68
Certificates vendor certificate vendor neutral RedHat

Certificates vendor certificate vendor neutral RedHat

Embed Size (px)

Citation preview

Page 1: Certificates vendor certificate vendor neutral RedHat

Certificates

• vendor certificate• vendor neutral

RedHat

Page 2: Certificates vendor certificate vendor neutral RedHat

Unix History

• Bell labs: Unix was originally developed for internal use at AT&T Thompson and Dennis ritchie. AT&T licensed the source code, widely allowing many companies to modify and produce UNIX-like operating system, Because AT&T held the name UNIX name, other companies had to create their own names to brand the modifications and addition they had made. AIX from IBM,HP/UX from Hewlett-Packard, SunOS (later Solaris) from sun and IRIX from SGI.

• UNIX Flavors: These many flavors of UNIX operate in a similar manner. At shell prompt, most offer the same standard utilities and commands, although the parameters a command uses may vary from system to system. One can compare UNIX to cars. There are many different makes and models of cars, but fundamentally they all work and are operated the same way, though there are minor differences.

Page 3: Certificates vendor certificate vendor neutral RedHat

Unix principles

• Everything is a file (including hardware): Unix systems have many powerful tools to manipulate files. The UNIX security model is based around the security of files. By treating everything a file, you can secure access to hardware in the same way as you secure access to a document.

• Configuration data stored in text: text is a universal interface, and many UNIX utilities exist to manipulate text. Storing configuration in text allows an admin to move a configuration from one machine to another easily.

• Small, single-purpose programs: Unix provides many small utilities that perform one task very well. When new functionality is required, the general philosophy is to create a separate program . Rather than to extend an existing utility with new features.

• Avoid captive user interfaces: Interactive commands are rare in UNIX. Most commands expect their options and arguments to be typed on the command line when the command is launched. The command completes normally, possibly producing output, or generate an error ,message and quite. Interactive is reserved for programs where it makes where it makes sense,

• Ability to chain programs together to perform complex tasks. A core design feature of UNIX is that output of one program can be input for another. This gives the user the flexibility to combine many small programs together to perform a larger, more complex task

Page 4: Certificates vendor certificate vendor neutral RedHat

GNU project

• GNU project started in 1984• Goal: create free UNIX clone• By 1990, nearly all required user space applications created• GCC, emacs etc• Free software foundation• Non-profit organization that manages the GNU project

Appin

Page 5: Certificates vendor certificate vendor neutral RedHat

Free software

• The term “Free software” may have different meaning than you expect. The term doesn't refer to the cost of the software, but fact that end user has the freedom to modify and change the program. The GNU web site reads , in part:

• Free software is matter of liberty not price. To understand the concept, you should think “free speech” not free “beer”

• Free software refers to the users, freedom to run, copy, distribute, study, change and improve the software.

Page 6: Certificates vendor certificate vendor neutral RedHat

General Public licence

• Primary license to open source software• Encourages free software• All enhancements and changes to GPL software must also be GPL• Often called copyright• All rights reserved

Linux

Page 7: Certificates vendor certificate vendor neutral RedHat

Open source licenses

• Most of the utilities and applications included with Redhat Linux are also covered by the GPL. One major exception is the X windows system. Which has its own terms and conditions. The text of the GPL can be found http://www.gnu.org/copyleft/gpl.html

• A few applications have their own licensing agreement which must be agreed before they can be used.

• All of the software contained in RedHat Linux is free for end user. However, if you are going to be developing commercial application, read the appropriate licenses and agreement first.

Page 8: Certificates vendor certificate vendor neutral RedHat

Linux Origins

• Linus Torvalds• Finish college student in 1991• Created Linux kernel• When Linux kernel combined with GNU applications, complete free UNIX-

like OS possible• Linus Torvalds announced Linux in the comp.os.minix newsgroup in

august 1991.

Think Security Think Linux

Page 9: Certificates vendor certificate vendor neutral RedHat

Why linux

• Fresh implementation of UNIX APPIs• Open source development model• Supports wide variety of hardware• Supports many networking protocols and configuration• Fully supported

The Best Operating system

Page 10: Certificates vendor certificate vendor neutral RedHat

• Linux is a UNIX-like OS: Linux is as similar to UNIX as the various versions are to each other. Conceptually, anything that can be done with another version of UNIX can be done with Linux operating system, although the means may vary slightly

• Multi-user and multi-tasking: Linux is a multi-user and multi-tasking operating system. That means more than one person can be logged on to the same Linux computer at the same time. And a user can have more than one process executing at the same time.

• Wide hardware support: RedHat Linux supports most pieces of modern x86-compatible hardware. In the early days of Linux hardware support was limited: today Linux support has become a check list for hardware vendors.

• Fully supported: Red Hat is fully supported distribution

Virus free

Page 11: Certificates vendor certificate vendor neutral RedHat

Recommended Hardware

• Pentium pro or better with 256 MB ram• 64-bit Intel/AMD with 512 MB ram• 2-6 GB disk space• Bootable DVD

• And kaaaali dunya

Recommended Hardware

Page 12: Certificates vendor certificate vendor neutral RedHat

Sources of Installations

• CD/DVD ROM• Hard Disk• Network (NFS,FTP,HTTP)

Linux Installations

Page 13: Certificates vendor certificate vendor neutral RedHat

File system In Linux

Page 14: Certificates vendor certificate vendor neutral RedHat

File system HierarchyFile system Hierarchy

• / : This is the topmost directory in Linux directory structure.• /boot: This folder contains the all important booting files which are required

to the Redhat machine including the boot loader software & the kernel of Linux

• /etc : This folder contains all important system & configuration files.• /home: This folder contains the home folder for the users . Where users

store their personal data.• /root: This is the home folder for Linux administrator( root user)• /usr: This folder contains all important programme files of the application

which we install in machine. • /bin : All important binaries(cmd) which can be executed by the user.• /sbin: All important binaries(cmd) which can be executed by any super user.

Page 15: Certificates vendor certificate vendor neutral RedHat

• /opt : This folder contains the all important programme files of the application , like third party software

• /var : This folder contains the all important variable files ( such as logs).

File system HierarchyFile system Hierarchy

File system Hierarchy File system Hierarchy

Page 16: Certificates vendor certificate vendor neutral RedHat

• Boot loader: It is a special software which loads the booting files (kernel) from hard disk into computer memory so that computer can get started. In Linux operating system GRUB Grand unified boot loader) and LILO is used.

• Mount point: Is a special point which can be used to access the partition in a hard disk . e.g. C: D: or /data

Boot LoaderBoot Loader

Page 17: Certificates vendor certificate vendor neutral RedHat

Text Editor

• The vi or vim editor can be used to create edit a file in Linux operating system. And it has three modes.

• 1) cmd mode : File editing commands like copy, paste, search, replace, delete

• 2)Insert mode: It can be used to insert text or delete text in a file.• 3)ex mode : Exit mode is used to save the text in a file and can be used to

quit from a file. • vi abc ( can create a file)

Press I ( to insert text in a file)Press esc (to come back to cmd mode)Press esc (to ex mode)Press :w (to save text in a file)Press :q (to quit from a file)Press :wq (to save & quit from a file)

Page 18: Certificates vendor certificate vendor neutral RedHat

Press :q! to forcefully quit without saving

Press :wq! To forcefully quit & save a file

Press :u to undo last changes

Press :abc (to search abc from a file)

Press yy to copy a line

Press p to paste

Press dd to delete a line

Press 5 dd to delete 5 lines

Press 5yy to copy 5 lines

Press ctrl + r to redo

Press o to insert a line down

Press shift + o to insert a line at up

Press shift + g to insert a cursor at end of the last line

Text Editor

Page 19: Certificates vendor certificate vendor neutral RedHat

Press shift + m to put cursor in middle of screen

Press shift+h to put cursor top of the screen

Press yw to copy a word

Press yc to copy a character

Press dw to delete a particular word

Press 5+ dw to delete no of words• cat > abc (create a file ctlr+d to save)• cat abc (displays the contents of a file)• cp /abc /root/abc (copy a file)• mv abc appin (rename a command)• mv appin /root (can move a file)• cat >> abc (append to a file)

Text Editor

Page 20: Certificates vendor certificate vendor neutral RedHat

• rm abc (can remove a file)• mkdir abc (create a directory)• rmdir abc (remove an empty directory)• rm –r abc (delete directory recursively)• mkdir /data (create a directory)• mkdir /data/abc (create sub directory)• pwd (print working directory)• cd /data ( change the directory)• cd (change to home directory)• cd / (change to / directory)

File And directories

Page 21: Certificates vendor certificate vendor neutral RedHat

• cd .. (come back one directory)• cd – ( back to previous directory)• tree /root ( to display directory structure)• rm –rf abc ( to delete a directory forcefully & recursively) • ls (list of files and folders in current directory)• ls –l (long listing of files & folders)• ls –a (list all with hidden files & folders)• ls / (list files & folders )• ls /abc/xyz (will list subdirectories)• cp –rvf /abc/xyz (copy recursively)

File And directories

Page 22: Certificates vendor certificate vendor neutral RedHat

• ls *.txt (list .txt files)• history (displays last inserted commands) • !10 (run number 10th command)• !cal (run last command started with cal)• history –c (Clear all history)• man/info date (manual files)• makewhatis (creates what is database)• whatis cal (displays use of cal command)• cal > abc ( send output of cal to file abc)• date >> abc (append to abc file)• more sales.txt (displays page contents page wise)

File And directories

Page 23: Certificates vendor certificate vendor neutral RedHat

• history | more (displays history page wise)• history | less (------------ can up and down)• history | tail -20 ( displays last 20 inserted lines)• History > history.txt (send history to a file)• tr ‘a-d ‘ ‘A-D’ < sam.txt ( display small to capital)• tr ‘A-D ‘a-d’ < sam.txt (displays capital to small)

File And directories

Page 24: Certificates vendor certificate vendor neutral RedHat

• date (show system date) • cal 9 1751( show calendar)• date mmddhhmmssyy ( set date & time)• date 12051145302008

Date and time

Page 25: Certificates vendor certificate vendor neutral RedHat

Find

• find / -name sam.txt (find a file)• find / -iname sam.txt (search with capital & small)• find / -size 1 mb (find files with 1 mb size)• find / -size +1mb (find files > then 1 mb)• find / -size -1 mb (find files <then 1 mb)• find / -usr marc (find user marc,s files )• find / home –user marc (find user march in home )• stat /data/sam.txt (displays file properties)

Page 26: Certificates vendor certificate vendor neutral RedHat

• touch /data/sam.txt (update the time)• touch logitech• find / -atime +10• find / - atime -10• find / -mtime +10• find / -mtime -10• find / -name india.txt –not –user ashaq• find / -name kashmir.txt –not user root• find / -name india.txt –not –size -10mb• find / -name india.txt –and –user ashaq –not –size +10mb

Find

Page 27: Certificates vendor certificate vendor neutral RedHat

• updatedb (update locate database)• locate sam.txt (search sam.txt file)• User Account: User account used to manage security in our computer to

stop unauthorized access.• Normal user: users who have limited access to system• System user: System user special users with all rights .• # useradd ashaq (add a user)• # passwd ashaq (set password to user)

User management

Page 28: Certificates vendor certificate vendor neutral RedHat

• /etc/passwd (stores user database)• /etc/shadow (file stores the user passwords )• /etc/group (stores all groups)• # userdel ashaq (delete a user)• # userdel –r ashaq (delete a user with home directory)• # useradd –d /users/ashaq ashaq ( add user with home directory other then

default)• # useradd –c “Amit kumar” amit (add user with additional info)

User managemnt

Page 29: Certificates vendor certificate vendor neutral RedHat

• Parameters in /etc/passwd file are .• chintu : a username• X: means encrypted password.• 502: a unique user ID.• 502: a group ID.• Chintu delhi : users details• /home/chintu :users home directory• /bin/bash : a login shell

User management

Page 30: Certificates vendor certificate vendor neutral RedHat

Group Management

• groupadd sales• usermod –g sales ashaq (primary group)• usermod –G abc ashaq (secondary group)• A user can have only one primary group and more then one

secondary groups.• mkdir /data (make a directory)• stat /data (check a user and group)• groups ashaq (check primary & secondary groups)• chgrp sales data (change group of directory)

Page 31: Certificates vendor certificate vendor neutral RedHat

• usermod –s /bin/bash ashaq • usermod –s /sbin/nologin• usermod –u ashaq• usermod -l ashaq• chage –E never ashaq• groupdel sales (to delete a group)• /etc/shadow parameters• ashaq :login name• Xnvvgbbbf : encrypted password• 115 : days before the password was changed

User Management

Page 32: Certificates vendor certificate vendor neutral RedHat

• 0: days after the password u can changed.• 99999 :days after the password must be changed.• 7 : expiry of password• 0: password validity after expiry• 12134 : days on which the account is disabled.

User Management

Page 33: Certificates vendor certificate vendor neutral RedHat

Permissions

• Two type of method to apply permissions.• 1) symbolic method• 2) Numeric method• R= read, w=write, x=execute, - =noperm• 4=read, 2=write, 1=execute, 0=noperm• Operation• + = add, - = remove, = = overwrite• chmod can be used to change the permission. when a user creates a file or

a folder the user becomes owner of that file/folder. Also a group with a group is created automatically by system.

• chmod u+rw,g+r,o+x /data or • chmod 641 /data• stat /data

Page 34: Certificates vendor certificate vendor neutral RedHat

Umask

• A umask value plays an important role in file or folder permissions. The umask value for root user is 022 and other users 002. we can change the default umask value .

• The maximum permission on a folder created by root can be 777 but the umask value gets less from actual permissions .

• 777-022=755 (default permission on folder)• 666-022=644 (default permission on file)

Page 35: Certificates vendor certificate vendor neutral RedHat

umask

• The default vale on folder can be 777 which is created by user but the umask mask value gets less from actual value .

• 777-002=774 (default folder permission)• 666-002=664 (default file permission)

• umask (can be used to check the current umask value)• # umask 044 ( can be used to set umask value)

Page 36: Certificates vendor certificate vendor neutral RedHat

Special Permissions

• SUID (Set use ID): Command will run with permission of the owner of the command, not executor of the command.

• # chmod 4665 /etc/abc• SGID(set Group ID):Command run with group affliation of the group of the

command.• # chmod 2665 /etc/abc• Sticky Bit : This is special permission for directories . The sticky bit on the

directory sets a special restriction on deletion of files . Only the owner of the file and super user can delete files in that folder.

• # chmod 1777 /data

Page 37: Certificates vendor certificate vendor neutral RedHat

Access Control list

• Files and directories have permission sets for the owner of the file, the group associated with the file, and other users in the system.

• However, these permissions sets have limitations. for example, different permissions cannot be configured for different users. Thus ACL were implemented.

• ACL- mounting file system: before using ACL for a file or directory the partition for the file or directory must be mounted with ACL support. If it is a local ext3 file system, it can be mounted by following command:

• # mount –t ext3 -0 ACL /dev/sda8 /data or• Alternative: if the partition is listed in the /etc/fstab file, the entry for the same

is ; • # vi /etc/fstab • #/dev/sda8 /data ext3 acl 12 :wq*1090000909

Page 38: Certificates vendor certificate vendor neutral RedHat

ACL Types

• There are two types of ACL • 1) Access acl : It is the access control list for a specified files and

directories.• 2) Default acl : It can be associated with a directory if a file with the

directory does not have an access ACL. It uses the rules of the default acl for the directory. Default ACL are optional .ACL can be configured

• Per user• Per group• Via the effective right mask• For users not into the user group for the file

Page 39: Certificates vendor certificate vendor neutral RedHat

Applying ACL

• The setfacl command is used to set ACL for files and directories. use the option to add or modify the ACL of a file or directory.

• > setfacl –m _:_:_ filename (to set acl)• u =for users :username:rwx • g =for group :groupname:rw• o =for others : rx• # setfacl –m u:ashaq:rwx /etc/appin.txt• # setfacl –x u:ashaq /etc/appin.txt ( to remove applied acl on file)• # getfacl /etc/appin.txt ( to check)

Page 40: Certificates vendor certificate vendor neutral RedHat

Login Shells

• Login shells are first shells started when a user login in to computer • Shells launched from a login shells typically are not login shells• Startup scripts: order of execution• 1) /etc/profile ( used for all users logins)• 2) /etc/profile.d (It provides the desktop environment)• 3) /home/ashaq/.bash_profile ( for single user)• 4) /home/ashaq/.bashrc ( for single user)• 5) /etc/bashrc ( for all users) • No login shells• > ~/.bashrc /etc/bashrc /etc/profile.d

Page 41: Certificates vendor certificate vendor neutral RedHat

Bash scripts• vi /etc/profile• echo “Hello `whoami`”• echo “today is `date`”• alias cls=`clear`• vi /etc/bashrc• Set umask • vi /home/appin/.bashlogout• echo “Thanks for using system”• echo “system was running ‘uptime’”• echo “wait ……Your data is being processed”• for n in {10..1}; do• echo $n• echo “please wait” • sleep 1• clear • done

Page 42: Certificates vendor certificate vendor neutral RedHat

Some Important commands• grep appin /etc/passwd • ln –s /data /root/Desktop (Softlink)• ln /data /root/desktop (hard link)• cp , scp, ssh, • du –sh /data (to size)• df –h (hard disk)• wc sales.txt wc –w, wc –l, wc –c• wget, elinks, cross overoffice, • dd if=/dev/cdrw of=/win.iso

Page 43: Certificates vendor certificate vendor neutral RedHat

How to create partition

• fdisk –l• fdisk /dev/…..• p (to list current partitions)• N ( to create new partition)• 1000M ( to assign size of partition)• wq (to save & exit) • partprobe ( to update partition table) • mkfs.ext3 /dev/…• Mount /dev/… /mnt ( define mount point)

Page 44: Certificates vendor certificate vendor neutral RedHat

Delete a partition• fdisk /dev/….• d (to delete a partition)• Enter partition number• wq ( to save & exit) • partprobe ( to update table)• Remove fstab entry from /etc/fstab

Page 45: Certificates vendor certificate vendor neutral RedHat

Backups

• tar –cvf abc.tar a b c d • tar –cvf abc.tar * (all files)• tar czvf abc.tar a b c d ( compress) • tar czvf abc.tar * (compressed)• tar xvf abc.tar (to extract files) • tar –cvf abc.tar a bc d• bzip2 abc.tar or gzip abc.tar (compress)• bunzip abc.tar.gz gunzip abc.tar.gz (decompress)• du -sh abc.tar.gz

Page 46: Certificates vendor certificate vendor neutral RedHat

• head sales.txt (will display top 10 lines) • head –n 13 sales.txt (will display 13 lines)• tail sales.txt (will show last 10 lines)• tail –n 13 sales.txt (will show last 13 lines)• wc sales.txt (count words lines characters)• wc –w sales.txt (will count words)• wc –l sales.txt (will count lines)• wc –c sales.txt (will count characters)• grep ashaq /etc/shadow (search ashaq from file /etc/shadow)

Basic Commands

Page 47: Certificates vendor certificate vendor neutral RedHat

• Sed ‘s/india/indians/’ english.txt• Sed ‘s/india/indians/g’ english.txt• # ifconfig (to check ip address)• # neat –tui (to assign new ip)• # service network restart • # vi /etc/sysconfig/network-scripts/ifcfg-eth0• # vi /etc/sysconfig/network (hostname file)• # cd /etc/sysconfig/network-scripts• # cp ifcfg-eth0 ifcfg-eth:02• # vi ifcfg-eth0:02• # device =etho:02• # enter new ip :wq• # vi /etc/hosts• # 192.168.1.100 server.com

Network configurations

Page 48: Certificates vendor certificate vendor neutral RedHat

• #Vi /etc/sysconfig/network-scripts/ifcfg-eth0-range• IPADDR_START=192.168.1.1• IPADDR_END=192.168.1.20• CLONENUM_START=0 :wq• # service network restart• # ifup/ifdown eth0 (enable or disable lan card)• # mii-tool –v • # /etc/resolve.conf (dns entry)• nameserver 192.168.1.1 :wq

Network configurations

Page 49: Certificates vendor certificate vendor neutral RedHat

Steps to create swap Partitions.

• fdisk /dev/had• Com(m for help): n• Com(m for help):p• Com(m for help):1000M• Com(m for help):t (transfer partition ID)• Com(m for help):62 (for swap)• Com(m for help):wq• # partprobe (update partition table)• # mkswap /dev/.. • # swapon –s (to check swap partitions)• # swapon –a ( to apply all swap memory)• # swapon /dev/hda7• /dev/hd.. swap swap 0 0 (in /etc/fstab file)

Page 50: Certificates vendor certificate vendor neutral RedHat

Remove partition & Grub Password

• # swpoff /dev/hda• /etc/fstab (delete swap entry)• How to create Swap File• # dd if=/dev/zero of=/swapfile bs=1M count=1024• # mkfs /swapfile• # swapon /swapfile• Vi /etc/rc.d/rc.local• Swapon /swapfile• Enter Boot loader password• # grub-md5-crypt >> /boot/grub.conf (caution: don't use >)• # Enter password• # vi /etc/grub/grub.conf• password --md5 (paste passwd here) :wq

Page 51: Certificates vendor certificate vendor neutral RedHat

File Sharing

• NFS (Network file sharing) can be used to share files and folders in Linux. • Install NFS• # mkdir /data• # vi /etc/exports• /data *(ro,sync) :wq• # service nfs start• # service portmap start• # chkconfig nfs/portmap on • # showmount –e <ip address> • # exportfs -v

Page 52: Certificates vendor certificate vendor neutral RedHat

Yum Server Configuration

• What is YUM: It is an automatic updater and package install/remove for rpm systems. It automatically computes dependencies and figure out what things should occur to install packages. It makes it easier to maintain groups of machines having to manually update each one using rpm.

• Features:• Multiple repositories• Simple config file• Fast operation

• Install vsftpd• copy Linux DVD into /var/ftp/pub• cd /var/ftp/pub

Page 53: Certificates vendor certificate vendor neutral RedHat

Yum server configuration

• /pub# cp Server/repodata/comps-rhel5-server-core.xml Server• /pub# cp VT/repodata/comps-rhel5-vt.xml VT• /pub# cp Cluster/repodata/comps-rhel5-cluster.xml Cluster• /pub# cp ClusterStorage/repodata/comps-rhel5-cluster-st.xml

ClusterStorage• Now Install createrepo package• /pub# rpm –ivh Server/createrepo…..rpm• /pub# createrepo –vg comps-rhel5-server-core.xml

/var/ftp/pub/Server• /pub# createrepo –vg comps-rhel5-vt.xml /var/ftp/pub/VT• /pub# createrepo –vg comps-rhel5-cluster.xml /var/ftp/pub/Cluster• /pub# createrepo –vg comps-rhel5-cluster-st.xml /var/ftp/pub/ClusterStorage

Page 54: Certificates vendor certificate vendor neutral RedHat

Yum server package config

• vi /etc/yum.repos.d/abc.repo• [server]• name = my server• baseurl= file:///var/ftp/pub/Server• gpgcheck=0• [VT]• name = vt• baseurl= file:///var/ftp/pub/VT• gpgcheck• :wq

Page 55: Certificates vendor certificate vendor neutral RedHat

Yum Client configuration

• Check connectivity by ping 192.168.1.100• Vi /etc/yum.repos.d/abc.repo• [Server]• Name=abc• Baseurl=ftp://192.168.1.100/pub/linux/Server• gpgcheck=0• :wq

Page 56: Certificates vendor certificate vendor neutral RedHat

Package management

• What is package?• In the generic sense, an RAM package is a container of files. It includes

the group of files associated with a specific program or application, which normally includes binary installation scripts, as well as configuration and documentation files. It also includes instructions on how and where these files should be installed and uninstalled.

• What is RAM?• The RPM package manager greatly simplifies the distribution, installation,

up gradation and removal of software on RHEL system .• Software to be installed using rpm is distributed through rpm package files

which are associated compressed archives information. Package files are named using the following format . Name-version-release architecture...rpm

Page 57: Certificates vendor certificate vendor neutral RedHat

Installing and removing software

• rpm command is used for following functions.• Install : -I• Upgrade : -u• Freshen : -f• Erase : e• Example to run a command• # rpm –ivh vnc-2.3…rpm (to install package)• # rpm –e vnc (to remove)• # rpm –q (to queries any installed package) • # rpm –qa (to queries all installed package)• # rpm –qi (to show general information)• # rpm –qip (show general information of uninstalled

packages)• # rpm – qlp (lists of packages of uninstalled packages)• # rpm –ivh abc…rpm –nodeps ( install packages & ignore

dependencies)

Page 58: Certificates vendor certificate vendor neutral RedHat

CronD• It can be use to schedule reoccurring events• Use crontab to exit,install and view jobs schedule.• crontab –I list crontab jobs• crontab –r remove crontab• crontab –e edit jobs• Fileds in a crontab file can be separated by any number of tabs or spaces• crontab –e• * * * * * mkdir /data• Min hour date month day of weak• (0-59) (0-23) (1-31) (1-12) (0-6) 0=Sunday• : wq• crontab –e ashaq (for a user)• Restrict /allow users to cron • /etc/cron.allow• /etc/cron.deny (define username to restrict)• /etc/crontab (the file is using to the set crond jobs for system)

Page 59: Certificates vendor certificate vendor neutral RedHat

Disk Management

• System initialization: device recognition• Master Boot record (MBR) Contains:• Executable code to load operating system.• Space for partition table information, including• Partition ID or type• Starting cylinder for partition• Number of cylinders for partition• When s system boot, a search for code that can start an operating system

is made a list of devices as defined in the BIOS. The first executable code found is used. Most often a system boot from hard drive attached to the system main board, and from the code found at first sector, of the first cylinder—the Master Boot record, or MBR—of the drive. This executable code is called BOOT LOADER.

• There are many boot loaders which can be used an operating system. But a boot loader do not load more than one OS at a time , even on multiple-boot systems.

Page 60: Certificates vendor certificate vendor neutral RedHat

Primary partitions

• In addition to the boot loader described above, the MBR contains a structure describing the hard drive partitions. IDE drives on Linux use legacy structures to describe four primary partitions, with provision for an extended partition and its “logical” partitions. Each partition, described by its size—in sector, blocks or cylinders- and its offset from the “zeroth” cylinder, has a type which is also stored in the MBR structure. Linux specific partitions would normally be one of the following types.

• 0X5 Extended• 0X82 Linux Swap• 0x83 Linux• 0x8e Linux LVM• 0xfd Linux Raid. • The total number of partitions supported by the kernel:• 63 for IDE drives• 15 for SCSI drives

Page 61: Certificates vendor certificate vendor neutral RedHat

Extended partitions and logical partitions

• If one of the primary partition is marked as Extended(type’0x5’) or wn95 Extended(‘0Xf). Then the first sector of the partition described by the entry will contain another block of partition descriptions. These descriptions define partitions known as logical partitions. Use of logical partitions is a work-around for limitations in the legacy.

• Why partitions?• Unix best practices suggests that we should partition our disks for many

reasons. BY creating separate file system we can contain applications and users to that file system. If it fills up because of security breach or user demand, the rest of the operating system is more insulated from the issue. Separate partitions improve performance by keeping data together which reduces disk head seek. If you would like to use quotas, they are enabled at the file system level. Also partitioning eases backup and recovery. If your application and its data are on separate file system, the operating system can be upgraded or reinstalled without having to restore the data from elsewhere

Page 62: Certificates vendor certificate vendor neutral RedHat

Create a partition

• fdisk –l (to check current partitions)• fdisk /dev/hd….. (refer to hard disk)• n (for new partition) • +1024M (size of partition)• p (to check)• wq (to save and exit) • partprobe (to update partition table without reboot)• mkfs.ext3 /dev/… (format a partitions)• Mount /dev/… /mnt/data (define mountpoint)• Vi /etc/fstab• /dev/… /mnt/data ext3 (permanent) :wq

Page 63: Certificates vendor certificate vendor neutral RedHat

Logical Volume Manager

• A logical volume manager may be used to create virtual partitions called logical volumes from one or more disk partitions or RAID devices. Each partition, or physical volume, is assigned to a virtual disk called a volume group. Multiple physical volumes may be assigned to the same volume group, and a volume group may be partitioned into multiple logical volumes.

• Each volume group divides its pool of disk space into extents of identical size. The size of an extent is set for a particular volume group when that volume group is first created. An extent is typically between 1 MB and 64 MB size . Extents may then be assigned to a new or existing logical volume in the volume group currently, a single logical volume may contain at most 65534 extents, so larger extents allow larger logical volumes.

• The logical volume manager provides no redundancy by itself. If a single physical volume fails, any logical volume which is assigned extents from that volume will also fail.

• LVM provides flexible disk management. It is easier to resize logical volume than it is resize normal disk partitions. New physical volume may be added group, or existing logical volume can be reduced in size, providing additional extents. Those extents can then be assigned to any logical volume in the volume group. The file system on the logical volume being resized must also support resizing. The standard ext3 file system currently supports off-line resizing.

Page 64: Certificates vendor certificate vendor neutral RedHat

Logical Volume mnager

• Create partitions• fdisk –l (to list partitions)• fdisk /dev/.. (to create new partition)• n (for new )• t ( to change partition type)• 8e (for lvm)• # pvcreate /dev/hda1 /dev/hda2 /dev/hda3• # vgcreate vg1 /dev/hda1 /dev/hda2 /dev/hda3• # vgchange –a y vg1 (activate vg)• # lvcreate –L 3000M –n lv1 vg1 (create lvm)• # mkfs.ext3 /dev/vg1/lv1• # mount /dev/vg1/lv1 /mnt/data (data should be existing)• # vi /etc/fstab• /dev/vg1/lv1 /mnt/data ext3 :wq (for permanent)

Page 65: Certificates vendor certificate vendor neutral RedHat

Logical Volume Manager

• Extend LVM size:• # umount /dev/vg1/lv1• # lvextend -L +200M /dev/vg1/lv1 (size will be alloted from PV1)• # lvextend –L +200M /dev/vg1/lv1 /dev/hda2• # mount /dev/vg1/lv1 /mnt/data• # df –ha ( TO CHECK ) • Reduce LVM size:• # umount /mnt/data• # lvreduce –L -100M /dev/vg1/lv1• # mount /dev/vg1/lv1 /mnt/data• Some important commands • # pvscan pvdisplay• # vgscan vgdisplay • # lvscan lvdisplay

Page 66: Certificates vendor certificate vendor neutral RedHat

Software RAID

• RAID is an acronym for ‘Redundant Array of inexpensive Disks” with software RAID, the operating system combines multiple RAID partitions on different disks into a single RAID device. (Linux also support Hardware RAID using special disk controllers or external storage devices. These devices usually look like normal disks or disk partitions to the installer0 The installer allows you to setup software RAID devices. You first create RAID partitions by creating a partitions normally with a file system type of “ software RIAD”. Then you click “RAID” button, and create a RAID device from RAID type, but you will also need to assign a RAID device name /dev/md0 and select RAID level each RAID level has different advantages and disadvantages.

• RAID level 0 is called “Stripping” : This type of RAID required at least two RAID partitions. The resulting RAID device is a virtual partition the size of all the member RAID partitions added together. RAID 0 allows creation of file system bigger than any one disk and has high performance for read and writes . However , it is not truly a redundant array: if any disk in the RAID device fails the file system on the RAID device is destroyed.

• RAID level 1 is called Mirroring: - It also requires two RAID partitions . The resulting RAID device is a virtual partition the size of the smallest of the member RAID partition. All RAID partitions which are members of RAID device contain identical data. If any disk in the RAID device fails, the RAID device continues to function without losing data. This is useful for fault tolerance, but cost in term of disk space . Performance for reads and writes is good.

Page 67: Certificates vendor certificate vendor neutral RedHat

Software RAID

• RAID level 5 is called “striping with parity”: It requires at least three RAID partitions of the same size. Like RAID 0 , this RAID level allows creation of file system bigger than any one disk. However, additional parity data is also stored on the RAID device which can be used to preserve file system data even if a single disk in the RAID device fails. Therefore RAID 5 can survive single disk failure, but at the cost of some storage efficiency. Read performance is good but write performance is slower due to parity updates .

• Practical of RAID:• Create three partitions change id to ‘fd’ for RAID• # mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/hda1

/dev/hda2 /dev/hda3 “missing” (Meta disk administration) • # mdadm - -details /dev/md0• # mkfs.ext3 /dev/md0• # mount /dev/md0 /mnt/data• # vi /etc/fstab • # /dev/md0 /mnt/data ext3 :wq

Page 68: Certificates vendor certificate vendor neutral RedHat

Managing RAID

• # mdadm --manage /dev/md0 - -fail /dev/hda1• (in case any disk get fail in RAID 5 the above command can be used to

undetect that disk)• # mdadm --manage /dev/md0 --remove /dev/hda1• (To remove failed disk from RAID 5 partition) • # mdadm --manage /dev/md0 --add /dev/hda4• (can be used to add another disk to existing RAID 5 partition)• To remove RAID Device• # remove fstab entry• # umount /dev/md0• # mdadm --stop /dev/md0• # mdadm --remove /dev/md0