reference Count of each region of the process. If the reference count becomes zero, swaps the region out of the main memory, Kernel allocates the space for the swapping process in the swap device, Kernel locks the other swapping process while the current swapping operation is going on, The Kernel saves the swap address of the region in the region table.
Is the Process before and after the swap are the same?
A: Process before swapping is residing in the primary memory in its original form. The regions (text, data and stack) may not be occupied fully by the process, there may be few empty slots in any of the regions and while swapping Kernel do not bother about the empty slots while swapping the process out. After swapping the process resides in the swap (secondary memory) device. The regions swapped out will be present but only the occupied region slots but not the empty slots that were present before assigning. While swapping the process once again into the main memory, the Kernel referring to the Process Memory Map, it assigns the main memory accordingly taking care of the empty slots in the regions.
What do you mean by u-area (user area) or u-block?
A: This contains the private data that is manipulated only by the Kernel. This is local to the Process, i.e. each process is allocated a u-area.
What are the entities that are swapped out of the main memory while swapping the process out of the main memory?
A: All memory space occupied by the process, process’s u-area, and Kernel stack are swapped out, theoretically. Practically, if the process’s u-area contains the Address Translation Tables for the process then Kernel implementations do not swap the u-area.
What is Fork swap?
A: fork() is a system call to create a child process. When the parent process calls fork() system call, the child process is created and if there is short of memory then the child process is sent to the read-to-run state in the swap device, and return to the user state without swapping the parent process. When the memory will be available the child process will be swapped into the main memory.
What is Expansion swap?
A: At the time when any process requires more memory than it is currently allocated, the Kernel performs Expansion swap. To do this Kernel reserves enough space in the swap device. Then the address translation mapping is adjusted for the new virtual address space but the physical memory is not allocated. At last Kernel swaps the process into the assigned space in the swap device. Later when the Kernel swaps the process into the main memory this assigns memory according to the new address translation mapping.
How the Swapper works?
A: The swapper is the only process that swaps the processes. The Swapper operates only in the Kernel mode and it does not uses System calls instead it uses internal Kernel functions for swapping. It is the archetype of all kernel process.
What is GRUB
A: GNU GRUB is a multiboot loader it was derived from GRUB(Grand Unified Bootloader) which was originally designed and implemented by Erich Stefan Boleyn.
Briefly a boot loader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the operating system kernel software.
Boot Process
BIOS—Basic Input/Output system executes MBR
MBR – Master Boot Record executes GRUB
GRUB – Grand Unified Bootloader executes kernel
Kernel – Kernel executes /sbin/init
Init – Init executes runlevel programs
RunLevel – Runlevel programs are executed from /etc/rc.d/rc*.d/
a. BIOS
- BIOS stands for Basic Input/Output System
- Performs some system integrity checks
- Searches, loads, and executes the boot loader program.
- It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.
- Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.
- So, in simple terms BIOS loads and executes the MBR boot loader.
b. MBR
- MBR stands for Master Boot Record.
- It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda
- MBR is less than 512 bytes in size. This has three components 1) primary boot loader info in 1st 446 bytes 2) partition table info in next 64 bytes 3) mbr validation check in last 2 bytes.
- It contains information about GRUB (or LILO in old systems).
- So, in simple terms MBR loads and executes the GRUB boot loader.
c. GRUB
- GRUB stands for Grand Unified Bootloader.
- If you have multiple kernel images installed on your system, you can choose which one to be executed.
- GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.
- GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).
- Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is sample grub.conf of CentOS.
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.el5PAE)
root (hd0,0)
kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
initrd /boot/initrd-2.6.18-194.el5PAE.img
- As you notice from the above info, it contains kernel and initrd image.
- So, in simple terms GRUB just loads and executes Kernel and initrd images.
d. Kernel
- Mounts the root file system as specified in the “root=” in grub.conf
- Kernel executes the /sbin/init program
- Since init was the 1st program to be executed by Linux Kernel, it has the process id (PID) of 1. Do a ‘ps -ef | grep init’ and check the pid.
- initrd stands for Initial RAM Disk.
- initrd is used by kernel as temporary root file system until kernel is booted and the real root file system is mounted. It also contains necessary drivers compiled inside, which helps it to access the hard drive partitions, and other hardware.
e. Init
- Looks at the /etc/inittab file to decide the Linux run level.
- Following are the available run levels
- 0 – halt
- 1 – Single user mode
- 2 – Multiuser, without NFS
- 3 – Full multiuser mode
- 4 – unused
- 5 – X11
- 6 – reboot
- 0 – halt
f. Runlevel programs
- When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.
- Depending on your default init level setting, the system will execute the programs from one of the following directories.
- Run level 0 – /etc/rc.d/rc0.d/
- Run level 1 – /etc/rc.d/rc1.d/
- Run level 2 – /etc/rc.d/rc2.d/
- Run level 3 – /etc/rc.d/rc3.d/
- Run level 4 – /etc/rc.d/rc4.d/
- Run level 5 – /etc/rc.d/rc5.d/
- Run level 6 – /etc/rc.d/rc6.d/
- Run level 0 – /etc/rc.d/rc0.d/
There you have it. That is what happens during the Linux boot process.
Which files are called for user profile by default when a user gets login
A: $HOME/.bash_profile, $HOME/.bash_bashrc
Which file needs to update if srequired to change default runlevel 5 to 3
A:File is /etc/inittab and required to change below lines:
id:5:initdefault: to id:3:initdefault:
What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..
A: FINGER command can be used i.g; finger username
What is inode number
A:An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode stores basic information about a regular file, directory, or other file system object inode number also called as index number, it consists following attributes:
File type (executable, block special etc)
Permissions (read, write etc)
Owner,Group,File Size,File access, change and modification time (remember UNIX or Linux never stores file creation time, this is favorite question asked in UNIX/Linux sys admin job interview)
File deletion time,Number of links (soft/hard),
Extended attribute such as append only or no one can delete file including root user (immutability),Access Control List (ACLs)
Following command will be used to show inodes of file and folders:
ls -i
Following command will show complete info about any file or folders with inode number
stat file/folder
Files/Folders can also be deleted using inode numbers with following command:
find out the inode number using ‘ls -il’ command then run below command
find . -inum inode_number -exec rm -i {} \;
How can we increase disk read performance in single command.
A: # blockdev command. The read performace of a disk can be improved by increasing a parameter called “Read+Ahead” using ‘blockdev’ command. By default the LinuxOS will read 128 KB data in advance so that it is already in memory cache before the program needs it.
To check the current ‘blockdev’ status of all block device.
# blockdev –report.
#blockdev – report
To check the ‘Read-Ahead’ value of an individual disk
# blockdev – getra /dev/sda, sda is disk here.
To change the ‘Read-Ahead’ value to 8mb
# blockdev –setra 16384 /dev/sda
To make it permanent upon system reboot, just add this command entry in /etc/rc.local
Command to change user password expiration time
A:CHAGE
Command used to lock user password
A:usermod –L username
How many default number of shells available and what are their names
A:SH,BASH,CSH,TCSH,NOLOGIN,KSH.
Which file defines the attributes like UID, PASSWORD expiry, HOME Dir create or not while adding user.
A:/etc/login.defs
command used for changing authentication of linux system to LDAP/NIS/SMB/KERBOS.
A:authconfig.
Command used for changing the attributes of any file
A:chattr
What is the path of network (ethX) configuration files
A:/etc/sysconfig/network-scripts/ethX
How can we change speed and make full duplex settings for eth0
A:
We can do this with below given 2 methods:
ethtool -s eth0 speed 100 duplex full
ethtool -s eth0 speed 10 duplex half
OR
mii-tool -F 100baseTx-HD
mii-tool -F 10baseT-HD
File which stores the DNS configuration at client side
/etc/resolve.conf
Main configuration file and command used for exporting NFS directories and it’s deamons.
A: /etc/exports and exportfs -av , deamons are quotad, portmapper, mountd, nfsd and nlockmgr/status.
What is command to check ports running/used over local machine.
A:netstat -antp
What is the command to check open ports at remote machine
nmap
What is the difference between soft and hard links
Soft Links => 1) Soft link files will have different inode numbers then source file
2) If original file deleted then soft link file be of no use
3) Soft links are not updated
4) Can create links between directories
5) Can cross file system boundaries
Hard Links => 1) Hard links will have the same inode number as source file
2) Hard links can not link directories
3) Can not cross file system boundaries
4) Hard links always refers to the source, even if moved or removed
How to setup never expired user password
chage -E never username
Restricting insertion into file if full permission are assigned to all
chattr +i filename
Display or Kill all processes which are accessing any folder/file
Display User who are using file/folder : fuser -u file/folder
Kill All Processes which are using file/folder: fuser -k file/folder
Kill any user’s all processes
killall -u username
How can we have daily system analysis and reports over mail
# use logwatch
How can we rotate logs using logrotate without performing any operation like move and gzip’ng over original file and then creating new file (which is very lengthy process)
We can use “logrotate”‘s “copytruncate” option which will simply copy original file and truncate original file.
Command to collect detailed information about the hardware and setup of your system.
dmidecode , sysreport
Command to check PCI devices vendor or version
A: #lspci
What is the difference between cron and anacron
Cron :
1) Minimum granularity is minute (i.e Jobs can be scheduled to be executed
every minute)
2) Cron job can be scheduled by any normal user ( if not restricted by super
user )
3) Cron expects system to be running 24 x 7. If a job is scheduled, and
system is down during that time, job is not executed
4) Ideal for servers
5) Use cron when a job has to be executed at a particular hour and minute
Anacron :
1) Minimum granularity is only in days
2) Anacron can be used only by super user ( but there are workarounds to
make it usable by normal user )
3) Anacron doesn’t expect system to be running 24 x 7. If a job is scheduled,
and system is down during that time, it start the jobs when the system
comes back up.
4) Ideal for desktops and laptops
5) Use anacron when a job has to be executed irrespective of hour and
minute
Default Port numbers used by ssh,ftp,http,https,telnet,smtp,pop3,pop3s, imap,imaps.
# SSH 22, ftp 20/21, http 80, https 443, SMTP/SMPTS 25/465, POP3/POP3S 110/995, IMAP/IMAPS 143/993.
How to setup ACLs in following case:
1) Create a file FILE1 and this should be read,write,executable for all user but Read only for user USER1
2) Copy FILE1 ACLs to FILE2 ACL
3) Delete a USER1′s rule for FILE1 which were setup in step 1)
A: 1) touch FILE1 ; chmod 777 FILE1 ; setfacl -m u:USER1:r FILE1
2) getfacl FILE1 | setfacl –set-file=- FILE2
3) setfacl -x u:USER1 FILE1
How to make USB bootable?
A:Write efidisk.img from RHEL 6 DVD images/ subdirectory to USB
dd if=efidisk.img of=/dev/usb (usb device name)
How can we check disk/device status/failure/errors using smartctl utility?
Try following to check:
Enable/Disable SMART on device/disk : smartctl -s on /dev/sda
Check device SMART health : smartctl -H /dev/sda
Check device SMART capabilities : smartctl -c /dev/sda
Enable/Disable automatic offline testing on device : smartctl -o on/off /dev/sda
Show device SMART vendor-specific Attributes and values : smartctl -A /dev/sda
Show device log [TYPE : error, selftest, selective, directory,background,
scttemp[sts,hist]] : smartctl -l TYPE /dev/sda
Run test on device [TEST: offline short long conveyance select,M-N pending,N
afterselect,[on|off] scttempint,N[,p] : smartctl -t /dev/sda
What is the difference between ext2 vs ext3 vs ext4?
A:Ext2
- Ext2 stands for second extended file system.
- It was introduced in 1993. Developed by Rémy Card.
- This was developed to overcome the limitation of the original ext file system.
- Ext2 does not have journaling feature.
- On flash drives, usb drives, ext2 is recommended, as it doesn’t need to do the over head of journaling.
- Maximum individual file size can be from 16 GB to 2 TB
- Overall ext2 file system size can be from 2 TB to 32 TB
Ext3
- Ext3 stands for third extended file system.
- It was introduced in 2001. Developed by Stephen Tweedie.
- Starting from Linux Kernel 2.4.15 ext3 was available.
- The main benefit of ext3 is that it allows journaling.
- Journaling has a dedicated area in the file system, where all the changes are tracked. When the system crashes, the possibility of file system corruption is less because of journaling.
- Maximum individual file size can be from 16 GB to 2 TB
- Overall ext3 file system size can be from 2 TB to 32 TB
- There are three types of journaling available in ext3 file system.
- Journal – Metadata and content are saved in the journal.
- Ordered – Only metadata is saved in the journal. Metadata are journaled only after writing the content to disk. This is the default.
- Writeback – Only metadata is saved in the journal. Metadata might be journaled either before or after the content is written to the disk.
- Journal – Metadata and content are saved in the journal.
Ext4
- Ext4 stands for fourth extended file system.
- It was introduced in 2008.
- Starting from Linux Kernel 2.6.19 ext4 was available.
- Supports huge individual file size and overall file system size.
- Maximum individual file size can be from 16 GB to 16 TB
- Overall maximum ext4 file system size is 1 EB (exabyte). 1 EB = 1024 PB (petabyte). 1 PB = 1024 TB (terabyte).
- Directory can contain a maximum of 64,000 subdirectories (as opposed to 32,000 in ext3)
- You can also mount an existing ext3 fs as ext4 fs (without having to upgrade it).
- Several other new features are introduced in ext4: multiblock allocation, delayed allocation, journal checksum. fast fsck, etc. All you need to know is that these new features have improved the performance and reliability of the filesystem when compared to ext3.
- In ext4, you also have the option of turning the journaling feature “off”.
Disable ping to avoid network/ICMP flood
Set following in /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all = 1
Then “sysctl -p”
or
echo “1″ > /proc/sys/net/ipv4/icmp_echo_ignore_all
What is SYN Flood, ICMP Flood
A:
SYN Flood : A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a fake/forged sender address. Each of these packets is handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet(Acknowledge), and waiting for a packet in response from the sender address(response to the ACK Packet). However,
because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server is able to make, keeping it from responding to legitimate requests until after the attack ends
ICMP Flood : There are three types of ICMP Flood :
1) Smurf Attack : http://en.wikipedia.org/wiki/Smurf_attack
2) Ping Flood : http://en.wikipedia.org/wiki/Ping_flood
3) Ping of Death : http://en.wikipedia.org/wiki/Ping_of_death
What is the difference between Unix vs Linux Kernels?
A:
1. Monolithic Vs Micro-kernel Approach
Monolithic kernels are those where all the kernel code runs as a single process while Micro-kernel kernels are those where the core of a kernel (that controls the different pieces of OS) runs in one process while other services like device drivers etc run as different processes. Linux follows monolithic approach while there are a couple of exceptions in Unix-Like kernels that follow Micro-kernel approach.
2. Adding/Removing features to kernel
While traditional Unix/Unix-like systems require static linking of new modules being added, Linux supports a powerful feature where-in kernel components like device drivers etc can be loaded and unloaded dynamically. This feature is known as Loadable kernel modules (LKM). Any new component can be added/removed as an LKM to the kernel. This means there is no need to compile the whole kernel again. Also, if a component is not needed, it can easily be unloaded. This feature makes Linux kernel very flexible.
3. Kernel Threading
Many Unix-Like kernels are organized as a set of kernel threads. A kernel thread can be thought of as an independent execution flow. A kernel thread can run user process or some kernel code. The basic Idea is to do context switches between the kernel threads which is less expensive than context switches between processes as threads operate in same address space. While many Unix-Like OS use kernel threads for process context switching, Linux uses kernel threads only for executing some kernel code periodically.
4. Multi-threaded application support
Almost all modern OS, be it Unix-Like or Linux distributions, support multi-threading. A multi-threaded application is one which creates more than one execution flows. These independent execution flows are known as threads. Threads are light weight processes. In most of the Unix-Like systems, light weight processes are based on kernel threads while in Linux these LWP are created by a call to function clone() which lets the application to create a separate process like fork() does but the difference being that with clone() the newly generated process can share its physical memory, opened files, address space etc. As these newly created process works in a shared environment, so they are given a different name ‘threads’. So we see that Linux and Unix/Unix-Like differ in the way multi-threaded environment is handled internally.
5. STREAMS
Streams I/O subsystem is included in most of the Unix kernels and has become a preferred interface for writing device drivers, terminal drivers etc. While on the other hand there is nothing like Streams in Linux.
6. Preemptive Vs Non-Preemptive Kernels
Preemptive kernels are the kernels which can preempt the currently executing process. It means that a process which is currently executing can be forcibly interrupted if a process with higher priority is ready for execution. On the other hand, Non preemptive kernels are those where a running process cannot be forcibly interrupted even if a higher priority process is ready for execution. Normally, Linux OS are Non preemptive while some of the Unix systems like Solaris 2.x etc are fully preemptive. Usually Real time OS have fully preemptive kernels. These days we have Linux Real time OS which have fully preemptive kernels.
How to setup Password less remote login/ssh?
Use “ssh-keygen -t dsa or rsa” at local system for creating public and private keys.
Then copy /root/.ssh/id_dsa.pub to remote_server by name /root/.ssh/authorized_keys
Change permissions of /root/.ssh/authorized_keys file at remote_server “chmod 0600 ~/.ssh/authorized_keys”
Now try to login from local system to remote_server “ssh root@remote_server”
Command to see default kernel image file
“grubby –default-kernel”
How to create lvm mirror
lvcreate -L 50G -m1 -n LVMmirror vg0
Command to check last runlevel
who -r
What do you mean by File System?
File System is a method to store and organize files and directories on disk. A file system can have different formats called file system types. These formats determine how the information is stored as files and directories.
What is the requirement of udev daemon?
Create and remove device nodes or files in /dev/ directory
What are block and character devices?
Both the devices are present in /dev directory
Block device files talks to devices block by block [1 block at a time (1 block = 512 bytes to 32KB)].
Examples: – USB disk, CDROM, Hard Disk (sda, sdb, sdc etc….)
Character device files talk to devices character by character.
Examples: – Virtual terminals, terminals, serial modems, random numbers (tty{0,1,2,3……})
How to Convert ext2 to ext3 File System?
A: tune2fs -j /dev/{device-name}
File required to modify for setting up kernel parameters permanent
A: /etc/sysctl.conf
Commands used to install, list and remove modules from kernel
A:
Installing/adding a module:
insmod mod_name
modprobe mod_name
List installed modules : lsmod
Removing a module : modprobe -r mod_name
How to create swap using a file and delete swap
Adding swap :
dd if=/dev/zero of=/opt/myswap bs=1024 count=4
mkswap /opt/myswap
swapon -a
For adding this myswap at boot time, add following in /etc/fstab file:
/opt/myswap swap swap defaults 0 0
Deleting Swap :
Run “swapoff /opt/myswap” command
Remove the entry from /etc/fstab file
Remove /opt/myswap file (using rm command)
What vmstat show
A:vmstat (virtual memory statistics) is a computer system monitoring tool that collects and displays summary information about operating system memory, processes, interrupts, paging and block I/O
What is tmpfs File System
A: tmpfs is a common name for a temporary file storage facility on many Unix-like operating systems. It is intended to appear as a mounted file system, but stored in volatile memory instead of a persistent storage device. A similar construction is a RAM disk, which appears as a virtual disk drive and hosts a disk file system.
Everything stored in tmpfs is temporary in the sense that no files will be created on the hard drive; however, swap space is used as backing store in case of low memory situations. On reboot, everything in tmpfs will be lost.
The memory used by tmpfs grows and shrinks to accommodate the files it contains and can be swapped out to swap space.
What is the difference between screen and script commands?
A:Screen is an screen manager with VT100/ANSI terminal emulation and used to take GNU screen session remotely or locally and while Script make typescript of terminal session
Screen : needs to be detached, should not be exited to access remotely/locally
Script : creates a file and store all the terminal output to this file
How can we check which process is assigned to which processor?
A:Run “ps -elFL” and find out the PSR column which is showing the processor number to the process
How can we check vendor, version, release date, size, package information etc… of any installed rpm?
rpm -qi package-name ,
Ex: #rpm -qi ypbind-1.19-12.el5
What is the role of ‘Kudzu’
A: Kudzu is used to detect new hardware.
What happens when you add a new device after installation
A: the kudzu program runs each time the system boots and performs a hardware probe. If a new hardware is found, kudzu attempts to map it to a kernel module. If successful the information is saved and the device is configured.
How to list PCI devices on your server or system
A:# lspci command
How to verify all installed packages.
A: rpm –va
If you are getting error ‘package is already installed’ but to install package any how, what option you will use
A: In this case you can use ‘ –replacepkgs ‘
# rpm –ivh –replacepkgs test-1.0-1.i386.rpm’
What are the advantages of YUM?
Automatic resolution of software dependencies.
Multiple software locations at one time.
Ability to specify particular software versions or architectures.
What is YUM?
YUM stands for Yellow dog Updater, Modified because it is based on YUP, the Yellow dog Updater. Where does the name Yellow dog come from? Yellow Dog is a version of Linux for the Power Architecture hardware and is RPM-based, just like Red Hat Enterprise Linux and Fedora. YUP, and later YUM, were written by the Linux community as a way to maintain an RPM-based system.
What is CUPS?CUPS stands for "Common UNIX Printing System". CUPS is a open source printing system developed by Apple Inc. CUPS uses the Internet Printing Protocol (IPP) to allow local printing and print sharing.What is the location of log files for CUPS?The log files for the CUPS printing system are located in the /var/log/cups/ directory.
Which protocol is required to allow local printing and print sharing?
A:Internet Printing Protocol (IPP) is required to allow local printing and print sharing.
What is the role of /etc/resolv.conf file?
A: In this file we sets the DNS servers (using their IP addresses) and the search domain. The values of the DNS servers are often added when the network is activated because the data can be provided by DHCP or a similar service.
Which deamon is required to start Network services?network
# /etc/init.d/network start
What is the maximum size of a single LV?
A: For 2.4 based kernels, the maximum LV size is 2TB.
For 32-bit CPUs on 2.6 kernels, the maximum LV size is 16TB.
For 64-bit CPUs on 2.6 kernels, the maximum LV size is 8EB.
How are snapshots in LVM2 different from LVM1?
In LVM2 snapshots are read/write by default, whereas in LVM1, snapshots were read only.
What is LVM?LVM stands for Logical Volume Manager. LVM, is a storage management solution that allows administrators to divide hard drive space into physical volumes (PV), which can then be combined into logical volume groups (VG), which are then divided into logical volumes (LV) on which the filesystem and mount point are created.Q: - What are the steps to create LVM?- Create physical volumes by “pvcreate” command
#pvcreate /dev/sda2
- Add physical volume to volume group by “vgcreate” command
#vgcreate VLG0 /dev/sda2
- Create logical volume from volume group by “lvcreate” command.
#lvcreate -L 1G -n LVM1 VLG0
Now create file system on /dev/sda2 partition by “mke2fs” command.
#mke2fs -j /dev/VLG0/LVM1.
Q: - What is the difference between LVM and RAID?
RAID provides redundancy but LVM doesn’t provide Redundancy.
Q: - What are LVM1 and LVM2?
LVM1 and LVM2 are the versions of LVM.
LVM2 uses device mapper driver contained in 2.6 kernel version.
LVM 1 was included in the 2.4 series kernels.
Q: - What is Volume group (VG)?
The Volume Group is the highest level abstraction used within the LVM. It gathers together a collection of Logical Volumes and Physical Volumes into one administrative unit.Q: - What is physical extent (PE)?Each physical volume is divided chunks of data, known as physical extents; these extents have the same size as the logical extents for the volume group.Q: - What is logical extent (LE)?Each logical volume is split into chunks of data, known as logical extents. The extent size is the same for all logical volumes in the volume group.
Q: - Explain LVM snapshot?
LVM snapshots allow the administrator to create a new block device which presents an exact copy of a logical volume, frozen at some point in time
Which kernel module is required for software RAID
A: md – module.
Every command in Linux is a
answer : executable program
2. How long can a filename in Linux be?
Correct answer: 255 characters
3. What is the shortcut to the login directory?
Correct answer: cd + enter key
4. The hierarchy of a series of directories branching in a user system starts from
Correct answer: /home
5. Saving open files, flush the system cache and other necessary system maintenance are allowed by.
Correct answer: logging off the system
6. Which directory contains configuration files that stores system and application setting?
Correct answer: /etc
7. Which command is used to find data files, programs, directories that match the search argument?
Correct answer: locate
8. Applications written to provide a GUI shell for Unix and Linux are called
Correct answer: x window
9. The advantage of using NFS rather than Samba for file sharing in Linux is
Correct answer: compatibility with Windows file sharing
10. Which framework is provided for the programs to interchange information about Linux OS?
Correct answer: Resource Definition Framework
11. To implement new application on IBM z/10. Which of the following options need to be considered if it to be implemented in Linux?
Correct answer: Red Hat Linux does not support all the devices supported by IBM z/OS
12. Which of the following has greater market share of Linux SW/HW environment?
Correct answer: Linux on z10
13. Which of the following commands can be run to remove all the rules in an iptables table?
Correct answer: iptables -F
14. Which of the following is the BEST way to set up SSH(Secure Shell) for communicating between Systems without needing passwords?
Correct answer: Use ssh-keygen for generating public-private keys.
15. How much usable space is available, when a Linux system is configured with a RAID 5 array that consists of six 20 GB hard disk drives?
Correct answer: 100Gb
Formula: S*(N-1)
here S=size
N=number of HDD. remember it is only for RAID5
16. Which of the following commands can be used to check for file corruption?
Correct answer: md5sum
17. Which of the following allows to secure remote command line access?
Correct answer: SSH(Secure Shell)
18. Which of the following supports for creating a Linux VPN (Virtual Private Network)?
Correct answer: 3DES
19. Which of the following commands delete the files from the /tmp directory, issued by non-root user?
Correct answer: su -c "rm -rf /tmp/*"
20. Which configuration does cardmgr read at Linux system startup?
Correct answer: PCMCIA cards
21. When a computer system is reported problems with inodes and blocks, which of the following is the problem and its solution to rectify it?
Correct answer: The file system has become corrupt and needs to be repaired.
22. Which Linux command will successfully mounts a USB drive?
Correct answer: mount /dev/sda1 /mnt/usb
23. ___________ is a common tool for determining services and ports running on a remote Linux.
Correct answer: nmap
24. For supporting new diskless client workstations, which of the following services needs to be installed on a server?
Correct answer: PXE (Preboot eXecution Environment) and tftpd
25. Which of the following will kill the process 1010 by an administrator(logged in as a standard user)? The process 1010 was started by the root user.
Correct answer: su -c "kill 1010"
26. Which of the following Linux commands could be used to find what processor was detected on boot, when a laptop system is slow/
Correct answer: POST
27. How to accomplish the LILO boot configuration updation for supporting a newly installed IDE hard drive?
Correct answer: Edit lilo.conf and run "lilo -v -v"
1. Which of the following below are true functionalities of Kernel?
answer: Allocates time and memory to programs
2. Which of the following below are true functionalities of shell?
Answer: Authenticates user Interprets commands
3. Which command is used to find what is in your home directory?
Correct answer: % ls
4. cd home to get back to your home-directory?
answer: False
5. Which command is used to clear the screen?
Correct Answer: Clear
6. The head command writes the first _____________ lines of a file to the screen.
answer: ten
7. What is used to search files for specified words or patterns?
answer: grep
8. > symbol is used to redirect the output of a command
answer: True
9. Pipe symbol is represented by
answer: |
10. Which character is used to match exactly one character?
answer: ?
11. Which command is used to see the online manual?
answer: man
12. A process is identified by a unique
answer: pid
13. A process can run only in the background
Answer: True
14. Which command reduces the size of a file?
answer: gzip
15. Find command can search for?
nswer: Files
16. How can we find the current value for shell variables?
answer: Set command
17. What is the difference between PATH and path?
answer: PATH and path specify directories to search for commands and programs
Both variables always represent the same directory list
Altering either automatically causes the other to be changed
18. What is the default number of shell commands saved in the history list of .cshrc file?
Correct answer: 200
19. What is the difference between linux file system and windows file system?
answer: Under Windows, the various partitions are detected at boot and assigned a drive letter whereas Under Linux, unless you mount a partition or a device, the system does not know of the existence of that partition or device.
20. What is the content of /etc directory?
answer: it contains all configuration file
21. /temp is a type of filesystem directory
answer: False
22. The basic function of ______________ is to search files for lines (or other units of text) that contain a
answer: awk
23. Which of the following below is/are true for Date command?
answer: It can work w/o arguments
How secured is LINUX.Explain
A:Security is the most important aspect of an operating system. Linux consists of PAM(Pluggable authentication modules), it provides a layer b/n application and actual authentication mechanism. It is a library of loadable modules which are called by the application for authentication. It also allows the administrator to control when a user can log in. All PAM applications are configured in the directory ‘/etc/pam.d’ or in a file ‘etc/pam.conf’. PAM is controlled using the configuration file or the configuration directory.
Can Linux computer be made a router so that several machines may share a single Internet connection? How?
Yes a Linux machine can be made a router. This is called “IP Masquerade.” IP Masquerade is a networking function in Linux similar to the one-to-many (1: Many) NAT (Network Address Translation) servers found in many commercial firewalls and network routers. The IP Masquerade feature allows other “internal” computers connected to this Linux box (via PPP, Ethernet, etc.) to also reach the Internet as well. Linux IP Masquerading allows this functionality even if the internal computers do not have IP addresses
In order to apply a filesystem to your new partitions you must format them. What command would you use to create the ext2 filesystem
A:mke2fs, it creates the new file system on your partition.
Linux Directory Structure (File System Structure)
A:1. / – Root
- Every single file and directory starts from the root directory.
- Only root user has write privilege under this directory.
- Please note that /root is root user’s home directory, which is not same as /.
2. /bin – User Binaries
- Contains binary executables.
- Common linux commands you need to use in single-user modes are located under this directory.
- Commands used by all the users of the system are located here.
- For example: ps, ls, ping, grep, cp.
3. /sbin – System Binaries
- Just like /bin, /sbin also contains binary executables.
- But, the linux commands located under this directory are used typically by system aministrator, for system maintenance purpose.
- For example: iptables, reboot, fdisk, ifconfig, swapon
4. /etc – Configuration Files
- Contains configuration files required by all programs.
- This also contains startup and shutdown shell scripts used to start/stop individual programs.
- For example: /etc/resolv.conf, /etc/logrotate.conf
5. /dev – Device Files
- Contains device files.
- These include terminal devices, usb, or any device attached to the system.
- For example: /dev/tty1, /dev/usbmon0
6. /proc – Process Information
- Contains information about system process.
- This is a pseudo filesystem contains information about running process. For example: /proc/{pid} directory contains information about the process with that particular pid.
- This is a virtual filesystem with text information about system resources. For example: /proc/uptime
7. /var – Variable Files
- var stands for variable files.
- Content of the files that are expected to grow can be found under this directory.
- This includes — system log files (/var/log); packages and database files (/var/lib); emails (/var/mail); print queues (/var/spool); lock files (/var/lock); temp files needed across reboots (/var/tmp);
8. /tmp – Temporary Files
- Directory that contains temporary files created by system and users.
- Files under this directory are deleted when system is rebooted.
9. /usr – User Programs
- Contains binaries, libraries, documentation, and source-code for second level programs.
- /usr/bin contains binary files for user programs. If you can’t find a user binary under /bin, look under /usr/bin. For example: at, awk, cc, less, scp
- /usr/sbin contains binary files for system administrators. If you can’t find a system binary under /sbin, look under /usr/sbin. For example: atd, cron, sshd, useradd, userdel
- /usr/lib contains libraries for /usr/bin and /usr/sbin
- /usr/local contains users programs that you install from source. For example, when you install apache from source, it goes under /usr/local/apache2
10. /home – Home Directories
- Home directories for all users to store their personal files.
- For example: /home/john, /home/nikita
11. /boot – Boot Loader Files
- Contains boot loader related files.
- Kernel initrd, vmlinux, grub files are located under /boot
- For example: initrd.img-2.6.32-24-generic, vmlinuz-2.6.32-24-generic
12. /lib – System Libraries
- Contains library files that supports the binaries located under /bin and /sbin
- Library filenames are either ld* or lib*.so.*
- For example: ld-2.11.1.so, libncurses.so.5.7
13. /opt – Optional add-on Applications
- opt stands for optional.
- Contains add-on applications from individual vendors.
- add-on applications should be installed under either /opt/ or /opt/ sub-directory.
14. /mnt – Mount Directory
- Temporary mount directory where sysadmins can mount filesystems.
15. /media – Removable Media Devices
- Temporary mount directory for removable devices.
- For examples, /media/cdrom for CD-ROM; /media/floppy for floppy drives; /media/cdrecorder for CD writer
16. /srv – Service Data
- srv stands for service.
- Contains server specific services related data.
- For example, /srv/cvs contains CVS related data.
Exam objectives
Red Hat reserves the right to add, modify, and remove objectives. Such changes will be made public in advance through revisions to this document.
RHCSA exam candidates should be able to accomplish the tasks below without assistance. These have been grouped into several categories.
Understand and use essential tools
· Access a shell prompt and issue commands with correct syntax.
· Use input-output redirection (>, >>, |, 2>, etc.).
· Use grep and regular expressions to analyze text.
· Access remote systems using ssh and VNC.
· Log in and switch users in multiuser runlevels.
· Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2.
· Create and edit text files.
· Create, delete, copy, and move files and directories.
· Create hard and soft links.
· List, set, and change standard ugo/rwx permissions.
· Locate, read, and use system documentation including man, info, and files in /usr/share/doc.
· Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.
· Operate running systems
· Boot, reboot, and shut down a system normally.
· Boot systems into different runlevels manually.
· Use single-user mode to gain access to a system.
· Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes.
· Locate and interpret system log files.
· Access a virtual machine's console.
· Start and stop virtual machines.
· Start, stop, and check the status of network services.
Configure local storage
· List, create, delete, and set partition type for primary, extended, and logical partitions.
· Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical Volumes.
· Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot.
· Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label.
· Add new partitions and logical volumes, and swap to a system non-destructively.
· Create and configure file systems
· Create, mount, unmount, and use ext2, ext3, and ext4 file systems.
· Mount, unmount, and use LUKS-encrypted file systems.
· Mount and unmount CIFS and NFS network file systems.
· Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
· Extend existing unencrypted ext4-formatted logical volumes.
· Create and configure set-GID directories for collaboration.
· Create and manage Access Control Lists (ACLs).
· Diagnose and correct file permission problems.
· Deploy, configure, and maintain systems
· Configure networking and hostname resolution statically or dynamically.
· Schedule tasks using cron.
· Configure systems to boot into a specific runlevel automatically.
· Install Red Hat Enterprise Linux automatically using Kickstart.
· Configure a physical machine to host virtual guests.
· Install Red Hat Enterprise Linux systems as virtual guests.
· Configure systems to launch virtual machines at boot.
· Configure network services to start automatically at boot.
· Configure a system to run a default configuration HTTP server.
· Configure a system to run a default configuration FTP server.
· Configure a system to use time services.
· Install and update software packages from Red Hat Network, a remote repository, or from the local file system.
· Update the kernel package appropriately to ensure a bootable system.
· Modify the system bootloader.
· Manage users and groups
· Create, delete, and modify local user accounts.
· Change passwords and adjust password aging for local user accounts.
· Create, delete, and modify local groups and group memberships.
· Configure a system to use an existing LDAP directory service for user and group information.
· Manage security
· Configure firewall settings using system-config-firewall or iptables.
· Set enforcing and permissive modes for SELinux.
· List and identify SELinux file and process context.
· Restore default file contexts.
· Use boolean settings to modify system SELinux settings.
· Diagnose and address routine SELinux policy violations
AutoFS
A package that provides support for automounting removable media or network shares when they are inserted or accessed.
Autofs , uses template files for configuration which are located in /etc/autofs. The main template is called “auto.master” which can point to one or more other templates for specific media types.
#/etc/autofs/auto.master
The first value on each line determines the base directory under which all the media in a template are mounted, the second value is which template to use,. The default base path is /media,but you can change this to any other location you prefer.
/etc/autofs/auto.master
/media/misc /etc/autofs/auto.misc --timeout=5
/media/net /etc/autofs/auto.net --timeout=60
The optional parameter timeout sets the amount of seconds after which to unmount directories.
The base directory will be created if it does not exist on your system. The base directory will be mounted on to load the dynamically loaded media,which means any content in the base directory will not be accessible while autofs is on. This procedure is however non-destructive so if you accidentially automount into a live directory you can just change the location in auto.master and restart autofs to regain the original contents.
If you still want to automount to a target non-empty directory and want to have the original files available even after the dynamically loaded directories are mounted you can use autofs to mount them to another directory and create soft links.
#ln –s /var/autofs/net/share_name /media/share_name
Alternatively you can autofs mount your media to a specific folder rather than inside a common folder.
1./etc/autofs/auto.master
/etc/autofs/auto.template
2. /etc/autofs/auto.template
/path/to/folder -options :device/path
/home/user/usbstick -fstype=auto,async,nodev,nosuid,umask=00 :dev/sdb1
Open the file /etc/nsswitch.conf and add an entry for automount
# automount: files
When you are done configuring your templates launch the Autofs daemon as root
# systemctl start autofs
To start the daemon on boot
# systemctl enable autofs
Devices are now automatically mounted when they are accessed they will remain mounted as long as you access them.
Removable media
Open /etc/autofs/auto.misc, to add remove or edit miscellaneous devices
# /etc/autofs/auto.misc
autofs, this is an automounter map and it has the following format
key[-mount-options-separated-by-comma] location
nfs -fstype=nfs,intr 192.168.75.132:/srv/nfs
#service autofs restart
#vim /etc/auto.master
+auto.master
/remote /etc/auto.remote
#vim /etc/auto.remote
nfs -fstype=nfs,intr 192.168.75.132:/srv/nfs
# service autofs restart
SELinux(SELinux)(#sestatus) is a mandatory access control security mechanism implemented in the kernel. SELinux follows the model of least-privilege more closely. By default under a strict enforcing setting,everything is denied and then a series of exceptions policies are written that give each element of the system only the access required to function.
Selinux has three basic modes of operation of which Enforcing is set as the installation default mode. This is an additional qualifier of targeted or mis which control how pervasive SELinux rules are applied with targeted begin the less stringent level.
Enforcing: the default mode which will enable and enforce the selinux security on the system denying access and logging actions.
Permissive: in Permissive mode, selinux is enabled but will not enforce the security policy only warm and log actions. Permissive mode is useful for troubleshooting SELinux issues.
Disabled: SELinux is turned off.
#dig – DNS lookup utility(dig- domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name servers that were queried.
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.
#nano- this is a GNU replacement for pico. Works and looks like pico but it is smaller better and licenced under the GPL.
# nano session1.txt (Starts the editor and opens the file session1.txt)
With command line FTP how can I transfer a group of files without typing out all their names
A:The FTP get and put commands only transfer single files. To transfer multiple files you can use the commands mget and mput.
Transferring files from your computer to another
1. To transfer files to another computer open an FTP connection to that computer
2. To move files from the current directory of your computer use the mput command.
Eg: # mput my*
The asterisk(*) is a wildcard that tells FTP to match all files starting with my
you can also use a question mark(?) to match a single letter. To interrupt the series of transfers ctrl+c and FTP will ask you whether you want to continue.
3. When prompted enter “y” to transfer each file. To turn this feature off, because you begin transferring files at the FTP prompt enter
# prompt
Transferring files from a different computers to yours
1.Open an FTP connection to another computer
2.To retrieve files, use the mget command
Mget myfile?
3. if prompted enter “y” to transfer each file.
[Steps
1. #sftp 192.168.75.101
# cd /LinuxCBT
# cd EL-6
# ls
sftp> mput anaconda-ks.cfg ks.cfg
]
Enter the fstp command at the command line
# ks=http://192.168.75.101/LinuxCBT/EL-6/ks.cfg
To verify
# which lftp
#which wget
/usr/bin/wget
# wget http://192.168.75.101/LinuxCBT/EL-6/ks.cfg
Wget
GNU Wget is a free utility for non-interactive download of files from the Web. It supports HTTP, HTTPS, and FTP protocols, as well as retrieval through HTTP proxies.
Wget is non-interactive, meaning that it can work in the background, while the user is not logged on. This allows you to start a retrieval and disconnect from the system, letting Wget finish the work. By contrast, most of the Web browsers require constant user's presence, which can be a great hindrance when transferring a lot of data.
Wget can follow links in HTML pages and create local versions of remote web sites, fully recreating the directory structure of the original site. This is sometimes referred to as ``recursive downloading.'' While doing that, Wget respects the Robot Exclusion Standard (/robots.txt). Wget can be instructed to convert the links in downloaded HTML files to the local files for offline viewing.
Wget has been designed for robustness over slow or unstable network connections; if a download fails due to a network problem, it will keep retrying until the whole file has been retrieved. If the server supports regetting, it will instruct the server to continue the download from where it left off.
Rescue Single modes
Linux OR Unix Interview Questions
1) What is GRUB
Ans GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn.
Briefly, a boot loader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the operating system kernel software (such as the Hurd or Linux). The kernel, in turn, initializes the rest of the operating system (e.g. GNU)
2) Explain Linux Boot Process
Ans http://www.thegeekstuff.com/2011/02/linux-boot-process/
3) Which files are called for user profile by default when a user gets login
Ans $HOME/.bash_profile, $HOME/.bash_bashrc
4) Which file needs to update if srequired to change default runlevel 5 to 3
Ans File is /etc/inittab and required to change below lines:
id:5:initdefault: to id:3:initdefault:
5) What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..
Ans FINGER command can be used i.g; finger username
6) What is inode number
Ans An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode stores basic information about a regular file, directory, or other file system object iNode number also called as index number, it consists following attributes:
File type (executable, block special etc)
Permissions (read, write etc)
Owner
Group
File Size
File access, change and modification time (remember UNIX or Linux never stores file creation
time, this is favorite question asked in UNIX/Linux sys admin job interview)
File deletion time
Number of links (soft/hard)
Extended attribute such as append only or no one can delete file including root user (immutability)
Access Control List (ACLs)
Following command will be used to show inodes of file and folders:
ls -i
Following command will show complete info about any file or folders with inode number
stat file/folder
Files/Folders can also be deleted using inode numbers with following command:
find out the inode number using 'ls -il' command then run below command
find . -inum inode_number -exec rm -i {} \;
7) How can we increase disk read performance in single command
Ans blockdev command
This is sample output - yours may be different.
# Before test
$ blockdev --getra /dev/sdb
256
$ time dd if=/tmp/disk.iso of=/dev/null bs=256k
2549+1 records in
2549+1 records out
668360704 bytes (668 MB) copied, 6,84256 seconds, 97,7 MB/s
real 0m6.845s
user 0m0.004s
sys 0m0.865s
# After test
$ blockdev --setra 1024 /dev/sdb
$ time dd if=/tmp/disk.iso of=/dev/null bs=256k
2435+1 records in
2435+1 records out
638390272 bytes (638 MB) copied, 0,364251 seconds, 1,8 GB/s
real 0m0.370s
user 0m0.001s
sys 0m0.370s
8) .... command to change user password expiration time
Ans CHAGE
9) Command used to lock user password
Ans usermod -L username
10) How many default number of Shells available and what are their names?
Ans SH, BASH, CSH, TCSH, NOLOGIN, KSH
11) Which file defines the attributes like UID, PASSWORD expiry, HOME Dir create or not while adding user
Ans /etc/login.defs
12) ...... command used for changing authentication of linux system to LDAP/NIS/SMB/KERBOS
authconfig
13) ...... command used for changing the attributes of any file
chattr
14) What is the path of network (ethX) configuration files
/etc/sysconfig/network-scripts/ethX
15) How can we change speed and make full duplex settings for eth0
We can do this with below given 2 methods:
ethtool -s eth0 speed 100 duplex full
ethtool -s eth0 speed 10 duplex half
OR
mii-tool -F 100baseTx-HD
mii-tool -F 10baseT-HD
16) File which stores the DNS configuration at client side
/etc/resolve.conf
17) Main configuration file and command used for exporting NFS directories and it's deamons.
/etc/exports and exportfs -av , deamons are quotad, portmapper, mountd, nfsd and nlockmgr/status
18) What is command to check ports running/used over local machine
netstat -antp
19) What is the command to check open ports at remote machine
nmap
20) What is the difference between soft and hard links
Soft Links => 1) Soft link files will have different inode numbers then source file
2) If original file deleted then soft link file be of no use
3) Soft links are not updated
4) Can create links between directories
5) Can cross file system boundaries
Hard Links => 1) Hard links will have the same inode number as source file
2) Hard links can not link directories
3) Can not cross file system boundaries
4) Hard links always refers to the source, even if moved or removed
21) How to setup never expired user password
chage -E never username
22) Restricting insertion into file if full permission are assigned to all
chattr +i filename
23) Display or Kill all processes which are accessing any folder/file
Display User who are using file/folder : fuser -u file/folder
Kill All Processes which are using file/folder: fuser -k file/folder
24) Kill any user's all processes
killall -u username
25) How can we have daily system analysis and reports over mail
Use logwatch
26) How can we rotate logs using logrotate without performing any operation like move and gzip'ng over original file and then creating new file (which is very lengthy process)
We can use "logrotate"'s "copytruncate" option which will simply copy original file and truncate original file :)
27) Command to collect detailed information about the hardware and setup of your system
dmidecode , sysreport
28) Command to check PCI devices vendor or version
lspci
29) What is the difference between cron and anacron
Cron :
1) Minimum granularity is minute (i.e Jobs can be scheduled to be executed
every minute)
2) Cron job can be scheduled by any normal user ( if not restricted by super
user )
3) Cron expects system to be running 24 x 7. If a job is scheduled, and system is down during that time, job is not executed
4) Ideal for servers
5) Use cron when a job has to be executed at a particular hour and minute
Anacron :
1) Minimum granularity is only in days
2) Anacron can be used only by super user ( but there are workarounds to
make it usable by normal user )
3) Anacron doesn’t expect system to be running 24 x 7. If a job is scheduled,
and system is down during that time, it start the jobs when the system comes back up.
4) Ideal for desktops and laptops
5) Use anacron when a job has to be executed irrespective of hour and minute
30) Default Port numbers used by ssh,ftp,http,https,telnet,smtp,pop3, pop3s,imap,imaps.
SSH 22, ftp 20/21, http 80, https 443, SMTP/SMPTS 25/465, POP3/POP3S 110/995, IMAP/IMAPS 143/99331) How to setup ACLs in following case:
1) Create a file FILE1 and this should be read,write,executable for all user but Read only for user USER1
2) Copy FILE1 ACLs to FILE2 ACL
3) Delete a USER1's rule for FILE1 which were setup in step 1)
Ans 1) touch FILE1 ; chmod 777 FILE1 ; setfacl -m u:USER1:r FILE1
2) getfacl FILE1 | setfacl --set-file=- FILE2
3) setfacl -x u:USER1 FILE1
32) How to make USB bootable?
Write efidisk.img from RHEL 6 DVD images/ subdirectory to USB
dd if=efidisk.img of=/dev/usb (usb device name)
33) How can we check disk/device status/failure/errors using smartctl utility?
Try following to check:
Enable/Disable SMART on device/disk : smartctl -s on /dev/sda
Check device SMART health : smartctl -H /dev/sda
Check device SMART capabilities : smartctl -c /dev/sda
Enable/Disable automatic offline testing on device : smartctl -o on/off /dev/sda
Show device SMART vendor-specific Attributes and values : smartctl -A /dev/sda
Show device log [TYPE : error, selftest, selective, directory,background,
scttemp[sts,hist]] : smartctl -l TYPE /dev/sda
Run test on device [TEST: offline short long conveyance select,M-N pending,N
afterselect,[on|off] scttempint,N[,p] : smartctl -t /dev/sda
34) What is the difference between ext2 vs ext3 vs ext4?
Ans http://www.thegeekstuff.com/2011/05/ext2-ext3-ext4/
35) Disable ping to avoid network/ICMP flood
Ans Set following in /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all = 1
Then "sysctl -p"
or
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
36) What is SYN Flood, ICMP Flood
Ans SYN Flood : A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a fake/forged sender address. Each of these packets is handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet(Acknowledge), and waiting for a packet in response from the sender address(response to the ACK Packet). However, because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server is able to make, keeping it from responding to legitimate requests until after the attack ends
ICMP Flood : There are three types of ICMP Flood :
1) Smurf Attack : http://en.wikipedia.org/wiki/Smurf_attack
2) Ping Flood : http://en.wikipedia.org/wiki/Ping_flood
3) Ping of Death : http://en.wikipedia.org/wiki/Ping_of_death
37) What is the difference between Unix vs Linux Kernels?
Ans Please find below given link :http://www.thegeekstuff.com/2012/01/linux-unix-kernel/
38) How to setup Password less remote login/ssh?
Ans Use "ssh-keygen -t dsa or rsa" at local system for creating public and private keys
Then copy /root/.ssh/id_dsa.pub to remote_server by name /root/.ssh/authorized_keys
Change permissions of /root/.ssh/authorized_keys file at remote_server "chmod 0600 ~/.ssh/authorized_keys"
Now try to login from local system to remote_server "ssh root@remote_server"
39) Command to see default kernel image file
Ans "grubby --default-kernel"
40) How to create lvm mirror
Ans lvcreate -L 50G -m1 -n LVMmirror vg0
41) Command to check last runlevel
Ans who -r
42) What do you mean by File System?
Ans File System is a method to store and organize files and directories on disk. A file system can have different formats called file system types. These formats determine how the information is stored as files and directories.
43) What is the requirement of udev daemon?
Ans Create and remove device nodes or files in /dev/ directory
44) What are block and character devices?
Ans Both the devices are present in /dev directory
Block device files talks to devices block by block [1 block at a time (1 block = 512 bytes to 32KB)].
Examples: - USB disk, CDROM, Hard Disk (sda, sdb, sdc etc....)
Character device files talk to devices character by character.
Examples: - Virtual terminals, terminals, serial modems, random numbers (tty{0,1,2,3......})
45) How to Convert ext2 to ext3 File System?
Ans tune2fs -j /dev/{device-name}
46) File required to modify for setting up kernel parameters permanent
Ans /etc/sysctl.conf
47) Commands used to install, list and remove modules from kernel
Ans Installing/adding a module:
insmod mod_name
modprobe mod_name
List installed modules : lsmod
Removing a module : modprobe -r mod_name
48) How to create swap using a file and delete swap
Ans Adding swap :
dd if=/dev/zero of=/opt/myswap bs=1024 count=4
mkswap /opt/myswap
swapon -a
For adding this myswap at boot time, add following in /etc/fstab file:
/opt/myswap swap swap defaults 0 0
Deleting Swap :
Run "swapoff /opt/myswap" command
Remove the entry from /etc/fstab file
Remove /opt/myswap file (using rm command)
49) What vmstat show
Ans vmstat (virtual memory statistics) is a computer system monitoring tool that collects and displays summary information about operating system memory, processes, interrupts, paging and block I/O
50) What is tmpfs File System
Ans Reference : http://en.wikipedia.org/wiki/Tmpfs
tmpfs is a common name for a temporary file storage facility on many Unix-like operating systems. It is intended to appear as a mounted file system, but stored in volatile memory instead of a persistent storage device. A similar construction is a RAM disk, which appears as a virtual disk drive and hosts a disk file system.
Everything stored in tmpfs is temporary in the sense that no files will be created on the hard drive; however, swap space is used as backing store in case of low memory situations. On reboot, everything in tmpfs will be lost.
The memory used by tmpfs grows and shrinks to accommodate the files it contains and can be swapped out to swap space.
51) What is the difference between screen and script commands?
Ans Screen is an screen manager with VT100/ANSI terminal emulation and used to take GNU screen session remotely or locally and while Script make typescript of terminal session
Screen : needs to be detached, should not be exited to access remotely/locally
Script : creates a file and store all the terminal output to this file
52) How can we check which process is assigned to which processor?
Ans Run "ps -elFL" and find out the PSR column which is showing the processor number to the process
53) How can we check vendor, version, release date, size, package information etc... of any installed rpm?
Ans) rpm -qi package-name , for example:
rpm -qi ypbind-1.19-12.el5
No comments:
Post a Comment