> redirect, creates or overwrite file >> redirect, creates or appends file 1> redirect stdout, 1>> append 2> redirect stderr, 2>> append &> redirect stdout and stderr 2>&1 redirect stderr to stdout command < /dir/file # stdin
grep ^at start of line grep at end of line$ grep ^$ for empty lines grep -e "foo|bar" OR
#server yum -y install tigervnc-server /etc/sysconfig/vncservers remove -localhost #as normal user vncpasswd vncserver :1 #kill session vncserver -kill :1 #client yum -y install tigervnc vncviewer nucvm3:5901
su - sudo
Star is a very fast tar like tape archiver with improved functionality. Can handle ACL information.
ln TARGET LINK # hard link ln -s # soft link ls -lia show inodes (for hardlinks)
ls -l chmod r = read w = write x = execute or search s = setuid, setgid t = sticky bit (/tmp) chown
man -k #search for keywords makewhatis info -k #search for keywords info coreutils 'chmod invocation' #example
Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux
for the purpose of evaluating candidate's abilities to meet this objective.
shutdown -r now #reboot shutdown -h now #halt reboot /etc/inittab
init <runlevel> telinit <runlevel>
add runlevel number at end end of kernel line (grub)
top ps kill -<signal> <pid> nice -n <level> command # run program with modified prio, from -20 to 19, higer = more nice (-20 is hi ghest prio) renice -n <level> <pid> # alter priority of running processes ps -efl # also shows nice level
virt-manager # gui virsh console <vmname> virsh list --all # list VMs
virsh reboot <vmname> virsh shutdown <vmname> virsh start <vmname>
service network start|stop|restart ifconfig -a netstat -rn # route -n netstat -tapn # as root shows PID names (processes) for TCP ports chkconfig --list
df fdisk -l fdisk /dev/vdb, n, p, 1, <enter>, <enter>, w fdisk /dev/vda n +512M, w partprobe
e logical volumes.
add disk to VM, choose VirtIO, will be hot plugged fdisk /dev/vdb, type 8e Linux LVM pvcreate /dev/vdb1 <device2> <device...> vgextend vg_nucvm1 /dev/vdb1 #toevoegen aan VG vgcreate -s 8M VolumeGroupName /dev/sdb1 /dev/sdb2 lvcreate -L 5GB -n ExtraLV vg_nucvm1 mkfs.ext4 /dev/... blkid /etc/fstab mkdir -p ..... mount -a lvremove /dev/vg_nucvm1/ExtraLV vgreduce vg_nucvm1 /dev/vdb1 pvremove /dev/vdb1 # or check gui: system-config-lvm
#on a loop device dd if=/dev/urandom of=testfile bs=1M count=10 losetup /dev/loop0 testfile #with normal device cryptsetup luksFormat /dev/vdb1 # type uppercase YES cryptsetup luksOpen /dev/vdb1 CryptLV /dev/mapper/CryptLV /crypt ext4 defaults 0 0 # /etc/fstab CryptLV /dev/vdb1 none # /etc/crypttab
blkid # show UUID's UUID=72607ef8-d59a-4b7b-892f-2a515a1b8104 # in /etc/fstab e2label /dev/mapper/CryptLV luksdrive LABEL=luksdrive # in /etc/fstab
fdisk set partition to SWAP partx -a /dev/vdc partprobe mkswap /dev/vdc1 swapon -v /dev/vdc1 swapon -s # show
mount -t nfs server:/share /mnt showmount -e # show exported filesystems mount -t cifs //server/share /mnt -o user=username smbclient -L diskstation -U benst
In /etc/fstab luks: /etc/fstab AND /etc/crypttab 192.168.1.100:/share /mnt/share nfs ro,user,_netdev 0 0
#extend lvextend -L +100M /dev/vg_nucvm1/smallfs resize2fs /dev/mapper/vg_nucvm1-smallfs #decrease umount fsck resize2fs -f /dev/... 100M lvreduce -L 100M /dev/... mount -a #online resize lvresize -r -L NewSize /dev/...
mkdir /opt/team groupadd team chgrp team /opt/team chmod 760 /opt/team chown g+s /opt/team
Add ACL functionality to filesystem with /etc/fstab /dev/mapper/vg_nucvm1-smallfs /small ext4 defaults,acl 0 0 mount -o remount /small getfacl testfile ls -l # shows a plus + sign -rw-rwxr--+ 1 root root 0 Jan 20 20:24 testfile setfacl -m u:benst:rw ./testfile # modify user rights setfacl -m g:team:rwx ./testfile # modify group rights setfacl -m u:benst:--- ./testfile # remove rights
BOOTPROTO=dhcp BOOTPROTO=static
yum install cronie min hour daymonth month dayweek(0=sun) */2 = every 2 hours */5 = every 5 minutes "30 4 1,15 * 5" would cause a command to be run at 4:30 am on the 1st and 15th of each month, plus ev ery Friday.
yum -y install httpd system-config-kickstart rsync CDROM to /var/www/html/pub at boot edit kernel line, add: ks=http://192.168.122.35/ks.cfg
yum groupinstall Virtualization "Virtualization Tools"
via virsh or virt-manager
virsh autostart nucvm1 chkconfig libvirtd on
chkconfig
yum groupinstall "Web Server" chkconfig httpd on service httpd start selinux? #Virtual hosts NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin webmaster@dummy-host.example.com DocumentRoot /var/www/station ServerName station ErrorLog logs/station-error CustomLog logs/station-access common </VirtualHost> <VirtualHost *:80> ServerAdmin webmaster@dummy-host.example.com DocumentRoot /var/www/html ServerName install ErrorLog logs/html-error CustomLog logs/html-access common </VirtualHost>
yum -y groupinstall "FTP server" chkconfig vsftpd on service vsftpd start
Configure selinux and iptables.
file system.
rpm -i # install rpm -u # update yum install yum localinstall #repo file: [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 [base] name=CDROM baseurl=file:///mnt/cd/Server enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
yum update kernel
[root@nucvm1 grub]# more grub.conf # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/mapper/vg_nucvm1-lv_root # initrd /initrd-[generic-]version.img #boot=/dev/vda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title CentOS (2.6.32-279.19.1.el6.x86_64) root (hd0,0) kernel /vmlinuz-2.6.32-279.19.1.el6.x86_64 ro root=/dev/mapper/vg_nucvm1-lv_root rd_NO_LUKS K EYBOARDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_LVM_LV=vg_nucvm1/lv_swap rd_NO_MD rd_LVM_LV=vg_nucvm1/l v_root crashkernel=auto SYSFONT=latarcyrheb-sun16 rd_NO_DM rhgb quiet console=tty0 console=ttyS0 initrd /initramfs-2.6.32-279.19.1.el6.x86_64.img title CentOS (2.6.32-279.el6.x86_64) root (hd0,0) kernel /vmlinuz-2.6.32-279.el6.x86_64 ro root=/dev/mapper/vg_nucvm1-lv_root rd_NO_LUKS KEYBOA RDTYPE=pc KEYTABLE=us LANG=en_US.UTF-8 rd_LVM_LV=vg_nucvm1/lv_swap rd_NO_MD rd_LVM_LV=vg_nucvm1/lv_roo t crashkernel=auto SYSFONT=latarcyrheb-sun16 rd_NO_DM rhgb quiet initrd /initramfs-2.6.32-279.el6.x86_64.img
useradd, usermod, userdel /etc/passwd /etc/shadow
passwd <user> chage -l benst # list age info chage -M 30 -W 5 benst # change after 30 days, 5 day warning
groupadd, groupmod, groupdel /etc/group
# For graphical config: system-configure-authentication: User Account Database: LDAP Base DN: dc=diskstation,dc=home Server: ldap://diskstation.home Authentication Method: LDAP Apply getent passwd ldapuser #autofs if needed getent passwd user #for homedirectory info #/etc/auto.master /rhome /etc/auto.rhome #/etc/auto.rhome * -fstype=nfs,soft,intr,rw diskstation:/volume1/rhome/& service autofs start
yum -y install system-config-firewall /etc/sysconfig/iptables
getenforce setenforce 0 # Permissive temporary /etc/sysconfig/selinux # Permissive or Disabled
ps -efZ ls -lZ
man -k selinux yum -y install policycoreutils-gui system-config-selinux semanage fcontext -a -t public_content_t "/root/testwwwdir(/.*)?" restorecon -F -R -v /root/testwwwdir
getsebool -a getsebool -a | grep httpd togglesebool httpd_verify_dns # temporary change setsebool httpd_verify_dns 0 # temporary disable setsebool -P httpd_verify_dns 0 # permanently disable
Application logs /var/log/audit man ftpd_selinux yum -y install setroubleshoot setroubleshoot-server chkconfig auditd on reboot # change context, if for example this was wrong # targed policy does not use users or roles :) chcon -t httpd_sys_content_t index.html OR chcon --reference /var/www/html /var/www/html/index.html OR restorecon -vR /var/www/html