RHEL 6 Boot Process.
power on -> post- > mbr[bit 512, 446 bootstrip,64 bit partition table, 2 magic bit]->system.map->grub->VMLinux[decompress]-> mount /root as (RO) -> initrd -> init(start) ->inittab(complete)-> run level -> rc script -> (s-start k-kill)
RHEL 7 Boot Process.
MBR => GRUB (Load Kernel image -> extract the content of initramfs image) => Kernel (Loads the necessary driver modules from initrd image -> start systems first process - systemd) => SYSTEMD (Read the configuration files from the /etc/systemd directory -> Reads file linked by /etc/systemd/system/default.target -> Bring the system to the state defined by the system target)
Boot the system from Grub prompts
grub> ls
(proc) (hd0) (hd0,msdos5) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1)
grub> ls (hd0,msdos2)
Filesystem type is xfs,
grub> set root=(hd0,msdos1)
grub> linux /vmlinuz-3.13.0-29-generic ro root=/dev/mapper/centos-root
grub> initrd /initrd.img-3.13.0-29-generic
grub> boot
Redhat Linux 7 boot issue-Kernel Panic and steps to troubleshoot (Regenerate the initrd image using recuse)
# mkinitrd /boot/initramfs-3.10.0-957.el7.x86_64.img 3.10.0-957.el7.x86_64
# dracut -f /boot/initramfs-3.10.0-957.el7.x86_64.img 3.10.0-957.el7.x86_64
To check the booting issue
# systemd-analyze ## (It will share the time consumed to boot the system)
# systemd-analyze blame ## (It will share complete process details.)
Command use for Troubleshooting for system utilization.
1. top - XX up XX min, 1 user, load average: 1.21, 0.34, 0.12
Tasks: 115 total, 1 running, 114 sleeping, 0 stopped, 0 zombie
%Cpu(s): 83.3 us, 16.7 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 3861280 total, 3036536 free, 613176 used, 211568 buff/cache
KiB Swap: 2097148 total, 2097148 free, 0 used. 3021848 avail Mem
--------------------------------------------------------------------------------------------------------
us: CPU time spent in user space(Shells, compilers, databases, web servers, and the programs associated with the desktop are all user space processes.)
sy: CPU time spent in kernel space(All the processes and system resources are handled by the Linux kernel)
ni: priority level of a process. id: idle time spent in the kernel idle handler
wa: IO-wait time waiting for I/O completion.hi: time spent servicing hardware interrupts.
si: time spent servicing software interrupts.st: time stolen from this vm by the hypervisor.
Note: If zombie process is high it will not impact the system load because they are dead process.
# vmstat 1 5
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wast
• Procs:r: The number of processes waiting for run time.b: The number of processes in uninterruptible sleep.
• Memoryswpd: the amount of virtual memory used.free: the amount of idle memory.
buff: the amount of memory used as buffers.cache: the amount of memory used as cache.
inact: the amount of inactive memory. (-a option)active: the amount of active memory. (-a option)
• Swapsi: Amount of memory swapped in from disk (/s).so: Amount of memory swapped to disk (/s).
• IObi: Blocks received from a block device (blocks/s).bo: Blocks sent to a block device (blocks/s).
• Systemin: The number of interrupts per second, including the clock.cs: The number of context switches per second.
• CPUThese are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time).sy: Time spent running kernel code. (system time).id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.
# iostat -xdm (extended disk usage in MB)
Search Detected Device or Particular String
# dmesg | grep -i usb; #dmesg | grep -i dma ; #dmesg | grep -i tty ; # dmesg | grep -i memory
Clear dmesg Buffer Logs [# dmesg -c], Human readiable [# dmesg -H]
Monitoring dmesg in Real Time [watch "# dmesg | tail -20”]
#fg-> foreground, # bg ->background ,# jobs (this will show the process running)
COMMAND
# lsof (list openfile); +D /var/log/ (under dir); -c sshd (process name); -u ^ram (users ^-not); kill -9`losf -t -u ram`#lsof -i :25 (network connect) ; # lsof -i tcp/udp ; # lsof -N -u ram -a(nfs) ;
# lsof | grep "/app" | grep deleted
#fuser -uc /home/sita ;# fuser -ck /home/sita (Kill the process which are using /home/sita)
#pmap –d <process_id> (Memory map to process)
#mpstat (CPU) ; free -ht (Memory)
#ps auxf | sort -nr -k4 | head -2 (Sort by Memory)# top -b -o +%MEM | head -n 22 > topreport.txt (Sort by Memory) #psauxf | sort -nr -k3 | head -2 (Sort by CPU)
#ps -efotty,comm,pid,%mem,%cpu (-o is for custom process)
#sar –b (Overall I/O Activities),sar -s (Swap Space Used), sar -d (Individual Block Device I/O Activities)
# sar -q (Reports run queue and load average), sar -n DEV (network statistics), sar –u –f sa (-u CPU; -r mem),# sar -q -f /var/log/sa/sa23 -s 10:00:01 -e 11:00:01(report of 23rd at 10AM to 11AM)
# vmstat -p /dev/hda1 - (returns partitions stats for /dev/hda1)
#tar -cvf data.tar data ; z=gzip j=bzip2 (to tar) ; tar -xvf data.tar (to untar)
#starce-P <pid> ; # starce -P <pid> -o output.txt (output in test file ); # starce -t ls -l (it give output with timestamp);# starce ./test.sh (to check the script status)
# find /home -name tecmint.txt (Find all the files under /home directory with name tecmint.txt.)
# find /home -iname tecmint.txt (Ignoring Case)
# find / -type d -name Tecmint (Directories)
# find . -type f -name tecmint.php (current Directories)
# find . -type f -name "*.php" (Find all PHP Files in Directory)
# find . -type f -perm 0777 -print (Find all 0777 Files in Directory)
# find . -type f -name "tecmint.txt" -exec rm -f {} \; (Find and remove single File)
# find /tmp -type d -empty (Find all Empty Directories)
# find / -mtime 50 (Find Last 50 Days Modified Files)
# find / -atime 50(Find Last 50 Days Accessed Files)
# find / -mtime +50 –mtime -100 (Last 50-100 Days Modified Files)
# find / -cmin -60 (Changed Files in Last 1 Hour)
# find / -mmin -60 (Modified Files in Last 1 Hour)
# find / -amin -60 (Accessed Files in Last 1 Hour)
# find / -size 50M (50mb file)
# find / -type f -size +100M -exec rm -f {} \;(100mb files and delete it)
# watch -n 2 df -h (watch of every 2s) ; # watch -n 2 -g free (if there is any change exit)
Stress Test:
# dd if=/dev/zero of=/dev/null (to increase the CPU)
# dd if=/dev/zero of=/dev/null bs=1G (to increase the Memory)
# dd if=/dev/zero of=1g.bin bs=1G count=1 (create file of 1GB)
# ab -kc 10 -t 30 http://192.168.2.212/ (to increase load on web-server)
User Administration:
#useraddabc
After user add command is executed it refer to 3 files & updates 4 files.
Config. Files
Refers
|----/etc/login.defs
||----/etc/default/useradd
||----/etc/skel/
Updates
|----/etc/passwd
||----/etc/group
||----/etc/shadow
||----/etc/gshadow
#/usr/sbin/pwconv (this will generate only /etc/shadow)
passwd & shadow file parameter.
-rw-r--r-- 1 root root 1070 Jun 11 05:52 /etc/passwd
---------- 1 root root 678 Jun 11 05:52 /etc/shadow
Fields in /etc/passwd (it contain 7 fields )
student1:x:501:501::/home/student1:/bin/bash (7 field)
username:shadow_reference:uid:gid:Description(GECOS) :$HOME:$SHELL
2nd field of password
i.e. (x) --- password somewhere else.
(*) --- user can't login.
Fields in /etc/shadow: (it contain 9 field)
student1:$1$XSFMv2ru$lfTACjN.XxaxbHA0EkB4U0:13891:0:99999:7:::
1. username: 2. encrypted_password: 3. Days_since_Unix_epoch_password_was_changed (01/01/1970) 4. Days before password may be changed 5. Days after which the password MUST be changed 6. Days before password is to expire that user is warned 7. Days after password expires, that account is disabled 8. Days since Unix epoch, that account is disabled 9. Reserved field (currently unused)
Example for creating user through command line:
#useradd -u 9181361 -g 3100000 -G 3100004 -c "Vallabh Darole" -m a181361 ; echo pass@1234 | passwd --stdin a181361
FSTAB
#cat /etc/fstab
/dev/hdxx /mnt ext3 defaults 0 0
1st field device, 2nd field mountpoint,3rd field filesystem,4th field permission, 5th field fs dump 6th field fsck(default permission rw, dev, suid, exec, auto, nouser, async)
Cron
# cat /etc/crontab
* * * * * /bin/bash echo hello
mins hrs DOM MOY DOW
00-59 00-23 1-31 1-12 0-7
# crontab –l (to view) and # crontab –e (to edit),
/var/log/cronlogs(Logs are stored)./var/spool/cron(Store user cron jobs)
How to schedule a job using "at" command
#yum install at ; #systemctl status atd; # at -f data.sh now, #
[root@vvm01 ~]# at -f data.sh 04:18
job 5 at Fri Jun 18 04:18:00 2021
[root@vvm01 ~]# atq
5 Fri Jun 18 04:18:00 2021 a root
[root@vvm01 ~]#
# at -f data.sh now + 1 hour
[root@vvm01 ~]# atq
6 Fri Jun 18 05:18:00 2021 a root
[root@vvm01 ~]# at -d 6
File Types - Permissions
drwxrwxrwx
1st bit = file type. '-' = file, 'd' = directory; owner,grp,everyone
r = read = 4, w = write = 2 x = execute = 1
# chmod 3777 /sales or # chmod +t /sales (sticky bit: only owner and root can delete file)
Soft Links:#ln -s source_file target; Hard Links: # ln source_file target
# setfacl -m u:tecmint1:rw /tmp/data (to give read and write permissions to user ‘tecmint1‘)
# getfacl /tmp/data
RPM (Redhat Package Manager).
# rpm -qa - Query all installed packages
# rpm -qi nano - Query info about the 'nano' package as it's recorded in the local RPM database
# rpm -qf /usr/bin/nano - Query package membership info for the 'nano' file
# rpm -qpi dhcp-3.0.5-7.el5.i386.rpm - Query about 'dhcp' package, which resides on the repository
# rpm -ql package_name - returns all included files
# rpm -ivh {rpm-file} Install the package
# rpm -ivh --test {rpm file} To test the package
# rpm -Uvh {rpm-file} Upgrade package
# rpm -ev {package} Erase/remove/ an installed package
# rpm -ev --nodeps {package} Erase/remove/ an installed package without checking for dependencies
Disk Management:
# echo "1" > /sys/class/fc_host/host$i/issue_lip (HBA scanning)
# echo "- - -" > /sys/class/scsi_host/host$i/scan (Storage disk scanning)
You can get the Fiber Channel addresses of the HBAs by typing the following commands:
# systool -c fc_host -v
fibre channel target WWN:
# systool -c fc_transport -v
LVM( Logical Volume Manager)
To create: pvcreate /dev/sda4 ;vgcreate vg1 /dev/sda4; lvcreate -L +100M -n lvm1 vg1; mkfs.ext4 /dev/vg0/data
To extend: lvextend –L +40M /dev/vg0/data; resize2fs –p /dev/vg0/data ;xfs_growfs /dev/vg0/data
To reduce: umount file system, e2fsck –f /var/vg0/data, resize2fs /dev/vg0/data 50M, lvreduce –L 50M /dev/vg0/data
Extend Logical Volume By Percentage Free: lvextend -l 100%FREE /dev/vg0/data
[root@puppet-mastersita]#vgs -a -o +devices
VG #PV #LV #SN AttrVSizeVFree Devices
centos 1 2 0 wz--n- <19.00g 0 /dev/sda2(0)
centos 1 2 0 wz--n- <19.00g 0 /dev/sda2(512)
[root@puppet-mastersita]#vgs -a -o +PV_NAME
VG #PV #LV #SN AttrVSizeVFree PV
centos 1 2 0 wz--n- <19.00g 0 /dev/sda2
[root@puppet-mastersita]#vgs -a -o +LV_NAME
VG #PV #LV #SN AttrVSizeVFree LV
centos 1 2 0 wz--n- <19.00g 0 swap
centos 1 2 0 wz--n- <19.00g 0 root
[root@puppet-mastersita]#
If LV get deleted by mistake you restore it from backup
#vgcfgrestore vg01 -f /etc/lvm/archive/ ;lvchange -a y /dev/vg01/lv01
Storage Migration from one disk to other.
#pvmove -v /dev/sdb2 /dev/sdb3
Moving a volume group to another system
* Unmount the FS.
* Mark the volume group inactive.
#vgchange -an design
* Export the volume group
# vgexport design
* Import the volume group
# pvscan
#vgimport design
#vgimport design /dev/sdb1 /dev/sdb2
* Activate the volume group
# vgchange -ay design
# mount /dev/design/users /mnt/design/users
To create snapshot, sync &remove:
# lvcreate -s -L +100M -n snap-lvm vg1
# mount /dev/vg1/lvm1 /backup
# mount /dev/vg1/snap /snap
RSYNC:
# rsync -avlzhu --dry-run --stats /data/home /data1/
# time rsync -avlzhu --stats --progress /data/home /data1/
Time take to complete the command
-v, --verbose increase verbosity
-a, --archive archive mode; equals -rlptgoD (no -H,-A,-X)
-l, --links copy symlinks as symlinks
-z, --compress compress file data during the transfer
-h, --human-readable output numbers in a human-readable format
-u, --update skip files that are newer on the receiver
-n, --dry-run perform a trial run with no changes made
--stats give some file-transfer stats
--progress show progress during transfer
SWAP partition.
# fdisk (partation type swap=82, ext3=83,lvm=8e)
# mkswap /dev/sda2(Make Swap Partition) ; # swapon /dev/sda2\(mount swap); # swapoff /dev/sda2 ; (unmount swap) # swapon -s (status of swap)
Creating SWAP on file.
# dd if=/dev/zero of=/home1/swapfile1 bs=1024 count=512M
# mkswap /home1/swapfile1swapon /home1/swapfile1
MOUNT
# mount -o loop /home/tecmint/Fedora-18-i386-DVD.iso /mnt/iso/ (ISO image)
# mount -t cifs -o credentials=/home/sita/.smbcredentials //10.2.105.19/window/share/ /home/sita/mnt/ (Samba mount)
# mount -t nfs 10.10.0.10:/backups /var/backups (NFS)
# mount -o remount /u01/ (remount)
# grep -w ro /proc/mounts (to find ro file system)
Mounting CIFS partition on Linux:
# yum install cifs-utils
# vi /root/.smbcredentials
username=admin
password=123456
domain=workgroup
# mount -t cifs -o credentials=/root/.smbcredentials //192.168.2.58/project-data /win-drive
KEYBOARD ISSUE
# loadkeys us
NETWORK
# ifdown eth0 && mii-tool –v --force 100baseTx-FD eth0 &&ifup eth0 (Disable auto negotiation)
# ifdown eth0 && mii-tool –vr eth0 &&ifup eth0 (Enable auto negotiation)
# ethtool eth0 [link status]; # ethtool -t ethX [offline|online](in offline test temp route goes)
# route add default gw 192.168.1.254 eth0
# route - /etc/sysconfig/network-scripts/route-eth0 – 192.168.100.0/24 via 10.234.13.1
# netstat -rn(returns the routing table)
# netstat -nulp(returns all u =UDP/ t = tcp LISTENERS without name resolution)
# arp -a (returns MAC to IP mappings) ; arp -a <remote IP>
# ifconfig eth0:1 192.168.75.11 (Virtual IP Address)
# ifconfig eth0:2 del 10.168.76.11 (Removes the virtual interface)
# /sbin/ipaddr add 10.94.141.178/24 dev bond0
# tcpdump -i ens33 -c 5 -w /tmp/packet.txt (capture the output in text file)
# tcpdump -r /tmp/packet.txt (read the file)
# tcpdump -i ens33 -c 5 (will capture 5 packages)
# tcpdump -n -i ens33 -c 5 (-n Don't convert host addresses to names)
# tcpdump -nn -i ens33 -c 5 (-nn Don't convert protocol and port numbers)
# tcpdump -n -i ens33 -c 5 tcp (only tcp)
# tcpdump -n -i ens33 -c 5 port 22 (port 22)
# tcpdump -n -i ens33 -s 0 host 192.168.2.11 (remote host)
What is network bonding and How to configure network bonding.
There are 6 type of network bonding.
mode=0 (balance-rr), mode=1 (active-backup), mode=2 (balance-xor), mode=3 (broadcast) mode=4 (802.3ad), mode=5 (balance-tlb), mode=6 (balance-alb)
# vi /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
IPADDR=192.168.1.20
GATEWAY=192.168.1.1
NETMASK=255.255.255.0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
USERCTL=no
ONBOOT=yes
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
# vi /etc/modprobe.conf
alias bond0 bonding
options bond0 mode=balance-alb miimon=100
# modprobe bonding
# service network restart
# cat /proc/net/bonding/bond0
YUM
# yum list available (List all available packages)
# yum list installed (List all installed packages)
# yum list all (List installed and available packages)
# yum list kernel (List all available kernel packages)
# yum info vsftpd (List info about vsftpd package)
# yum deplistnfs-utils (List dependencies and packages providing them)
# yum provides "/usr/bin/top" (Show package that contains top command)
# yum repolist(Display enabled software repositories)
# yum --enablerepo=rhel-7-server-extras-rpm (Enable repo for a single command)
# yum list available --disablerepo=epel
# yum install --downloadonly vsftpd (Download to /var/cache/yum/arch/prod/repo/, but will not install)
# yum install vsftpd (Install the vsftpd package)
# yum update --security (Apply security-related package updates)
# yum localinstall abc-1-1.i686.rpm (Install abc package from local directory)
# yum downgrade abc (Downgrade the abc package to an earlier version)
# yum remove vsftpd (Remove the vsftpd package and dependencies)
# yum reinstall util-linux (Reinstall util-linux (to replace any deleted files))
# yum -v clean all (Clean Cache)
NFS
# vi /etc/exports ; /nfs1 192.168.75.10(rw) ; restart nfsd ; exportfs -v ;
rw,no_root_squash (Allow local 'root' user the ability to write to /nfs1 export )
# exportfs -a (to update the export table)
# mount -t nfs 192.168.75.199:/nfs1 /nfs1
# showmount –e ipaddress (show mount)
Port information.
ntp: 123/udp,nfs:2049/tcp, ssh-22, ftp-21, smtp-25, samba-139
NIS
# /etc/yp.conf (contains NIS server name) /etc/nsswitch.conf (passwd: files nisldap) /etc/sysconfig/authconfig – USENIS=yes
edit /var/yp/Makefile (all: passwd…), edit /etc/sysconfig/network (NISDOMAIN=domain), start services – ypserv and yppasswdd, run /usr/lib/yp/ypinit –m, run authconfig (important command – ypcat passwd, /var/yp/make)
AUTOFS
/etc/auto.master - /misc /etc/auto.misc --timeout 60
/etc/auto.misc - data -fstype=ext3 :/dev/hda6
For NIS
* -rw,soft,intr 192.168.1.1:/home/&
VSFTPD
/etc/vsftpd/vsftpd.conf, /etc/vsftpd.user_list using userlist_enable=yes(default)(never allow user in file), if userlist_deny=NO (only allow users in this file)
KICKSTART
/etc/dhcpd.conf allow booting; allow bootp; next-server IP; filename “linux-install/pxelinux.0”; range
Configure nfs or ftp or http server, create ks.cfg file, install tftp server and start all those server
PXE Boot Configuration system-config-netboot, if first time click Network install, otherwise click Configure, select protocol for installation, server name or IP and location of the installation file, OK. The vmlinuz and initrd image will be created in /tftpboot/linux-install/distribution directory
REAR Backup:
[root@cap01 ~]# vi /etc/rear/local.conf
OUTPUT=ISO
OUTPUT_URL=nfs://cdn01/var/nfs-share
BACKUP=NETFS
BACKUP_URL=nfs://cdn01/var/nfs-share
NETFS_KEEP_OLD_BACKUP_COPY=2
[root@cap01 ~]#
# nohub rear -d -v mkbackup
# cat nohup.out
SQUID
/etc/squid - primary configuration container
/etc/squid/squid.conf - primary configuration file
/usr/sbin/squidclient - used to test Squid Proxy server
/var/log/squid - primary log directory
/var/spool/squid - cache directory containter
2. Start Squid, and ensure that it starts when the system reboots
# yum install squid
# service squid start ;
# chkconfig --level 35 squid on
Note: Ensure that ample/fast disk storage is available for: /var/spool/squid
Note: Squid defaults to TCP:3128
3. Configure Firefox browser to use Squid Proxy server
4. Configure Squid to allow LAN access through, to resources
# vi /etc/squid/squid.conf
acl lan_users src 172.16.1.0/16
http_access allow lan_users
5. Deny 192.168.75.10, but allow ALL other users from the local subnet
# vi /etc/squid/squid.conf
acl_lan_bad_userssrc 172.16.1.10
http_access deny acl_lan_bad_users
/var/log/squid/cache.log
/var/log/squid/access.log
7. To add the proxy setting in Linux Servers.
# vi /etc/bashrc
export http_proxy=http://172.16.1.201:3128/
Upload data in GIT
# cd git-upload/
# git init
# git remote add origin https://github.com/vdarole/kvm.git
# git add .
# git status
# git commit -m 'Update on 12Jan2023'
# git push origin master
Download data from GIT:
# git clone https://github.com/vdarole/kvm.git
How to join a Linux system to an Active Directory domain
========================================
# realm join --user=[domain user account] [domain name]
# realm list
No comments:
Post a Comment