Course Notes 10-12-2019 Six Months Redhat Enterprise Linux 6

www.zmprotech.com 888-236-2620

Course Notes

10-12-2019

Six Months

Redhat Enterprise Linux 6 and 7 (RHEL)

Practice 2 hours daily

30 mins 45 mins 45 mins

10/12/2019 https://youtu.be/jU0kfERg5gU

Virtual Box Setup

www.zmprotech.com 888-236-2620

Changing boot order

10-12-2019 https://youtu.be/jU0kfERg5gU

- Push any key on the keyboard to stop the boot process

www.zmprotech.com 888-236-2620

- Push ‘e’ to Edit the GRUB menu

www.zmprotech.com 888-236-2620

- Highlight the second option and hit ‘e’ again

www.zmprotech.com 888-236-2620

- End of the line give space and hit 3

www.zmprotech.com 888-236-2620

- Now push ‘b’ to continue to boot the system

www.zmprotech.com 888-236-2620

- The system is in ‘Run Level 3’

www.zmprotech.com 888-236-2620

Change the boot run level permanent to run level 3

- vi /etc/inittab

www.zmprotech.com 888-236-2620

- arrow down to last line - push ‘I’ on the keyboard - you should see insert at the bottom of the screen

www.zmprotech.com 888-236-2620

- Change 5 to 3 as shown

- Push ‘esc’ key

www.zmprotech.com 888-236-2620

- hold the Shift key and colon

- Push ‘x’ and hit ‘enter’ - (this will save and exit)

www.zmprotech.com 888-236-2620

Change network settings

- Settings> Network>Attached to> Host only adapter

www.zmprotech.com 888-236-2620

- Change settings as shown

www.zmprotech.com 888-236-2620

- Restart virtual machine - The system is successfully set to ‘Runlevel 3’ with network enabled

www.zmprotech.com 888-236-2620

10-13-2019 https://youtu.be/BhDkHOXf7_k

Putty Connection

- Start the newly installed VM - Log in - ‘Ifconfig’ to see the ip address - Look for ethernet port - Example eth0 (this could be name differently on your VM) - If you don’t see ip address then - Go to - cd /etc/sysconfig/network-scripts/

www.zmprotech.com 888-236-2620

- vi ifcfg-eth0 - change on boot to ‘yes’

- - - To Save and exit - Shift + : x - The above will save and exit - Reboot the system - After reboot and login - ‘Ifconfig’ - Example: 192.168.94.9

www.zmprotech.com 888-236-2620

- - Make necessary changes and save in putty

- - Click yes

www.zmprotech.com 888-236-2620

10-13-2019 https://youtu.be/BhDkHOXf7_k

root

Command Line Interface – CLI

Most of Linux Admin time is spent here CLI

root – Administrator – Super user - root user has highest level of access - don’t miss use the root access privileges

www.zmprotech.com 888-236-2620

- you will have access to company data - never share your password with anyone even mangers and directors or ceo - don’t put password in emails, chats or text, don’t share it.

/root - Default working directory for the Administrator ‘root’ - this is home directory of the user ‘root’ - this also known as landing directory - the profile of the user ‘root’ is sitting in this directory

/ - this is the top most directory or folder - also known as root directory - This is root of operating system -

10-19-2019 https://youtu.be/MSILbx8rPYY

www.zmprotech.com 888-236-2620

Run Levels

0 – Shutdown

- System is in shut down/ power off status - This will shutdown the system gracefully

‘init 0’

1- Single user mode - This is used for troubleshooting the system - System bootup problems - Root password issues - It will boot automatically into root user – without prompting for password - Other troubleshooting issues - No networking is available in this mode - No other users can connect to the host

‘init 1’

2 – Multiuser mode without NFS - Multiple users can connect - Network File System is not available

‘init 2’

3 – Multiuser mode with NFS - This is default mode in most cases - Admins will be working in this mode - Example: DB team, Other admins, regular users etc., - NFS will be available

‘init 3’

4 – undefined - No body is using this mode

www.zmprotech.com 888-236-2620

5 – GUI mode – X11 Windows mode - Graphical User Interface. - Windows graphic are available - This will used by some web development team - NFS available - Everything in runlevel 3 – GUI

‘init 5’

6 – reboot, restart - This will restart the system - When required must get approval from Application team, storage, etc., - Change Request – CR must be approved for reboot. - When the system is rebooted it will go into its default run level

‘init 6’

** 0 – Shutdown 1- Single user mode 2 – Multiuser mode without NFS 3 – Multiuser mode with NFS 4 – undefined 5 – GUI mode – X11 Windows mode 6 – reboot, restart

** How do you check the run-level of the system?

‘runlevel’ ‘who -r’

** Where is Default run-level is set in?

/etc/inittab

Change the run-level vi /etc/inittab

www.zmprotech.com 888-236-2620

- use arrow keys on the keyboard to scroll to position to change the runlevel - type i to go into insert mode then delete 5 and put 3 - then push esc key - lastly type shift + : then x, then hit enter to save changes

10-19-2019 https://youtu.be/MSILbx8rPYY

Basic Commands

‘pwd’ - present working directory

[root@zmpt01 ~]# pwd /root

‘ls’ - list the contents of the directory - list the content of the directory using absolute and relative path

[root@zmpt01 ~]# ls

www.zmprotech.com 888-236-2620 anaconda-ks.cfg install.log install.log.syslog

‘ls -l’ - Long list - Provides the details of the list of contents

[root@zmpt01 ~]# ls -l total 72 -rw------. 1 root root 1603 Oct 12 12:28 anaconda-ks.cfg -rw-r--r--. 1 root root 50698 Oct 12 12:28 install.log -rw-r--r--. 1 root root 10031 Oct 12 12:24 install.log.syslog

‘ls -la’ - Long list with the hidden files and directories

[root@zmpt01 ~]# ls -la total 112 dr-xr-x---. 4 root root 4096 Oct 12 14:14 . dr-xr-xr-x. 25 root root 4096 Oct 19 11:41 .. -rw------. 1 root root 1603 Oct 12 12:28 anaconda-ks.cfg -rw------. 1 root root 409 Oct 19 11:40 .bash_history -rw-r--r--. 1 root root 18 May 20 2009 .bash_logout -rw-r--r--. 1 root root 176 May 20 2009 .bash_profile -rw-r--r--. 1 root root 176 Sep 22 2004 .bashrc drwx------. 3 root root 4096 Oct 12 12:31 .config -rw-r--r--. 1 root root 100 Sep 22 2004 .cshrc drwx------. 2 root root 4096 Oct 12 12:31 .gconf -rw-r--r--. 1 root root 50698 Oct 12 12:28 install.log -rw-r--r--. 1 root root 10031 Oct 12 12:24 install.log.syslog -rw-r--r--. 1 root root 129 Dec 3 2004 .tcshrc

‘ls -l atlanta/alpharetta/saunee/’

[root@zmpt01 ~]# ls -la atlanta/alpharetta/saunee/ total 8 drwxr-xr-x. 2 root root 4096 Oct 19 12:56 . drwxr-xr-x. 3 root root 4096 Oct 19 12:12 .. -rw-r--r--. 1 root root 0 Oct 19 12:53 file1 -rw-r--r--. 1 root root 0 Oct 19 12:56 .file2

‘touch atlanta/alpharetta/saunee/file3’

[root@zmpt01 ~]# ls -la atlanta/alpharetta/saunee/ total 8

www.zmprotech.com 888-236-2620 drwxr-xr-x. 2 root root 4096 Oct 19 13:00 . drwxr-xr-x. 3 root root 4096 Oct 19 12:12 .. -rw-r--r--. 1 root root 0 Oct 19 12:53 file1 -rw-r--r--. 1 root root 0 Oct 19 12:56 .file2 -rw-r--r--. 1 root root 0 Oct 19 13:00 file3

**Directory = Folder

‘clear’ - Clears the screen

‘history’ - Displays the history of the commands - To run the command from history use format - !48 (! Number next to command) - That specific command will run for you

- Scroll through the commands use up and down keys

‘mkdir’ - Creates the directory with specified name - mkdir atlanta Creates directory atlanta

mkdir chicago newyork Creates direcoty chicago and newyork

mkdir -p Creates directory inside directory atlanta/alpharetta/saunee – ignoring existing directory

- To create hidden directory - ‘mkdir .sfo’

. - pwd - it is represented with single dot .

www.zmprotech.com 888-236-2620

- one directory up - it is represented with double dot ..

‘cd’ - Change directory - ‘cd atlanta’ - ‘cd’ this will bring you back to your home directory - ‘cd –‘ this will bring you back to your previous working directory - ‘cd ..’ this will move you back up ‘one’ directory - ‘cd ../../’ this will move you back up ‘two’ directories -

‘tab’ - This will auto fill the rest of the name

path

Absolute path

- Full path of the directory saunee - /root/atlanta/alpharetta/saunee - This is also known as absolute path

Relative path - ]# pwd - /root - Change directory using relative path from pwd - cd atlanta/alpharetta/saunee/ - this is a relative path - # pwd - /root/atlanta - cd alpharetta/saunee/ - this is relative path

‘touch’ - ‘touch file1’ - Blank file ‘file1’ is created - ‘touch .file2’ hidden file is created

10-20-2019 https://youtu.be/dv_j9kgssg0

www.zmprotech.com 888-236-2620

‘rm’ - It remove files and folders - ‘rm -rf Chicago’ – removes the directory with files and folders in it - ‘rm -rf file1’ – removes he file without asking - ‘rm -rf *’ – this command will remove everything - Use caution while using * asterisk – it will not ask for confirmation or warning

‘mv’ - Moves the files and folders - Renames files and folders - - ‘mv file2 newyork’ – moves the file to folder using relative path - ‘mv file2 /root/atlanta/alpharetta’ – move using absolute path - - ‘mv newyork atlanta’ – move folder one place to another - ‘mv newyork /root/’ – move folder using absolute path - - ‘mv -f newyork atlanta’ – move the folder with content in it - - ‘mv atlanta dallas’ – move command is used for renaming files and folders -

‘cp’ - Copy files and folders from one place to another (duplicating) - You can also use absolute and relative paths to copy the files - - ‘cp file1 california/sfo’ - copies the file to specified folder - ‘cp california/chicago/* .’ – copy the files from source to pwd - - ‘cp -rfv chicago california’ – copies the folder to destination folder - ‘cp -rf california/chicago .’ – copy the folder from source to pwd

‘cat’ - Concatenate - reads the file – gives you quick out of the contents of the file - writes to file > - writes to the file using > for quick edit mode - if the file does not exits, then cat command will create one - [root@zmpt01 ~]# cat > file1

www.zmprotech.com 888-236-2620

this is linux course i am enjoying linux this is good -

[root@zmpt01 ~]# cat >> file1 I am adding this line this is new line keeping older content - cat filename cat is used for reading file

cat > filename cat is used for writing to file using > you would enter quick edit

if the file does not exits, then cat command will create one

cat >> filename >> to add to the file

Output - This is the result of the command which is displayed - Could be error message

File and directory

- In Linux there is no difference between file and directory - This means the Linux OS writes directory information as file - You cannot have same name of file or directory in same place

www.zmprotech.com 888-236-2620

Line ten – IBM AIX requires hardware sold by IBM Line eleven – RHEL OEL Suse Debian AIX Ubuntu Andriod iOS Fedora Line twelve – HP IBM Supermicro ZT Hyve Dell EMC

‘grep’ - It searches and displays the result - ‘grep IBM file1’ – filters the output with the result - ‘grep -i ibm file1’ – this will ignore the case sensitivity

| - Pipe - Used in combination for multiple commands - Used for filtering also

- - ‘cat file1 | grep -i ibm’ – filtering example

‘wc’ - This is a word count command – it counts the lines, words, characters - - [root@zmpt01 ~]# wc file1 - 12 99 528 file1 - - [root@zmpt01 ~]# wc -l file1 - 12 file1 - - [root@zmpt01 ~]# wc -w file1 - 99 file1 - - [root@zmpt01 ~]# wc -c file1 - 528 file1 - - wc -l – outputs the number of lines - wc -w – outputs the number of words – - wc -c – outputs the number of characters -

www.zmprotech.com 888-236-2620

‘head’ - It reads files first 10 lines by default - ‘Head -3 file1’ – displays 3 lines - ‘head -13 file1’ – displays 13 lines

‘tail’ - It reads last 10 lines of a file by default - ‘tail -15 file1’ – displays bottom 15 lines from the file

‘more’ - Use primarily for huge files - This will load the entire file into memory - To browse through the file - Enter reads through line by line - Spacebar reads through page by page - You can use more -10 file name to move through 10 lines at a time - Automatically quits at the end of the line or use ‘q’ to quit - Not good command when the system is low in memory - Example - ‘more -20 file1’

‘less’ - This command is similar to the more command - But loads the file as needed into memory - To browse through the file - Enter reads through line by line - Spacebar reads through page by page - Use this command when system is low in memory - ‘less -20 file1’

‘sort’ - Sort through the file displays on output - Sorts alphabetically - Example - ‘sort file1’

‘uniq’ - Sorts through the lines - Brings up uniq words

www.zmprotech.com 888-236-2620

- Example - ‘uniq file1’

10-26-2019 https://youtu.be/hM4t0sPIhVY

‘date’ - Display’s date

‘cal’ - Displays calendar

‘uptime’ - Displays the uptime of the since the last reboot

‘who’ - Shows the users logged in information

‘free -h’ - Displays system RAM information - Display system SWAP (virtual Memory) information

‘gzip’ - Zips the file and compresses it - Example: ‘gzip cook’ - Extension will be .gz - Zipped file cannot be read

‘gunzip’ - Unzips the file and uncompresses it - Example: ‘gunzip cook.gz’ - Extension will be removed

‘tar’

www.zmprotech.com 888-236-2620

- Use this command to zip the folders - Example - ‘tar -cvf chicago.tar chicago’ - Unzip - ‘tar -xvf chicago.tar’

‘which’ - Use this command to find if packag(software) is installed - Example - ‘which python’ - ‘which gunzip’

‘man’ - Manual pages for help with commands - This is a user guide for the commands - Example - ‘man ls’

Redirector

10-26-2019 https://youtu.be/hM4t0sPIhVY

0< Standard input – reading the file

cat 0< file1

1> Standard output - writing to file

cat 1> file4

2> Standard error output – capturing the errors to another file

www.zmprotech.com 888-236-2620

cat flsdkjd 2> error

captures the errors to the file error

‘cat: nothing: No such file or directory’

Above output is captured into file name error

‘find’ - It finds the files and directories - You can use absolute and relative paths - Example - ‘find /root cook’ - ‘find / -name cook’ - using name - ‘find / -inum 668682’ – using inode number

‘stat’ - stat command displays the detailed status of a particular file or a file system - stat cook [root@zmpt01 ~]# stat cook File: `cook' Size: 0 Blocks: 0 IO Block: 4096 regular empty file Device: fd00h/64768d Inode: 668682 Links: 1 Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2019-10-26 11:26:15.371019796 -0400 Modify: 2019-10-20 11:57:46.825999641 -0400 Change: 2019-10-26 11:27:03.852003060 -0400 -

Interview ** Inode - It is a table on the disk holding file information - Owners information of the file - Group information of the file - Type of the file - Permissions of the file - Date and time of the file modified

www.zmprotech.com 888-236-2620

- Date and time for the file accessed - Number of links - Size of the file - It has block information of the location of the file sitting on the disk - ‘ls -i cook’ to find out inode information of the file

VI Editor

10-27-2019 https://youtu.be/4_9OmmDEI0o

Line one – this is amazing Line two – this is awesome Line three – this is going great Line four – this is getting interesting Line five – this is super good Line six – this is Linux OS is free Line seven – this Linux has many distributions Line eight – Red Hat is most popular distribution Line nine – Oracle Linux is another distribution Line ten – IBM AIX requires hardware sold by IBM Line eleven – RHEL OEL Suse Debian AIX Ubuntu Andriod iOS Fedora Line twelve – HP IBM Supermicro ZT Hyve Dell EMC

- ‘vi file1’ – it creates the file if not already present - It enters into read only mode - Push ‘ i ’ to enter edit mode or insert mode - Once edit is complete push ‘esc’ to come back out of edit mode

- ‘shift’ + : to get into command mode - ‘:x’ to save and exit - ‘:q’ to quit read only mode

: This is ready for commands :x Save and exit :q Quit read only mode if you have not made any changes ‘dd’ Cuts the line where ever cursor is at ‘p’ Push p to paste

www.zmprotech.com 888-236-2620

‘u’ undo ‘l’ Moves cursor one character to left ‘h’ Moves cursor one character to right ‘j’ Moves cursor down one line ‘k’ Moves cursor one line up ‘o’ Open new line in insert mode below the cursor ‘yy’ Copies the single line where the cursor is at - 2yy or 3yy to copy the line - You go the idea? ‘:q!’ Quit without saving ‘:IBM’ Searches the pattern – cursor will jump to first instance

‘n’ to jump to result ‘:%s/IBM/APPLE’ Search and replace first instance of IBM with APPLE on each line

‘:%s/IBM/APPLE/g’ Replaces the occurrences globally in file ‘:w” Saves the file without quitting ‘:wq’ Saves the files and quit ‘:e file1’ Loads the specified file for editing - You can also specifi absolute and relative path

‘:r’ Load the file content of the file again :! Allows you to run shell commands from within vi example: !ls /etc i insert text and not replace it R over write existing text when new text added cw remove current word cursor is on and insert into insert mode to add text cc replace the entire of line of text l moves cursor one character to the right h moves cursor one character to the left j moves cursor down one line k moves cursor up one line Yank – Term used to copy text. Use YY to “yank” a line of text. yy will yank/copy entire line the cursor is currently on 2yy will copy the current line of text as well as the line underneath it (2lines) 3yy will copy three lines, 4yy 4 lines of text 5yy… p will paste the contents from yanked yy text, starting on the line after your cursor P uppercase P will paste the yanked line(s) starting on the line before the cursor 5G moves your cursor to line 5

www.zmprotech.com 888-236-2620

5gg moves your cursor to line 5 (note case sensitive) G Moves the cursor to the beginning of the last line in the file 1G Moves the cursor to the first line of the file L Also moves the cursor to the beginning of the last line on the terminal screen H Moves the cursor to the first line on the terminal screen o opens insert mode to insert text, creates a new line below your current cursor position u undo cc Removes the entire line and places you into insert mode / - search, /root will search the file for root you can navigate to the next occurrence using the n key ? is the same as / as it relates to searching

‘cut’ [root@zmpt01 ~]# cat xfile colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 colum1 colum2 colum3 - - Cut the fields or character in the document and present in output - Delimiter - ‘cut -d " " -f2 xfile’ - ‘cut -d "l" -f3 xfile’ - Character - ‘cut -c1,3 xfile’ - Field - ‘cut -f1,2 xfile’

‘awk’ - Works as cut ommand, but efficient - awk '{print $1, $3}' xfile - brings out the field1 and field 3

www.zmprotech.com 888-236-2620

‘-exec’ - this is execute command - works only with find command - ‘find / -name ifcfg-eth0 -exec cp {} . \;’

‘alias’ - You can create a short name for the command and make it a book mark - alias app='cat file1 | grep APPLE' - to unalias - unalias app

11-02-2019 https://youtu.be/tB5Eafpqvrk

‘ln’ - NOTE: A FILE OR DIRECTORY IS LINK TO ITSELF – DEFAULT 1 LINK - To check the iNode number for a file ls -i file1

File

Hard link

- link command - example - ‘ln file1 atlanta/alpharetta’ – create a file the specified location - This is example of hard link or duplicate - Any changes are updated to linked files - Inode number for the hard links are same - If hard link is deleted then then linked copy is still available and data will be preserved

Soft link - this is short cut to the file - also known as symbolic link or sym link - ‘ln -s file2 atlanta/alpharetta/’ - Inode for the original and symbolic file are different - If the soft linked file is deleted then it’s useless - cat: file2: Too many levels of symbolic links

Directory

www.zmprotech.com 888-236-2620

Soft link - soft link iNode for directories are different - you can only create softlink - example: ‘ln -s chicago /root/chicago’

Hard link - Hard link for the directories are not allowed

‘echo’ - Repeat what you have typed as output - You can redirect to the file - Usually used during scripting

/dev/null - This is considered a device - Its built in black hole - Used for filtering out the error messages - Nothing is save in here - Data cannot be recovered - Example: ‘find / -inum 668669 2> /dev/null’

Directory Structure

11-02-2019 https://youtu.be/tB5Eafpqvrk

www.zmprotech.com 888-236-2620

/ - This is root directory, it contains all the other system directories - This is a starting point -

/bin - It has all the binary user commands

/boot - It contains system bootable files ** /dev - It contains all the device information files ** /etc - It contains all the configuration files – aka – etsy

/home - This is home directory for regular users

/lib /lib64 - It contains system library files shared by applications

/lost+found

www.zmprotech.com 888-236-2620

- Unused

/media - Unused

/misc - Unused

/mnt - Usually empty, but use for mouning CD drives, Hard drives etc

/net - Unused

/opt - It contains third party software files – Oracle DB, Postgres, SAP etc.,

/proc - It contains active memory information (system processess)

/root - It is system ‘root; user home directory

/sbin - It contains root user commands

/selinux - It contains security policy related files

/srv - Used only as needed during system protocol use – ftp, httpd, sftp etc.,

/sys -

/tmp - Temp foleder is keep temporary files - It can be accessed by any user and write in it

/usr - It contains back of some of the systemfiles and folders containing optional commands

/var - Its contains system logs and logs generated by installed software

www.zmprotech.com 888-236-2620

Network Interface Card – Configuration

11-03-2019 https://youtu.be/cZJatLhWd74

Directory: - /etc/sysconfig/network-scripts – RHEL 6 - /etc/sysconfig/ network-scripts - RHEL 7

Config file: - Ifcfg-eth0 – RHEL 6 - Ifcfg-enp0s1 – RHEL 7

Port #: 22 Package: Services: NETWORK Protocol: - DHCP – Dynamic Host Control Protocol - STATIC – ip address will not change Command: - Ifconfig – RHEL 6 - ip addr – RHEL 7 - ‘service network restart’ – RHEL 6 - ‘systemctl restart network’ – RHEL 7

URL:

- Ifconfig to check the NIC being used - Based on that info cd to /etc/sysconfig/network-scripts - ‘ls’ - Copy as need using cp command - Example: ‘cp ifcfg-eth0 ifcfg-eth2’ - ‘vi ifcfg-eth2’ - essential lines needed for basic functionality - DHCP

DEVICE=eth2

www.zmprotech.com 888-236-2620

TYPE=Ethernet ONBOOT=yes BOOTPROTO=dhcp

Essential line needed for basic functionality - STATIC

- ‘vi ifcfg-eth2’ DEVICE=eth2 TYPE=Ethernet ONBOOT=yes BOOTPROTO=static IPADDR=192.168.94.9 HWADDR=08:00:27:1D:CA:CE NETMASK=255.255.255.0 - - ‘service network restart’ – RHEL 6 - - RHEL – 7 - vi /etc/sysconfig/network-scripts/ifcfg-enp0s3 TYPE=Ethernet BOOTPROTO=static DEVICE=enp0s3 ONBOOT=yes HWADDR:08:00:27:eb:d6:35 NETMASK:255.255.255.0 IPADDR: 192.168.94.10 - - ‘systemctl restart network’ – RHEL 7

Explanation of config information

DEVICE=eth2 Device Name HWADDR=08:00:27:86:9E:FF MAC Address TYPE=Ethernet Ethernet

ONBOOT=no Yes or no - This will enable nic on system boot BOOTPROTO=dhcp dhcp or static IPADDR=192.168.56.104 ADD THIS LINE - If you are assigning static IP address NETMASK=255.255.255.0 ADD THIS LINE If you are assigning static IP address

www.zmprotech.com 888-236-2620

11-09-2019 https://youtu.be/_6uW7G72idY

NIC – Bonding

Directory: /etc/sysconfig/network-scripts

Config files: - RHEL 6 - ifcfg-eth0, ifcfg-eth1, ifcfg-eth2 etc.

- RHEL 7 – ifcfg-enp0s1

Directory: /etc/modprobe.d

Config file: bonding.conf

Port #: 22

Package: bonding

Services: network

Protocol: DHCP, Static

Command: ifconfig, ip addr

www.zmprotech.com 888-236-2620

- If the network connection goes down, then it’s a big problem especially for DB host - To keep the link up NIC bonding is necessary - eth2 – Active, Active and eth3 – Active, Passive

- enable two adapters for virtual box while host is shutdown mode -

- - /etc/sysconfig/network-scripts - - ‘vi ifcfg-eth3’ – create this if not present DEVICE=eth3 ONBOOT=yes BOOTPROTO=none SLAVE=yes MASTER=bond0 - - vi ifcfg-eth2 DEVICE=eth2 OlsmodNBOOT=yes BOOTPROTO=none SLAVE=yes MASTER=bond0 - - ‘cd /etc/modprobe.d’ - look for file name ‘bonding.conf’, create one if its not there - alias bond0 bonding

- - Create this file in ‘/etc/sysconfig/network-scripts’ - - ‘vi ifcfg-bond0’ DEVICE=bond0 TYPE=Bond ONBOOT=yes

www.zmprotech.com 888-236-2620

BOOTPROTO=static IPADDR=192.168.94.20 NETMASK=255.255.255.0 - - - Activate the bonding - ‘modprobe bonding’ - - To check bonding is enabled in memory - ‘lsmod | grep bonding’ - - Now restart network services - ‘service network restart’

RHEL 7

- Follow all the step as above - NOTE: example: ifcfg-enp0s1 for NIC - Command to restart the network service - ‘systemctl restart network’ - Or - Reboot the host

11-10-2019 https://youtu.be/WzogrxCabRQ

Brief History of Linux

UNIX OS - Dec 31,1969 Bell Labs – AT&T

1987 – Source code was made public as OpenSourceOS

IBM, HP, SunMicro – Took the code made their OS

IBM – AIX – works only on IBM hardware HP – HPUX – works only on HP hardware Sun – Solaris – work on Sun Platform

www.zmprotech.com 888-236-2620

1991 – Linus Trivold – took code and release OS Linux

- Hardware independent - Free, support is not free - Developed by Companies or Individual - Secure - New tools are added in new releases - New releases is called distribution

Linux based Distributions

- RedHat – RHEL, CentOS, Fedora - Oracle – OEL - Suse – SuSe Linux – SAP - Debian - Ubuntu – South African - iOS – Apples - Andriod – Google

RPM – Redhat Package Manager

- Redhat - Orcale - SuSe - Debian

11-10-2019 https://youtu.be/WzogrxCabRQ

Network

A network is a collection of computers, servers, mainframes, network devices, peripherals, or other devices connected to one another to allow the sharing of data. An excellent example of a network is the Internet, which connects millions of people all over the world

Basic requirements - NIC, Media, Topology, Protocol, IP Address

NIC – Network Interface Card

www.zmprotech.com 888-236-2620

- Hardware Address : 08:00:27:CE:F3:60 - IP Address: 192.168.94.20 – IPv4 - IP Address: fe80::a00:27ff:fece:f360 – IPv6

Media - Cables, - RJ45 - CAT5 and CAT6 - WiFi

Topology

Ring

BUS

Star

www.zmprotech.com 888-236-2620

Mesh

Tree

Subnet - Small network with in the larger network - Max device 255 + router = 256 - 2^8 = 2 to the power of 8

Protocol Protocol, in computer science, a set of rules or procedures for transmitting data between electronic devices, such as computers. OSI – Open Standard Interconnection – 7-layer Model

- Physical Layer – Hardware - Data Layer – Data being generated - Network Layer – Working network – switches, router - Transport Layer – Communication is being done using several methods - Session Layer – Session is established between two hosts

www.zmprotech.com 888-236-2620

- Presentation Layer – Data is presented to application - Application – example MS Office

TCP: Transport Control Protocol - Connection Protocol - DATA, Network, Transport, Application – DNTA - Connection oriented protocol

TCP makes a 3way Handshake Connection

Establishing Connection - A to B – Syncronization signal is sent - B to A – Syncronization and Acknowledgement Signal - A to B – Acknowledgement - Then the DATA is transferred - Sync – Sync Ack – Ack

www.zmprotech.com 888-236-2620

Closing the connection - A to B – Finish – complete signal - B to A – I Acknowledge to Finish signal - A to B – I Acknowledge the reciept of Finish signal - FIN – FIN ACK – ACK

OS has 65,536 ports = 2^16 netstat -anp| grep -w 22 netstat -anp| grep LISTEN

UDP- User Datagram Protocol

- Connection less protocol - Just send the Data to the host without confirmation - Connection is faster - Two types of UDP - Broadcast Multicast Signal is sent to host on network Signal is sent only the host which is part without confirmation of the group, without confirmation

www.zmprotech.com 888-236-2620

TCP UDP Connection Oriented Connection less Reliable Unreliable Slow Fast Example: DNS, DHCP, Broadcast HTTP, FTP, SMTP and TCP

11-16-2019 https://youtu.be/PnlC7icKCPw

IP Address An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: host or network interface identification and location addressing.

192.168.94.30

Computer works on Binary System – its has only two number – Base 2 system – 16 bit – 8 octet

0 = off 1 = on

Computers write information in Zeros and One’s

8 7 6 5 4 3 2 1 2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0 128 64 32 16 8 4 2 1

www.zmprotech.com 888-236-2620

192.168.94.30

192 = 11000000

2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0 128 64 32 16 8 4 2 1 192-128 64-64 0 0 0 0 0 0 1 1 0 0 0 0 0 0

168 = 10101000

2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0 128 64 32 16 8 4 2 1 168-128 40-64 40-32 8-16 8-8 0 0 0 1 0 1 0 1 0 0 0

94 = 01010100

2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0 128 64 32 16 8 4 2 1 0 94-64 0 20-16 0 4-4 0 0 0 1 0 1 0 1 0 0

30 = 00011110

2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0 128 64 32 16 8 4 2 1 0 0 0 30-16 14-8 6-4 2-2 0 0 0 0 1 1 1 1 0

Arabic Numbers

0-9

www.zmprotech.com 888-236-2620

IPv 4 – 2^32 = 4,294,967,296

IPV 6 – 2^128 =

www.zmprotech.com 888-236-2620

11-16-2019 https://youtu.be/PnlC7icKCPw

11-17-2019 https://youtu.be/GOK20iYMlxI

Default Gateway

Router Switch

- Router gives out the IP Address to another device - 1 IP address is reserved for router itself – Default Gateway - Default Gateway is entry point of the network to communicate with other networks - Once you have more than one router in environment each becomes a subnet - Internal network is called Subnet - 256 - 2^8 - How do you check the Default Gateway? - ‘netstat -rn’ - Or - ‘route -n’ - ‘ping’ google.com - Ping uses a protocol called ICMP – Internet Communication Messaging Protocol - ‘nc -v 192.168.94.30 22’ to the server port is LISTNING or not | nc – net cat - ‘netstat -i’ - Router some times uses the ip address of the host and assign to another host, if the original host is not on the network for a while - Host tries to use the same ip address it has been assigned - To resolve this issue run this command - ‘dhclient -v -r’ - releasing the ip address - ‘dhclient -v’ – renewing ip address

www.zmprotech.com 888-236-2620

Port Number Description 1 TCP Port Service Multiplexer (TCPMUX) 5 Remote Job Entry (RJE) 7 ECHO 18 Message Send Protocol (MSP) 20 FTP -- Data 21 FTP -- Control 22 SSH Remote Login Protocol

23 Telnet 25 Simple Mail Transfer Protocol (SMTP) 29 MSG ICP 37 Time 42 Host Name Server (Nameserv) 43 WhoIs 49 Login Host Protocol (Login) 53 Domain Name System (DNS) 69 Trivial File Transfer Protocol (TFTP) 70 Gopher Services

79 Finger

80 HTTP 103 X.400 Standard 108 SNA Gateway Access Server 109 POP2

110 POP3 115 Simple File Transfer Protocol (SFTP) 118 SQL Services 119 Newsgroup (NNTP) 137 NetBIOS Name Service 139 NetBIOS Datagram Service 143 Interim Mail Access Protocol (IMAP) 150 NetBIOS Session Service

156 SQL Server

161 SNMP 179 Border Gateway Protocol (BGP) 190 Gateway Access Control Protocol (GACP) 194 Internet Relay Chat (IRC) 197 Directory Location Service (DLS) 389 Lightweight Directory Access Protocol (LDAP) 396 Novell Netware over IP

443 HTTPS 444 Simple Network Paging Protocol (SNPP) 445 Microsoft-DS

www.zmprotech.com 888-236-2620

458 Apple QuickTime 546 DHCP Client 547 DHCP Server 563 SNEWS 569 MSN 1080 Socks

11-17-2019 https://youtu.be/GOK20iYMlxI

11-23-2019 https://youtu.be/DkciPf-ovKQ

System Initialization – Boot Process

1. BIOS – Basic Input Output System - Moment power turned on, BIOS is activated - It is sitting on a chip on the System Board - Performs the hardware initialization (check) - You can change BIOS settings here - BIOS passes control to bootloader

www.zmprotech.com 888-236-2620

2. Bootloader GRUB is loaded – Grand Unified Boot Loader

- Bootloader has two stages - Stage One – MBR – Master Boot Record - This initializes the Operating System - Passes the control to second stage - Stage Two – Boot Record - /boot - has important files in it - Now stage two is in control

3. System -V Process – RHEL 6

- 1. Initializes the Kernel (2.6.32-696.el6.x86_64) - Kernel file will do the following - A. Detect all the Hardware, for disk drives (detects file system) - B. it will initialize (turn on) the Software (drivers) for hardware - C. Mounts (loading) /root file system into read only mode - D. kick starts the init process (/sbin/init) written in Binary Language - In other words OS Initialization starts

OS Initialization - /sbin/init

- Read the file /etc/inittab file for default run level - Then it reads /etc/rc.d/rc.sysinit script is executed

www.zmprotech.com 888-236-2620

- A. Configures the Hostname - B. Configures the IP Address - C. SELinux – Security Enhance Linux - D. Remount the / in read write mode - E. Starts the System V for RHEL 6 services starts based on run-levelel] 3 System D - Process – RHEL 7 - Kernel: Linux 3.10.0-957.el7.x86_64

- 1. Initializes the Kernel (vmlinuz-3.10.0-957.el7.x86_64) - Kernel file will do the following - A. Detect all the Hardware, for disk drives (detects file system) - B. it will initialize (turn on) the Software (drivers) for hardware - C. Mounts (loading) /root file system into read only mode - D. kick starts the configuration from directory (/etc/systemd) - ‘/etc/systemd’ is linked to /etc/systemd/system/default.target (run-level)

- A. Configures the Hostname - B. Configures the IP Address - C. SELinux – Security Enhance Linux – most of the time this disabled - D. Remount the / in read write mode E. Starts the System V for RHEL 6 services starts based on run-levelel]

11-23-2019

www.zmprotech.com 888-236-2620 https://youtu.be/DkciPf-ovKQ

Disk Management

IDE – Linux will handle these kind of devices /dev/hda

SCSI – Linux will handle these kind of devices /dev/sda

Virtual Drive – Linux will handle these kind of devices /dev/vda

SCSI Drives

- /dev/sda – first primary disk – boot drive or OS drive – this will be reserved - /dev/sdb – second drive - /dev/sdc – third drive - /dev/sdd – fourth dirve - /dev/sdz – 26th drive - /dev/sdaa – 27th - /dev/sdaa – 28th - /dev/sdab – 29th

Add New Disk in Virtual Box

www.zmprotech.com 888-236-2620

- Add new hard drive - But it is not ready for use yet - To see the hard drive which added - ‘lsblk’ [root@zmpt01 ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sr0 11:0 1 1024M 0 rom sda 8:0 0 16G 0 disk ├─sda1 8:1 0 500M 0 part /boot └─sda2 8:2 0 15.5G 0 part ├─vg_zmpt01-lv_root (dm-0) 253:0 0 13.9G 0 lvm / └─vg_zmpt01-lv_swap (dm-1) 253:1 0 1.6G 0 lvm [SWAP] sdb 8:16 0 8G 0 disk - - /dev/sdb – 8 GB

11-23-2019 https://youtu.be/DkciPf-ovKQ

11-24-2019 https://youtu.be/6rLfoPdBBCM

www.zmprotech.com 888-236-2620

Fdisk

Directory: /dev Config files: Port #: Package: Services: Protocol: Command: lsblk, blkid, fdisk

- Use the command - ‘lsblk’ - ‘cd /dev’ - ‘ls -l sd*’ - ‘fdisk /dev/sdb’ - ‘m’ – to view menu - ‘n’ – to create new partition - ‘p’ – for primary - ‘1’ – first primary partition - ‘enter’ – to use default cylinders - ‘in this case it will use entire disk’ - ‘w’ to save and exit - ‘partprobe -s’ - ‘partx -v -a /dev/sdb’ - Now we have to make file system - ‘mkfs.ext4 /dev/sdb1’

8 GB Hard Disk /dev/sdb

8 GB Single partition /dev/sdb1

- disk space used by the file

Block size=4096 bytes (4k)

4k 1k – entire 4k will be used

www.zmprotech.com 888-236-2620

4k – entire 4k will be used 6k – entire 8k will be used

File System RHEL 6 Single file RHEL 7 Single File Max Size of file system EXT 3 2 TB 2 TB 32 TB EXT 2 2 TB 2 TB 32 TB EXT 4 16 TB 16 TB 1 EiB XFS 100 TB 500 TB 16 EiB

11-24-2019 https://youtu.be/6rLfoPdBBCM

Mounting the Disk

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘mount’ ‘umount’ URL:

- mkdir /saeed - touch f1 f2 f3 f4 f5 - - mount /dev/sdb1 /saeed/ - Command Mount Mount point Mount /dev/sdb1 /saeed - - touch f{1..1000} - these files are sitting on /dev/sdb1 - unmount - umount /dev/sdb1 - mkdir /shakil

www.zmprotech.com 888-236-2620

- mount /dev/sdb1 /shakil - now the file system is mounted to /shakil -

11-24-2019 https://youtu.be/6rLfoPdBBCM

FSTAB

Directory: ‘etc’ Config file: ‘fstab’ Port #: Package: Services: Protocol: Command: ‘vi’ URL: To make the mounting persistent with reboot

- vi /etc/fstab - copy the existing line into new line - edit as needed - /dev/sdb1 /root defaults 1 1 - /dev/mapper/vg_zmpt01-lv_root / ext4 defaults 1 1 UUID=01bc838c-e6c7-4872-a828-154094c29076 /boot ext4 defaults 1 2 /dev/mapper/vg_zmpt01-lv_swap swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0

/dev/sdb1 /shakil ext4 defaults 1 1 -

11-24-2019 https://youtu.be/6rLfoPdBBCM

www.zmprotech.com 888-236-2620

Mount using UUID

A universally unique identifier (UUID) is a 128-bit number used to identify information in computer systems

Directory: ‘etc’ Config file: ‘fstab’ Port #: Package: Services: Protocol: Command: ‘blkid’ URL:

- ‘blkid’ - mount UUID="b5d7ad36-5b49-421e-bebc-e9d374195341" /shakil - make entry into fstab file - UUID="b5d7ad36-5b49-421e-bebc-e9d374195341" /shakil ext4 defaults 1 1 - Once the system reboot it will mount the drive as entered in fstab

11-24-2019 https://youtu.be/6rLfoPdBBCM

Mount using Label

Directory: ‘etc’ Config file: ‘fstab’ Port #: Package: Services: Protocol: Command: ‘e2lable’ ‘mount’ URL:

- e2label /dev/sdb1 zmpt_data - unmount if its already mounted - mount it using the name - mount -L zmpt_data /saeed

www.zmprotech.com 888-236-2620

- make entry in fstab - - LABEL=”zmpt_data” /shakil ext4 defaults 1 1 -

11-30-2019 https://youtu.be/DRmuoBn0KM4

Extending iNodes

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘df -h’ ‘mkfs.ext4’ URL: - To check the size of the disk and free space - ‘df -h’ - [root@localhost shakil]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 14G 1008M 13G 8% / devtmpfs 484M 0 484M 0% /dev tmpfs 496M 0 496M 0% /dev/shm tmpfs 496M 6.8M 489M 2% /run tmpfs 496M 0 496M 0% /sys/fs/cgroup /dev/sda1 1014M 133M 882M 14% /boot tmpfs 100M 0 100M 0% /run/user/0 /dev/sdb1 7.8G 36M 7.3G 1% /shakil - To find out inodes - ‘df -I’ [root@localhost shakil]# df -i Filesystem Inodes IUsed IFree IUse% Mounted on /dev/mapper/centos-root 7022592 26766 6995826 1% / devtmpfs 123850 364 123486 1% /dev tmpfs 126871 1 126870 1% /dev/shm tmpfs 126871 473 126398 1% /run tmpfs 126871 16 126855 1% /sys/fs/cgroup

www.zmprotech.com 888-236-2620

/dev/sda1 524288 326 523962 1% /boot tmpfs 126871 1 126870 1% /run/user/0/dev/sdb1 524288 11 524277 1% /shakil - - We gonna use up all the iNodes for this demo - Use this command to accomplish this - ‘touch f{1..52400}’ [root@localhost shakil]# touch xfile touch: cannot touch ‘xfile’: No space left on device - - mkfs.ext4 -N 1000000 /dev/sdb1 – ALL DATA WILL BE LOST - /dev/sdb1 1000448 11 1000437 1% /shakil - A new UUID will be generated once you have created new filesystem

11-30-2019 https://youtu.be/DRmuoBn0KM4

Multiple File systems

Directory: ‘dev’ Config file: Port #: Package: Services: Protocol: Command: ‘lsblk’ ‘fdisk’ ‘partprobe -s’ ‘mkfs.xfs’ ‘mount’ ‘ URL:

16 GB /dev/sdc

Partition 1 Partition 2 Partition 2 Paritition 3 Paritition 4 4GB 6GB 2 GB 2 GB 2 GB /dev/sdc1 /dev/sdc2 /dev/sdc2 /dev/sdc3 /dev/sdc4 Ext4 xfs xfs swap swap

www.zmprotech.com 888-236-2620

/dev/sdc1 Ext4 filesystem Default for RHEL 6

- ‘lsblk’ - sdc 8:32 0 16G 0 disk - - ‘fdisk /dev/sdc’ - ‘m’ – to view menu - ‘n’ – to create new partition - ‘p’ – for primary - ‘1’ – first primary partition - ‘enter’ – to use default cylinders - Last sector, +sectors or +size{K,M,G} (2048-33554431, default 33554431): +4G - ‘w’ to save and exit - ‘partprobe -s’ - ‘partx -v -a /dev/sdc’ - Now we have to make file system - ‘lsblk’ - └─sdc1 8:33 0 4G 0 part - ‘mkfs.ext4 /dev/sdc1’ - ‘mkdir /saeed’ - Make entry into ‘/etc/fstab’ – copy the existing line and make necessary changes - /dev/sdc1 /saeed ext4 defaults 0 0 - ‘mount -a’ – this command reads through the fstab and mounts the unmounted filesystem. -

/dev/sdc2 Xfs filesystem Default for RHEL 7 - ‘lsblk’ - sdc 8:32 0 16G 0 disk - - ‘fdisk /dev/sdc’ - ‘m’ – to view menu - ‘n’ – to create new partition - ‘p’ – for primary - ‘2’ – second primary partition - ‘enter’ – to use default cylinders - Last sector, +sectors or +size{K,M,G} (2048-33554431, default 33554431): +6G - ‘w’ to save and exit - ‘partprobe -s’

www.zmprotech.com 888-236-2620

- ‘partx -v -a /dev/sdc2’ - Now we have to make file system - ‘lsblk’ - └─sdc2 8:34 0 6G 0 part - ‘mkfs.xfs /dev/sdc2’ - ‘mkdir /mobeen’ - Make entry into ‘/etc/fstab’ – copy the existing line and make necessary changes - /dev/sdc2 /mobeen xfs defaults 0 0 - ‘mount -a’ – this command reads through the fstab and mounts the unmounted filesystem.

NOTE: To enable xfs on RHEL 6, install xfs filesystem package - ‘yum install xfsprogs xfsdump’ - The commands will be same for RHEL 6 for xfs filesystem - - To check the mounted filesystem - ‘df -hT’ [root@localhost ~]# df -hT Filesystem Type Size Used Avail Use% Mounted on /dev/mapper/centos-root xfs 14G 1008M 13G 8% / devtmpfs devtmpfs 484M 0 484M 0% /dev tmpfs tmpfs 496M 0 496M 0% /dev/shm tmpfs tmpfs 496M 6.8M 489M 2% /run tmpfs tmpfs 496M 0 496M 0% /sys/fs/cgroup /dev/sda1 xfs 1014M 133M 882M 14% /boot tmpfs tmpfs 100M 0 100M 0% /run/user/0 /dev/sdc1 ext4 3.9G 16M 3.6G 1% /saeed /dev/sdc2 xfs 6.0G 33M 6.0G 1% /mobeen

12-01-2019 https://youtu.be/yYCfaI-uoEE

Extending the partition

Directory: ‘/dev’

www.zmprotech.com 888-236-2620

Config file: Port #: Package: Services: Protocol: Command: ‘umount’ ‘fdisk’ ‘resize2fs’ ‘xfs_grows’ ‘mount’ URL: Extending ext4 filesystem Note: this work for the end partition

- Umount the /dev/sdc1 - Delete partition /dev/sdc2 using fdisk - Write and exit fdisk - Create a same partition ‘deve/sdc1’ using fdisk - Set to 6G - Last sector, +sectors or +size{K,M,G} (2048-33554431, default 33554431): +6G - Write and exit fdisk - Partprobe -s - ‘mount -a’ - ‘resize2fs /dev/sdc1’ - The data should still be there - Extending xfs filesystem Note: this work for the end partition

- Umount the /dev/sdc2 - Delete partition ‘/dev/sdc2’ suing fdisk - Write and exit fdisk - Create a same partition’/dev/sdc2’ using fdisk - Set to 8 GB - Last sector, +sectors or +size{K,M,G} (2048-33554431, default 33554431): +8G - Write and exit fdisk - ’partprobe -s’ - Mount the filesystem - ‘mount -a’ - ‘xfs_growfs /dev/sdc2’ -

12-08-2019 https://youtu.be/dBqZirCDLXc

www.zmprotech.com 888-236-2620

SWAP

Virtual memory is a memory management capability of an operating system (OS) that uses hardware and software to allow a computer to compensate for physical memory shortages by temporarily transferring data from random access memory (RAM) to disk storage.

- What is swap? – swap is stand by memory - It’s a virtual memory used from hard disk - Real memory is 1 GB - Swap Memory is 1.6 GB - Total memory available is 2.6 GB - System uses the swap memory when the Physical memory is full - OS moves the processes which are not active to swap memory - Swap memory is safety net for Physical Memory. -

- Directory: ‘/dev’ Config file: ‘fstab’ Port #: Package: Services: Protocol: Command: ‘fdisk’ ‘mkswap’ ‘lsblk’ ‘blkid’ ‘swapon’ ‘swapoff’ URL:

Mem: 991M 116M 736M 6.8M Swap: 1.6G 0B 1.6G - - Use the fisk commands - ‘fdisk /dev/sdc’ - ‘m’ – to view menu - ‘n’ – to create new partition - ‘p’ – for primary - ‘3’ – second primary partition - ‘enter’ – to use default cylinders - Last sector, +sectors or +size{K,M,G} (2048-33554431, default 33554431): +2G

www.zmprotech.com 888-236-2620

- ‘t’ – change a partition's system id - Use hexcode: 82 (Linux swap) - ‘p’ – make sure id has been changed - ‘w’ to save and exit - ‘partprobe -s’ – updates the system - ‘mkswap /dev/sdc3’ - ‘lsblk’ - ‘blkid’ - ‘swapon /dev/sdc3’ - Make it permanent in ‘fstab’ – - You can use UUId – Label – mount point [swap] -

/dev/sdc3 swap swap defaults 0 0

Mem: 991M 116M 736M 6.8M Swap: 5.6G 0B 5.6G

- - You can turn off the swap - ‘swapoff /dev/sdc3’ - - To mount swap from the fstab entry - ‘swapon -a’ - - You can create another partition and follow above instructions - Mount and make fstab entry as normal.

11-08-2019 https://youtu.be/dBqZirCDLXc

LVM – LOGICAL VOLUME MANAGER

LVM stands for Logical [Imaginary] Volume Management. It is a system of managing logical volumes, or filesystems, that is much more advanced and flexible than the traditional method of partitioning a disk into one or more segments and formatting that partition with a filesystem.

- You can group/combine multiple physical hard drives as single drive/ disk

www.zmprotech.com 888-236-2620

- You can add/ remove physical disk as needed - You can create multiple partitions as needed -

Directory: ‘/dev/sd*’ Config file: ‘fstab’ Port #: Package: Services: Protocol: Command: ‘pvcreate’ ‘vgcreate’ ‘lvcreate’ ‘pvs’ ‘lvs’ ‘vgs’ ‘lvdisplay’ ‘pvdisplay’ ‘vgdisplay’ ‘mkfs’ ‘lsblk’ ‘blkid’ ‘mount’ URL:

Physical Physical Physical 16 GB 8 GB 24 GB /dev/sdd /dev/sde /dev/sdf

Volume Group – zmpt1 Total - 48 GB

Accounting HR Finance Recruiting 4GB 4GB 4GB 4GB Free Space 32GB

- ‘pvcreate’ – physical volume create - You are using this on raw disk - /dev/sdd, /dev/sde, /dev/sdf - ‘pvcreate /dev/sdd /dev/sde /dev/sdf’ - Command - Physical volume create Disk Disk disk ‘pvcreate’ /dev/sdd /dev/sde /dev/sdf - ‘pvs’ – this will display the physical disk which are part of ‘Logical disk’ - [root@localhost ~]# pvcreate /dev/sdd /dev/sde /dev/sdf Physical volume "/dev/sdd" successfully created. Physical volume "/dev/sde" successfully created. Physical volume "/dev/sdf" successfully created. - ‘pvdisplay’ – displayed

12-14-2019 https://youtu.be/K461dVXwbw4

www.zmprotech.com 888-236-2620

[root@localhost ~]# pvdisplay --- Physical volume --- PV Name /dev/sda2 VG Name centos PV Size <15.00 GiB / not usable 3.00 MiB Allocatable yes (but full) PE Size 4.00 MiB Total PE 3839 Free PE 0 Allocated PE 3839 PV UUID R3AEZj-HqiK-ScmG-U3tl-ts70-a98f-dxgvO1

--- Physical volume --- PV Name /dev/sdd VG Name zmpt1 PV Size 16.00 GiB / not usable 4.00 MiB Allocatable yes PE Size 4.00 MiB Total PE 4095 Free PE 4095 Allocated PE 0 PV UUID 8QDf7z-JWyb-52la-eR27-L8EG-qQ1M-bSDpUP

--- Physical volume --- PV Name /dev/sde VG Name zmpt1 PV Size 8.00 GiB / not usable 4.00 MiB Allocatable yes PE Size 4.00 MiB Total PE 2047 Free PE 2047 Allocated PE 0 PV UUID PTeOJo-dfMv-gugz-OgYu-pQrC-5FCD-mscpGY

--- Physical volume --- PV Name /dev/sdf VG Name zmpt1 PV Size 24.00 GiB / not usable 4.00 MiB Allocatable yes PE Size 4.00 MiB Total PE 6143 Free PE 6143 Allocated PE 0 PV UUID kIyZkn-KLl0-XHgK-Lmtg-pPLC-B4XB-h1QrA7 - - - ‘vgcreate zmpt1 /dev/sdd /dev/sde /dev/sdf’ - Command – Volume Group Group Physical disk Physical disk Physical disk Create name vgcreate zmpt1 /dev/sdd /dev/sde /dev/sdf - - ‘vgs’ – shorter information about volume group -

www.zmprotech.com 888-236-2620

[root@localhost ~]# vgs VG #PV #LV #SN Attr VSize VFree centos 1 2 0 wz--n- <15.00g 0 zmpt1 3 0 0 wz--n- <47.99g <47.99g - - ‘vgdisplay’ – display the detail information the volume group - [root@localhost ~]# vgdisplay zmpt1 --- Volume group --- VG Name zmpt1 System ID Format lvm2 Metadata Areas 3 Metadata Sequence No 1 VG Access read/write VG Status resizable MAX LV 0 Cur LV 0 Open LV 0 Max PV 0 Cur PV 3 Act PV 3 VG Size <47.99 GiB PE Size 4.00 MiB Total PE 12285 Alloc PE / Size 0 / 0 Free PE / Size 12285 / <47.99 GiB VG UUID cA0CGf-QurY-krtR-SStF-obSe-O3RC-bDTbdw - - ‘lvcreate -n Accounting -L 4G zmpt1’ - Command New Logical volume name Logcial Size Volume Goup ‘lvcreate -n Accounting -L 4G zmpt1 - - ‘lvdisplay zmpt1’ – displays the logical volume of volume group [root@localhost ~]# lvdisplay zmpt1 --- Logical volume --- LV Path /dev/zmpt1/Accounting LV Name Accounting VG Name zmpt1 LV UUID dark2C-cEg4-bJ6e-8HZ3-yMOb-rIGV-iHCiKp LV Write Access read/write LV Creation host, time localhost.localdomain, 2019-12-14 11:55:29 -0500 LV Status available # open 0 LV Size 4.00 GiB Current LE 1024 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 8192 Block device 253:2 - - mkfs.xfs /dev/zmpt1/Accounting - lsblk

www.zmprotech.com 888-236-2620

- blkid - mkdir /accounting - lvdisplay zmpt1 - ‘mount /dev/zmpt1/Accounting /accounting/’ - Make it persistent by entry into ‘fstab’ -

- Create and mount rest of the LV - - [root@localhost ~]# mount /dev/zmpt1/Finance /finance/ - [root@localhost ~]# mount /dev/zmpt1/HR /hr - [root@localhost ~]# mount /dev/zmpt1/Recruiting /recruiting/

To simulate disk full

dd if=/dev/zero of=zafar bs=4096 count=+4G

Extend the logical Volume

Directory: ‘/dev’ Config file: Port #: Package: Services: Protocol: Command: ‘dd’ ‘vgs’ ‘vgdisplay’ ‘lvextend’ ‘xfs_grows’ ‘df -hT’ ‘resize2fs’ ‘lvreduce’ URL:

Physical Physical Physical 16 GB 8 GB 24 GB /dev/sdd /dev/sde /dev/sdf

Volume Group – zmpt1 Total - 48 GB

Accounting HR Finance Recruiting 4GB 4GB 4GB 4GB Free Space 22GB XFS EXT4 XFS EXT4 + +

www.zmprotech.com 888-236-2620

4GB 6GB = 8GB = 10GB

XFS File System

- Determine the free space left in the Volume group - ‘vgs’ - ‘vgdisplay zmpt1’ - lvextend -L +4G /dev/mapper/zmpt1-Accounting - ‘xfs_growfs /dev/mapper/zmpt1-Accounting’ - ‘df -hT’ - /dev/mapper/zmpt1-Accounting xfs 8.0G 4.0G 4.0G 50% /accounting -

12-15-2019 https://youtu.be/7wNOQ6V-SIo

EXT.4 File System

- Determine the free space left in the Volume group - ‘vgs’ - ‘vgdisplay zmpt1’ - ‘lvextend -L +4G /dev/mapper/zmpt1-HR’ - ‘resize2fs /dev/mapper/zmpt1-HR’ - ‘df -hT’ - /dev/mapper/zmpt1-HR ext4 9.8G 18M 9.3G 1% /hr -

- lvreduce -L -6G /dev/mapper/zmpt1-Finance - [root@localhost ~]# lvreduce -L -6G /dev/mapper/zmpt1-Finance WARNING: Reducing active logical volume to 4.00 GiB. THIS MAY DESTROY YOUR DATA (filesystem etc.) Do you really want to reduce zmpt1/Finance? [y/n]: y Size of logical volume zmpt1/Finance changed from 10.00 GiB (2560 extents) to 4.00 GiB (1024 extents). Logical volume zmpt1/Finance successfully resized.

www.zmprotech.com 888-236-2620

12-14-2019 https://youtu.be/K461dVXwbw4

SWAP using LVM

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘lvcreate’ ‘lvdisplay’ ‘ mkswap’ ‘ lsblk’ ‘blkid’ ‘free -h’ ‘swapon’ URL:

Physical Physical Physical 16 GB 8 GB 24 GB /dev/sdd /dev/sde /dev/sdf

Volume Group – zmpt1 Total - 48 GB

Accounting HR Finance Recruiting SWAP 4GB 4GB 4GB 4GB 4GB Free Space 18GB XFS EXT4 XFS EXT4 SWAP + + 4GB 6GB = 8GB = 10GB

- ‘lvcreate -n extswap -L 4G zmpt1 - Command New Logical volume name Logcial Size Volume Goup ‘lvcreate -n extSwap -L 4G zmpt1 - - ‘lvdisplay zmpt1’ - ‘mkswap /dev/zmpt1/extswap’ - ‘lsblk’ - ‘blkid’ - ‘free -h’ [root@localhost ~]# free -h

www.zmprotech.com 888-236-2620

total used free shared buff/cache available Mem: 991M 113M 68M 6.8M 809M 701M Swap: 3.6G 0B 3.6G - - swapon /dev/zmpt1/extswap - [root@localhost ~]# free -h total used free shared buff/cache available Mem: 991M 116M 64M 6.8M 809M 697M Swap: 7.6G 0B 7.6G -

12-15-2019 https://youtu.be/7wNOQ6V-SIo

Adding Physical Volume

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘lsblk’ ‘pvcreate’ ‘vgextend’ ‘vgdisplay’ URL:

Physical Physical Physical Physical 16 GB 8 GB 24 GB 16GB /dev/sdd /dev/sde /dev/sdf /dev/sdg

Volume Group – zmpt1 Total - 64 GB

Accounting HR Finance Recruiting SWAP 4GB 4GB 4GB 4GB 4GB Free Space 34GB XFS EXT4 XFS EXT4 SWAP + + 4GB 6GB

www.zmprotech.com 888-236-2620

= 8GB = 10GB

- - Add new hard drive – 16 GB - ‘lsblk’ after reboot - ‘pvcreate /dev/sdg’ - ‘vgextend zmpt1 /dev/sdg’ - ‘vgdisplay zmpt1’ - [root@localhost ~]# vgdisplay zmpt1 --- Volume group --- VG Name zmpt1 System ID Format lvm2 Metadata Areas 4 Metadata Sequence No 11 VG Access read/write VG Status resizable MAX LV 0 Cur LV 5 Open LV 5 Max PV 0 Cur PV 4 Act PV 4 VG Size 63.98 GiB PE Size 4.00 MiB Total PE 16380 Alloc PE / Size 7680 / 30.00 GiB Free PE / Size 8700 / 33.98 GiB VG UUID cA0CGf-QurY-krtR-SStF-obSe-O3RC-bDTbdw -

12-21-2019 https://youtu.be/_FlVtAZI7R4

Reduce physical Volume

www.zmprotech.com 888-236-2620

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘pvmove’ ‘ pvreduce’ URL:

REDUCE Physical Physical Physical Physical 16 GB 8 GB 24 GB 16GB /dev/sdd /dev/sde /dev/sdf /dev/sdg

Volume Group – zmpt1 Total - 64 GB

Accounting HR Finance Recruiting SWAP 4GB 4GB 4GB 4GB 4GB Free Space 34GB XFS EXT4 XFS EXT4 SWAP + + 4GB 6GB = 8GB = 10GB

- Now /dev/sde is faulty disk - ‘pvmove /dev/sde /dev/sdg’ - This moves the LVM structure, data and Block Information – replicating the data - Remove faulty disk - ‘vgreduce zmpt1 /dev/sde’

12-21-2019 https://youtu.be/_FlVtAZI7R4

Delete Volume Group – zmpt1

Directory: Config file: Port #: Package:

www.zmprotech.com 888-236-2620

Services: Protocol: Command: ‘swapoff -a’ ‘pvremove’ ‘vgremove’ URL: - - System is being Decommissioned - Turnoff swap if there is LVM using it - ‘swapoff -a’ - ‘pvremove /dev/sdd’ - ‘pvremove /dev/sde’ - ‘pvremove /dev/sdf’ - ‘pvremove /dev/sdg’ - ‘Labels on physical volume "/dev/sdg" successfully wiped’ - - ‘vgremove zmpt1 -y’ - volume group is destroyed now -

12-21-2019 https://youtu.be/_FlVtAZI7R4

LVM Cheat Sheet

www.zmprotech.com 888-236-2620

12-21-2019 https://youtu.be/_FlVtAZI7R4

www.zmprotech.com 888-236-2620

12-22-2019 https://youtu.be/0kHtnQqqr7g

FSCK – File System Check

Directory: ‘/’ Config file: ‘/etc/’fstab’ Port #: Package: Services: Protocol: Command: ‘mount’, ‘dd’ URL: - - The system performs the file system check reading through fstab - If it encounters problems then (OS initialization – stop at read only mode) - it boot single user mode - RHEL 6 - Or - Emergency mode – RHEL 7 - ‘mount -o remount, rw /’ - Edit fstab to comment out the affected filesystem - - #/dev/mapper/zmpt1-Accounting /accounting xfs defaults 0 0

Partition Mount File Default Dump file priority point System backup /dev/mapper/zmpt1- /accounting xfs defaults 1 0 Accounting - - - Corrupt the files system - dd if=/dev/zero of=/dev/sdc1 bs=1k count=1024 - reboot - the system will halt - remount into rw mode - ‘mount -o remount, rw /’ - Edit fstab to comment out the affected filesystem - Reboot - fsck /dev/sdc1 - this will fix the ext4 file system and restores the data. - -

www.zmprotech.com 888-236-2620

- Xfs file system error -

12-22-2019 https://youtu.be/0kHtnQqqr7g

DD – Disk Duplicate

Directory: Config file: Port #: Package: Services: Protocol: Command: ‘dd’ URL:

- Uses of DD command - - A. Duplicate/ Exact replica of the disk down meta data - dd if=/dev/sdc of=/dev/sdd - all the partitions also copy over - - - All the partitions are now replicated

sdc 8:32 0 16G 0 disk ├─sdc1 8:33 0 4G 0 part /saeed ├─sdc2 8:34 0 8G 0 part /mobeen ├─sdc3 8:35 0 2G 0 part [SWAP] └─sdc4 8:36 0 2G 0 part sdd 8:48 0 16G 0 disk ├─sdd1 8:49 0 4G 0 part ├─sdd2 8:50 0 8G 0 part ├─sdd3 8:51 0 2G 0 part └─sdd4 8:52 0 2G 0 part

- - B. Destroy data on the disk - dd if=/dev/zero of=/dev/sdc

www.zmprotech.com 888-236-2620

- or - dd if=/dev/random of=/dev/sdc - - - C. Create a Large blank file - dd if=/dev/zero of=zafar count=1 bs=500M

12-28-2019 https://youtu.be/zKq0rgrKO_4

SSH - Secure Shell

Directory: ‘.ssh’ Config file: Port #: Package: Services: Protocol: Command: ‘ssh’ ‘ssh-keygen’ URL:

- SSH is used to connect from linux host to another linux host - Similar to RDP – WINDOWS - This is a TCP – Transport control Protocol - Establishes on port 22

[root@localhost ~]# ssh 192.168.56.102 The authenticity of host '192.168.56.102 (192.168.56.102)' can't be established. ECDSA key fingerprint is SHA256:JhOcCRlpPSkgO1N3MWvT3IsPMalzIdZw8AV4LTywD30.

www.zmprotech.com 888-236-2620

ECDSA key fingerprint is MD5:1b:7e:7a:48:32:e3:f5:d1:d1:d2:03:c9:f6:b0:2f:81. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.56.102' (ECDSA) to the list of known hosts. [email protected]'s password: Last login: Sat Dec 28 12:43:42 2019 [root@localhost ~]#

1 – Client intitiates the connection by contacting server

[root@localhost ~]# ssh 192.168.56.102

2 – Sends the public to – asking for Authentication

The authenticity of host '192.168.56.102 (192.168.56.102)' can't be established. ECDSA key fingerprint is SHA256:JhOcCRlpPSkgO1N3MWvT3IsPMalzIdZw8AV4LTywD30. ECDSA key fingerprint is MD5:1b:7e:7a:48:32:e3:f5:d1:d1:d2:03:c9:f6:b0:2f:81.

3 - negotiate parameters and open source channel

Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.56.102' (ECDSA) to the list of known hosts.

4 – User login to server host operating system

[email protected]'s password:

12-28-2019 https://youtu.be/zKq0rgrKO_4

Bastion Host – Jump Box

www.zmprotech.com 888-236-2620

- At work you won’t be able to connect directly to the hosts - From your local computer you connect to bastion host – jump box - This is done for security reason and DNS resolution - ssh 192.168.56.102 – using ip address - Or - ssh zmpt01.dev.zmpt1.com – using hostname - You will be prompted to enter password

12-28-2019 https://youtu.be/zKq0rgrKO_4

SSH – Password-less

Directory: ‘.ssh’ Config file: ‘id_rsa’ ‘id_rsa.pub’ Port #: Package: Services: Protocol: Command: ‘ssh-keygen’ ‘scp’ URL:

www.zmprotech.com 888-236-2620

Source host: 192.168.56.101 - We need to generate SSH-Key - ssh-keygen - two ‘rsa’ files will be generated – private(id_rsa) and public(id_rsa.pub) - this is good only for one user - default location is /root/.ssh – this only good for root user - non root user /home/user/.ssh - now copy to remote host temp folder - scp id_rsa.pub 192.168.56.102:/tmp -

Destination host: 192.168.56.102 - cat /tmp/id_rsa.pub > /root/.ssh/authorized_keys - make sure the authorized_keys file is present -

- ssh 192.168.56.102 - Connection is now passwordless - - This is only one-way password-less - Repeat above process if you want to setup two-way ssh - This is only good for one user. You have repeat same process for each user

12-28-2019 https://youtu.be/zKq0rgrKO_4

SCP – Secure copy

Directory: Config file: Port #: 22 Package: Services: Protocol: ‘tcp’ Command: ‘scp’ ‘dd’ URL: - Use to copy files and folder over the hosts - dd if=/dev/zero of=zafar count=1 bs=25M - scp zafar1 192.168.56.102:/tmp - zafar1 100% 50MB 34.1MB/s 00:01

www.zmprotech.com 888-236-2620

- copies the single file - mkdir folder1 - cd folder1 - dd if=/dev/zero of=zafar2 count=1 bs=50M - scp -r folder1 192.168.56.102:/tmp - zafar2 100% 50MB 30.9MB/s 00:01

12-29-2019 https://youtu.be/WAGV9oAIh9c

SFTP – SSH File Transfer Protocol

Directory: Config file: Port #: 22 Package: openssh-server Services: Protocol: ‘tcp’ Command: ‘yum’ ‘useradd’ ‘passwd’ URL: STFP HOST: 192.168.56.101 - use case is for application teams to copy data back and forth. - Setup SFTP server - Enable NAT Network on virtual box – check to see Preferences>Network>NAT - yum install openssh-server – this should already be installed on RHEL 7 - systemctl status sshd.service - systemctl start sshd.service - add a regular user - useradd zafar - set password - passwd zafar - No SSH Service : 192.168.56.102 - Client

- User can connect via ssh to sftp host, without SSH service on their own host - sftp [email protected] [SFTP HOST] - connection is established [root@localhost ~]# sftp [email protected] [email protected]'s password: Connected to 192.168.56.101. - connecting user can restricted to certain folders

www.zmprotech.com 888-236-2620

- Will come back here after user administration

12-29-2019 https://youtu.be/WAGV9oAIh9c

VSFTP – Very Secure FTP

Directory: /etc/vsftpd/ Config file: ‘vsftpd.conf’ Port #: 21 Package: ‘’net-tools’ Services: ‘vsftpd.service’ ‘firewalld’ ‘ Protocol: ‘tcp’ Command: ‘yum’ ‘systemctl’ URL:

Use case: to transfer files between hosts usually large files

Upload log files to Vendor: HP, IBM, RedHat, Dell.

VSFTP HOST: 192.168.56.101 - user zafar - - Setup VSFTP server - yum install vsftpd -y - systemctl list-unit-files|grep vsftpd – check if the service is on - or - systemctl status vsftpd.service - systemctl enable vsftpd.service - systemctl start vsftpd.service - systemctl status vsftpd.service - - install netstat – RHEL 7 - yum install net-tools -y - - verify port is on - netstat -anp| grep -w 21 - - check for SELinux is on – Security Enhanced Linux – disabled [security is managed by Network team] -

www.zmprotech.com 888-236-2620

- getenforce - Enforcing – SELinux is on - setenforce 0 – this will disable SELinux - Permissive – disabled - - RHEL firewall needed to be disabled - systemctl status firewalld - systemctl stop firewalld - systemctl disable firewalld - systemctl status firewalld - systemctl list-unit-files|grep firewalld - vi /etc/vsftpd/vsftpd.conf - anonymous_enable=YES User name and password is not required local_enable=YES Local userid connecting from client write_enable=YES Transfer of files is allowed local_umask=022 Default dirmessage_enable=YES Default xferlog_enable=YES Default connect_from_port_20=YES Default xferlog_std_format=YES Default listen=YES Default listen_ipv6=YES Default pam_service_name=vsftpd Default userlist_enable=YES Default tcp_wrappers=YES Default -

01-05-2020 https://youtu.be/DicvvRDHEw0

ClIENT HOST: 192.168.56.102 - Install ftp - yum install ftp - connect ftp server - type this in windows explorer - ftp://192.168.56.101/ [root@localhost ~]# ftp 192.168.56.101 Connected to 192.168.56.101 (192.168.56.101). 220 (vsFTPd 3.0.2) Name (192.168.56.101:root): anonymous 331 Please specify the password.

www.zmprotech.com 888-236-2620

Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> - - Anonymous login successful - - Will come back here after user administration - - https://www.serv-u.com/features/file-transfer-protocol-server-windows/commands

www.zmprotech.com 888-236-2620

01-05-2020 https://youtu.be/DicvvRDHEw0

WINSCP

Directory: Config file: Port #: 22 Package: Services: Protocol: tcp Command: URL:

www.zmprotech.com 888-236-2620

- Launch WinScp - Connect using root - Browse to the location of iso file - Drag and drop to desired location - Example : copy iso image - C:\Users\Newname01\Downloads -to - /root - Run the command from /root - mount -o loop CentOS-7-x86_64-DVD-1908.iso /mnt - df -h - cd /mnt/Packages - ls - you can see all the rpm packages

www.zmprotech.com 888-236-2620

01-11-2020 https://youtu.be/3_MkRwmuB4E

YUM

Directory: /etc/yum.repos.d Config file: CentOS-Base.repo Port #: Package: Services: Protocol: Command: URL: YUM Repositories are warehouses of Linux software (RPM package files). RPM package file is a Red Hat Package Manager file and enables quick and easy software installation on Red Hat/CentOS Linux. YUM Repositories hold a number of RPM package files and enable download and installation of new software on our VPS

- YUM is the preferred way to install a package or software - It resolves any dependencies a package might have - Yum packages are verified and tested by open-source community - The Yum repository directory connects to the trusted third party - Example: A Corporation, University or non-profit organization - Repo – short for repository [bank for rpm packages] - To check where the YUM is connecting to the download the packages - Example - cat /etc/yum.repos.d/CentOS-Base.repo [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&rep o=os&infra=$infra #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 - installation examples - yum provides firefox – to check the availability of package - yum install firefox – to install package - yum remove firefox – to remove package - Extras - Download rpm suing yum plugin - Yum install yum-plugin-downloadonly

www.zmprotech.com 888-236-2620

- yum install yum-utils

01-11-2020 https://youtu.be/3_MkRwmuB4E

YUM – Local Repo

Directory: /etc/yum.repos.d ‘/var/www/html/rhel7’ Config file: Port #: 80 Package: Services: ‘httpd’ ‘firewalld’ Protocol: tcp Command: URL: - copy iso image using winscp - mount to /mnt - mount -o loop CentOS-7-x86_64-DVD-1908.iso /mnt - - now install the httpd package from internet [enable NAT Network for Virtual Box] - HTTP daemon - yum install httpd -y - start the service - systemctl start httpd - - stop and disable firewall - systemctl stop firewalld - systemctl disable firewalld - - cd /etc/yum.repos.d/ - remove all the existing files - rm -rf * - create file name yum.repo - vi yum.repo [repo] baseurl=http://192.168.56.106/rhel7 gpgcheck=0 - mount -o loop CentOS-7-x86_64-DVD-1908.iso /mnt - cp -r /mnt/* /var/www/html/rhel7/ -

- In the web borwser

www.zmprotech.com 888-236-2620

- 192.168.56.106/rhel7 - On the client host - Make sure no internet is on - cd /etc/yum.repos.d/ - vi yum.repo [repo] baseurl=http://192.168.56.106/rhel7 gpgcheck=0 - yum list all - which nc - which firefox - yum provides nc - yum install nc - yum install firefox -y - yum list all

https://access.redhat.com/sites/default/files/attachments/rh_yum_cheatsheet_1214_jcs_print-1.pdf

www.zmprotech.com 888-236-2620

01-12-2020 https://youtu.be/n5qSAnrMcyA

RPM – Redhat Package Manager

Directory: Config file: Port #: Package: Services: Protocol: Command: yum, rpm URL: RPM Package Manager is a free and open-source package management system. The name RPM refers to .rpm file format and the package manager program itself. RPM was intended primarily for Linux distributions; the file format is the baseline package format of the Linux Standard Base. RPM was standardized by Red Hat. (RHEL, CentOS, Fedora, SuSe) - - [root@localhost ~]# rpm -qa firefox - firefox-60.8.0-1.el7.centos.x86_64 - rpm -qi firefox Name : firefox Version : 60.8.0 Release : 1.el7.centos Architecture: x86_64 Install Date: Sat 11 Jan 2020 01:11:18 PM EST Group : Unspecified Size : 218777805 License : MPLv1.1 or GPLv2+ or LGPLv2+ Signature : RSA/SHA256, Fri 12 Jul 2019 11:01:23 AM EDT, Key ID 24c6a8a7f4a80eb5 Source RPM : firefox-60.8.0-1.el7.centos.src.rpm Build Date : Thu 11 Jul 2019 02:04:42 PM EDT Build Host : x86-01.bsys.centos.org Relocations : (not relocatable) Packager : CentOS BuildSystem Vendor : CentOS URL : https://www.mozilla.org/firefox/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.

www.zmprotech.com 888-236-2620

01-12-2020 https://youtu.be/n5qSAnrMcyA

Apache – Web Server

Directory: Config file: Port #: 80 Package: net-tools Services: httpd, firewalld Protocol: Command: yum, systemclt, netstat URL: - - yum install httpd - systemctl start httpd - systemctl stop firewalld - systemctl disable firewalld - yum install net-tools - netstat -apn | grep httpd - tcp6 0 0 :::80 :::* LISTEN 1809/httpd - httpd service runs on port 80

01-19-2020 https://youtu.be/sP7LdeiA1Ic

01-25-2020 https://youtu.be/HPmRUQhN5Y4

DNS

Directory: Config file: ‘/etc/hostname’ ‘/etc/hosts’ ‘/var/named/forward.zmpt’ ‘/var/named/reverse.zmpt’ ‘/etc/resolve.conf’ Port #: 53 Package: ‘bind’ ‘bind-utils’ ‘bind’ Services: ‘named.service’ ‘firewalld.service’ Protocol: udp,

www.zmprotech.com 888-236-2620

Command: URL: The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

DNS Record types

A (Host address) PTR (Pointer) MX (Mail eXchange) TXT CNAME (Canonical name for an alias)

NS (Name Server) SOA (Start Of Authority) TTL - time to Live AAAA (IPv6 host address) ALIAS (Auto resolved alias)

DNS MASTER – 192.168.56.110 Hostname: dnsmaster.zmpt.com

- SET STATIC IP ADDRESS DEVICE=enp0s3 IPADDR=192.168.56.110 TYPE=Ethernet

www.zmprotech.com 888-236-2620

BOOTPROTO=static ONBOOT=yes HWADDR=08:00:27:15:53:70 NETMASK=255.255.255.0

- Required packages for dns to work - Internet or local repo - bind - bind-utils - bind-chroot - - The Berkeley Internet Name Domain - yum install bind bind-utils bind-chroot -y - - vi /etc/sysconfig/network NETWORKING=yes HOSTNAME=dnsmaster.zmpt.com - vi /etc/hosts 192.168.56.110 dnsmaster.zmpt.com - vi /etc/hostname dnsmaster.zmpt.com - confirm by typing ‘hostname’ - vi /etc/named.conf - options { listen-on port 53 { 127.0.0.1; 192.168.56.110;}; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursing-file "/var/named/data/named.recursing"; secroots-file "/var/named/data/named.secroots"; allow-query { localhost; 192.168.56.0/24;}; - - Create forward zone file - cd /var/named - cp named.localhost forward.zmpt - vi forward.zmpt - $TTL 1D @ IN SOA dnsmaster.zmpt.com. root.zmpt.com. ( 1 ; serial

www.zmprotech.com 888-236-2620

1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS dnsmaster.zmpt.com.

dnsmaster IN A 192.168.56.110 - - Create reverse zone file - cp forward.zmpt reverse.zmpt - vi reverse.zmpt $TTL 1D @ IN SOA dnsmaster.zmpt.com. root.zmpt.com. ( 1 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum @ IN NS dnsmaster.zmpt.com.

dnsmaster IN A 192.168.56.110

110 IN PTR dnsmaster.zmpt.com. - - now edit named.conf file again – Editing this for the second time so far - vi /etc/named.conf - copy the block of code at the end of file zone "." IN { type hint; file "named.ca"; }; - edit as needed - #############################

zone "zmpt.com" IN { type master; file "forward.zmpt"; }; zone "56.168.192.in-addr.arpa" IN { type master;

www.zmprotech.com 888-236-2620

file "reverse.zmpt"; };

#############################

include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; - - Disable firewall - systemctl stop firewalld - systemctl disable firewalld - systemctl status firewalld - - systemctl start named --- [no errors if the configuration files are correct] - systemctl enable named.service - ps -ef | grep named – to confirm named service is running - - configure permissions and ownership of files - chgrp named -R /var/named/ - chown -v root:named /etc/named.conf - - SELinux - restorecon -rv /var/named/ - restorecon /etc/named.conf - - Now check the forward and reverse zones

[root@dnsmaster var]# named-checkzone zmpt.com /var/named/forward.zmpt zone zmpt.com/IN: loaded serial 1 OK [root@dnsmaster var]# named-checkzone zmpt.com /var/named/reverse.zmpt zone zmpt.com/IN: loaded serial 1 OK - - Now make entry for DNS in ethernet file DEVICE=enp0s3 IPADDR=192.168.56.110 TYPE=Ethernet BOOTPROTO=static ONBOOT=yes HWADDR=08:00:27:15:53:70 NETMASK=255.255.255.0 DNS="192.168.56.110" -

www.zmprotech.com 888-236-2620

- Now edit DNS resolution file - vi /etc/resolve.conf - Search zmpt.com Nameserver 192.168.56.110 - - Test dns master server [root@dnsmaster named]# dig dnsmaster.zmpt.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> dnsmaster.zmpt.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12929 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;dnsmaster.zmpt.com. IN A

;; ANSWER SECTION: dnsmaster.zmpt.com. 86400 IN A 192.168.56.110

;; AUTHORITY SECTION: zmpt.com. 86400 IN NS dnsmaster.zmpt.com.

;; Query time: 0 msec ;; SERVER: 192.168.56.110#53(192.168.56.110) ;; WHEN: Sat Jan 25 12:55:30 EST 2020 ;; MSG SIZE rcvd: 77 - - Nslookup -

[root@dnsmaster named]# nslookup dnsmaster.zmpt.com Server: 192.168.56.110 Address: 192.168.56.110#53

Name: dnsmaster.zmpt.com - Address: 192.168.56.110

01-26-2020 https://youtu.be/QNrYk_h23oo

www.zmprotech.com 888-236-2620 cat

Configure DNS Slave

Secondary DNS server Hostname: dnsslave.zmpt.com IP Address: 192.168.56.111

- Vi /etc/hostname - dnsslave.zmpt.com - reboot - set the static ip address DEVICE=enp0s3 IPADDR=192.168.56.111 TYPE=Ethernet BOOTPROTO=static ONBOOT=yes HWADDR=08:00:27:15:53:70 NETMASK=255.255.255.0 - - yum install bind bind-utils -y - - disable the internet connection - - vi /etc/named.conf - options { listen-on port 53 { 127.0.0.1; 192.168.56.111;}; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursing-file "/var/named/data/named.recursing"; secroots-file "/var/named/data/named.secroots"; allow-query { localhost; 192.168.56.0/24;}; - - end of the config file - ###############################

zone "zmpt.com" IN { type slave;

www.zmprotech.com 888-236-2620

file "slaves/forward.zmpt"; masters{ 192.168.56.110;}; }; zone "56.168.192.in-addr.arpa" IN { type slave; file "slaves/reverse.zmpt"; masters{ 192.168.56.110;}; };

############################### - - Now start the named service - systemctl enable named [persistent with reboot] - systemctl start named - systemctl status named - - /var/named/slaves - ls - forward.zmpt reverse.zmpt [These two files got transferred from Master] - - vi /etc/sysconfig/network-scripts/ifcfg-enp0s3 - DEVICE=enp0s3 IPADDR=192.168.56.111 TYPE=Ethernet BOOTPROTO=static ONBOOT=yes HWADDR=08:00:27:33:b9:58 NETMASK=255.255.255.0 DNS1="192.168.56.110" DNS2="192.168.56.111" - - vi /etc/resolv.conf # Generated by NetworkManager search zmpt.com nameserver 192.168.56.110 nameserver 192.168.56.111 - - disable firewall - systemctl stop firewalld - systemctl disable firewalld - -

www.zmprotech.com 888-236-2620

- configure permissions and ownership of files - chgrp named -R /var/named/ - chown -v root:named /etc/named.conf - - SELinux - restorecon -rv /var/named/ - restorecon /etc/named.conf

ON DNS master - make entries for DNS master for the newly added server - vi /var/named/forward.zmpt $TTL 60 @ IN SOA dnsmaster.zmpt.com. root.zmpt.com. ( 6 ; serial 60 ; refresh 60 ; retry 604800 ; expire 60 ; minimum TTL ) @ IN NS dnsmaster.zmpt.com.

dnsmaster IN A 192.168.56.110 dnsslave IN A 192.168.56.111 - - vi /var/named/reverse.zmpt $TTL 60 @ IN SOA dnsmaster.zmpt.com. root.zmpt.com. ( 6 ; serial 60 ; refresh 60 ; retry 604800 ; expire 60 ; minimum TTL ) @ IN NS dnsmaster.zmpt.com.

dnsmaster IN A 192.168.56.110 dnsslave IN A 192.168.56.111

110 IN PTR dnsmaster.zmpt.com.

www.zmprotech.com 888-236-2620

111 IN PTR dnsslave.zmpt.com.

Any of the client servers - - vi /etc/sysconfig/network NETWORKING=yes HOSTNAME= oradb01.dev.zmpt.com - - vi /etc/hosts 192.168.56.113 oradb01.dev.zmpt.com - - vi /etc/hostname oradb01.dev.zmpt.com - - vi /etc/resolv.conf # Generated by NetworkManager search zmpt.com nameserver 192.168.56.110 nameserver 192.168.56.111 - DEVICE=enp0s3 IPADDR=192.168.56.111 TYPE=Ethernet BOOTPROTO=static ONBOOT=yes HWADDR=08:00:27:33:b9:58 NETMASK=255.255.255.0 DNS1="192.168.56.110" DNS2="192.168.56.111"

Repeat the entries into forward lookup zone and Reverse lookup zone ON DNS master - make entries for DNS master for the newly added server - vi /var/named/forward.zmpt - $TTL 60 @ IN SOA dnsmaster.zmpt.com. root.zmpt.com. ( 6 ; serial 60 ; refresh

www.zmprotech.com 888-236-2620

60 ; retry 604800 ; expire 60 ; minimum TTL ) @ IN NS dnsmaster.zmpt.com.

dnsmaster IN A 192.168.56.110 dnsslave IN A 192.168.56.111

110 IN PTR dnsmaster.zmpt.com. 111 IN PTR dnsslave.zmpt.com.

02-01-2020 https://youtu.be/Xvsk_q6yC4w

PXE-KICKSTART Server

Directory: Config file: Port #: Package: Services: Protocol:

www.zmprotech.com 888-236-2620

Command: URL: The Preboot Execution Environment (PXE) is an industry standard client/server interface that allows networked computers that are not yet loaded with an operating system to be configured and booted remotely by an administrator. - Setup yum server [we need yum server as base] - - Packages needed - dhcp, tftp-server, syslinux, - yum install dhcp tftp-server syslinux -y - - systemctl stop firewalld - systemctl disable firewalld - - now start httpd service - systemctl enable httpd - systemctl start httpd - - mkdir -p /tftpboot/images - mkdir -p /tftpboot/pxelinux.cfg - - now copy virtual memory linux file - vmlinuz = Virtual Memory LINUX - - cp /var/www/html/rhel7/images/pxeboot/ vmlinuz /tftpboot/images/ - - now copy initrd.img - - what is initrd files? - [In computing (specifically as regards Linux computing), initrd (initial ramdisk) is a scheme for loading a temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this] - - cp /var/www/html/rhel7/images/pxeboot/initrd.img /tftpboot/images/ - - Now edit tftp file – this file is created by tftp package - vi /etc/xinetd.d/tftp - edit as shown in yellow { socket_type = dgram protocol = udp wait = yes user = root

www.zmprotech.com 888-236-2620

server = /usr/sbin/in.tftpd server_args = -s /tftpboot disable = no per_source = 11 cps = 100 2 flags = IPv4 } - - Now start the tftp service - systemctl start tftp - systemctl enable tftp [persistent with reboot] - check port 69 is on - netstat -anp | grep -w 69 - udp6 0 0 :::69 :::* 1/system - - Now copy the required files for boot menu and boot - - cp /usr/share/syslinux/menu.c32 /tftpboot/ - cp /usr/share/syslinux/pxelinux.0 /tftpboot/ - - so far four files were copied to tftpboot folder [root@localhost tftpboot]# ls -l total 84 drwxr-xr-x. 2 root root 39 Feb 1 12:52 images -rw-r--r--. 1 root root 55140 Feb 1 13:07 menu.c32 -rw-r--r--. 1 root root 26759 Feb 1 13:08 pxelinux.0 drwxr-xr-x. 2 root root 6 Feb 1 12:47 pxelinux.cfg - - now copy dhcp configuration example file as shown - cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf - yes – to overwrite the file - now obtain ip address information [root@localhost dhcp]# ip addr 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:5f:32:be brd ff:ff:ff:ff:ff:ff inet 192.168.56.106/24 brd 192.168.56.255 scope global noprefixroute dynamic enp0s3

Use subnet mask: 192.168.56.0

net mask 255.255.255.0

www.zmprotech.com 888-236-2620

- vi dhcpd.conf - copy and paste – make necessary changes -

authoritative;

subnet 192.168.56.0 netmask 255.255.255.0 {

option domain-name "localhost.localdomain";

range dynamic-bootp 192.168.56.150 192.168.56.199; next-server 192.168.56.106; default-lease-time 600; max-lease-time 7200; filename "pxelinux.0"; } - - cp anaconda-ks.cfg /var/www/html/rhel7/ks.cfg - vi ks.cfg #version=DEVEL # System authorization information auth --enableshadow --passalgo=sha512 # Use CDROM installation media #cdrom url --url=http://192.168.56.106/rhel7 # Use graphical install graphical # Run the Setup Agent on first boot firstboot --enable ignoredisk --only-use=sda # Keyboard layouts keyboard --vckeymap=us --xlayouts='us' # System language lang en_US.UTF-8

# Network information network --hostname=localhost.localdomain

# Root password rootpw --iscrypted $6$BF7uh1GTIIpcP7uE$6z9sdZM.zfIUtFKIURM9RHHmDmQDmOMpsLzUQHrjCSrvD RzLIacnTbqIYw2CX0Y/fyV7vsYvo1iq9X4OugZ/N/ # System services services --enabled="chronyd"

www.zmprotech.com 888-236-2620

# System timezone timezone America/New_York --isUtc # System bootloader configuration bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda autopart --type=lvm # Partition clearing information #clearpart --none --initlabel clearpart --all

%packages @^minimal @core chrony kexec-tools

%end

%addon com_redhat_kdump --enable --reserve-mb='auto'

%end

%anaconda pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty %end - - now create a file name default - cd /tftpboot/pxelinux.cfg - vi default default menu.c32 prompt 0 timeout 100 MENUTITLE ZMPT OS selection LABEL RHEL 7 KERNEL images/vmlinuz append initrd=images/initrd.img linux ks=http://192.168.56.106/rhel7/ks.cfg ~ - now start dhcpd service - systemctl start dhcpd - systemctl enable dhcpd - systemctl status dhcpd https://www.golinuxcloud.com/configure-pxe-boot-server-centos-redhat-7-linux/

www.zmprotech.com 888-236-2620

02-08-2020 https://youtu.be/bDx2y9f5HDk

User Administration

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: root – Administrator – Super user - root user has highest level of access - don’t miss use the root access privileges - you will have access to company data - never share your password with anyone even mangers and directors or ceo - don’t put password in emails, chats or text, don’t share it.

Creating User

- To add new user - useradd zafar - the user is added to the file /etc/passwd - - zafar:x:1000:1000::/home/zafar:/bin/bash - Id Password uid – user id gid – group id Home dir Shell type zafar x 1000 1000 /home/zafar /bin/bash - id zafar - uid=1000(zafar) gid=1000(zafar) groups=1000(zafar)

- user definitions and attributes are defined in - /etc/login.defs - - passwd zafar - password is stored in file name - /etc/shadow -

www.zmprotech.com 888-236-2620

Username password Dec 31 1969 Grace Expiration Id will be Period date disabled zafar $6$bVN…. 18300 0 99999 7 - Reading group file information - zafar:x:1000: Group name Check for Password Group ID Zafar X 1000 - - - You can also create manual - vi /etc/passwd - shakil:x:5001:6001::/home/shakil:/bin/bash - vi /etc/shadow - shakil:$6$LCSK1ZcM$/6hvAYf92NbGakg/.pTp8PB9.hyrGWs0oVYhuv.BwvWPGK5/pziX ToqkTtJpw1ju/WsiBX0POA/xiW/nPKFl40:18300:0:99999:7::: - - Add to the group file - vi /etc/group - shakil:x:6001: - in this instance shakil is a group - - cd /home - change the ownership to shakil - chown shakil:shakil shakil - - now set the folder defaults - cp /etc/skel/.b* /home/shakil - now the user prompt is available [shakil@localhost ~]$ pwd /home/shakil - - [root@localhost ~]# Root user - - [shakil@localhost ~]$ <- Regular user

SUDO Access for user SUDO = Super user Do Super user = root sudo is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of root user - - Grant sudo access to regular user -

www.zmprotech.com 888-236-2620

- For RHEL 7 - visudo - make sure following line is uncommented - %wheel ALL=(ALL) ALL - usermod -aG wheel zafar - now the user is added to the wheel group - the user has elevated access

Create Group Linux groups are a mechanism to manage a collection of computer system users. All Linux users have a user ID and a group ID and a unique numerical identification number called a userid (UID) and a groupid (GID) respectively - - groupadd -g 3000 developer - vi /etc/group - - Assign group to user - now add the user to the group - usermod -aG developer zafar - - Assign group to the directory - mkdir /finance - chgrp developer /finance - chmod g+w /finance - chown Use chown to change the ownership of files and folders or user and group.

- -rw-rw-r--. 1 zafar zafar 0 Feb 16 12:19 file1 - chown shakil file1 - -rw-rw-r--. 1 shakil zafar 0 Feb 16 12:19 file1 - - chown :developer file1 - -rw-rw-r--. 1 shakil developer 0 Feb 16 12:19 file1 - - chown zafar:accounting file1 - -rw-rw-r--. 1 zafar accounting 0 Feb 16 12:19 file1 - usermod Usermod command modify existing users

- added as secondary group - usermod -aG accounting shakil -

www.zmprotech.com 888-236-2620

- added as primary group - usermod -g developer shakil - - usermod -aG developer,accounting obaid - Adding multiple group to -

02-09-2020 https://youtu.be/LRWNsULvqOk

Permissions

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: File Permissions - - -rw-r--r--. 1 root root 0 Feb 9 10:57 file1 User - u Group - g Others - o Read Write Execute Read Write Execute Read Write Execute r w x r w x r w X 4 2 1 4 2 1 4 2 1 - - Read = 4 - Write = 2 - Execute =1 - - -rw-r--r--. 1 root root 0 Feb 9 10:57 file1 U – rw = 6 G – r = 4 O – r = 4 - - Permission for the above file is 644 - 644 is the default permissions of the system generated files - chmod is used to change the permissions - modification of file

[root@localhost ~]# chmod 666 file1

www.zmprotech.com 888-236-2620

[root@localhost ~]# ls -l total 0 -rw-rw-rw-. 1 root root 0 Feb 9 10:57 file1

[root@localhost ~]# chmod 660 file1 [root@localhost ~]# ls -l total 0 -rw-rw----. 1 root root 0 Feb 9 10:57 file1

[root@localhost ~]# chmod 777 file1 [root@localhost ~]# ls -l total 0 -rwxrwxrwx. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]# chmod 000 file1 [root@localhost ~]# ls -l total 0 ------. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]# chmod 740 file1 [root@localhost ~]# ls -l total 0 -rwxr-----. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]#

[root@localhost ~]# chmod o+r file1 [root@localhost ~]# ls -l total 0 -rw-rw-r--. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]# chmod g-w file1 [root@localhost ~]# ls -l total 0 -rw-r--r--. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]# chmod ugo+rwx file1 [root@localhost ~]# ls -l total 0 -rwxrwxrwx. 1 root root 0 Feb 9 10:57 file1 [root@localhost ~]# chmod ugo-rwx file1 [root@localhost ~]# ls -l total 0 ------. 1 root root 0 Feb 9 10:57 file1

Directory Permissions -

www.zmprotech.com 888-236-2620

- drwxr-xr-x. 2 root root 6 Feb 9 11:26 folder1 - U – rwx = 7 G – rx = 5 O – rx = 5

- Read = 4 - Write = 2 - Execute =1 - Directories by default has execute permission – so that a user can go inside the directory - The default Directory permission is 755

Umask

- The default umask is set to 0022 - - File permission without umask is 666 - - Folder permission without umask is 777 - - Umask – 0022 - Symbolic - unused User Groups Others 0 0 2 2 - - For the file you see the default is 644 - -rw-r--r--. 1 root root 0 Feb 9 11:24 file2 - - 6 – 0 = 6 - 6 – 2 = 4 - 6 – 2 = 4 - - drwxr-xr-x. 2 root root 6 Feb 9 11:26 folder1 - - 7 – 0 = 7 - 7 – 2 = 5 - 7 – 2 =5 - - So if the umask is set to 0000 - umask 0000 - now the umask is set to default as 0000 until you reboot the system - - -rw-rw-rw-. 1 root root 0 Feb 9 11:48 file3 - drwxrwxrwx. 2 root root 6 Feb 9 11:49 folder3

www.zmprotech.com 888-236-2620

- 02-15-2020 https://youtu.be/jWnW6poH2d0

02-16-2020 https://youtu.be/H_oW1FSvU8k

Folder assignment to the group - mkdir /data - groupadd accounting - - chgrp accounting data - usermod -aG accounting zafar - chmod chmod g+w /data - - id zafar - uid=1000(zafar) gid=6002(accounting) groups=6002(accounting),3000(developer) - - now login as user - ls -ld /data - drwxrwxr-x. 2 root accounting 19 Feb 15 11:35 /data - touch file1 - -rw-rw-r--. 1 zafar zafar 0 Feb 15 11:35 file1 - Since id zafar is part of accounting group, he is able to create the file - SGID – Set Group Id SGID: All files that are created in the directory with SGID set belongs to the group to which directory belongs. Not to the group creating process belongs

1. Special permission set for directories. 2. Whenever user create files and directories inside the Set GID configured folder it will inherit the Group Ownership from parent directory. 3. The group ownership of the data is not retroactive.

- ls -ld /data - drwxrwxr-x. 2 root accounting 19 Feb 15 11:35 /data - - chmod g+s /data - ls -ld /data - drwxrwsr-x. 2 root accounting 19 Feb 15 11:35 /data - the group execute permission will show as ‘s’ - This means the permission are set when the files are created in this folder - - [shakil@localhost data]$ id shakil

www.zmprotech.com 888-236-2620

- uid=5001(shakil) gid=6001(shakil) groups=6001(shakil) - - [shakil@localhost data]$ touch file3 - -rw-rw-r--. 1 shakil developer 0 Feb 15 12:19 file3 - SUID - Set UID SUID – inherits the owner permissions when executing a file - Ls -l /bin/ping - -rwsr-xr-x. 1 root root 38520 Mar 22 2017 /bin/ping - You should be able to ping using regular user - - Now remove the suid from ping - Chmod u-s /bin/ping - - Now the user is unable to using ping command - - [zafar@amohiuddin6c ~]$ ping 172.31.126.194 - ping: icmp open socket: Operation not permitted - but the root still has full permissions - to restore the suid - chmod u+s /bin/ping

Sticky Bit Sticky Bit – it is a delete protection, if you are not a root or owner of the file you cannot delete a file. This is set on folder level.

- mkdir /stocks - ls -ld /stocks - chmod 777 /stocks - at this point any body can create and delete any files in the folder - - chmod o+t /stocks - now anybody can create files - but they can only delete files which they create - example /tmp folder FACL – File Access Control List FACL you can grant permission to specific user

- mkdir /finance - ls -ld /finance/ - drwxr-xr-x 2 root root 19 Feb 16 12:19 /finance/ - as a regular you don’t have permission to write - setfacl -m u:zafar:rwx /finance/ - drwxrwxr-x+ 2 root root 19 Feb 16 12:19 /finance/

www.zmprotech.com 888-236-2620

- [root@localhost ~]# getfacl /finance/ getfacl: Removing leading '/' from absolute path names # file: finance/ # owner: root # group: root user::rwx user:zafar:rwx group::r-x mask::rwx - other::r-x SUDO Access for user SUDO = Super user Do Super user = root sudo is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of root user - - Grant sudo access to regular user - - For RHEL 7 - visudo - make sure following line is uncommented - %wheel ALL=(ALL) ALL - usermod -aG wheel zafar - now the user is added to the wheel group - the user has elevated access

Permission commands

Identity User u Group g Other o All a

Permission Read r 4 Write w 2 Execute x 1

Actions + Add permission

www.zmprotech.com 888-236-2620

‘-‘ Remove permission = Make it only permission

Examples

Permission Information g+w adds write access for the group o-rwx removes all permissions for others

u+x allows the file owner to execute the file a+rw allows everyone to read and write to the file

ug+r allows the owner and group to read the file

g=rx allows only the group to read and execute (not write

g+w adds write access for the group

g=rx allows only the group to read and execute (not write)

Permission Numerical Information -rw------600 Only the owner has read and write permissions. -rw-r--r-- 644 Only the owner has read and write permissions; the group and others have read only. DEFAULT -rwx------700 Only the owner has read, write, and execute permissions. -rwxr-xr-x 755 The owner has read, write, and execute permissions; the group and others have only read and execute. -rwx--x--x 711 The owner has read, write, and execute permissions; the group and others have only execute. -rw-rw-rw- 666 Everyone can read and write to the file. (Be careful with these permissions.) -rwxrwxrwx 777 Everyone can read, write, and execute. (Again, this permissions setting can be hazardous.)

chmod use chmod command to modify the permissions for files and folders, you can also use numbers to grant permissions

- File permissions - -rw-r--r--. 1 root root 0 Jul 28 16:02 file1

www.zmprotech.com 888-236-2620

- - Grant permission to others - chmod o+w file1 - chmod 646 file1 - -rw-r--rw-. 1 root root 0 Jul 28 16:02 file1 - - Remove read and write to group and other - chmod go-rw file1 - chmod 600 file1 - -rw------. 1 root root 0 Jul 28 16:02 file1 - - Remove permission to everyone - chmod a-rwx file1 - chmod 0 file1 ------. 1 root root 0 Jul 28 16:02 file1 - - Add permission only to owner/user - chmod u+rw file1 - chmod 600 file1 - -rw------. 1 root root 0 Jul 28 16:02 file1

- permissions to directory - drwxr-xr-x. 2 root root 6 Jul 28 16:07 dir1 - - remove execute permission to all - chmod a-x dir1 - chmod 622 dir1 - drw-r--r--. 2 root root 6 Jul 28 16:07 dir1 - - grant execute permission to user and group - chmod ug+x dir1 - chmod 752 dir1 - drwxr-xr--. 2 root root 6 Jul 28 16:07 dir1

chage - - [root@localhost ~]# chage -l zafar - Last password change : Feb 08, 2020 - Password expires : never - Password inactive : never - Account expires : never - Minimum number of days between password change : 0 - Maximum number of days between password change : 99999 - Number of days of warning before password expires : 7

www.zmprotech.com 888-236-2620

- - To set the password to expire 90 - chage -M 90 zafar - - to set the id disable after the password has expired 60 days - chage -I 60 zafar - - [root@localhost ~]# chage -l zafar - Last password change : Feb 08, 2020 - Password expires : May 08, 2020 - Password inactive : Jul 07, 2020 - Account expires : never - Minimum number of days between password change : 0 - Maximum number of days between password change : 90 - Number of days of warning before password expires : 7

Password Recovery for Root

02-22-2020 https://youtu.be/uFn7reuf5pQ

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: - During boot up push any key to interrupt the grub menu

www.zmprotech.com 888-236-2620

- - ‘e’ to edit the menu - Scroll down using arrow key on keyboard to line linux16…. - At the end of line give space and type ‘rd.break’

- - Use left Ctrl+x - Screen goes blank and will come up to the prompt

www.zmprotech.com 888-236-2620

- - Now you are in emergency mode - Type this exact command - ‘mount -o remount, rw /sysroot’ - ‘chroot /sysroot’ - ‘passwd’ - Now enter new password - ‘touch /.autorelabel’ - ‘exit’ - ‘reboot’ - - Now the password is changed for root Connecting to Console for HP Dell or VMWare - - Console for VM ware

- - - For IBM, HP and Dell you connect using IP - - IBM – HMC – Hardware Management Console - HP – ILO – Integrated Lite out - Dell – iDRAC – Integrated Dell Remote Access Controller

www.zmprotech.com 888-236-2620

SAMBA

02-22-2020 https://youtu.be/uFn7reuf5pQ

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: Samba is the standard Windows interoperability suite of programs for Linux and ... Samba is an important component to seamlessly integrate Linux/Unix Servers - yum install samba -y - mkdir /windows-share - - disable SELinux - setenforce 0

www.zmprotech.com 888-236-2620

- - permissions - chmod 777 /windows-share/ - - add new user - useradd winuser - smbpasswd -a winuser - pdbedit -L - - now edit the configuration file - vi /etc/samba/smb.conf - add following at the end of the file [win-share] Path=/windows-share writeable=yes - - disable firewall - systemctl stop firewalld - systemctl disable firewalld - - enable samba services - systemctl start smb.service - systemctl enable smb.service - systemctl status smb.service - - enable nmb service - systemctl start nmb.service - systemctl enable nmb.service - systemctl status nmb.service - - on windows machine - enable CIFS as shown -

www.zmprotech.com 888-236-2620

- - - Reboot the windows system if required - - Map the network drive on the windows as shown - \\192.168.56.13\win-share

- -

www.zmprotech.com 888-236-2620

The whole point of networking is to allow computers to easily share information. Sharing information with other Linux boxes, or any UNIX host, is easy – tools such as FTP and NFS are readily available and frequently set up easily “out of the box”. Unfortunately, even the most die-hard Linux fanatic has to admit the operating system most of the PCs in the world are running is one of the various types of windows. Unless you use your Linux box in a particularly isolated environment, you will almost certainly need to exchange information with machines running windows. Assuming you’re not planning on moving all of your files using floopy disks, the tool you need is Samba.

Samba is an implementation of a Common Internet File System (CIFS, also known as SMB) protocol server that can be run on almost every variant of Unix in existence. Microsoft clients will use this protocol to access files and printers located on your Unix box just as if it were native windows server.

Samba allows linux computers to share files and printers across a network connection. By using its SMB protocol, your linux box can appear in windows network neighborhood or My Network Places Just like any other windows machine. You can share files this way, as well as printers. By using samba on my home network, for example, my windows machines have access to printer directly hooked up to my Linux box, and my Linux box has access to printer directly hooked up to one of my windows machines. In addition, everyone can access

02-23-2020 https://youtu.be/_jTPboWNkC8

NFS

www.zmprotech.com 888-236-2620

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: The Network File System (NFS) is a client/server application that lets a computer user view and optionally store and update files on a remote computer as though they were on the user's own computer. The NFS protocol is one of several distributed file system standards for network-attached storage (NAS).

- yum install nfs-utils -y - enable nfs service - systemctl start nfs-server - systemctl enable nfs-server - systemctl status nfs-server - - Attach a new xfs formatted disk - mkdir /NFS_SHARE - mount /dev/sdb1 /NFS_SHARE - - Now create configuration files - Cd /etc/defaults - vi nfs-share #add this line

NEED_IDMAPD=YES - - vi idmapd.conf #type exactly as shown

DOMAIN=zmpt01.nfs.zmpt.com - - save and exit - - Change the permissions - chmod 777 /NFS_SHARE/ - drwxrwxrwx. 2 root root 6 Feb 23 11:42 /NFS_SHARE/ - - Now edit configuration file - vi /etc/exports - enter the clients information that will be connecting to this server

www.zmprotech.com 888-236-2620

- /NFS_SHARE 192.168.56.127(rw,async) /NFS_SHARE 192.168.56.131(rw,async) - - showmount -e localhost - exportfs -a - exportfs -r - Now disable the firewall - systemctl stop firewalld - systemctl disable firewalld

On the client Host

- yum install nfs-utils -y - systemctl start nfs-server - systemctl enable nfs-server - - make a mounting directory - mkdir /ORACLE - chmod -R 777 /ORACLE - mount -t nfs 192.168.56.132:/NFS_SHARE /ORACLE [root@localhost ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 484M 0 484M 0% /dev tmpfs 496M 0 496M 0% /dev/shm tmpfs 496M 6.8M 489M 2% /run tmpfs 496M 0 496M 0% /sys/fs/cgroup /dev/mapper/centos-root 14G 1.3G 13G 10% / /dev/sda1 1014M 136M 879M 14% /boot tmpfs 100M 0 100M 0% /run/user/0 192.168.56.132:/NFS_SHARE 16G 33M 16G 1% /ORACLE - - enable in fstab - vi /etc/fstab 192.168.56.132:/NFS_SHARE /ORACLE nfs defaults 0 0 -

What is the difference between hard mount and soft mount?

The NFS mount can be mount as a "soft mount" or as a "hard mount" these mount option define the how the NFS client should be handle NFS crash/failure. we will see the difference hard mount and soft mount.

www.zmprotech.com 888-236-2620

Soft Mount:-> Suppose you have mounted the NFS by using "soft mount" when a program request a file from nfs server. NFS Daemon will try to retrieve the data from the NFS server. if it doesn't get any response from NFS server due to some failure or crash on the nfs server. then nfs client report an error to the process on the client machine requesting the file access the Advantage: "fast response" it doesn't wait for the NFS server to respond. the Main disadvantage of this method is data corruption or loss of data so this is not the recommended option to use.

Hard Mounting;-> if you have mounted the nfs by "hard mount". it will repeatly try to connect to the server. Once the server is back online the program will continue to execute undistrubed the state where it was during the crash. we can use the mount option "intr" which allows nfs request to interrupt if the server goes down or cannot be accessable.

03-22-2020 https://youtu.be/zKJg8xSbWCI

AWS

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. ... Using managed databases like MySQL, PostgreSQL, Oracle or SQL Server to store information

AMAZON has several data centers throughout the world and grouped by region Example Norther Virginia has six data centers

Each Data center is known as AZ – Availability Zone

VPC – Virtual Private Cloud

Create a Default VPC 1. Navigate to VPC > Your VPCs. 2. Click Actions > Create Default VPC. 3. Click Create.

www.zmprotech.com 888-236-2620

4. Click Close

Security Group – Firewall inside AWS

AWS security groups (SGs) are associated with EC2 instances and provide security at the protocol and port access level. Each security group — working much the same way as a firewall

www.zmprotech.com 888-236-2620

EC2 – Elastic Cloud Compute

EC2 is term used by Amazon for its computing

Each computing device is called – instant

Windows or Linux instant

- Launch instance in EC2 - Select free tier eligible - Then select t3.mirco - Keep auto assign public ip enabled - - Expand Advanced details - In details use script - #!/bin/bash - Yum install httpd -y - Systemctl start httpd - Systemctl enable httpd - - Then add storage - Add three extra drives - /dev/sdb, /dev/sdc, /dev/sdd - Add tags - zmpt01 - Configure Security Group - Create new SG – zmptSG – no ports open - Launch - Download the key pair – zmptkeypair.pem

www.zmprotech.com 888-236-2620

- Right click on new created EC2 and select connect - You can follow the instructions to connect to your EC2 - Elastic IP addresses

- Amazon give out about 5 static Ip addresses for free - If you have 5 IP and not being used – amazon will charge you. - Once you assign to EC2 – you can note that IP address will remain the same -

03/28/2020 https://youtu.be/0Lw-73DX0b0

Kernel Update

Directory: Config file: Port #: Package: Services: Protocol: Command: URL:

www.zmprotech.com 888-236-2620

- https://www.howtoforge.com/tutorial/how-to-upgrade-kernel-in-centos-7-server/ - rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org - rpm -Uvh https://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm - - yum repolist - yum --enablerepo=elrepo-kernel install kernel-ml - sudo awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg - grub2-set-default 0 - grub2-mkconfig -o /boot/grub2/grub.cfg - init 6 - uname -r - 5.5.13-1.el7.elrepo.x86_64

03-28-2020 https://youtu.be/0Lw-73DX0b0

Directory: Config file: Port #: Package: Services: Protocol: Command: URL:

www.zmprotech.com 888-236-2620

CronJob

* * * * * command to be executed - - - - - | | | | | | | | | ----- Day of week (0 - 7) (Sunday=0 or 7) | | | ------Month (1 - 12) | | ------Day of month (1 - 31) | ------Hour (0 - 23) ------Minute (0 - 59)

- Crontab -e - 45 * * * * rm -rf /root/data - Runs every 45th minute of the hour - Crontab -l to check existing scheduled cron jobs - You can multiple cronjobs inside crontab - Each line is a new job -

Note: you must use system time

03-28-2020 https://youtu.be/0Lw-73DX0b0

TCP Dump

Directory: Config file: Port #: Package: Services: Protocol: Command: URL: tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.[3] Distributed under the BSD license,[4] tcpdump is free software.

All the available interface available to capture the network traffic

www.zmprotech.com 888-236-2620

[root@zmpt01 ~]# tcpdump -D 1.enp0s3 2.enp0s8 3.nflog (Linux netfilter log (NFLOG) interface) 4.nfqueue (Linux netfilter queue (NFQUEUE) interface) 5.usbmon1 (USB bus number 1) 6.any (Pseudo-device that captures on all interfaces) 7.lo [Loopback]

[root@zmpt01 ~]# tcpdump -i any captures the network activity on any interface of the host until inperrupted ctrl+c

tcpdump -i any -c3 captures the 3 packets

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes

11:45:23.954542 IP zmpt01.dev.zmprotech.com.ssh > 192.168.56.102.57054: Flags [P.], seq 420689815:420690023, ack 320459749, win 851, length 208

1 packet captured 6 packets received by filter 0 packets dropped by kernel

Time Stamp 11:45:23.954542 Network Layer IP Source Hostname zmpt01.dev.zmprotech.com.ssh Destination 192.168.56.102 Flags [P.] P

Flag type Value Meaning

www.zmprotech.com 888-236-2620

SYN S Syn packet, a session establishment request. ACK A Ack packet, acknowledge sender’s data. FIN F Finish flag, indication of termination. RESET R Reset, indication of immediate abort of conn PUSH P Push, immediate push of data from sender. URGENT U Urgent, takes precedence over other data NONE A dot . Placeholder, usually used for ACK.

Sequence packets seq 420689815:420690023 196 to 568 bytes ACK 1 ack 320459749 Window size win 851 Packet Length length 208 Segment size Blank now [there are some values here]

[root@zmpt01 ~]# tcpdump -i any port 22

Capture the traffic on specific port

[root@zmpt01 ~]# tcpdump -i any -c5 -nn src 192.168.56.123

Capture traffic on specific host on network

[root@zmpt01 ~]# tcpdump -i any -c5 -w filex.pcap src 192.168.56.123

Writing to pcap for network team

Command ignore Any port Packets Write to file Tcpdump file Source ip (not count type local) tcpdump -i any -c5 -w filex.pcap Src .pcap 192.168.56.123

[root@zmpt01 ~]# tcpdump -nn -r filex.pcap

www.zmprotech.com 888-236-2620

Reading tcpdump pcap file

1. Capture Packets from Specific Interface # tcpdump -i eth0

2. Capture Only N Number of Packets # tcpdump -c 5 -i eth0

3. Print Captured Packets in ASCII # tcpdump -A -i eth0

4. Display Available Interfaces # tcpdump -D

5. Display Captured Packets in HEX and ASCII # tcpdump -XX -i eth0

6. Capture and Save Packets in a File # tcpdump -w 0001.pcap -i eth0

7. Read Captured Packets File # tcpdump -r 0001.pcap

8. Capture IP address Packets # tcpdump -n -i eth0

9. Capture only TCP Packets. # tcpdump -i eth0 tcp

10. Capture Packet from Specific Port # tcpdump -i eth0 port 22

11. Capture Packets from source IP # tcpdump -i eth0 src 192.168.0.2

12. Capture Packets from destination IP # tcpdump -i eth0 dst 50.116.66.139

03-29-2020

Directory: Config file:

www.zmprotech.com 888-236-2620

Port #: Package: Services: Protocol: Command: URL:

Kernel Paramaters

Kernel Parameter is changing the behavior of the Kernel

- - When making any changes to make sure you have proper authorization in place - Usually this comes DB team – Oracle DB, Mongo DB … - - /sys/kernel/mm/transparent_hugepage/enabled - /sys/kernel/mm/transparent_hugepage/defrag - - Request will be set these changes to never - [root@localhost transparent_hugepage]# cat enabled - [always] madvise never - - [root@localhost transparent_hugepage]# cat defrag - always defer defer+madvise [madvise] never - - echo /sys/kernel/mm/transparent_hugepage/defrag - echo never > /sys/kernel/mm/transparent_hugepage/defrag - - [root@localhost ~]# cat /sys/kernel/mm/transparent_hugepage/defrag - always defer defer+madvise madvise [never] - - [root@localhost ~]# cat /sys/kernel/mm/transparent_hugepage/defrag - always defer defer+madvise madvise [never] - - make persistent with reboot - grub2-mkconfig

- [root@localhost etc]# cat /proc/sys/kernel/sem - 250 32000 100 256 - - Request to change the values - Sem – 896 224000 100 256 - - [root@localhost etc]# cat /proc/sys/kernel/shmall - 105627180 - Request to change the values for shmall

www.zmprotech.com 888-236-2620

- Shmall- 792199446 - - [root@localhost etc]# grep HugePages_Total /proc/meminfo - HugePages_Total: 373 - Request to change value fo HugePages_Total - 257792 - Make a copy - cp sysctl.conf sysctl.conf_03292020 - - vi sysctl.conf - - Make the changes as shown

net.ipv4.tcp_retries2 = 7 #kernel.sem = 250 32000 100 128 #kernel.sem = 250 32000 100 256 kernel.sem = 896 224000 100 256 #<----numbers will be provided by db team kernel.shmmni = 4096 #kernel.shmall = 13147960 #kernel.shmall = 105627180 kernel.shmall = 792199446 #<----numbers will be provided by db team kernel.shmmax = 67317555200 kernel.panic_on_oops = 1 #vm.nr_hugepages = 500 vm.nr_hugepages = 257792 #<----numbers will be provided by db team

- Run this command for the changes to take effect - sysctl -p /etc/sysctl.conf

Troublshooting

- to check system logs - /var/log

- Cat /var/log/messages for errors

- - For kernel errors - dmesg - - for memory information -

www.zmprotech.com 888-236-2620

- [root@localhost ~]# free -h - total used free shared buff/cache available - Mem: 983M 879M 59M 1.5M 44M 11M - Swap: 1.6G 33M 1.6G

- Flush the swap memory - swapoff -a && swapon -a - - ethernet error messages - ethtool enp0s3 - folders disk space - du -hax / - - max-depth=3 | sort -rh |head -10 - who logged in last - lastlog - check the reboot activity - last -w - physical memory information - dmidecode -t memory - disable the physical usb storage attached - modporbe -r usb_storage - https://www.tecmint.com/block-usb-storage-devices-in-linux/ - Clear out old messages - cat /dev/null > messages - logrotate -f /etc/logrotate.conf - ps -ef - to check the running processes - top - to check the cpu ulitization and memory - extended memory output - vmstat - to rotate the logs - logrotate -f /etc/logrotate.conf - lsof +L1 - - COMMAND PID USER FD TYPE DEVICE SIZE/OFF NLINK NODE N - tuned 1257 root 8u REG 253,0 4096 0 9080018 / - - kill 1257 - or - kill -9 1257 - ps -eo user,uid,pid,pcpu,args --sort=pc - - USER UID PID %CPU COMMAND - root 0 1 0.0 /usr/lib/systemd/systemd --switched

www.zmprotech.com 888-236-2620

- root 0 2 0.0 [kthreadd] - root 0 3 0.0 [rcu_gp] - root 0 4 0.0 [rcu_par_gp] - root 0 6 0.0 [kworker/0:0H-kb] - to lower the memory buffer - - [root@localhost log]# echo 1 > /proc/sys/vm/drop_caches - [root@localhost log]# free -h - total used free shared buff/cache available - Mem: 983M 859M 86M 1.1M 37M 35M - Swap: 1.6G 41M 1.6G