Linux-Reference-Guide/CentOS7 at master · tammybutow/Linux-Reference-Guide · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
Resetting root password
----------------------------------------------------
$ delete rhgb quiet
# add rd.break enforcing=0 to end of linux 16 line
$ ctrl + x
$ mount -o remount,rw /sysroot
$ chroot /sysroot
$ passwd
$ mount -o remount,ro /
$ exit
$ exit
server will now reboot, you can use the new password
$restorecon /etc/shadow
$setenforce 1
$getenforce

Configure network interfaces
----------------------------------------------------
$nmtui (network manager text user interface)

#or you can edit the files directly:
$cd /etc/sysconfig/network-scripts
$vim ifcfg-eth0

Setting a hostname and making it perm on reboot
----------------------------------------------------
$nmtui
#edit the hostname
$systemctl restart systemd-hostnamed

or
$systemctl restart NetworkManager

#check the hostname persists after reboot
$hostname

Modify default DNS
----------------------------------------------------
$nmtui
$nmcli conn down enp0s3
$nmcli conn up enp0s3

or edit the file manually

$vim /etc/sysconfig/network-scripts/ifcfg-eth0
#add gateway=ip to file
#add DNS to file
#restart connection
$systemctl restart NetworkManager

Create a repo and get materials via FTP
----------------------------------------------------
$mkdir /myrepo
$cd /myrepo
$wget ftp://addressoffiles
$tar xvf packages.tgz
#now make the repo with these files
$vim /etc/yum.repos.d/myrepo.repo
#edit the file to include:
| [myrepo]
| name=myrepo
| baseurl=file:///myrepo
| gpgcheck=0
#create the repo
$createrepo /myrepo
#check it exits and has all packages
$yum repolist
# you can now yum install the packages you added to your repo
$yum install packagename

Adding Groups and Users
----------------------------------------------------
#add 3 users, mark, gallia and jono. Mark and Gallia belong to the parents group as an additional group. Jono's login shell is not interactive.
$groupadd parents
$useradd -G parents mark
$useradd -G parents gallia
#view their groups
$id gallia
#now add jono
$useradd -s /sbin/nologin jono
#show the login shell for each user
$cat /etc/passwd

Changing Directory Permissions
----------------------------------------------------
$mkdir parents/
#change parents directory to 770 for permissions, permissions are in ugo form... user (owner) - group - others
$chmod 770 parents/
#change the group for the parents directory to parents
$chgrp parents parents/
#view the permissions for each directory
$ls -l

Managing the Kernel
----------------------------------------------------
#view kernel modules
$lsmod
#view installed kernels
$rpm -qa kernel
#view current kernel
$uname -r
#import kernel and set it as the default
$rpm -ivh kernel.rpm
#create the config file
grub2-mkconfig -o /boot/grub2/grub.cfg

#remove an old kernel
$yum remove kernel-ml-4.1.3-1.el7.elrepo.x86_64

LDAP with authconfig-gtk
----------------------------------------------------
$yum install nss-pam-ldapd
#install x window
$yum search window
$yum install xorg-x11-server-Xvfb.x86_64
#start a graphical environment
$startx
$authconfig-gtk
#LDAP Base DN: dc=tammybutow,dc=com
#LDAP Server: ldap://server.tammybutow.com
#Download cert: ftp://blah.pem
#click apply

or

$authconfig-tui
#select use LDAP
#select use LDAP Authentication
#click next
#select use TLS
#Base DN: dc=tammybutow,dc=com
#put .pem cert file in /etc/openldap/cacerts

#checkldapusers
$su - ldapuser1
$id #this will show the user's id if they exist

#restarting LDAP
$systemctl restart nslcd

Automount a filesystem
----------------------------------------------------
$yum install nfs-utils
$vim /etc/exports
#edit the file
|/data    -rw      *(rw,no_root_sqaush)
|
|
$systemctl start nfs
$systemctl status -l nfs #tells me what errors may have occured if any
$showmount -e localhost
$systemctl restart autofs
$vim /etc/auto.master
#edit the file
|/nfsserver    /etc/auto.nfsserver
|
|
$vim /etc/auto.nfsserver
#edit the file
|blah   -rw      localhost:/data
|
|
$cd /nfsserver
$ls -a #you will see nothing
$cd blah #you will see the mounted filesystem
$ls #you will see the files in blah which is localhost:/data


Setup a cron job
----------------------------------------------------

The user mark must create a cron job that runs daily @ 15:25 local time and executes: echo hello
$Crontab –e –u mark
#edit the file
|SHELL=/bin/bash
|HOME=/
|MAILTO=”example@digitalocean.com”
|#This is a comment
|25 15 * * * echo ‘hello’

#view what cron jobs are running
$crontab -l
$crontab -u mark -l

Configure Swap Space
----------------------------------------------------

#check if swap exists
$free -m
#identify space usage and availability
$df -h
#add swap
$fallocate -l 2GB /swapfile
$ls -lh /swapfile
$chmod 600 /swapfile
$mkswap /swapfile
$swapon /swapfile
$swapon -s

#make swap perm
$vim /etc/fstab
#edit file
|/swapfile       swap    swap    sw      0       0
|
|


Find files owned by mark and copy to a directory /opt/mark
----------------------------------------------------
$cd /opt/
$mkdir mark
find /home/mark -user mark -exec cp -f {} /opt/mark/ \;

Find strings that match a string in a file
----------------------------------------------------
$grep ‘abc’ /etc/myfile > /tmp/myfile

Find files that match a string and copy them to a destination
----------------------------------------------------
$grep 'lib' /etc/* | xargs cp -t /tmp/lib


ACLs
----------------------------------------------------
#Copy the file /etc/fstab to /var/tmp
$cp /etc/fstab /var/tmp/
#check permissions
$getfacl /var/tmp/fstab
#set gallia to have rw access
$setfacl –m u:gallia:rw- /var/tmp/fstab
#set mark to have no acess
$setfacl –m u:mark:--- /var/tmp/fstab
#All other users have the ability to read file /var/tmp/fstab
$setfacl /etc/fstab –m o::r-- /var/tmp/fstab
#verify settings
$getfacl /var/tmp/fstab

LVM
----------------------------------------------------
$lvmdiskscan

#check what's up
$df -h
$fdisk /dev/vda1
#now using the tool
$p #partition
$n #new
$l #logical
$ #enter
$ +1GB
$ t
$ 7 #partition number
$ l # lists types
$8e #Linux LVM
$p
$w #write
$partprobe /dev/vda1
$cat /proc/partitions #view it now available


Resize LVM
----------------------------------------------------
#Check current size
$lvdisplay
$df -h
$lvs
$vgs

To make a volume bigger we need to create another physical volume
$p
$n
$e #extended helps if you need to add more later, consumes remaining space
$ #enter
$ #enter
$n
$p
$t
$5
$8e
$w
$partprobe


Create user with specific ID already set then add password
----------------------------------------------------
$useradd -u 1234 erin
$passwd erin
#enter a password for erin


Configure Time Services
----------------------------------------------------
$yum install -y ntp
$yum install -y chrony
$systemctl enable chronyd
$systemctl start chronyd
#config is in /etc/chrony.conf
#systemctl stop ntpd

then
#ntpdate pool.ntp.org

or
#comment out the servers not needed
#add server.tammybutow.com iburst
$timedatectl status

then
$systemctl start ntpd