Hi Guys,
I am here again with a new post. Its cool out today here. Its 17 degree C temperature outside and i am enjoying it while writing this blog post.
So, today i am going to tell you how you can secure your old kernel while upgrading to the new Kernel. In my previous post, i have mentioned how to update a kernel and in this post we will see how to retain old kernel while installing new one so that we can choose at boot time to boot in either of the kernel version.
Prerequisites:-
- An installed linux box/machine of any distribution
- Kernel Source of the latest version to update kernel
I am using Fedora 13 for this practical.
Steps to go:-
1) Goto the directory '/boot':
# cd /boot
2) Copy the 2 kernel files i.e. vmlinuz & initramfs or initrd into the same directory with a slightly different name.
Names of the file might look like this "vmlinuz-2.6.34.7-61.fc13.i686" and "initramfs-2.6.34.7-61.fc13.i686.img" or similar to that.
NOTE: This operation needs super user privileges.
# cp vmlinuz-2.6.34.7-61.fc13.i686 vmlinuz-2.6.34.7-61.old
# cp initramfs-2.6.34.7-61.fc13.i686.img initramfs-2.6.34.7-61.old.img
3) Now, Install the new kernel from source as we did in my previous post.
or from yum, you can do as:
# yum update kernel
4) Now, edit /etc/grub.conf
# vim /etc/grub.conf
title Fedora Old Kernel
root (hd0,1) # provide your root partition here
kernel /boot/vmlinuz-2.6.34.7-61.old
initrd /boot/initramfs-2.6.34.7-61.old.img
:wq
save and exit
5) Now, reboot check by booting in the old kernel......DONE
Enjoy booting 2 kernels.....:)
Saturday, December 4, 2010
Monday, November 29, 2010
Installing New Kernel from source
Hi Guys,
Today, i am going to discuss a very important aspect of the Operating System that is KERNEL. Kernel is the Core of any Operating System which interacts with the Hardware. Linux kernel is updated on a regular basis. Right now the latest kernel stable release is 2.6.36.1. I will be using this kernel only for this short tutorial.
You can download the kernel source files from http://kernel.org
So download a kernel source first according to your choice of version. I will be using stable kernel 2.6.36.1.
Prequisites:
- A ready Linux installed system (ANY LINUX)
- Kernel source tar balls
Steps to go:-
I will be building my kernel in my HOME directory since i am just trying it out.
1) Download Linux source first either from CLI or GUI as you wish. I will be using the CLI utility 'wget':
# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.36.1.tar.bz2
2) Uncompress the source archive:
# tar jxvf linux-2.6.36.1.tar.bz2
3) cd into the directory linux-2.6.36.1. Now, we need to configure to select the features we want/need:
# make config
or
# make xconfig
(This is QT based X-Configurations)
or
# make menuconfig
(This is ncurses based)
or
# make gconfig
(This is GTK+ based X-Windows Configurations)
or
# make oldconfig
(This is used in case you want the previous kernel build configurations.)
4) Now building the kernel:
# make
NOTE: If you are using an old kernel like 2.4.x , then you need to build dependencies first using 'make dep'.
With the previous step it will have built both kernel (bzimage) and modules.
For Old Kernels like 2.4.x , you need to run 'make bzimage' and 'make modules'.
5) Now, Become root to install modules and kernel. Everything before can be done as a normal user. There is really no need to do above steps as a root user. Actually, root is a very powerful user. So a single mistake can ruin your system completely.
Install modules as:
# make modules_install
Install the new kernel as:
# make install
6) We are done here. But if in case, your new kernel entry doesn't appear in the GRUB MENU. Then, we have one more steps. Almost all linux distros, automatically edits the grub.conf file and makes the new entry for you. But if thats not a case then, you can do as follows to create a new grub entry:
# vim /etc/grub.conf
title Kernel-2.6.36.1
root (hd0,1) # provide your root partition here
kernel /boot/vmlinuz-2.6.36.1
initrd /boot/initramfs-2.6.36.1.img
:wq
save and exit
7) DONE. Reboot and boot into the new kernel. Have fun......:)
NOTE:
If you're just trying out this procedure, do the unpacking and building in your home directory as discussed above. In a professional environment, though, the source would be stored in /usr/src or /usr/local/src, where compiling would also be done. To allow this, and at the same time avoid becoming root for the entire procedure, create a group "devel" (or whatever) and add yourself to that group. Then change the group owner of /usr/src to the new group and grant write privileges to the group.
That way you can unpack the kernel tarball into /usr/src (or whatever) and configure and build there without doing everything as root. Of course, you'll still need to sudo or become root when you install the new kernel and edit the grub configuration files.
Today, i am going to discuss a very important aspect of the Operating System that is KERNEL. Kernel is the Core of any Operating System which interacts with the Hardware. Linux kernel is updated on a regular basis. Right now the latest kernel stable release is 2.6.36.1. I will be using this kernel only for this short tutorial.
You can download the kernel source files from http://kernel.org
So download a kernel source first according to your choice of version. I will be using stable kernel 2.6.36.1.
Prequisites:
- A ready Linux installed system (ANY LINUX)
- Kernel source tar balls
Steps to go:-
I will be building my kernel in my HOME directory since i am just trying it out.
1) Download Linux source first either from CLI or GUI as you wish. I will be using the CLI utility 'wget':
# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.36.1.tar.bz2
2) Uncompress the source archive:
# tar jxvf linux-2.6.36.1.tar.bz2
3) cd into the directory linux-2.6.36.1. Now, we need to configure to select the features we want/need:
# make config
or
# make xconfig
(This is QT based X-Configurations)
or
# make menuconfig
(This is ncurses based)
or
# make gconfig
(This is GTK+ based X-Windows Configurations)
or
# make oldconfig
(This is used in case you want the previous kernel build configurations.)
4) Now building the kernel:
# make
NOTE: If you are using an old kernel like 2.4.x , then you need to build dependencies first using 'make dep'.
With the previous step it will have built both kernel (bzimage) and modules.
For Old Kernels like 2.4.x , you need to run 'make bzimage' and 'make modules'.
5) Now, Become root to install modules and kernel. Everything before can be done as a normal user. There is really no need to do above steps as a root user. Actually, root is a very powerful user. So a single mistake can ruin your system completely.
Install modules as:
# make modules_install
Install the new kernel as:
# make install
6) We are done here. But if in case, your new kernel entry doesn't appear in the GRUB MENU. Then, we have one more steps. Almost all linux distros, automatically edits the grub.conf file and makes the new entry for you. But if thats not a case then, you can do as follows to create a new grub entry:
# vim /etc/grub.conf
title Kernel-2.6.36.1
root (hd0,1) # provide your root partition here
kernel /boot/vmlinuz-2.6.36.1
initrd /boot/initramfs-2.6.36.1.img
:wq
save and exit
7) DONE. Reboot and boot into the new kernel. Have fun......:)
NOTE:
If you're just trying out this procedure, do the unpacking and building in your home directory as discussed above. In a professional environment, though, the source would be stored in /usr/src or /usr/local/src, where compiling would also be done. To allow this, and at the same time avoid becoming root for the entire procedure, create a group "devel" (or whatever) and add yourself to that group. Then change the group owner of /usr/src to the new group and grant write privileges to the group.
That way you can unpack the kernel tarball into /usr/src (or whatever) and configure and build there without doing everything as root. Of course, you'll still need to sudo or become root when you install the new kernel and edit the grub configuration files.
Tuesday, November 23, 2010
Installing GRUB after Windows Installation
Hi guys,
I am here again with a new post. And this post is very demanding for any Linux home user because we use many OSes at home. These can be either Windows or Linux/Unix or any other. If a user installs Windows after Linux. Then, windows will write its boot-loader in MBR(Master Boot Record). So, now what the problem is, that you won't be able to boot in linux.
So, now to boot into linux you need the boot-loader. So, we will reinstall boot-loader grub in the MBR once again. This process is called "rescuing the broken system" or "Rescuing Grub".
I am using RHEL 5 in my case.
Prerequisites:
- Installation media CD/DVD containing Linux install image or USB or a server running DHCP server on network for PXE boot to start installation process
- A broken system (system without GRUB)
Steps to go:
1) Insert the boot media into the cd-rom (in case you have CD/DVD) else boot from USB or network. When the boot screen comes up, pass the parameter to boot in desired environment. Since we are trying to fix a broken system we will pass "linux rescue" as our parameter and press "enter".
# boot: linux rescue
2) Then, it will ask you for various things like keyboard layout and language, network interfaces to start or not etc and finally the rescue environment warning page will come up. Read that carefully.
Press "continue" it will start searching for your partition and mount it under "/mnt/sysimage" and drop you to a shell. Now do as:
# chroot /mnt/sysimage
-changing root environment to the broken system
3) Now, its time to run the command that fixes your system and installs grub:
# grub-install /dev/sda
- use "sda" for SATA disks and "hda" for IDE disks
or
Invoke Grub and use its command-line to fix as:
# grub
grub> find /etc/passwd
- this checks that on which partition this file exists, you will get the output something like "(hd0,1)" or may differ according to your partition scheme. So use yours. "hd0" means first harddisk and "1" means the second partition. If it is "0" in place of "1" then it will be first partition.
grub> root (hd0,1)
grub> setup (hd0)
grub> quit
# exit
4) Finished.....You are done....:)
Now boot into your linux and have fun......:)
Different Linux distros might have different ways to rescue. So read there help first. You can get key parameters to boot from the boot media help by pressing function keys(F1,F2,F3.......).
I am here again with a new post. And this post is very demanding for any Linux home user because we use many OSes at home. These can be either Windows or Linux/Unix or any other. If a user installs Windows after Linux. Then, windows will write its boot-loader in MBR(Master Boot Record). So, now what the problem is, that you won't be able to boot in linux.
So, now to boot into linux you need the boot-loader. So, we will reinstall boot-loader grub in the MBR once again. This process is called "rescuing the broken system" or "Rescuing Grub".
I am using RHEL 5 in my case.
Prerequisites:
- Installation media CD/DVD containing Linux install image or USB or a server running DHCP server on network for PXE boot to start installation process
- A broken system (system without GRUB)
Steps to go:
1) Insert the boot media into the cd-rom (in case you have CD/DVD) else boot from USB or network. When the boot screen comes up, pass the parameter to boot in desired environment. Since we are trying to fix a broken system we will pass "linux rescue" as our parameter and press "enter".
# boot: linux rescue
2) Then, it will ask you for various things like keyboard layout and language, network interfaces to start or not etc and finally the rescue environment warning page will come up. Read that carefully.
Press "continue" it will start searching for your partition and mount it under "/mnt/sysimage" and drop you to a shell. Now do as:
# chroot /mnt/sysimage
-changing root environment to the broken system
3) Now, its time to run the command that fixes your system and installs grub:
# grub-install /dev/sda
- use "sda" for SATA disks and "hda" for IDE disks
or
Invoke Grub and use its command-line to fix as:
# grub
grub> find /etc/passwd
- this checks that on which partition this file exists, you will get the output something like "(hd0,1)" or may differ according to your partition scheme. So use yours. "hd0" means first harddisk and "1" means the second partition. If it is "0" in place of "1" then it will be first partition.
grub> root (hd0,1)
grub> setup (hd0)
grub> quit
# exit
4) Finished.....You are done....:)
Now boot into your linux and have fun......:)
Different Linux distros might have different ways to rescue. So read there help first. You can get key parameters to boot from the boot media help by pressing function keys(F1,F2,F3.......).
Wednesday, November 17, 2010
Implementing QUOTA (User quota and Group Quota)
Hi guys,
Today i am going to show you how to implement quota in LINUX. The quota is implemented for the two: users and groups.
I - IMPLEMENTING USER QUOTA
Steps to go:-
First of select a device where you want to set quota, i have created a device /dev/sda8 of 500MB for example:
1) Now, format the partition.
# mkfs.ext3 /dev/sda8
2) Create a mount point for the newly created device /dev/sda8
# mkdir /data
3) Now, checking mounting the device under /data. Can be done in 2 ways as we already discussed in previous posts. Mounting manually or making an entry in the file /etc/fstab for automounting.
# mount -t ext3 /dev/sda8 /data
or make a an entry in the file /etc/fstab and do # mount -a
4) Now, finally start implementing quota for users. Edit the file "/etc/fstab" and make a new entry or edit the existing entry(if you made an entry for mounting device /dev/sda8) as follows:
# vim /etc/fstab
/dev/sda8 /data defaults,usrquota 1 2
:wq
save and exit
5) Now, remount the device as:
# mount -o remount /data
# ls /data (just to check whether re-mounted correctly or not)
6) Now, check for existing user quota in the "/data".
# quotacheck -cu /data
7) Now, turning quota on, in the directory "/data"
# quotaon -vu /home
8) Setting quota now for a user "aman".
# setquota -u aman 100 200 0 0 /home
Here, 100 is the soft limit and 200 hard limit. The others 0s are the inode softlimit and inode hardlimit. You should read more about these limit by googling them.
9) Now, checking quota reports and see all existing quotas for the users.
# repquota -vu /data
NOTE: we have used the switch "-u" to represent that we are checking the for user quota.
10) DONE.....
Now, its time to check quota from the user for which quota is turned on.
Now, change to the other user "aman" as:
# su - aman
Now, run the following commands to check the quota:
# dd if=/dev/zero of=/data/quota1 bs=1k count=100
# dd if=/dev/zero of=/data/quota2 bs=1k count=150
NOTE: The first command will a warning but will make the file "quota1" in "/data" because soft limit is 100. But the second command will not make the file exceeding the hard limit 200.
II - IMPLEMENTING GROUP QUOTA
Group Quota is mostly similar to the User Quota. The thing is that its implemented for the users of a particular groups rather an individual user. For example: if we have some users as aman, gaurav, virender, pandey etc. belonging to a group named as "garv". Then, the quota we will set on this group, will be common for all these users belonging to the group "garv".
NOTE: I am using the same device for implementing group quota which i used for "user quota" i.e. /dev/sda8 or /data.
Steps to go:
1) Edit the file "/etc/fstab" and edit the line containing "/data":
# vim /etc/fstab
/dev/sda8 /data defaults,usrquota,grpquota 1 2
:wq
save and exit
NOTE: That we have just added a new keyword "grpquota" to setup the group quota on the particular device.
2) Now, Remount the device once again.
# mount -o remount /data
# ls /data (just to check whether device successfully remounted or not)
3) Check for existing quota in "/data":
# quotacheck -cg /data
4) Turning on the group quota in "/data":
# quotaon -vg /data
5) Setting up the group quota for the group "garv":
# setquota -g garv 100 200 0 0 /data
NOTE: The limits are same as they were in user quota above. 100 is the soft limit and 200 is hard limit Rest 0s are inode softlimit and hardlimit.
6) Checking quota reports for groups:
# repquota -vg /data
NOTE: Here we used the switch "-g" to represent that we are checking for group quota not user quota.
7) DONE.......:)
Now, again we should check the quota from the user of the group for which quotas are being implemented. So switch to any user belonging to the group "garv".
# su - aman
or
# su - gaurav
Now, run the same commands as we did in user quota with the "dd"(disk dump) utility.
Enjoy....Implementing Quotas on your users.......:)
Today i am going to show you how to implement quota in LINUX. The quota is implemented for the two: users and groups.
I - IMPLEMENTING USER QUOTA
Steps to go:-
First of select a device where you want to set quota, i have created a device /dev/sda8 of 500MB for example:
1) Now, format the partition.
# mkfs.ext3 /dev/sda8
2) Create a mount point for the newly created device /dev/sda8
# mkdir /data
3) Now, checking mounting the device under /data. Can be done in 2 ways as we already discussed in previous posts. Mounting manually or making an entry in the file /etc/fstab for automounting.
# mount -t ext3 /dev/sda8 /data
or make a an entry in the file /etc/fstab and do # mount -a
4) Now, finally start implementing quota for users. Edit the file "/etc/fstab" and make a new entry or edit the existing entry(if you made an entry for mounting device /dev/sda8) as follows:
# vim /etc/fstab
/dev/sda8 /data defaults,usrquota 1 2
:wq
save and exit
5) Now, remount the device as:
# mount -o remount /data
# ls /data (just to check whether re-mounted correctly or not)
6) Now, check for existing user quota in the "/data".
# quotacheck -cu /data
7) Now, turning quota on, in the directory "/data"
# quotaon -vu /home
8) Setting quota now for a user "aman".
# setquota -u aman 100 200 0 0 /home
Here, 100 is the soft limit and 200 hard limit. The others 0s are the inode softlimit and inode hardlimit. You should read more about these limit by googling them.
9) Now, checking quota reports and see all existing quotas for the users.
# repquota -vu /data
NOTE: we have used the switch "-u" to represent that we are checking the for user quota.
10) DONE.....
Now, its time to check quota from the user for which quota is turned on.
Now, change to the other user "aman" as:
# su - aman
Now, run the following commands to check the quota:
# dd if=/dev/zero of=/data/quota1 bs=1k count=100
# dd if=/dev/zero of=/data/quota2 bs=1k count=150
NOTE: The first command will a warning but will make the file "quota1" in "/data" because soft limit is 100. But the second command will not make the file exceeding the hard limit 200.
II - IMPLEMENTING GROUP QUOTA
Group Quota is mostly similar to the User Quota. The thing is that its implemented for the users of a particular groups rather an individual user. For example: if we have some users as aman, gaurav, virender, pandey etc. belonging to a group named as "garv". Then, the quota we will set on this group, will be common for all these users belonging to the group "garv".
NOTE: I am using the same device for implementing group quota which i used for "user quota" i.e. /dev/sda8 or /data.
Steps to go:
1) Edit the file "/etc/fstab" and edit the line containing "/data":
# vim /etc/fstab
/dev/sda8 /data defaults,usrquota,grpquota 1 2
:wq
save and exit
NOTE: That we have just added a new keyword "grpquota" to setup the group quota on the particular device.
2) Now, Remount the device once again.
# mount -o remount /data
# ls /data (just to check whether device successfully remounted or not)
3) Check for existing quota in "/data":
# quotacheck -cg /data
4) Turning on the group quota in "/data":
# quotaon -vg /data
5) Setting up the group quota for the group "garv":
# setquota -g garv 100 200 0 0 /data
NOTE: The limits are same as they were in user quota above. 100 is the soft limit and 200 is hard limit Rest 0s are inode softlimit and hardlimit.
6) Checking quota reports for groups:
# repquota -vg /data
NOTE: Here we used the switch "-g" to represent that we are checking for group quota not user quota.
7) DONE.......:)
Now, again we should check the quota from the user of the group for which quotas are being implemented. So switch to any user belonging to the group "garv".
# su - aman
or
# su - gaurav
Now, run the same commands as we did in user quota with the "dd"(disk dump) utility.
# dd if=/dev/zero of=/data/quota1 bs=1k count=100
# dd if=/dev/zero of=/data/quota2 bs=1k count=150
Enjoy....Implementing Quotas on your users.......:)
Sunday, November 14, 2010
Implementing RAID (Redundant Array Inexpensive Disk)
Hi Guys,
Today i am going to show you a very very important concept of the system administration called RAID. It is a very important thing for any system administrator.
RAID is actually used for fault tolerance. So, it has a very significant value for data because data is very important for any organisation whether it is big or small. RAID can be implemented in 2 ways: Hardware RAID and Software RAID.
Hardware RAID is implemented through the disk controller of the system. Instruction for configuring hardware RAID differs from controller to controller. So refer your disk controller manual for implementation.
We will be discussing the software RAID. Software RAID is implemented through the operating system and uses some processor and memory resources.
Different RAID levels are available with software RAID, so you can decide one is best for your needs. Software RAID allows for RAID levels 0, 1, 5 and 6.
RAID level 0, or striping, means that data is written across all hard drives in the array to accomplish the fast disk performance. No redundancy is used, so the size of the logical RAID drive is equal to the size of all the hard drives in the array. Because there is no redundancy, recovering data from a hard drive crash is not possible through RAID.
RAID level 1, or mirroring, means that all data is written to each disk in the array, accomplishing redundancy. The data is “mirrored” on a second drive. This allows for easy recovery should a disk fail. However, it does mean that, for example, if there are two disks in the array, the size for the logical disk is size of the smaller of the two disks because data must be mirrored to the second disk.
RAID level 5, combines striping and parity. Data is written across all disks as in RAID 0, but parity data is also written to one of the disks. Should a hard drive failure occur, this parity data can be used to recover the data from the failed drive, including while the data is being accessed and the drive is still missing from the array.
RAID level 6, RAID level 6 is RAID level 5 with dual parity. Data is written across all disks as in RAID 5, but two sets of parity data is calculated. Performance is slightly worse than RAID 5 because the extra parity data must be calculated and written to disk. RAID 5 allows for recovery using the parity data if only one drive in the array fails. Because of the dual parity, RAID 6 allows for recovery from the failure of up to two drives in the array.
SETTING UP THE RAID DEVICES:
Using Software RAID:
1) First, create partitions for the RAID, using fdisk same as we did for the LVM and set their partition type ID to "fd".
2) Now, creating RAID device, I have created 3 paritions sda5,sda6,sda7:
# mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/sda{5,6,7}
or
# mdadm --C /dev/md0 --l=5 -n=3 /dev/sda{5,6,7}
Here, the word "create" has a parameter "/dev/md0" which is a device name i am creating for RAID. Then, with "level", i am specifying the level of the RAID, I am trying to implement. And "raid-devices" is the number of devices or the number or parallel logical disks.
3) Now check the RAID status:
# cat /proc/mdstat
and
# mdadm --details /dev/md0
4) Formatting RAID device:
# mkfs.ext3 /dev/md0
5) Creating mount point for the RAID device:
# mkdir /tmp/RAID5
6) Mounting RAID:
# mount -t ext3 /dev/md0 /tmp/RAID0
or make a entry in the file "/etc/fstab" for automounting
7) DONE...:)
Enjoy....backing up of data with RAID.....:)
Today i am going to show you a very very important concept of the system administration called RAID. It is a very important thing for any system administrator.
RAID is actually used for fault tolerance. So, it has a very significant value for data because data is very important for any organisation whether it is big or small. RAID can be implemented in 2 ways: Hardware RAID and Software RAID.
Hardware RAID is implemented through the disk controller of the system. Instruction for configuring hardware RAID differs from controller to controller. So refer your disk controller manual for implementation.
We will be discussing the software RAID. Software RAID is implemented through the operating system and uses some processor and memory resources.
Different RAID levels are available with software RAID, so you can decide one is best for your needs. Software RAID allows for RAID levels 0, 1, 5 and 6.
RAID level 0, or striping, means that data is written across all hard drives in the array to accomplish the fast disk performance. No redundancy is used, so the size of the logical RAID drive is equal to the size of all the hard drives in the array. Because there is no redundancy, recovering data from a hard drive crash is not possible through RAID.
RAID level 1, or mirroring, means that all data is written to each disk in the array, accomplishing redundancy. The data is “mirrored” on a second drive. This allows for easy recovery should a disk fail. However, it does mean that, for example, if there are two disks in the array, the size for the logical disk is size of the smaller of the two disks because data must be mirrored to the second disk.
RAID level 5, combines striping and parity. Data is written across all disks as in RAID 0, but parity data is also written to one of the disks. Should a hard drive failure occur, this parity data can be used to recover the data from the failed drive, including while the data is being accessed and the drive is still missing from the array.
RAID level 6, RAID level 6 is RAID level 5 with dual parity. Data is written across all disks as in RAID 5, but two sets of parity data is calculated. Performance is slightly worse than RAID 5 because the extra parity data must be calculated and written to disk. RAID 5 allows for recovery using the parity data if only one drive in the array fails. Because of the dual parity, RAID 6 allows for recovery from the failure of up to two drives in the array.
SETTING UP THE RAID DEVICES:
Using Software RAID:
1) First, create partitions for the RAID, using fdisk same as we did for the LVM and set their partition type ID to "fd".
2) Now, creating RAID device, I have created 3 paritions sda5,sda6,sda7:
# mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/sda{5,6,7}
or
# mdadm --C /dev/md0 --l=5 -n=3 /dev/sda{5,6,7}
Here, the word "create" has a parameter "/dev/md0" which is a device name i am creating for RAID. Then, with "level", i am specifying the level of the RAID, I am trying to implement. And "raid-devices" is the number of devices or the number or parallel logical disks.
3) Now check the RAID status:
# cat /proc/mdstat
and
# mdadm --details /dev/md0
4) Formatting RAID device:
# mkfs.ext3 /dev/md0
5) Creating mount point for the RAID device:
# mkdir /tmp/RAID5
6) Mounting RAID:
# mount -t ext3 /dev/md0 /tmp/RAID0
or make a entry in the file "/etc/fstab" for automounting
7) DONE...:)
Enjoy....backing up of data with RAID.....:)
Friday, November 12, 2010
Implementing LVM (Logical Volume Management)
Hi Guys,
I am going to discuss a very very famous part of the LINUX called LVM (Logical Volume Management).
Before we start making LVM, lets learn some other basic things.
- To implement LVM we go step by step and make Physical Volume first.
- Then, we will make Volume Group.
- Then, finally the Logical Volume
- Logical Volume have the partition type ID "8e"
Similarly, swap has "82", raid has "fd", ntfs has "7", extended has "5", Linux has "83" etc etc.
Prerequistes:-
* A machine with a Linux Installation (In my case it is RHEL5)
* Free space on hard-disk to create the new partitions
Commands we will be using:
- pvcreate
- vgcreate
- lvcreate
- pvscan
- vgscan
- lvscan
- pvdisplay
- vgdisplay
- lvdisplay
- lvextend
- lvreduce
- resize2fs
So before reading further, please go through the manuals of these commands. So that you can be aware of the commands working.
I - ADD A LOGICAL PARTITION
Steps to go:-
1) Create new partition on the hard-disk with the command below:
# fdisk /dev/sda (in case if you have a SATA hard-disk)
or
# fdisk /dev/hda (in case if you have a IDE hard-disk)
press "m" now and read all the shortcuts now.
Now, press "n" to create a new partition. It will ask whether to create "primary partition" or "extended". If you already have 4 primary parition including 1 extended then it won't ask it and will directly create a logical partition in extended partition.
It will ask for first cylinder, keep it blank and press enter. Then, it will ask for last cylinder, put your partition size as "+1024M" (if specifying in MBs) or "+1G" (if specifying in GBs).
2) Now, change the partition ID. By default, every partition gets the partition ID as "83". So to change it press "t". "t" means toggle.
It will ask for the partition number of which ID has to be changed. Put the number of the newly created partition's number.
Then, it will ask the partition ID and put "8e" as the partition ID now.
3) Now, to write changes to the disk press "w". It will write changes to the disk and will automatically quit the program "fdisk".
4) Now, run the program "partprobe" to send information to the kernel about the newly added paritions.
# partprobe /dev/sda
or
# partprobe /dev/hda
NOTE:- I have created 3 logical paritions using the procedure above as SDA5, SDA6, SDA7. SDA4 is my extended partition. And i will be using this scheme only within the example.
5) Now, creating physical volume with the 3 new logical volume partitions (sda5,sda6,sda7)as:
# pvcreate /dev/sda{5,6,7}
Now, run the command "pvscan", "pvdisplay" and see results.
6) Now, creating volume group named as "vg1":
# vgcreate vg1 /dev/sda{5,6,7}
Now, run the command "vgscan", "vgdisplay" and see results.
7) Now, Finally creating the logical volume named as "lv1":
# lvcreate --size +500M --name lv1 vg1
Here, we are creating a logical volume "lv1" in the volume group "vg1" which we just created using the 3 new partitions. You can provide size either in MBs or GBs using M or G in the size parameter.
Now, run the command "lvscan", "lvdisplay" and see results.
8) Now, Format the new LVM as:
# mkfs.ext3 /dev/vg1/lv1
or
# mke2fs -j /dev/vg1/lv1
9) Now, Mounting LVM at a mount point "/lv1" as:
# mkdir /lv1
# mount -t ext3 /dev/vg1/lv1 /lv1
or you can add a new entry to the file "/etc/fstab". So that this partition is auto-mounted everytime on the mount point "/lv1".
# vim /etc/fstab
/dev/vg1/lv1 ext3 defaults 1 2
:wq
save and exit
10) Now, run "mount -a" and check the parition:
# mount -a
# cd /lv1
# df -h
II - EXTENDING A LOGICAL PARTITION
Resizng a LVM is very crucial task because there is a lot risk of "data corruption" if we didn't do it in right manner.
So for extending a LVM. First thing we need to remember is the sequence of it commands to be run.
1) First, umount the logical volume.
# umount /lv1
2) Now, extending the LVM:
# lvextend --size +50M /dev/vg1/lv1
Putting a + in front of 50M tells that LVM has to be extended by 50M. Means 50M has to added to the LVM.
3) Now, run file system check:
# e2fsck -f /dev/vg1/lv1
4) Finally, resizing the LVM:
# resize2fs /dev/vg1/lv1
III - REDUCING A LOGICAL PARTITION
Again, the sequence of commands is very important.
1) Umount the LVM as we did above.
2) Run file system check to avoid data corruption.
# e2fsck -f /dev/vg1/lv1
3) Resizing partition, let we had a LVM partition of 500M and we extended that by 50M and now reducing it to 300M:
# resize2fs /dev/vg1/lv1 300M
NOTE:- Remember, we are not using + here before 300M since we are reducing the size.
4) Finally, reducing LVM:
# lvreduce --size 300M /dev/vg1/lv1
5) mount -a
Similarly, we can extend physical volumes and volume groups.
EXTENDING PHYSICAL VOLUME:-
Create a new partition on hard-disk same as we did in making LVM and run the command as:
# pvcreate /dev/sda8
EXTENDING VOLUME GROUP:-
# vgextend vg1 /dev/sda8
Finished.....enjoy deploying LVM....:)
I am going to discuss a very very famous part of the LINUX called LVM (Logical Volume Management).
Before we start making LVM, lets learn some other basic things.
- To implement LVM we go step by step and make Physical Volume first.
- Then, we will make Volume Group.
- Then, finally the Logical Volume
- Logical Volume have the partition type ID "8e"
Similarly, swap has "82", raid has "fd", ntfs has "7", extended has "5", Linux has "83" etc etc.
Prerequistes:-
* A machine with a Linux Installation (In my case it is RHEL5)
* Free space on hard-disk to create the new partitions
Commands we will be using:
- pvcreate
- vgcreate
- lvcreate
- pvscan
- vgscan
- lvscan
- pvdisplay
- vgdisplay
- lvdisplay
- lvextend
- lvreduce
- resize2fs
So before reading further, please go through the manuals of these commands. So that you can be aware of the commands working.
I - ADD A LOGICAL PARTITION
Steps to go:-
1) Create new partition on the hard-disk with the command below:
# fdisk /dev/sda (in case if you have a SATA hard-disk)
or
# fdisk /dev/hda (in case if you have a IDE hard-disk)
press "m" now and read all the shortcuts now.
Now, press "n" to create a new partition. It will ask whether to create "primary partition" or "extended". If you already have 4 primary parition including 1 extended then it won't ask it and will directly create a logical partition in extended partition.
It will ask for first cylinder, keep it blank and press enter. Then, it will ask for last cylinder, put your partition size as "+1024M" (if specifying in MBs) or "+1G" (if specifying in GBs).
2) Now, change the partition ID. By default, every partition gets the partition ID as "83". So to change it press "t". "t" means toggle.
It will ask for the partition number of which ID has to be changed. Put the number of the newly created partition's number.
Then, it will ask the partition ID and put "8e" as the partition ID now.
3) Now, to write changes to the disk press "w". It will write changes to the disk and will automatically quit the program "fdisk".
4) Now, run the program "partprobe" to send information to the kernel about the newly added paritions.
# partprobe /dev/sda
or
# partprobe /dev/hda
NOTE:- I have created 3 logical paritions using the procedure above as SDA5, SDA6, SDA7. SDA4 is my extended partition. And i will be using this scheme only within the example.
5) Now, creating physical volume with the 3 new logical volume partitions (sda5,sda6,sda7)as:
# pvcreate /dev/sda{5,6,7}
Now, run the command "pvscan", "pvdisplay" and see results.
6) Now, creating volume group named as "vg1":
# vgcreate vg1 /dev/sda{5,6,7}
Now, run the command "vgscan", "vgdisplay" and see results.
7) Now, Finally creating the logical volume named as "lv1":
# lvcreate --size +500M --name lv1 vg1
Here, we are creating a logical volume "lv1" in the volume group "vg1" which we just created using the 3 new partitions. You can provide size either in MBs or GBs using M or G in the size parameter.
Now, run the command "lvscan", "lvdisplay" and see results.
8) Now, Format the new LVM as:
# mkfs.ext3 /dev/vg1/lv1
or
# mke2fs -j /dev/vg1/lv1
9) Now, Mounting LVM at a mount point "/lv1" as:
# mkdir /lv1
# mount -t ext3 /dev/vg1/lv1 /lv1
or you can add a new entry to the file "/etc/fstab". So that this partition is auto-mounted everytime on the mount point "/lv1".
# vim /etc/fstab
/dev/vg1/lv1 ext3 defaults 1 2
:wq
save and exit
10) Now, run "mount -a" and check the parition:
# mount -a
# cd /lv1
# df -h
II - EXTENDING A LOGICAL PARTITION
Resizng a LVM is very crucial task because there is a lot risk of "data corruption" if we didn't do it in right manner.
So for extending a LVM. First thing we need to remember is the sequence of it commands to be run.
1) First, umount the logical volume.
# umount /lv1
2) Now, extending the LVM:
# lvextend --size +50M /dev/vg1/lv1
Putting a + in front of 50M tells that LVM has to be extended by 50M. Means 50M has to added to the LVM.
3) Now, run file system check:
# e2fsck -f /dev/vg1/lv1
4) Finally, resizing the LVM:
# resize2fs /dev/vg1/lv1
III - REDUCING A LOGICAL PARTITION
Again, the sequence of commands is very important.
1) Umount the LVM as we did above.
2) Run file system check to avoid data corruption.
# e2fsck -f /dev/vg1/lv1
3) Resizing partition, let we had a LVM partition of 500M and we extended that by 50M and now reducing it to 300M:
# resize2fs /dev/vg1/lv1 300M
NOTE:- Remember, we are not using + here before 300M since we are reducing the size.
4) Finally, reducing LVM:
# lvreduce --size 300M /dev/vg1/lv1
5) mount -a
Similarly, we can extend physical volumes and volume groups.
EXTENDING PHYSICAL VOLUME:-
Create a new partition on hard-disk same as we did in making LVM and run the command as:
# pvcreate /dev/sda8
EXTENDING VOLUME GROUP:-
# vgextend vg1 /dev/sda8
Finished.....enjoy deploying LVM....:)
Wednesday, November 10, 2010
Configuring SAMBA on RHEL/FEDORA
Hi Guys,
Today, i am going to tell you that how to configure SAMBA on RHEL/FEDORA platform for sharing files.
Prerequisites:-
* a machine with RHEL/FEDORA installation
* YUM Server configured
Steps to go:-
1) Install the samba package from YUM utility.
# yum install samba
2) Make a directory that is to be shared on SAMBA (in my case i am making /linux):
# mkdir /linux
3) Now, open the samba configuration file i.e. smb.conf in vi editor or any editor you like and search "hosts" in there and edit the lines as:
# vim /etc/smb/smb.conf
hosts allow = 127. 192.168.1.
[Shared]
comment=Linux Samba Shares
path=/linux
public=yes
browseable=yes
valid users = aman
:wq
save and exit
Here, we are specifying the network on which SAMBA shares is available. I am sharing the SAMBA with the machines on the network 192.168.1.0. So, put your network here(on which you want to share files) in front of the "hosts allow = ".
Then, we are specifying the name of the share as "Shared" or you can change it for your own. Then, specifying the comment for the share, its path means the path to the shared folder. Defining it public so that people can share it on the network. Making it browseable and restricting with the user "aman". Means only user "aman" can access its shares.
4) Adding a user to the network(in my case user is "aman"):
For this step a user should be on your machine, means on the same machine from which you are sharing /linux.
# useradd aman
# smbpasswd -a aman
password:
confirm:
5) Now, changing context label of the sharing folder i.e. /linux:
You can check context label of the folder using the command :
# ls -dZ /linux
Change the context label as:
# chcon -t samba_share_t /linux
Context label is a very important part. If we don't set context label then SELINUX won't be aware of the samba shares.
6) Now, setting selinux boolean values:
# setsebool -P samba_enable_home_dirs on
# setsebool -P use_samba_home_dirs on
Option "-P" is for making it permanent and saving it for across reboots.
7) Now, restart SAMBA service:
# service smb restart; chkconfig smb on
8) Now, goto another machine on the network and check for the samba shares with the following commands:
# smbclient //192.168.1.58/shared -U aman
password:
smb>
use the password you just setted up using the "smbpasswd" above to login.
or
# smbclient -L //192.168.1.58
NOTE:- The IP address 192.168.1.58 is of the machine on which we have configured SAMBA.
Enjoy Sharing....:)
Today, i am going to tell you that how to configure SAMBA on RHEL/FEDORA platform for sharing files.
Prerequisites:-
* a machine with RHEL/FEDORA installation
* YUM Server configured
Steps to go:-
1) Install the samba package from YUM utility.
# yum install samba
2) Make a directory that is to be shared on SAMBA (in my case i am making /linux):
# mkdir /linux
3) Now, open the samba configuration file i.e. smb.conf in vi editor or any editor you like and search "hosts" in there and edit the lines as:
# vim /etc/smb/smb.conf
hosts allow = 127. 192.168.1.
[Shared]
comment=Linux Samba Shares
path=/linux
public=yes
browseable=yes
valid users = aman
:wq
save and exit
Here, we are specifying the network on which SAMBA shares is available. I am sharing the SAMBA with the machines on the network 192.168.1.0. So, put your network here(on which you want to share files) in front of the "hosts allow = ".
Then, we are specifying the name of the share as "Shared" or you can change it for your own. Then, specifying the comment for the share, its path means the path to the shared folder. Defining it public so that people can share it on the network. Making it browseable and restricting with the user "aman". Means only user "aman" can access its shares.
4) Adding a user to the network(in my case user is "aman"):
For this step a user should be on your machine, means on the same machine from which you are sharing /linux.
# useradd aman
# smbpasswd -a aman
password:
confirm:
5) Now, changing context label of the sharing folder i.e. /linux:
You can check context label of the folder using the command :
# ls -dZ /linux
Change the context label as:
# chcon -t samba_share_t /linux
Context label is a very important part. If we don't set context label then SELINUX won't be aware of the samba shares.
6) Now, setting selinux boolean values:
# setsebool -P samba_enable_home_dirs on
# setsebool -P use_samba_home_dirs on
Option "-P" is for making it permanent and saving it for across reboots.
7) Now, restart SAMBA service:
# service smb restart; chkconfig smb on
8) Now, goto another machine on the network and check for the samba shares with the following commands:
# smbclient //192.168.1.58/shared -U aman
password:
smb>
use the password you just setted up using the "smbpasswd" above to login.
or
# smbclient -L //192.168.1.58
NOTE:- The IP address 192.168.1.58 is of the machine on which we have configured SAMBA.
Enjoy Sharing....:)
Tuesday, November 9, 2010
Formatting USB/Flash Drives/Floppies/Partitions in Linux
Hi guys,
I am writing this post because when i was a beginner in Linux, I didn't knew that how to format a Pen Drive from Linux. I always used windows to format pen drives or USBs. So i think, this post may be useful for the LINUX/UNIX beginners or the people who are trying to switch from windows to LINUX platform. There are many tools available freely to format these devices e.g. floppy formatter to format floppies. But i will be tell you the command line options to format these devices because i think command is really simple and easy to use.
We have many command line packages available for formatting devices but i will be discussing only 2 utilities thats is "mkfs" and "mke2fs".
for example you want to format a USB/Flash Drive/Pen Drive then use the command:-
# mkfs.ext3 /dev/sdb
or you can write alternatively
# mkfs -t ext3 /dev/sdb
NOTE:- ext3 is the file system you want to span on to the device. If you want to have a fat32 file system then use mkfs.vfat to format the device or similarly any other file system. "-t" specifies type of the filesystem.
Other command that we can use is:
# mke2fs -j /dev/sdb
NOTE:- "-j" option specifies the journalizing file system to be spanned on the device. ext3 is the journalizing file system.
Similarly, if you want to format floppy or any other device just use the device name with the command as:
# mkfs.vfat /dev/fd0
or
# mkfs.vfat anydevicename
Enjoy formatting......:)
I am writing this post because when i was a beginner in Linux, I didn't knew that how to format a Pen Drive from Linux. I always used windows to format pen drives or USBs. So i think, this post may be useful for the LINUX/UNIX beginners or the people who are trying to switch from windows to LINUX platform. There are many tools available freely to format these devices e.g. floppy formatter to format floppies. But i will be tell you the command line options to format these devices because i think command is really simple and easy to use.
We have many command line packages available for formatting devices but i will be discussing only 2 utilities thats is "mkfs" and "mke2fs".
for example you want to format a USB/Flash Drive/Pen Drive then use the command:-
# mkfs.ext3 /dev/sdb
or you can write alternatively
# mkfs -t ext3 /dev/sdb
NOTE:- ext3 is the file system you want to span on to the device. If you want to have a fat32 file system then use mkfs.vfat to format the device or similarly any other file system. "-t" specifies type of the filesystem.
Other command that we can use is:
# mke2fs -j /dev/sdb
NOTE:- "-j" option specifies the journalizing file system to be spanned on the device. ext3 is the journalizing file system.
Similarly, if you want to format floppy or any other device just use the device name with the command as:
# mkfs.vfat /dev/fd0
or
# mkfs.vfat anydevicename
Enjoy formatting......:)
Monday, November 8, 2010
Setting up SQUID Server
Before start setting up squid server, let us first be aware of "What is a squid server?". You might be aware of it, but still i would like to mention it here.
*Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Although primarily used for HTTP and FTP.
The diagram below explains the squid server situation very well. For example, let as assume you have a lab to be maintained. So you want to setup squid server for you lab clients. So your computer(ie. Squid server in figure) is connected to the the internet through your ISP connection and your computer will share the internet connection with the rest of the clients in you network (client 1 - client n).
Lets assume you have a network as 192.168.1.0/24 and your pc IP address is 192.168.1.1 or any within the network range.
I am going to use RHEL5 for setting up the squid server, so you can use RHEL/FEDORA to try setting up squid.
Prerequisites:-
# a machine with the rhel5/fedora installation
# SQUID rpm required
I) Steps to go for making SQUID Server:-
Step-1) Install squid package with the following packages. I am assuming, you have already made YUM Server.
# yum install squid -y
Step-2) Now, Edit the squid configuration file by opening it in vi editor and put the line below in the file. And find the commented line starting with "#http_access" use "/#http_access" in command mode of the vi editor. The first result will as:
/*#acl mylan src 192.168.0.0/24
#http_access src mylan/someothername*/
Copy them or uncommented as you wish.
# vim /etc/squid/squid.conf
acl mylan src 192.168.1.0/24
http_access src mylan
:wq
save and exit
NOTE:-
(1) mylan is not a key word, its just the network name, i have used to make it simple to use. But rest are the keywords in the file.
(2) The sequence of these commands is very important. These lines should not be copied to any other location other than this one.
Step-3) Now, start the squid service with the following command:
# service squid start; chkconfig squid on
* i used chkconfig to put the service on startup in all the runlevels.
Step-4) Now, set proxy server in the other machine's browser.
Setting proxy server in firefox in client machines:
GOTO edit -> preferences -> Advanced -> Network -> Setttings
Now select "Manual Proxy Configurations" and put proxy server address in it as:
address: 192.168.1.1 and port as 3128.
NOTE:- Port 3128 is the default port for the squid server. You can change it, if you want in the configuration file.
Step-5) Now, use and have fun with internet on the client machines...:) finished
II) Preventing notorious/bad Websites opening in client with the squid server:-
Steps to go:-
Step-1) Open the squid configuration file with the VI Editor and put the following lines in the file:-
# vim /etc/squid/squid.conf
acl block dstdomain www.google.com
http_access deny block mylan
:wq
save and exit
NOTE:- these lines should be in between those two lines which we used in the steps to make squid server. Means it should look like:
acl mylan src 192.168.1.0/24
acl block dstdomain www.google.com www.yahoo.com
http_access deny block mylan
http_access src mylan
The word "block" not a keyword, its just a name used for the website which to be blocked means we are assuming those as a "block" and the word "deny" is a keyword used for denying the access of these websites in the block on the network "mylan".
We can also use a files for the list of websites to be banned on the network as:
Create a file somewhere with any name (i am creating /etc/squid/blocked_sites) and put the websites name in it as:
# vim /etc/squid/blocked_sites
www.google.com
www.yahoo.com
www.orkut.com
www.facebook.com
and so on
:wq
save and exit
Now edit the squid configuration file and replace the line "acl block dstdomain www.google.com www.yahoo.com" with a new line as follows:
# vim /etc/squid/squid.conf
acl mylan src 192.168.1.0/24
acl block url_regex "/etc/squid/blocked_sites"
http_access deny block mylan
http_access src mylan
:wq
save and exit
NOTE:- This way to banning website is not a good deal because squid only bans the name of the websites. And client will not be able to use only those websites directly but client can use proxies available over the internet to access those websites because squid doesn't do content filtering. So this procedure fails there.
But we have some better solutions available like Dansguardian with i use and can be many more packages available there.
So lets install Dansguardian now to make network more secure (i have the dansguadian packages available in my repos):-
# yum install dansguardian -y
Now edit dansguardian configuration file:
# vim /etc/dansguardian/dansguardian.conf
filterip=192.168.1.1
port=8080
proxy=192.168.1.0/24
:wq
save and exit
Remember, 192.168.1.1 is my squid server IP so put you ip address accordingly in the "filterip".
Now, change the port of proxy server in the client machine's firefox from 3128 to 8080 and have fun.
Now, client won't be able to even search the "bad" words or phrases. Try searching "sex" from the client machine in google and see the result.
Similarly, there are many more ways to implement many things in squid. Squid is not just these 2 topics. There ic much more to be learnt...:) So please google for the other things like making network available to client within a particualr time period and much more....enjoying gooling...:)
I hope you like the tute....If you have any suggestions you are most welcome..enjoy...:)
*Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic. Although primarily used for HTTP and FTP.
The diagram below explains the squid server situation very well. For example, let as assume you have a lab to be maintained. So you want to setup squid server for you lab clients. So your computer(ie. Squid server in figure) is connected to the the internet through your ISP connection and your computer will share the internet connection with the rest of the clients in you network (client 1 - client n).
Lets assume you have a network as 192.168.1.0/24 and your pc IP address is 192.168.1.1 or any within the network range.
I am going to use RHEL5 for setting up the squid server, so you can use RHEL/FEDORA to try setting up squid.
Prerequisites:-
# a machine with the rhel5/fedora installation
# SQUID rpm required
I) Steps to go for making SQUID Server:-
Step-1) Install squid package with the following packages. I am assuming, you have already made YUM Server.
# yum install squid -y
Step-2) Now, Edit the squid configuration file by opening it in vi editor and put the line below in the file. And find the commented line starting with "#http_access" use "/#http_access" in command mode of the vi editor. The first result will as:
/*#acl mylan src 192.168.0.0/24
#http_access src mylan/someothername*/
Copy them or uncommented as you wish.
# vim /etc/squid/squid.conf
acl mylan src 192.168.1.0/24
http_access src mylan
:wq
save and exit
NOTE:-
(1) mylan is not a key word, its just the network name, i have used to make it simple to use. But rest are the keywords in the file.
(2) The sequence of these commands is very important. These lines should not be copied to any other location other than this one.
Step-3) Now, start the squid service with the following command:
# service squid start; chkconfig squid on
* i used chkconfig to put the service on startup in all the runlevels.
Step-4) Now, set proxy server in the other machine's browser.
Setting proxy server in firefox in client machines:
GOTO edit -> preferences -> Advanced -> Network -> Setttings
Now select "Manual Proxy Configurations" and put proxy server address in it as:
address: 192.168.1.1 and port as 3128.
NOTE:- Port 3128 is the default port for the squid server. You can change it, if you want in the configuration file.
Step-5) Now, use and have fun with internet on the client machines...:) finished
II) Preventing notorious/bad Websites opening in client with the squid server:-
Steps to go:-
Step-1) Open the squid configuration file with the VI Editor and put the following lines in the file:-
# vim /etc/squid/squid.conf
acl block dstdomain www.google.com
http_access deny block mylan
:wq
save and exit
NOTE:- these lines should be in between those two lines which we used in the steps to make squid server. Means it should look like:
acl mylan src 192.168.1.0/24
acl block dstdomain www.google.com www.yahoo.com
http_access deny block mylan
http_access src mylan
The word "block" not a keyword, its just a name used for the website which to be blocked means we are assuming those as a "block" and the word "deny" is a keyword used for denying the access of these websites in the block on the network "mylan".
We can also use a files for the list of websites to be banned on the network as:
Create a file somewhere with any name (i am creating /etc/squid/blocked_sites) and put the websites name in it as:
# vim /etc/squid/blocked_sites
www.google.com
www.yahoo.com
www.orkut.com
www.facebook.com
and so on
:wq
save and exit
Now edit the squid configuration file and replace the line "acl block dstdomain www.google.com www.yahoo.com" with a new line as follows:
# vim /etc/squid/squid.conf
acl mylan src 192.168.1.0/24
acl block url_regex "/etc/squid/blocked_sites"
http_access deny block mylan
http_access src mylan
:wq
save and exit
NOTE:- This way to banning website is not a good deal because squid only bans the name of the websites. And client will not be able to use only those websites directly but client can use proxies available over the internet to access those websites because squid doesn't do content filtering. So this procedure fails there.
But we have some better solutions available like Dansguardian with i use and can be many more packages available there.
So lets install Dansguardian now to make network more secure (i have the dansguadian packages available in my repos):-
# yum install dansguardian -y
Now edit dansguardian configuration file:
# vim /etc/dansguardian/dansguardian.conf
filterip=192.168.1.1
port=8080
proxy=192.168.1.0/24
:wq
save and exit
Remember, 192.168.1.1 is my squid server IP so put you ip address accordingly in the "filterip".
Now, change the port of proxy server in the client machine's firefox from 3128 to 8080 and have fun.
Now, client won't be able to even search the "bad" words or phrases. Try searching "sex" from the client machine in google and see the result.
Similarly, there are many more ways to implement many things in squid. Squid is not just these 2 topics. There ic much more to be learnt...:) So please google for the other things like making network available to client within a particualr time period and much more....enjoying gooling...:)
I hope you like the tute....If you have any suggestions you are most welcome..enjoy...:)
Friday, October 29, 2010
Stopping Ping Replies
Hi Guys,
I have a new trick for you. I recently read saw somewhere on the net a trick to stop ping replies from a server but i found it a long and complex because i can do that in just one line.
I mean when we ping a server using its name or IP it give replies to us. For example: when i ping 4.2.2.2 i get result as:
PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=53 time=288 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=53 time=287 ms
.....so on
So we can stop these replies from our server just by editing permissions of the ping command.
Check the permissions of the command ping by the following command:
# ll /bin/ping
It will return results something like:
-rwsr-xr-x. 1 root root 42008 Mar 5 2010 /bin/ping
Now, As we can see that it has the sticky bit for the user ("s" in the permission). This helps to run the command as a root at the execution time.
To stop replies just remove this sticky bit from the permission and you are done.
# chmod u-s /bin/ping
Now, Your server won't reply to the pings.
I have a new trick for you. I recently read saw somewhere on the net a trick to stop ping replies from a server but i found it a long and complex because i can do that in just one line.
I mean when we ping a server using its name or IP it give replies to us. For example: when i ping 4.2.2.2 i get result as:
PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=53 time=288 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=53 time=287 ms
.....so on
So we can stop these replies from our server just by editing permissions of the ping command.
Check the permissions of the command ping by the following command:
# ll /bin/ping
It will return results something like:
-rwsr-xr-x. 1 root root 42008 Mar 5 2010 /bin/ping
Now, As we can see that it has the sticky bit for the user ("s" in the permission). This helps to run the command as a root at the execution time.
To stop replies just remove this sticky bit from the permission and you are done.
# chmod u-s /bin/ping
Now, Your server won't reply to the pings.
Making your own YUM Server
Hi Guys,
I am here to tell you how to setup YUM server. I hope that you know what is a YUM server, if not no worries. A YUM server is rpms/packages manager which resolves the various dependencies needed by the packages and installs the software. For further details on YUM server you can google it.....:)
We can setup our YUM Server on any Distribution that supports it. I am using Fedora13 to setup a YUM server for the fedora13 itself. Same procedure will also be useful for RHEL(Redhat Enterprize Linux) users. They can use this tutorial to setup YUM server for RHEL.
Prerequisites:
- A fedora13 ISO or DVD
- A fedora13 Linux Box installed
Steps to go:
1) First of all mount the DVD of the Fedora 13 or fedora13 ISO if you have ISO.
(# mount -o loop Fedora13.iso /mnt) For ISO users
2) Then move in the media i.e. DVD or the ISO.
# cd /media/fedora13-DVD
or
# cd /mnt (for iso users if they mounted it under /mnt or put the custom location if you are using another mount point)
3) Now cd into the directory Packages, this directory contains all the official packages for the Fedora13 that are included in the fedora13.
# cd Packages
4) For creating a YUM server we can either use HTTP or FTP. In my case i am using FTP. So install the rpm package "vsftpd" from the directory Packages.
# rpm -ivh vsftpd-2.2.2-3.fc13.i686
Also install the package "createrepo"
# rpm -ivh createrepo-0.9.8-4.fc13.noarch
5) Now, Copy the Packages directory to the location /var/ftp/pub
# cp -rfv Packages /var/ftp/pub
6) Now copy the file from the DVD (or /mnt in case of ISO) named as "fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml" to the location /var/ftp/pub/Packages
# cp fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml /var/ftp/pub/Packages
7) Now cd into the directory /var/ftp/pub/Packages and create repo with the following command:
# cd /var/ftp/pub/Packages
# createrepo -vg fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml .
( remember the "." in the last it represents the current directory)
8) Now create the repo file for the YUM Server. I am naming the as "server.repo", you can have any name you want to this file but file extension should be ".repo" only.
# vim /etc/yum.repo.d/server.repo
[Server]
name=YUM Server
baseurl=file:///var/ftp/pub/Packages
gpgcheck=0
enabled=1
Remember I have disabled gpgcheck since i am not using the gpgkeys. If you want to use the gpgcheck you can use.
Now just make YUM Clients and have fun installing applications. If you are installing applications on the same Box on which you have configured the YUM Server then you don't need to create a client repo file.
For other systems you have to create a client repo file in /etc/yum.repo.d as:
# vim /etc/yum.repo.d/server.repo
[Client]
name=YUM Client
baseurl=ftp://youripaddress/pub/Packages
gpgcheck=0
enabled=1
YUM server is ready to rock...:) have fun......Enjoy....:)
I am here to tell you how to setup YUM server. I hope that you know what is a YUM server, if not no worries. A YUM server is rpms/packages manager which resolves the various dependencies needed by the packages and installs the software. For further details on YUM server you can google it.....:)
We can setup our YUM Server on any Distribution that supports it. I am using Fedora13 to setup a YUM server for the fedora13 itself. Same procedure will also be useful for RHEL(Redhat Enterprize Linux) users. They can use this tutorial to setup YUM server for RHEL.
Prerequisites:
- A fedora13 ISO or DVD
- A fedora13 Linux Box installed
Steps to go:
1) First of all mount the DVD of the Fedora 13 or fedora13 ISO if you have ISO.
(# mount -o loop Fedora13.iso /mnt) For ISO users
2) Then move in the media i.e. DVD or the ISO.
# cd /media/fedora13-DVD
or
# cd /mnt (for iso users if they mounted it under /mnt or put the custom location if you are using another mount point)
3) Now cd into the directory Packages, this directory contains all the official packages for the Fedora13 that are included in the fedora13.
# cd Packages
4) For creating a YUM server we can either use HTTP or FTP. In my case i am using FTP. So install the rpm package "vsftpd" from the directory Packages.
# rpm -ivh vsftpd-2.2.2-3.fc13.i686
Also install the package "createrepo"
# rpm -ivh createrepo-0.9.8-4.fc13.noarch
5) Now, Copy the Packages directory to the location /var/ftp/pub
# cp -rfv Packages /var/ftp/pub
6) Now copy the file from the DVD (or /mnt in case of ISO) named as "fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml" to the location /var/ftp/pub/Packages
# cp fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml /var/ftp/pub/Packages
7) Now cd into the directory /var/ftp/pub/Packages and create repo with the following command:
# cd /var/ftp/pub/Packages
# createrepo -vg fce31f091be8211a394d8942fcf4f6cbeffa3d40d87b61af55a97b1a88b46987-Fedora-13-comps.xml .
( remember the "." in the last it represents the current directory)
8) Now create the repo file for the YUM Server. I am naming the as "server.repo", you can have any name you want to this file but file extension should be ".repo" only.
# vim /etc/yum.repo.d/server.repo
[Server]
name=YUM Server
baseurl=file:///var/ftp/pub/Packages
gpgcheck=0
enabled=1
Remember I have disabled gpgcheck since i am not using the gpgkeys. If you want to use the gpgcheck you can use.
Now just make YUM Clients and have fun installing applications. If you are installing applications on the same Box on which you have configured the YUM Server then you don't need to create a client repo file.
For other systems you have to create a client repo file in /etc/yum.repo.d as:
# vim /etc/yum.repo.d/server.repo
[Client]
name=YUM Client
baseurl=ftp://youripaddress/pub/Packages
gpgcheck=0
enabled=1
YUM server is ready to rock...:) have fun......Enjoy....:)
Tuesday, October 26, 2010
How to use Custom Splash Boot Image
Hi Guys,
Are you bored of same boot splash image which comes in the background of the Grub menu? If yes then I am gonna tell you how to change it and use a custom splash boot image.
Prerequisites:
- Any Image to be used as boot splash image(aman.jpg in my case)
- Gimp or similar tool to edit image.
Steps to go:
1) first of open the "image" in the program "gimp". Scale it and make it to 640x480.
Then, in gimp go to "Mode" and select "indexed" and then save it in png format.(aman.png in my case)
2) Now, convert this .png image into .xpm image using th command:
- convert aman.png -colors 14 aman.xpm
Now, compress it with gzip
- gzip aman.xpm.gz
3) Now, Copy the file aman.xpm.gz to /boot/grub (remember you need super user privilieges to do this)
- cp aman.xpm.gz /boot/grub
4) Now edit grub.conf to make splash image entry in it.
- vim /etc/grub.conf
#edit the line starting with word "splashimage" as
splashimage=(hd0,1)/grub/aman.xpm.gz
save and exit
remember aman.xpm.gz is the file you copied in the /boot/grub directory.
5) Reboot now and check the new splash image at you grub boot screen. You are done. Enjoy...:)
Are you bored of same boot splash image which comes in the background of the Grub menu? If yes then I am gonna tell you how to change it and use a custom splash boot image.
Prerequisites:
- Any Image to be used as boot splash image(aman.jpg in my case)
- Gimp or similar tool to edit image.
Steps to go:
1) first of open the "image" in the program "gimp". Scale it and make it to 640x480.
Then, in gimp go to "Mode" and select "indexed" and then save it in png format.(aman.png in my case)
2) Now, convert this .png image into .xpm image using th command:
- convert aman.png -colors 14 aman.xpm
Now, compress it with gzip
- gzip aman.xpm.gz
3) Now, Copy the file aman.xpm.gz to /boot/grub (remember you need super user privilieges to do this)
- cp aman.xpm.gz /boot/grub
4) Now edit grub.conf to make splash image entry in it.
- vim /etc/grub.conf
#edit the line starting with word "splashimage" as
splashimage=(hd0,1)/grub/aman.xpm.gz
save and exit
remember aman.xpm.gz is the file you copied in the /boot/grub directory.
5) Reboot now and check the new splash image at you grub boot screen. You are done. Enjoy...:)
Installing Fedora 13 without CD/DVD, pen/flash drives or any external source
Hi,
I have learnt this method today and i am sharing this with you. Its not a new trick but its very useful trick for those who want to try and install new linux distros without wasting bucks on buying CD/DVD to burn ISOs. Many people might have done it many times but its still very useful. The aim of sharing this trick to you is to tell you how to install Fedora 13 without using a CD/DVD or any external hardware to boot. This will be helpful not in case of fedora 13 only but in many other similar distros.
Prerequisites:
- a working bootable linux box having grub installed
- a CD/DVD ISO image of Fedora 13 ISO
Steps to go:
1) Boot into your linux box (in my case its RHEL 5.5 i am using)
2) Create a directory /mnt/fedora13 and put fedora 13 DVD iso in this folder
- mkdir /mnt/fedora13
- cp /path/of/your/iso /mnt/fedora13
3) Now, we need to mount this fedora 13 ISO to some temporary mount point or location(in my case i am mount it under /tmp2. I have created this directory in my box).
- mkdir /tmp2
- mount -o loop Fedora13-DVD.iso /tmp2
4) Now, Goto the mounted directory and cd into isolinux. Copy the kernel files(vmlinuz and initrd) to /boot of your box with a different name so that the it doesn't override the your current system files say like vmlinuz-fc13 and initrd-fc13.img
- cd /tmp2/isolinux
- cp vmlinuz /boot/vmlinuz-fc13
- cp initrd /boot/initrd-fc13.img
5) Now. Copy the "images" folder from the mounted filesystem (from directory /tmp2) to /mnt/fedora13. This images folder contains the install image for the operating system.
- cp -rfv images/ /mnt/fedora13
6) Now, Edit the grub configuration file /etc/grub.conf or /boot/grub/grub.conf and make new entry for the fedora system install as:
- vim /etc/grub.conf
title Fedora 13 installation
kernel vmlinuz-fc13
initrd initrd-fc13.img
save and exit. You can specify the root partition in grub.conf but not necessary in my case.
7) Now, reboot your machine and select Fedora 13 installation in the grub menu at the time of boot.
8) Now, it will ask for the install image location. Select your partition in the list means the partition of the previous linux system where you have kept the ISO in /mnt/fedora13 directory (in my case it is /dev/sda3). Provide the directory containing install image, in my case it is "/mnt/fedora13".
9) Now, install as you install usually. Have fun....:) Finished
In short, we are actually using grub to boot and a hard drive partition to install OS on a different partition. Enjoy...:)
I have learnt this method today and i am sharing this with you. Its not a new trick but its very useful trick for those who want to try and install new linux distros without wasting bucks on buying CD/DVD to burn ISOs. Many people might have done it many times but its still very useful. The aim of sharing this trick to you is to tell you how to install Fedora 13 without using a CD/DVD or any external hardware to boot. This will be helpful not in case of fedora 13 only but in many other similar distros.
Prerequisites:
- a working bootable linux box having grub installed
- a CD/DVD ISO image of Fedora 13 ISO
Steps to go:
1) Boot into your linux box (in my case its RHEL 5.5 i am using)
2) Create a directory /mnt/fedora13 and put fedora 13 DVD iso in this folder
- mkdir /mnt/fedora13
- cp /path/of/your/iso /mnt/fedora13
3) Now, we need to mount this fedora 13 ISO to some temporary mount point or location(in my case i am mount it under /tmp2. I have created this directory in my box).
- mkdir /tmp2
- mount -o loop Fedora13-DVD.iso /tmp2
4) Now, Goto the mounted directory and cd into isolinux. Copy the kernel files(vmlinuz and initrd) to /boot of your box with a different name so that the it doesn't override the your current system files say like vmlinuz-fc13 and initrd-fc13.img
- cd /tmp2/isolinux
- cp vmlinuz /boot/vmlinuz-fc13
- cp initrd /boot/initrd-fc13.img
5) Now. Copy the "images" folder from the mounted filesystem (from directory /tmp2) to /mnt/fedora13. This images folder contains the install image for the operating system.
- cp -rfv images/ /mnt/fedora13
6) Now, Edit the grub configuration file /etc/grub.conf or /boot/grub/grub.conf and make new entry for the fedora system install as:
- vim /etc/grub.conf
title Fedora 13 installation
kernel vmlinuz-fc13
initrd initrd-fc13.img
save and exit. You can specify the root partition in grub.conf but not necessary in my case.
7) Now, reboot your machine and select Fedora 13 installation in the grub menu at the time of boot.
8) Now, it will ask for the install image location. Select your partition in the list means the partition of the previous linux system where you have kept the ISO in /mnt/fedora13 directory (in my case it is /dev/sda3). Provide the directory containing install image, in my case it is "/mnt/fedora13".
9) Now, install as you install usually. Have fun....:) Finished
In short, we are actually using grub to boot and a hard drive partition to install OS on a different partition. Enjoy...:)
Saturday, October 9, 2010
10 Best Linux Admin Tricks
HI Guys,
This is my first blog ever. I was learning different linux distributions. So i just thought that it would be the easiest way to remember what we learn is to share, thats why the idea of writing a blog came into my mind.
I read some tricks for linux administrators on a website i.e. http://www.ibm.com/developerworks/linux/library/l-10sysadtips/ and i found them really interesting to learn. These trick must be helpful to any admin whether he is working in the industry or working in his home distribution.
Try it! you will love it..:)
This is my first blog ever. I was learning different linux distributions. So i just thought that it would be the easiest way to remember what we learn is to share, thats why the idea of writing a blog came into my mind.
I read some tricks for linux administrators on a website i.e. http://www.ibm.com/developerworks/linux/library/l-10sysadtips/ and i found them really interesting to learn. These trick must be helpful to any admin whether he is working in the industry or working in his home distribution.
Try it! you will love it..:)
Subscribe to:
Comments (Atom)