Red Hat System Administration II

RED HAT SYSTEM ADMINISTRATOR II
by Arthur Berezin Arthur@Berezins.com
Red Hat System Administrator II

Automated Installation Network Configuration User Accounts Installing and Managing Software Manage Installed Software Anal %ing and storing logs Tuning and Maintaining the Kernel S stem !eco"er Techni#ues
Accessing Command Line
Managing Partitions and FS L$M
Network User Account
Command Line Tools !eg&'( Pi)eLine I*+ !edirection
Access Control Lists
Network File Sharing
Managing S&Linu'
Managing Processes
Automated Installation of Red Hat Enterprise Linux

System- onfi!-"i "start Ser#e "i "start file Installation Media $erform "i "start Installtion %i "start file details
Kickstart

Installing a Linu' s stem is eas ,hat do we do when we ha"e to install tens of machines
All identical Com)laint with organi%ations )olicies
Start installation with answer file Kickstart is an answer file to installer

System- onfi!-"i "start
Kickstart file is an answers file to the installer S stem.config.kickstart is a /UI tool to 0uild kickstart files
Make Kick.start A"aila0le
+n installation )rocess a kickstart can 0e )ro"ided Su)orted methods

FTP( 1TTP( NFS US2*C3!+M Lock disk
Create 2oot Media

2oot4iso was )ro"ided in !1&L5( 2oot4iso new can 0e download from !1N To create a 0oota0le C3 use command
6 cdrecord 0oot4iso 6 dd if70oot4iso of7*de"*sd&8
To create a 0oota0le US2 use command
2oot4iso can also 0e started from a P9& ser"er

Point the installer to a kickstart file
2oot with installation media 1ighlight :Install or u)grade an e'isitng s stem; Press TA' Add ks7 entr

ks7htt)<**= 1+ST > IP ?*file ks7ft)<** ks7nfs<= 1+ST > IP ?*file ks7hd<3&$IC&<*dir*file ks7cdrom<*dir*file
Modif a kickstart file
After linu' installation( the installer( anaconda( creates configuration file *root*anaconda4cfg This contains settings used on the installation 6 less *root*anaconda.ks4cfg $artitionin! lines are ommented out ,e can add )re * )ost scri)ts Add )ackages
$alidate manuall created ks
If ks was manuall edited "alidate it with
6 ks"alidator *root*m kickstart4cfg
A((ESSIN) (OMMAND LINE

*nderstandin! t+e ,as+ s+ell Lo al - Remote (ommands
,h Command Line

,e ha"e mature gra)hical tools in Linu' Man ser"ers do not ha"e gra)hical en"ironment installed Linu' allows much ad"anced configuration than )resented in the gra)hical en"ironment There are man shells a"aila0le 2AS1 is default shell in !1&L
Access Command Line Locall
Terminal ,indow

A))lications ? S stem Tools ? Terminal This runs 0ash @or other default user shellA under the window &ach console acts as se)arate terminal .irst "irtual console has gra)hical session Use CT!L B ALT B CF8.FDE to switch consoles +n !1&L5 tt D was the /UI
$irtual Console

2AS1 2asics

F is non )ri"ileged regular user 6 is su)eruser @rootA To switch to )ri"iliged user use / su
/ exit - lo!out - (TRL 0 D to return to regular user
/ id to find information a0out current user /tty to find out in which terminal
Access remote command.line
To access a remote command line use

Secure Shell @sshA
6 ssh remotehost 6 ssh remote.userGremotehost
To login as user remote.user To run single command at remote+ost
6 ssh remote.userGremotehost command
F w lists currentl logged in users

SS1 1ost Ke
,hen a client connects to a ser"er the ser"er sends itHs )u0lic ke to the client The client sa"es the ke to
4I*ssh*knowJhosts
The host stores the ke in *etc*ssh*sshJhostJke If the ser"er is re.installed the client has to remo"e the known ke
Intermediate Command Line Tools

Creating and user 1ard Links Archi"ing $IM
Using 1ard Links

1ard link are another co) of inode 1as identi al inode num,er as the original file If the original files are deleted we still can access the file Can 0e done onl on same files stem
1ard Links
6ln orig.file hardlink.filename
Archi"e and Com)ression
Archi"ing is usgul when mo"ing data around and o"er Network Tar is a tool for archi"ing Can 0e used for g%i) * 0%i)K com)ression S nta' <
Tar o)rions =f filename? =c source?

c create ' for e'tract t for test f for filename % g%i) * L for 0%i)K
6 tar c"%f com)ressed.file4tar4g% *etc

$IM Inctroduction
Command Mode

Mou start here &SC 0rings ou 0ack here Usefull to tell $IM what ou intend to do Commands< dd( ( ) and u*U
Insert Mode
+n command Mode HiH to start insert te't :<; in command mode , tosa"e file( # to #uit
&9 Mode

$IM
!egular &')ressions Pi)elines and I*+ !edirections
!ed&' Pattern Matching /re) Te't Filter !edirect In)ut * +ut)ut
!eg&' 2asics
Using /re)
/eneral !eg&' Parser N Searches a file for matching )attern

.i for Case Inseseti"e ." to )rint lines NOT matching the )attern ..color to show the matched )attern
6 gre) @+)tionsA H!eg&' PatternH =FIL&NAM&?
Pi)eline and !e.directions

Process send out)ut to the terminal And get in)ut from the ke 0oard Process also send error messages I*+ redirection is a "er )owerful and useful tool Lets ou connect command out)ut and in)ut to files and from files
Pi)eline and !e.directions
? !edirect out)ut to file @+"erwriteA
ls .l ? *tm)*file
?? !edirect out)ut to file @A))endA

ls .l ?? *tm)*file
K? !edirect &rror messages to file

find 4 .name somefile K? *tm)*errors
O? !edirect ST3 out)ut and &rror to file

find 4 .name some file O? tm)*outJandJerr
= !ead in)ut from file

gre) root = *etc*)asswd
> send out)ut from to ST3IN of another command

ls .l > gre) somefile
Net1or" (onfi!uration and Trou,les+ootin!
Network Configuration Files 2asic Trou0leshooting Process Network trou0leshooting toolkit
Understanding Network Configuration

Linu' kernel calls itHs network interfaces 0ased on the t )e of the de"ice
&thernet card would start with et+ For e'am)le ethP( eth8

&ach interface is num0ered starting from P
,ireless de"ices would 0e called wlanP $irt0rP for 0ridged "irtual hosts 2ondP for 0onded@NIC teamingA network de"ice
ALL (ON.I)*RATION (HAN)ES M*ST 'E 2RITTEN TO (ON.)*RATION .ILES

Network Configuration
Commands ip - if onfi! to show on tem)orar change network configuration

6 i) addr show ethP 6 i) .s link show ethP 6 ifconfig ethP 6 i) route
1ostname !esolution
The +ostname command shows or tem)orar changes hostname FQ3N To know hostname*i) of other s stems -et -+osts is checked first If not found we ha"e to check the 3NS -et -resol#3 onf sets 3NS ser"ers

Nameser"er N IP address of 3NS to #uer Search N 3omain to test with short names
6 getent hosts face0ook4com

Modif ing Network Configuration
Net1or"Mana!er lets network modification from the gra)hical user interface Consists from

ser"ice :NetworkManager; /nome A))let /ra)hical configuration tool
If NetworkNamager is running( manual changes to ifcfg.R are affect immidiatel To manuall manage network configuration disa0le NetworkManager ser"ice
-et -sys onfi!-net1or"-s ript-if f!-4NAME5

3&$IC&7=de"ice name( ethP for e'am)le? +N2++T7 es 1,A33!7=MAC A33!&SS? NMJC+NT!+LL&37no 2++TP!+T+7drc) P&&!3NS7no 6 to )re"ent *etc*resol"4conf changes
31CP

Manuall Configured

2++TP!+T+7static IPA33!78SK48TU4KP848 P!&FI97KV * N&TMASK7K554K554K554P 3NS878SK48TU4KP84K5V

*etc*s sconfig*network

1+STNAM& . our FQ3N hostname /AT&,AM. static default route if not 31CP
ifu) =3&$IC&? to start de"ice Ifdown =3&$IC&? to sto) de"ice +r restart network ser"er
6 ser"ice network restart

AL,AMS when making netowk changes

Modif configuration file !estart Network ser"ice Test and $erif the change
2asic Trou0leshooting Process
T&ST

!e)roduce * Characteri%e &rror Messages * logs Look at rele"ant configuration files Com)are e')ected settings Modif * reacti"ate configuration
Check

Fi'
$erif 0 running the T&ST )hase again

2asic Trou0leshooting Process
IP and Network connecti"it

T&ST< )ing C1&CK< i) addr * ifconfig FI9< *etc*s sconfig*ifcfg.R T&ST< traceroute =1+STNAM&? C1&CK< i) route * netstat .r FI9< *etc*s sconfig*network T&ST< 1ost =hostname? * dig C1&KC< *etc*resol"4conf or *etc*hosts or 3NS ser"er FI9< *etc*resol"4conf
!outing

Name !esolution

Network Configuration Summer
*etc*s sconfig*network.scri)t*ifcfg.ethR
Main network interface conf4 File
*etc*s sconfig*network
1ostname * default /atewa
*etc*resol"4conf
3NS ser"ers
*etc*hosts
Manual hostnames to IPs association
6 ser"ice network restart
after e"er change
Mana!in! Simple $artitions and .ilesystems
Adding file s stems s)ace &ncr )ting Partitions Adding Swa) S)ace
Partitions and File s stems
Fdisk is a utilit to manage disk )artitions

6 fdisk .l 6 fdisk *de"*"da 6 mkfs .t =files stem? *de"*)artition

@*de"*sda6 for e'a') m)leA @*de"*sda6 for e'am)leA Uuid7 *mount)oint e'tK defaults 8 K
6 0lkid =files stem?
Add to *etc*fsta0
!emo"e &'isting File S stem
6 unmount *mount)oint !emo"e from *etc*fsta0 6 rmdir *mount)oint
Files stem &ncr )tion

Create a )artition with fdsik 6 cr )tsetu) luksFormat *de"*)artition
Choose )ass)hase
6 cr )tsetu) luks+)en *de"*)artition encdiskname
&nter )ass)hase
6 mkfs .t e'tV *de"*ma))er*encdiskname 6 mount *de"*ma))er*encdiskname *mount)oint

&ncr )ted files stem at 0oot
&dit *etc*fsta0
*de"*ma))er*encdiskname *mount)oint e'tV defaults 8 K encdiskname *de"*)artition
&dit *etc*cr )tta0
This will )rom)t )ass.)hrase at 0oot
Automatic Pass)hrase at 0oot
&dit *etc*cr )tta0
encdiskname *de"*)artition
*root*encdiskname
6 echo .n :m .)ass.)hrase;? *root*encdiskname 6 chown root *root*encdiskname 6 chmod TPP *root*encdiskname
Managing Swa) S)ace
Swa) is allocation of 1ard 3ri"e as an e'tension to !AM memor $er Slow 2etter than to run out of memor
2etter Safe then Sorr <A
Managing Swa) S)ace
Use fdisk to create )artition 6 mkswa) *de"*)artition @sda5 for e'am)leA 6 0lkid *de"*)artition
To get UUI3 UUI37=uuid num0er? swa) swa) defaults P P
Add swa) to etc*fsta0
6 swa)on .a to acti"ate 6 swa)on .s to show current swa) 6 swa)off *de"*swa).)artition to deacti"ate

Swa) Si%e Re ommendation

U) to K/ !AM N Minimum K/ Swa) V /2 to 8T/ !AM N Minimum V/ Swa) 8T /2 to TV/ !AM N Minimum U/ Swa) TV /2 to K5T/ !AM N Minimum 8T/ Swa)
Fle'i0le Storage with Logical $olume Manager

L$M Conce)ts Im)lement L$M Storage /row File S stem Add a disk Sna)shots as 2acku)
L$M Conce)ts

$artitions@sda7*sda8*sda9A are the first 0uilding 0lock of L$M Initiali%e )artitions as Ph sical $olumes@P$A :olume )roup is a storage )ool made of one or more $+ysi al :olumes $+ysi al Extents are small chunks of data on the disk Lo!i al Extents are ma))ed to $+ysi al Extents Lo!i al :olumes are grou) of logical e'tents from Lo!i al :olumes can 0e used as partitions
,h Logical $olumes
&asier to manage disk s)ace $er eas to e'tend file s stem $er eas to manage disk failure
L$M Command Line Tools
Create L$M )artition @t )e P'Ue . Linu' L$MA

6 fdis" *de"*sd08
Initiali%e )artition as Ph sical $olume@P$A

6 p# reate *de"*sd08
Create the $olume /rou) from 8 or more P"s

6 #! reate "gname *de"*sd08 444
Mou can add additional P$s later with command "ge'tend
Create Logical $olume in the $olume /rou)

6 l# reate .n l"name .L K/ "gname
Now we can refer to the new L$ in following )aths
*de"*ma))er*"gname.l"name or
*de"*"gname*l"name
L$M Command Line Tools
To use the new L$ we need to create a files stem on it

6 mkfs .t e'tV *de"*ma))er*"gname.l"name
And mount the new files stem

6 mount *de"*ma))er*"gname.l"name *data
+r add it to *etc*fsta0
*de"*ma))er*"gname.l"name*data e'tV defaults 8 K and issue command mount -a
!e"iew L:M Status
6 )"dis)la *de"*sd08
+r 6 )"s
6 "gdis)la "gname
+r 6 "gs
6 l"dis)la *de"*"gname*l"name
+r 6 l"s
&'tend L: and e'tV
Increase files stem without downtime Free e'tents can 0e added to e'isting L$ $erif A"aila0le S)ace S)ace

6 df .h 6 "gdis)la "gname 6 l"e'tend .l 8KU *de"*"gname*l"name 6 resi%eKfs .) *de"*"gname*l"name

&'tend L$
/row File S stem
!educe L: and e'tV
Similar to )re"ious )rocess( 0ut in re"erse resi;e8fs and l#redu e Must ,e done offline<umount fs= 6 umount *data 6 fsck .f *de"*"g0anem*l"name 6 resi%eKfs .) *de"*"gname*l"name 58KM 6 l"reduce .L 58KM *de"*"gname*l"name
&'tending * !educing :)
Create L$M @P'UeA )artition
6 fdisk *de"*"daN 6 )"create *de"*"daN 6 "ge'tend "gname *de"*"daN
Initiali%e Ph sical $olume
Add new P$ to e'isting $/
!emo"e data from used e'tents
6 )"mo"e *de"*"daN 6 "greduce *de"*"daN

!emo"e P$ from $/
L$M Sna)shots
Sna)shots are great to tem)orall )reser"e original data state 3ata can 0e 0acked u) in consistent state Sna)shot si%e has to 0e large enough to hold data +an!es@new data will go to e'isting L$A 6 l"create .s .n sn) .L KPM *de"*"gname*l"name 6 mount .o ro *de"*"gname*sn) *sna)data 6 umount *sna)data 6 l"remo"e *de"*"gname*sn)
essin! Net1or" .ile S+ares
Mount Network Shares Automount Network Shares
Mount Network File S stems
Network File S stem is )ro"ided 0 Network Attached Storage@NASA @44 i4e unlike local diskA Two )rotocols<
Network File S stem @N.SA
Looks and feels like Linu' Looks and feels like ,indows This is actuall a :,indows Share; file s stem
Common Internet File S stem@(I.SA

Mount Network File S stems
Identif the remote share

Ser"er Name*IP Address Path of the share Find*Create local director to mount the share Mount the network fs on a)ro)riate mount)oint *etc*fsta0 if needed
3etermine Mount Point
Mount

NFS< Network File S stem

Standard )rotocol for Linu'*Uni' similar +S Su))orts nati"e )ermissions and FS Features Ser"ices to 0e ena0led< rp ,ind( nfslo " NFS"W*"K use s+o1mount -e NFS"V mount * and use ls to show e')orts

6 s+o1mount .e nfsse"er4domain 6 m"dir *remote8 6 mount nfsser"er4domain<*)ath

*remote8
CIFS< Common Internet File S stem

CIFS is the nati"e to Microsoft ,indows As CIFS is 0uilt on NTFS not all Linu' FS features@Permissions(Auth( etcHA are a"aila0le Make sure Sam,a-(lient !PM is installed ,hen mounting use o)tion -o username

6 sm0client .L cifsser"er4domain 6 mkdir *remoteK 6 mount **cifsser"er4domain*share *remoteK

Automaticall Mount Network Share
,e can use *etc*fsta0 to auto.mount NFS*CIFS '*T( then connection would 0e acti"e all time Automounter*Auto.S allows to mount network shares :+n.3emand;( unmount when not used 3efault unmount is 5 Min -et -sys onfi!-autofs K wa s to use automounter

-net s)ecial mount )oint +r manuall configure auto.mount ma)s

S)ecial Ma) *net

2 default autofs ser"ice is running *net director is em)t Accessing *net*nfsser"er4domain will cause Automounter to create rele"ant director

6 cd *net*nfsser"er4domain 6 ls .l
After timeout@default 5M *etc*s sconfig*autofsA )ass automounter unmounts the share and remo"es em)t director *net*nfsser"er4domain
Indirect Ma)s

Manull configure a director that will automount :+n.3emand; Configuration File *etc*auto4master consists of<

3irector
comatins mount )oints
Secondar configuration file with mount.)oint name and share )ath
6 cat *etc*auto4master *demo *etc*auto4demo .ro nfsser"er4domain<*e')orted*)ath 6cat *etc*auto4demo )u0lic
F cd *demo*)u0lic
Mana!in! *ser A
ounts
User 3efinition Manage Local Users Password &')iration
,hat is a User
&"er )rocess runs as a users &"er file is owned 0 a )articulate user The user runs a )rocess determines what files the )rocess can a ess :6 )s au'; to list )rocess users@o)tion uA :6 ls .l; to list users owning files*directories
,hat is a User
All users listed in users data0ase 2 default flat file *etc*)asswd

Username N a name ma))ed to UI3 Password . encr )ted )asswords *etc*shadow UI3 N User I3 /I3 . Primar /rou) I3 /&C+S N Te't information *home*dir N Users )ersonal 3ata Shell N 3efault shell of the users
Managing Local Users
/ useradd username

3oesnHt set )assword 0 default Takes first a"aila0le UI3 5PPB > .u UI3 ..hel) to set )assword
/ pass1d 4username5
/ userdel deletes users

Lea"es home director intact .r o)tion remo"es the user and home director dis)la s user information
/ id 4username5
Managing Passwords
As some )rocess need access *etc*)asswd the )asswords were mo"ed to -et -s+ado1 The )assword hash consists of@F delimiterA

1ashing Algorithem &ncr )tion slat@!andom num0erA &ncr )ted 1ash
Managing Passwords
*etc*shadow fields

Username Pasword hash 3ate of last )assword change@3a sA Minimum )assword Age@3a sA Ma'imum Password Age@3a sA Password warning )eriod@3a sA Password Incati"e )eriod@3a sA Account &')iration@3a sA
Password Age
Command 6 change to change )assword aging

.d 3ate of last )assword change .m Minimum )assword Age@3a sA .M Ma'imum Password Age@3a sA ., Password warning )eriod@3a sA . I Password Incati"e )eriod@3a sA .& Account &')iration@3a sA
6 change .d P username forces user to change 6 chage .l username to list account settings Usermod .L o)tion to change :locking;
LDA$ Net1or" *ser A
ounts
L3AP Client Configuration Automounter Metacharacters
Network Authentication Using L3AP
Local users accounts are great 0ut difficult to maintain on man s stems Lightweight 3irector Access Protocol@ LDA$= allows 0oth
User account Information N account information and configuration of the account Authentication N should or should not let the user access to the s stem
L3AP 3irector entries arranged in tree structure( 'ase DN is the 0ase of the tree
Ke &lements for L3AP Client Conf4
L3AP Ser"er FQ3N 2ase 3istinguished Name@3NA Certificate Authorit @:CA;A for L3AP o"er SSL 6 system- onfi!-aut+enti ation S stem ? Administration ? Aut+enti ation
Turns on sssd ser"ice for L3AP Caching and looku)
6 getent )asswd lda)user8 to get account details

Network Mounting 1ome 3irectories
6 showmount .e nfsser"er 6 getent )asswd lda)user8

444-+ome-!uests-lda)user8444
Make home automounted
6 cat *etc*auto4master
*home*guests *etc*auto4guests
6 cat *etc*auto4guests
lda)user8 .rw instructor<*home*guests*lda)user8 lda)userK .rw instructor<*home*guests*lda)userK or 9 -r1 instru tor>-+ome-!uests-? <Asterix= <Ampersand=
Ser#i e autofs stop OO ser#i e autofs start

(ontrollin! A
ess to .iles
Managing /rou)s Access Control Lists
Mana!in! )roups
$rimary )roups

&"er user has &'actl ONE )rimar grou) Local users )rimar grou) is defined t+ird in *etc*)asswd Primar /rou) owns new created files Creating new user creates new user )ri"ate grou)@UP/A with /I3 identical as UI3 mem0ers of @ero or more su))lementar grou)s Users are listed in last field of *etc*grou) Su))lementar grou)s are to designed to allo1 users to a ess to files and other resources
Supplementary )roups

Managing Su))lementar /rou)s
6 !roupadd -! KP8 grou)name

creates su))lementar grou)name with /I3 KP8
6 usermod -a) grou)name username

Adds user to su))lementar grou)name .a for a))end( Ca)ital / o)tion
6 id =US&!NAM&?
.ile System A
ess (ontrol Lists
A ess (ontrol Lists of what s)ecific users*grou)s ha"e or donHt ha"e access e'tK*W*V allows more s)ecific )ermissions File.s stem has to 0e mounted with a l option / ls -l
all files dis)la ed with 0 )ermissions To dis)la acl of a file To set ACL )ermissions
/ !etfa l filename
/ setfa l -mAx !Au>user>r1x filename
Permission Precedence
,hen )rocess accesses a file*director <
Process runs as o1ner of the file( o1ners )ermissions a))l Prceoss runs as user in A(L of the file( A(L a))lies Process runs as grou)*ACL grou) entr ( if access granted it a))lies +therwise( files ot+er )ermissions a))l
ACL Mask

All files*directories with ACL ha"e a :Mask; The mas" limits maximum )ermissions
6 getfacl file 6 ls .ld file
3efault ACLs @InheritanceA
3irectories can ha"e default ACL )ermissions on files within a director 6 setfa l -m d<u<el"is<rw director Looks like the S&T/I3
Se urity En+an ed Linux
2asic S&Linu' Conce)ts 3is)la ing and setting S&Linu' File Conte'ts Tuning Polic 0eha"ior with S&Linu' 2ooleans Monitoring S&Linu' Polic $iolations
SELinux History

3e"elo)ed in KPPP 0 the NSA for the NSA Tuned to match general.)ur)ose goals
'asi SELinux Se urity (on epts

S&Linu' is a set of securit rules 3etermine which pro ess can access which file-port-dire otry etcH &"er file(director ()rocess( )ort has a la,el called ontext Type S&Linu' doesnHt allow an thing( Only e')licit rules grant access
The :T )e; conte't is most interesting to us( marked with BCtD

For e'am)le htt)d )rocess t )e is B+ttpdCtD *"ar*www*html t )e is B+ttpdCsysC ontentCtD *tm) is BtmpCtD and so on444
S&Linu' has a rule allowing )rocesses with :htt)dJt; t )e to access files with B+ttpdCsysC ontentCtD No rule for tm)Jt
SELinux Modes
Enfor in!
3enies Access Allows all interactions Logs all of denied interactions Used for trou0leshooting
$ermissi#e

Disa,led
Com)letel disa0les S&Linu'

3is)la * Modif S&Linu' Modes
3efault S&Linu' mode
*etc*s sconfig*selinu'
6 !etenfor e
To see current S&Linu' mode
6 setenfor e C &nforcing > Permissi"e > 8 > P E
3is)la * Modif
File Conte't
Most command handeling files * )rocess ha"e S&Linu' o)tion <*sually -@=

6 )s a'X 6 )s .XC htt)d 6 ls .X *home $im( c)( touch M"( c) .a

Ne1 files ha"e itHs parents conte't t )e
$ermissions $reser#ed - (ontext $reser#ed
3is)la * Modif
File Conte't
6 restore on
restores to default conte't
/ semana!e f ontext used to dis)la or modif rules 6 semanage fconte't .a .f;; .t :htt)dJs sJcontentJt; H*"irtual*@*4RA-H

.a a))end .f file t )e .t conte't t )e

S&Linu' 2ooleans
S&Linu' 0ooleans are rules that can 0e Ena,led or Disa,led +n man )ages
6 man .k HJselinu'H
6 semana!e ,oolean -l
default 0ooleans
6 !etse,ool show current 2oolean state 6 setse,ool change C-$ to change )ermanentl E
Monitoring S&Linu' $iolations
Setrou,les+oot-ser#er )ackage listens to *"ar*log*autdit4log and summari;es logs to -#at-lo!-messa!es with uuid of intrusion 6 sealert -l **ID 6 sealert -a -#ar-lo!-audit-audit3lo!
To )roduce re)ort for all incidents

Installin! and Mana!in! Soft1are

Using Mum Package /rou)s Using !PM Third Part !e)ositories
Using MUM

Mum is command.line tool Install * remo"e u)date #uer installed software +fficial !ed 1at )ackages come from !1N Can also 0ring Third Part Software from third )art re)ositories @Look of it as A))Store*Market N 0ut with )ower to choose the sourceA
Using MUM

6 yum +elp dis)la s usage information 6 yum list shows installed and a"aila0le software 6 yum sear + %EY2ORD lists )ackages with ke words in descri)tion 6 yum info $A(%A)ENAME shows detailed information a0out a )ackage 6 yum pro#ides $ATH dis)la s )ackages that include s)ecified filename or )ath
Using MUM
6 um install PACKA/&NAM& downloads and installs )ackage( with all de)endencies 6 um remo"e 6 um u)date PACKA/&NAM&
Yum )roups
/rou) N Collection of related software grou)ed around a )articular solution 6 um grou)list 6 um grou)info 6 um grou)install 6 um grou)earase 6 um grou)u)date
Third Part Software
!PM @!ed1at Package ManagementA N local data0ase of installed )ackages +r local )ackage files 6 r)m .# Co)tionsE 6 r)m ..#uer
Quer <
.# .a show all installed )ackages .# PACKA/&NAM& show installed )ackage .# .) PACKA/&4!PM .# .f FIL&NAM& what )ackage 0rings the file
!PM Quer Content
6 r)m
.# .i )ackage information @ um infoA .# .l list of files installed 0 )ackage .# .c list configuration file .# .d documentation files .# ..scri)ts list shell scri)ts
6 r)m .U"h U)date * Install new )ackages 6 r)m .e )ackagename remo"es )ackage(ne de)endencies resol"ed 6 um localinstall PCKA/&4!PM
Install local !PM with all de)endencies from um re)o
Third.Part Mum !e)os
Mum re)ositor is network access0le directories of )ackages Configure remte re)oisitories
*etc* um4re)os4d*R4r)m
CNAM&E name7NAM& 0aseurl7@ file<** > htt)<** > ft)<** A g)gcheck7P>8 g)gke 7file<**
Mana!e Installed Ser#i es
Manage Ser"ices Startu) $erif Ser"ice
Manage Ser"ices
Daemons are pro ess that wait or run in the 0ackground T )icall end with latter BdD Start automaticall at 0oot
*etc*init4d*@SC!IPTA

start sto) status restart !eload
6 ser"ice @SC!IPTA7 *etc*init4d*@SC!IPTA

Manage Ser"ices
&na0le at 0oot

6 chkconfig Nlist ser"ice 6 chkconfig htt)d on 6 chkconfig htt)d off
Some daemons may ma"e one time +an!e

i)ta0les network
Manage Ser"ices
Not started automaticall
Check logs reconfigure !estart ser"ice Process running - @)s au' > gre) S&!$IC&A Correct )orts - @n HOST $ORT A telnetA Filewall - @ser"ice i)ta0les statusA
Test o)eration

Analy;in! and Storin! Lo!s
S stem Log 3estination Log Summar !e)orts !edirect Log !e)orts
Determine Lo! Destination

Rsyslo!d N Linu' standard logging ser"ice Process use standard )rotocol to send log messages to rs slogd &ach )rocess descri0ed 0

fa ility@message t )eA and Se#erity @im)ortanceA
Configuration file -et -rsyslo!3 onf 6 man rsyslo!d3 onf -usr-s+are-do -rsyslo!-9-manual3+tml
Determine Lo! Destination
6 cat *etc*rs slog4conf Left side indicated fa ility and se#erity Ri!+t side indicates destination Usuall logs go to -#ar-lo!
Rotatin! Lo!s

,e do not want huge log file Logs are rotating not to fill *"ar*log A date is added to !otated logs +lder logs are @usuall V weeksA are deleted to free disk s)ace A corn Lo0 runs dail to rotate logs Most logs rotated weekl -et -lo!rotate3 onf
Lo!s Summery
Lo!1at + is a )rocess that anal %es logs and sends email summer to root This is a #uick wa to check status of the s stem Logwatch runs daily as cron Lo0 to generate a re)ort To manuall e'ecute run / lo!1at +
Lo!s Summery
Defaults are under *usr-s+are*logwatch*default4conf*logwatch4conf (+an!ed Settings are under -et -lo!1at +- onf-lo!1at +3 onf
Mana!in! $ro esses

Monitoring Processes Terminating Processes Schedule Periodic Tasks 3eferring Tasks
Monitorin! $ro ess

6 ps 0 default shows "er little info Suggested o)tions are
/ ps aux Can 0e sorted 0

6 top shows u)dated list of running )rocesses
M < memor utili%ation P < CPU utili%ation h < hel) # < #uit
Monitorin! $ro ess
6 top
,hen ordered 0 memor

RES<Resident Set= N Ph sical memor used 0 )rocess :IRT N $irtual memor ma) s)ace reser"ed 0 )rocess
In 6 )s

!SS 7 !&S $SX 7 $I!T
Terminatin! $ro esses
Processes communicate using signals( can 0e sent an time Signal num0er indicates signalHs kind
&'it( dum) memor ma)( etcH
S stem e"ents can send signals Users can send signals with 6to) and 6 kill can
6 kill .l
to list a"aila0le signals
$ro esses S +edulin!<Ni eness=
Ma'imum concurrent runnin! pro esses are as the num0er of ores the s stem has The s stem slices )rocesses time to run more )rocesses than cores at Ysame timeY 2 default all )rocesses ha"e e#ual access to CPU time Ni eness for each )rocess can 0e set to share lar!er or smaller s+are of time
$ro esses S +edulin!<Ni eness=

Niceness of @.KPA is "er
gread
Niceness of @8SA is "er nice to other )rocesses *sers can onl in rease niceness Root can also de rease / reni e - top can 0e used to change niceness of running )rocesses / ni e can 0e used to set niceness of ne1 )rocesses
Mana!in! $eriodi Tas"s
(ron runs )rograms on repeatin! periodi schedule A daemon wakes u) on e a minute to run scheduled tasks Users schedule personal tasks with command / ronta, Administrator schedules tasks in s stem.wide onfi!uration files
$ersonal *ser (ron

Users set )ersonal tasks using cronta0 file 6 cronta0 .l to list user schdules 6 cronta0 .r to delete )ersonal schedules 6 cronta0 .e to edit schedules man 6 ronta,

6 cronta0 .e R R R R R
*)ath*to*command
Minute @P.5SA 1our @P.KWA 3a +f Month @8.W8A Month @8.8K or first W letters N ZanA 3a +f ,eek @P.D Sat is P and DA ,e can use wildcard R and set ste)s @min R*5 is P(5(8P4444A
2ash Command @O [ R o)tions are a))licantA

S stem.wide configuration files
-et - ronta,
More common to )ut scheduled scri)ts under -et - ron3d-9 Scri)ts due to 0e e'ecuted \1ourl ( ,eekl ( Monthl ] can 0e dro))ed in
-et - ron3E+ourlyF 1ee"lyF mont+lyG
Ana ron runs them( a ser"ice res)onsi0le to run scheduled scri)ts that did not run when the machine was off4
Scheduling 3eferred Tasks
Command 6 at can 0e used to run command at a s)esific time4

/ at no1 06min at? date at? Ctrl B 3
6 mail
6 atH to see list of Lo0s 6 at .c =num? to see full scri)t 6 atrm =num? to remo"e a command
Tunin! - Maintainin! T+e %ernel
Su))orted Architectures Kernel Modules Kernel U)grades
Supported Ar +ite tures and %ernel Identifi ations

Linu' should run well on wide arra of 1, * $irt Supported $+ysi al Hard1are>

Intel and AM3 WK 0it@'UTA * TV 0it @'UTJTVA I2M Power @TV 2it P+,&!TA I2M S stem % @%SA K$M on !1&L54VB * T 9en on !1&L5 $mware &S9 and &S9i MS Ser"er KPPU 1 )er.$
Supported :irtuali;ation>

Supported Ar +ite tures and %ernel Identifi ations
$ri#ate (loud su))ort is 0ased on "irtuali%ation su))ort matri'
$irtuali%ation is Ke 0uilsing 0lock of clouds
$u,li (loud Su))ort<

Ama%on &CK I2M Sa""is
Identifyin! Runnin! %ernel

6 cat *etc*redhat.release 6 cat *etc*issue 6 uname .r for kernel "ersion 6 um list installed kernel^R @r)m-A 6 uname .m or 6 arch
Mana!in! %ernel Modules
Kernel Modules are o0Lect that can 0e loaded into running kernel &'tend Kernel ca)a0ilities * load dri"ers Allow the kernel to e'tend ca)a0ilities without recom)iling the kernel or re0ooting
Module Loadin! and *nloadin!
Core kernel image is loaded during 0oot from *0oot*"mlinu%.$&!SI+N +nl one can run at a time Multi)le kernels ma 0e installed &"er kernel has d namicall loaded modules com)ati0le with that kernel
-li,-modules-%ERNEL-:ERSION
Modules are loaded as needed To see what modules are currentl loaded /lsmod
Module Loadin! and *nloadin!
To manuall load module

/ modpro,e MOD*LE-NAME
To manuall unload module

/ modpro,e -r MOD*LE-NAME
Module $arameters
modules ma acce)t )arameters 6 modinfo M+3UL&.NAM& to get list of o)tions for that module Can 0e set with module load command 6 mode)ro0e M+3 )aram7"alue 6mode)ro0e encr )tfs encr )tfsJ"er0osit 78
Parameters should 0e 0oot )ersistent( set under
*etc*mod)ro0e4d*local4conf
o)tions encr )tfs encr )tfsJ"er0osit 78
Spe ify %ernel 'oot $arameters
The kernel can get )arameters during 0oot with command line )arameters *)roc*cmdline has the command used to 0oot current kernel / man I ,ootparam -usr-s+are-do -"ernel-do -:ER-Dodumentation-"ernelparameters3txt +)tions not recogni%ed 0 Kernel are )assed as en"ironment "aria0les * arguments to first )rocess Kernel 2oot Parameters are set at
*0oot*gru0*gru04conf
U)grading Kernel
Se"eral Kernels ma 0e installed4 Kernel files are under "ersioned directories 6 um u)date kernel 6 r)m .i"h kernel.K4T4''''''4r)m
Mum kee)s onl W latest "ersions of kernel To load the new kernel re0oot is necessar +lder kernel ma still 0e selected from /!U2 ,hen remo"ing kernel a #ersion must 0e s)ecified
System Re o#ery Te +niHues
The 0oot Process !eco"er Shell
'IOS
The 2oot Process

)R*' *0oot*gru0*gru04conf %ernel @*0oot*"mlinu%A Initial Ram Dis" @*0oot*initrdA
-s,in-init first )rocess *etc*init 9 r S3 onf *etc*rc4d*rc4s sinit *etc*initta0 Send !unLe"el 9 r 3 onf *etc*rc4d*rcCP.TE4d* Start-ttys3 onf $refdm3 onf
Repairin! 'oot Issues
,hen the s stem cannot mount file.s stem it ma dro) to sulo!in as root The s stem in not full stated( mounts fs in *etc*fsta0 as read.onl 1a))ens due to

file.s stem inconsistenc @after s stem.crashA ,rong conf in *etc*fsta0
To fi' file.s stem consistenc use 6 fsck This ha))ens automaticall at 0oot

Red Hat System Administration II

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Red Hat System Administration II

Uploaded by

Copyright:

Available Formats

RED HAT SYSTEM ADMINISTRATOR II

by Arthur Berezin Arthur@Berezins.com

Red Hat System Administrator II

Accessing Command Line

Managing Partitions and FS L$M

Network User Account

Command Line Tools !eg&'( Pi)eLine I*+ !edirection

Access Control Lists

Network File Sharing

by Arthur Berezin Arthur@Berezins.com

Automated Installation of Red Hat Enterprise Linux

by Arthur Berezin Arthur@Berezins.com

All identical Com)laint with organi%ations )olicies

Start installation with answer file Kickstart is an answer file to installer

System- onfi!-"i "start

by Arthur Berezin Arthur@Berezins.com

Make Kick.start A"aila0le

+n installation )rocess a kickstart can 0e )ro"ided Su)orted methods

FTP( 1TTP( NFS US2*C3!+M Lock disk

by Arthur Berezin Arthur@Berezins.com

Create 2oot Media

6 cdrecord 0oot4iso 6 dd if70oot4iso of7*de"*sd&8

To create a 0oota0le US2 use command

2oot4iso can also 0e started from a P9& ser"er

Point the installer to a kickstart file

Modif a kickstart file

by Arthur Berezin Arthur@Berezins.com

$alidate manuall created ks

If ks was manuall edited "alidate it with

6 ks"alidator *root*m kickstart4cfg

by Arthur Berezin Arthur@Berezins.com

A((ESSIN) (OMMAND LINE

*nderstandin! t+e ,as+ s+ell Lo al - Remote (ommands

by Arthur Berezin Arthur@Berezins.com

by Arthur Berezin Arthur@Berezins.com

Access Command Line Locall

/ exit - lo!out - (TRL 0 D to return to regular user

by Arthur Berezin Arthur@Berezins.com

Access remote command.line

To access a remote command line use

6 ssh remotehost 6 ssh remote.userGremotehost

To login as user remote.user To run single command at remote+ost

6 ssh remote.userGremotehost command

F w lists currentl logged in users

by Arthur Berezin Arthur@Berezins.com

Intermediate Command Line Tools

Creating and user 1ard Links Archi"ing $IM

by Arthur Berezin Arthur@Berezins.com

Using 1ard Links

by Arthur Berezin Arthur@Berezins.com

6ln orig.file hardlink.filename

by Arthur Berezin Arthur@Berezins.com

Archi"e and Com)ression

Tar o)rions =f filename? =c source?

6 tar c"%f com)ressed.file4tar4g% *etc

by Arthur Berezin Arthur@Berezins.com

!egular &')ressions Pi)elines and I*+ !edirections

!ed&' Pattern Matching /re) Te't Filter !edirect In)ut * +ut)ut

by Arthur Berezin Arthur@Berezins.com

by Arthur Berezin Arthur@Berezins.com

/eneral !eg&' Parser N Searches a file for matching )attern

6 gre) @+)tionsA H!eg&' PatternH =FIL&NAM&?

by Arthur Berezin Arthur@Berezins.com

Pi)eline and !e.directions

6 cdrecord 0oot4iso 6 dd if70oot4iso of7de"sd&8

6 ks"alidator rootm kickstart4cfg

ALL (ON.I)RATION (HAN)ES MST 'E 2RITTEN TO (ON.)*RATION .ILES

6 unmount mount)oint !emo"e from etcfsta0 6 rmdir mount)oint

Create a )artition with fdsik 6 cr )tsetu) luksFormat de")artition

6 cr )tsetu) luks+)en de")artition encdiskname

6 mkfs .t e'tV de"ma))erencdiskname 6 mount de"ma))erencdiskname *mount)oint

de"ma))erencdiskname mount)oint e'tV defaults 8 K encdiskname de")artition

&dit etccr )tta0

&dit etccr )tta0

6 echo .n :m .)ass.)hrase;? rootencdiskname 6 chown root rootencdiskname 6 chmod TPP rootencdiskname

6 swa)on .a to acti"ate 6 swa)on .s to show current swa) 6 swa)off de"swa).)artition to deacti"ate