Tuesday, May 28, 2019

RHEL8 - Web Console Cockpit Interface

RHEL8 - Web console cockpit interface

Very hand tool and faster as well to manage your system.

1. Install cockpit
# yum search cockpit
review the output

# yum install cockpit

2. firewall-cmd --list-all

enable port 9090

3. Login to your local system, you will get message if cockpit is enable.
# ssh user@localhost
Activate the web console with: systemctl enable --now cockpit.socket

The error shows that cockpit web interface is not enable.
Enable it,
# systemctl enable cockpit.scoket

Logout and login back, you will get the message with URL of the webconsole. Copy and paste on the browser.

Enter username/PW and also click enable previledge access..

Browse different memus from left pane.

System - check mem, cpu
logs - system logs
storage, play around,
you can expand root fs and other filesystems.

networking - firewall, network bonding, interface/IP

accounts - create account, change pw, add ssh

Services - lists all system services, ssh - > check log for ssh, start/stop/disable/enable service.

Applications - any other plugins
Giagnostic report - sos report
kernel dump - enable or disable
selinux - on or off, review the errors
software updates - upto date
subscription - current or unregister?
terminal - you can open terminal on the web browser.

you can switch to mobile interface as well.

Source: https://youtu.be/Z5JWsDIdDR8

Monday, May 13, 2019

RHEL7 - Server is on grub menu

Issue: NOC called about not responding one of the linux server.

What I found: When login through console, server on grub menu.

1. List all disk, disk partition on your system using ls command
grub > ls
(hd0) (hd0,msdos1) hd0,msdos2) ........ so on

Now, you have to find the correct partition

grub > ls (hd0)
error: no such partition.
keep listing, until you find the right filesystem type. You need to know what type of filesystem are you using at your work place. it can be ext or xfs.

grub> ls (hd0,msdos1)
filesystem is ext*
all other partition are xfs, only os is on ext4

lets list the content from it
grub> ls (hd0,msdos1)/
you should be able to see grub2

so this is the right partition. If you didn't find it, keep listing the content of each disk, you will find one.

grub> set boot=(hd0,msdos1)
grub> set prefix=(hd0,msdos1/grub2
grub> insmod normal
grub> normal

system boots and you will be on grub menu. select the right kernel and boot  your system.

If it fails, repeat the same step and select the older kernel, you should be good to go...

Thursday, May 9, 2019

Winows: Install Chocolaty on win 10

Choco is a command line software installation tool on windows like yum on linux.

Installing Chocolatey

Here is the installation document,

Install with cmd.exe
Run the following command:   (copy command text)

@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -Inp

click on copy command
@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

Open your cmd prompt as a administrator.
- search for cmd and right click and run as administrator
- Right click and click on paste, it will take a while to install.

Choco is successfully installed

2. Lets Install some software. Lets try VLC (video player) using choco. (You can google for other software, if you need more info)
- At te prompt just type choco install vlc
  > choco install vlc
 > choco uninstall vlc
You can install using powershell
- Open your powershell as admin
- ,just type choco install vlc

This will install your software automatically

Installing other soft wares on your windows machine
> choco git install -y
> choco putty install -y

when you install git, git-bash is installed by default.
- using git-bash, you can run some basic linux commands.
- You can ssh to remote host using git-bash

Friday, May 3, 2019

AWS - Creating IAM user to Login to AWS management console

Creating IAM user to Login to AWS management console

1. Logint o AWS Management Console
2. Click on IAM under Security, Identity & Compliance
3. Click on Users on left pane
4. Click on Add User and specify the username
5. Specify the Access type:

You can have two type of access
a. Programmatic Access
b. AWS Management Console access

a. Programmatic Access
- You get whole lot of access with this type of access
- You can use CLI and other tools.
- When you create this type of account, make sure to save access ID and secret access key.
- As a normal user, select AWS console access

b. AWS Management Console access
- This is easy type of access
- This is only for web based, GUI based, click click level access.
- First time users, select this type of access.

6. Select AWS Management Console Access
7. Select Custom password and type your password on sonsole password option.
     Note the option - Require password reset.
8. Click Next to continue
9. On your new page, click on Create group
10. Under group name box, type the name of the group (say: webgrp) and attach a policy.
11. To attach a policy, there is search box but for us, we will be using AdninistratorAccess policy. Select it
12. Click on create group. Click next: Tags to tag
13. Click next: Review
14. inally click on create user
15. You will see a sucess windows. You will also see a link to login. Copy the link and go to browser and login with user name and password.
16. You should be able to login and access AWS console with full access.


Identity Access Management
- Centralized Access to AWS Account
- Shared Access to AWS Account
- Granular Permissions
- Identity Federation (AD, FB, Google, Linkedin)

Users, Groups, Role, Policy
- IAM Does not have region

Billing Alarm
- Your Account
- Billing dashboard

RHEL7 - Recover /boot partition on CentOS 7

How to recover /boot partition on CentOS 7?
 [ RHEL7 = CentOS]
If some reason /boot partition is not available, system is not able to boot.
Perform the following tasks below to recover your system.

1. Boot your system using CentOS iso image. You can burn it on DVD/USB and boot off it. Read hardware specific guide on how to mount ISO image and boot the IS.

2. Up on reboot, you will see three options on whic one of them is "Troublessoting". Select it and press enter to continue.

3. Select the option "Rescue a CentOS system" and press enter and enter again to continue

4. Specify Option 1 and press enter to continue..

5. Now, you are on rescue mode. Now, chroot to sysimage to troubleshoot
# chroot /mnt/sysimage

6. Now, you have to install three packages to troubleshoot
a. kernel
b. grub
c. logos

7. Go to package lcation and install them
# cd /mnt/Packages
# ls -l | egrep "kernel-|grub2-|logos"
# rpm -ivh --force groub-...... groub2-2...... centos-logos-.....

for redhat use redhat-logos

8. Install grub on your boot disk. Here is a tricky part. Find your boot device. Most of the case it is /dev/sda.
if you have multi disk
# grub2-install /dev/sda

if thats not the right disk tryp cfdisk command
# cfdisk /dev/sda ..sdb

9. Now, finally, generate grub.cfg file
# grub2-mkconfig -o /boot/grub2/grub.cfg

Exit twice to reboot the server.

system should be coming up fine..

if not, contact your best friend, which is google, or bing

Unix/Linux - sudo - superuser do, an example

sudo - superuser do
- This tool is used to delegate the admin task to particular user or group.
- Basically it allows you to run command being other user (speciially root) to execute some command.

Config file: /etc/sudoers
Log file: /var/log/messages
Editing tool: visudo  ( do not use vi, use visudo it will check the syntax and saves you from making mistakes)

Lets go real,

Now, lets create some users on your systems:

jay, ravi, sam and rita

Grant the following permission to these users.

1. User Jay and Ravi are new system admin and they needed full access to the system
2. sam is a database admin and need to mount and umount /APPLECFS filesystem. su to oinstall, gridmon, oradev user
3. Rita is a helpdesk technician but she should be able to create user

Now, to grant them access, edit the sudoers file

 # visudo

# Give full access to jay and ravi user which is like "root    ALL=(ALL)       ALL",

ravi ALL=(ALL) ALL

# if you want them to run command without specifying password, you can do like
# user_name ALL=(ALL) NOPASSWD: ALL

# or you can put these users together by specifying user alias
# User_Alias ADMINS = jay, ravi, devi, dan
#    or

User_Alias DBAS = bill, mary, sam
DBAS ALL:NOPASSWD: /usr/sbin/mount /APPLCFS, /usr/sbin/umount /APPLCFS, /usr/bin/su - oradev, /usr/bin/su - oinstall, /usr/bin/su - gridmon

# Granting rita user create access
User_Alias HELPDESK nani, kavi, rita
Cmnd_Alias HELP_CMDS = /usr/sbin/useradd, /usr/bin/passwd

User can login to the system with their user name and password, and run the command as

$ useradd nita
$ passwd nita
$ sudo useradd nita
$ sudo passwd nita

run all commands and find the differences.

RHEL - Record ssh session data of your system

Record your ssh session data

There are many ways to record your session data, here we are going to discuss couple of them.

1. Using Putty
- Open your putty, go to Session
- Expand Session and click on Logging
- on the file name section, click on browse and specify the location you want to save and click ok
- Filename putty.log is selected by default. You can change it if you like.
- Now, append the following before the log so that your file looks like this -     putty_&Y-&M-&D-T-H.log
- And click on check box Always append to the end of it.

2. Using script command
- After you login to your server, just type script command, it will generate typescript file by default on wherever you type it from.
$ script
Script started, file is typescript.
- All the command and output the command generates will be recorded on the file.

Specifying filename
- If you like to named the file you want, simply specify the file after the command
$ script cmd_list_`date "+%m-%d-%y_%H-%M-%S`.log

3. Recording session of a remote host on log server
- Login to your log server and connect to your remote server.
$ ssh sam@ | tee -a /opt/logs/120_session.log

you can keep typing your commands on your remote host 120 and all the output will be recorded on your source server.

To verify,
- open a duplicate session of your log server (the source server)
- Use cat or tail command to see the log info
$ tail -f /opt/logs/120_session.log