TAMILNADU TRAVEL BLOGS
6. OOTY - APR 2013
7. KUMBAKONAM, THANJAVUR, CHIDAMBARAM - MAR 2014
8. THARAGAMBADI, NAGAPATTINAM - APR 2014
8. THARAGAMBADI, NAGAPATTINAM - APR 2014
Showing posts with label 1. HEADINGS. Show all posts
Showing posts with label 1. HEADINGS. Show all posts
LONG WEEKENDS GETAWAYS FROM BLORE
Here are places which can be covered during Long week-ends from Bangalore...
HAMPI-BADAMI-MAHAKOOTA-AIHOLE-PATTADKAL
SOUTH-KARNATAKA-TEMPLES
CHIKMAGALUR - KUDREMUKH - KEMMANGUNDI
KUMBAKONAM - THANJAVUR - CHIDAMBARAM
GOA
HYDERABAD
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
WEEK-END GET-AWAYS FROM BANGALORE:(2 days)
Me and Ramesh are Software Engineers,
We love traveling in week-ends..Here are the places, which can be covered in week-end without taking leave :)
CHITRADURGA - HIRIYUR
MYSORE
1.KARNATAKA
CHITRADURGA - HIRIYUR
MYSORE
MYSORE 2 - BANDIPUR
2.TAMILNADU
OOTY
MADURAI AND KARAIKUDI
THARANGAMBADI - NAGAPATTINAM
PONDICHERRY(TEAM OUTING)
2.TAMILNADU
OOTY
MADURAI AND KARAIKUDI
THARANGAMBADI - NAGAPATTINAM
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
ONE DAY TRIPS FROM BANGALORE
I am from Bangalore.I love exploring near by places in week-ends. Here is a list of places, which can be covered in a single day from Bangalore...
5.WONDERLA
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
TRIPS IN KARNATAKA (FROM BANGALORE)
I am from Bangalore, Karnataka...
I love exploring near by places in week-ends. Here is a list of places to visit, with Bangalore as a starting point...
Bangalore
4. WONDERLA
7. CLUB CABANA
Other Towns/Districts of Karnataka
9. KOLAR - KOTILINGA
10. TALKAD - SOMANATHAPURA
11. CHIKKABALLAPURA - LEPAKSHI - NANDIHILLS
12. BELUR- HALEBIDU - SHRAVANABELAGLA
13. MELKOTE - MANDYA
15. CHITRADURGA - HIRIYUR
17. MYSORE
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
ONE DAY TRIPS FROM CHENNAI
Ramesh is from chennai.. We are now settled in Bangalore. These are the trips, that we covered during Long week-end trip to chennai.
1.TIRUTANI TEMPLE FROM CHENNAI
2.TEMPLES IN CHENNAI
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
AYUTTHAYA
We were planning on a International trip
from Long time, it was postponed due to lot of constraints..Finally we
decided a trip for our 3rd year wedding anniversary. We discussed
about couple of places and zeroed on Thailand.
DAY 7 : AYUTTHAYA
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
DAY 7 : AYUTTHAYA
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
BANGKOK
We were planning on a International trip
from Long time, it was postponed due to lot of constraints..Finally we
decided a trip for our 3rd year wedding anniversary. We discussed
about couple of places and zeroed on Thailand.
Below are the places we visited in Bangkok.
DAY 3 : BANGKOK WATS TOUR
DAY 4: SAFARI WORLD
DAY 5 - Dest 1: SIAM OCEAN WORLD
DAY 5 - Dest 2 : SIAM NIRAMIT SHOW
DAY 6 - ERAWAN MUSEUM
DAY 8 - ANCIENTY CITY OR MUANG BORAN
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
Below are the places we visited in Bangkok.
DAY 3 : BANGKOK WATS TOUR
DAY 4: SAFARI WORLD
DAY 5 - Dest 1: SIAM OCEAN WORLD
DAY 5 - Dest 2 : SIAM NIRAMIT SHOW
DAY 6 - ERAWAN MUSEUM
DAY 8 - ANCIENTY CITY OR MUANG BORAN
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
PATTAYA
We were planning on a International trip
from Long time, it was postponed due to lot of constraints..Finally we
decided a trip for our 3rd year wedding anniversary. We discussed
about couple of places and zeroed on Thailand.
Below are the places we visited in Bangkok.
DAY 1 THAILAND (Pattaya)
DAY 1 : Dest 1: SANCTUARY OF TRUTH (Pattaya)
DAY 1: Dest 2 : MINI SIAM (Pattaya)
DAY 2 : Dest 1: CORAL ISLAND (Pattaya)
DAY 2: ALCAZAR SHOW (Pattaya)
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
Below are the places we visited in Bangkok.
DAY 1 THAILAND (Pattaya)
DAY 1 : Dest 1: SANCTUARY OF TRUTH (Pattaya)
DAY 1: Dest 2 : MINI SIAM (Pattaya)
DAY 2 : Dest 1: CORAL ISLAND (Pattaya)
DAY 2: ALCAZAR SHOW (Pattaya)
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH033 COURSE NOTES
033 NOTES
RH033 0. HELP COMMANDS IN LINUX
RH033 1. A UNIX FILE SYSTEM
RH033 2. BASIC COMMANDS IN LINUX
RH033 3. USER ADMINISTRATION LINUX
RH033 4. CHANGE PERMISSIONS OF FILE/DIR
RH033 5. SHELLS IN LINUX (BASH)
RH033 6. STANDARD INPUT/OUTPUT AND ERROR REDIRECTION
RH033 7. TEXT PROCESSING TOOLS IN LINUX
RH033 8. SYSTEM CONFIG
RH033. 9. PROCESS
RH033. 10.CONFIGURING BASH SHELL
RH033 11. FIND AND PROCESSING TOOLS
RH033 12 . NETWORK CLIENTS
RH033 13. ADVANCED USER ADMINISTRATION
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH033 0. HELP COMMANDS IN LINUX
RH033 1. A UNIX FILE SYSTEM
RH033 2. BASIC COMMANDS IN LINUX
RH033 3. USER ADMINISTRATION LINUX
RH033 4. CHANGE PERMISSIONS OF FILE/DIR
RH033 5. SHELLS IN LINUX (BASH)
RH033 6. STANDARD INPUT/OUTPUT AND ERROR REDIRECTION
RH033 7. TEXT PROCESSING TOOLS IN LINUX
RH033 8. SYSTEM CONFIG
RH033. 9. PROCESS
RH033. 10.CONFIGURING BASH SHELL
RH033 11. FIND AND PROCESSING TOOLS
RH033 12 . NETWORK CLIENTS
RH033 13. ADVANCED USER ADMINISTRATION
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH 253: LINUX PAM
Linux Pluggable Authentication Modules (PAM) provide dynamic authorization for applications and services in a Linux system. Linux PAM is evolved from the unix Pluggable Authentication modules architecture.
Each file under pam.d has 3 fields
A. First field
1.auth
Module authenticate the user,by checking the password
2.account
Module verifies that access is allowed,by checking if users account is valid,expired,allowed to access in this time of day.
3. passwd
Module sets and verify the passwords
4.session
Module configure and manage user sessions. Represents the enviornment of a user.
B. Control Flag
1. required
Module result must be successfull for authentication to continue. If result failed returns failure only after remaining modules are invoked.
2. requisite
Module result must be successfull for authentication to continue. But if module result is fail user is noticed immediately with message reflecting failed required or requiste module
3. Sufficient
If module results fail , it is ignored, but if its successful and no required modules is failed ,then user is authenticated to service.
4. Optional
If module results fail,it is ignored.If module result is successful it does not play role in overall success/failure for module.
CONFIGURATION FILE
1. /etc/pam.d/login
A.account required pam_nologin.so
Checks for /etc/nologin file, If exists stops normal user from logging in.
If module is commented, allows user to login even if file /etc/nologin exists
B.auth requisite pam_access.so
Checks for user name, If username is correct only then it prompts for password
if user incorrect,Displays login incorrect.But if this module is commented though
username is wrong it prompts for password
C.session required pam_mkhomedir.so
Create user without homedir --> useradd -M suma
If homedir doesnt exist,this module creates home dir as soon as user is logged in. But if this module is commented if user is created without homedir,it wont create home dir.
D. auth auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
Checks if any terminal is commented in the /etc/securetty, if any terminal is commented root cannot login in that terminal,But if this module is commented root can login in a terminal, though that particular terminal is commented in /etc/securetty file.
2. /etc/security/limits.conf
suma ............. maxlogins 3
Allows this user to login in only 3 terminals, after 3 logins, we cant even
ssh as that particular user. Even ssh not allowed because USEPAM yes in
/etc/ssh/sshd_config
3. /etc/pam.d/su
auth required pam_rootok.so
Change above line from sufficent to required,So even root user needs password
when he tries to do su.. Change line from sufficent to required.
4. /etc/pam.d/system_auth
passwd required pam_passwdqc.so
When even root tries to set password for normal user, even root is forced
to set complex password for normal user.
5. /etc/pam.d/vsftpd
1. auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/suma
onerr=succedd
Create file suma under /etc/vsftpd, and add some users to the file /etc/vsftpd/suma So tht users are not allowed to login thru ftp.Default file is /etc/vsftpd/ftpusersSo any users put into tht file are denied to ftp.
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
Each file under pam.d has 3 fields
A. First field
1.auth
Module authenticate the user,by checking the password
2.account
Module verifies that access is allowed,by checking if users account is valid,expired,allowed to access in this time of day.
3. passwd
Module sets and verify the passwords
4.session
Module configure and manage user sessions. Represents the enviornment of a user.
B. Control Flag
1. required
Module result must be successfull for authentication to continue. If result failed returns failure only after remaining modules are invoked.
2. requisite
Module result must be successfull for authentication to continue. But if module result is fail user is noticed immediately with message reflecting failed required or requiste module
3. Sufficient
If module results fail , it is ignored, but if its successful and no required modules is failed ,then user is authenticated to service.
4. Optional
If module results fail,it is ignored.If module result is successful it does not play role in overall success/failure for module.
CONFIGURATION FILE
1. /etc/pam.d/login
A.account required pam_nologin.so
Checks for /etc/nologin file, If exists stops normal user from logging in.
If module is commented, allows user to login even if file /etc/nologin exists
B.auth requisite pam_access.so
Checks for user name, If username is correct only then it prompts for password
if user incorrect,Displays login incorrect.But if this module is commented though
username is wrong it prompts for password
C.session required pam_mkhomedir.so
Create user without homedir --> useradd -M suma
If homedir doesnt exist,this module creates home dir as soon as user is logged in. But if this module is commented if user is created without homedir,it wont create home dir.
D. auth auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
Checks if any terminal is commented in the /etc/securetty, if any terminal is commented root cannot login in that terminal,But if this module is commented root can login in a terminal, though that particular terminal is commented in /etc/securetty file.
2. /etc/security/limits.conf
suma ............. maxlogins 3
Allows this user to login in only 3 terminals, after 3 logins, we cant even
ssh as that particular user. Even ssh not allowed because USEPAM yes in
/etc/ssh/sshd_config
3. /etc/pam.d/su
auth required pam_rootok.so
Change above line from sufficent to required,So even root user needs password
when he tries to do su.. Change line from sufficent to required.
4. /etc/pam.d/system_auth
passwd required pam_passwdqc.so
When even root tries to set password for normal user, even root is forced
to set complex password for normal user.
5. /etc/pam.d/vsftpd
1. auth required pam_listfile.so item=user sense=deny file=/etc/vsftpd/suma
onerr=succedd
Create file suma under /etc/vsftpd, and add some users to the file /etc/vsftpd/suma So tht users are not allowed to login thru ftp.Default file is /etc/vsftpd/ftpusersSo any users put into tht file are denied to ftp.
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH133 COURSE NOTES
133 NOTES
RH133 1.STEPS OF BOOT PROCESS
RH133 2. PACKAGE MANAGEMENT
RH133 3. KERNEL MANAGEMENT
RH133. 4. SYSTEM SERVICE
RH133. 5.USER ADMINISTRATION
RH133. 5A. SELINUX ADMINISTRATION
RH133. 6. FILE SYSTEM ADMINISTRATION
RH133 7. ADVANCED FILE SYSTEM
RH133 8. KICKSTART INSTALLATION
RH133 9.VIRTULIZATION
RH133. 10.NETWORK CONFIG
RH133. 11.STEPS OF BOOT PROCESS
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH033 14. LINUX-FILE-SYSTEM
Inode num is unique num given to file, we identify files by filename but harddisk identify files by sequential uniq num called inode lets observer what happnes to inode whne we copy/remove/move file
cp file1 file2 -->copy file1 file2
ls -li file1 file2 -->inode nums r diff,so file1 file2 occupies
mv file1 file2 -->move file1 file2
ls -li file1 file2 -->inode num of file1 is given to file2
rm file2 -->remove file
ls -li file2 -->inode of file2 gets vacant,next time you creat
LINKING FILE
when you copy a source to destination, contents of both are same, later you update source or destination, other file wotn get updated, so linkign file helps to update the file even if contents are added to file after linking.
1. Hard link
ln file1 file2 //hard link file1 file2
ll -i file1 file2 //observe inode/filesize
a. Inode nums are same
b. Size of file is same
c. If source is deleted data can be accessed from destination
d. Only files can be linked dir cant
2. Soft link
ln -s file1 file2 //soft link file1 file2
ll -i file1 file2 //observe inode/filesize
a. Inode nums are diff
b. Size of file is diff
c. If source is deleted data is lost
d. Even dir can be linked.
3. df -h
Shows current systems partion,n used and free space mount.
Shows List of partions and which dir it is mounted fdisk -l Also shows system partitions
du -h <file/dir> =Shows size occupied by the file/dir
4. eject //opens cd tray put cd then
eject -t //Close cd tray, thn to acces cd contents
To access contents of cd
du -h <file/dir> =Shows size occupied by the file/dir
4. eject //opens cd tray put cd then
eject -t //Close cd tray, thn to acces cd contents
To access contents of cd
mount /dev/cdrom /media
(mounts contents of cd to /media dir)
cd /media (Change dir to /media)
cp OR ls (list contents or copy contents of cd)
cd [and press enter] (Takes you out of /media dir)
umount /media (Unmount /media dir before removing cd)
To access contents of pendrive or any external device
fdisk -l (At end shows u device identity)
OUTPUT OF fdisk -l looks like this
[root@server1 ~]# fdisk -l
Disk /dev/hda: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Device Boot Start End Blocks Id System
/dev/hda1 * 1 2 16033+ 83 Linux
/dev/hda2 3 1177 9438187+ 83 Linux
/dev/hda3 1178 1488 2498107+ 83 Linux
/dev/hda4 1489 9729 66195832+ 5 Extended
/dev/hda5 1489 1814 2618563+ 83 Linux
/dev/hda6 1815 1945 1052226 83 Linux
/dev/hda7 1946 2199 2040223+ 82 Linux swap / Solaris
/dev/hda8 2200 2215 128488+ 83 Linux
Note: sector size is 4096 (not 512)
Disk /dev/sda: 79.8 GB, 79824777216 bytes
26 heads, 50 sectors/track, 14991 cylinders
Units = cylinders of 1300 * 4096 = 5324800 bytes
Device Boot Start End Blocks Id System
/dev/sda1 1 14992 77953628 b W95 FAT32
------>> Here /dev/hda1 to /dev/hda8 are system partitions
and /dev/sda1 is external device identity
SO TO ACCESS CONTENTS OF EXTERNAL DEVICE
mount /dev/sda1 /mnt //Here identity of usb is sda1,and mounting to /mnt
cd /mnt //Change dir to /mnt
cp OR ls //list contents or copy contents of usb
cd [and press enter] //Takes you out of /mnt dir
umount /mnt //Unmount /mnt dir before removing usb
TO TAKE BACKUP USING TAR COMMAND
tar -cvf dump file1 file2 file3 //Take backup of file1,2,3 and store under
tar -tvf dump //List all files backed up under dump dir
tar -xvf dump //Restore all contents of dump to pwd
where c->create v->verbose f->file t->list x->extract
TO COMPRESS FILE (2 utilities)
1. gzip file //compress file
gunzip file.gz //once file compressed .gz extension added so file.gz
2. bzip2 file //compress file
bunzip2 file.bz2 //once file compressed .bz2 extension added so file.gz
Before compressing and after compressing observer file size by giving ls -lh and observe file-size
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH033 15. INSTALLATION
Mode of installation
1. enter --> Takes you to gui mode of installation
2. linux text --> Takes you to text mode of installation
Types of installation
1. Kickstart --> Unattentded installation
2. network installation -->use cd to boot then read remain from server
For Client to install a package it need 2 refer to a file to find
which is server and read packages from there, so create a client.repo file
1. enter --> Takes you to gui mode of installation
2. linux text --> Takes you to text mode of installation
Types of installation
1. Kickstart --> Unattentded installation
2. network installation -->use cd to boot then read remain from server
For Client to install a package it need 2 refer to a file to find
which is server and read packages from there, so create a client.repo file
in /etc/yum.repos.d directory.
vim /etc/yum.repos.d/client.repo
[Server]
name=rhel5
baseurl=ftp://192.168.0.154/
enable=1
gpgcheck=0
1. yum clean all //changes to client.repo file updated
2. yum install <pkg> //Install a package
3. yum remove <pkg> //Remove a package
4. yum list <pkg> //Status of package
5. yum list all //List all packages installed in your machine
6. yum list available //List all packages available in server
Package are:-
1. Server //Server related packages
2. Cluster //Replication related packages
3. ClusterStorage //Storage related packages
4. Virtualization //vmware of redhat related packages.
RH033 0. HELP COMMANDS IN LINUX
HELP COMMANDS
1. whatis <command>
One line information about command.. whatis is a database stored under /var/cache/man/whatis
1. whatis <command>
One line information about command.. whatis is a database stored under /var/cache/man/whatis
# rm -rf /var/cache/man/whatis //Delete whatis file
# makewhatis
2. command --help
One page information, explaining options of command
3. man <command>
Manual pages of command
/text =search text
n =next search
N =previous search
q =quit
Sections of man page.Each command is grouped into different sections.
1. User command
2. System calls
3. Library calls
4. File format
5. Special file
6. Games
7. Missleanous
8. Administrative commands
p. Programmers commands
man page is zipped file stored under
/usr/share/man/manx -->where x is num
man -a <command>
Shows all manual page other than default
man -k <keyword>
Shows commands related to keyword
man -w <command>
Path of command
4. info <page>
Detailed info about command,designed like webpage each
* represents a url
tab =Takes you to * //Give enter to expand the *
and u for undo
s =Search text
q =undo
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH133 1.STEPS OF BOOT PROCESS
1. BIOS ->Do POST ->power on self test and Check boot priority,
2. MBR ->I stage boot loader,partition table, o/s signature
3. /etc/grub/grub.conf ->root (hd0,0)
kernel /vmlinuz...... ro root=LABEL=/
initrd /initrd.....img
4. /etc/inittab ->/etc/rc.d/rc.sysinit ->Set hostname
->check filesystem
->Enable root in rw mode
5. /etc/inittab ->runlevel ->/etc/rc.d/rcx.d (where x is num)
6. /etc/rc.d/rc ->whenever runlevel changes
7. /etc/rc.d/rc.local ->last script executed in boot process
GRUB FEATURES:
1. Grand unified boot loader
2. Grub indentifies upto 15 file systems
3. Grub has a pre-os enviornment use commands to load o/s
4. Grub supports LBA(Logical block addressing)
GRUB COMMANDS
1. root (hd0,0) ->mount the boot partition
2.find /etc/fstab ->find the partition which contains label of / 3.cat (hd0,4)/etc/fstab -> TO check label of root
OR
4.find /etc/fstab ->find the partition which contains label of /
5. root (hd0,4) ->Mount the route partiton
6. cat / + press tab ->shows contents of mounted partition
7. cat /etc/fstab ->open the file to see file contents
8. kernel /vmlinuz........ ro root=LABEL=/ ->Loads the kernel
9. initrd /initrd...img
10. boot
TO EXTRACT THE INITRD
1. mkdir initrd
2. cp /boot/initrd-2.6.18-53.el5.img initrd/
3. cd initrd/
4. ls
5. file initrd-2.6.18-53.el5.img
6. mv initrd-2.6.18-53.el5.img initrd.gz
7. ls
8. gunzip initrd.gz
9. ls
10.file initrd
11.cpio -ivd < initrd
TO SET GRUB PASSWORD
1.grub-md5-crypt
2.vim /etc/grub.conf ->open file (write below line in this file)
password --md5 <generated password> (write below hidden menu)
3.reboot
4.Try pressing e or c in grub prompt it wont let you unless you type p
and provide password
TO EXTRACT SPLASH IMAGE
1. mkdir splash
2. cp /boot/grub/splash.xpm.gz splash
3. cd splash/
4. ls
5. gunzip splash.xpm.gz
6. ls
7. firefox splash.xpm
TO ADD MULTIPLE TEXT TERMINAL
1. vim /etc/inittab
50:2345:respawn:/sbin/mingetty tty50 -->creates 50th terminal
2. init q
3. chvt 50
Note: To allow root to login also add entries to /etc/securetty.
TO MAKE SERVICE PERMANENT
1. chkconfig --list |grep network
2. chkconfig --list |grep sendmail
3. chkconfig --list |grep cups
4. chkconfig --list |grep vsftpd
5. chkconfig vsftpd on
6. chkconfig --list |grep vsftpd
7. chkconfig --levels 35 vsftpd on
chkconfig --levels 35 <service> <on/off>
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH133. 5A. SELINUX ADMINISTRATION
SELINUX
DAC =Discretionary access control
MAC =Mandatory access control
DAC ->chmod,acl,sudo,visudo
MAC ->selinux
3 states of selinux
1. ENABLED = DAC + MAC both are implemented
2. PERMISSIVE = DAC + warning messages of MAC
3. DISABLED = ONLY DAC
TO show status of selinux
1. cat /etc/sysconfig/selinux
2. sestatus
3. getenforce
TO Change status of selinux from or to permissive/enabled
1. setenforce 0 ->set to permissive from enforcing
2. setenforce 1 ->set to enforcing from permissive
TO Change status of selinux from or to disabled/enabled
1. vim /etc/sysconfig/selinux OR
2. system-config-selinux
Once u change from disable-enable or enable-disable you haf
to reboot for changes
To enable/disable booleans for services
1. getsebool -a |grep <service> ->show status of service
2. setsebool -P <service> <on/off> ->Change status of service
To check status of selinux on files
1. ls -Z <file> ->show sestatus for files
To change context of selinux on files
1. chcon -t <policy> <file> OR
2. chcon -R --reference <srcfile> <dstfile>
To restore context/policy to originals
1. restorecon <srcfile>
Log Messages of selinux are stored in
1. tailf /var/log/audit/audit.log
2. sealert -b /var/log/audit/audit.log ->>gui mode
DAC =Discretionary access control
MAC =Mandatory access control
DAC ->chmod,acl,sudo,visudo
MAC ->selinux
3 states of selinux
1. ENABLED = DAC + MAC both are implemented
2. PERMISSIVE = DAC + warning messages of MAC
3. DISABLED = ONLY DAC
TO show status of selinux
1. cat /etc/sysconfig/selinux
2. sestatus
3. getenforce
TO Change status of selinux from or to permissive/enabled
1. setenforce 0 ->set to permissive from enforcing
2. setenforce 1 ->set to enforcing from permissive
TO Change status of selinux from or to disabled/enabled
1. vim /etc/sysconfig/selinux OR
2. system-config-selinux
Once u change from disable-enable or enable-disable you haf
to reboot for changes
To enable/disable booleans for services
1. getsebool -a |grep <service> ->show status of service
2. setsebool -P <service> <on/off> ->Change status of service
To check status of selinux on files
1. ls -Z <file> ->show sestatus for files
To change context of selinux on files
1. chcon -t <policy> <file> OR
2. chcon -R --reference <srcfile> <dstfile>
To restore context/policy to originals
1. restorecon <srcfile>
Log Messages of selinux are stored in
1. tailf /var/log/audit/audit.log
2. sealert -b /var/log/audit/audit.log ->>gui mode
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
RH133 8. KICKSTART INSTALLATION
1. yum install system-config-kickstart vsftpd
2. system-config-kickstart
3. vim anaconda-ks.cfg (copy packages from this file and paste
into ks.cfg)
4. cp ks.cfg /var/ftp/pub
5. service vsftpd restart
6. chkconfig vsftpd on
Client
1.Put the boot cd and reboot your machine
2.linux ks=ftp://192.168.0.37/pub/ks.
If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!
Subscribe to:
Posts (Atom)