Friday, January 24, 2014

RPM intro

 RPM [Red Hat Package Manager]

List all installed packages
# rpm -qa            

Check configuration file
# rpm -qc vsftpd       

Query the Related Documentation in Directory
# rpm -qd vsftpd       

List files in package
# rpm -ql vsftpd       

Check scripts on the package
# rpm -q --scripts vsftpd   

Install a package named vsftpd
# rpm -ivh vsftpd       

Install package without checking any dependencies
# rpm -ivh vsftpd 20.198.20.16 --force --nodepes  

To check all service start/stop at various run levels
# chkconf --list       
Posted by at No comments:

YUM Server and Client set up

 YUM - yellow dog update modifier

- It helps to install packages which resolves the dependencies automatically
- It can be configure on one server and point the location on the yum client set up file and use on multiple servers using ftp or http. FTP, HHTP

YUM server set up
For initial you can use ISO image or DVD to set it up.


1. Mount cd or ISO image.
# mount -o loop ISOpath /mnt        // for ISO image file
  OR
# mount /dev/cdrom /mnt            // for CD/DVD
# cd Packages

2. Install following packages.

# rpm -ivh createrepo+tab            // Date Repository
# rpm -vh deltarpm+tab                // solves Dependency
# rpm -ivh python-deltarpm+tab            // solves Dependency
 # rpm -ivh vsftpd+tab                // Folder created /var/ftp/pub

3. Copy CD/ISO image content
# cp -rfv * /var/ftp/pub
# cf /mnt/repodata

# cp 1a........xml /var/ftp/pub

4. Create a repo
# createrepo -vg /var/ftp/pub/1a......xml    // -vg - verbose group
# cd /etc/yum.repos.d

# rm -rf *                    // To remove previous existing answer files
# vim yum.repo
    [MyRepo]
    home=My Custom Repository
    baseurl=file:///var/ftp/pub
    #baseurl=ftp://expanor.local/ks/packages/
    # baseurl=ftp://192.168.10.110/ks/rhel6
    gpgcheck=0
    enabled=1
    :wq

======================================
How to configure yum repo?
Note,
i. A configuration file for each repository (or group of related repos) should be created in /etc/yum.repos.d/
ii. The name of each repo config file should end in “.repo”.
iii. Yum Repository Mandatory Configuration Items

a. Repository ID: Short name to identify this repository in reports
 [MyRepo]

b. Name: Long description of this repository
 name=My Custom Repository

c. Baseurl: Description of protocol and location of packages to locate from the repo file.
 baseurl=ftp://192.168.10.110/ks/rhel6

d. gpgcheck: Defines whether yum should attempt to validate package signatures. “0? = “off”, “1? = “on”.
 gpgcheck=1

e. gpgkey: Defines (via URL) where the keys for signature validation are located
 (typically file:///etc/pki/rpm-gpg/<key name>)

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

f. enabled (Optional) Defines whether this repository should be currently active. “0? = “off”, “1? = “on”.
 enabled=1

======================================
 # yum clean all  // To check
# yum list all             
# service vsftpd restart            // Restart FTP service
# chkconf vsftpd on

Setting up YUM Client

1. Install ftp package,
# yum install ftp -y
# cd /etc/yum.repos.d
# ls
# rm -rf *
# vim file.repo
    [Yum Client]
    name=client
    baseurl=ftp://192.168.10.110/pub        // FTP server IP
    gpgcheck=0
    enabled=1
    :wq


Some yum commands

# yum install yum* -y
# yum ls            // list all the packages
# yum history            // list the history

To see Shortcut :

# cat /etc/yum/aliases.conf

To search for the install file :

# yum whatprovides crond

How to set up yum client for a single host without ftp or http

1. Get the OS image.
# mount -o loop ISOpath /mnt        // for ISO image file
  OR
# mount /dev/cdrom /mnt            // for CD/DVD

# cd /mnt
# mkdir /opt/yum
# cp -rvf . /opt/yum
# vim /etc/yum.repos.d/base.repo
  Insert mode
  [Server]
  name=base
  baseurl=file:///opt/yum
  gpgcheck=0
  enabled=1
  :wq
# yum update
Posted by at No comments:

IPtables and firewall

        Firewall [Iptables]

- Works on port no 65535
- It is reponsible for Filtering
  Filtering is of two types :
i.     Packet Filtering    [Using IP ex = 192.168.0.0]
ii.    Content Filtering    [Using word ex= "chat","job" etc]

Packet Filtering : It contain 3 chains

a.)  Input Chain : It contains all the data coming from outside the world for the system
b.)  Output Chain: The data which is been sent by system itself is put in output chain
c.) Forward Chain: The data which is routed by system for others is put in this chain

IPtables takes the following reactions :

a.) Accept     : Acknowledgement sent to sender
b.) Reject    : Error sent to sender
c.) Drop     : No Acknowledgement/No Error


 How to configure iptables using GUI

# yum install iptables
# service iptables status/start/stop/restart/save
# chkconf iptables on

To List iptables Rules :
# iptables -L

To Flush Iptable :
# iptables -F
now, save the changes
# service iptables save

To view information :
# info iptables


Posted by at No comments:

Sunday, January 5, 2014

Samba [CIFS] server set up

A. On the server side, perform the following tasks

[root@my32GB tmp]# more /etc/yum.repos.d/file.repo
[RHEL-Repository]
name=RHEL repository
baseurl=file:///home/devi/OS_image/Packages
#baseurl=http://192.168.10.110/yum
enabled=1
gpgcheck=0

[root@my32GB tmp]# yum install cifs
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
No package cifs available.
Error: Nothing to do
[root@my32GB tmp]# yum search samba
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
=================================================== N/S Matched: samba ===================================================
samba-client.x86_64 : Samba client programs
samba-common.i686 : Files used by both Samba servers and clients
samba-common.x86_64 : Files used by both Samba servers and clients
samba-winbind.x86_64 : Samba winbind
samba-winbind-clients.i686 : Samba winbind clients
samba-winbind-clients.x86_64 : Samba winbind clients
samba4-libs.i686 : Samba libraries
samba4-libs.x86_64 : Samba libraries
sblim-cmpi-samba.i686 : SBLIM WBEM-SMT Samba
sblim-cmpi-samba.x86_64 : SBLIM WBEM-SMT Samba
ctdb.x86_64 : A Clustered Database based on Samba's Trivial Database (TDB)
samba.x86_64 : Server and Client software to interoperate with Windows machines

  Name and summary matches only, use "search all" for everything.
[root@my32GB tmp]# yum install samba
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package samba.x86_64 0:3.5.10-125.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================
 Package                Arch                    Version                            Repository                        Size
==========================================================================================================================
Installing:
 samba                  x86_64                  3.5.10-125.el6                     RHEL-Repository                  5.0 M

Transaction Summary
==========================================================================================================================
Install       1 Package(s)

Total download size: 5.0 M
Installed size: 17 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : samba-3.5.10-125.el6.x86_64                                                                            1/1
  Verifying  : samba-3.5.10-125.el6.x86_64                                                                            1/1

Installed:
  samba.x86_64 0:3.5.10-125.el6                                                                                          

Complete!
[root@my32GB tmp]# yum install nmb
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
No package nmb available.
Error: Nothing to do
[root@my32GB tmp]# yum search nmb
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Warning: No matches found for: nmb
No Matches found
[root@my32GB tmp]# yum search winbind
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
================================================== N/S Matched: winbind ==================================================
samba-winbind.x86_64 : Samba winbind
samba-winbind-clients.i686 : Samba winbind clients
samba-winbind-clients.x86_64 : Samba winbind clients

  Name and summary matches only, use "search all" for everything.
[root@my32GB tmp]# yum install winbind
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
No package winbind available.
Error: Nothing to do
[root@my32GB tmp]# yum install samba-winbind
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package samba-winbind.x86_64 0:3.5.10-125.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================
 Package                      Arch                  Version                          Repository                      Size
==========================================================================================================================
Installing:
 samba-winbind                x86_64                3.5.10-125.el6                   RHEL-Repository                3.5 M

Transaction Summary
==========================================================================================================================
Install       1 Package(s)

Total download size: 3.5 M
Installed size: 12 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : samba-winbind-3.5.10-125.el6.x86_64                                                                    1/1
  Verifying  : samba-winbind-3.5.10-125.el6.x86_64                                                                    1/1

Installed:
  samba-winbind.x86_64 0:3.5.10-125.el6                                                                                  

Complete!
[root@my32GB tmp]# yum install samba-nmb
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
No package samba-nmb available.
Error: Nothing to do
[root@my32GB tmp]# service nmb status
nmbd is stopped
[root@my32GB tmp]# chkconfig --list nmb
nmb                0:off    1:off    2:off    3:off    4:off    5:off    6:off
[root@my32GB tmp]# service smb status
smbd is stopped
[root@my32GB tmp]# pwd
/var/tmp
[root@my32GB tmp]# cd /etc/samba/
[root@my32GB samba]# ls
lmhosts  smb.conf  smbusers
[root@my32GB samba]# ls -l
total 20
-rw-r--r--. 1 root root   20 Jun 22  2012 lmhosts
-rw-r--r--. 1 root root 9778 Jun 22  2012 smb.conf
-rw-r--r--. 1 root root   97 Jun 22  2012 smbusers
[root@my32GB samba]# cp -p smb.conf smb.conf.1.5.2014
[root@my32GB samba]# vi smb.conf
[root@my32GB samba]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[printers]"
Global parameter workgroup found in service section!
Global parameter server string found in service section!
Global parameter netbios name found in service section!
Global parameter interfaces found in service section!
Global parameter log file found in service section!
Global parameter max log size found in service section!
Global parameter security found in service section!
Global parameter passdb backend found in service section!
Processing section "[shared]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
    workgroup = MYGROUP
    server string = Samba Server Version %v
    log file = /var/log/samba/log.%m
    max log size = 50
    cups options = raw

[homes]
    comment = Home Directories
    read only = No
    browseable = No

[printers]
    comment = All Printers
    path = /var/spool/samba
    hosts allow = 127., 192.168.1.
    printable = Yes
    browseable = No

[shared]
    comment = Shared directory
    path = /shared
    valid users = jay
    read only = No
    browseable = No
[root@my32GB samba]# mkdir /shared
[root@my32GB samba]# yum install -y setroubleshoot-server
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package setroubleshoot-server.x86_64 0:3.0.47-2.el6 will be installed
--> Processing Dependency: setroubleshoot-plugins >= 3.0.14 for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: setools-libs-python >= 3.3.7-4 for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: audit-libs-python >= 1.2.6-3 for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: python-slip-dbus for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: policycoreutils-python for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: libqpol.so.1(VERS_1.2)(64bit) for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: libapol.so.4(VERS_4.0)(64bit) for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: libqpol.so.1()(64bit) for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Processing Dependency: libapol.so.4()(64bit) for package: setroubleshoot-server-3.0.47-2.el6.x86_64
--> Running transaction check
---> Package audit-libs-python.x86_64 0:2.2-2.el6 will be installed
---> Package policycoreutils-python.x86_64 0:2.0.83-19.24.el6 will be installed
--> Processing Dependency: libsemanage-python >= 2.0.43-4 for package: policycoreutils-python-2.0.83-19.24.el6.x86_64
---> Package python-slip-dbus.noarch 0:0.2.20-1.el6_2 will be installed
---> Package setools-libs.x86_64 0:3.3.7-4.el6 will be installed
---> Package setools-libs-python.x86_64 0:3.3.7-4.el6 will be installed
---> Package setroubleshoot-plugins.noarch 0:3.0.40-1.el6 will be installed
--> Running transaction check
---> Package libsemanage-python.x86_64 0:2.0.43-4.1.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================
 Package                             Arch                Version                       Repository                    Size
==========================================================================================================================
Installing:
 setroubleshoot-server               x86_64              3.0.47-2.el6                  RHEL-Repository              1.3 M
Installing for dependencies:
 audit-libs-python                   x86_64              2.2-2.el6                     RHEL-Repository               59 k
 libsemanage-python                  x86_64              2.0.43-4.1.el6                RHEL-Repository               81 k
 policycoreutils-python              x86_64              2.0.83-19.24.el6              RHEL-Repository              340 k
 python-slip-dbus                    noarch              0.2.20-1.el6_2                RHEL-Repository               30 k
 setools-libs                        x86_64              3.3.7-4.el6                   RHEL-Repository              400 k
 setools-libs-python                 x86_64              3.3.7-4.el6                   RHEL-Repository              222 k
 setroubleshoot-plugins              noarch              3.0.40-1.el6                  RHEL-Repository              505 k

Transaction Summary
==========================================================================================================================
Install       8 Package(s)

Total download size: 2.9 M
Installed size: 11 M
Downloading Packages:
--------------------------------------------------------------------------------------------------------------------------
Total                                                                                      28 MB/s | 2.9 MB     00:00    
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : setools-libs-3.3.7-4.el6.x86_64                                                                        1/8
  Installing : setools-libs-python-3.3.7-4.el6.x86_64                                                                 2/8
  Installing : audit-libs-python-2.2-2.el6.x86_64                                                                     3/8
  Installing : libsemanage-python-2.0.43-4.1.el6.x86_64                                                               4/8
  Installing : policycoreutils-python-2.0.83-19.24.el6.x86_64                                                         5/8
  Installing : python-slip-dbus-0.2.20-1.el6_2.noarch                                                                 6/8
  Installing : setroubleshoot-plugins-3.0.40-1.el6.noarch                                                             7/8
  Installing : setroubleshoot-server-3.0.47-2.el6.x86_64                                                              8/8
  Verifying  : python-slip-dbus-0.2.20-1.el6_2.noarch                                                                 1/8
  Verifying  : libsemanage-python-2.0.43-4.1.el6.x86_64                                                               2/8
  Verifying  : audit-libs-python-2.2-2.el6.x86_64                                                                     3/8
  Verifying  : setroubleshoot-plugins-3.0.40-1.el6.noarch                                                             4/8
  Verifying  : setools-libs-python-3.3.7-4.el6.x86_64                                                                 5/8
  Verifying  : setroubleshoot-server-3.0.47-2.el6.x86_64                                                              6/8
  Verifying  : policycoreutils-python-2.0.83-19.24.el6.x86_64                                                         7/8
  Verifying  : setools-libs-3.3.7-4.el6.x86_64                                                                        8/8

Installed:
  setroubleshoot-server.x86_64 0:3.0.47-2.el6                                                                            

Dependency Installed:
  audit-libs-python.x86_64 0:2.2-2.el6                           libsemanage-python.x86_64 0:2.0.43-4.1.el6             
  policycoreutils-python.x86_64 0:2.0.83-19.24.el6               python-slip-dbus.noarch 0:0.2.20-1.el6_2               
  setools-libs.x86_64 0:3.3.7-4.el6                              setools-libs-python.x86_64 0:3.3.7-4.el6               
  setroubleshoot-plugins.noarch 0:3.0.40-1.el6                 

Complete!
[root@my32GB samba]# semanage fcontext -a -t samba_share_t "/shared(/.*)?"
[root@my32GB samba]# restorecon -r /shared
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCPET
iptables v1.4.7: Couldn't load target `ACCPET':/lib64/xtables/libipt_ACCPET.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
[root@my32GB samba]# iptables
iptables v1.4.7: no command specified
Try `iptables -h' or 'iptables --help' for more information.
[root@my32GB samba]# yum install iptables
Loaded plugins: aliases, changelog, downloadonly, fastestmirror, refresh-packagekit, security, tmprepo, verify,
              : versionlock
Loading mirror speeds from cached hostfile
Setting up Install Process
Package iptables-1.4.7-5.1.el6_2.x86_64 already installed and latest version
Nothing to do
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCPET
iptables v1.4.7: Couldn't load target `ACCPET':/lib64/xtables/libipt_ACCPET.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCPET
iptables v1.4.7: Couldn't load target `ACCPET':/lib64/xtables/libipt_ACCPET.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information.
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m udp -p udp --dport 139 -j ACCEPT
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
[root@my32GB samba]# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
[root@my32GB samba]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@my32GB samba]# service smb status
smbd is stopped
[root@my32GB samba]# service smb start
Starting SMB services:                                     [  OK  ]
[root@my32GB samba]# service nmb start
Starting NMB services:                                     [  OK  ]
[root@my32GB samba]# service winbind start
Starting Winbind services:                                 [  OK  ]
[root@my32GB samba]# passwd jay
Changing password for user jay.
New password:
BAD PASSWORD: it is based on a dictionary word
Retype new password:
passwd: all authentication tokens updated successfully.
[root@my32GB samba]# smbpassed -a jay
-bash: smbpassed: command not found
[root@my32GB samba]# smbpasswd -a jay
New SMB password:
Retype new SMB password:
Added user jay.
[root@my32GB samba]#

smb.conf file content

workgroup = MYGROUP
server string = Samba Server Version %v
netbios name = MYSERVER
interfaces = lo eth0 192.168.10.0/24
hosts allow = 127. 192.168.1.
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam

 [shared]
    comment = Shared directory
    path = /shared
    valid users = jay
    read only = No
    browseable = No



B. On client side, access the share


[kamal@my32GB ~]$ ssh sama.expanor.local
The authenticity of host 'sama.expanor.local (192.168.10.110)' can't be established.
RSA key fingerprint is c4:dd:1b:00:b0:91:28:b4:83:14:0d:55:be:8f:4f:0a.
Are you sure you want to continue connecting (yes/no)? yes

[kamal@sama ~]$ su -
Password:
[root@sama ~]# smbclient -L //MYSERVER/shared -U jay%changeme
Connection to MYSERVER failed (Error NT_STATUS_BAD_NETWORK_NAME)
[root@sama ~]# smbclient -L //192.168.10.20/shared -U jay%changeme
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

    Sharename       Type      Comment
    ---------       ----      -------
    IPC$            IPC       IPC Service (Samba Server Version 3.5.10-125.el6)
    jay             Disk      Home Directories
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

    Server               Comment
    ---------            -------
    MY32GB               Samba Server Version 3.5.10-125.el6

    Workgroup            Master
    ---------            -------
    MYGROUP              MY32GB
    WORKGROUP            KAMAL-MT6707
[root@sama ~]#
Posted by at No comments:
Subscribe to: Posts (Atom)