Académique Documents
Professionnel Documents
Culture Documents
**************************************************************
#systemctl mask iptables.service
##systemctl mask iptables6.service
##systemctl mask ebtables.service
#--------------------------------------------------------------------------------------------------------------------1) Configure selinux on both vm's
#**************************************************************
##cat /etc/sysconfig/selinux
#
SELINUX=enforcing
#
---------------------------------------------------------------------------------------------------------------------------2) Configure repository on both vm's
#**************************************************************
#cd /etc/yum.repos.d
#rm -rf *
#cat file.repo
[rhel7]
baseurl=http://station.network0.example.com/content/rhel7.0/x86_64/dvd/
gpgcheck=0
#rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
#yum clean all
#yum list all
----------------------------------------------------------------------3)Configure ssh on both vm's
*******************************************************************************
#yum install openssh* -y
##systemctl enable sshd.socket
##systemctl restart sshd.service
##cat /etc/hosts.deny
sshd: 10.32.0.0/255.255.255.0
#systemctl restart sshd.service
#firewall-cmd --permanent --add-port=22/tcp
#firewall-cmd --reload
-----------------------------------------------------------------------------------------------4)Configure Port Forwarding on ServerX
#*******************************************************************************
******
#firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="17
2.25.0.10/32" forward-port port=5243 protocol=tcp to-port="80"'
# firewall-cmd --reload
#
5) Configure Simple Command on both vm's
************************************************************
# cat /bin/qstat
ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
#chmod a+x /bin/qstat
#qstat
----------------------------------------------------------------------------6)Configure Ipv6 Network on both vm's
***********************************************************************
#nmcli con show
#nmcli con add con-name eth0 type ethernet ifname eth0
#nmcli con show
#ip addr show
#nmcli connection modify eth0 ipv6.addresses "fddb:fe2a:ab1e::c0a8:02/64 fddb:fe
2a:ab1e::c0a8:fe" ipv6.method manual
#nmcli connection up eth0
#ip addr show
#ping6 fddb:fe2a:ab1e::c0a8:02
------------------------------------------------------------------------------------------------------------7)Configure Link Aggregation on both vm's
*************************************************************************
#ip link
#nmcli connection add type team con-name team0 ifname team0 config '{"runner": {
"name": "activebackup"}}'
#nmcli connection show
#nmcli connection modify team0 ipv4.addresses "192.168.X.10/24" ipv4.method manu
al
#nmcli connection add type team-slave con-name team0-port1 ifname eno1 master te
am0
#nmcli connection add type team-slave con-name team0-port2 ifname eno2 master te
am0
#teamdctl team0 state
#ping 192.168.X.10
-------------------------------------------------------------------------------------------------------------8)Configure SMTP on both vm's
**********************************************************************
#yum install postfix -y
#systemctl enable postfix
#useradd natasha
#cat /etc/postfix/main.cf
inet_interfaces = loopback-only
myorigin=example.com
relayhost=[station.network0.example.com]
mydestination=""
#systemctl restart postfix.service
#firewall-cmd --permanent --add-port=25/tcp
#firewall-cmd --reload
---------------------------------------------------------------------------------9)Configure NFS server on server2
************************************************
(i)Normal Share
*****************
# yum install nfs* -y
#systemctl enable nfs-server
#systemctl start nfs-server
#mkdir /nfsshare
#cat /etc/exports
/nfsshare
*.example.com(rw)
#systemctl restart nfs-server
# firewall-cmd --permanent --add-service=nfs
#firewall-cmd --reload
#exportfs -r
#exportfs
(ii)Secure Share
*****************
#wget -O /etc/krb5.keytab http://station.network0.example.com/pub/keytabs/server
X.keytab
#systemctl enable nfs-secure-server.service
#systemctl start nfs-secure-server.service
#yum install krb5* -y
#mkdir -p /restricted/protected
#cat /etc/exports
/nfsshare
*.example.com(rw)
/securesamba/nfs *.example.com(sec=krb5p,rw)
#useradd arora
#chown arora /restricted/protected/
#chmod 655 /restricted/protected/
#systemctl restart nfs-secure-server.service
#exportfs -r
#exportfs
--------------------------------------------------------------------------------------------------------------------------10)Configure NFS mount on desktopX
********************************************************************************
*
#yum install nfs-utils krb* -y
#systemctl enable nfs-secure
#systemctl start nfs-secure
#mkdir /public
#mkdir /secure
#wget -O /etc/krb5.keytab http://station.network0.example.com/pub/keytabs/deskto
pX.keytab
#cat /etc/fstab
serverX.example.com:/nfsshare /public nfs defaults 0 0
serverX.example.com:/securesamba/nfs /secure nfs sec=krb5p,defaults 0 0
#systemctl restart nfs-secure
#mount -a
#df -h
------------------------------------------------------------------------------------------------11) Configure SMB on serverX
********************************************************************
#yum install samba* -y
#systemctl enable smb.service
#useradd susan
#smbpasswd -a susan
#smbpasswd -e susan
#mkdir /sambadir
#cat /etc/samba/smb.conf
workgroup = TESTGROUP
host allow =example.com
[model]
path = /sambadir
public = no
writable = no
browseable = yes
cifs credentials=/root/multiuser.txt,multi
#mount -a
----------------------------------------------------------------------------------13)Configure Webserver on serverX
********************************************************************************
****
#yum install http* -y
#systemctl enable httpd.service
#cd /var/www/html/
#wget http://station.network0.example.com/pub/rhce/sample.html
#mv sample.html index.html
#cat /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName serverX.example.com
</VirtualHost>
#firewall-cmd --permanent --add-service=http
#firewall-cmd --reload
#systemctl restart httpd.service
-----------------------------------------------------------------------------------------------------------------------------------
+-------------------+
| contact
|
+-------------------+
1 row in set (0.00 sec)
select * from contact
-> ;
+----------+------+---------------+
| username | UID | HOME_DIR
|
+----------+------+---------------+
| manisha | 1010 | /home/manisha |
| jackman | 1011 | /home/jackman |
| steve
| 1012 | /home/steve |
| depp
| 1013 | /home/depp
|
+----------+------+---------------+
4 rows in set (0.00 sec)
MariaDB [(none)]> create user karthi@localhost identified by "karthi_pas
sword";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create user fabric@'%' identified by "fabric_password"
;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create user smith@localhost identified by "smith_passw
ord";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> select user from mysql.user;
+---------+
| user
|
+---------+
| legacy |
| root
|
| root
|
| andrew |
| michael |
| redhat |
| root
|
+---------+
7 rows in set (0.00 sec)
MariaDB [(none)]> grant select on student.user_details to karthi@localho
st;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant select,insert,update,delete on student.user_deta
ils to fabric@'%';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant select on student.user_details to smith@localhos
t;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> show grants for karthi@localhost;
+--------------------------------------------------------------------------------------------------------------+
| Grants for karthi@localhost
|
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'karthi'@'localhost' IDENTIFIED BY PASSWORD '*7F
3692EEFD8987F4E9FA4D90E49891A368EF901D' |
| GRANT SELECT ON `student`.`user_details` TO 'karthi'@'localhost'
|
+--------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
MariaDB [(none)]> exit
Bye
-----------------------------------------------------------------------------------------------------------------------------23 Configure mariadb query
****************************************************
#mysql -u root
MariaDB [(none)]> use student;
MariaDB [student]> select * from contact where UID=1010;
+----------+------+---------------+
| username | UID | HOME_DIR
|
+----------+------+---------------+
| manisha | 1010 | /home/manisha |
+----------+------+---------------+
1 row in set (0.00 sec)
select * from contact where HOME_DIR="/home/manisha";
+----------+------+---------------+
| username | UID | HOME_DIR
|
+----------+------+---------------+
| manisha | 1010 | /home/manisha |
+----------+------+---------------+
1 row in set (0.00 sec)
MariaDB [student]> exit
---------------------------------------------------------------------------------------------------------------------------------------------