# Install the epel extra packages for enterprise linux

yum install epel-release

# Disable selinux
setenforce commands are: Enforcing , Permissive, 1 (enable) or 0 (disable)
# setenforce 0
# setenforce 1
enforcing
The Security Policy is always Encoforced
permissive This just simulates the enforcing policy by only printing warning mes
sages and not really enforcing the SELinux. This is good to first see how SELinu
x works and later figure out what policies should be enforced.
disabled Completely disable SELinux
# cat /etc/selinux/config
SELINUX=disabled
SELINUXTYPE=targeted
SETLOCALDEFS=0
ldd
vi /boot/grub/grub.conf
kernel /boot/vmlinuz-2.6.18-92.el5 ro root=LABEL=/ rhgb quiet selinux=0
#If you are not interested in disability the whole SELinux, you can also disable
SELinux only for a specific service. For example, do disable SELinux for HTTP/A
pache service, modify the httpd_disable_trans variable in the /etc/selinux/targe
ted/booleans file
/etc/selinux/targeted/boolean
httpd_disable_trans=1
# setsebool httpd_disable_trans 1
# service httpd restart

# Linux
##crontab
/var/spool/cron
crontab
crontab
crontab
crontab

-e
-l
-r
-v

Edit your crontab file, or create one if it doesn t already exist.

Display your crontab file.
Remove your crontab file.
Display the last time you edited your crontab file.

for logging
30 18 * * * rm /home/someuser/tmp/* > /home/someuser/cronlogs/clean_tmp_dir.log
HOME=user s-home-directory
LOGNAME=user s-login-id
PATH=/usr/bin:/usr/sbin:.
SHELL=/usr/bin/sh

#fsck /dev/sda6
1.umount it first
2.fsck -N /dev/sda3 ( to show what will be done)
3.fsck -y
( to prompt yes to all)
4. tune2fs -l /dev/sda3 ( show the state) clean not clean
sudo touch /forcefsck
**
**
**
**
**

phase
phase
phase
phase
phase

0
1
2
4
8
16
32
128

1
2
3
4
5

Check
Check
Check
Check
Check

Blocks and Sizes

Pathnames
Connectivity
Reference Counts
Cylinder Groups

No errors
Filesystem errors corrected
System should be rebooted
Filesystem errors left uncorrected
Operational error
Usage or syntax error
Fsck canceled by user request
Shared-library error

# LVM
pvdisplay
vg
lv
pvscan
vg
lv
pvcreate
vgcreate
lvcreate
lvextend
lvreduce

/dev/sdb1 /dev/sdc1
testvg /dev/sdb1 /dev/sdc1
--name mylvm --size 1G testvg
-L 1.5G /dev/testvg/mylvm
-L 1.5G /dev/testvg/mylvm

lvcreate -L 1GB -s -n tecmint_datas_snap /dev/vg_tecmint_extra/tecmint_datas

lvextend -L +1G /dev/vg_tecmint_extra/tecmint_data_snap
lvconvert --merge to recover
mkfs.ext3 /dev/testvg/mylvm
e2fsck -f /dev/testvg/mylvm
pvmove /dev/sdb1 /dev/sdf1
vgreduce fileserver /dev/sdb1
vgextend fileserver /dev/sdf1
Do the same with RAID
# DD

dd if=/dev/sdb1 of=file.img bs=4096 conv=notrunc,noerror

you can mount this img to directory -o ro or rw
To restore
dd if=hdadisk.img of=/dev/hdb
# rsync
rsync -zvr /var/opt/installation/inventory/ /root/temp
-z is to enable compression
-v verbose
-r indicates recursive
rsync option -a indicates archive mode. -a option does the following,
Recursive mode
Preserves symbolic links
Preserves permissions
Preserves timestamp
Preserves owner and group
To remote server
$ rsync -avz /root/temp/ thegeekstuff@192.168.200.10:/home/thegeekstuff/temp/
To rsyn from use -e
$ rsync -avz -e ssh thegeekstuff@192.168.200.10:/var/lib/rpm /root/temp
To check progress
$ rsync -avz --progress thegeekstuff@192.168.200.10:/var/lib/rpm/ /root/temp/
port 873
Troubleshooting Dmesg
dmesg | grep Memory
dmesg | grep eth
rpm -qf filename shows pkg
rpm -ql pkgname shows file
rpm -U upgrade
rpm -i install
rpm -v verbose -h hash marks display
--whatprovides --whatrequires --nodeps --ignore
Rebuild rpm db
/var/lib/rpm/__db*
Remove
# cd /var/lib
# rm __db*
Yum Clean all removes the caches
/var/cache/yum/
the rebuild
# rpm --rebuilddb

# rpmdb_verify Packages

yum
yum
yum
yum

history
list installed
repolist
info subversion

Server1
createrepo directoryname
rsync -avz httpsite to directory
Server2
yum to network
create .repo /etc/yum.repo.d
[tecmint]
name=Example repo for Part 11 of the LFCE series on Tecmint.com
baseurl=http://192.168.0.17/repos/centos/6/6/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6
every day beginning at 2:30 AM:Crontab
30 2 * * * rsync -avz rsync://centos.ar.host-engine.com/6.6/os/x86_64/ /var/www/
html/repos/centos/6/6/
find /path/to/files/ -type f -mtime +7 -exec rm -rf {} \;
What it all means:
find: the command that will search for the files
/path/to/files/: the top level directory to start searching
-type f: so we don t remove directories, only files
-mtime +7: files older than 7 days. Change to +14' to delete files older than 2 wee
ks.
-exec: what to do with the files we find
rm -rf: remove them recursively, force
{}: this represents each file we find
\;: the end of the exec
# Find
-name
-iname
-type d, f , f! -perm 777 (with/without)
# find / -perm /u=r
# find / -perm /a=x
# find / -type f -perm 0777 -print -exec chmod 644 {} \;
# find / -type d -perm 777 -print -exec chmod 755 {} \;
find / -amin -60
find / -mmin -60
-size
# Enable quota
# cat /etc/fstab
LABEL=/home
/home
Timezone
/usr/share/zoneinfo
date +%Z

ext2

defaults,usrquota,grpquota 1 2

#Iptables
# iptables -L OUTPUT -n -v --line-numbers
To insert rule between 1 and 2, enter:
# iptables -I INPUT 2 -s 202.54.1.2 -j DROP
#
#
#
#

iptables
iptables
iptables
iptables

-L
-L
-L
-L

INPUT -n --line-numbers
OUTPUT -n --line-numbers
OUTPUT -n --line-numbers | less
OUTPUT -n --line-numbers | grep 202.54.1.1

# service iptables save

/etc/sysconfig/iptables
# iptables -D INPUT 4

# Netstat
-a all
-t tcp
-u udp
-l listening
-p- pid
-i interface
# Kill
0
SIGNULL (NULL) Null
Check access to pid
1
SIGHUP (HUP)
Hangup Terminate; can be trapped
2
SIGINT (INT)
Interrupt
Terminate; can be trapped
3
SIGQUIT (QUIT) Quit
Terminate with core dump; can be trapped
9
SIGKILL (KILL) Kill
Forced termination; cannot be trapped
15
SIGTERM (TERM) Terminate
Terminate; can be trapped
24
SIGSTOP (STOP) Stop
Pause the process; cannot be trapped. This is de
fault if signal not provided to kill command.
25
SIGTSTP (STP) Terminal
Stop/pause the process; can be trapped
26
SIGCONT (CONT) Continue
Run a stopped process
Ext2 Ext3 Ext 4
EXT3 - Journaling
There are three types of journaling available in ext3 file system.
Journal
Metadata and content are saved in the journal.
Ordered Only metadata is saved in the journal. Metadata are journaled only after
writing the content to disk.
This is the default.
Writeback Only metadata is saved in the journal. Metadata might be journaled eit
her before or after the content is written to the disk.
FAstfsck EXT4
In ext4, unallocated block groups and sections of the inode table are marked as
such.
This enables e2fsck to skip them entirely on a check and greatly reduces the tim
e
it takes to check a file system of the size ext4 is built to support.
You can also mount an existing ext3 fs as ext4 fs

In ext4, you also have the option of turning the journaling feature

off

For multi-block allocation, a group of blocks are processed and written together
Since a larger number of blocks are being written at once, it is better so files
are not fragmented.
The group of blocks will be written in a contiguous section if available
The Delayed Allocation is when the data blocks are written at the Writeback Time
Interval. There are three advantages to Delayed Allocation:
Delayed allocation
Larger sets of blocks are processed before being written. This reduces the proce
sser utilization by performing the processing all at once, as discussed in Multi
-Block Allocation.
Reduces fragmentation by allocating a large number of blocks at once which are m
ost likely contiguous.
Reduces processor time and disk space for files that are short-term temporary fi
les wich are used and deleted in RAM/cache before they are written
#kernel
make menuconfig
Install libncurse5
make oldconfig
make
make modules_install
make install
mkinitramfs -o /boot/initrd.3.0.img
update-grub
# RAID
type fd
type 83 linux
mdadm --create --verbose /dev/md0 --level=1 /dev/sda1 /dev/sdb2
mdadm -Cv /dev/md0 -l1 -n2 /dev/sd[ab]1
/etc/mdadm.conf
mdadm --detail --scan >> /etc/mdadm.conf
mdadm /dev/md0 --fail /dev/sda1 --remove /dev/sda1
mdadm --add /dev/md0 /dev/sdb1
cat /proc/mdstat
mdadm --detail /dev/md0
c
mdadm --stop /dev/md0
mdadm --remove /dev/md0
.