Category: linux Admin

Linux Admin – Volume Management ”; Previous Next Logical Volume Management (LVM) is a method used by Linux to manage storage volumes across different physical hard disks. This is not to be confused with RAID. However, it can be thought of in a similar concept as RAID 0 or J-Bod. With LVM, it is possible to have (for example) three physical disks of 1TB each, then a logical volume of around 3TB such as /dev/sdb. Or even two logical volumes of 1.5TB, 5 volumes of 500GB, or any combination. One single disk can even be used for snapshots of Logical Volumes. Note − Using Logical Volumes actually increases disk I/O when configured correctly. This works in a similar fashion to RAID 0 striping data across separate disks. When learning about volume management with LVM, it is easier if we know what each component in LVM is. Please study the following table to get a firm grasp of each component. If you need to, use Google to study. Understanding each piece of a logical volume is important to manage them. PV Physical Volume sda PP Physical Partition sda1 , sda2 VG Volume Group Pooled physical resources LV Logical Volume Seen as a storage facility to the operating system A physical volume will be seen as /dev/sda, /dev/sdb; a physical disk that is detected by Linux. A physical partition will be a section of the disk partitioned by a disk utility such as fdisk. Keep in mind, physical partition is not recommended in most common LVM setups. Example: disk /dev/sda is partitioned to include two physical partitions: /dev/sda1 and /dev/sda1 If we have two physical disks of 1TB each, we can create a volume group of almost 2TB amongst the two. From the volume group, we can create three logical volumes each of any-size not exceeding the total volume group size. Traditional Linux Disk Administration Tools Before being acquainted with the latest and greatest featured tools for LVM Management in CentOS 7, we should first explore more traditional tools that have been used for Linux disk management. These tools will come handy and still have use with today”s advanced LVM tools such as the System Storage Manager: lsblk, parted, and mkfs.xfs. Now, assuming we have added another disk or two to our system, we need to enumerate disks detected by Linux. I”d always advise enumerating disks every time before performing operations considered as destructive. lsblk is a great tool for getting disk information. Let”s see what disks CentOS detects. [root@localhost rdc]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 20G 0 disk ├─sda1 8:1 0 1G 0 part /boot └─sda2 8:2 0 19G 0 part ├─cl-root 253:0 0 17G 0 lvm / └─cl-swap 253:1 0 2G 0 lvm [SWAP] sdb 8:16 0 6G 0 disk sdc 8:32 0 4G 0 disk sr0 11:0 1 1024M 0 rom As you can see, we have three disks on this system: sda, sdb, and sdc. Disk sda contains our working CentOS installation, so we do not want to toy around with sda. Both sdb and sdc were added to the system for this tutorial. Let”s make these disks usable to CentOS. Create a Disk Label [root@localhost rdc]# parted /dev/sdb mklabel GPT Warning: The existing disk label on /dev/sdb will be destroyed and all data on this disk will be lost. Do you want to continue? Yes/No? Yes [root@localhost rdc]# We now have one disk labeled. Simply run the parted command in the same manner on sdc. Create the Partitions on the Disk We will only create a single partition on each disk. To create partitions, the parted command is used again. [root@localhost rdc]# parted -a opt /dev/sdb mkpart primary ext4 0% 100% Warning − You requested a partition from 0.00B to 6442MB (sectors 0..12582911). The closest location we can manage is 17.4kB to 1048kB (sectors 34..2047). Is this still acceptable to you? Yes/No? NO [root@localhost rdc]# parted -a opt /dev/sdc mkpart primary ext4 0% 100% Information − You may need to update /etc/fstab. [root@localhost rdc]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 20G 0 disk ├─sda1 8:1 0 1G 0 part / boot └─sda2 8:2 0 19G 0 part ├─cl-root 253:0 0 17G 0 lvm / └─cl-swap 253:1 0 2G 0 lvm [SWAP] sdb 8:16 0 6G 0 disk └─sdb1 8:17 0 6G 0 part sdc 8:32 0 4G 0 disk └─sdc1 8:33 0 4G 0 part sr0 11:0 1 1024M 0 rom [root@localhost rdc]# As you can see from lsblk output, we now have two partitions, each on sdb and sdc. Make the File System Finally, before mounting and using any volume we need to add a file system. We will be using the XFS file system. root@localhost rdc]# mkfs.xfs -f /dev/sdb1 meta-data = /dev/sdb1 isize = 512 agcount = 4, agsize = 393088 blks = sectsz = 512 attr = 2, projid32bit = 1 = crc = 1 finobt = 0, sparse = 0 data = bsize = 4096 blocks = 1572352, imaxpct = 25 = sunit = 0 swidth = 0 blks naming = version 2 bsize = 4096 ascii-ci = 0 ftype = 1 log = internal log bsize = 4096 blocks = 2560, version = 2 = sectsz = 512 sunit = 0 blks, lazy-count = 1 realtime = none extsz = 4096 blocks = 0, rtextents = 0 [root@localhost rdc]# mkfs.xfs -f /dev/sdc1 meta-data = /dev/sdc1 isize = 512 agcount = 4, agsize = 262016 blks = sectsz = 512 attr = 2, projid32bit

Set Up Postfix MTA and IMAP/POP3 ”; Previous Next In order to send an email from our CentOS 7 server, we will need the setup to configure a modern Mail Transfer Agent (MTA). Mail Transfer Agent is the daemon responsible for sending outbound mail for system users or corporate Internet Domains via SMTP. It is worth noting, this tutorial only teaches the process of setting up the daemon for local use. We do not go into detail about advanced configuration for setting up an MTA for business operations. This is a combination of many skills including but not limited to: DNS, getting a static routable IP address that is not blacklisted, and configuring advanced security and service settings. In short, this tutorial is meant to familiarize you with the basic configuration. Do not use this tutorial for MTA configuration of an Internet facing host. With its combined focus on both security and the ease of administration, we have chosen Postfix as the MTA for this tutorial. The default MTA installed in the older versions of CentOS is Sendmail. Sendmail is a great MTA. However, of the author”s humble opinion, Postfix hits a sweet spot when addressing the following notes for an MTA. With the most current version of CentOS, Postfix has superseded Sendmail as the default MTA. Postfix is a widely used and well documented MTA. It is actively maintained and developed. It requires minimal configuration in mind (this is just email) and is efficient with system resources (again, this is just email). Step 1 − Install Postfix from YUM Package Manager. [root@centos]# yum -y install postfix Step 2 − Configure Postfix config file. The Postfix configuration file is located in: /etc/postfix/main.cf In a simple Postfix configuration, the following must be configured for a specific host: host name, domain, origin, inet_interfaces, and destination. Configure the hostname − The hostname is a fully qualified domain name of the Postfix host. In OpenLDAP chapter, we named the CentOS box: centos on the domain vmnet.local. Let’s stick with that for this chapter. # The myhostname parameter specifies the internet hostname of this # mail system. The default is to use the fully-qualified domain name # from gethostname(). $myhostname is used as a default value for many # other configuration parameters. # myhostname = centos.vmnet.local Configure the domain − As stated above, the domain we will be using in this tutorial is vmnet.local # The mydomain parameter specifies the local internet domain name. # The default is to use $myhostname minus the first component. # $mydomain is used as a default value for many other configuration # parameters. # mydomain = vmnet.local Configure the origin − For a single server and domain set up, we just need to uncomment the following sections and leave the default Postfix variables. # SENDING MAIL # # The myorigin parameter specifies the domain that locally-posted # mail appears to come from. The default is to append $myhostname, # which is fine for small sites. If you run a domain with multiple # machines, you should (1) change this to $mydomain and (2) set up # a domain-wide alias database that aliases each user to # [email protected]. # # For the sake of consistency between sender and recipient addresses, # myorigin also specifies the default domain name that is appended # to recipient addresses that have no @domain part. # myorigin = $myhostname myorigin = $mydomain Configure the network interfaces − We will leave Postfix listening on our single network interface and all protocols and IP Addresses associated with that interface. This is done by simply leaving the default settings enabled for Postfix. # The inet_interfaces parameter specifies the network interface # addresses that this mail system receives mail on. By default, # the software claims all active interfaces on the machine. The # parameter also controls delivery of mail to user@[ip.address]. # # See also the proxy_interfaces parameter, for network addresses that # are forwarded to us via a proxy or network address translator. # # Note: you need to stop/start Postfix when this parameter changes. # #inet_interfaces = all #inet_interfaces = $myhostname #inet_interfaces = $myhostname, localhost #inet_interfaces = localhost # Enable IPv4, and IPv6 if supported inet_protocols = all Step 3 − Configure SASL Support for Postfix. Without SASL Authentication support, Postfix will only allow sending email from local users. Or it will give a relaying denied error when the users send email away from the local domain. Note − SASL or Simple Application Security Layer Framework is a framework designed for authentication supporting different techniques amongst different Application Layer protocols. Instead of leaving authentication mechanisms up to the application layer protocol, SASL developers (and consumers) leverage current authentication protocols for higher level protocols that may not have the convenience or more secure authentication (when speaking of access to secured services) built in. Install the “cyrus-sasl* package [root@centos]# yum -y install cyrus-sasl Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: repos.forethought.net * extras: repos.dfw.quadranet.com * updates: mirrors.tummy.com Package cyrus-sasl-2.1.26-20.el7_2.x86_64 already installed and latest version Nothing to do Configure /etc/postfix/main.cf for SASL Auth smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth My SASL Options in main.conf ##Configure SASL Options Entries: smtpd_sasl_auth_enable = yes smptd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtp_sasl_type = dovecot smtp_sasl_path = private/auth/etc Step 4 − Configure FirewallD to allow incoming SMTP Services. [root@centos]# firewall-cmd –permanent –add-service=smtp success [root@centos]# firewall-cmd –reload success [root@centos]# Now let”s check to make sure our CentOS host is allowing and responding to the requests on port 25 (SMTP). Nmap scan report for 172.16.223.132 Host is up (0.00035s latency). Not shown: 993 filtered ports

Discuss Linux Admin ”; Previous Next Linux was designed based on the Unix philosophy of “small, precise tools chained together simplifying larger tasks”. Linux, at its root, does not have large single-purpose applications for one specific use a lot of the time. Instead, there are hundreds of basic utilities that when combined offer great power to accomplish big tasks with efficiency. Unique amongst business class Linux distributions, CentOS stays true to the open-source nature that Linux was founded on. This tutorial gives a complete understanding on Linux Admin and explains how to use it for benefit. Print Page Previous Next Advertisements ”;

Configure PHP in CentOS Linux ”; Previous Next PHP is the one of the most prolific web languages in use today. Installing a LAMP Stack on CentOS is something every system administrator will need to perform, most likely sooner than later. A traditional LAMP Stack consists of (L)inux (A)pache (M)ySQL (P)HP. There are three main components to a LAMP Stack on CentOS − Web Server Web Development Platform / Language Database Server Note − The term LAMP Stack can also include the following technologies: PostgreSQL, MariaDB, Perl, Python, Ruby, NGINX Webserver. For this tutorial, we will stick with the traditional LAMP Stack of CentOS GNU Linux: Apache web server, MySQL Database Server, and PHP. We will actually be using MariaDB. MySQL configuration files, databases and tables are transparent to MariaDB. MariaDB is now included in the standard CentOS repository instead of MySQL. This is due to the limitations of licensing and open-source compliance, since Oracle has taken over the development of MySQL. The first thing we need to do is install Apache. [root@CentOS]# yum install httpd Loaded plugins: fastestmirror, langpacks base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 extras/7/x86_64/primary_d | 121 kB 00:00:00 Loading mirror speeds from cached hostfile * base: mirror.sigmanet.com * extras: linux.mirrors.es.net * updates: mirror.eboundhost.com Resolving Dependencies –> Running transaction check —> Package httpd.x86_64 0:2.4.6-45.el7.centos will be installed –> Processing Dependency: httpd-tools = 2.4.6-45.el7.centos for package: httpd-2.4.6-45.el7.centos.x86_64 –> Processing Dependency: /etc/mime.types for package: httpd-2.4.645.el7.centos.x86_64 –> Running transaction check —> Package httpd-tools.x86_64 0:2.4.6-45.el7.centos will be installed —> Package mailcap.noarch 0:2.1.41-2.el7 will be installed –> Finished Dependency Resolution Installed: httpd.x86_64 0:2.4.6-45.el7.centos Dependency Installed: httpd-tools.x86_64 0:2.4.6-45.el7.centos mailcap.noarch 0:2.1.41-2.el7 Complete! [root@CentOS]# Let”s configure httpd service. [root@CentOS]# systemctl start httpd && systemctl enable httpd Now, let”s make sure the web-server is accessible through firewalld. bash-3.2# nmap -sS -p 1-1024 -T 5 -sV 10.211.55.1 Starting Nmap 7.30 ( https://nmap.org ) at 2017-01-28 02:00 MST Nmap scan report for centos.shared (10.211.55.1) Host is up (0.00054s latency). Not shown: 1022 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0) 80/tcp open http Apache httpd 2.4.6 ((CentOS)) Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 10.82 seconds bash-3.2# As you can see by the nmap service probe, Apache webserver is listening and responding to requests on the CentOS host. Install MySQL Database Server [root@CentOS rdc]# yum install mariadb-server.x86_64 && yum install mariadb- devel.x86_64 && mariadb.x86_64 && mariadb-libs.x86_64 We are installing the following repository packages for MariaDB − mariadb-server.x86_64 The main MariaDB Server daemon package. mariadb-devel.x86_64 Files need to compile from the source with MySQL/MariaDB compatibility. mariadb.x86_64 MariaDB client utilities for administering MariaDB Server from the command line. mariadb-libs.x86_64 Common libraries for MariaDB that could be needed for other applications compiled with MySQL/MariaDB support. Now, let”s start and enable the MariaDB Service. [root@CentOS]# systemctl start mariadb [root@CentOS]# systemctl enable mariadb Note − Unlike Apache, we will not enable connections to MariaDB through our host-based firewall (firewalld). When using a database server, it”s considered best security practice to only allow local socket connections, unless the remote socket access is specifically needed. Let”s make sure the MariaDB Server is accepting connections. [root@CentOS#] netstat -lnt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN [root@CentOS rdc]# As we can see, MariaDB is listening on port 3306 tcp. We will leave our host-based firewall (firewalld) blocking incoming connections to port 3306. Install and Configure PHP [root@CentOS#] yum install php.x86_64 && php-common.x86_64 && php-mysql.x86_64 && php-mysqlnd.x86_64 && php-pdo.x86_64 && php-soap.x86_64 && php-xml.x86_64 I”d recommend installing the following php packages for common compatibility − php-common.x86_64 php-mysql.x86_64 php-mysqlnd.x86_64 php-pdo.x86_64 php-soap.x86_64 php-xml.x86_64 [root@CentOS]# yum install -y php-common.x86_64 php-mysql.x86_64 php- mysqlnd.x86_64 php-pdo.x86_64 php-soap.x86_64 php-xml.x86_64 This is our simple php file located in the Apache webroot of /var/www/html/ [root@CentOS]# cat /var/www/html/index.php <html> <head> <title>PHP Test Page</title> </head> <body> PHP Install <?php echo “We are now running PHP on GNU Centos Linux!<br />” ?> </body> </html> [root@CentOS]# Let”s change the owning group of our page to the system user our http daemon is running under. [root@CentOS]# chgrp httpd /var/www/html/index.php && chmod g+rx /var/www/html/index.php — When requested manually via ncat. bash-3.2# ncat 10.211.55.1 80 GET / index.php HTTP/1.1 200 OK Date: Sat, 28 Jan 2017 12:06:02 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Length: 137 Connection: close Content-Type: text/html; charset=UTF-8 <html> <head> <title>PHP Test Page</title> </head> <body> PHP Install We are now running PHP on GNU Centos Linux!<br /> </body> </html> bash-3.2# PHP and LAMP are very popular web-programming technologies. LAMP installation and configuration is sure to come up on your list of needs as a CentOS Administrator. Easy to use CentOS packages have taken a lot of work from compiling Apache, MySQL, and PHP from the source code. Print Page Previous Next Advertisements ”;

Linux Admin – User Management ”; Previous Next When discussing user management, we have three important terms to understand − Users Groups Permissions We have already discussed in-depth permissions as applied to files and folders. In this chapter, let”s discuss about users and groups. CentOS Users In CentOS, there are two types accounts − System accounts − Used for a daemon or other piece of software. Interactive accounts − Usually assigned to a user for accessing system resources. The main difference between the two user types is − System accounts are used by daemons to access files and directories. These will usually be disallowed from interactive login via shell or physical console login. Interactive accounts are used by end-users to access computing resources from either a shell or physical console login. With this basic understanding of users, let”s now create a new user for Bob Jones in the Accounting Department. A new user is added with the adduser command. Following are some adduser common switches − Switch Action -c Adds comment to the user account -m Creates user home directory in default location, if nonexistent -g Default group to assign the user -n Does not create a private group for the user, usually a group with username -M Does not create a home directory -s Default shell other than /bin/bash -u Specifies UID (otherwise assigned by the system) -G Additional groups to assign the user to When creating a new user, use the -c, -m, -g, -n switches as follows − [root@localhost Downloads]# useradd -c “Bob Jones Accounting Dept Manager” -m -g accounting -n bjones Now let”s see if our new user has been created − [root@localhost Downloads]# id bjones (bjones) gid = 1001(accounting) groups = 1001(accounting) [root@localhost Downloads]# grep bjones /etc/passwd bjones:x:1001:1001:Bob Jones Accounting Dept Manager:/home/bjones:/bin/bash [root@localhost Downloads]# Now we need to enable the new account using the passwd command − [root@localhost Downloads]# passwd bjones Changing password for user bjones. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@localhost Downloads]# The user account is not enabled allowing the user to log into the system. Disabling User Accounts There are several methods to disable accounts on a system. These range from editing the /etc/passwd file by hand. Or even using the passwd command with the -lswitch. Both of these methods have one big drawback: if the user has ssh access and uses an RSA key for authentication, they can still login using this method. Now let’s use the chage command, changing the password expiry date to a previous date. Also, it may be good to make a note on the account as to why we disabled it. [root@localhost Downloads]# chage -E 2005-10-01 bjones [root@localhost Downloads]# usermod -c “Disabled Account while Bob out of the country for five months” bjones [root@localhost Downloads]# grep bjones /etc/passwd bjones:x:1001:1001:Disabled Account while Bob out of the country for four months:/home/bjones:/bin/bash [root@localhost Downloads]# Manage Groups Managing groups in Linux makes it convenient for an administrator to combine the users within containers applying permission-sets applicable to all group members. For example, all users in Accounting may need access to the same files. Thus, we make an accounting group, adding Accounting users. For the most part, anything requiring special permissions should be done in a group. This approach will usually save time over applying special permissions to just one user. Example, Sally is in-charge of reports and only Sally needs access to certain files for reporting. However, what if Sally is sick one day and Bob does reports? Or the need for reporting grows? When a group is made, an Administrator only needs to do it once. The add users is applied as needs change or expand. Following are some common commands used for managing groups − chgrp groupadd groups usermod chgrp − Changes the group ownership for a file or directory. Let”s make a directory for people in the accounting group to store files and create directories for files. [root@localhost Downloads]# mkdir /home/accounting [root@localhost Downloads]# ls -ld /home/accounting drwxr-xr-x. 2 root root 6 Jan 13 10:18 /home/accounting [root@localhost Downloads]# Next, let”s give group ownership to the accounting group. [root@localhost Downloads]# chgrp -v accounting /home/accounting/ changed group of ‘/home/accounting/’ from root to accounting [root@localhost Downloads]# ls -ld /home/accounting/ drwxr-xr-x. 2 root accounting 6 Jan 13 10:18 /home/accounting/ [root@localhost Downloads]# Now, everyone in the accounting group has read and execute permissions to /home/accounting. They will need write permissions as well. [root@localhost Downloads]# chmod g+w /home/accounting/ [root@localhost Downloads]# ls -ld /home/accounting/ drwxrwxr-x. 2 root accounting 6 Jan 13 10:18 /home/accounting/ [root@localhost Downloads]# Since the accounting group may deal with sensitive documents, we need to apply some restrictive permissions for other or world. [root@localhost Downloads]# chmod o-rx /home/accounting/ [root@localhost Downloads]# ls -ld /home/accounting/ drwxrwx—. 2 root accounting 6 Jan 13 10:18 /home/accounting/ [root@localhost Downloads]# groupadd − Used to make a new group. Switch Action -g Specifies a GID for the group -K Overrides specs for GID in /etc/login.defs -o Allows overriding non-unique group id disallowance -p Group password, allowing the users to activate themselves Let”s make a new group called secret. We will add

Configure Ruby on CentOS Linux ”; Previous Next Ruby is a great language for both web development and Linux Administration. Ruby provides many benefits found in all the previous languages discussed: PHP, Python, and Perl. To install Ruby, it is best to bootstrap through the rbenv which allows the administrators to easily install and manage Ruby Environments. The other method for installing Ruby is the standard CentOS packages for Ruby. It is advisable to use the rbenv method with all its benefits. CentOS packages will be easier for the non-Ruby savvy. First, let”s get some needed dependencies for rbenv installer. git-core zlib zlib-devel gcc-c++ patch readline readline-devel libyaml-devel libffi-devel openssl-devel make bzzip2 autoconf automake libtool bison curl sqlite-devel Most of these packages may already be installed depending on the chosen options and roles when installing CentOS. It is good to install everything we are unsure about as this can lead to less headache when installing packages requiring dependencies. [root@CentOS]# yum -y install git-core zlib zlib-devel gcc-c++ patch readline readline-devel libyaml-devel libffi-devel openssl-devel make bzip2 autoconf automake libtool bison curl sqlite-devel Method 1 − rbenv for Dynamic Ruby Development Environments Now as the user who will be using Ruby − [rdc@CentOS ~]$ git clone https://github.com/rbenv/rbenv.git [rdc@CentOS ~]$ https://github.com/rbenv/ruby-build.git ruby-build will provide installation features to rbenv − Note − We need to switch to root or an administration user before running install.sh [rdc@CentOS ruby-build]$ cd ~/ruby-build [rdc@CentOS ruby-build]# ./install.sh Let”s set our shell for rbenv and assure we have installedthe correct options. [rdc@CentOS ~]$ source ~/rbenv/rbenv.d/exec/gem-rehash.bash [rdc@CentOS ruby-build]$ ~/rbenv/bin/rbenv rbenv 1.1.0-2-g4f8925a Usage: rbenv <command> [<args>] Some useful rbenv commands are − Commands Action local Sets or shows the local application-specific Ruby version global Sets or shows the global Ruby version shell Sets or shows the shell-specific Ruby version install Installs a Ruby version using ruby-build uninstall Uninstalls a specific Ruby version rehash Rehashes rbenv shims (run this after installing executables) version Shows the current Ruby version and its origin versions Lists all Ruby versions available to rbenv which Displays the full path to an executable whence Lists all Ruby versions that contain the given executable Let”s now install Ruby − [rdc@CentOS bin]$ ~/rbenv/bin/rbenv install -v 2.2.1 After compilation completes − [rdc@CentOS ~]$ ./ruby -v ruby 2.2.1p85 (2015-02-26 revision 49769) [x86_64-linux] [rdc@CentOS ~]$ We now have a working Ruby environment with an updated and working version of Ruby 2.X branch. Method 2 − Install Ruby from CentOS Packages This is the most simple method. However, it can be limited by the version and gems packaged from CentOS. For serious development work, it is highly recommended to use the rbenv method to install Ruby. Install Ruby, needed development packages, and some common gems. [root@CentOS rdc]# yum install -y ruby.x86_64 ruby-devel.x86_64 ruby- libs.x86_64 ruby-gem-json.x86_64 rubygem-rake.noarch Unfortunately, we are left with somewhat outdated version of Ruby. [root@CentOS rdc]# ruby -v ruby 2.0.0p648 (2015-12-16) [x86_64-linux] [root@CentOS rdc]# Print Page Previous Next Advertisements ”;

Linux Admin – Quick Guide ”; Previous Next Linux Admin – CentOS Overview Unique among business class Linux distributions, CentOS stays true to the open-source nature that Linux was founded on. The first Linux kernel was developed by a college student at the University of Helsinki (Linus Torvalds) and combined with the GNU utilities founded and promoted by Richard Stallman. CentOS has a proven, open-source licensing that can power today’s business world. CentOS has quickly become one of the most prolific server platforms in the world. Any Linux Administrator, when seeking employment, is bound to come across the words: “CentOS Linux Experience Preferred”. From startups to Fortune 10 tech titans, CentOS has placed itself amongst the higher echelons of server operating systems worldwide. What makes CentOS stand out from other Linux distributions is a great combination of − Open source licensing Dedicated user-base of Linux professionals Good hardware support Rock-solid stability and reliability Focus on security and updates Strict adherence to software packaging standards needed in a corporate environment Before starting the lessons, we assume that the readers have a basic knowledge of Linux and Administration fundamentals such as − What is the root user? The power of the root user Basic concept of security groups and users Experience using a Linux terminal emulator Fundamental networking concepts Fundamental understanding of interpreted programming languages (Perl, Python, Ruby) Networking protocols such as HTTP, LDAP, FTP, IMAP, SMTP Cores that compose a computer operating system: file system, drivers, and the kerne Basic CentOS Linux Commands Before learning the tools of a CentOS Linux Administrator, it is important to note the philosophy behind the Linux administration command line. Linux was designed based on the Unix philosophy of “small, precise tools chained together simplifying larger tasks”. Linux, at its root, does not have large single-purpose applications for one specific use a lot of the time. Instead, there are hundreds of basic utilities that when combined offer great power to accomplish big tasks with efficiency. Examples of the Linux Philosophy For example, if an administrator wants a listing of all the current users on a system, the following chained commands can be used to get a list of all system users. On execution of the command, the users are on the system are listed in an alphabetical order. [root@centosLocal centos]# cut /etc/passwd -d”:” -f1 | sort abrt adm avahi bin centos chrony colord daemon dbus It is easy to export this list into a text file using the following command. [root@localhost /]# cut /etc/passwd -d “:” -f1 > system_users.txt [root@localhost /]# cat ./system_users.txt | sort | wc –l 40 [root@localhost /]# It is also possible to compare the user list with an export at a later date. [root@centosLocal centos]# cut /etc/passwd -d “:” -f1 > system_users002.txt && cat system_users002.txt | sort | wc -l 41 [root@centosLocal centos]# diff ./system_users.txt ./system_users002.txt evilBackdoor [root@centosLocal centos]# With this approach of small tools chained to accomplish bigger tasks, it is simpler to make a script performing these commands, than automatically email results at regular time intervals. Basic Commands every Linux Administrator should be proficient in are − vim grep more and less tail head wc sort uniq tee cat cut sed tr paste In the Linux world, Administrators use filtering commands every day to parse logs, filter command output, and perform actions with interactive shell scripts. As mentioned, the power of these commands come in their ability to modify one another through a process called piping. The following command shows how many words begin with the letter a from the CentOS main user dictionary. [root@centosLocal ~]# egrep ”^a.*$” /usr/share/dict/words | wc -l 25192 [root@centosLocal ~]# Linux Admin – File / Folder Management To introduce permissions as they apply to both directories and files in CentOS Linux, let”s look at the following command output. [centos@centosLocal etc]$ ls -ld /etc/yum* drwxr-xr-x. 6 root root 100 Dec 5 06:59 /etc/yum -rw-r–r–. 1 root root 970 Nov 15 08:30 /etc/yum.conf drwxr-xr-x. 2 root root 187 Nov 15 08:30 /etc/yum.repos.d Note − The three primary object types you will see are “-“ − a dash for plain file “d” − for a directory “l” − for a symbolic link We will focus on the three blocks of output for each directory and file − drwxr-xr-x : root : root -rw-r–r– : root : root drwxr-xr-x : root : root Now let”s break this down, to better understand these lines − d Means the object type is a directory rwx Indicates directory permissions applied to the owner r-x Indicates directory permissions applied to the group r-x Indicates directory permissions applied to the world root The first instance, indicates the owner of the directory root The second instance, indicates the group to which group permissions are applied Understanding the difference between owner, group and world is important. Not understanding this can have big consequences on servers that host services to the Internet. Before we give a real-world example, let”s first understand the permissions as they apply to directories and files. Please take a look at the following table, then continue with the instruction. Octal Symbolic Perm. Directory 1 x Execute Enter the directory and

Linux Admin – Useful Resources ”; Previous Next The following resources contain additional information on Linux Admin. Please use them to get more in-depth knowledge on this topic. Useful Video Courses Unix and Linux System Administration Fundamentals Course Most Popular 130 Lectures 23 hours Eduonix Learning Solutions More Detail Linux System Administration Course for Beginners Best Seller 87 Lectures 7 hours Joseph Delgadillo More Detail Linux Administration Course to Supercharge Your Career 47 Lectures 4.5 hours Jason Cannon More Detail RHEL 8 / CentOS 8 Linux Administration – RHCSA 8 – Level I 62 Lectures 6.5 hours Mustafa Mahmoud More Detail Linux System Administrator Certification 2024 Most Popular  7 Courses     1 eBooks Tutorialspoint More Detail Linux System Administration: A Practical way of learning 106 Lectures 9 hours Shikhar Verma More Detail Print Page Previous Next Advertisements ”;

Linux Admin – Package Management ”; Previous Next Package management in CentOS can be performed in two ways: from the terminal and from the Graphical User Interface. More often than not a majority of a CentOS administrator”s time will be using the terminal. Updating and installing packages for CentOS is no different. With this in mind, we will first explore package management in the terminal, then touch on using the graphical package management tool provided by CentOS. YUM Package Manager YUM is the tool provided for package management in CentOS. We have briefly touched this topic in previous chapters. In this chapter, we will be working from a clean CentOS install. We will first completely update our installation and then install an application. YUM has brought software installation and management in Linux a long way. YUM “automagically” checks for out-of-date dependencies, in addition to out-of-date packages. This has really taken a load off the CentOS administrator compared to the old days of compiling every application from source-code. yum check-update Checks for packages that can update candidates. For this tutorial, we will assume this a production system that will be facing the Internet with no production applications that needs to be tested by DevOps before upgrading the packages. Let us now install the updated candidates onto the system. [root@localhost rdc]# yum check-update Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.scalabledns.com * extras: mirror.scalabledns.com * updates: mirror.clarkson.edu NetworkManager.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-adsl.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-glib.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-libnm.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-team.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-tui.x86_64 1:1.4.0-19.el7_3 updates NetworkManager-wifi.x86_64 1:1.4.0-19.el7_3 updates audit.x86_64 2.6.5-3.el7_3.1 updates vim-common.x86_64 2:7.4.160-1.el7_3.1 updates vim-enhanced.x86_64 2:7.4.160-1.el7_3.1 updates vim-filesystem.x86_64 2:7.4.160-1.el7_3.1 updates vim-minimal.x86_64 2:7.4.160-1.el7_3.1 updates wpa_supplicant.x86_64 1:2.0-21.el7_3 updates xfsprogs.x86_64 4.5.0-9.el7_3 updates [root@localhost rdc]# yum update This will install all updated candidates making your CentOS installation current. With a new installation, this can take a little time depending on your installation and your internet connection speed. [root@localhost rdc]# yum update vim-minimal x86_64 2:7.4.160-1.el7_3.1 updates 436 k wpa_supplicant x86_64 1:2.0-21.el7_3 updates 788 k xfsprogs x86_64 4.5.0-9.el7_3 updates 895 k Transaction Summary ====================================================================================== Install 2 Packages Upgrade 156 Packages Total download size: 371 M Is this ok [y/d/N]: Install Software via YUM Besides updating the CentOS system, the YUM package manager is our go-to tool for installing the software. Everything from network monitoring tools, video players, to text editors can be installed from a central repository with YUM. Before installing some software utilities, let”s look at few YUM commands. For daily work, 90% of a CentOS Admin”s usage of YUM will be with about 7 commands. We will go over each in the hope of becoming familiar with operating YUM at a proficient level for daily use. However, like most Linux utilities, YUM offers a wealth of advanced features that are always great to explore via the man page. Use man yum will always be the first step to performing unfamiliar operations with any Linux utility. Most Common YUM Commands Following are the commonly used YUM commands. Command Action list installed Lists packages installed via YUM list all Lists all currently available packages group list Lists grouped packages info Provides detailed information about a package search Searches package descriptions and names install Installs a package localinstall Installs a local rpm package remove Removes and installs package clean all Cleans /var/cache/yum to free disk-space man yum Like all linux commands, the help file Install Software with YUM We will now install a text-based web browser called Lynx. Before installation, we must first get the package name containing the Lynx web browser. We are not even 100% sure our default CentOS repository provides a package for the Lynx web browser, so let”s search and see − [root@localhost rdc]# yum search web browser Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.scalabledns.com * extras: mirror.scalabledns.com * updates: mirror.clarkson.edu ================================================================= N/S matched: web, browser ================================================================== icedtea-web.x86_64 : Additional Java components for OpenJDK – Java browser plug-in and Web Start implementation elinks.x86_64 : A text-mode Web browser firefox.i686 : Mozilla Firefox Web browser firefox.x86_64 : Mozilla Firefox Web browser lynx.x86_64 : A text-based Web browser Full name and summary matches only, use “search all” for everything. [root@localhost rdc]# We see, CentOS does offer the Lynx web browser in the repository. Let”s see some more information about the package. [root@localhost rdc]# lynx.x86_64 bash: lynx.x86_64: command not found… [root@localhost rdc]# yum info lynx.x86_64 Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.scalabledns.com * extras: mirror.scalabledns.com * updates: mirror.clarkson.edu Available Packages Name : lynx Arch : x86_64 Version : 2.8.8 Release : 0.3.dev15.el7 Size : 1.4 M Repo : base/7/x86_64 Summary : A text-based Web browser URL : http://lynx.isc.org/ License : GPLv2 Description : Lynx is a text-based Web browser. Lynx does not display any images, : but it does support frames, tables, and most other HTML tags. One : advantage Lynx has over graphical browsers is speed; Lynx starts and : exits quickly and swiftly displays web pages. [root@localhost rdc]# Nice! Version 2.8 is current enough so let”s install Lynx. [root@localhost rdc]# yum install lynx Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.scalabledns.com * extras: mirror.scalabledns.com * updates: mirror.clarkson.edu Resolving Dependencies –> Running transaction check —> Package lynx.x86_64 0:2.8.8-0.3.dev15.el7 will be installed –> Finished Dependency Resolution Dependencies Resolved =============================================================================== =============================================================================== Package

Linux Admin – System Updates ”; Previous Next The CentOS 7 system can be updated in three ways − Manually Automatically Update manually for major security issues and configure automatic updates In a production environment, it is recommended to update manually for production servers. Or at least establish an update plan so the administrator can assure services vital to business operations. It is plausible a simple security update can cause recursive issues with common application that requires upgrading and reconfiguration by an Administrator. So, be weary of scheduling automatic updates in production before testing in development servers and desktops first. Manually Update CentOS 7 To update CentOS 7, we will want to become familiar with the yum command. yum is used to deal with package repositories in CentOS 7. yum is the tool commonly used to − Update the CentOS 7 Linux System Search for packages Install packages Detect and install required dependencies for packages In order to use yum for updates, your CentOS server will need to be connected to the Internet. Most configurations will install a base system, then use yum to query the main CentOS repository for additional functionality in packages and apply system updates. We have already made use of yum to install a few packages. When using yum you will always need to do so as the root user. Or a user with root access. So let”s search for and install an easy to use text-editor called nano. [root@centos rdc]# yum search nano Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.rackspace.com * epel: mirror.chpc.utah.edu * extras: repos.forethought.net * updates: repos.forethought.net ====================================================================== N/S matched: nano ====================================================================== nano.x86_64 : A small text editor nodejs-nano.noarch : Minimalistic couchdb driver for Node.js perl-Time-Clock.noarch : Twenty-four hour clock object with nanosecond precision Name and summary matches only, use “search all” for everything. [root@centos rdc]# Now, let”s install the nano text editor. [root@centos rdc]# yum install nano Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.keystealth.org * epel: pubmirror1.math.uh.edu * extras: centos.den.host-engine.com * updates: repos.forethought.net Resolving Dependencies –> Running transaction check —> Package nano.x86_64 0:2.3.1-10.el7 will be installed –> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: nano x86_64 2.3.1-10.el7 base 440 k Transaction Summary Install 1 Package Total download size: 440 k Installed size: 1.6 M Is this ok [y/d/N]: y Downloading packages: nano-2.3.1-10.el7.x86_64.rpm | 440 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : nano-2.3.1-10.el7.x86_64 1/1 Verifying : nano-2.3.1-10.el7.x86_64 1/1 Installed: nano.x86_64 0:2.3.1-10.el7 Complete! [root@centos rdc]# We have installed the nano text editor. This method, IMO, is a lot easier than searching for utilities on websites and manually running the installers. Also, repositories use digital signatures to validate packages assuring they are coming from a trusted source with yum. It is up to the administrator to validate authenticity when trusting new repositories. This is why it is considered a best practice to be weary of third party repositories. Yum can also be used to remove a package. [root@centos rdc]# yum remove nano Loaded plugins: fastestmirror, langpacks Resolving Dependencies –> Running transaction check —> Package nano.x86_64 0:2.3.1-10.el7 will be erased –> Finished Dependency Resolution Dependencies Resolved Now let”s check for updates. [root@centos rdc]# yum list updates Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirror.keystealth.org * epel: pubmirror1.math.uh.edu * extras: centos.den.host-engine.com * updates: repos.forethought.net Updated Packages NetworkManager.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-adsl.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-glib.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-libnm.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-team.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-tui.x86_64 1:1.4.0-17.el7_3 updates NetworkManager-wifi.x86_64 1:1.4.0-17.el7_3 updates audit.x86_64 2.6.5-3.el7_3.1 updates audit-libs.x86_64 2.6.5-3.el7_3.1 updates audit-libs-python.x86_64 As depicted, we have a few dozen updates pending to install. Actually, there are about 100 total updates since we have not yet configured automatic updates. Thus, let”s install all pending updates. [root@centos rdc]# yum update Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * base: mirrors.usc.edu * epel: pubmirror1.math.uh.edu * extras: repos.forethought.net * updates: repos.forethought.net Resolving Dependencies –> Running transaction check —> Package NetworkManager.x86_64 1:1.4.0-14.el7_3 will be updated —> Package NetworkManager.x86_64 1:1.4.0-17.el7_3 will be an update selinux-policy noarch 3.13.1102.el7_3.15 updates 414 k selinux-policy-targeted noarch 3.13.1102.el7_3.15 updates 6.4 M systemd x86_64 21930.el7_3.7 updates 5.2 M systemd-libs x86_64 21930.el7_3.7 updates 369 k systemd-python x86_64 21930.el7_3.7 updates 109 k systemd-sysv x86_64 21930.el7_3.7 updates 63 k tcsh x86_64 6.18.01-13.el7_3.1 updates 338 k tzdata noarch 2017a1.el7 updates 443 k tzdata-java noarch 2017a1.el7 updates 182 k wpa_supplicant x86_64 1:2.021.el7_3 updates 788 k Transaction Summary =============================================================================== Install 2 Packages Upgrade 68 Packages Total size: 196 M Total download size: 83 M Is this ok [y/d/N]: After hitting the “y” key, updating of CentOS 7 will commence. The general process that yum goes through when updating is − Checks the current packages Looks in the repository for updated packages Calculates dependencies needed for updated packages Downloads updates Installs updates Now, let”s make sure our system is up to date − [root@centos rdc]# yum list updates Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile * updates: mirror.compevo.com [root@centos rdc]# As you can see, there are no updates listed. Configure Automatic Updates for YUM In an Enterprise environment, as mentioned earlier, automatic updates may or may not be the preferred method of installation. Let”s go over the steps for configuring automatic updates with yum. First, we install a package called yum-cron. [root@centos rdc]# yum -y install yum-cron Install 1 Package Total download size: 61 k Installed size: 51 k