Documente Academic
Documente Profesional
Documente Cultură
-------------------------------------------------------------------
Redhat Installation through Network File Sharing)
NFS (Network File Sharing method for Linux Installation)
From Server
Note: Put all Linux dump cd’s to the server in the directory path /var/ftp/pub
# vi /etc/exports
/var/ftp/pub *(ro,sync) (For all the client users access this directory ie [*])
Note: Assume if you want to share the /var/ftp/pub to particular client, the command as
follows:
/var/ftp/pub 192.168.10.2 /255.255.255.0 (rw,sync) (Read /Write access
permission)
:wq!
# exportfs –r (read all shared directories)
# exportfs –av (append and verbose all shared directories)
# service nfs start / restart
# service portmap start / restart
To Client
Note : Put the Linux 1st cd to the client machine and boot. Follow the commands.
boot : linux askmethod
Linux installation through network
1)NFS image
ii)HARDDRIVE
2)FTP
3)HTTP
4)CDROM
Select NFS image
Servername : server1.example.com (or) 192.168.0.20 – server ip
Redhat Dir : /var/ftp/pub
Now the installation starting
Page No 1
/home/user2 *(ro,sync)
:wq!
# exportfs –r (read all shared directories)
# exportfs –av (append and verbose all shared directories)
# service nfs restart
# service portmap restart
To Client
# showmount –e 192.168.10.1
# mount 192.168.10.1:/var/ftp/pub /data1
# mount 192.168.10.1:/mnt/cdrom /data2
# mount 192.168.10.1:/mnt/floppy /data3
# cd /data1
# ls
# cd /data2
# ls
# cd /data3
# ls
NFS Overview
File sharing service.
RPC based service, so it requires Portmap.
Packages:
nfs-utils
Provides:
nfsd - Provides userland portion of NFS service.
lockd - NFS lock manager (kernel module)
rpciod -
rpc.mountd - Provides mounting services.
rpc.rquotad - Returns quota information.
rpc.statd - Used by lockd to recovery locks after a server crash.
portmap
Provides portmap program. Portmap maps calls made by other hosts to the
correct RPC service. Because portmap is compiled with tcp wrappers
Page No 2
support (libwrap), those that need to access portmap must be given access
via /etc/hosts.allow and/or /etc/hosts.deny.
Ports
TCP/UDP 111 - portmap
UDP 2049 - nfsd
The other NFS related services vary in the port numbers they use. Clients
contact portmap to find out the port number the other RPC services use.
Required Services
Listed in startup order:
NFS Server
portmap
nfs
NFS Client
portmap
nfslock
Configuration
/etc/exports
NFS server configuration file.
Format:
<directory> <host or network>(options) <host or network>(options) ......
It is critical that there not be any spaces between the host/network and
it's options.
Example:
Restrictions
Root can't mount an nfs share as root unless no_root_squash is used.
Normally when root mounts a share, NFS maps root to the local user
nobody.
You can't export a directory that is a parent or child of another exported
directory within the same file system.
e.g. You can't export both /usr and /usr/local unless /usr/local is a
separate file system.
Common Export Options
no_root_squash - Remote hosts can access local shares as root
(Dangerous!)
ro - Read-only
rw - Read/Write
sync - All file system writes must be committed to disk before the
request can be completed.
all_squash - All remote users are mapped to a local anonymous user.
anonuid - Specify the uid to user for anonymous access.
anongid - Specify the gid to user for anonymous access.
/etc/fstab
Used for NFS client configuration
Example:
server:/usr /usr nfs user,soft,intr,rsize=8192,wsize=8192 0 0
# Unexport a filesystem
exportfs -u 192.168.1.0/255.255.255.0:/tmp
showmount
Show mount information for an NFS server.
Does not require that any local NFS services be running in order to use it.
Page No 5
Example Usage:
showmount -e 192.168.1.67 # Shows available shares on host
192.168.1.67
showmount -a 192.168.1.67 # Shows the clients connected to host
192.168.1.67
# and the shares they have mounted.
rpcinfo
Reports RPC information.
Can determine if RPC services are running on a host.
Example Usage:
rpcinfo -p 192.168.1.77 # Display list of RPC services running on
192.168.1.77
---------------------------------------------------------------------------------------------------
---------------------------------------------------------------
KICK START INSTALLTION
From Server
# cd /etc
# cp anaconda-ks.cfg ks.cfg
Note : goto X window system, select System tools – KICKSTART. Modify basic
configuration installation method
NFS ip address : 192.168.10.1, Directory : /var/ftp/pub
Network : DHCP
Select the way you want to do (for Select language, keyboard layout, partition,
packages, boot loader etc.,)
Above information save the file to ks.cfg
Kick start installations possibility on four ways 1. FLOPPY 2.NFS 3.FTP 4.HTTP
# mount /media/floppy
# cp ks.cfg /media/floppy
# umount /media/floppy
To Client
Note : Put the Linux cd1 from the client machine and boot. Follow the any one
command with your
choice of installations
# linux ks=floppy
# linux ks=nfs:192.168.0.254:/kicks/ks.cfg (kicks – This is a directory which
contains ks.cfg file)
Page No 6
# linux ks=ftp:192.168.0.254:/kicksftp/ks.cfg cfg (kicksftp – This is a
directory which contains ks.cfg file)
# linux ks=http:192.168.0.254:/kickshttp/ks.cfg cfg (kickshttp – This is a
directory which stores in ks.cfg file)
Installation starting
Kickstart
Overview
Kickstart provides a way to do automated installations.
The Kickstart configuration file (ks.cfg) answers all the questions that are normally
asked during a normal install.
Allows you to automate most of the installation, including the following:
Language Selection
Mouse Configuration
Keyboard Selection/Configuration
Boot Loader Installation
Disk Partitioning
Network Configuration
Authentication (NIS, LDAP,Kerberos, Samba, and Hesoid)
Firewall Configuration
X Window System Configuration
Package Selection
Packages
mkkickstart - This package provides utilities that will create a kickstart file
based on the current machine's configuration.
ksconfig - Provides a graphical interface for creating kickstart files.
Creating a Kickstart File
Manual
Copy the sample.ks kickstart file from the RH-DOCS directory on the
documentation CD and modify it to meet your requirements. Be careful when
editing it because the sections must remain in order. The order is:
Command Section
%package Section
%pre & %post Sections
mkkickstart
Use the mkkickstart utility to create a kickstart configuration file based on the
current system's configuration.
Page No 7
ksconfig
Use the GUI tool ksconfig to create a kickstart file.
Kickstart Installation Types
Network
Requires a DHCP/BOOTP server.
ks.cfg file must be accessible from NFS, FTP, HTTP, or Samba (although
I've only been able to get it to work when the ks.cfg file is on NFS).
Can install from NFS, FTP, HTTP, & Samba.
Local
ks.cfg file must be put on a floppy boot disk.
Can install from a local CD-ROM or a local hard drive.
Kickstart Installation
Boot with a boot floppy. For a local kickstart installation, the ks.cfg must be located
in the root of the boot disk.
When SYSLINUX installation screen comes up, specify one of the following options:
ks=floppy - If ks.cfg is located on the floppy.
ks=hd:fd0/ks.cfg - Same as ks=floppy above.
ks=floppy dd - When ks.cfg is located on the floppy and you need a
driver disk.
ks=nfs:<server>:/path - ks.cfg file is on an NFS server.
ks=http:<server>:/path - ks.cfg file is on an HTTP server.
ks=ftp:<server>:/path - ks.cfg file is on an FTP server.
Additional Network Installation Info
When specifying "linux ks" at the installation prompt:
The ks.cfg file must be available via NFS.
By default, it is assumed that the ks.cfg file will be on the same server as
the DHCP/BOOTP server. To specify a different server for the ks.cfg file,
specify the following in the /etc/dhcpd.conf file:
filename "/path/to/ks.cfg"
next-server <hostname or IP>
If the path specified in the "filename" clause ends with a "/", then the file
that is looked for is: "/specified/path/<IP>-kickstart" where <IP> is the IP
address of the machine making the request.
Note that the path specified in the "filename" clause must be the full path
to the file and not the relative path from the NFS export. Kickstart will
Page No 8
automatically try to mount the NFS export based on the path's name. In
the above example, it would first try to mount "/path", then if that failed,
"/path/to".
If you don't wish to use DHCP to specify the location of the kickstart file, you can
specify one of the options listed above to point to the location of the ks.cfg file.
To install from NFS, the following directive must be used in the ks.cfg file right after
the "install" directive:
nfs --server <server> --dir <dir>
To install from HTTP or FTP, the following directive must be used in the ks.cfg file
right after the "install" directive:
url --url http://<server>/path
url --url ftp://<server>/path
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
User Creations, modification and password settings and removing
Four ways of user creations
1. adduser 2. useradd 3. redhat-config-user 4. click system settings – user &
groups
# useradd vasanth
# passwd vasanth
new password: xxxxxx
retype password: xxxxxx (at least 6 char)
# useradd –u 650 –d /home/vasanth –m vasanth
# useradd –u 700 –d /home/prem –m prem
# usermod –u 700 -o -l vasanth babaji (username modify from vasanth to babaji)
# passwd –d vasanth (remove the password)
# userdel –r vasanth (remove the vasanth user from /home dir)
Some of the important /etc configuration files modification and processing
# vi /etc/issue (After login to the user to display Terminal screen number, date and
time)
Terminal : \l
Date : \d
Time : \t
Hostname : \n
wq!
Ctrl –d (refresh )
Page No 9
# vi /etc/motd (Set the title banner for after login to the user )
-----------------------------xxxxxxxxxxxxxx--------------------------
WELCOME TO ELMAQ
-----------------------------xxxxxxxxxxxxxx------------------------
:wq!
# login : user1
passwd : xxxxxx
# login : user2
passwd : xxxxxx
# login user1
do not login
# login user2
do not login
#vi /etc/group ((All the group id and other information are inside)
vi /etc/inittab
id : 5 (default) chage the run level 1 or 2 or 3 or 4 or 6
:wq!
Run level Description
0 – Shutdown
1- Single user mode
2 - Multiuse mode without network support
3 - Multi user mode with network support
4 -Not used
5 - Multiuse mode with X window
6 - System restart
Page No 10
Change the runlevel during startup (booting) linux
i) Press a key e come down again press e display Label = / (3 type runlevel), press
enter and press b (boot)
ii) Press a key a Label = / (3 type runlevel) and press enter
# cd /etc/rc.d/rc6.d
# ls
# cd /etc/rc.d/rc5.d
#ls
# cd /etc/rc.d/rc3.d
# ls
Page No 11
:wq!
# init q
ctrl +d
Press the Function keys F8, F9, F10, F11 otherwise ctrl left cursor and right cursor.
View different terminals
Adding new Terminals in Graphical Mode
Come to command user mode
# startx -- :1 & new terminal set as F8
# startx -- :2 & new terminal set as F9
# startx -- :3 & new terminal set as F10
# startx -- :4 & new terminal set as F11
# startx (run only command mode on run level 3 or 5 )
---------------------------------------------------------------------------------------------
--------------------------------------------------------------------
Shutdown the linux
# shutdown –h now (shutdown immediate)
# shutdown –h 3 (After 3 minutes the machine will shutdown)
# halt (power off)
#poweroff
# reboot (restart)
# press ctrl +alt+del (restart)
---------------------------------------------------------------------------------------------
---------------------------------------------------------------------
vi editor (user level)
# vi test.c (filename)
esc yy – copy
esc p –paste
Page No 12
esc dd –delete
esc cc – cut
---------------------------------------------------------------------------------------------
---------------------------------------------------------------------
Switch Desk
KDE -Kool Desktop Environment or K desktop Environment
GNOME – GUN Network Object Module Environment
# init 3
# switchdesk kde
# startx
# init 3
# switchdesk gnome
# startx
---------------------------------------------------------------------------------------------
---------------------------------------------------------------------
RPM (Redhat Package Manager)
Note : Before going to install the package, first come into Linux package directory then
apply the rpm -ivh command.
# rpm –qa|grep “samba” (package query for samba)
# rpm –qa|grep “telnet” (package query for telnet)
# rpm –ivh telnet-server(press tab key take full name of telnet package)
(install telnet package)
# rpm –ivh sendmail (press TAB key take full name of sendmail package)
(install telnet package)
# rpm –ivh redhat-config-samba –aid (press TAB key take full name of samba
package) (install telnet package)
Page No 13
# rpm –U kernel (press TAB key take full name of kernel) (Upgrade the kernel
package)
---------------------------------------------------------------------------------------------
--------------------------------------------------------------------
# crontab –e
30 17 * * * * /sbin/ifdown eth0
30 9 * * * * /sbin/ifup eth0
00 20 * * * * /sbin/init 0
# crontab –e
42 * * * * echo “HAI “ >> dev/tty4
Page No 15
:wq!
service crond restart
$ date
$ ls
# crontab –help
# crontab –r
# crontab –l (list the crondtab informations)
# crontab –u user1 –r (delete a user1 from crontab)
login : user1
$ at now+1 min (Do not permit)
login : root
# at now+1 min (Do not permit)
# vi /etc/passwd
benq : :502:502:/home/benq:/bin/bash (benq is a user name, 502 is a user id, shell :
borne shell (bsh) )
#vi /etc/group
benq:x:502
# mkdir /home/benq
# pwconv
# vi /etc/shadow
#pwunconv
#vi /etc/shadow
#vi /etc/passwd
#pwconv
#passwd benq
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
FTP (File Tranfer Protocol)
Define: Get and Put the files to and from remote machine
ftp > mget * (group of files received from the user vasanth)
Page No 18
ftp > get prem.txt
ftp > put vk.txt
ftp > vijay.bak
# vi /etc/vsftpd/vsftpd.conf
ftpd “Welcome to Elmaq FTP”
:wq!
Now connecting and transfer the files from source to destination, destination to source
and vise versa.
LFTP
# lftp 192.168.0.20
# lftp 192.168.0.20 > ls
< pub >
# cd pub
# mget * (only getting the files from remote machine, no files are putting)
#lftp vasanth@192.168.0.30
password : xxxxx
vasanth@station1$ mget * (getting the files from remote user vasanth)
---------------------------------------------------------------------------------------------
---------------------------------------------------------------------
Page No 19
Samba Configuration
Def: Share the folders from Linux to windows and windows to Linux
Shared definitions (go to the last line Copy (esc 8 yy – 8 lines yanked & Paste)
[My share]
***************
***************
***************
[elmaq]
path = /home/vasanth
public =yes
writable =yes
valid user = user2 (particular user only access )
:wq!
# testparm (View the information about what folders we are sharing)
# service smb restart
# smbclient –L localhost
Go to windows and login to the samba username=sambatest and give the
password :xxxxxx
Double click Network neighborhood view /elmaq (domainname) – linux folder
(/home/vasanth)
(Click Network Servers options in X window and view the shared folders)
Page No 20
# smbclient //localhost/elmaq (domai name)/-U username=user2 (smbuser)
# smbmount //192.168.10.2/elmaq –o username =user3 (smbuser)
Assign permanently samba and nfs mounting from fstab (linux to linux and windows
machine)
# vi /etc/fstab
192.168.0.15:/share /opt nfs defaults 0 0
//192.168.0.15 /sad /tmp smbfs defaults, username=vasanth,
passwd=xxxxxx 0 0
192.168.0.17:/var/ftp/pub /dump nfs defaults 00
:wq!
#service nfs restart
#service smb restart
# service netfs restart
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
GRUB and LILO Boot Loader
Grub to lilo
# lilo
Page No 21
Lilo to Grub
# grub–install /dev/hda
# vi /boot/grub/grub.conf
# root (hd0,0) (comment this line)
# kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ (comment this line)
# initrd /initrd –2.4.21.4 EL.img (comment this line)
# boot (comment this line)
:wq!
After restart the linux system the command prompt appear
grub > root (hd0,0)
grub > cat (hd0,0)/grub/grub.conf
grub > kernel /vmlinuz-2-4-21-40 EL ro root = LABEL=/ 3
grub > initrd /initrd –2.4.21.4 EL.img
grub > boot
booting of the linux
set the password to grub loader
Method 1:
Goto gnome or KDE terminal and type the following commands:
# grup-md5-crypt
password : xxxxxx
retype : xxxxxx
$4567898@#637 (copy this encrypt password and paste to:
# vi /etc/grub.conf
Before the title in linux
Password --md5 $4567898@#63
After the title in linux
Password --md5 $4567898@#63
:wq!
Method 2:
# grub–md5-crypt >> /boot/grub/grub.conf
new passward : xxxxxx
retype password :xxxxxx
#vi /boot/grub/grub.conf
Page No 22
Remove the password at bottom of the line
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Permissions
U – user 4 – read r - read
G – group 2 – write w- write
O – others 1- execute x-execute
# cat > file1
# cat > file 2
# ls –l
# chmod 677 file1
# chmod ugo=rwx file2
# ls –l
Page No 23
# mkdir test
# cp *.txt test
# chmod –R 766 test (R - Recursively)
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Create a group
groupadd elmaq
vi /etc/group
check the groupname - elmaq groupid
elmaq:x:710 class1,class2 (users membership)
vi /etc/passwd
class1:x:690:690 - > 690 change the group id to 710
class1:x:690:710 (here userid – 690(class1) and 710(elmaq) is called group id)
class2:x:691:710 (here userid – 691(class2) and 710(elmaq) is called group id)
class3:x:692:692 (here userid – 692(class3) and 692(class3) is called group id)
above statements the class1 and class2 had membership from elmaq group
Go to root login. Create one common folder for accessing group permission
Page No 24
# mkdir /home/angels (here angles is a common folder for accessing the group
membership users)
# chown nobody.elmaq /home/angles (Set the group ownership of elmaq group)
#chmod 2770 /home/angles (set the group id and permissions for user=rwx
group=rwx and other=none)
Go to other Terminals
Login class1
$ cd /home/angles (permissions accept)
Login class2
$ cd /home/angles (permissions accept)
Login class3
$ cd /home/angles (permissions denied) – because this user not membership from
elmaq group
---------------------------------------------------------------------------------------------------
-----------------------------------------------------------------
STRICKY BIT
This is special file permission for Directories. For access this directory only the user
ownership and super user.
Others can’t access.
---------------------------------------------------------------------------------------------------
-----------------------------------------------------------------
UMASK
Login from root
root # umask
0022
666 ( - ) File Permission 777( -) Directory Permission
Page No 25
022 = 644 (rw r r) 022 = 755 (rwx rx rx)
vasanth $: umask
0002
666 (-)File Permission 777( -) Directory Permission
002 = 664 (rw rw r) 002 = 775 (rwx rwx rx)
Change umask
root # umask 044
666 (-)File Permission
044 = 622 (rw w w)
# cat > mk.txt
# cat > bn.txt
# ls –l
If you want to change the umask permanently in privilege & non privilege users for
following:
# vi /etc/bashrc
umask = 044 – set the umask .
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
SWITCH USER
# su – user2 (Skip from root to user2)
# su – (come back to root)
# su – user3 (Skip from root to user3)
# su –
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
CREATE A NEW PARTITION
# df –h (Check the free space of your Harddisk)
Page No 26
# fdisk –l
# fdisk /dev/hda
:m help
:p (print the partition)
:n (new partition)
first range : 4024 (cylinders)
last range : +500M
-t (change the partition id)
partition (1-13) 13 (Partition volume example /hda13)
-l (File System type)
- 83 (linux File system)
-w (writing table)
ctrl +c (exit)
# partprobe (without restart system the partition defined)
# mkfs.ext3 /dev/hda13 (ext3 linux filesystem) (or) # mkfs –t ext3 /dev/hda13
(or) mkfs – j /dev/hda13
# e2label /dev/hda13 /data (Label name = /data)
# mkdir /data
# mount /dev/hda13 /data (mount /hda13 to /data)
# vi /etc/fstab
/dev/hda13 /data /ext3defaults 0 0
:wq!
#service nfs restart (It is automatically mounted every time starts the Linux
machine /dev/hda4 to /data)
DELETE A PARTITION
Note : (Before delete a partition , first umount the partition files systems)
# fdisk /dev/hda
# command (m) help : d
# partition (1-9) : 9 (deletion partition)
# command(m) : w (writing table)
# partprobe
Page No 27
TCP Wrappers
*Security
*Ssh – Connect to remote machine securerly
# vi /etc/hosts.deny
sshd:ALL (Disable the service (Secure Shell SSH) for all machines)
sshd:192.168.10.3 (Disable the service (Secure Shell SSH) for particular ip machine)
vsftp : ALL EXCEPT 192.168.0.30
portmap:ALL
icmp:ALL
in.telnetd.ALL EXCEPT 192.168.0.50
# vi /etc/hosts.allow
vsftpd:192.168.10.4 (Allow the ftp permission for particular ip machine)
sshd:192.168.10.3 (Allow the ssh permission for particular ip machine )
icmp:192.168.10.5 (Allow the icmp permission for particular ip machine )
ALL EXCEPT vsftpd:ALL
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Disable the Telnet Service
Telnet is xinetd based service. There is no such deamon
# cd /ect/xinetd.d
# vi telnet
disable = yes (telnet service is disabled)
:wq:
# service xinetd restart
From server
# service xinetd start /restart
# telnet 192.168.0.20
login : vasanth
password :xxxxxx
Page No 28
To client
Page No 29
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
RESCUE MODE
Trouble shooting
# vi /etc/fstab
# LABEL / (comment 1st line)
:wq!
# vi /etc/shadow
# root ::1 (comment 1st line)
:wq!
# vi /etc/inittab
# id : 0 (default) change the run level 0)
:wq!
# vi /etc/passwd
root:x:0:0:root:/root:/bin/bash – this is normal startup
root:x:0:0:root:/root:/bin/bash/nologin – root not login
:wq!
---------------------------------------------------------------------------------------------------
-----------------------------------------------------------------
gunzip
# ls
# gunzip back.tar.gz
Extracting
Copy back.tar.gz to /home/user directory (or) some other directory
Page No 30
# cp back.tar.gz /home/user
# cd /home/user
# tar xvf back.tar
# ls
using bzip / bunzip
# bzip2 back.tar
# ls
# bunzip back.tar.bz2
Extracting
Copy back.tar.bz2 to /home/user directory (or) some other directory
# cp back.tar.bz2 /home/user
# cd /home/user
# tar xvf back.tar
# ls
compress / uncompress
# compress back.tar
# ls –l back.tar.z
# uncompress back.tar.z
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
IPTABLES
FIREWALL
# service iptables restart
Page No 31
# iptables – L (list the iptables INPUT /OUTPUT /FORWARD)
# iptables –A INPUT –p tcp –j DROP (or) REJECT [A –Append, p –protocol, j-jump)
- DROP tcp in your machine
# iptables – L
Page No 32
Iptables –A INPUT –I eth0 –s 192.168.0.40 –j REJECT (From the sever interface
Rejects to only a
client machine192.168.0.40)
Iptables –A INPUT –p tcp –j REJECT (From the server network services (ftp, telnet,
ssh, pop, http etc.,)
Reject to the all client machines)
Iptables –A INPUT –p tcp –s 192.168.0.30 –j REJECT (From the server network
services (ftp, telnet, ssh, pop, http etc.,)
Reject to only the client machine 192.168.0.35 other clients
can access for all services)
Iptables –A INPUT –p tcp –s 192.168.0.30 –dport 23 –j REJECT (From the server
network service telnet can
(Reject to only the client machine 192.168.0.35 but other
services can access)
iptables –A INPUT ! –s 192.168.0.254 –j DROP (Drop all services expect
192.168.0.254)
OUTPUT CHAINS
Iptables –A OUTPUT –j REJECT (From server can’t access to the client machines
service)
Iptables –A OUTPUT –o eth0 –j REJECT (From server can’t access from all the
outbound eth0’s)
Iptables –A OUTPUT –o eth0 –s 192.168.0.50 –j REJECT (From server can’t access
from only a 192.168.0.50
outbound eth0)
Iptables –A OUTPUT –p tcp –j REJECT (From server can’t access form all the client
machi nes tcp protocol service)
Iptables –A OUTPUT –p tcp –d 192.168.0.30 –j REJECT (From server can’t access
form only a client machine
192.168.0.35 for all tcp protocol service)
Iptables –A OUTPUT –p tcp –d 192.168.0.30 –dport 21 –j REJECT (From server
can’t access form only a client machine
192.168.0.35 FTP protocol. But other services
allowed)
# vi /etc/services (list the protocol port values)
# vi /etc/sysconfig /iptables
Page No 33
---------------------------------------------------------------------------------------------
----------------------------------------------------------------------
IPTABLES – NAT
For enabling the NAT on the eth1, which represents the entire network.
vi /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all=1
net.ip_forward=1
Page No 34
LINUX BOOTING DISK CREATION FROM RHEL 4
1. Plug the USB Pen drive
2. Service kudzu start
3. vi/etc/fstab
check the file system entry for usb pendrive
/dev/sda1 /media/usbdisk vfst defaults 0 0
4. cd /var/ftp/pub/images (Redhat images directory)
5. dd < diskboot.img > /dev/sda1 (now making the booting disk to pen derive)
(note : Pen drive file system VFAT)
reboot the linux system
6. go to the BIOS setup (change the BOOT device priority first boot – USB pen 2nd
boot- harddisk 3rd boot – cdrom)
7. boot : (the command prompt appears)
CONTROLLING SERVICES
# redhat-config-services
# ntsysv (list what services start / stop)
# chkconfig – list
# service
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
FLOPPY DISK FORMATTING
Low level format
# fdformat /dev/fd0H1440 (/usr/bin/fdformat)
Page No 35
REMOVE THE LINUX COMMANDS HISTROY
Command mode
# HISTSIZE=0
# HISTFILESIZE=0
HISTSIZE=0
HISTFILESIZE=0
export USERNAME BASH_ENV PATH HIST SIZE HISTFILESIZE
::wq!
# export HISTFILESIZE=0
# export HISTSIZE=0
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
VIRTUAL NETWORK SCRIPTS
# cd /etc/sysconfig/network/network_scripts (all network services display)
# echo “1” > /proc/sys/net/ipv4/icmp_ignore_all (pinging off your machine ip address)
# echo “1” > /proc/sys/net/ipv4/ip_forward (pinging off your machine ip address)
# vi /etc/sysctl.conf (network ipv4_forward information)
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Page No 37
# login : (from nis user name)
NIS Trouble Shooting (client side)
ypwhich - return name of NIS server or map master
yptest – test NIS configuration
Note : NIS server users /home directory can permanently mount to the NIS client
vi /etc/fstab
192.168.0.254:/home /home nfs defaults 0 0
192.168.0.254:/root /root nfs defaults 00
service nfs restart
service netfs restart
Note : logout the existing users & logon to the NIS server users.
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Linux commands (Alias)
# alias k=”ls – l”
# alias m= “mkdir “
# alias r= “rm”
#alias c=”clear”
CAT command
# cat –A <filename> show all characters
# cat –s <filename> sqeeral
# cat –b <filename> number specify each line.
Help Utilities
# man passwd
# passwd --help
# ls --help
# info less
# info passwd
Page No 38
Graphical Editor
# xemacs
# vi
# kwrite
# kmail
# gedit
# ooffice (Word)
# oocalc (Excel)
# oopadmin ( printadmin)
whereis
# whereis update
# whereis grep
# whereis smb.conf
find
# find / -name *.html
# find /var/www/html -type f –name *.html –exec rm –f {} /;
# find / -name mount
# find /home/vasanth –name “*.txt” –exec cp {} {}.org \;
# find /home/vasanth –name “*.txt” –exec cp {} \txtbackup \; (Search all text
files and copy to \txtbackup folder)
# find /home/vasanth –name “*.txt” –exec rm {} \; (Remove all the text files for
specified folder)
# which csh
# which sh
# which rm
# which bsh
Note : which command is used to identify the path /bin & /sbin
Login
# exe login <username>
# exe login kumar
ls
# ls –l (detail information)
# ls – a (hidden)
# ls –R (subdirectory listing)
# ls –li (list the files inode)
SoftLink
# ln –s kl kumar
Different inode and different filename
HardLink
# ln kl kumar1
same inode different filename
Page No 40
DHCP CONFIGURATION
# ntsysv
Display what services automatically started.
# chkconfig dhcpd on
# chkconfig – list dhcpd
cp /usr/share/doc/dhcp-3.op.1/dhcpd.conf.sample /etc/dhcpd.conf
# vi /etc/dhcpd.conf
subnet 192.168.0.0 net mask 255.255.255.0
Range dynamic_bootp 192.168.0.21 192.168.0.40 ;
:wq (save & exit)
# service dhcpd restart
# touch /var/lib/dhcp/dhcp.leases
# vi /var/lib/dhcp/dhcp.leases
# ddns (other users access)
# dhclient (dhcp client)
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Squid Proxy
1. Set the proxy server, to restrict the particular websites sharing to the client users.
2. To create the partition volume capacity at least 100 MB up to 2 GB. This partition
can be used to configure the squid proxy.
Take the 1000 MB capacity partition (for example /dev/hda9) for squid configuration.
# fdisk -l
#mkdir /squid
# mount /dev/hda9 /squid
Page No 41
# ls /squid
# df – h
# vi /etc/fstab
/dev/hda9 /squid ext3 0 0
:wq! (save & exit)
cd /etc/squid/
cp squid.conf squid.conf.bak
vi /etc/squid/squid.conf
line no : 53 http port:3142 (specify the port value for example 8080)
line no : 695 cache_dir ufs /var/spool/squid 1000 16 256
line no : 705 cache_access_log /var/log/squid/access.log
line no : 710 cache_log /var/log/squid/cache.log
line no : 720 cache_store_log /var/log/squid/store.log
mdadm --manage /dev/md0 --add /dev/hda10 – Add in the new good drive
mkfs –j /dev/backup/logbackup
vi /etc/fstab
Extend LVM (Do not umount the existing LVM file system-for example /data)
Page No 43
vgdisplay ( display the volume group size )
Note: Now /data contains 2.25GB capacity – 2000MB and +250MB capacity extended.
Remove LVM
umount /dev/backup/logbackup
# vi/etc/fstab
/dev/hda10 swap swap defaults 0 0
:wq!
# service nfs restart
# swapon –a (active the swap partition)
# swapon –s (check the status of the swap partition)
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
DISK QUOTAS
# vi /etc/fstab
Page No 44
set the quota’s for
LABEL=/home /home ext3 defaults
usrquota,grpquota 1 1
:wq!
# mount –o remount /home
USER QUOTA
# quotacheck –cm /
# quotaon /home
# edauota –u vasanth (username)
Files systems blocks soft hard inods soft
1568 100 (Soft limit 100K) 200 (Hard limit 200K) 287
0
# login : vasanth
# cat >bim.txt
GROUP QUOTA
# edquota –g elmaq (groupname)
Files systems blocks soft hard inods soft
1568 100 (Soft limit 100K) 200 (Hard limit 200K) 287
0
login : test1 (This test1 is grouped from elmaq)
login : test2 (This test2 is grouped from elmaq)
Create any files from the user’s test1 or test2; do not exceed 100k to 200k.
Because the quotas defined maximum of 200K.
Page No 45
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
SUDO
vi /etc/sudoers
# User Alias specification
User_Alias USERS=user1, user2
#Cmnd_Alias specifications
Cmnd_Alias COMMAND =
/usr/sbin/useradd,/usr/bin/passwd,/sbin/shutdown –h now
#User Privilage specification
root ALL=(ALL) ALL
USERS ALL=ALL, COMMAND
Login user1
User1@server1$ sudo /usr/sbin/useradd kannan
User1@server1$ sudo /usr/sbin/passwd kannan
User1@server1$ sudo /sbin/shutdown –h now
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
PAM (Pluggable Authentication Module)
/etc/pam.d – PAM account specifications
/lib/security – PAM Accounts Service
/etc/pam.d
1. login – account required /lib/security/pam_access.so
2. vsftpd – account required /lib/security/pam_ftp.so
3. crond – account required /lib/security/pam_deny.so
4. hwbrowser – account required /lib/security/pam_deny.so
5. system-config-display – account required /lib/security/pam_deny.so
6. system-config-samba – account required /lib/security/pam_deny.so
7. system-config-securitylevel – account required /lib/security/pam_deny.so
8. system-config-rootpassword – account required /lib/security/pam_deny.so
9. sshd – account required /lib/security/pam_deny.so
Page No 46
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Auto Mounter (cd, floppy & nfs)
/etc/auto.misc
Enable the following options
cd –fstype =iso9660,ro,nosuid,nodev :/dev/cdrom (automount the
cdrom from /misc/cd)
pub –fstype=nfs,intr,soft : 192.168.0.254:/pub (automount the
nfs pub folder from misc/pub)
floppy -fstype=auto :/dev/fd0 (automount the floppy
from /misc/floppy)
/etc/auto.master
/misc /etc/auto.misc --timeout=60
service autofs restart
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
E-Mail Configuration
Configuring of IMAP & POP
Page No 47
Save the file.
Page No 48
Name: user1@server1.example.com
Finish
Go to user1 inbox
Go to Evolution Mail
Tools -> settings
Page No 49
Add new Mail Account ->
FullName : user1
E-mail: user1@server1.exampel.com (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: user1@server1.example.com
Finish
Go to user1 inbox
Go to Evolution Mail
Tools -> settings
Add new Mail Account ->
FullName : user2
E-mail: user2@server1.exampel.com (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: user2@server1.example.com
Finish
Go to user2 inbox
Page No 50
Go to Evolution
Tools -> settings
Add new Mail Account ->
FullName : user3
E-mail: user3@server1.exampel.com (click forward)
Receiving Mail : IMAP
Host : server1.example.com (or) u r mail server ip address (Click Forward)
Sending Mail : SMTP
Host : server1.example.com (Click Forward)
Name: user3@server1.example.com
Finish
Go to user3 inbox
Note: Now u can send and receive the mails from station1 (ie user1) to
station2 (ie user2) and vice versa.
(Send and Receive the Mails from linux server to Windows outlook express)
Go to outlook express
Select tools - > accounts -> Add mail
Display name: user1
E-mail Address : user1@server1.example.com
(click next……..)
(click next……..)
Page No 51
go to inbox of (192.168.0.254) u can send and receive the mails from linux
server to outlook express and vice versa
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
X Desktop Management Control Protocol
XDMCP
In linux you need to provide font using either X font server (xfs) or hard coded font path
in xf86 config and xf86config -u conf files. If you plan to use xfs font server, modify the
file given below,
If you change or add the port use this comand to restart your x font server,
vi /etc/X11/xdm/Xaccess
(make the following modifications, this allows all hosts to connect)
(change to)
(change to)
“ Enable = True ”
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
DNS (Domain Name System)
Server:
[server1.example.com, 192.168.0.254]
zone "0.168.192.in-addr.arpa" IN {
type master;
file "java.com.local";
allow-update { none; };
};
6) cd /var/named/chroot/var/named
7) cp localhost.zone java.com.zone
8) cp named.local java.com.local
9) vi java.com.zone
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com (
42 ; serial (d. adams)
Page No 53
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS server1.example.com
www IN A 192.168.0.254
26. vi java.com.local
$TTL 86400
@ IN SOA server1.example.com. root.server1.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS server1.example.com
254 IN PTR www.java..com (Domain 1 specified) Two Domains
for Same IP address
254 IN PTR www.virtual.com (Domain 2 specified)
vi /etc/hosts
192.168.0.254 www.java.com
192.168.0.254 www.cirtual.com
neat
Device:
Static IP add : 10.0.0.25
Netmask : 255.0.0.0
DNS:
Primary DNS : 10.0.0.25
DNS Path : redhat.com/
DNS Client:
1) service named restart
2) neat
Page No 54
Device:
Static IP add : 10.0.0.24
Netmask : 255.0.0.0
DNS:
Primary DNS : 10.0.0.25
DNS Path : redhat.com/
3) vi /etc/resolv.conf
search www.java.com
nameserver 192.168.0.254
4) vi /etc/hosts
192.168.0.254 www.java.com
192.168.0.254 www.cirtual.com
5) service named restart
1.Create a directory under /var called /website. Put the webpages that you have
already created for your website in this directory. If you don't have a website ready,
create one single html file for testing.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.
The last 7 files will look sa here under :-
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
Page No 55
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :-
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
Page No 56
1.Create a directory under /var called /website to store www.vk.com webpages and a
directory under /var called /newweb to store www.redhat.com webpages. Put the
respective webpages that you have already created for your websites in the
corresponding directories. If you don't have a website ready, create one single html file
for testing in each directory.
2.Open the file /etc/httpd/conf/httpd.conf. Go to the end of the file by pressing G.
The last 7 files will look sa here under :-
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
3.Copy these 7 lines by issuing the command 7yy. Paste these 7 lines at the end by
pressing p. Your file will look as here under :-
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
4. Repeat Step 3. The end of the file will look like here under :-
#<VirtualHost *>
Page No 57
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
5.If you want to host multiple domains on the same IP, there is a directive called
NameVirtualHost that you need to configure. You will find this directive to be
commented just above the Virtual Host area. Change it to NameVirtualHost
192.168.10.99 . Once this is done, change the last lines to the following :-
<VirtualHost 192.168.10.99>
DocumentRoot /var/website
DirectoryIndex index.html
</VirtualHost>
<VirtualHost 192.168.10.99>
DocumentRoot /var/newweb
DirectoryIndex index.html
Page No 58
</VirtualHost>
NOTE : If you do not give the DirectoryIndex directive, you will always get the
index.html of www.vk.com only.
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
MULTI PLE SITES ON SAME IP ADDESS AND ALSO SHARING THE FOLDERS
THROUGH HTTP
(www.virtual.com)
<VirtualHost 192.168.0.254:80>
ServerAdmin root@server1.example.com
DocumentRoot /var/www/html/virtual (This folder contains the web index.html)
DirectoryIndex index.html
Page No 59
ServerName www.virtual.com
ErrorLog logs/dummy-virtual.com-error_log
CustomLog logs/dummy-virtual.com-access_log common
</VirtualHost>
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
Alternatives
Introduction
It is possible for several programs fulfilling the same or similar functions to be installed
on a single system at the same time. For example, many systems have several text
editors installed at once.
This gives choice to the users of a system, allowing each to use a different editor, if
desired, but makes it difficult for a program to make a good choice of editor to invoke if
the user has not specified a particular preference.
In our example, we are going to create a link called editor, which will have a generic
name of myeditor. This link and generic name are going to be associated with 3 text
editors, namely gedit, kwrite and emacs. We will then switch the default editor between
these 3 editors according to user preference. The steps to implement this scenario are
less, but the concept is not that simple to understand.
Page No 60
The first command installs a link editor under /etc/alternatives directory, links it to a
generic name of myeditor, which in turn is linked to the kwrite application with a priority
of 90. The next two commands do the same thing for gedit and emacs.
The option with the + sign is the default application. As you see, the above command
also expects you to specify another choice if you wish to. Now, we have successfully
created our alternative and have associated it with the above 3 applications.
Now, double click on the Home icon on your desktop. I am assuming that you are
currently working on KDE. Right click on any text file and then select Open With ->
Other. In the window that is displayed, type /etc/alternatives/myeditor in the Open With
Text Box and then tick the checkbox at the bottom that says Remember Application
Association for this type of file and then click on the OK button. That's it. As you see in
the above output, kwrite is the default editor. That is, whenever you double click on a
text file, it will be opened in kwrite. Run the previous command again
code:
alternatives --config myeditor
You will get the following output. Just type 2 as the selection number and press enter :-
Page No 61
code:
There are 3 programs which provide 'myeditor'.
Selection Command
-----------------------------------------------
*+ 1 /usr/bin/kwrite
2 /usr/bin/gedit
3 /usr/bin/emacs
---------------------------------------------------------------------------------------------
-----------------------------------------------------------------------
4. LVM (For example To create a LVM Grouping of each 500 MB of /dev/hda5 &
/dev/hda6 and mount to the /misc )
5. Remove the .bash_profile .bash_logout .bashrc files from non privileged users &
correct it.
Page No 62
7. Rename your /etc/shadow configuration file. One possible name is /etc/bak.shadow
8. Administrator not knowing the root password, but he wants login to root.
9. Modify some of the options or remove the file /etc/X11/xorg.conf and wcorrect it (X
window trouble)
10. Modify some of the options inside the /etc/X11/xinit/xinitrc and correct it (X window
trouble)
12. Damage the file systems like /home /var /opt /tmp and correct it
13. Permanently assign the different label name to the existing file system
14. Change the label name for existing files systems like LABEL=/, LABEL=/home,
LABEL=/var & reboot the
system, analyze the problem and correct it.
15. Using fdisk create a new partition, delete a partition, formatting, mounting, and
permanently assign the
drives from the fstab.
16. Set the Grub Boot loader password & remove the Boot loader password using Linux
boot CD.
21. Damage the Existing Linux swap and make a new swap partition and include the
/etc/fstab
Page No 63
22. chattr + i /etc/passwd, chattr +i /etc/group, chattr +i /etc/shadow (This is read
only files). The users not login.
23. chattr + i /etc/securetty (This is read only files). Virtual console / tty problem
24. Open the file vi /etc/X11/fs/config comment to all FONT PATH options. And restart
the system.
26. i) Rename your /etc/inittab configuration file. One possible name is /etc/bak.initttab
ii) /etc/inittab
# id:5:initdefault: (reboot the system and correct it)
27. For example your system was installed win98 and LINUX. (Problem creating -clear
the linux MBR)
Booting your system through win98 boot disk and apply the command
FDISK /MBR,
Restart the system now LINUX MBR is cleared. Recover the LIUNX MBR.
29. Rename your /etc/profile configuration file. One possible name is /etc/bak.profile
30. Rename your /etc/bashrc configuration file. One possible name is /etc/bak.bashrc
31. After typing the following command, check it three times and hit enter but once
dd if= /dev/zero of=/dev/hda bs=446 count=1; reboot (wiped out your boot
sector)
32. Use the following commands can overwrite the MOUNT command.
33. /etc/shadow
#root:$1$1PlkLa::: (restart the system and correct it)
34. Go to vi /etc/sysconfig/network
Netwroking = yes (change Networking=no)
Hostname = localhost localhostdomain
Page No 64
:wq! (save and exit)
Problem : All Daemons are not functioning or not working
35. Go to vi /etc/selinux/config
SElinux = disabled (change SElinux = enforcing=0 or enforcing=1)
Save, exit and restart the system and correct that problem.
36. Remove all permissions to /tmp for the command as chmod 000 /tmp and restart
the linux system. The X window
problems creating.
37. Remove all permissions to /home for the command as chmod 000 /home and
restart the linux system. The X window
problems creating.
38. You can check it whether /tmp or /home directory is full (ie No Diskspace) or not.
Because if any one is full the Xwindow problem is create it.
Page No 65
MAIL CONFIGURATION
cd /etc/mail
SENDMAIL CONFIGURATION
vi sendmail.mc
dnl # DAEMON-OPTIONS (port=smtp,Addr=127.0.0.1,NAME=MTA dnl -- line no 105
(Comment this line
:wq! (save and exit)
chkconfig sendmail on
service sendmail restart
Page No 66
vi /etc/dovecot.conf
protocols = imap imaps pop3 pop3s
Note :
(If the Examinar asking question IMAP you choose only IMAP)
(If the Examinar asking question IMAPs(IMAP secure) you choose only IMAPs)
:wq! (save and exit)
chkconfig dovecot on
service dovecot restart
go to X window and click Evolution mail and configure the mail for user JOHN in POP3
and SMTP.
Now user john gets the mail.
go to X window and click Evolution mail and configure the mail for user JANE in IMAP
and SMTP.
Now user jane gets the mail.
Send the mail from ROOT to user JOHN using MAIL and MUTT Command
. (dot)
CC : (Carbon copy)
ctrl-z ( mail informations stopped)
root@server1# mutt
Page No 67
Press a key m (MAIL)
To: john@server1.example.com
Subject: TESTING MAIL
Go to Evolution Mail click Send&Receive options, the user JOHN gets the mail.
---------------------------------------------------------------------------------------------------
----------------------------------------------------------------
Create a MAIL Certification
cd /usr/share/ssl/certs
rm dovecot.pem
make dovecot.pem
Country Name (2 letters code) GB : in
State (or) province name (fullname) : tamilnadu
Localityname (city) : Coimbatore
Organisation name (eg.company): elmaq
Organisation Unit Name(eg:section): Redhat
Common Name (eg.Your Name or yours servers.hostname) : server1.example.com
E-mail Address : john@server1.example.com
Page No 68
Configure POP3 on your system such that user jane is able to receive mails. Disable
POP3 for cracker.org machines
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 110 –j REJECT
(POP3)
Iptables –A INPUT –s 192.168.1.0/255.255.255.0 –p tcp –dport 995 –j REJECT
(POP3s)
---------------------------------------------------------------------------------------------------
----------------------------------------------------------------
Create a MAIL ALIASES for example.com as something.com
Vi /etc/aliases (go to last line)
example.com: something.com
Vi /etc/auto.master
/rhome /etc/auto.misc
:wq ! (save and exit)
vi /etc/auto.misc
Go to last line
Page No 69
Page No 70
Page No 71
Page No 72