notepad

sharing my screen

Course Duration : 4 months

Topics:
1. Linux administration (90 % servers are running Unix based operating
systems) 2 to 3 months.
2. ITIL - 3 to 4 Days
3. Shell scripting - 5 Days
4. AWS - 10 Days 10 to 12 aws services we are going to discuss.
5. Conduct mocktest and prepare resume
6. Ansible - 1 Week
7. Azure - 1 week
8. Nagios - 4 Days

notebook

interview questions with * mark.

[email protected]

17-Dec-2020

What is the Operating system?

operating sytem is nothing but collection of programs which will interact
with end user for input and execute with help of hardware components.

windows is a os not open source

Redhat is a os is a open source OS
MAC is a os
AIX is a OS Not open source
Solaris is a os
Android is a OS ==> Mobile

Window Operating system is developed in .net language

Unix operating system is developed in c language.

Unix is operating system, which is developed in C language.

it's multi tasking and multi user operating system(OS).

Unix

Unix is a operating system which is developed in C language. it released in 1969 .

it's a open source operating system. what is open source?

Windows is not a open source operating system.
Unix is a open source operating system
Redhat is a open source os.
Suse is is a open source os.

source code is open to customize if you know the language.

operating system programs are allowed to modify that is the meaning open source.
Unix operating system has been initiated by AT & T company(US) Based company. But
in between they dropped to develop.

AT & T employees did not leave these project.

developers of Unix:
1. ken thompson
2. dennis ritchie
3. Douglas
they used C language to develop this unix OS. they used bell lab to test all OS
programs.

Linux is a operating system, it's developed based on Unix.

==> Linux is a flavour of Unix operating system.
Linus torvalds is author for Linux opeating system, he used Unix opearing system
and developed seperate os which is Linux. He release this Linux OS into maket in
1991 year.

Unix = 1969
Linux = 1991

Unix flavours:

redhat is a company they took rights on Linux opearing system on 1994.

who is main distributor for Linux opearing system? Redhat company

AIX = IBM
Linux =(Red hat Linux) = IBM
HP-UX = HP
Solaris = Sun ==> Oracle
MAC = Apple

Linux Flavours:
1. Redhat Linux - Redhat & IBM
2. Centos - redhat & IBM
3. Fedora - redhat & IBM
4. ubuntu - ubuntu.org
5. Debian - debian
6. opensuse - suse
7. Linux Mint
8. puppy Linux

unix Architecture

1. Application layer
2. Shell
3. kernel
4. Hardware
1. application layer : which is the layer interacts with end user that layer we
consider as application. here end user pass or give input whith help of
applications.

2. shells: it's a interpreter between application layer and kernel, It validates

the programs before pass it to kernel.
 shells contains pre-defined programs.
OS is nothing collection prgrams. csh and tcsh is for developers.
sh,bash,dash,ksh all these shells for administration.
we can allocate shell to individual user, but by default shell is bash
in redhat machines.
1. sh : will have the pre-defined programs
2. Bash : will have the pre-defined programs
3. dash : will have the pre-defined programs
4. csh : will have the pre-defined programs
5. tcsh : will have the pre-defined programs
6. nologin : no programs are there in Nologin shell
additional
7. ksh
3. kernel : is a heart of the OS or it's core program of OS.
is kernel is one of os program? yes

what he is going to do? what is the role of kernel?

1. Memory(RAM) management
2. Tasks management(FIFO) first in first out
3. Resources/Drivers/modules management

task1(program/command)
touch filename ==> shell ==> kernel will allocate RAM space to execute this
touch command and put him into queue.
Total ram is 2 GB
touch :command required 2 KB and stand in queue. processor and HDD.

Platforms
1. Physical
2. Virtual VMWARe
3. Cloud

1. Physical
desktop environment = few developing and few supporting them.
server environment ==> we are mainly responsible for server environment

facebook application: it's developed by facebook company owners.

icici net banking application
sbi
amazon.com

server is nothing high end configuration. good RAM,

CPU,HDD,SMPS(Battery),networking, remote console.

Desktop: 4 GB RAM,1 CPU, 1 HDD, 1 ethernet card . 1 lakh

server : High end configuration machine. the server can run min 1 year without
restart. but desktop or simple system can't run. min 5 lakhs
32 GB RAM Min
2 CPU Min
2 HDD min
2 networking cards Min
console board. using this console board we can access server from remotely.
we can poweroff ,we can power on we can administrate server through remotely.

developers how they will use desk and server:

desktop : write code and bug/error fixng
 server : push code to server which they developed in desktop. many
customers will depends on server. eg: sbi netbanking, amazon.com, flipkart.com.
system administrator : we will use desktop to access server for
administration or support.
suppose any server down, new user joined for him providing access,
extending drive space, software management.

where we will maintain servers?

DC
data centre
it's a safe location to maintain servers, network components,storage components,
backup components.
intrastructure:
1. servers : this one is your component.
2. network components(firewalls, routers, switches,load balancer)
3. Storage box (n number of disks connected to storage box)
4. bakcup components

full security
centrailzed AC(<10 temp)
3 Tier DATA Centre
smps : direct power, Generator, Battery
ISP : internet service providers
reliaence, airtel, vi

4 tier DC ( CTRLS)
man branch in mumbai
DR : hyderabad

if we installed Linux operating system on physical box that environment we will

treat as physical platform.
server in USA
DC engineer : USA
Linux administrator : INDIA
==> mount server on RACk : DC engineer will do this job (1 time job)
==> connecting cables for server : DC engineer will do this job(1 time job)
==> configuring console board : DC engineer will d this job( 1 time job). DC
engineer will assign IP and set username/password for console.
==> Installing opearing system : Linux administrator, windows
administrator, ...... (1 time job). we can access the physical server using console
from remote.
in browser we will enter http://IP addr of console
username and password
HP : ILO
DELL = ID RAC
==> support for that machine :Linux administrator . it's not 1 time job, it's a
continuesion job for linux administrator
creating partitions
creating users
allowing them to use partition(permissions)
Software management(install,un-install,upgrade)
network related
nfs
http
server is down
server rebooted
high memory utilization, High cpu utilization
2. Virtual

we can abstract(devide virtualy) physical resources to n number.

resources are CPU, Memory, HDD,Networking,.......

earliear we were able to use one physical machine for one OS

but in virtualization we can create n number virtual machines on top of one
physical machine.

ADV : no chance resource will get waste.

Physical machine : 64 GB RAM
i can create 20 virtual machines each machine with 3 to 2 GB.

I used to buy 50 servers to run 10 Applications

now i can buy 4 servers to run 50 vm with 10 application.
below companies are providing virtualization technologies

1 VMWARE : esxi, Vspheare and vencter

2 Microsoft : Hyper-v

Phyisical : server ==> RHEL OS

vm : physical ==> vm ==> RHEL OS
physical ==> Bare metal OS(esxi) ==> access this physical host from Vcenter ==>
create Virtual machine ==> install RHEL OS

esxi = Elastic sky X integrated

vm = virtual machine
Physical server ==> Linux OS ==> application : 1 sever with 1 application = 20
lakshs
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM1 ==>
Linux OS ==> application1
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM2 ==>
Linux OS ==> application2
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM3 ==>
Linux OS ==> db1
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM4 ==>
Linux OS ==> application3
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM5 ==>
Linux OS ==> application4
physical sever1 ==> Virtualization OS (esxi) ==> Vcentre or Vspheare ==> VM6 ==>
Linux OS ==> db2

eg: i have one product we invested 10 rupees to manufactor that product . How i can
earn money from this item/product?
I have to sale this product for 15 rupees. then only i can get some profit.
other industry or company able sale same kind of product for 9 rupees.

100000 in
500000 US
RHEL : redhat enterprise linux
Esxi : is a Operating system or it's a bare metal os. it is developed by vmware
company.
Vcentre : It's a enterprise tool to administrate your Phyisical hosts. using
vcentre we can create virtual machines(VM), delete vm, increase CPU, increase
memory, attaching disk to vm.
vspheare : agent tool to access vcentre.

vcenter server can be called a point for centralized configuring, provisioning, and
managing the virtual infrastrucre.

3 . Cloud

it's almost equal to your virualization.

the DC is not yours.

Windows: the default administrator is admin/administrator

Unix servers : the default administator is root

administration means : Linux os administration

os installation or server provisioning
user administration
software management
network setup
...
...

normal can't perform administrative activities.

pwd
print working directory path
cd /
change directory from current place to /
cd /boot
i want to go inside /boot directory
whoami : will let you know which user is logged in
su - prasad
su = switch user to prasad
ls : list out the current directory data(file and directories)
clear : is to clear the screen
files : black
directory : Blue

/
is a directory

/boot there are 2 directories 1 is / second one is boot

/root 1. / 2. root

OS is nothing but collection programs which will co-ordinate with end user and
hardware. OS is a mediator.
when we power on the vm or system os programs will load.
/
1. /boot : contains OS bootable files, which will help to load your operating
system.
2. /root: it's a home directory of administrator(root). no normal user can enter
into /root directory. only root can use /root directory.
3. /home: it contains normal users home directories. eg: there is prasad user
here home direcotory of prasad is /home/prasad or /home/raja
4. /etc: It contains system or global configuration files. from here only we
will control the system and applications.
network ip assigning, Hostname change,www service configuration, deny
users, allow users
5. /usr: Unix system resources. It contains user binary programs, like commands
and other programs. commands : pwd,ls,cd,whoam,cat .....
the User binaries are devided into 2 catogories
1. /usr/bin: here we can find common commands which will work for
root user and normal users eg: ls, cd , whoam, cat, rm
2. /usr/sbin: here we can find super user(root) commands nothing but
administrative commands eg: useradd, userdel , software installation, partition
creation.
6. /bin : it contains the common commands or user binary programs. the main bin
folder user binaries will help during server boot up
7. /sbin : it contains super user commands or super user binary programs. /sbin
will help machine to boot up.
8. /proc : It's a processor directory. processor will use /proc directory to
store current running jobs information.
processor is worker. we will execute your tasks.
/proc will get empty if we poweroff machine?
9. /lib : it contains system library programs. these programs will help to load
your os and run your pograms. even ls command will not work if there is no library.
10. /var : variable file/data: contains system activities data will get updated
in /var/. within system what is happening for every sec that data will update in
/var.
logs will contain inside /var .
11. /dev : it contains logical names of devices( hard disk, cd/dvd,floppy)
12. /mnt : it empty directory. we can use it for use device mounting.
13. /tmp : every user and every program can use tmp directory. to store running
programs data temporarly.

only root can do administrative tasks: prasad is a normal user he can't delete data
from /usr but who can delete data from /usr root can.

Basic commands

File management:
How to create file
how to modify the file content

1. Cat
2. Vi
3. Touch

1. Cat
usng cat command we can create file and add content.
pwd
/root
creating file in /root directory.
cat > <filename>
cat > b23file press ctrl + d to come out from file
the above command creates b23file in present path.
using below command we are creating b23file in / path.
cat > /b23file

content...............
.............................
ctrl d
is for save and come out

how to view the file content?

cat b23file

how to append some more content to existing file?

cat >> b23file
new content added
ctrl d

print file content with line nunbers?

cat -n b23file

the draw back of cat is we can't modify file content.

2. vi
virtual interface

using vi we can create file, we can modify file content, we can replace
content,.......

how to create file using vi?

vi b23file
there are 3 modes in VI
1. commands mode or regular mode (esc)
2. Insert mode (i)
3. Replacement mode (ctrl r)

there are options or commands to delete file content (dd)

there are options or commands to copy file lines (yy)
there are options or commands to replace content (%s)

dd : to delete cursor position line

10dd : to delete 10 lines from cursor position line
u : to undo the latest changes
yy : to copy cursor standing line
10yy : to copy 10 lines from cursor position.
p: past the copied lines below of cursor position
Shift P nothing but capital P
shift P : past the copied lines aboave of cursor position.

p past the copied lines below of the cursor

P past the copied lines above of the cursor
cc = cut the cursor standing line
10cc = to cut the 10 lines from the cursor line
press esc and press p to past

i : switch from command mode to insert mode

esc : swith from insert mode to command

prese esc key

:wq
:w save
:q quit
:wq save and come out

power off machine

as a root
shutdown -h now

:se nu : is for set the line numbers

:10 : is for take cursor to 10th line
:set num is for set the line numbers for file
:se nonu : is for disable line numbers

gg : is for take cursor to first line of the file

G : is for take cursor to last line of the file
shift g

$ : is for take cursor to last postion of the line

shift $
suppose your cursor is standing staring of line if you want to take cursor to last
position of line
then we can use $ symbol
0 : is for bring cursor at first position of the line
zero
gg,G,$,0

cat filename > /file1

clear or ctrl l to clear the screen.

cat /var/log/secure > /b23

cat /var/log/secure >> /root/b23file
> redirect output to file, but it will overwrite if there is any data already.
>> redirect output to file, but it will not overwrite , it just appends from last
line.

/raja
/word: is for search the string/word inside file
/word search string from top to buttom
n next
N previous

?word : is for search string/word inside file but difference between / and ? is
/ is for top to buttom
? is for buttom to top
?word
n previos
N Next

o : is for create new line below of the cursor standing line and switch to insert
mode
O : is for create new line above of the cursor standing line and switch to insert
mode

i : is for switch to insert mode before cursor possition.

a : is for switch to insert mode after cursor possition.
I : is for take cursor to starting of the line and switch to insert mode
A : is for take cursor to last position of line and switch to insert mode

replace:
:%s/oldword/newword/g
%s : substute
g: global (every where inside file)
:%s/prasad/prasad babu/g

x : is for delete single charector from cursor possition.

8x to delete 8 char
dw : is for delete word from cursor possion.

r : is for replace single char from the cursor possition.

R : switch from command mode to replacement mode
shift r

command mode(esc)
insert mode(i,a,o,O,I,A)
replacement mode (R)

^ : k
down arrow : j
< : h
> : l
===================================================================================
==vi options completed=========================
below command not inside vi. we will execute it outside of vi.

how to empty file?

> /root/b23file

alt F2 : to open run prompt

gnome-terminal
firefox
lvm

3. Touch

using touch we can update current date and time stamp of existing file and also we
can cretae empty file/files.

syn : touch /file1

many files : touch file1 file2 file3 file4 file5

du -hs filename

du : disk usage
-h : human readable format
-s :size will be in human readable format.

touch -a -m -t 201901010930.00 oldfilebyprasad

the above command is for create file with old time stamp
-a access time
-m modify time
-t time stamp
how to create n number of empty files with same patern?
touch testfile{1..100}

How to create hidden files?

while creating file or directory if we specify .(dot) as a prefix then the file or
directory will become hidden.
touch .tfile1
cat > .tfile2
vi .tfile3

how to see hidden and normal files?

ls -a

file22 2020 jan 4

today we have update date and time stamp of file22 file
touch file22
file22 creation and modify time will change to current date and time.

history
using hisoty command we can get previously executed commands.

Directory

how to create directory or folder?

mkdir testdir
make directory
how to create n number of directories?
mkdir testdir1 testdir2 testdir3
touch file1 file2 file3

files : black
dir : blue

how to create parent with child directory?

mkdir -p /icici/branch/krpuram

copy
how to copy file and directories

files
syn : cp <source> <destination>
dir
syn: cp -r <source> <destionation>
-r recursively
parent with child content(files/directories).

. : current path or current location

pwd
/mnt
i am in /mnt
cp /testfilebyprasad .
it mean copying /testfilebyprasad to current path(/mnt).
cp /testfilebyprasad ../etc/
or
cp /testfilebyprasad /etc

. : current path
.. : previous path

remove

files : rm filename
directories : rm -r directoryname
rm -f filename
delete file without asking our confirmation.
-f forcefully
rm -rf directory

customers data we deleted

for employee penalty is job .

for employer penalty in amount

move/rename

move : mv <source> <destination>

mv testfile /etc/
here we are moving testfile to /etc directory
pwd
/
mv testfile tfile
if we specify source and destination is same path then system will understand as a
rename

How to get the OS version?

cat /etc/os-release
or
hostnamectl status

How to get installed RAM? or how to get RAM information?

free -m or free -g or free -k
m : the output will display in mega bytes, g: the output will display in giga byte

1024 MB is = 1 GB
1023 MB is = 0 GB
or
cat /proc/meminfo

How to get the CPU information?

lscpu
or
cat /proc/cpuinfo

8 CPU's Physical machine configuration

vm2 1
vm3 8
vm4 16 it's not possible

How to get the disks information? How many disks are connected to server?
lsblk
lsscsi
fdisk -l

How to get kernel version?

uname -r
hostnamectl status

2.6.18 = RHEL 5 version

2.6.32 = RHEL 6 version
3.10.0 = RHEL 7 versions

How to get the architecture of OS ?

uname -m
arch

How to get whether machine is virtual or physical?

dmidecode -s system-product-name
or
hostnamectl status
How to get the serial number of server?
dmidecode -s system-serial-number

DATE
date
only time
date +"%T"
only date
date +"%d-%m-%y"
or
date +"%F"
how to set the date and time?
date -s "dd Mon Year Hour:Min:Sec"
date -s "10 Jan 2021 10:30:00"

How to change the Timezone of server?

in below path we can fine zones information
/usr/share/zoneinfo

changing my timezone from IST to chicago?

step 1 : move or remove existing timezone file
mv /etc/localtime /tmp/
or
rm -rf /etc/localtime
step 2 : create softlink from /usr/share/zoneinfo/America/chicago to /etc/localtime
ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime
or
cp /usr/share/zoneinfo/America/Chicago /etc/localtime

unlink /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Kolkata /etc/localtime

PM1 ==> esxi ==> Vcentre => n number virtual machines ==> Linux os
PM2
PM3
30 * 16 =

PM1 (Blade1) 30 virtual machines ==> OS

PM2 (Blade2) 10 virtaul machines ==>

date --date="yesterday"
date --date="tomorrow"
date --date="10 days"
date --date="10 days ago"

cal
cal 3 2021
how to get hostname of system?
hostname
uname -n

How to change hostname of system permanently?

hostnamectl set-hostname batch23

Head and Tail commands

Head : is for print first 10 lines of file

tail : is for print last 10 lines of file

head filename
tail filename
how to print specified lines?
head -30 filename
head -2 filename
tail -2 filename
how to print only 7th line from file?
head -7 /root/b23file | tail -1
redirected first 7 lines to | symbol and from that printed only last line
sed -n 5p /root/b23file to print only 5th line
sed -n 5,10p /root/b23file to print between lines from 5 to 10 Lines

symbols:
| : we can execute multiple commands but there will be relation between
commands. second command depends on first command output.
Pipe sym has capacity to store output of first command and pass this
output to next command as a input.
eg: cmd1 | command2 |cmd3
cat /root/b23file|head -5|tail -1
ls -l |wc -l
; : we can execute multiple commands in sequence. eg :
command1;cmd2;cmd3;cmd4 date;hostname;uname;uname -r . no relation between
commands.
&& : we can execute multiple command with relation. second will execute if
first command is success.
eg: cmd1 && cmd2 && cmd3 hostname && uname -r && date
|| : it works like false condition
command1 || command2 if command1 fails then only second command has
to execute
if command 1 success is second command will not execute at all.

wc : word count
wc -l filename
wc -w filename
wc -c filename

-l : prints the line numbers of file

-w : it prints words in the file
-c : it prints char in file
poweroff the server
poweroff
 commands:
shutdown -h now : h halt the system imediatly
shutdown -h 5 : halt the system after 5 min
shutdown -h 5 " we are powering off this system as per schedule"
poweroff
halt
init 0
Reboot/Restart the server

reboot
commands:
shutdown -r now : r reboot the system imediatly
shutdown -r 5 : reboot the system after 5 min
shutdown -r 5 " we are restarting this system as per schedule"
reboot
init 6

head -5 /root/b23file | tail -1

sed -n 5p /root/b23file
head -50 /root/b23file | tail -1

Less and more

there is file which containing 100000 lines.

less and more are for read page content in page by page or line by line.

syn: less filename

more filename

more:
space bar is for to move on to next page
enter key is for move to next line
b is for take cursor to previous page
q is for quite from output

less:
less is implemented with vi features.

less filename
space bar if for move cursor to next page
b is for move cursor to previous page
enter key is for move to next line
arrow keys will work
we can search the string /string

ls -l | more

ls : to list out current folder data

ls -l
-l : long list
 -rw-r--r-- 2 root root 4096 11 jan filenameS
drwxr-xr-x 2 prasad prasad 4096 10 jan fd

field 1 : type of file

- : normal file
d: directory
l : linked file . not orginal file from some where file has been linked to
current path
b: block device files
sda is your hard disk nothing block device
sr0 is your dvd it your block device
sdb is your second hard disk is nothing block device
sda
sdb
sdc
sr0 dvd
c: char devices
there will be name created by os for block devices
p : Pipe files or programs
s : socket programs

-rw-r--r-- 2 root root 4096 11 jan filename

drwxr-xr-x 2 prasad prasad 4096 10 jan fd

rw-|r--|r--|
r=read w=write x= execution
1. rw- for owner
2. r-- is for group members
3. r-- is for others

write means : create file,modify file, create directory, delete file/dir

-rw------- 2 root root 4096 11 jan logfile
is root can modify this logfile? yes
is prasad user can modify this file? no
is prasad user can read this file? no
none of the users can read file
drwx------ 2 prasad prasad
is venu has any of the permissions? no
is prasad can read this directory content? yes
because he is a owner on this file
drwxrwx--- 2 prasad unixgrp 4096 09 jan /testdir

unixgrp members are : raja, manohar, sankar & venu

is raja can access this directory ? yes he can because he
a group member
is manohar can delete any file from /testdir? yes group
members has read and write permissions so group members has permissions delete
is suresh can create file inside /testdir? no because he
is not a owner, he is not member in unixgrp

-rwxrwxrwx 2 root root 4096 10 jan testfile

owner has full permissions
group members has full permissions
others also has full permissions
 any body can modify or delete this file

root can open or enter any of the file/directory. No limit to the root user,
because he is the admin for your machine.

-rw-r--r-- 2 root root 4096 11 jan filename

drwxr-xr-x 2 prasad prasad 4096 10 jan fd

3rd field is hard links count for file

there is a one file this file is linked into diferent palcess.
file is linked to 3 placeses then we can see here 3
file is linked to 4 placeses then we can see here 4

4th field : owner of file/directory

5th field : group on file or directory
6th field : size of file or directory in bytes
7th field : create/modified date and time on file/directory

t : every one has full permissions, but each other can't delete or modify other
users data

ls -l
long list
ls -lt
sort out files/directories with date and time. from top to bottom
at top we can see recently modified or created file/dir
bottom we can see old files/directories

ls -ltr
r reverse the output

How to get server uptime?

uptime
from how long server up and running.
who -b
when system has been booted

How to get IP address or how to assign IP address to ethernet card?

ip a
here we can find ethernet card names

step 1 : vi /etc/sysconfig/network-scripts/ifcfg-ens33
there will be a one parameter that is ONBOOT=no will be
before
ONBOOT=no
after
ONBOOT=yes
save and come out
:wq
step 2: restart network service
systemctl restart network

now you can find IP address

ip a

please download putty software for your windows

just open putty and enter IP address of Linux box

How to find out currently logged in users list?

w
or
users
or
who
GREP
grep is for search string/word in file or files with one depth.
syn: grep -w "word" filename
grep -w "word" *
* means in current search for that sting

grep -w "prasad" /root/b23file

i : ignore case sensitive
grep -wi "prasad" /root/b23file

l: list out file names wherever string/word found

grep -il "prasad" *
c: to count the string in file
grep -ic "prasad" /root/b23file
grep -ic "error" /root/b23file
n : Print string with line numbers
grep -in "error" /root/b23file

tail -f /var/log/secure

we can view live updating data

v : is for exclude one particular word from the grep output

grep -iw "prasad" /root/b23file | grep -v "Prasad Babu"

A : after
B: before

your searching for one string , if string found in file then print few more lines
either after or before
grep -w -A 5 error /root/b23file

How to search multiple strings?

grep -w "word1\|word2\|word3" filename

DU
disk usage
using this commond we can get the file or directory size
du -hs filename
-hs hs : size will be in human readable format
1024 Kb = 1 MB
1024 MB = 1 GB
1023 kb = output will be in KB
1024 or > then size will show in giga bytes
du -hs .
is for display current folder usage
du -hs *
is for display current folder data size

how to identify hight usage file or directory

du -ks * | sort -r -n | head -1
du -ks * | sort -r -n | head -5
-n
0
1
2
3
-r -n
100
99
98

disk management

1. Basic method
2. LVM method ( Logical volume manager)
3. MDADM method ( Multi disk administration)

1. Basic method:
Disk : Storage Area
RAM : Mediator between end user and processor
processor : worker

1. Disk architecture
2. How to create partition in disk
3. How to delete partition in disk

read = open file the command is cat filename

write = creating/modifing/deleting is nothing write. cat > filename

disk is nothing but collection of platters

top of platters there will be a read and write head which will help to
read and write data on platters
inside platter there will be tracks
inside tracks
platter ==> tracks ==> sectors(512 bytes) ==> data will store inside sector.

512 Bytes
8 Bits = 1 Byte
01010101 = 8 Bits or 1 byte

1024 bytes = 1 kb kilobyte

1024 KBs = 1 MB megabyte
1024 MBs = 1 GB Gigabyte
1024 GBs = 1 TB Terabyte
1024 TB = 1 PB Peta byte
1024 PB = 1 EB Exa byte
sector : is small peace inside track . the sector capacity is 512 Bytes nothing but
1/2 KB.
2 sectors are equal to 1 KB

chip : is nothing but predefined program. the manufactor person will injuct program
inside that.

2 types of disks
1. IDE technology disk ( Integrated Device electronics)
2. SCSI technology disk ( small computer system interface)
3. SSD ( Solid state drive)

inside disk we will create partition(drives)

using normal method we can create 64 partitions

using LVM we can create 69932 partitions

disk 1 : SDA ==> sda1 part P (primary)

sda2 part P
sda3 part P
sda4 part L (Logical)
sda5 part L
sda6 part L
note: only 4 pramary partitions can possible in each disk
primary partition will support bootable files or programs ( /boot) contains
bootable programs which will help to load your OS.
logical is for just store normal data, not bootable file or programs.

disk 2 : SDB
sdb1 part
sdb2 part
sdb3 part
sdb4 part
sdb5 part
sdb6 part
disk 3 : SDC
disk 4 : SDD

* max how many primary partitions can possible in single disk

4 Primary partitions

1 TB
sda1 p 100 GB
sda2 p 100 GB
sda3 p 100 GB
sda 4 P 100 GB
the above plan is not correct
the below approach is recommended
1 TB
sda1 p 100 GB
sda2 p 100 GB
sda3 P 100 GB
sda4 E 700 GB
E = extended
sda5 L 50 GB
 sda6 L 10 GB
sda7 L 10 GB
till 64 partitions i can create in single disk

How to create disk for virtual machine?

Task 1: right click on virtual machine ==> settings ==> add ==> select Hard disk
==> just continue with default options
Task 2 : the disk will not reflect by default at os level
to reflect disk at os we have refresh the channels
echo " - - - " >> /sys/class/scsi_host/host0/scan
echo " - - - " >> /sys/class/scsi_host/host1/scan
echo " - - - " >> /sys/class/scsi_host/host2/scan
echo " - - - " >> /sys/class/scsi_host/host3/scan
space is mandory before and after -.
incorrect one is
echo "---"

How to create partition using Basic method?

step 1: create partition inside disk
fdisk /dev/sdd
p : print the partitions information
n : create new partition
d : delete partition
w : save changes
q : quit from disk with out save things
l : List out system id's
t : for change system id for partition
step 2 : update partition information to kernel
partprobe /dev/sdd
step 3 : keep partition in any of the file system type(ext2,ext3,ext4,xfs)
or
format partition using any of the file system type.

mkfs.xfs /dev/sdd1
or
mkfs -t xfs /dev/sdd1
make file system
mkfs.ext4 /dev/sdd2

block = 512 bytes

512 bytes = 1 sec
Individual FS size over all partitions max size extra
feature
ext2 2 TB 32 TB no journaling
ext3 2 TB 32 TB journaling
ext4 16 TB 1 EB journaling
xfs 500 TB 8 EB journaling
ext : extended version 2,3,4
xfs : high perfomance file system
By default file system versions has been introuduced based on RHEL version.
RHEL 4 : ext2
RHEL 5 : ext3
RHEL 6 : ext4
RHEL 7 & 8 : XFS
server is provisioned based on some request.
3000 servers 3 to 4 years effort
 application team(20 sub divisions)
db

journaling: tracking data which is coming to partition or disk

simple terminalogy maitaining data about other data.

data about data is nothing but metadata. metadata is nothing journing feature.
adv : fast recovery
incase sectors are corrupted or missing then easy to recover if we have assigned
any journaling file system.

Step 4 : Create mount point or directory and mount partition to that directory
mkdir /b23application
mount /dev/sdd1 /b23application
Step 5: Update file system details in /etc/fstab file for make permanent mount.

/dev/sdd1 /b23application xfs defaults 0

2

device mountpoint FStype Permissions metadata

file system
name bkp checkup
1 2 3 4 5 6

defaults : rw,suid,dev,auto,nouser
/dev/sdd1 /b23application xfs ro,noauto 1
2

/dev/sdd1 ext4 mkfs.ext4 /dev/sdd1

/dev/sdd2 ext3 mkfs.ext3 /dev/sdd2
/dev/sdd3 xfs mkfs.xfs /dev/sdd3

field 5: 0 no meta data backup

1 backup the metadata

filed 6: 0,1,2
0: no file system checkup required durng server booting time
1: first priority partitions
2: last priority partitions

/dev/sdd1 /b23application xfs defaults 1

0
/dev/sdd2 /b23db1 xfs defaults 1
1
/dev/sdd3 /b23app02 xfs defaults 1
2
/dev/sdd4 /b23app03 xfs defaults 1
2

how to unmount the partition?

umount /b23application

How to list out mounted partitons information?

df -h
display file systems in human redable format
 df -Th
display file systems in human reable format with file system type

How to mount partiton with UUID?

for each and every partition will have one unique ID.
/dev/sdd1 there will be a Unique id also
how we can find out uuid of partition is
blkid -o list
blkid

UUID will generate for partition during format

mkfs.xfs /dev/sdd2

normal
mount /dev/sdd6 /test
with uuid
mount UUID=" " /test

How to unmount the partition?

step 1 : get approval from respective owner to unmount
unmount the partition once we get approval
umount /b23application
note: make sure no one using that partition
step 2 : remove entry from /etc/fstab

fdisk /dev/sdd
p
d
partiton 3
w
date : 20-Jan-2021
partproble /dev/sdd

User administration

1. Creating users
2. Deleting users
3. Password related queries

useradd testuser
userdel testuser
passwd testuser

server :

application server: application team required access. application team means

developers and supporters for the application.
DB : Database and application team need access.

web users or application specific users: these users will be in Database

server users will be in OS DB

oracle db , SQL db is third party db's

berkley , it's a os inbuilt database.

your sbi bank customer:

end user : net banking credentials
 sbi server administrator : may doen't have account in sbi but he is supporting
sbi servers. He will have invidual account in sbi servers to support the servers.

which users will be in our control? creating , deleting & modifiying

-----------------------------------------------------------------------------------
-------
we provisioned one server based on application team request.
application team will request to create invidual users inside server.
100 members are going develop the application.

authentication we can do in two ways

1. Local authentication or local user administration
2. centralized authentication or centralized user
administration.

eg: our environment capacity is 1000 servers

if i maintain users in individual server that means it's local authentication.

How to create user?

useradd appuser1

what are those properties?

1. UID
2. User own group
3. home should be there
4. Description about user
5. shell for user

useradd username by default it's going to consider above all properties

automatically.

how to know whether user is present or not in system?

id username
or
grep username /etc/passwd

how to set password for user?

passwd username

note: root user can set or change password for any of the user.
normal user will not have rights to change password for other users, but him self
can change the password.

root, prasad, sekhar

root can change password for all 3 users
prasad can change only his password not other users password.

1. UID ( 0 - 60000) 0= root, 1 - 99= system users, 100 - 999= reserved for
app or common accounts, 1000 - 60000 = common accounts.
2. User own group = by default invidual user will have one group. the group
id will take in sequence number.
3. home should be there = by default kernel will allocate home directory
inside /home eg: /home/prasad /home/sekhar
4. Description about user = comment or about that user
 5. shell for user : 6 shells sh,bash,dash,csh,tcsh,ksh by default shell is
bash in linux systems.

how to create group?

groupadd unixitteam
groupadd appteam
groupadd dbteam
linux administrators are : prasad, sekhar,senkar, lokesh
app users : damodhar, praveen, tomcatuser

creating user with specifications:

useradd -u 20000 -G unixitteam -c "Linux admin" -d /opt/babuhome -m -s /bin/sh babu

username : babu
home path : /opt/babuhome
what is uid of babu : 20000
babu is member in unixitteam. Unixtitteam is a secondary group for babu.
what is babu primary group or his own group? babu

for babu primary group is babu

he is member in unixitteam. unixitteam is secondary group for babu.

useradd babu

useradd -u 20001 -g unixitteam -G babu -c "Linux admin" -d /opt/raja -m -s /bin/sh

raja

username : raja
primary group : unixitteam
secondary : babu
comment : linux admin
home path : /opt/raja
shell : /bin/sh
-u : user id
-g : primary group
-G : secondary group
-c : comment
-d : home directory path
-m : make home directory
-s : shell for user

user information maitained in /etc/passwd file

cat /etc/passwd
more /etc/passwd

passwd yourname

where we can find user information?

user information has been seperated into two catogories
1. account information ==> /etc/passwd
2. password information ==> /etc/shadow

/etc/passwd = 7 fields seperated with :

* where we can find user information?

/etc/passwd file
* explain about all the fields?
there are 7 fields
prasad:X:1002:1002:babu prasad:/home/prasad:/bin/bash
username:map password file:UID:primary GID:comment:homedirectory:shell
1 2 3 4
5 6 7

/etc/shadow file fields

there are 8 fields
prasad:abex123ksdfkllafdlsa;fd;fd;fadf:1025:1:99999:7:20:90

username:encrypted password:days counting from jan 1 1970:min password age:Max

passwordage: Warning age for password:account in-activedays: account ex
1 2 3
4 5 6
7 8

following file will supply missing data to useradd command

/etc/default/useradd

following file will supply password age days to accounts?

/etc/login.defs

useradd -u 20000 -g unixitteam -G prasad,root -d /application/appuser2 -m -c

"application user" -s /bin/sh appuser2

Useradd testuser

username : appluser2
uid : 20000
primary group : unixitteam
appuser2 member in prasad and root groups
usermod -u 20001 appuser2
usermod -g applicationgrp appuser2
usermod -G -a unix appuser2
usermod -d /app/appuser2 -m appuser2
-m move
useradd -d /opt/test -m test
-m make home directory right now

usermod -s /bin/bash appuser2

usermod -l apuser2 appuser2
here we are modifiying username from appuser2 to apuser2
l : change the login name
lock the account
usermod -L apuser2
un-lock the account
usermod -U apuser2
how to specify account expairy date?
usermod -e 2022/05/25 apuser2

40 server
application users
we did recently uid update for 5 users in each server.

note: make sure user not logged in if you want to modify user fields. we can't
modify user fields when user is logged in.

/etc/passwd ==> user information

/etc/shadow ==> password related information
/etc/group ==> Groups information

how to list out group members?

lid -g groupname
id username
here you will user information
how to get password information?
passwd -S username

one user one primary group at a time, but possible to change the primary
group for user.
n number users can use one group as a primary group
eg:
useradd -g unixgroup it1
useradd -g unixgroup it2
useradd -g unixgroup it3
group admininistration

How to create group?

groupadd unixgroup
groupadd -g 30000 unixgroup ==> with specifications creating group

how to modify group name?

groupmod -n unix unixgroup
-n : change the groupname from unixgroup to unix
how to change group id
groupmod -g 20001 unix

how to add users in group?

gpasswd -a prasad unix
how to add multiple users in group?
gpasswd -M username1,username2,username3 group
gpasswd -M prasad,tom,ramesh unix
how to remove users from group?
gpasswd -d prasad unix
how to delete group?
groupdel unix
how to delete user?
userdel babu
here only user information will delete not home directory.
how to delete user with home directory?
userdel -r babu

useradd and usermod, groupadd, groupmode : /usr/sbin catogory commands

/usr/bin : common commands, these commands will work for all users
/usr/sbin : super user commands. these commands will work only for root user

passwd
how to change the password age?
passwd -n 2 -x 200 -w 10 appuser3
n : min password age
x: max password age
w : password warning age
how to lock the password?
passwd -l appuser3
passwd -u appuser3
usermod -L appuser3
usermod -U appuser3

ticketing tool
unixteam
windows team
network
storage

the enduser or application guy will create ticket with respective team . assignee
will unixteam.
in each shift there will be min 1 engineer
in shift there are 2 engineers
1. 3 years
2. 11 years
if 3 years or junior couldn't able to done that request then he will assign
this ticket with 11 years guy.

4 members
shift lead is prasad - today
tomorrow may be raja

if there is no password then also password status will show as LK

/etc/shadow
!!: in second field only 2 !! that mean no password

passwd username

!! in second field along with encrypted pasword , that mean password is locked.
! in second field along with encrypted password, that mean account is locked

administrator will have rights to create accounts.

administrator(root)
normal users

we can grant super user commands access to normal users using sudo feature.

sudo

* which are the files will reflect or update user information as soon as we create
or delete user?
1. /etc/passwd
2. /etc/shadow
3. /etc/group
as soon as we create user some files will generate in users home directory.

skeleton
 /etc/skel

for each and every user skeleton data will copy from /etc/skel to respective user
home directory.

* How many files will be there in users home directory by default? explain about
those?

By default 4 files will be there in users home directory

1. .bash_profile
2. .bashrc
3. .bash_logout
first login time we can fine only 3 files
second login onwards we can fine 1 more file extra
4. .bash_history

.bash_profile
.bashrc

echo $0 : will print current shell of user

echo $SHELL : will print default shell of user

how to customize user environment?

su - oracle
vi .bashrc
alias l="ls -latr"
:wq
refresh config file
source .bashrc

during login one script has to execute?

su - oracle
vi wel.sh
#! /bin/bash
echo " Thanks for login to `hostname` as a `whoami`"
echo " Remember that you logged in as one of common user that is `whoami`"
echo " Make sure your executing right commands"
:wq
source .bash_profile

" " Double quote is for print content whatever specified between double quotes.
' ' single : same like double quote.
` ` backword . you can find this below of esc key in keyboard : is for call the
commands

eg: double quote

echo -e "Linux flavours are \n 1. RHEL\n2.SuSE\n3.Centos"

single quote
echo 'Linux flavours are \n1.RHEL\n2.SuSE\n3.Centos'

.bashrc : we can schedule or setup user environment in .bashrc and .bash_profile

.bash_profile
the above two programs will execute while user login to system.
logout program will exuete while user logging out from the system.
.bash_logout
echo "Thanks for using system. going to cleanup the tmp files"
rm -rf ~/tmp/*

.bash_history: it captures history commands of that user

whater commands he executes everything captured in .bash_history.

how to create multiple users?

step 1 : create file and update usernames

vi /tmp/slist
user1
user2
user3
user4
user5
step 2 : using below for loop i can create 5 users
for i in `cat /tmp/slist`
do
useradd $i
done

i is a variable , inside i variable i am storing /tmp/slist file.

now i is nothing but usernames

$ is for call the variable

useradd $i
usreadd user1

How to find out normal users?

>=1000
28-Jan-2021
awk : using awk we can print column wize output.

df -h | awk '{print $6}'

df -h | awk '{print $6 " : " $5}'

how to print only usrenames?

awk -F":" '{print $1}' /etc/passwd
how to print usrenames with uid?
awk -F":" '{print $1 " ==" $3}' /etc/passwd

How to print only normal users?

awk -F: '{if ($3 >= 1000) print $1}' /etc/passwd
how to print system and application users?
awk -F: '{if ($3 <= 1000) print $1}' /etc/passwd

how to change Max password age to 60 for all users who are having already >= 60?
task 1 : find out users who are all having max password age is > 60.
awk -F: '{if ($5 > 60) print $1}' /etc/shadow
task 2 : redirect all these users to one file
awk -F: '{if ($5 > 60) print $1}' /etc/shadow | grep -v "root\|
shutdown\|halt\|bin\|ftp" > /tmp/normalusers
task 3 : using for loop change password Max age to 60 Days for that list of
users?
for i in `cat /tmp/normalusers`
do
passwd -x 60 $i
 done

>
>>
both are for indicates to redirection.

chage:

using chage command also we can customize password fields

chage -M 200 prasad
change -m 1 prasad
chage -W 5 prasad
-M max password age
-m Min password age
-W War password age

*** How to create multiple users and set common password for all the users?
step 1: create file with usernames
vi /tmp/users
appu1
appu2
appu3
orau10
orau11
orau12
orau13
orau14
orau15
step 2 : run below for loop to create above users and set common password.
note: first login time it prompt for change password

for i in `cat /tmp/users`

do
useradd $i && echo "$i:welcome@123"|chpasswd && chage -d 0 $i
done

1. create users
2. set common password(welcome@123) for all the users
3. the password work only for first login attempt. as soon as user
enter welcome@123 it should prompt password change.

command1 && command2 && command3

second command will execute if command 1 is success
third command will execute if command 1 & command 2 were
success.

primary group :
==> we can't create user without primary group.
==> primary group can be shared to multiple users.
secondary group: user can be part of n number groups. those groups are considered
as secondary groups.
drwxr-xr-x 2 prasad unixgrp

first 3 belongs to owner(prasad)

second 3 belongs to group members(unixgrp)
last 3 belongs to others. who are not belongs unixgrp.

ramu and prasad

prasad created file == prasad unixgrp
ramu created file == ramu unixgrp

Permissions(29-Jan-2021)

there are 2 types of users

1. administrator(root)
2. Normal users
* Default permissions
root permissions:
file : rw-r--r--(644)
directory : rwxr-xr-x(755)

Normal users permissions:

file : rw-rw-r--(664)
directory : rwxrwxr-x(775)

rwx
r = read (4)
w= write(2)
x = execution(1)

rwx r-x r-x

owner group members others
6 6 4
-rw-rw-r-- . 2 prasad unix 4096 11:25:02 Jan 21
file1
drwxrwxr-x . 2 prasad unix 4096 12:3010 Jan 28
directory
7 7 5

-rw-rw-r-- 2 ramu ramu 4096 11:25:02 Jan 21 file2

prasad
appuser1
appuser2
ramu
group members
unix
prasad
appuser1

group members
ramu
ramu

commands:
chmod 660 testfile
as per above command we provided rw access to owner and group members and
others no permissions at all.
 chmod 606 testfile
every one has permissions

directory
chmod -R 777 testdir
-R recursively : parent directory and sub content also will effect with 777
permissions.

rm -rf /test

chmod 777 appdir

the above command will change permissions only to appdir not to sub content.

u: owner(user)
g: group
o: others

chmod g-rwx file1

- : remove existing permissions
+ : adding permissions
removed rwx persmissions to group members
chmod g+rx file1

ls -ltr

l long list
t sort with date and time
today created file
that will show in top
r reverse that output
grep -il "word" *

/etc/login.defs
useradd commond will refer the /etc/default/useradd and /etc/login.defs

root default permissions are 755

normal usre default permissions 775

/etc/profile
it's global environment configuration file.
here we can find all setting related environment.
/home/prasad/.bash_profile ==> individual user environment
configuration file
/etc/profile ==> global environment
configuration file

How to call the variable?

echo $var
echo $HISTSIZE
using $ i will call the variable
echo is for just print
Variables

1. System variables
 2. User defined variables

what is variables?
variable is nothing but pre-defined program or array value.
variable will work as a program.
eg : HISTSIZE
is a system variable because it is in capital letters.
HISTSIZE is pre-defined program. the program is it stores or remembers recent
commands based how much value you specified.
HISTSIZE=2000
HISTSIZE variable will remember 2000 recent commands.
system variables:
which defined by OS developers.
system variables will be in uper case (capital letters)
using env command we can print the system variables.
eg: temp : export HISTSIZE=3000
perm : update HISTSIZE value in /etc/profile

User defined variables:

which willbe defined by end user.
ud variables will be in small letters.
using compegen -v command we can print system and user defined variables.

eg: h=`hostname`

how to remove user defined variable?

unset h
unset var

root default permissions are 755 on directory

normal user default permissions are 775 on directory

kernel will reffer /etc/profile and here whatever we specified that permissions
will be taken.

if [ $UID -ge 199 ];then

umask 002
else
umask 022
fi
777
- 002 normal users umask value
-----
775

because root uid is 0 so he fall under false condition .

for else condition umask is 022
777
022
-----
755

if there is no umask for permissions then every one will have permissions on
everything.
there will not be any control on access.

Umask is a feature for your permissions , using umask we can control default
permissions.
controlling means default granting permissions or rejecting permissions.

* default umask for system users and root user is = 022

* default umask for normal users = 002

777-002 = 775
777-022 = 755
directories 777
files 666
666-002 = 664
666-022 = 644

below commands prints the current umask value?

umask
we can set the umask value?
umask 0077
directory permissions = 700 777-077= 700
file permissions = 600 666-066= 600

perm:
vi .bash_profile
umask 0077

source .bash_profile

chmod 775 /testdir ===> only to /testdir or parent directory not to

sub content
chmod -R 775 /testdir ===> it change the permissions to parent and child
content

chmod g+r /testfile ==> granting read permissions to group members

ownershipt

chmod is for change permissions = chmod command will work for everyone
chown is for change the ownership = chown command will work only for root user.
chown is a /sbin catogory command
chgrp is for change the group on file or directory = even this will work for root
user.

chown sekhar:unix /testfile

or
chown sekhar /testfile

or
chown -R sekhar:unix /testdir

here sekhar is going to be new owner

unix is new group on /testdir

chmod permissions file/directory

chown owner:group file/directory
chgrp group file/directory
drwxrwx-r-x 2 prasad unix 4096 9:30:25 jan 20 testdir

unix is a group, group members are :

sekhar
ramu

normal users are

babu
sankar
giri

* explain about special permissions.

Special permissions
1. Sticky bit (1)
2. setuid (4)
3. setgid (2)

chmod 0777 file

chmod 1777 file sticky bit
chmod 4777 setuid
chmod 2777 setgid

sticky bit: it's a special catogory permissions. every one will have full access on
directory but each other can't delete data.
mkdir /common
chmod 0777 /common
now everyone has full access on /common directory. each other can delete other
users file or data.

using sticky bit we can control access issue.

applying sticky bit

chmod +t /common
+apply
- remove sticky bit permissions
other way to apply sticky bit permissions
chmod 1777 /common

owner
group
others

using normal permissions we can't grant permissions to particular user.

0777

everyone has access

0770
only owner and group members has full access.

there is no way to apply permissions to particular user.

ACL
access control list
with this acl we can provide access to particular user and group also.
1777 sticky bit
0700 acl

using acl we will provide access to particular user.

note : make sure acl is applied on partition or mount point.

setfacl -R -m u:prasad:rwx /data/HRDATA

-R recursively on directories
-m multi options
u:user
username
permissions

setfacl -R -m g:unix:rwx /data/HRDATA

how to list out acl permissions on directory?

getfacl /data/HRDATA

setfacl -R -m u:babu:rwx,u:appuser3:rx,g:testgrp:rx /data/HRDATA

how to remove acl permissions on directory?

setfacl -b /data/HRDATA
how to remove acl permisions to particular user?
setfacl -R -x u:appuser1 /data/HRDATA

-x excluding user from acl list

03-Feb-2021
Find

find is for search file or directory in system.

grep is for search the word in file or files in one depth of directory.

searching options

-name
-size
-Perm
-date
-time
-user or owner on file/dire
-group

syn:
find <path> <option> <fullfill the option>
find / -name testfile
or
find /etc -name testfile

find /AP -type f -empty

search only empty files in /AP directory

-type f files
-type d directories
-type pdf searching pdf files

find and do some action

after finding take some action on results
find /AP -type f -empty -exec rm -rf {} \;
find action on results
{} is nothing but find command results.
find /AP -type f -empty -exec mv {} /bkp \;

-name
-iname
i: ignore case sensitive
B23file
find / -iname b23file

Perm
find / -type f -perm 600
find / -type d -perm 777
sticky bit applied directories
find / -type d -perm 1777

owner/user
find / -type f -user prasad
find /data -user prasad -exec chown -R venu {} \;
group

find / -type f -group unixgrp

find / -type f -size +50M

> 50 MB files

how to create file with size?

dd if=/dev/zero of=/data/filewithsize bs=1M count=1k
here create filewithsize named file with 1GB

dd= disk to disk

source =if
destination = of

partition table information will be there in 0 sector

bs=bytes for sec here fixing the speed
1024 * 1K = 1 GB

dd if=/dev/zero of=/data/filewithsize3g bs=1M count=3k

1024 * 1024 =1048576 = 1GB

searching files with size in between

find / -type f -size +800M -size -4000M
find / -type f -size +800M -size -4000M -exec rm -rf {} \;

Date
-mtime : modify days
-atime : access days
find / -type f -mtime +90
 search files with older than 90 days

so many logs are there in /var/log.

* requirement is remove old logs that older than 1 month logs.

find /var/log -type f -mtime +30 -exec rm -rf {} \;

todays data feb 3rd 2021

find /var/log -type f -mtime +30 -mtime -31

time:
-mmin = modify min
-amin = access min access is nothing just read or opened file or directory.

last one modified files

find / -type f -mmin -60
older than 1 hour data
find / -type f -mmin +60

between 5 to 10 hours data

find / -type f -mmin +300 -mmin -600

locate : is for search file or directory

there are no option for locate, only with name we can search file or directory.

* I know the file name and i want search it which is recommended or which is fast?
locate
why locate is faster than find?
find manually go to each and every directory and look for file but locate
will search in db(system db).

the locate will search in system db.

LVM
Logical volume manager

storage: is nothing but collection of disks.

servers will connect with storage box for Volume.

dc = Data centre : Safe area to maintain infra components.

infra components:
servers ==> 1. standalone server 2. Blade servers or servers inside
enclosure
storage
backup machine
network components
1. firewall
2. Routers
3. switches
4. Load balancer
network cards : assign IP address
console port : assign IP for remote access
HBA port : host bus adapter : this is the component creates network betwen server
and storage box.

server administrators
storage administrators
network administrators

if need any extra volume/disk then we have approach with storage team.

through ticketing tool we will approach with storage team for disk.

1. physical servers
2. Virtual servers

1. How to get disk for Physical server.

2. How to get disk for virtual machine

storage : collections of disks . they will create group or cluster with set of
disks.
50 disks one group = 100TB the group capacity is now 100TB.
from that group storage team creates virtual volumes(LUN) logical unit
number.
LUN1 :1 GB
LUN2 : 100 GB
LUN3 : 1 TB
LUN is nothing but virtual disk

create lun ==> format lun ==> map lun to HBA cards

for lun there will be a one logical number.

logical number is nothing but unique number of lun. for one lun one unique number.
08 Feb 2021
HBA = Host bus adapter
min 2

How to get HBA cards information?

systool -c fc_host -v

wwn : world wide number( HBA card name).

wwn is unique

==========================================How to get disks(LUN) for physical

server? ===========================================
Linux administrator :
Task 1 : fill storage request form with below information and open case with
storage team for new lun.
1. Hostname
2. Lun capacity
3. WWN numbers
4. Data centre name
5. Type (perm/temp)
 6. Justification
in ticket we will attach this storage request form.
here storage easily can understand capacity and HBA cards information.
Task 2 : storage team will acknowledge the ticket and start creating LUN and
map to respective(HBA Cards) WWN.
==> create LUN
==> format lun here storage team will get logical numbers for lun
==> map this lun to 2 HBA cards.
created single lun and mapped to 2 HBA cards for HA purpose.
if you have 4 HBA cards
storage team will map single LUN to 4 HBA cards.

Task 3: now LUN is available at OS end

==> we have to refresh channels to reflect new luns at OS end.
by default LUN will not reflect automatically once storage team map to
the HBA Cards. we have to refresh channels or HBA cards manually.
then only we can see new LUN at OS level.

echo " - - - " >> /sys/class/fc_host/host0/scan ==> HBA card

1(host0)
echo " - - - " >> /sys/class/fc_host/host1/scan ==> HBA card
2(host1)
* explain about that 3 --- in echo command.
- c = channel ==> FC port(HBA)
- t = Target ==> SAN switch connectivity
- L = Lun ==> LUN at storage end

after sanning we will find 2 disks

single lun but os end we can see 2 disks. it is because of 2 routes(multipathing).

if there are 4 HBA cards then at os level we can see 4 disks for single lun

how to see the multipaths informaton or storage LUN information

multipath -ll

device name is : /dev/vg00 here i have to create partitions

/dev/sda i should not create partition in /dev/sda
/dev/sdd

fdisk /dev/vg00
n
vg00 is the alias name or common name for sda and sdd

now alias name is vg00 , i can modify this vg00 to prasad or anything.
how?
we have to adjust alias name in multipath configuration file (
/etc/multipath.conf)

add below lines in /etc/multipath.conf

multipaths {
multipath {
wwid360060e801532bc00000132bc00009080 -- new lun id
alias prasad
}
}

reload multipath configurations

multipath -r
how to create partition in lun?
fdisk /dev/prasad

multipath commands:
how to list out lun details in multipath format?
multipath -ll
how to refresh multipaths?
multipath -r
how to remove unused luns?
multipath -F
what is the configuratio file of multipath?
/etc/multipath.conf
what is the service of multipath?
multipathd
systemctl restart multipathd

================================== How to get disk for Virtual machine

=======================================================

Linux administrator:
Task 1 : Linux administrator open ticket with VMWare team to create
disk. in ticket we share below information
1. Hostname
2. required disk size

Task 2 : VMWare team will create disk and attach to virtaul machine
note : automatically disk will reflect at OS end.

VMWare team will take space from Data store.

DATA store is nothing collection LUNS.

disks are created from data store. If data store is full? How to increase
data store capacity?
==> vmware team will co-ordinate with storage team to get new lun
==> this time vmware team will fill storage request form and open
case with storage team
==> storage team create lun,format and map lun to server(HBA)
==> vmware administrator will scan for new luns in esxi host and
add this luns into data store.
==> now data store capacity is increase.
==> vmare administrator will take space from data store.

LVM
Logical Volume manager

Fdisk
LVM Basic method
ADV:
1. resize (extend/reduce) Not possible
2. Partitions(29932) 64
3. snapshot ( partition backup) that to online backup Not possible
4. LVM supports RAID Not possible

Architecture
 Raw Disk(LUN)
PV
VG
LV

How to list out existing pv's?

pvs or pvdisplay
how to list out existing vg's?
vgs or vgdisplay
how to list out existing lv's?
lvs or lvdisplay

*** scenario 1 : create partition from scratch using LVM method?

step 1 : if there is no free disk at OS end then we will co-ordinate
with vmware team to get new disk if it's virtual machine.
lsblk
step 2 : we will convert new disk as pv
pvcreate /dev/sde or pvcreate /dev/sd{e,f}
step 3: we will create vg using pvs
vgcreate oravg /dev/sde
vgcreate oravg /dev/sd{e,f}
step 4: we will create lv from newly created vg. the command is for
create lv is
lvcreate -L 10G -n lv_ora01 oravg
-L labeling size -n Name for lv
step 5: keep lv into any of the file system type or format lv with any
of the file system type(ext2,ext3,ext4,xfs).
mkfs.xfs /dev/oravg/lv_ora01
step 6: create mount point and mount lv to that particular mount
point.
mkdir /oradata
mount /dev/oravg/lv_ora01 /oradata
step 7: update new lv details in /etc/fstab file for permanent
mount
vi /etc/fstab
/dev/oravg/lv_ora01 /oradata xfs defaults 1 2

create partiton using normal method

step 1 : create partition in disk using fdisk method
fdisk /dev/sdd
n
step 2 : update partitions information to kernel
partprobe /dev/sdd
step 3: keep partition into any of the file system type(ext2,ext3,ext4,xfs)
mkfs.xfs /dev/sdd1
step 4: create mount point and mount partiton to the particular mount point
mkdir /data
mount /dev/sdd1 /data
step 5: update new partition details in /etc/fstab file for permanent mount
/dev/sdd1 /data xfs defaults 1 2

10:00 AM 20 GB data in /oradata

10:30 AM created snapshot
 11:00 AM unfortunatly delete everything from /oradata
we can restore full 20 GB data using 10:30 AM snapshot.

** Scenario 2 : Extend partition space which is created in LVM method.

step 1 : verify required free space is available in vg

(true) if required space is available
then
stright away extend partition space.
note: It's online activity. no need to unmount partition for extend.
Task 1 : extend the partition space
lvextend -L +2G /dev/oravg/ora01
lvextend -L +2G /dev/oravg/ora01 -r
note: if we include -r in lvextend command then no need
to execute resize or xfs_growfs commands.
Task 2 : resize the space to lv
ext3,4 : resize2fs /dev/oravg/ora01
xfs : xfs_growfs /dev/oravg/ora01
step 2 : if enough space is not available in vg
(False)

Task 1: vm: co-ordinate with vmware team to get disk

Physical machine: co-ordinate with storage team to get LUN

Task 2: once disk is available at os level then we will convert

that disk as a PV using pvcreate command.
pvcreate /dev/sdg
Task 3: once disk converted as a pv then we will add this pv
into respective VG using vgextend command.
vgextend oravg /dev/sdg
now we got enough space in vg after adding new pv in vg.
Task 4 : Now straight away we will extend partition space using
lvextend command
lvextend -L +5G /dev/oravg/ora01 -r
echo " - - - " >> /sys/class/scsi_host/host0/scan
c t l
echo " - - - " >> /sys/class/scsi_host/host1/scan

L1,L2,L3, SME, Architech, Sr architech

L1 < 3 Years experience candidate
L2 >3 <6 Years of experience candidate
L3 >6 <9 Years
SME = subject matter expert
arch
sr arch
1 TB /oradata
new partition with 512 GB
/oradatanew
replicate data or copy data from 1 TB partition(/oradata) to 512 GB partition
(/oradatanew).
umount /oradata
umount /oradatanew
mount 512 partition /oradata
later we will delete 1 TB partition.
** Scenario 3 : reduce partition space which is created in LVM
note: we can't reduce lv space which is created with xfs file system
we can reduce for ext2,ext3,ext4 file system types.
to reduce partition space we required downtime(unmount) partition will not
available.
step 1 : unmount the partition with proper approval
umount /oradata
step 2: repair the file system
e2fsck -y /dev/oravg/ora01 -f
step 3: resize the partition space eg: current partition space is 15 GB
in this we decided to reduce 5 GB.
resize2fs /dev/oravg/ora01 10G
step 4: reduce space from LV
lvreduce -L -4.5g /dev/oravg/ora01
step 5: mount back the LV
mount /dev/oravg/ora01 /oradata

5 GB - 4.9 recommended
5 GB - 5 GB wrong
PE =4 MB
LE = 4 MB

11-Feb-2021

Scenario 4: what is snapshot? How to create snapshot for LV?

1. we can create backup for particular LV.

2. simplifies point-In-Time copy of lv.
3. snapshot occupies only 3 to 5 % of space to create the snapshot.
4. snapshot keep increase with latest changes(add/modify/delete). these
changes will happen in slice which created after snapshot creation.
5. snapshot merging will take you to state where you created snapshot.
everything will be earraged after snapshot creation.
6. snapshot will not be there in vg once we merge with orginal.
7. snapshot creates within same vg where Original lv is present.
eg: orginal lv in oravg
even snapshot will create in same oravg.

orginal LV is : /dev/oravg/ora01
* snapshot is required only 3 to 5 % of space from original
original LV space is 10 GB.

creating snapshot
lvcreate -L 500M -n snapofora01lv-11-feb-202107 -s /dev/oravg/ora01
note: while creating snapshot downtime doen't required. creating snapshot is a
online activity.
downtime is required to merge snapshot with orginal LV.

How to merge snapshot with original LV?

step 1 : unmount the orginal LV
umount /oradata
step 2 : merge the snapshot with orginal LV.
lvconvert --merge /dev/oravg/snapofora01lv-11-feb-202107
step 3 : mount back the orginal LV
mount -a

* scenario 5: How to migrate data from one disk(PV ) to another disk(PV)

It's a online activity
 use case: there are 2 disks out of 2 disks one disk permance is degraded or
going fail
requirement : move data before disk fail
move data from problamatic disk to new disk.
faulty disk and new disk will be in same group(vg), that is the reason it is
online activity. make sure new disk is equal or greater than of faulty disk.
faulty disk = /dev/sde
new disk = /dev/sdh
step 1 : get the new disk which equal or grater than faulty disk and make
sure added into same vg
pvcreate /dev/sdh
vgextend oravg /dev/sdh
step 2: move data from old disk(faulty) to new disk
pvmove /dev/sde /dev/sdh
step 3: remove faulty disk from vg and remove it from server also
vgreduce oravg /dev/sde
pvremove /dev/sde

15-Feb-2021
VG Backup and VG restorastion

Important Files:
1. /etc/lvm/lvm.conf
Important Directories:
1. /etc/lvm/backup = Backup of VG : backup is the backend directory to
store vg data.
2. /etc/lvm/archive = It captures vg level changes

how to list out recent changes of VG?

vgcfgrestore -l oravg
vgcfgrestore -l <VGNAME>
-l list out the vg level changes
* by default vgcfg captures last 10 vg level changes

we can increase the vgcfg cpature value with help of /etc/lvm/lvm.conf.

How to resote vg level changes?

vgcfgrestore -f /etc/lvm/archive/oravg_00021-1394821502.vg oravg

-f restoration file path

enable the vg after vg restoration.

vgchange -ay oravg

note: make sure all lvs are unmounted before restoration at particular vg.

How to backup vg at particular time in different path?

the default path is : /etc/lvm/backup

vgcfgbackup -f /tmp/oravgbkp-15-feb-2021-0740am.vg oravg

the format should be .vg.
backed up oravg in /tmp path.

few LVM basic commands:

below 3 commands are for refresh the 3 layers.
pvscan
vgscan
lvscan
 below 3 commands are for enable and disable e layers
lvchange -an /dev/oravg/lv01 ==> disable lv -an -activate no
lvchange -ay /dev/oravg/lv01 ==> enable lv -ay activate yes
vgchange -an oravg
vgchange -ay oravg
pvchange -xn /dev/sdd ==> disable PV
pvchange -xy /dev/sdd ==> enable PV

How to rename the lvname?

lvrename <oldname> <new name>
lvrename /dev/oravg/testlv /dev/oravg/lv_test

how to rename the vg?

step 1 : unmount all lvs which are mounted
step 2 : disable the vg
vgchange -an oravg
step 3 : rename the vg
vgrename oravg vg_ora
step 4: activate vg
vgchange -ay vg_ora
step 5: update the fstab entries
already file system are with old vg name so we have to update it
and mount back the file systems.
* How to list out lvs of particular pv?
pvdisplay -m /dev/sdg
* How to create lv in particular PV?
lvcreate -L 1G -n oravg02 oravg /dev/sdg
normal : lvcreate -L 1G -n oravg02 oravg

* Scenario 6: how to extend partition space with existing disk.

new disk scenario is : get the new disk ==> convert as a pv ==> add into VG
==> extend lv space
existing disk scenario is : ask storage /vmware team to extend disk space ==>
rescan the disk ==> resize the pv ==> extend lv space

step 1 : open service request with storage team to extend space to existing
LUN (Physical machine)
here we have to share LUN number(multipath -ll) with storage team and
existing capacity and required space
open service request with vmware team to extend space of disk(virtual
machine)
here we will share server name and disk capacity and required
capacity
step 2: once space has been extended then at os we have refresh the
channel , targget and lun
echo 1 > /sys/block/sdg/device/rescan
step 3: resize the PV
pvresize /dev/sdg
now extra space will be there in vg
step 4 : extend space to lv
lvextend -L +10G /dev/oravg/oradata -r

you want to remove 10 GB existing lv capacityis 15G

resize2fs /dev/vg/lv 5G
lvreduce -L -9.9g /dev/vg/lv
mount it back
 lv= oralv 1TB
vg oravg = 2 PVS /dev/sdb =512 and /dev/sdc=512GB ==> current sizes
of disks
vg oravg = 2 PVS /dev/sdb =1TB and /dev/sdc=1TB ==> after extending
space to existing disks
16th Feb 2021
RAID
Redundant Array of inexpensive Disk

==> Data redundancy(Backup) data should be replicated or maintained in 2

disks.
==> better performance
above two objects with inexpensive disks

Incase any one disk failed at any of the point there should not be any impact to
the transactions. we can avoid this situation with RAID.
we can achive data redundancy and Better performance with RAID concept.

1 disk capacity i should able to replicate max other one more disk : good
1 disk data capacity storing in 3 places using 3 disks :
not good approach

we can implement RAID levels in 2 methods

1. LVM
2. MDADM(multi disk administration)

*** Explain about RAID levels.

RAID LEVELS
1. RAID 0 = Stipping (Min 2 disks) Drawback : there is no redundancy
2. RAID 1 = Mirroring (Min 2 disks)
3. RAID 2 = stripe with parity (Min 3 disks) data will transfer in bits.

4. RAID 3 = Stripe with parity (Min 3 disks) data will transfer in bytes.
5. RAID 4 = Stripe with parity (Min 3 disks) data will transfer in
block.
6. RAID 5 = Stripe with parity ( Min 3 disks) data will transfer in
blocks but parity will store across all disks.
7. RAID 6 = Stripe with double parity (Min 4 disks) data will transfer in
blockes but there will be double parity.
parity: meta data backup of individual blocks
bit = 01
byte = 8 bites
block= 512 Bytes

Raid 0 : (Stripping) =================> recommended based on client requirement .

client requirement is speed then stripping
min 2 disks required to configure
data transffer happen in blocks
Adv: we see better performance because data or blocks are dividing and
parlely writting into 2 disk or more than.
drawback : there is no redundancy
Raid 1 : (mirroring) =================> recommended based on client requirement .
full redundancy then mirroring
min 2 disks required to configure
data transffer happen in blocks
adv : redundancy will be there because Same data will write in 2 disks.
drawback : slowness because of the same data has to write in 2 places(disk1
and disk2)
Raid 2 : (Stripe with parity)
 min 3 disks required to configure
data transffer happen in bits
drawback : 1 extra disk we using here and data transffer happening in bits.
3 disks with 100 = 300 GB
we can use only 200 GB
3 rd disk is dedicated for parity
Raid 3 : (Stripe with parity)
min 3 disks required to configure
data transffer happen in bytes
drawback : 1 extra disk we using here for parity and data transffer happening
in byte.
3 disks with 100 = 300 GB
we can use only 200 GB
3 rd disk is dedicated for parity
Raid 4 : (Stripe with parity)
min 3 disks required to configure
data transffer happen in block
adv: stripping and redundancy because of extra parity disk
3 disks with 100 = 300 GB
we can use only 200 GB
3 rd disk is dedicated for parity
Raid 5 : (Stripe with parity) =================> recommended based on client
requirement. client requirement is better performance with redundancy
min 3 disks required to configure
data transffer happen in block
adv: stripping and redundancy because of extra parity disk
3 disks with 100 = 300 GB
we can use only 200 GB
parity will store across all disks.
Raid 6 : (Stripe with doble parity)
min 4 disks required to configure
data transffer happen in block
adv: stripping and doble parity. there will not be any impact incase 2 disks
fails also
Drawback: expensive because we are dedicating 2 disks for parity
4 disks with 100 = 400 GB
we can use only 200 GB
last disk is dedicated for parity

17th Feb 2021

there are 2 methods to configure RAID levels

1. LVM
2. MDADM

RAID 0 : Stripping
min 2 disks required

create lv with stripping

lvcreate -L 4G -i 2 -n lv_testr0 oravg
lvs --segment

linear = Normal lv
stripped = stripped lv
mirror = Raid 1
lvs -a -o name,devices,segtype
create lv with mirroring
 lvcreate -L 2G -m 1 -n lv_testr1 oravg
-m Raid method is 1
removing disk from mirroring lv
lvconvert -m0 oravg/lv_testr1 /dev/sde
/dev/sde is faulty disk
how to replace new disk in place of /dev/sde?
lvconvert -m 1 oravg/lv_testr1 /dev/sdg /dev/sdi

the new disk is /dev/sdi

data from /dev/sdg to /dev/sdi is going to replicate

MDADM

==> how to list out mdadm partition

cat /proc/mdstat

==> creating partition with Raid 5 using 3 disks

mdadm --create /dev/md5 --level=5 --raid-devices=3 /dev/sdj /dev/sdk
/dev/sdl

i have 4 disks
/dev/sdj
/dev/sdk
/dev/sdl
/dev/sdm
mdadm --detail /dev/md5
format the partition
mkfs.xfs /dev/md5
mkdir /babudir
mount /dev/md5 /babudir
==> purposefully making one disk as a faulty
mdadm --fail /dev/md5 /dev/sdj
==> how to add new disk in raid 5 array
mdadm --add /dev/md5 /dev/sdm
==> how to remove faulty disk from array
mdadm --remove /dev/md5 /dev/sdj

How to remove the partition?

step 1 : unmount the partition
umount /babudir
step 2: remove entry from the /etc/fstab
step 3 : remove md partion
mdadm --remove /dev/md5
mdadm --stop /dev/md5

How to remove disks at OS end?

put disk in offline
echo offline > /sys/block/sdk/device/state
remove disk from at os level
echo 1 > /sys/block/sdk/device/delete

23-Feb-2021
Package Management
1. Installing software(Package)
2. Uninstlling software(Package)
3. Upgrade and update software(package)
4. Query or verify package
 windows : software will be with .exe format
Linux : software will be with .rpm format

rpm : redhat package manager

there are 2 mothods to manage softwares
1. RPM (Redhat package manager)
2. YUM ( yellow dog update and modifier)
inbuilt tools are there to manage softwares
using rpm method we can install any package
even using yum we can install package

.rpm
rpm -ivh packagename.rpm
or
yum install packagename.rpm

<softwarename>-<version>-<release>.<architech>.rpm
vsftpd-2.0.0-191.el7.x86.rpm
packagename : vsftpd
version : 2.0.0
release : 191
version arch : el7.x86_64
enterprise linux 7
el6
enterprise linux 6
32 and 64 bit operating system
arch
uname -m

in RHEL 7 there is 32 bit concept

from RHEL 7 onwards redhat started releasing OS only for 64 bit . No
more 32 bit
the processor is 32 bit here we can install rhel 7 >
rhel 6 has both 32 and 64

https://pkgs.org
https://redhat.com or https://access.redhat.com/downloads

rhel and centos both are same versions

centos 7 packages will support even RHEL 7
centos 6 packages will support even RHEL 6

Centos RHEL
no support support will be there from Redhat company

operating system is 32 bit

we downloaded 64 bit software
is it possible to install 64 bit software in 32 bit machine? No

Sources:
1. Internet( respective OS vendor website)
2. DVD or ISO image

7.5 all packages will be there in 7.5 ISO image

6.5 only 6.5 related softwares will be there in ISO image
6.5 image

/dev/sr0 ==> /media

how to mount DVD

mount /dev/sr0 /media

note make sure: ISO image is mapped in vm.

vm ==> settings ==> dvd/cd ==> use ISO image file ==> browse ==> select rhel ISO
image which we downloaded.

how to verify vsftpd package is install or not?

rpm -qi vsftpd
or
rpm -qa vsftpd

q= query
a = all
query all installed softwares or to list out all installed softwares
rpm -qa

How to install rpm ?

rpm -ivh pkgname
note : make sure package is present in location where your there.

i = install
v= verbose
h = print the # symbols of installation progress

ftp:
vsftp

ssh
openssh
nfs
nfs-utils
mysql database
mysql

24-Feb-2021
How to remove package?
rpm -ev packagename
note: shouldnt include .rpm at end because we are removing package which
already installed in system.
installed rpm will not have .rpm

how to list installed packaes with installed date and time?

rpm -qa --last | more
how to print the package information?
rpm -qi packagenamewihout.rpm ==> printing installed software information
rpm -qip packagenamewith.rpm ==> printing not installed softwre
information
query information about package

installed maintaince one database = /var/lib/rpm/

rpm and yum both use the same database = /var/lib/rpm/
 rpm -qa
the above command query of installed packages from /var/lib/rpm directory
DB name : Berkeley

How to list out documents of that particular package?

rpm -qd vsftpd

rpm is nothing program, it contains documents, libraries & binaries(commands).

as soon as we install package it occupies space from different directories
/usr/bin ==> one command will store
/usr/share ===> rpm documenets will store
/var/log ==> log file will create
/etc/ ==> configuration file of rpm
/lib ==> library of package will store in /lib

* once we install packae in which directory space will be occupaid

the package is nothing but program. installing package meaning extracting the
package.
as soon as we extract the package, the data will sagregate to respective
directories.
eg: command of rpm will store in /usr/bin or /usr/sbin
documents about package will store in /usr/share/doc
library related of rpm will store in /lib
configuration files of rpm will store in /etc
the package information will update in /var/lib/rpm db files
so we can extactly say package occupying space from particular directory.

* How to list out config files of rpm?

rpm -qc vsftpd
q = query
c = configuration files
[root@batch23 doc]# rpm -qc vsftpd
/etc/logrotate.d/vsftpd
/etc/pam.d/vsftpd
/etc/vsftpd/ftpusers
/etc/vsftpd/user_list
/etc/vsftpd/vsftpd.conf
[root@batch23 doc]#

q = query
d = documents
c = configuration files
l = list files realted rpm
f = file belongs to which rpm

which rpm package does a file belongs to ?

rpm -qf filepath

[root@batch23 doc]# rpm -qf /etc/vsftpd

vsftpd-3.0.2-22.el7.x86_64
to gives the package name. the file or directory belongs to which rpm

eg: unfortunatly we have deleted zip command. how to get it back

unfortunatly we have delete chmod command. how to get it back
step 1 : login to any other machine and find the name of package belongs
to /usr/bin/chmod
rpm -qf /usr/bin/chmod
step 2 : come to problemetic machine where we removed chmod command and
reinstall the package.
 rpm -ivh /media/Packages/coreutils-8.22-21.el7.x86_64.rpm --force

each and every file created by one rpm. how to know the file of rpm?
rpm -qf /usr/bin/chmode

25-Feb-2021
rpm -ivh pkgname.rpm
rpm -ev pkgname
rpm -qa
rpm -qi vsftpd ==> information about installed pkg
rpm -qd vsftpd ==> Document of installed pkg
rpm -qf
rpm -ql
rpm -qc
rpm -qcp /media/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm ==> configuration
files of package which is not installed in machine
rpm -qdp /media/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm ==> Document of
package which is not installed in machine
rpm -qip /media/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm ==> Information
about package which is not installed in machine
rpm -qlp /media/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm

*** what is the difference between update and upgrade in package management?
update : preserve the old data along with new pkgs. previouse and latest both will
be there
upgrade: over write the old pkg with latest.

update eg:
already 3.0.2-22 vsftpd installed now i am going to install latest version
rpm -ivh /root/vsftpd-3.0.2-28.el7.x86_64\ \(1\).rpm --force
[root@batch23 ~]# rpm -qa vsftpd
vsftpd-3.0.2-22.el7.x86_64
vsftpd-3.0.2-28.el7.x86_64
[root@batch23 ~]#

--force : this option is for reinstall pkg and update the latest package. when we
update both will available in machine( old and new).

upgrade eg:
already 3.0.2-22 vsftpd installed now i am going to upgrade the vsftpd pkg.
rpm -Uvh /root/vsftpd-3.0.2-28.el7.x86_64\ \(1\).rpm
[root@batch23 ~]# rpm -qa vsftpd
vsftpd-3.0.2-28.el7.x86_64
[root@batch23 ~]#

* how to install pkg without dependencies?

rpm -ivh pkgname.rpm --nodeps
installing pkg without dependancy is 0 % recommended.
impact incase installed package without dependencies?
software/pkg will not function how it has to fuction. indierectly it will
not work.

YUM
yellow dog update and modifier
yum is a inbuilt package management tool. using yum we can
install/uninstall/update/upgrade and query about pkgs.
it's a advanced tool for rpm.

the main diffrence between rpm and yum is repository.

using yum tool can possible to create repository.
what is repository: create array with all the packages
eg: in dvd we have 40000 pkgs.
using DVD we will create repository.
advantages of repository is :
dependencies considered automatically.
in rpm method first we installed dependencies and installed main pkg.
if we have repository then no need to install dependencies manually.
dependencies taken automatically.

repository will be like this

main pkg
dep1
dep1
dep2
dep2
dep3
dep4
dep1
dep2
dep3

if rpm then we have to install all 9 deps with main pkgs manually.
if there is yum repo then just mention main pkg. we no need to install and think
about dependencies.

basic yum is equal to rpm

repo yum
yum install /media/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm

yum info vsftpd rpm -qi vsftpd

yum install pkg.rpm rpm -ivh pkg.rpm
yum remove pkg rpm -ev pkg
yum list installed rpm -qa
yum list installed vsftpd rpm -qa vsftpd
yum upgrade vsftpd.rpm rpm -Uvh pkgname.rpm
yum update vsftpd.rpm rpm -ivh pkgname.rpm --force

26-Feb-2021
OS installation
prerequisites:
RAM = 1 GB
processor = any processor
HDD = 8 GB

** during installation how many mandatory partitions?

2
which are those
/boot
/
partitions:
mandatory partitions:
1. /boot standard method 512 MB
2. / LVM 5 or more than that

recomended partitions
1. /boot standard 512 MB
2. / LVM 10 GB
3. /var LVM 10 GB
 4. swap LVM double or thrise of the RAM eg: RAM is 2 GB
then we can mention swap as 4 or 6 GB.
5. /tmp LVM 10 GB

Batch23
How to create YUM repository.
step 1 : Mount the DVD/ISO image (7.6 ISO Image)
mount /dev/sr0 /media
step 2 : install pre-requisite pkgs
cd /media/Packages
rpm -ivh deltarpm.................rpm
rpm -ivh python-deltarpm..........rpm
rpm -ivh createrepo...........rpm
rpm -ivh vsftpd...........rpm
step 3: create directory and copy dvd all pkgs to newly created directory
mkdir /var/ftp/pub/rhel76
cp -r /media/Packages/* /var/ftp/pub/rhel76/
copy command takes 5 min time to copy 4.4 gb pkgs to
/var/ftp/pub/rhel76 location
step 4 : create repository
createrepo -v /var/ftp/pub/rhel76
the above command takes 5 min to create repository
step 5 : configure repository
cd /etc/yum.repos.d
note: Please make sure your inside of /etc/yum.repos.d directory and
execute below command
rm -rf *
vi local.repo
[rhel76.repo]
name=rhel76.repo
baseurl=file:///var/ftp/pub/rhel76
gpgcheck=0
enabled=1
add above 5 lines in local.repo file and come out
step 6: execute below commands
yum clean all ==> to refresh repositories
yum repolist ==> this command will list out rhel76 repository
with pkgs

01-March-
2021
hostname : batch23
IP : 192.168.148.150

going to setup yum repostiry in batch23

repository with RHEL 7.5
repository with RHEL 7.0

Redhat 7.1 April 2018 kernel ( 3.10.0.150)

june 2018
OS is nothing but many packages
2018 april 2018 June
2020
vsftpd = 2.10.0-22 vsftpd-2.10-30
nfs-4 nfs-4.1
lvm-2.0.10 lvm-2.0.11
the reason for develop new package is may introduce new
feature in latest pkg or fix bug which is there in existing pkg.
every 3 month we have to perform patching(update latest
packages) to machine.
two reasons to be upto date patch
1. To get lastest features
2. with the latest patch might be bugs has been
fixed

7.1 ==> 7.2 ==> 7.3 ==>

base OS 6.2
6.3 ==> 6.4 ====> 6.7
==> 6.9 yum update (2.6.32)
Minor Minor minor

base os 6.5 ===> RHEl 7.2 almost reinstalling the

latest OS (3.10.0)
major

what is repository: create array with all the packages

eg: in dvd we have 4000 pkgs.
using DVD(7.6) we will create repository.
advantages of repository is :
1. Dependencies:
the main pkg will consider the dependencies automatically.
in rpm method first we installed dependencies and installed main pkg.
if we have repository then no need to install dependencies manually.
dependencies taken automatically.

repository will be like this

main pkg
dep1
dep1
dep2
dep2
dep3
dep4
dep1
dep2
dep3
2. Update/upgrade:
Easy to update lastest pkgs or patches
eg: 7.2 ==> 7.3
3. Roll back or downgrade:
easy to roll back or downgrade to previous version.
7.2 ==> 7.3 ==> 7.2
roll back can possible with yum repository.

base 6.7 ==> 6.8 ==> 6.9

6 to 7 it's not possible directly.

question 1:
base rhel 7.5 with infrastructure packages ==> 7.6
infrastructure pkgs only
base rhel 7.5 server with GUI ==> 7.6 server with GUI pkgs
 installation destionation:
automatic partitioning = /boot and /
are you getteting any optiong to create extra partition during OS
installation ? no
do you have any option to customize the size for partitions? no
custom method we followed
/boot
/var 8 GB
/tmp 2 GB
swap 2 GB
/ 10

step 1 : Mount the DVD/ISO image (7.0 ISO Image)

mount /dev/sr0 /media
step 2 : install pre-requisite pkgs
cd /media/Packages
rpm -ivh deltarpm.................rpm
rpm -ivh python-deltarpm..........rpm
rpm -ivh createrepo...........rpm
rpm -ivh vsftpd...........rpm
step 3: create directory and copy dvd all pkgs to newly created directory
mkdir /var/ftp/pub/rhel70
cp -r /media/Packages/* /var/ftp/pub/rhel70/
copy command takes 5 min time to copy 4.4 gb pkgs to
/var/ftp/pub/rhel70 location
step 4 : create repository
createrepo -v /var/ftp/pub/rhel70
the above command takes 5 min to create repository
step 5 : configure repository
cd /etc/yum.repos.d
note: Please make sure your inside of /etc/yum.repos.d directory and
execute below command
vi local.repo
[rhel70.repo]
name=rhel70.repo
baseurl=file:///var/ftp/pub/rhel70
gpgcheck=0
enabled=1
add above 5 lines in local.repo file and come out
step 6: execute below commands
yum clean all ==> to refresh repositories
yum repolist ==> this command will list out rhel76 repository
with pkgs

[rhel75.repo] == Name of the reposiroty

name=rhel75.repo ==> display name of repository
baseurl=file:///var/ftp/pub/rhel76 ==> pkgs path
gpgcheck=1 ==> authentication
0 no auth required 1 means authentication is required 1 = enable auth
gpgpath=/etc/pks/key1 0
= no auth required
enabled=1
[rhel70.repo]
name=rhel70.repo
baseurl=file:///var/ftp/pub/rhel70
gpgcheck=0
enabled=1
~
enabled=0 disable the repository
enabled=1 enable the repository

repo server : /etc/pki/keys/key1

client m1 : /etc/pki/keys/key1
Assignment
Task 1 : download RHEL 7.2
Task 2 : Create new machine and install 7.2 OS on
that
Task 3 : create repository with 7.6 and 7.2

Yum repository server: Batch23(192.168.145.150)

client:192.168.145.151

Task 1 : going to setup repository with RHEL 7.5 pkgs.

Task 2 : Integrate client machine(192.168.145.151) with repo machine.
Task 3 : perform the patching(7.2 ==> 7.5)

step 1 : Mount the DVD/ISO image (7.0 ISO Image)

mount /dev/sr0 /media
step 2 : install pre-requisite pkgs
cd /media/Packages
rpm -ivh deltarpm.................rpm
rpm -ivh python-deltarpm..........rpm
rpm -ivh createrepo...........rpm
rpm -ivh vsftpd...........rpm
step 3: create directory and copy dvd all pkgs to newly created directory
mkdir -p /var/ftp/pub/rhel75
cp -r /media/Packages/* /var/ftp/pub/rhel75/
copy command takes 5 min time to copy 4.4 gb pkgs to
/var/ftp/pub/rhel70 location
step 4 : create repository
createrepo -v /var/ftp/pub/rhel75
the above command takes 5 min to create repository
step 5 : configure repository
cd /etc/yum.repos.d
note: Please make sure your inside of /etc/yum.repos.d directory and
execute below command
vi local.repo
[rhel75.repo]
name=rhel75.repo
baseurl=file:///var/ftp/pub/rhel75
gpgcheck=0
enabled=1
add above 5 lines in local.repo file and come out
step 6: execute below commands
yum clean all ==> to refresh repositories
yum repolist ==> this command will list out rhel76 repository
with pkgs

clients are going to connect with repo machine through ftp service. so we
have to make sure vsftpd service is up and running in repo machine(192.168.145.150)
systemctl start vsftpd ==> is for start vsftpd service because
clients are going to connect through ftp service
 systemctl enable vsftpd ==> is for enable vsftpd service permanently
disable os level security service(firewall)
systemctl stop firewalld ==> disable security gate. now firewall
will allow all the clients.
systemctl disable firewalld ==> disable firewalld service permanently

Task 2: integrate client machine with repository

make sure your in client machine
step 1 : test the connectivity between client to repo machine
ping repomachineip
ping 192.168.145.150
[root@localhost ~]# ping 192.168.145.150
PING 192.168.145.150 (192.168.145.150) 56(84) bytes of data.
64 bytes from 192.168.145.150: icmp_seq=1 ttl=64 time=2.56 ms
ctrl +c and type quit ==> to inturpt the ping command
---------
service test
through ftp service whether i am able to connect to repo machine or
not. 21 port represents ftp service
telnet 192.168.145.150 21
ctrl + ] to inturput the telnet command
----------
incase telnet command not found in machine, then just install telnet
package with help of DVD
mount /dev/sr0 /media
rpm -ivh /media/Packages/telnet-0.17-59.el7.x86_64.rpm

step2: configure repository

cd /etc/yum.repos.d
vi local.repo
[rhel75]
name=rhel75
baseurl=ftp://192.168.145.150/pub/rhel75
gpgcheck=0
enabled=1
refresh the repositories
yum clean all
list out the repositories
yum repolist

yum install mariadb

Task 3 : perform patching
currently client machine is running 7.0 os version
after patching machine should run with 7.5

yum update

[root@localhost ~]# cat /etc/os-release

NAME="Red Hat Enterprise Linux Server"
VERSION="7.0 (Maipo)"

reboot
shutdown -r now

repo ( 192.168.148.150)
 dvd 7.0 ==> local /var/ftp/pub/rhel70 permanent
dvd 7.5 ==> copy pkgs to local /var/ftp/pub/rhel75 permanent
unmount 7.5 dvd
dvd 7.7 ==>
createrepo -v /var/ftp/pub/rhel75/
repodata
createrepo -v /media/Packages/
it fails reason DVD is in read only mode. it's not in read and write mode

How to list out recently performed activities through yum tool?

yum history
how to get full information about yum activity?
yum history info 9
9 is activity id
yum remove mariadb
*** how to roll back the changes which we performed through yum?
yum history undo 9

*** how to roll back recent patch? or after patching application is not fuctioning
as expected?so requested to roll back the latest change.
which best approach to roll back the patch?

approach 1 *** 1. reboot and select previous kernel during server bootup ==> it can
possible because we just perform update not upgrade. when we perform update.
update preserves old data.
kernel 2 (latest) 7.5
kernel 1(previous) 7.0 <== boot with old kernel is nothing roll back
step 1 : find out the existing kernels or installed kernels
grep menuentry /boot/grub2/grub.cfg
here we will get installed kernels
step 2: set the default kernel in grub
first kernel is curent one (7.5)
second kernel is previous (7.2)
third kernel is older than previous (7.0)
req: i want boot my machine with 7.0 kernel then
grub2-set-default 3
req: i want to boot my machine with 7.2
grub2-set-default 2
after setting this value then rebuild the grub
grub2-mkconfig -o /boot/grub2/grub.cfg
step 3 : reboot
shutdown -r now
approach 2. merge the snapshot
before patching we created snapshot for whole machine.
merge that snapshot
right click on machine ==> snapshot ==> select right snapshot ==>
merge(restore)
approach *** 3. using yum history we can roll back the recent activity that is
patching.
step 1 : Boot with older kernel
grub2-set-default 2
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
now machine will bootup with older kernel
or
during boot select previous kernel in grub screen.
 step 2 : make sure 7.0 repository or 7.2 repository is ready in repo
and client machine.
i dont want 7.5 repository. i want roll back to previos so we
have to setup old version repository.

server: setup 7.0 repository.

client machine: configure the 7.0 repository

step 3 : remove below file

cp -r /etc/yum/protected.d/systemd.conf
/etc/yum/protected.d/systemd.conf-bkp
rm -rf /etc/yum/protected.d/systemd.conf
step 4 : perform undo using yum
yum history undo 4
step 5 : reboot
shutdown -r now

05-March-2021

* How to perform only security patches(packages)?

yum update --security
yum list-security ==> list out security updates
* How to update only kernel?
yum update kernel
* how to perform full patching ?
yum update
yum configuration file path is /etc/yum.conf

mariadb-5.5.56-2.el7.x86_64 7.5 version mariadb pkg

* how to download pkgs from repository?

yum install --downloadonly --downloaddir=/ mariadb
downloading mariadb pkg in / path

* how to upgrade and downgrade packages using repository?

upgrade ==> yum --disablerepo="*" --enablerepo="rhel75" update vsftpd
downgrade ==> yum --disablerepo="*" --enablerepo="rhel70" downgrade vsftpd

in client machine we have created 2 repositories.

1. rhel70
2. rhel75
next we have upgraded vsftpd package using rhel75 repository
yum --disablerepo="*" --enablerepo="rhel75" update vsftpd
to test it downgrade option we have downgrade vsftpd pkg using rhel70 repo
yum --disablerepo="*" --enablerepo="rhel70" downgrade vsftpd

* yum related activities will update in following log file

/var/log/yum.log

* during patching some errors occured where to find error messages?

we can analyze in /var/log/yum.log

* how to recreate repository with new set of packages?

what is actual command to create repo is ==> createrepo -v
/var/ftp/pub/rhel75
 before copy 5099
copied 10 extra pkgs in /var/ftp/pub/rhel75
step 1 : copy new packages to repo path
cp -r /root/ansible* /var/ftp/pub/rhel75/
step 2 : recreate the repo which already exist
createrepo --update /var/ftp/pub/rhel75
yum clean all
yum repolist

rpm install,uninstall,update,upgrade,query(qd,qf,qc,ql,qa)
yum install,unistall
repository
created repository
integrating machine repository
patching
downgrading
roll back
update repository
current repository is located with in your organization
it's means local reposirity.

there is option to register server with redhat repository.

local repo redhat repository

it maintain by us it maintain by redhat company

we will join integrate client machines with RHN(redhat network).

how to register server with redhat repository?

subscription-manager --register registration code --username=username
password=****************
yum update
08-march-2021

*** How to integrate client machine with satelite server?

step 1 : make sure installed katello-agent pkg
rpm -ivh /media/Packages/katello-agent
step 2: register with satelite server
subscription-manager register --org="accenture" --
activationkey="************"

satelite server will be accessed through browser

https://192.168.145.150
username = babu
password = ******
*** how to know is the server is integrated with satelite server or not?
option 1 : execute status command from client machine
subscription-manager status
option 2: login to satelite server and check the status
https://192.168.145.150
Dashboard ==> Hosts ==> search for your server
if server not listed here that means server not integrated with
satelite server
*** How to deregister server with satelite server
option 1 : deregister server with satelite server
subscription-manager unregister
option 2 : login to satelite server and unregister
https://192.168.145.150
 Dashboard ==> Hosts ==> select server ==> unregister

*** How to list out all repositories from satelite server?

subscription-manager repos --list
*** How to select particular repo for client machine
subscription-manager --enable=repository ID

*** what are the different componets of redhat satellite server?

1. foreman ==> it is an open source tool, used for provision bare metal and
virtual machines.
2. katello ==> It is a subscription and repository management tool . this
is the component will work between client and satelite server.
3. candlepin ==> it's a service which will run in satelite server. it handles
the subscriptions. it handles the clients subscriptions.
4. pulp
5. Hammer
6. Capsule server

what are the ports need to allow between client machine to satelite server?
80 - http
443 - https
5646 /5647
9090

**** Regularly perform patching for Redhat and SuSE servers

patching is a downtime activity.

downtime means during patching activity application/db will not be accessible
to clients
scheduled window : SLA service level aggrement , it is a aggrement between
service provider and client.
service provider = how is taking client servers( accenture)
client = google

every 3 months we have to do patching for all servers or catagorized

servers.
client will give window time also every saturday so and so time (12 AM
to 6 AM IST)

server ==> may app or database will be there

CR or CEP
CR = Change request
CEP = change execution plan
in CEP we will include change tasks step by step with duration
prechecks commands : uptime;free -m;uname -r;hostname;date;df -h;cat
/etc/fstab;lsblk;pvs;vgs;lvs;mount;ip a;ip r;netstat -rn

step 1: we have change co-cordinator from change management team they will
coordinate with os team and app owners.
step 2 : we will create snapshot for virtual machine before start patching
step 3 : also disable monitoring alerts for scheduled servers and collect
prechecks from scheduled servers
step 4 : request server owner to bring down the application in conference
call
step 5 : we will perform sanity reboot for scheduled servers before
patching.
step 6 : once server is up after sanity reboot then we will make sure server
is registered with satelite server and perform patching
RHEL : yum update
 SuSE : zypper update

step 7 : after successfull patching we will reboot server for reflect kernel
changes
step 8 : once server is up then we will do post validation like mount points
and kernel versiona and all then we will hand over servers to app team to for
application functionality
step 9 : we will close the change or task if application or db is working
fine after patching
if any of component is not working then we will do roll back the change

RHEL = 90 % servers are running with RHEL 7 ==> 7.10

SuSE = 90 % running running with SLE15
RHEL 7.0 SuSE 12
SuSE 15
RHEL 7.1 SuSE 12 SP1(service pack) SuSE
15 SP1(service pack)
RHEL 7.2 SuSE 12 SP2 SuSE 15 SP2
RHEL 7.10 SuSE 12 SP3 SuSE 15 SP3
SuSE 12 SP4
SuSE 12 SP5
SP are minor version
every 1.5 year suse will release one minor

suse is different company ===> SLES 12 and SLES 15

microsoft == > windows 10
Redhat ===> RHEL 7 & 8
ubuntu ==> untu 15, 18

lvm same across all linux (redhat,suse,ubuntu,centos)

disk same
grep

suse zypper
rhel yum
ubuntu apt or aptitude

nfs same across all

ftp same across all
http same across all
samba

09-March-
2021

Booting procedure

OS booting

os administrator ==> Linux administrator

hardware administrator
application team
db team

BIOS ==> HW
MBR ==> OS
GRUB ==> OS
 Kernel ==> OS
Systemd ==> OS

why we have to undetstand the Booting process?

to identify bootup issues and fix that issue.

you assum we have one physical server.

how to power on physical server?
step 1 : login to console and power ==> power on
after power on we are not getting login prompt
we have waited almost 30 min but no luck we didn't get login prompt.

in this case who is reponsible to identify and fix the issue?

OS administrator

as soon as power on getting one message on console like "OS not found"
possibility 1 : OS not installed
Possibility 2 : Hard disk is corrupted
we finalized hard disk is faulty
now hardware team will be involved

/lib

unfortunatly /lib data has been deleted

in this case os will bootup?
no

server will reach upto kernel stage and hunge here

Bios ==> MBR ==> Grub ==> hunge

unfortunatly removed /boot/grub2 directory?

BIOS ==> hunge

Stage 1 : BIOS (Basic input output system)

in bios stage 3 subtasks will be executed.
Task 1. POST
Task 2 . CMOS and RTC
Task 3. BIOS

as soon as power on the server POST program will start executing.

Task 1: POST= power on self test
Post is a program it will be there in one of chip.
it does the health checkup of all hardware components which are connected to
mother board.
It does the health checkup of RAM,HDD,processor, CD ROM, ethernet
card,.......
in case any of the hardware component is faulty then post will give message
on the screen. so and so component is faulty.
eg: in case if we are getting countinues beep sound then we can understand
RAM(memory) is faulty.

post is pre defined program, it knows that if RAM is faulty what message or
how signal has to pass(beep sound)
if hard disk is faulty then how to notify the OS
administrator. May just text message on screen. disk not found

once post validates the all hardware components then POST will pass
control to CMOS
Task 2 : CMOS and RTC
complementary metal-oxide semiconductor
RTC = Real time clock

CMOS is a program it will be there on one of the chip

CMOS will capture the critical information before server goes down.
eg: server RAM, Virtual memory, date and time, Disks information, any program
not closed during poweroff
while sever booting up CMOS will give back this critical information to main
meory(RAM).
along with critical information updated date and time will be passed to the
main memory(RAM).

Task 3: BIOS
In bios we will define booting devices with priority.
as per booting priority as soon as bios found OS in priority devices then
pass control to MBR.
or
as soon as BIOS finds OS in priority devices then it pass control to MBR.

Stage 2 : MBR
Master boot recorder
it's a very small program, it will be there in first sector of primary disk.
MBR adjust in 512 Bytes . 512 bytes are equal to 1 Sector.
MBR maintains next stage information, that is grub information.
MBR just validates next stage conditions nothing but grub condition. if grub
condition is good then just pass control to GRUB.
in case grub conditions is not good then MBR just stop the procceding futher
and prints the GRUB error.
446 Bytes Primary boot loader information(grub information)
64 Bytes partition table information
2 Bytes validator program
--------
512
Stage 3 : GRUB
grand unified bootloader
grub is a boot loader. It boots the default OS or kernel.
there are 2 kernels
1. 7.5 kernel
2. 7.2 kernel d
grub2-set-default 2
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
grub will help to choose which kernel has to boot during server bootup.
end user can interact with grub during server bootup.
in configuration file we will maintain kernel information, based on kernel
information grub pass control right or default kernel.
/boot/grub2/grub.cfg
performed 3 times patching in situation there will be 3 kernel
information in /boot/grub2/grub.cfg

stage 4: Kernel
3 sub tasks will execute
Task 1. Loading drivers and modules
Task 2. mount the / file system in read only mode
Task 3. Triggers the /usr/lib/systemd/systemd program ==> RHEL 7
Triggers the /sbin/init program ====> RHEL 4,RHEL5,RHEL6
RHEL 6 : initd
 RHEL 7 : systemd
/boot there is one file that is initramfs
/ contains OS related data
lib
bin
configuration files
rm -rf /*
initramfs is nothing temperarly / file system. initramfs contains
lib,binaries and configuration files.
it help to load drivers and modules.
once initramfs mounts temperarly then the programs which are inside initramfs
will execute for load drivers and modules.
driver : is nothing program which will intarct with os and hardware.
eg: audio driver or program . audio driver is for to give sound with
help of speaker.
speaker is hardware
how os is intaracter with speaker ? with help of audio driver

unfortunatly initramfs is deleted then what will be the impact?

kernel panic error
server will not boot.
stage 4
unfortunatly /boot/grub2 directory has been deleted?
grub error
server will not bootup
stage 2

solution :
take machine into rescue mode
regenerate initramfs

unfortunatly we deleted few libraries from /lib?

kernel panic error
server will not bootup
stage 4
solution
take machine into rescue mode
install respective rpm to get back libraries.

Task 2 : after loading drivers and modules intiramfs will mount the / file
system in read only mode.
*** in kernel stage / will be in which mode?
read only mode
Task 3 : executes /usr/lib/systemd/systemd program
this is the first program of Operating system.
RHEL 7:
*** which is the first program of OS?
systemd
/usr/lib/systemd/systemd
*** what process id will be occupied by systemd process?
1
RHEL 6:
*** which is the first program of OS?
initd
/sbin/initd
*** what process id will be occupied by initd process?
1
*** what is initramfs?
initramfs is a temperary / file system. It contains lib,binaries and
configuration files.
*** how to recreate initramfs
dracut -f initramfs-3.10.0-862.el7.x86_64.img 3.10.0-862.el7.x86_64
syn:
dracut -f </boot/initramfs-kernelversion.img> <kernelversion>
from stage 4 (kernel stage ) systemd will take the control.

Stage 5: systemd
RHEL 6 RHEL 7
runlevels or targets
runlevel 0 (Halt or shutdown)
poweroff.target
runlevel 1 ( single user mode) rescue.target
runlevel 2 (command mode with out nfs service) multi-user.target
runlevel 3( cmd mode with all services)
runlevel 4( R & D)
runlevel 5( GUI) graphical.target
runlevel 6(reboot) reboot.target

5 targets
poweroff.target
rescue.target
multi-user.target 600 programs will load
graphical.target 1500 programs will load
reboot.target
how to get the default target?
systemctl get-default
graphical.target
how to set different target?
systemctl set-default multi-user.target
all programs will be in /usr/lib/systemd/system

vsftpd
nfs
samba
all start/stop programs will be here

systemd just verify which is default target set, then system will start default
target related programs.
gui gui related programs will load and get finally login prompt
multi-user.target then graphical programs will not load. what ever programs
are tagged with multi-user.target only those programs will load

*** during bootup some services are failed to load. where to find which services
are failed?
bootup logs will store in /var/log/boot.log
cat /var/log/boot.log

step 1: we have change co-cordinator from change management team they will
coordinate with os team and app owners.

patching is a change category task

change
patching
installing pkg
 removing pkg
deleting user
increasing RAM
increasing CPU's
incident
server down
something is not working in server or application

problem
Repeated incident will be consider as problem. where we don't have
solution for repeated incident.

10 Team
PMO( Project management operations ) team
6 dedicated for changes . 6 members are deployed for 3 projects.
3 dedicated for incidents
1 person for problems

runlevels
targets
*** which is default target in organization servers?
multi-user.target
during installation server-with-GUI pkgs set we will select
graphical.target

production ==> this is environement who generate revenue for organization

DR
QA
DEV

application module 20 servers in the dev ==> test env for

dev
application module 15 servers in the QA ==> even this is
test for client and dev
application moudle 10 servers in the DR
Application module 30 servers in the production

DEV ==> 10 days buffer time ==> QA ==> 10 Day buffer time ==>
production ==> 10 days buffer time ==> DR
6th march test and validation 13th march test & validation
20th march test & validation 27th

RHEL 6 default runlevel?

runlevel 3 cmd line with all services

authentication process for organization servers?

local users (app and db users)
10 app servers ==> only app user should able to login
20 db servers ==> only we will maintain DB related users

domain users ( developers, system administrators, normal users)

client ===> domain server
client domain server

15-march-
2021
Networking

what is network?
create route between 2 min components.
mobile to mobile
system to system

1. Intranet (LAN) with in building or with in same DC ===>

private
2. extranet (MAN) with in city or same city but multiple branches
===> private
3. Internet (WAN) company to company (wide area network) ===>
public

server1 ==> ehternet card1 eth2 ==> switch1

server2==> eth1 and eth2 ==> switch1
server3 ==> eth1 and eth2 ==> switch1
server4 ==> eth1 and eth2 ==> swithch2
server5 ==> eth1 and eth2 ==> swithch2

switch: is a network component which can forward the traffic to next hub. just
forward not reverse.
using swith we are able to create network.
=========>
Router : it has capable to convert and transfer traffic forward and
backword(reverse).
using router we can transffer data from one network to other network
private to private
private to public
==============>
<==============
server and eth1 is house ==> IP address ( Internet protocol) ==> switch X

with in same building below servers are hosted . this kind of network we will call
it as LAN
below servers are hosted in EC(electronic city)
server1 ==> ehternet card1 eth2 ==> switch1
server2==> eth1 and eth2 ==> switch1
server3 ==> eth1 and eth2 ==> switch1
server4 ==> eth1 and eth2 ==> swithch2
server5 ==> eth1 and eth2 ==> swithch2
LAN = Local Area network

below servers are hosted in white field branch

server6 ==> ehternet card1 eth2 ==> switch3
server7==> eth1 and eth2 ==> switch3
server8 ==> eth1 and eth2 ==> switch3
server9 ==> eth1 and eth2 ==> swithch3
server10 ==> eth1 and eth2 ==> swithch3

if we are able create network between these 2 lan that type of network is
MAN(Metropolitan Area Network)
there are 2 ways to create network between branches.
1. wired
2. Wireless

From EC to WF
next to road there will be cables from EC area to WF area
company will approach ISP provider.
internet service provider

this is agencies are maintaining cables from EC to WF area across bangalore.

Agencies : metrol, airtel, TATA, Reliaence
Airtel and TATA & Reliaence are ISP providers
they will maintain both connections 1 cable and wireless

with help of tower components they will pass the network from one tower to other
tower.
which is main compoent will involve to transfter traffic from one tower to
other tower is wire less router.

IP Address
IPV4 32 Bits
IPV6 128 Bits

IP Classes private public

A Class ==> 0 - 127 Network 10 remaining all for public
1 - 9 and 11 - 126
B Class ==> 128 - 191 Network 172.16.*.* 172.31.*.*
C Class ==> 192 - 223 Network 192.168.
D Class ==> 224 - 239 Multicasting
E Class ==> 240 - 255 R & D
total IP range is 1 to 255
in my company we are 100000 systems then how it can possible to create 1
network.

IPV4 = 32 bits
32 bits are devided into 4 Octets
xxxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx
8 8 8 8
= 32 Bits
10.1.1.1
10.1.1.2
10.1.1.3
.
.
10.1.1.255
10.1.2.1
10.255*255*255
172.15*255*255
192.168.255*255

IANA = Internet assigned number authority

A Class private 10.*.*.*
 B Class private 172.16 -31 172.16.*.*
C Class private 192.168.

9.1.2.3 public
10.1.2.3 private
11.1.3.3 public
192.168.1.2 private
191.168.1.2 public
193.1.1.4 public

public will be under IANA community. distributing public IP's between ISP(internet
service providers) and will be under IANA control.

tomorrow first 30 min we will see how to convert number to binary

network can't understand number , it understands only binaries(1010).

computer and network language is binarary format.

192.168.1.2
192 168 1 2
11000000.10101000.00000001.00000010
2 1 168
192
0 =2*0 =0 1 = 2*0=1 0=2*0=0
0=2*0=0
1 =2*1 =2 0 =2*1=0 0=2*1=0 0=2*1=0
0 =2*2 = 0 0 =2*2=0 0=2*2=0 0=2*2=0
0 = 2*2*2 =0 1=2*2*2=8 0=2*2*2=0
0 = 2*2*2*2 =0 0=2*2*2*2=0 0=2*2*2*2=0
0 = 2*2*2*2*2=0 1=2*2*2*2*2=32 0=2*2*2*2*2=0
0 = 2*2*2*2*2*2=0 0=2*2*2*2*2*2=0 1=2*2*2*2*2*2=64
0 = 2*2*2*2*2*2*2=0 1=2*2*2*2*2*2*2=128 128+32+8=168
1=2*2*2*2*2*2*2=128 128+64=192

what is network?
types of networs?
IP classes?
IPV4 and IPV6?
private and public IP?
NIC = Network interface card
ehternet card

each server will have min 2 ethernet cards

cable one connected to switch1
cable two connected to switch2 Here we are configuring HA(High
availability).

How to list out ethernet cards?

nmcli -s dev

lo = Loop back

0 - 126 A
127. is reserved for Loop back
128 -191 B
* what is use of Loop back?
internally services will communicate through Loop back IP(127.1.1.1).
or
with in system services will communicate through Loop back.
* is it possible to connect with remote machine using Lo?
No

how to change IP address or how to assign static IP address?

nmtui
network manager terminal user interface

step 1 : assign the static IP

nmtui
step 2: restart network service
systemctl restart network

static = Persistence
DHCP = Dynamic host configuration protocol
is the server who will assign IP addresses to client machine.
while server is coming.

How to assign static IP address through commandline?

vi /etc/sysconfig/network-scripts/ifcfg-ens33
HWADDR=00:0C:29:D5:FE:DA
BOOTPROTO=dhcp
ONBOOT=yes

HWADDR= MAC address . Media access controller

the HW number is unique
each and every ethernet card will have one unique number that is HWADDRESS.
00:0C:29:D5:FE:DA
00:0C:29:D6:FA:AD
first 3 = company or manufacturar number next 3 is serial number
of product
wwn = world wide number
HBA card unique number

IP Address is assigned with MAC address.

BOOTPROTO=static or dhcp or none
static
IPADDR=192.168.145.10
NETMASK=255.255.255.0
GATEWAY=192.168.145.1
IPADDR=192.168.145.11
NETMASK=255.255.255.0
GATEWAY=192.168.145.1
777
000
------
777

A = 255.0.0.0
B = 255.255.0.0
C = 255.255.255.0
default netmask values
How to assign static IP
BOOTPROTO=static
ONBOOT=yes yes means = ethernet card also
should come up while server coming up
no means = ehternet card will not come up while server
coming up
IPADDR=192.168.145.10
NETMASK=255.255.255.0
GATEWAY=192.168.145.1

ifup ens33
is for bring up ethernet card
ifdown ens33

How to get the speed of ethernet card?

dmesg | grep ens33
1000 MBPS (mega bytes per sec)

ping : is for test the route between machine to machine

we are in 192.168.145.10
testing route status to the 192.168.145.160

ping 192.168.145.160
ping -c 5 192.168.145.160

netstat , ss, traceroute,telnet and nic bonding

Redhat certification
1. RHCA ==> Redhat certified administration ==> cost will be around
14000
2. RHCE ==> Redhat certified engineer ==> cost will be
around 14000

for each and every service port numbers are reserved.

1. FTP ==> 20/21
2. ssh ==> 22
3. SFTP ==> 22
4. NFS ==> 2049
5. SAMBA ==> 137/138/139
6. NTP ==> 123
7. DNS ==> 53
8. apache(Http) ==> 80
9. Rsync ==> 22
10. DHCP ==> 67/68/69
11. telnet ==> 23

ping is for test the route connectivity between source and destion.

telnet: using telnet service or command we can check service status in

destination
is service is running or not in destination machine we can get that status.
 before we start to destionation important part is test connectivity and
service status.
route is ping
telnet

ping is for route test

telnet is for service status test in destination.
i am in 192.168.145.160
telnet 192.168.145.10 21
go to 145.10 machine and get the ftp service status.
if ftp service is running in destanation machine then we will get
result as connected.
if ftp service is not running in destination machine then we will get
result as trying or no route to the host or Connection refused.

Traceroute: trace the route from source to destination

between source(Bangalore) to destination(Tirupathi).
ping is not working between source and destination
traceroute 192.168.145.10 using trace route command we can identify in
which area route is blocked or which hub route is blocked.
ip IP IP
server1 ==> switch1 ==> router1 ==> router3 ==> router5 ==> router 8 ==>
firewall2 ==> router9 ==> router7 ==> router12 ==> Switch 4 ==> server2
hub1 hub2 hub2
hub4 hub5 hub6 hub7
hub8 hub9 hub10
using traceroute we can confirm up to which hub packate is reaching. which hub
couldn't transfterring packate to next hub.
maximum trace route can test 30 hubs between source to destination.

the 22 port status between source and destination

which hub is blocking 22 port. that we can find out using below command.
traceroute -T -p 22 192.168.145.10

NC: net cat

there are 2 types of protocols in network

1. TCP (transmission control protocol)
2. UDP (User datagram protocol)

ftp is tcp secure protocol is tcp compare to udp

ssh is tcp
nfs is tcp
http is tcp
dns is udp
ntp is udp

using telnet we can test only tcp services status in destination machine.

NC can test the service status in destination machine of both the

protocols(tcp/udp).
telnet nc
1. only telnet services 1. it can test tcp/udp services
2. some packets will be transfered 2. nc will not transfer any packates. It
sends only zero size packet.
from source to destination

which is safe tool to use between source and destionation?

NC
becuase through telnet there is a chance we can inject virus. but through nc it's
not possible becuase nc supports 0 size packate.

tcp :
nc -vz 192.168.145.10 21
v = verbose
z = zero packets
UDP:
nc -uvz 192.168.145.10 123
nc -uvz 192.168.145.10 53
u = udp

SS/netstat :
socket state

ss -a
-a all port numbers list out which are in running state
ss -at
-t only tcp port numbers
ss -au
only udp port numbers
ss -atl
a=all
t= tcp ports
l = listening ports

nc -nap | grep :22

no results
understanding is ssh service is not running
results is only 1 line
LISTEN
service started and service is ready for connections.
along with LISTEN there is 1 ESTAB
meaning is one remote machine connected through ssh service.
here you can fine who is that destination machine connected to this machine.

NIC Bonding

Raid 0 - do we have redundancy ==> No

RAID 1 - do we get redundancy ==> Yes

min 2 disks to configure the RAID 1

RAID 5 - do we get redundancy ==> Yes

disk level performance means read and write.

capacity is different part
capacity is = 1 TB
performance = r/w

OS administrator going to setup bond between multiple ethernet cards

that is nothing NIC Bonding.
nic1 fails then automatically nic2 has to take the load.
Load has to be divided between both the NIC cards.
 Adv:
1. Speed : we can see good speed because 2 NIC cards will accept the
load
2. Redundancy : in case any of nic card fails then other nic card will
take the load or traffic.

Modes:
mode0 = round robin
mode1 = active backup
mode2 =
mode3
mode4
mode5
mode6

configuration:
min 2 nic cards at server
to configure round robin mode required physical switch.
Active backup will supports with out switch.
active backup:
nic1 = active
nic2 = Backup
round robin
nic1 = active
nic2 = active
here load will be devided between 2 nic cards.
in rr we can get both the features, that is redundancy and performance.

configuruing Active backup mode

pre-requisites:
make sure 2 nic cards are connected to machine
step 1: adjust the nic cards parameters
ens33 & ens38
change1 : BOOTPROTO=static
change it to
BOOTPROTO=none
change 2 : remove IPADDR,NETMASK,GATEWAY if there are
change 3 : add below 2 lines at end of file
MASTER=bond0
SLAVE=yes

step 2 :create new virtual ehternet card

cd/etc/sysconfig/network-scripts
cpifcfg-ens33 ifcfg-bond0
viifcfg-bond0
make name and device is modified with bond0 and remove uid
BOOTPROTO=static
DEVICE=bond0
ONBOOT=yes
PREFIX=24
IPADDR=192.168.145.100
NETMASK=255.255.255.0
BONDING_OPTS="mode=1 miimon=100"

step 3: stop and disable network manager service

systemctl stop NetworkManager
systemctl disable Networkmanager
 step 4 : restart network
systemctl restart network

verify:
cat /proc/net/bonding/bond0

FTP
File transfter protocol

vsftp,ssh,sftp,nfs,samba,dns,ntp,http

lvm =volume management

rpm/yum = software mgmt
user mgnt
to transfer data from one machine to other machine.

About FTP:
1. FTP is very fast,stable and efficient service to transfer files over the
internet and intranet.
2. using FTP service we can transfer only files not possible to transffer
directory or directories.
3. Data transfer happens in Binary format.
4. FTP supports internet

FTP server : 192.168.145.100

client is : 192.168.145.10

for all 10 services i am going to discuss about below 5 points

1. Pkg
2. service
3. Daemon
4. Port number of service
5. configuration file of service enable/disable features, we will define
functionality of service.
to setup FTP server what pkg has to be installed?
vsftpd
pkg : vsftpd
service :vsftpd
daemon : vsftpd
port numbers : 20/21 20= data 21 = connection/command
configuration file : /etc/vsftpd/vsftpd.conf
client use the 21 port to connect server
sever sends data on 20 port to client but client represent will use
2001 . server data send through 20 and client recieves data through 2001.
service : front end controller for particular service
running then clients can connect
not running no once connect to server through vsftpd service
systemctl stop vsftpd
systemctl start vsftpd
systemctl restart vsftpd
systemctl reload vsftpd
systemctl enable vsftpd ==> vsftpd service should start while server is
coming up
systemctl disable vsftpd ==> vsftpd service should not start while
server is coming up
systemctl is-enabled vsftpd
*** Daemon: is nothing but background worker for particular service
 accepting connections
allowing clients to access data . allowing clients to upload and download
data. these things and all taken care by daemon

*** what is daemon?

Daemon is nothing back end process of the service.

server side:
install vsftpd
rpm -ivh vsftpd.......rpm
start the service
systemctl start vsftpd
enable service permanently
systemctl enable vsftpd
disable security guy(firewalld) ===> outside security guy
systemctl stop firewalld
systemctl disable firewalld
inside house there is one more security guy(selinux) ==> inside server
selinux will provide security
temp : setenforce 0
perm:
vi /etc/selinux/config
SELINUX=enforcing
change it to
SELINUX=permissive
:wq

From clinent machine:

test the connectivity
telnet 192.168.145.100 21
or
nc -vz 192.168.145.100 21

suppose telnet result is failed or route to host or connection refuesed

1. make sure vsftpd service is runing in server machine
2. make sure firewall is not blocking remote machine at server end.
3. make sure 20/21 ports are allowed between client and server at
physical firewall level.

connect to the ftp server from client machine

ftp 192.168.145.100
incase ftp command not found please install ftp pkg.

by default root is bloked for ftp service

logged in as normal user
as soon as we login we will in remote(server) machine inside his home
directory.

connected from 192.168.145.10 to 192.168.145.100(ftp sever)

after login to 100 machine
ftp>pwd ==> remote(192.168.145.100)
ftp>!pwd ==> local (192.168.145.10)
ftp>ls ==> remote
ftp>!ls ==> local
ftp>cd /tmp ==> remote
ftp>lcd /tmp ==> local
 ftp>get tfilebyprasad get=download
ftp>mget file1 file2 file3 mget= multiple files downloading
ftp>put filename
ftp>mput file1 file2 file3 file4

ftp can accessible even through internet

in browser
ftp://192.168.145.100
by default it takes to /var/ftp
by default every can see /var/ftp data
anonymous will have rights to access ftp server through browser
going to disable anonymous
vi /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
change it to
anonymous_enable=NO

:wq
systemctl restart vsftpd

by default all common users are allowed for ftp

how to block the normal user?

vi /etc/vsftpd/ftpuser
raja
:wq

* what is the default home directory for ftp user?

/var/ftp

repo creation time

baseurl=ftp://192.168.145.100:/pub/rhel70
what is default anonymous home directory?
/var/ftp
how to change default anonymous path?
mkdir -p /ftp/anon
vi /etc/vsftpd/vsftpd.conf
add below parameter
anonymous_enable=YES ==> modify
anon_root=/ftp/anon ==> ADD
:wq
systemctl restart vsftpd

* how to disable all system and normal users by default and allow only particular
users?

step 1 : create file and add allowed users

vi /etc/vsftpd.allowedusers
prasad
raja
babu
rahim
step 2 : adjust below parameters in configuration file
vi /etc/vsftpd/vsftpd.conf
userlist_enable=YES it will be there no need to add
userlist_file=/etc/vsftpd.allowedusers ==> add it
userlist_deny=NO ==> add it
:wq
step 3: restart the vsftpd service
 systemctl restart vsftpd

Draw back in FTP?

less security, becuase data transfer is happening in which format ?
Binary
binary is easy to convert

encryption is secured.

March-23-
2021

SSH
secure shell

ssh is for transfer data over the network in secure format.

1. ssh offers encryption for data transfer that restricts hackers

and attackers from from hacking.
2. administrate the remote machine:
disk management, user management, troubleshooting,.....as
if machine locate physicaly.
3. using ssh we can transfer files and directories.

5 things for service

1. Pkg : openssh-server
2. Service : sshd
3. portnumber : 22
4. daemon : sshd
5. configuration file : /etc/ssh/sshd_config
ssh
which ssh
rpm -qf /etc/ssh/sshd_config
rpm -qf /usr/bin/ssh

how data will be transmitted to remote machine very securely?

1. client send random mesage to server along with public key
2. server sends random message with public key to client
3. client will sends random encryption message with codes to
server. this encryption is create by server public key.
4. server will verify decrypt the message which is came from
client and verifies is key is matching with him.
if secrete number match then handshake is success
5. one seperate tunnel will be created between server to client
now data transfer happens with in tunnel

each and every machine will have 2 keys by default(private and public)

public key is for = enctyption (lock)

private key is for = decrypt (unlock)

how to login to remote machine?

ssh 192.168.145.10
100 ====> 10
client : 192.168.145.100
 server : 192.168.145.10

ssh 192.168.145.100
10 ====> 100
client : 192.168.145.10
server : 192.168.145.100

ssh -l raja 192.168.145.100

ssh [email protected]
raja account should exist in 100 machine. now we have enter raja password
which is set in 100 machine.

How to transfer data or files?

scp /tmp/file1 [email protected]:/tmp
scp -r /tmp/dir1 [email protected]:/tmp
secure copy
source 10 machine from here sending file1 to 100 machine path is /tmp
and while copy which credentials will prompt raja user credentials.

scp /tmp/file1 [email protected]:/tmp

scp -r [email protected]:/tfile .

we are in 10 machine. taking tfile file from 20 as prasad

scp -r 192.168.145.20:/tfile [email protected]:/tmp
i am in 10 machine.
pushing file from 20 to 30 machine.
source : 20
destionation :30 machine
who is doing this taks 10 machine

what is default port of ssh?

22
is it possible to change ssh port number?
yes
scenario 1: how to set 2222 for ssh service?
step 1: modify the port number in configuration file
vi /etc/ssh/sshd_config
#Port 22
change it to
Port 2222
:wq
step 2: update new port number even in /etc/services file
sshd:2222
step 3: restart the sshd service to reflect the changes
systemctl restart sshd
disable selinux
setenforce 0

scenario 2 : How to block root login through ssh service

locking root user
locking root user only for ssh service.
locking root user only for ftp service.

reason for disabling root login through ssh service.

root user is a common account.
Server 1 = Linux team capacity is 20
are these 20 members required root credentials?
Yes
 login as prasad and switch to root
if we follow above process then system will captures the proof that
prasad switched to root user.

Usecases: Blocked root user

some one powered off server around 10 AM
as per logs before 10 AM 2 users logged in system. but in these 2 users only
1 user is switched to root
prasad and babu
here only prasad switched to root user.
Did not block root user:
incase we haven't blocked root user. so prasad and babu directly logged in system
as root user.
log will highlight like server is halt by root user.

step 1: modify following parameter in configuration file "

PermitRootLogin yes"
change it to
PermitRootLogin no
step 2 : restart the sshd service to reflect changes
systemctl restart sshd
here we can fine which are the users loggin system
/var/log/secure

scenario 3: configuring password less authentication between multiple users over

the ssh service.
creating trust relation between 2 machine and 2 users

password is mandatory to login remote machine through ssh service.

eg: 192.168.145.100 bkpuser

192.168.145.10 bkpuser
now requirement is 100 will connect to 10 machine as bkpuser but it
should not prompt for password.
192.168.145.100(bkpuser) ====> 192.168.145.10(bkpuser)
share pub key ====> 10 machine bkpuser
individual users will have pub and private keys

step1 : login to 100 machine as a bkpuser and generate keypair

ssh-keygen
step 2 : share public key from 100 machine to 10 machine as a
bkpuser.
ssh-copy-id -i .ssh/id_rsa.pub [email protected]

actually ssh-copy-id will copy bkpuser public key in to

authorized_keys file which will be there in 192.168.145.10 server inside bkpuser
home directory.
authorized_keys file in 10 machine bkpuser
192.168.145.100 public key bkpuser
192.168.145.20 public key tuser
192.168.145.30 public key prasad

100-bkpuser can login to 10 machine without password because 100

machine shared his public key with 10 bkpuser
20 - tuser can login to 10 machine without password because 20
machine shared his public key with 10 bkpuser
30 - tuser can login to 10 machine without password because 30
machine shared his public key with 10 bkpuser
Scenario 4: how to disable common users through ssh service?
oracle full oracle will use oracle for stop and start db
now tell me is oracle user is a common account or not?
yes
because full oracle team using oracle user to stop and start db

application team using tomcat user to stop and start application

now tell me tomcat is common account or not?
yes

raja ==> oracle ==> stop/start is right

oracle ==> stop/start is wrong
step1 : add below parameter in configuration file
DenyUsers oracle tomcat babu appuser

step 2: restart sshd service to reflect changes

systemctl restart sshd

* by default how many users can login to one system at a time?

10 users
how to increase max ssh sessions?
change below parameter in configuration file
MaxSessions 100

systemctl restart sshd

Scenario 5: How to set Banner for ssh login user
step 1: create banner file with content. in oraganization we will
get banner content from security team.
vi /etc/bfile
########## IT IS Google server #############
Please aware your loggin to google server. if your not
authorized to login don't login
step 2 : set the banner file path in configuration file
before
#Banner none
after
Banner /etc/bfile
step 3: restart sshd service to reflect latest changes
systemctl restart sshd
26-03-2021
NFS
Network file system

==> NFS allowes remote hosts to access file system which is exported to
network.
==> remote machines can mount that exported file system and feel as if it is
local file system.
==> It's a centralized storage solution
==> export and mount same volume across all unix servers.
==> not only linux to linux
it works like RHEL ==> solaris
Solaris ==> suse
unix ==> unix
==> we can apply acl on nfs file system.
 Pkg : nfs-utils
port : 2049 (tcp)
service : nfs
daemon : nfsd,mountd,nfslogd,statd & lockd
config file : /etc/nfsmout.conf

server: export file system

make sure nfs-utils pkg is installed in machine where we want to export file
system.
rpm -qa | grep nfs-utils
if not there install nfs-utils pkg
following file will be there in server so just open it and add file system
details
vi /etc/exports
/DBdata *(rw,sync)
there si no space between * and (

restart nfs service to reflect exported file systems.

systemctl restart nfs

client:
step 1 : do the connectivity test
ping 192.168.145.100
telnet 192.168.145.100 2049
step 2 : verify client access on exported file system
showmount -e 192.168.145.100
step 3 : if client has access then stright away mount nfs file system
mkdir /DBdata
mount 192.168.145.100:/DBdata /DBdata
step 4: update nfs entries in /etc/fstab for permanent mount
192.168.145.100:/DBdata /DBdata nfs defaults 0 0

export options
vi /etc/exports
/DBdata 192.168.145.120(rw,sync)
/DBdata 192.168.145.121(ro,sync)
/DBdata 192.168.130.*(rw,sync)

/DBdata *(rw,sync,root_squash)
/DBdata *(rw,sync,no_root_squash)
/DBdata *(rw,async,no_root_squash)

* what is difference between sync & async?

* which option will increase nfs performance sync or async?
* what is difference between root_squash and no_root_squash?
what is difference between sync and async?
sync: clients will access the nfs file system to read and write data. sync option
is enabled at server end then server will give aknoledgement to client machine once
after
successfully 100 % data recieved to server.
nfs server will give confirmation to client once after 100 % data
reached to server from client.
client data to nfs file system
nfs server will wait until data copy/sync complete
successfully then only it give geniune confirmation to client like received your
data.
async:async option is enabled at server end then server will give aknoledgement to
client machine as soon as data start trasfering to server.
 async option is not waiting until data transffer completes. starting it
self server giving confirmation to client like recieved data.
there is chance trasaction or data transfer will inturupt.

which option will give geniune confirmation to clients?

sync
* which option will increase nfs performance sync or async?
async
because server is not waiting to complete transaction . it is giving
confirmation to clients as soon as transaction starts.

in big environment which option is recommended?

async

* what is difference between root_squash and no_root_squash?

no_root_squash: root user permissions for remote machine.
if we mention no_root_squash option for exported file system then
client machine root users will have full permissions on exported file system.
nfs server : root user is there
client machines : root user is there
if we enable no_root_squash then along with server root user remote(client)
root users also will have full permissions on exported file system.
1 nfs server 100 client machine
/DBdata on this file system who are the administrators?
101?
there is security bottleneck for exported file system. there is a chance
remote(client ) root user delete data by mistake.

root_squash: only local(nfs server) root user will have full rights.
client machine root users will be consider as normal users.

/data *(rw,root_squash,sync)
100 client machines mounted /data but i want which root user will have full
control on /data file system?
only nfs server root user

/data1 *(rw,no_root_squash,sync)
200 client machines mounted /data1 file system, in this case which root user
will have full control on /data1 file system?
201 machines root users will have full permissions on /data1

lvm,pkg mangement,booting procedure in this week

======================================================================
*** we have cleared 5 GB space from one of the partition but that is not reflecting
in df -h output?

ans:

files are deleted when some processes are using those files.

file1 1 GB but file 1 is using by one of the process

--> file2
 --> file3

when some processes are using file in between we deleted it is processes will
release that file?
No
process will not release that file. Because the file already in buffer state.
lsof -R /mountpoint/dictory | grep -i deleting
lsof /mountpoint/directory | grep -i deleted
Solution:
1 : restart(stop & start) the parent process which are running by same
user.
eg: appuser is the owner of deleted file
using appuser whaterver process is running . that needs to
restart.
2. reboot the server

right approach is :
==> verify any process is utilizing that file before delete
==> if none of the process is utilizing that file then delete it.
==> in case some processes are using? then
ask process owner to stop the process.

*** is that directory or file is occupied/using by any of the process?

lsof +D /data/critical
lsof /data/critical
lsof = list opened files
which are the files are opened for processes.

*** is the partition is using by which are processes?

fuser -v /mountpointname

fuser : file system users

currently which are users and processes using partiton
fuser -vik /mountpointname
v = verbose
i = interactive ( do you want kill this process ? yes /no)
k= kill that

=======================================================================

min 10

pvcreate
vgcreate
lvcreate
mkfs
mkdir
mount
add entry in /etc/fstab

patching
every one will join in call
make sure server backup is done
create snapshot for full machine
collect the prechecks
disable or supress the alerts
request db/app team to stop the things whaterver is running
perform sanity reboot
once server is up
check is the server is integrated with satelite
subscription-manager --status
if server is integrated with satellite then perform patching
if it is rhel yum update quaterly we will do full patch (3 months once)
if it is suse zypper update
reboot the server
do post checks
looks fine then hand over to team for application start and validation

vi file management
only for vi we have to spend 5 days

---------------------------------------------------------------------

soft and hard mount

while mounting nfs file system in client machine.

soft
mount -t nfs 192.168.145.100:/tdir /test -o rw,soft
hard
mount -t nfs 192.168.145.100:/tdir /test -o rw,hard
*** what is the difference between hard and soft?

clients are accessing nfs server file system

server <==client1
server < == client2
soft
we specified soft option while mounting nfs file system.
unfortunatly nfs server went down. in this situation client will try 2 attempts and
stop going to server after 2 attempts.
attempt 1 server was down not able access file system
attempt 2 server was down not able to access file system
there will not be any more attempts from client to server.
hard
we specified soft option while mounting nfs file system.
unfortunatly nfs server went down. in this situation client will try continuesly.
attempt 1 failed
attempt 2 failed
attempt 3 failed
attempt 4 failed
attempt 5 failed

which is recommended option soft or hard?

hard
if there are less clients

soft is recommended
if there are more clients
soft is recommended if clients are more
1 server = 200 clients now here all clients will not fell on server

hard
1 server = 200 clients now all clients will fell on nfs server
there is a chance nfs server will go into not responding mode
hard is recommended if clients are less
vi /tmp/servers
192.168.145.10
192.168.145.12
192.168.145.13
192.168.145.14

192.168.145.100 to above 4 machines

step 1 : generate keys in 100 machine

ssh-keygen
step 2: copy public key to above 4 machines
for i in `cat /tmp/servers`
do
ssh-copy-id -i /root/.ssh/id_rsa.pub $i
done
first time it prompts for password for all 4 machines.

which is the default mount option is it soft or hard?

hard

Autofs
mount the nfs file system automatically when client machine started
using it.
if client machine is not using nfs file system more than 5 min then
unmount automatically.
here mount and unmount is happening based use.
using mount
not using unmount
Benifits of autofs:
1. improve nfs server performance ( inactive connections will be release
after 5 min)
2. save the network bandwith at both sides(client and server). for continues
connection required some bandwith.

it's at client side feature.

server side NFS export(exporting the file system)

client:
1. permanent mount
2. auto mount(autofs)
1. Permanent mount:
step 1 : do the connectivity test from client to server
ping and telnet
telnet serverip 2049
step 2 : list out shared file systems and mount the file system based
access.
showmount -e serverip
mkdir /data
mount nfsserverip:/data /data
with options
mount -t nfs nfsserverip:/data /data -o rw,soft,proto=tcp
step 3 : make file system entries in /etc/fstab

auto mount
 mkdir -p /auto/DBdata
install autofs pkg
name : autofs
service : autofs
daemon : autofsd
config file : /etc/autofs.conf
sys

/etc/auto.master ==> root path ( /auto) remaining details

will be specified in /etc/auto.misc file
/etc/auto.misc ==> mount point details

vi /etc/auto.master
/auto /etc/auto.misc --timeout=80

vi /etc/auto.misc
DBdata -fstype=nfs4 192.168.145.100:/DBdata

systemctl restart autofs

vi /etc/autofs.conf
timeout=80

***** df -h command output is not coming. how you can fix this issue?

got the issue

may be issue is : couldn't able to mount any remote file systems.
where df -h command output is not coming that is client machine.
step 1 : find out how many nfs file sysems are there in /etc/fstab
cat /etc/fstab
here note down only nfs entries.
suppose there are 2 nfs mount points
then note down both the IP and do connectivity test
ping nfsserver1
ping nfsserver2
telnet nfserver1 2049
telnet nfsserver2 2049

==> ping is not working to one of the server.

possibility 1 : destination or nfs server is down.
login to vcentre
if server is down then just start it
later findout root cause for down
possibility 2 : if ping is not working to one of the server means may be
there is no route from client machine to server
server is up and running and there is ip address also but still
ping is not working
in this situation open case with network team to look on this.
here we have to share traceroute command output to network
team.
==> ping is working but telnet is not working to one of the nfs server?
possibility 1: may be nfs service is stopped or nfs service is not
running
solution: login to nfs server and start nfs service.
nfs service is running but still clients not able to
connect
possibility 2 : firewall is stopping the client machine in server
machine.
systemctl stop firewalld
systemctl disable firewalld
but still clients machines not able to connect to server on 2049.
possibility 3 : co-ordinate with network team to make connection from
client machine to nfs server
open case and share traceroute command output
==> ping and telnet is working but couln't able to mount it.

possibility 1: may be someone un-exported exported file systems

unfortunatly.
may some one deleted entries in /etc/exports

possibility 2 : wrong entries in /etc/exports

correct syntax is : filesystem access(options)
/DBdata *(rw,sync)
wrong syntax is :
/DBdata * (rw.sync

wrong syntax will effect to all exports

booting proccedure, lvextend, df -hP command output is hang, how your

doing patching in your organization, difference between yum and rpm,
difference between yum update and yum upgrade, how to roll back the
patching.

df -hP will ping local and nfs, samba partitons

Selinux and Firewalld

firewalld : OS level firewall ( it works at network level) ==> outside security

component
selinux : File/directory based security component ( it works at server level) ==>
Inside system security component

organizations will maintain physical firewall (Hardware compnent)

Traffic = in and out traffic

packets(data)
file 1 GB it will be divided into packets and send to destination.

how to know which are services are allowed?

firewall-cmd --list-services
ssh and dhcp is allowed from out to inside
firewall is security person who will maintain rules. he will allow in and out based
on his rules.

input rules = allowing traffic from outside to inside

output rules = allowing to go out.

how to allow nfs services over network

firewall-cmd --zone=public --add-service=nfs --permanent
How to get zone information
firewall-cmd --get-default-zone
how to delete nfs service over network
firewall-cmd --zone=public --del-service=nfs --permanent

reload is mandatory to reflect the changes

firewall-cmd --reload

how to allow particular port?

firewall-cmd --zone=public --add-port=2049/tcp --permanent
firewall-cmd --zone=public --add-port=2049/udp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --zone=public --add-port=21/udp --permanent

in organization 99 % switch off firewall service, becuase we will have physical

firewall which will take care security part.

SELINUX:
Secured enhanced Linux

security has been enhanced in Linux machines.

applied rules on files and directories with help of selinux.

there are many selinux rules will protect your data. someone(nfs,ftp) services try
to access config file then selinux will deny them saying file is protected.

SELinux modes
1. Enforcing
2. permissive
3. Disabled
enforcing : strickly follow the selinux rules
permissive : allowing everything but warning message
disabled : no selinux rules applied
how to list out selinux rules?
getsebool -a
how to know the current mode selinux?
sestatus

config file of selinux

/etc/selinux/config

targeted = selinux rules are applicable only for network

services(ssh,nfs,ftp,samba.....)
mls= selinux rules are applicable for both inside services and outside services.
recommended = targeted

in orgazination which mode will be ?

enforcing

setenforce 1 = enable enforcing mode

setenforce 0 = enable permissive mode

how to disable selinux permanently?

step 1 : modify disabled parameter in selinux config file
vi /etc/selinux/config
SELINUX=permissive
step 2 : reboot the server
shutdown -r now

TCP & UDP

these 2 are the protocols which work inside network.
protocol is nothing process followed in network.

tcp process is = recieve data ==> divided as packets ==> parcel the data ==>
establish connection to destionation ==> take confirmation from destination ==>
take one
ack number from destination ==> assign this ack number to parcel ==>
assign serial numbers to packet ==> send packet to destination
UDP process is == receive data ==> divided as packets ==> send or through packet to
destination

guarantee delivery will be in TCP process

tcp , Reliability(Guarantee), ordering(sequence), bit slow also
udp , very fast , no guarantee
1
tcp is a connection oriented protocol
udp is a connection less protocol
2. Reliability
tcp will give guarantee to deliver packet to destion because it take confirmation
and aknowledgement number from destination before start sending data.
udp no guarantee. if destination is ready state to accept then packet will be
delivered.
3. no cofirmation
tcp will give confirmation back to source machine packet deliver status( delivered
or not)
udp no status
4. performance
tcp is slow becuase it has establish connection, get the aknowledgement
number, parcel the data . header size will be more
header size is = 20
udp is very fast
header size = 8
packet tcp = 64 bytes
pakcet upd = 58 bytes

ssh - tcp
ftp - tcp
nfs -tcp
dns -udp
dhcp - tcp
http - tcp
ntp - udp

SAMBA

ftp ==> upload/download only files

ssh ==> we can transfer files/directories in secure format(encryption/decryption).
nfs ==> centralized network file system. file system will be in network. we can
share across unix machines eg : suse --> redhat and redhat --> solaris
samba ==> centralized network file system. file system will be in network. we can
share across unix to windows and windows to unix.
sharing can possible cross platforms
unix to windows
windows to Unix

pkg : samba,samba-common,samba-client,cifs-utils,key-utils
port numbers : 137,138,139 (Linux side) windows (445)
service :smb
 daemon : smbd
config file : /etc/samba/smb.conf

linux machine want to access windows file system here 445 should
allow linux machine. that means 445 should listen at windows.

scenario 1 : export file system in windows and access it from Linux box.
how to know the already exported file systems in windows machine.
windows key + r ==> to open run prompt in winodw
\\localhost

right click on directory ==> share with ==> particular people ==> add
==> everyone ==> permissions ==> share
create 1 user in windows machine and set password for him.
why this user required?
using this user only we are going access windows file system from
linux box.
how to create user in windows?
right click on my pc(my computer) ==> manage ==> local users and groups
==> double click on users ==> right click ==>new user
ipconfig ==> vmnet8
how to disable firewall in windows
windows key +r type control ==> control pannel ==> system and security ==>
windows firewall ==> turn windows firewall on/off ==>

Linux side
accessing windows file system from linux machine
step 1 : do the connectivity test
ping <windows ip>
step 2 : create local directory and mount windows share
mkdir /b23share
mount -t cifs //192.168.145.1/b23-sharedrive /b23share -o
username=babu,password=test123
perm : add file system details in /etc/fstab file
//192.168.145.1/b23-sharedrive /b23share cifs
defaults,username=babu,password=test123 0 0

in above entry there is security voilation that is username and password. any
body can see these entries. so we have hide credetnails.

how to hide the credentials

as a root create file inside secure place (/root). it's a root user
home directory only root will have permissions to enter here.
vi /root/.cre
username=babu
password=test123
chmod 700 /root/.cre
note: make sure cifs-utils pkg is installed
add the entry in fstab file
//192.168.145.1/b23-sharedrive /b23share cifs
defaults,credentials=/root/.cre 0 0

cifs = common internet file system

scenario 2: exporting file system in linux and mounting it in windows

 make sure samba pkg is installed
rpm -qa | grep samba

step 1 : export the file system

[myshare-prasad] : display
name for share
comment = myshare-prasad : just comment
path = /DBdata : share path
browseable = yes : it should display or not for all
read only = no : write yes
valid users = bkpuser raja babu : valid users are bkpuser raja
babu
step 2 : validate the syntax errors and set samba password for bkpuser , raja
and babu
testparm
smbpasswd -a bkpuser
smbpasswd -a raja
smbpasswd -a babu
pdbedit -L
this command will help existing samba users
disable : smbpasswd -d babu
enable : smbpasswd -e babu delete user from samba list : smbpasswrd -x
babu
adding user to samba list : smbpasswrd -a babu

login and samba password is different.

using samba password we will access the linux share from windows
machine.

step 3 : restart the samba service

systemctl restart smb
systemctl disable firewalld
systmctl stop firewalld
setenforce 0

mounting linux file system in windows

windows key + r \\linuxip
it should prompt for username and password

perm :
double click on my computer ==> right click ==> add a network location ==> \\
linuxip\sharename
\\192.168.145.100\myshare-prasad

NTP
Network Time protocol

ftp = able to transfer files

ssh = able to transfer files/directories in secure manner
nfs = centralized storage solution . we will export file system to network and
clients will access file system. data transfer happens between unix to unix
samba = centrailzed storage solution. data transfer happens between cross platforms
i.e unix to windows and windows to unix
NTP = over the network date and time will travel. the date and time will be sourced
from one of the server to client machines.

what type of data is traveling over the network?

date and time
do you thing is this data is very sensitive?
 no
that is the reason ntp developed in UDP protocol.
NTP use the which protocol?
UDP

nfs protocol ==> TCP

samba ==> TCP
ssh ==> TCP

IST time zone systems

10 april prasad
6 april raja

source(server) : 7 april 2021 7:29

all the clients follows him IST :7:29
server : 7:29
clients : 7:29

3 layer architecture

1. web servers ( public zone) www. facebook.com login prompt ==>

username and password
2. Application layer ==> engine for your app
3. DB layer ( restricted zone) ==> username and password ==>
success ==> your data

data structure language

hdd ==> db ==> server
server ==> DB(oracle,mysql,mangodb) ==> HDD

in db i have set time out 60 sec

outside guy 7:45 ==> firewall 7:45 ==> LB 7:45 ==> web server 7:45 ==>
app server 7:42 ==> DB session time is 7:42 db time is 7:45
how much difference is there between session and DB?
3 Min
what is time out we set in DB
1 min
what is the problem?
db will not accept the session(request), becuase db will
thing session is old time out
he will accept session with in 60 sec
outside person will get session timeout error
or
transactions are failing

time out 5 min

ATM box started transaction
time out is 1 min
good for both custer and server
with in min he will success or failure message

maintaining uniq time is important or not ?

yes
how we can achieve this?
using by NTP server
scenario 1 : setup ntp server
scenario 2 : integrate client machine with NTP server.
server :
pkg : ntp
port : 123 udp
service : ntpd
daemon : ntpd
config file : /etc/ntp.conf

mount dvd and install ntp pkg

scenario 1 : setup ntp server
step 1 : adjust the settings in ntp.conf file
change 1 line number 17 #restrict 192.168.1.0 mask
255.255.255.0 nomodify notrap
to
restrict 192.168.145.0 mask 255.255.255.0 nomodify
notrap
restrict 192.168.169.0 mask 255.255.255.0 nomodify notrap
restrict 192.168.214.0 mask 255.255.255.0 nomodify notrap

change 2 add ntp server details

21 # Use public servers from the pool.ntp.org project.
22 # Please consider joining the pool
(http://www.pool.ntp.org/join.html).
23 server 0.rhel.pool.ntp.org iburst
24 server 1.rhel.pool.ntp.org iburst
25 server 2.rhel.pool.ntp.org iburst
26 server 3.rhel.pool.ntp.org iburst
27 server 127.127.1.0
28 fudge 127.127.1.0 stratum 10
step 2 : restart ntpd service
systemctl restart ntpd
systemctl enable ntpd
step 3 : disable firewalld
systemctl disable firewalld
systemctl stop firewalld

ntpq -np to get the ntp status

ntpstat
scenario 2 : integrate client machines with ntp server

server ntp
client side agents : 1. ntp 2. chrony
there are two agents to get the date and time
rhel 4,5,6 = ntp
rhel7 & 8 = chrony
any one we have to configure at client side eaither ntp or chrony

install chrony-3.2-2.el7.x86_64.rpm

configuration file : /etc/chrony.conf

change 1 : add ntp server ip
server 192.168.145.100 prefer

systemctl restart chronyd

systemctl enable chronyd

wait for 2 min

 ntpq -np
or
chronyc tracking
to know the ntp server details
chronyc sources
refresh client machine with ntp server

step 1 : stop chronyd service

systemctl stop chronyd
step 2 : sync local machine with NTP server
chronyd -q " server 192.168.145.100 iburst"
step 3 : start chronyd service
systemctl start chronyd

or
chronyc
makestep
quit

DNS
Domain name system

ftp ==> data tcp

ssh ==> data tcp
nfs ==> data tcp
samba ==> data tcp
ntp ==> date & time udp

DNS ==> it just resolves name to IP and IP to name

it just convert name to IP and IP to name that is the reason DNS
develped in UDP.
here no sensitive data travelling.

over the network hostname or ip address will travel. In case any one hack
also they can find only hostname or IP in the packet.

name or IP
which is easy to remember name or IP?
name
eg : google.com
facebook.com
aws.amazon.com
portal.azure.com

1. public network DNS ( Administrator will not have

control)
2. private network DNS (Administrator maintains the DNS
server)

who will setup DNS server?

OS administrator os windows = windows administrator
Linux = Linux administrator

Scenario 1 : setup DNS server and integrate(join) client machines with DNS
server.
pkg = bind and bind-utils
port = 53 UDP
 service = named
daemon = named
config file = /etc/named.conf
zonefiles = /var/named/forwardzonefile ( maintain name to
IP details)
/var/named/reversezonefile ( maintain IP to
name details)

how many root DNS servers are there in world?

13
google.com
amazon.com parent domain
aws.amazon.com chaild domain

CCTLD = contry code top level domain amazon.in amazon.uk in,

pk,sl,np,us,uk
GTLD = General Top level domains 21
.edu
.com
.corp
.info
.gov
ap.pens.gov
-----------------------------------------------------------------------------------
-----------------------------------------------------------------------------------
-------------------------------------------------------
note : make sure dns server has static IP
request network to allow 53 UDP port between client machines to DNS server.
step 1 : make sure bind and bind-utils pkgs are installed
step 2 : create forward lookup zone to register Address
records(name to IP).
DNS server name : batch23
domain name : b23.com
DNS server IP address : 192.168.145.100
===========================================
$TTL 1h
@ IN SOA batch23.b23.com. root.b23.com. (
2021040901 ; serial
1h ; refresh
70m ; retry
2d ; expire
2d ; minimum
)
@ IN NS batch23.b23.com.
@ IN A 192.168.145.100
batch23 IN A 192.168.145.100

===================================

forward lookup zone syntax

records
records are arranged properly in forward lookup zone. if we do any syntax mistakes
then named service will not start.
* explain about DNS records?
there are 7 records. those are
1. SOA (Start of authority) here we will maintain DNS server related
parameters(resources) ===> this will forward & Reverse files
TTL, serial number, refresh,retry,expaire
TTL : time to lieve
eg : TTL is 1 hour current time is 7:30 and added new entry in
forward lookup zone.
but this entry will come to live after 1 hour because TTL
is 1 hour.
TTL is nothing reloading the updates which we made in
forward lookup zone file.

2. NS (name server) here we will maintain DNS server details

===> this will forward & Reverse files
3. MX (mail exchange server). here we will maintain mail server name or
IP. integrating mail server with dns server. ===> this will forward & Reverse
files
[email protected]
4. A : Address record for IPV4 name to IP ===>
this will forward files
5. AAAA : Address record for IPV6 name to IP ===> this
will forward files
6. PTR : Pointer record ip to name ===>
this will Reverse files
7. CNAME: alias or cononical name ===> this will forward files

eg for A record & CNAME

hostname IN A 192.168.145.121
facebook IN A 192.168.145.111
fb IN CNAME facebook

www.facebook.b23.com
my domain b23.com

reverse lookup zone entries

192.168.145.100 IN PTR batch23

@ IN SOA batch23.b23.com.

@ = batch23.b23.com.
batch23.b23.com. nothing FQDN(fully qualified domain name)
hostname with domain name

serial number = primary dns serial number and secondary dns server serial number
should be same . that means entries are replicated from master to slave.
refresh = replication min time between master to slave
retry = in case refresh failed due any reason then retry will try to push data from
master to slave
expaire
above 4 resources are belongs to master to slave replication parameters.
master DNS server (primary)
slave DNS server (secondary)

2021040902 master
 2021040901 slave

step 3 : configure the main configuration file

vi /etc/named.conf
========================
options
{
directory "/var/named"; // "Working" directory
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";

listen-on port 53 { 127.0.0.1; 192.168.145.100; };

allow-query { localhost; 192.168.145.0/24; 192.168.140.0/24; };

};

zone "b23.com" IN {
type master;
allow-query {any; };
file "fwdzone-b23.com";
};
==========================
step 4: syntax validation
zone file syntax : named-checkzone b23.com /var/named/fwdzone-
b23.com
config file syntax : named-checkconf /etc/named.conf
step 5: restart named service
systemctl restart named
systemctl enable named

note : make sure dns server has static IP

request network to allow 53 UDP port between client machines to DNS server.

-----------------------------------------------------------------------------------
-----------------------------------------------------------------------------------
--------------------------------------------------------
integrate client machine with DNS server
step 1 : do the connectivity test
nc -uvz 192.168.145.100 53
step 2 : add the DNS server details in /etc/resolv.conf
vi /etc/resolv.conf
search b23.com
nameserver 192.168.145.100

nslookup hostname
dig hostname

server
 pkg: bind and bindutils
create forward lookup zone file . here we will maintain other machines
hostnames and IP address.
we will update forward lookup zone file path in /etc/named.conf
verify the syntax of configuration files
named-checkzone b23.com /var/named/fwd-b23.com
named-checkconf /etc/named.conf
systemctl restart named && systemctl enable named
NOTE: make sure static IP assigned for dns server.

53 UDP
client =====> server
request network team to allow 53 port between client to sever.

client:
vi /etc/resolv.conf
search b23.com
nameserver 192.168.145.100

validate entries
nslookup hostname

rsync
remote sync

scp
ftp
nfs
samba
rsyn
scp and rsync

scp(ssh) rsync
22 22
enctyption entryption
no incremental data it transfers only incremental data

scp
source file1 1.5 GB destination file1 1 GB
it transfers 1.5 GB to destination machine
rsync
source file1 1.5 GB destionation file1 1 GB
it transfers only 500 MB to destination machine. it sends only
differencial data.

which will be fast ?

rsync

data will be compressed before sending data to destination.

advantages:
1. It trasfferes differencial data
2. it compress the data before sending to destination
3. rsync is very fast compare to scp because it sends only differencial and
in compressed mode

commands
rsync -arvz /test/ [email protected]:/test
 transfering /test inside data to destination 10 machine inside
/test directory
scp -r /test [email protected]:/test

a = all permissions,ownership and links (replicate source owner,group,links

to destination)
r = recursivly files and directories
v = verbose
z = compression

SFTP
* what is ssh port number ?
22
* what is sftp port number?
22
ssh and sftp both services are using 22 port?
yes sftp is sub component of ssh service.

what is sftp configuration file?

/etc/ssh/sshd_conf
how to block users through sftp?
vi /etc/ssh/sshd_config
DenyUsers user1,user2

sftp [email protected]

get
put

*** how to know yesterday logged in users?

last
last | more
*** how to identify which user is rebooted server?
last
user login and logout data will be there in last command

* what is the difference between ftp and sftp?

ftp data transfer happens in binary format
sftp data transfer happens in encryption format

http(apache)
Hyper text transfer protocol

ftp ==> data

ssh ==> data
sftp ==> data
nfs ==> data
samba ===> data
ntp ==> date & time
dns ==> name resolution name to ip as well as ip to name
http ==> data but hyper text like images, vidos and can be accessible over the
internet/intranet.

developer = who will develop the web page

administrator = publish the web page

unique feature of http is it supports hyper text over the browser.

 5 things about http
1. pkg : httpd
2. port : 80
3. service : httpd
4. daemon : httpd
5. config file : /etc/httpd/conf/httpd.conf
default web pages path is /var/www/html
DocumentRoot /var/www/html

there are 3 ways or 3 methods to publish web pages

1. IP based : one ip one web page going publish
2. named based : multiple web pages publishing based
on name
3. port based : multiple web pages publishing
through different different port numbers.

scenario 1 : publish sing web page

step 1 : install httpd pkg
yum install httpd
step 2 : import the web page
mkdir /var/www/html/site1
cd /var/www/html/site1
echo "===> SITE 1 <===" > index.html
step 3 : configure the web page
cd /etc/httpd/conf.d
vi site1.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.site1.b23.com
DocumentRoot /var/www/html/site1/
</VirtualHost>

step 4 : verify the synax

apachectl configtest
output was ok
step 5 : restart httpd service
systemctl restart httpd
systectl enable httpd
systemctl stop firewalld
in browser
192.168.145.10

if you want to access web page with name then please maintain entries in dns server
vi /var/named/fwd-b23.com
at the end add below entry
www.site1 IN A 192.168.145.10

public : server ==> the above process , webpage configure, web page,
add name in dns, restart the httpd ==> register name in root dns server
with pulic IP
private server ==> the above process , webpage configure, web page,
add name in dns, restart the httpd

2. named based : multiple web pages publishing based on name

step 1 : import the web page

mkdir /var/www/html/site2
 cd /var/www/html/site2
echo "===> SITE 2 <===" > index.html
step 2 : configure the web page
cd /etc/httpd/conf.d
vi site2.conf
NameVirtualHost *:80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.site2.b23.com
DocumentRoot /var/www/html/site2/
</VirtualHost>

step 4 : verify the synax

apachectl configtest
output was ok
step 5 : restart httpd service
systemctl restart httpd
systectl enable httpd
systemctl stop firewalld
in browser
192.168.145.10

if you want to access web page with name then please maintain entries in dns server
vi /var/named/fwd-b23.com
at the end add below entry
www.site2 IN A 192.168.145.10

step 1 : import the web page

mkdir /var/www/html/site3
cd /var/www/html/site3

step 2 : configure the web page

cd /etc/httpd/conf.d
vi site2.conf
NameVirtualHost *:80
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.site2.b23.com
DocumentRoot /var/www/html/site2/
</VirtualHost>

step 4 : verify the synax

apachectl configtest
output was ok
step 5 : restart httpd service
systemctl restart httpd
systectl enable httpd
systemctl stop firewalld
in browser
192.168.145.10

if you want to access web page with name then please maintain entries in dns server
vi /var/named/fwd-b23.com
at the end add below entry
www.site2 IN A 192.168.145.10

==============
3. port based : multiple web pages publishing through different different
port numbers.

www.site1.b23.com:80
expecting is
www.site4.b23.com:8080

step 1 : import the web page

mkdir /var/www/html/site4
cd /var/www/html/site4

step 2 : configure the web page

cd /etc/httpd/conf.d
vi site4.conf
NameVirtualHost *:8080
<VirtualHost *:8080>
ServerName www.site4.b23.com
DocumentRoot /var/www/html/site4/
</VirtualHost>
step 3 : right now http is listening on 80 . we are going make http to
list on both 80 and 8080
vi /etc/httpd/conf/httpd.conf
Listen 80
Listen 8080
if you want to access web page with name then please maintain entries in dns server
vi /var/named/fwd-b23.com
at the end add below entry
www.site4 IN A 192.168.145.10

in browser :www.site4.b23.com:8089

customizing application or web site logs

mkdir -p /var/log/httpd/applogs/site1
mkdir -p /var/log/httpd/applogs/site2
mkdir -p /var/log/httpd/applogs/site3

NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.site1.b23.com
DocumentRoot /var/www/html/site1/
ErrorLog /var/log/httpd/applogs/site1/error.log
CustomLog /var/log/httpd/applogs/site1/access.log combined
</VirtualHost>

1** (100) = web site information ===> information

2**(200) = Ok web site is accessible 200=ok, fine, web site is
accessible. ===> fine
3**(300) = Redirection webpage is accessible and redirecting
to different page or content ===> fine
4**(400) = client error end user doen't have access to web
page, proxy problem at client side. ===> problem at client side
5**(500) = server error issue at web server level. eg : Bad
gateway,httpd version is not supporting at server end, authentication issue at
server end. =====> problem at web server
end
commands to test the web pages access or availability.
elink : elinks www.goog.com
wget : wget http://mirror.centos.org/centos/7/os/x86_64/Packages/vsftpd-3.0.2-
28.el7.x86_64.rpm
the above command will work from linux box

wget http://mirror.centos.org/centos/7/os/x86_64/Packages/vsftpd-
3.0.2-28.el7.x86_64.rpm

compression commands
zip
tar
gzip

how to compress the directory?

syntax : zip -r destionation source
zip -r /opt/webdata-14-04-2021.zip /webdata

unzip zipfilename
unzip /opt/webdata-14-04-2021.zip
how to list out zip file content
unzip -l /opt/webdata-14-04-2021.zip

TAR (tape archive)

syn:
tar -cvf /opt/webdata-14-april-2021.tar /webdata
c = create
v = verbose
f = files
how to list out content of tar file
tar -tvf /opt/webdata-14-april-2021.tar
extract
tar -xvf webdata-14-april-2021.tar
x = extract tar file
gzip or gunzip
gzip is a advanced tool for zip
gzip supports only files
zip supports both files and directories.
gzp : after compressing file there will not be source file. the source file will
compressed. no more source
zip : after compressing source and destination file will be there . both will be
there.

COMPRESS:
gzip batch21
EXTRACT
gunzip batch21.gz

zip ==> compression

tar ==> archive no compression
gzip ==> compression
old or unwanted compress and keep in the location
we can save disk space

housekeeping
troubleshooting
performance tuning
ITIL
Housekeeping - 15-April-2021

OS partition
/boot
/
/var
/tmp
/home

monitoring system: Nagios

received monitoring alert for /var partition like partition reached 80 %

utilization, how you handle this alert?
alert ==> create ticket ==> assigned to respective team(Linux=Linux,
windows=windows team)

opertations team will provide 24/7 support.

operations= 24/7
build team = general shift
patching team = general shift
A shift = In 6 AM 2 PM
B Shift = UK 2 PM to 10 PM
C shift = US 10 PM to 6 AM

you always will be in ticketing tool to monitor tickets.

*** ticket arraived in ticketing tool ==> acknowledge the ticket ==> understand
the ticket ==> /var partition is crossed 80 % utilization. server details will be
in ticket.
ack is nothing but assigning ticket with your name and make status is in progress

Action 1 : delete unwanted and old data from /var partition

cd /var enter into /var partition
and check which file/directory consuming more space
cd /var && du -hs *
in this output we can observ which file and size of file
here you can see some files and directories which are required .
cd /var
du -hs *
rm -rf unwanted data
find /var -type f -mtime +90 -exec rm -rf {} \; ====> delete unwanted
data nothing olderthan 90 days logs.

Action 2 : compress or move if data is important

before compression = 1 GB
after compression = 100 MB how much space we are able to save near to 900 MB.
cd /var
du -hs *
 mv file /datapartition
why gzip no more original only compresses original 1 after 100 MB = 100
MB
why not zip original and compresses 1 +100 MB = 1.1 GB

gzip file1

find /var -type f -mtime +5 -exec gzip {} \;

in system we have total 90 days data in that 85 days data compressing.

till now deleted older than 90 days data and compressessed +5 to 90 days data.
but no luck still /var partiton not under threeshold.

Action 3 : extend the partition space

10 extending to 15

*** received monitoring alert for /boot partition like partition reached 80 %
utilization, how you handle this alert?
alert ==> create ticket ==> assigned to respective team(Linux=Linux,
windows=windows team)

/boot = 512 MB
what kind of data will be in /boot partition?
bootable files like kernel files
/boot/initramfs, systemd files
important point : /boot partition will be in standard method. remember we
can't extend the partition.

Feb patch 1 = kernel files will store in /boot partition can be deleted
may patch 2 = kernel files will store in /boot partition can be deleted
sep patch 3 = kernel files will store in /boot partition previous keep only
current one previous
Nov Patch 4 = kernel files will store in /boot partition running

received monitoring alert for /home partition like partition reached 80 %

utilization, how you handle this alert?
alert ==> create ticket ==> assigned to respective team(Linux=Linux,
windows=windows team)

Action 1 : delete unwanted and old data from /home partition

inside /home partition what data will be there?
users home directories
so there is chance users will store unwanted data inside there home
directory.
cd /home
du -hs *
here we can identify which user home directory is occupying more space
from /home partition
suppose prasad user home directory consuming more space. what is our action

send mail to prasad mentioning that you home directory consuming more space.
request : requesting you to cleanup unwanted data. in case there is any
application please move it to application respective folder. don't application
inside your home directory.
warning : don't keep personal data inside your home directory.

looping prasad manager in cc

 putting prasad manager in to and request manager to follow up with prasad on
housekeeping alert.

action2: extend the partition space

received monitoring alert for /tmp partition like partition reached 80 %

utilization, how you handle this alert?
alert ==> create ticket ==> assigned to respective team(Linux=Linux,
windows=windows team)

Action 1 : delete unwanted and old data from /home partition

cd /tmp
du -hs *
rm -rf files
Action 2 : noticed some application or db users stored some files here.
polite handling
send mail to application or db users mentioning that noticed you
kept some data in /tmp. Kindly move from here.
proccesswize handling
directly remove the data from /tmp.
because no one should keep personal or application data in /tmp
partition. so administrator will have rights to delete

/tmp is for keep temparary files . it will used by applications.

received monitoring alert for / partition like partition reached 80 % utilization,

how you handle this alert?
alert ==> create ticket ==> assigned to respective team(Linux=Linux,
windows=windows team)

action 1 : delete unwanted and old data from / partition

action 2 : compress important data
action 3 : extend the partition space

*** There is enough space in /data partition but couldn't able to copy or create
new file inside /data partition. how to identify the issue and resolv?
possibility 1 : inode are full for partition
space
inode both are important to use partition
inode unique number for file and directory(AADHAAR)
100 GB 500 KB Inodes
created by mistake so many empty files.
empty file will not occupy space but it occupies the inode.
we have only 500 KB Inodes are full now. but there is space.

if nodes are full then we can use the space.

how to find out inodes utilization
df -hi
noticed inodes are full for one of partition
action 1 : delete unwanted and empty files
/data

find /data -type empty -exec rm -rf {} \;

but no luck much inodes are not free up.
action 2 : extend the partition space
along with space kernel will allocate inode numbers also
*** Inodes are full for one of the partition, how you will handle?
action 1 : delete empty and unwanted files
action 2 : extend the partition space
is there any way to extend only inode numbers instead of space?
no
we can't extend inode numbers. kernel will allocate inode number along
with space.

*****Possibility 2: partition is write protected

partition is protected with write permissions

action 1 : check partition is mounted with read only

mount
no partition is mounted with read and write but still couldn't able
create files
action 2 : special protection applied using chattr

i = immutable
lsattr /
----i----------- /b23application
there is write protection

applying write protection ======> chattr +i /b23application

only root will apply
remove write protection ======> chattr -i /b23application

SUDO
super user do

* we can allow normal user to execute super user commands. Like lvcreate, useradd,
usermod.
by default normal user can not execute sbin catorogy commands.

using sudo we can achive granting SBIN catogory commands to normal users.
visudo
or
vi /etc/sudoers

which command is recommended is visudo. because it verifies the syntax of file.

incase there is wrong syntax in sudoers file here visudo will not allow you to come
out
without correcting it.

syntax
root ALL=(ALL) ALL

username hostname=options commands

prasad ALL=NOPASSWD: cmd1,cmd2,cmd3

prasad,raja ALL=NOPASSWD: cmd4,cmd5

%groupname ALL=NOPASSWD: cmd6,cmd7,cmd8

How to verify user sudo privilages?

sudo -l

how to execute command through sudo?

 sudo cmd

cmd alias = grouping set of commands

user alias = grouping set of users

Cmnd_Alias OSCMDS=/usr/sbin/lvcreate,/usr/sbin/lvremove,/usr/sbin/vgcreate,/usr/
sbin/pvcreate,/usr/sbin/vgs,/usr/sbin/lvs,/usr/sbin/useradd,/usr/sbin/usermod,/
usr/sbin/userdel,/usr/sbin/groupadd,/usr/sbin/groupmod,/usr/sbin/groupdel

raja ALL=NOPASSWD: OSCMDS

User_Alias OSUSERS=raja,babu,prasad,ramu

OSUSERS ALL=NOPASSWD: OSCMDS

someone removed lv as a administrator how to identify who deleted it?

verify /var/log/secure
here we can find whaterver commands executed as a sudo user.
Apr 16 07:42:16 batch23 sudo: babu : TTY=pts/0 ; PWD=/opt/babu ; USER=root
; COMMAND=/sbin/lvremove /dev/rhel/testlv

sudo related logs will store in /var/log/secure

*** how to restrict commands to particular user?

raja ALL=NOPASSWD: ALL,!cmd4
! restrict the command

*** raja user should able to execute all commands except swith to root user
raja ALL=(ALL)NOPASSWD: ALL,!/usr/bin/su - root,!/usr/bin/su -

JOBS
AT
CRON
at and cron are inbuilt job schedulers. we can schedule script or command using any
of the tool.

eg : today at 11:30 PM IST should run one command that we can schedule through AT
or Cron.
AT =execute job and expairs job . At a time not repeated or not recurring jobs
can possible.
execute job at 11:30 today it will execute but expairs it will re execute
tomorrow.
cron = we can schedule recurring jobs or repeated jobs(cmd or script)

11:30 PM today ,tomorrow,... every day or every week days or every sunday, or every
weekends.

at 7 AM 20 april 2021
yum update

to comeout ctl + d

how to list out scheduled jobs in at?

atq
how to remove scheduled jobs in at?
atrm jobid
atrm 1
 CRON

crontab fields : 6 fields

expain about crontab fields?
1. min (0 to 59)
2. Hours (0 to 23)
3. Day in month ( 1 to 31)
4. Month in year (1 to 12)
5. day in week (0 to 6) 0 sun, 1, mon, 2 tue, ... 6 sat
6. task,script,command

crontab -e
-e for edit
crontab -e
* * * * * task

syntax
min hours dayinmonth monthinyear dayinweek task
10 7 * 05 0
command1

every day at 7 PM execute one job

00 19 * * * command2

only weekends at 6 PM execute one job

00 18 * * 6,0 command3

next and between ,= next

* 18,19,23 * * 6,0 command4 command4 is going to execute at 6,7,11 PM
only on sat and sun

* 14-23 * * 1-5 command5 command5 is going to execute in weekdays

mon-fri between 2 PM to 11 PM.
- between
, next

*** how to identify is particular job is executed or not?

verify cron logs
/var/log/cron
/var/log/cron maintains scheduled job, executed jobs and failed jobs.

there are 2 services

crond
atd
scheduled job but not exeucted what may be the problem?
verify crond service
systemctl status crond
scheduled job not executed what may be the problem?
service not running.
make sure service is up and running

how to list out particular user scheduled jobs? eg: user is prasad

login as prasad and execute

crontab -l

or root user can list out all users jobs

below command is executing by root user
crontab -u prasad -l
even root can modify other users jobs.
cront -u prasad -e

*** crontab -e is not working , how you will edit or add jobs?
cd /var/spool/cron
here we can fine individual files for each and every user
vi prasad

*** how to grant cron tab access to normal users?

by default everyone is allowed . if we create /etc/cron.allow file then everyone

blocked for cronjob.
touch /etc/cron.allow

vi /etc/cron.allow
raja
prasad

Performance tunning

which are critical or core components of server?

proccessor (worker)
Memory(RAM) (mediator between end user to processor)
HDD (storage component)
Network component(eth0)

we should able to identify processor performance(speed).

we should able to identify memory utilization.
we should able to identify read/write speed of disk.
TOP
SAR
using above two commands we can identify processor,ram,and disk performance.
top = processor,RAM and swap performance
SAR = processor,RAM,SWAP,network and hdd performance

Load average
before we start understanding Load averarge we should aware how many processors are
there?
lscpu
4
4 workers are there
4*100=400 %
speed depends on CPU MHZ(mega hearts)2294 mega hearts * 4 = 2294 = 9176 mega heats
is equal to 9 GH
ghz(giga hearts)

at at time system can handle 4 processes because we have 4 processors.

processor = worker
process = task or job
if we have 8 processors, in this situation how many processes can be handled at a
time?
8 processes

Load average is depends on number of proccesors + speed of the proccessors + how

many jobs are proccessings + depends on job size(big or small) = Load average

1 = 100 jobs and capacity 10 if jobs lengthy(big job)

same processor can handle 30 if jobs are light(small jobs)

employee = he supplied or handled 30 per day 17th Nov 2021

same employee = handled 10 per day 18th nov 2021
same person, same capacity but still he done only 10
why?

4 workers the load will be divided between 4 workers

8 workers the load will be divided between 8 workers

load average: 11.00, 11.94, 11.99

pmin last5min last 15 min load average

pmin = present min

last 5 min load average
last 15 min load average
not extact load. It's load avearge

eg: 1 processor
0.1 0 0 ==> very normal he 10 % percentage work in current min last 5 min
nothing
eg : 1 processor
1 1 1 ==> 100% utilized last 1 min and last 5 min also
load is perfect
loading coming and completing . processor is not free.
eg : 2 processor
1 1 1 ===> 50 % is utilized
eg : 4 processors
4 4 4 ===> 100 % utilized
eg : 4 processors
24 40 40 ==> processors are in queue critical

1 1 1 4 = what is the usage 25 %

4 4 4 4 = 100 %
8 8 8 4 = 200 % warning
12 12 24 4 = 300 % critical

4 processors
4 4 4 = 100 % utilization of processors
8 8 8 = 200 % utilization of processors warning
12 12 12 = 300 % utilization of processors critical
1 processor
4 4 4 = 400 % utilization of processors
how to reduce load on processors?
option 1 : adding more processors(cores)
option 2 : kill the running jobs

stopped : executed job and paused jobs in middle.

*** how to run job in background?

cmd &
sleep 10000 &

nohup cmd &

cmd & ==> the command output will print on screen.

nohup cmd & ==> the command output will store in .nohup file

*** how to bring background running job to foreground?

fg %Jobid
how to see background running jobs?
jobs

How to pause or stop the running job?

ctrl +z

there are 1000 stopped processes? whether it impacts to server performance or

not?
Yes unneccessarly stopped processes will consume processor table space.

how to resume stopped job?

kill -SIGCONT %1
kill -SIGCONT %jobid
how to kill the background running job?
kill %1
***
what is zombie? whether zombie will consume cpu and memory space or not?

zombie :
1. Zombie is a dead child processes
2. it wont occupies memory or CPU but it will be there in processor table.
reverse question 1 from pannel?
how zombie processes is created?

parent given signal to childs like kill your self and confirm me back.
but child delay to kill him and acknowledge to parent process.
parent will not wait for long time for child process response. parent
will go away.
such child processes will be come zombie
reverse question 2 from pannel?
how to clear those zombie processes?
solution is : reboot server or restart that particular application.
zombie is tomcat application processes id so here which one we have
to restart tomcat service.

1000 zombie processes? is this situation will impact to server performance?

yes
the processor capacity is 2000 processes but in that 1000 zombie(dead)
processes occupied.
definetly impacts to processor.
 processor can't give space to new jobs

reverse question 3 from panel?

how to identify zombie processes?
ps -aux | grep Z
or
ps -aux | grep -i defuct

orphan:
1. is a running process but don't have parent.
2. it's occupies processor & memory
3. systemd will adopt orphan processes.
who will become parent for orphan?
systemd in rhel 7 & 8
initd in rhel 4,5 & 6
zombie orphan
dead process running process
it wont occupy mem or cpu it occupies mem and cpu
reboot is the solution to clear zo reboot is the solution
to regenerate the parent for orphan.

top + 1 we can observe individual cpu usage

us user processes
sy system processes
ni nice processes(priority processes)
id idle : cpu idle %
wa
hi
si

cpu utilization is catoriged

user
system
priority
idle
100 % showing in US how you will hadle this sittuation?
you can request end users to clear unwanted processes
***
100 % system processes
solution 1 : reboot
still cpu utilization is more by sy processes
but no luck
solution 2 : it's obnormal . normal case system processes should not consume
more cpu in case sy is consume more then log case with
os vendor(redhat or suse)

Ni = Nice or priority
while triggering task we can provide priority
renice -1 pid first priority
renice 20 pid default

id % idle
eg 95 % idle is nothing 5 % is cpu utilized
5 % idle is nothing but 95 % is utilizedp

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ CMD

1072 root 20 0 1247552 42360 3720 s 0.664 0.130 20:35.84 Sleep
100000

Here

PR= Priority
NI= setting Priority

-20 = high priority

-19 = second prioirity

VIRT, RES & SHR these three fields are belongs to memory utilization

VIRT = virtual memory

RES = actual memory
SHR = shared memory between two processes

S = state of process
*** how many process states we have?

we have 5 states of process they are as follows

1.R ==> running
2.S ==> sleepong
3.T ==> stopped (Terminated)
4.Z ==> zombie
5.D or I ==> uninterrupt sleep

%CPU: Particular process utiliztion % of CPU

eg: 1 CPU ==> 100%

4 CPU's ==> 400%

*** one of the process is consuming more than 100% CPU how can you handle this
situation?
first we need to know how many CPU's we have in that particular server to do
this execute the below command.
top + 1
==>if you have 4 CPU's then more than 100% CPU utilization to one processor
is not an issue (normal).
==> if you have only 1 CPU then near to 100% CPU utilization will be
critical.

%MEM: whatever the RAM size doesn't matter we will consider it as 100%.

eg: 100GB memory = 100%

50GB memory = 100%

*** how to list out top 10 memory usage processes?

top + n + 10
here we are asking top to print only 10 processes.

top + n + 10 + M (capital M)
M = to sort out the entries with high memory utilizing processes.

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+

CMD
11872 dd1adm 20 0 11.2849 1.5519 36204 s 1.6234 4.9401
6:12.73 java

*** how to list out top %CPU using Processes?

top + n + 10 + P (capital P)
here we will get the top 10 CPU using processes.
this output is also same as %MEM, but here it will sory out with the high CPU
utilization processes.
*** how to list out particular user processes?
top + u + username
or
ps -aux | grep username
==> here ps -aux will show all user processes out of them we are grepping
particular user processes.

*** is there any possibility to kill the process using top command?
top + k + signal + processID
*** how to handle high cpu usage alert in your project?
you are part of UNIX or Linux team.
for your team DL(Distribution List) will be there.
you have to give support 24/7 i.e. 24 hours and 7 days in week you should
support to your project.
there will be monitoring and ticketing tools in an organization. We will
monitor the infrastruture in the monitoring tool. and in ticketing tool we can
track the SR's (service request) and IM's (incident management)

monitoring tool: it's job is to monitor the system (server) and create alert
incase of threshold value is crossed.
eg: 80% cpu or memory (warning) ==> it opens mediam ticket.
90% cpu or memory (critical) ==> it opens critical (high priority
ticket).

Ticketing tool: there will be integration to monitoring tool and ticketing tool.
if it gets any warning message from monitoring tool then it creates
medium ticket by default.
if it gets any critical message from monitoring tool then it creates
high priority ticket by default.

types of tickets:
ad-hock request (or) incident opened by the enduser manually
ticket creted through monitoring system automatically
here we will keep on monitoring the unix team queue and we will ackwnoledge
the ticket as soon as it popped up into our queue.
ackwnoledgement is nothing but assigning the ticket on your name and change
the status of the ticket to in-progress in ticketing tool.
assume the alert is for high CPU utilization
login to the server and execute the below cmd
top + P (capital P)
found the application processes are consuming high CPU then
task 1: transfer the ticket to the application team with the
below message
noticed your processes are consuming more CPU. Kindly
take necessary actions.

task 2: send mail to the application DL with below content.

Hi team,

Received high CPU utilization for xyzserver.

Noticed your processes are consuming more CPU.
Kindly take a look on it (along with the
screenshot of high CPU utilization)
If you noticed system processes are consuming more CPU then
task 1: reboot the server
if still they are consuming more CPU then
task 2: raise log case with the OS Vendor (Redhat)

*** how to handle high cpu usage alert in your project?

ad-hock request (or) incident opened by the enduser manually
ticket creted through monitoring system automatically
here we will keep on monitoring the unix team queue and we will ackwnoledge
the ticket as soon as it popped up into our queue.
ackwnoledgement is nothing but assigning the ticket on your name and change
the status of the ticket to in-progress in ticketing tool.
assume the alert is for high memory utilization
login to the server and execute the below cmd
top + M (capital M)
found the application processes are consuming high memory then
task 1: transfer the ticket to the application team with the
below message
noticed your processes are consuming more memory.
Kindly take necessary actions.

task 2: send mail to the application DL with below content.

Hi team,

Received high memory utilization for xyzserver.

Noticed your processes are consuming more memory.
Kindly take a look on it (along with the
screenshot of high memory utilization)
If you noticed system processes are consuming more memory then
task 1: reboot the server
if still they are consuming more memory then
task 2: raise log case with the OS Vendor (Redhat)

*** everyday at 11.30PM to 12.30AM server is very slow. how can you handle this?
Possibility 1 for the case: may be many cron jobs are scheduled in between
11.30PM to 12.30AM everyday.
cront -l ==> to see one person processes
to identify all users processes at the same time
cd /var/spool/cron
ls
here you will see files with user names.
you can open and observe one by one user files.

we came to know 10 jobs are scheduled in between the same

time.
solution: schedule jobs in some intervals as below.
job1 11.30 PM
job2 11.45 PM (if it is small task)
job3 11.47 PM

Possibility 2 for the case: may be may users logging in and executing
multiple jobs at the same time.
last | more ==> to know the users who logged into the
system at particular time.
noticed few users logged in at the same time and being in
the system for 2 hours.
 you are root user you can switch to any normal user and
execute the history command to know what kind of tasks he was performing.
root cause was: multiple users ae executing jobs manually at the
same time.
solution : fix time for user to execute the jobs.
user 1: 11.30PM
user 2: 11.50PM
here requesting the users over mail or through meeting to
follow above solution.
we have done these 2 steps but still it is slow then we need to extend
the CPU (processor)

==> if we have valid reason then we can extend the CPU

==> if we have valid reason then we can extend the memory as well

*** how to kill multiple jobs at a time?

kill pid1 pid2 pid3 pid4 ==> normal kill
kill -9 pid1 pid2 pid3 pid4 ==> forceful kill or interrupt and kill
kill -15 pid1 pid2 ==> refresh

pkill processname1 processname2

Difference between kill and pkill:

kill ==> to kill the process based on processID (pid)
pkill ==> to kill the process based on processname.

SAR
system activity report

top = we can analyze live server performance. there is option to get historical
data(cpu,memory,swap).
1 hour back how was cpu usage that can't possible in top command.

sar = sar has capacity to store historical or old data of cpu/mem/swap/disk

perform/network and all.

pkg = sysstat
service = sysstat
by default 1 month data will be captured.
last 30 days data will be available in /var/log/sa directory.
we can observ individual process cpu and memory usage in top command but simular
data will not load in sar.
in sar we will get overall usage like Total memory usage and total cpu usage.

Drawback is we can't get individual process usage. it gives only over cpu and
memory usage.
advantage : last 30 days over all usage data will available. (/var/log/sa).

# Activity reports every 10 minutes everyday

*/10 * * * * root [ -x /usr/lib64/sa/sa1 ] && exec /usr/lib64/sa/sa1 1
1

# Update reports every 6 hours

55 23 * * * root [ -x /usr/lib64/sa/sa2 ] && exec /usr/lib64/sa/sa2
-A
 sar -r 1 1
-r memory usage first 1 is interval second repeate times
sar -r 5 5
every 5 sec repeat 5 times
sar -r 2 10
every 2 sec interval and repeat 10 times

sar -u 2 10
-u cpu usage
every 2 sec interval and repeat 10 times
-r mem (sar -r 1 1) 1 time
-u CPU (sar -u 1 1)
-S swap (sar -S 1 1)
-d block device(disk) (sar -d -p 1 1)
-n nfs
-q load average with queued processes
sar -q 1 1
historical data
sar -r 1 1 ==> live
sar -r -f /var/log/sa/sa20210419 ===> historical analyzing 19th
april 2021 memory usage

by default every 10 min sa1 module collects over usage

*/10 * * * * root [ -x /usr/lib64/sa/sa1 ] && exec /usr/lib64/sa/sa1 1 1
if i want to customize it to every 5 min?
vi /etc/crond.d/sysstat
*/5 * * * * root [ -x /usr/lib64/sa/sa1 ] && exec /usr/lib64/sa/sa1 1 1

with help of crontab sysstat(sar) collecting data.

SA1 =/usr/lib64/sa/sa1
SA2 =/usr/lib64/sa/sa2 23 is nothing but 11 PM
sadc = /usr/lib64/sa/sadc

55 23 * * * root [ -x /usr/lib64/sa/sa2 ] && exec /usr/lib64/sa/sa2 -A

cummulative data of day will be collected and stored data in todays
date file and same time creates new file for tomorrows.

sa1 module : collects data from server with help of crontab (10 min)
sa2 module : collects cummulative data and creates file for
tomorrows(11:55 PM)
whole day data
sadc module : which will collect data and give it to sa1 and sa2
system activity data collector
sadc collects data and pass it to sa1 and sa2

/usr/lib64/sa # ls
sa1 sa2 sadc
df -h
will give the disk usage not disk performance
what is disk performance?
read and write speed
r/w
how to analyze disks performance?
sar -p -d 1 4

Average: DEV tps rkB/s wkB/s areq-sz aqu-sz

await svctm %util
 Average: fd0 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sdb 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sda 3.00 0.00 134.00 44.67 0.17
3.56 52.89 15.87
Average: sdd 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sdc 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sde 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sdg 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sdf 0.00 0.00 0.00 0.00 0.00
0.00 0.00 0.00
Average: sdi 1.33 0.00 38.67 29.00 0.01
4.00 1.00 0.13
Average: sdh 0.33 0.00 1.33 4.00 0.00
8.00 8.00 0.27
Average: sdk 2.67 0.00 49.33 18.50 0.01
2.00 1.00 0.27

await = average waiting 2

after 1 min await 20 on /dev/sdk warning
after 5 min await 40 on /dev/sdk warning
after 30 min await 120 on /dev/sdk critical
after 40 min await 10 /dev/sdk normal
tps = transactions per sec, rkb/s = read kb per sec wkb/s
=write kb per sec
possibility 1 : more read and write transactions on disk
possibility 2 : disk performance has been degreaded solution =
add new disk or replace new disk with high performace

/var is the partition

read transactions are
cd /var
ls
ls -ltr
cat log/messages
more /var/log/secure
write transactions
cd /var/log
touch file1 file2 file3
vi file1
lkfldsafjal;fasd'ffsaf'f
dasfsfas;flf

system will write logs in /var/log directory continuesly.

how to identify no of processes running from one of directory?
lsof /application
lsof /appliation |wc -l

server build
1. vmware
2. cloud
3. physical
Building servers in vmware
regularly we will build servers.
in change or ticket we will find build sheet to build server.
we will build the servver as per build sheet.

step 1 : we will login to vcentre and deploy server using existing

templates
step 2 : after deploy virtaul machine we will do post build activities
like creating extra partiton, creating extra users,installing any extra pkgs and
all as per build infromation.
step 3 : update newly build information in inventory management tool
like downtime contact person, .....
step 4 : hand over server to respective owner

what is prerequiesite :
hostname, IP, OS, ram, disks,cpus
where to find this information for new server?
in ticket we will find build sheet.
templates or ready images or ready OS
RHEL7.2_App_Ready_Template
RHEL7.5_App_Ready_Template
RHEL7.9_App_Ready_Template
RHEL7.2_db_Ready_Template
RHEL7.5_db_Ready_Template
RHEL7.9_db_Ready_Template
windows2019_App_Ready_Template
windows2019_db_Ready_Template
windows2014_App_Ready_Template
windows2014_db_Ready_Template
suse12.2_App_Ready_Template
suse12.2_db_Ready_Template
suse15.2_App_Ready_Template
suse15.2_db_Ready_Template

appready template = create vm ==> install os ==> harden the server ==>
install application related pkgs ==> convert as template
vmware OS OS
OS vmware
dbready template = create vm ==> install os ==> harden the server ==>
install db related pkgs ==> convert as template

right click and deploy servers

one ogiginal template n number copies vm

how to create template

right click on vm ==> create template ==> name for template ==> in
which storage

responsibilities :
build servers
create/extend partition space
taking care housekeeping alerts/tickets
handling server performance related tickets like high memory,
high cpu usage alerts.
 handling users unable to login issues
resolving ntp related alerts
exporting file system through nfs and mounting it in client
machines based on service request(SR)
performing os patching every quarter

how to decommision the server

there will be change co-ordinator to co-ordinate these type of tasks

change co-ordinator will ask backup team to backup full machine
same time change co-ordinator will ask app or db team to stop the
application
now change co-ordinator request os team to power off server for 7 days
delete server after 7 days in case no complainces.

1. Booting procedure
2. patching
3. how to roll back patching
4. difference between rpm and yum
5. df -h command output is struck
6. process states
7. what is zombie and orphan?
8. difference between zombie and orphan?
9. find related
10. housekeeping alerts
11. users unable to login
12. crontab fields
13. how to handle high memory and high cpu usage alerts
14. at 11:30 PM server performance degraded. how you will
identify root cause and fix that issue
15. how to build servers
16. how to create 1 user in 100 servers
17. how to install 1 packge in 100 servers
18. what is load average
19. how to extend partition space?
20. explain me process of partition creation from scratch.
21. port nunbers of ssh,nfs,dns,ntp, http
difference between rsync and scp
22. raid levels

ITIL
Information technology infrastructure library

follow best practices which will helps in the alighnment of IT

services with business needs.

ITSM = IT service management

service or service provider = worker

business or client = who given work (owner)

service provider will align process for the client.

what is the goal of defining or aligning best practices for busines?
successfully project deliver or support
to create good relationship with business(client)
to get more business from client
 working in IBM ==> unileaver project
employee working in IBM and supporting to unileaver project
service provider is IBM
client for IBM is Unileaver(UL)

IBM will defined best practices,process & procedures for UL.

IBM will follow defined practices and process to support UL.
we can deliver good service to UL

ITIL V3 and ITIL V4

how to follow practices or procudure?

we will difine this process in ticketing tool.

ticketing tool is nothing tracking system.

Service request or change request . could you please do this task

for me
incident: some thing happened unexpectedly which is impacting
business
problem : ever time something is happening repeatedly which is
impacting business, but don't solution for that

Types of processes
1. change management
2. incident management
3. problem management

change: request for change in infrastructure.

create new partition
extending partition space
installing new rpm
upgrading existing pkg
granting access on nfs export file system
granting crontab access
revoking user
extending RAM
extending CPU
performing patching
upgrading only kernel
1 change management
types of changes
A. routine changes
B. standard changes
C. emergency changes

A. Routine changes
patching (every 3 months once we have perform patching for all
servers)
COMS battery replacement every year once
hardware parts replacement
tools upgradation

B. Standard changes
extending partition space
extending RAM
 extending CPU's
installing or upgrading one particular package
customizing kernel parameters
increasing swap
nfs changes
samba changes
ftp level changes
C. emergency
routine and standard changes can become emergency based on
situation.
memory utilization is high?
offered solution is increase RAM. actually increasing RAM is standard
change but situation is critical so we will consider this particular change as
emergency and increase RAM imediatly.

eg : there will be business impact incase we didn't execute change imediatly

that kind of changes we call as emergency changes.

patching activity is scheduled, what is the change process?

RFC ==> CR preparation with CEP ==> TAB ==> CAB ==> go or no go call ==>
implement change
to complete above process we take 7 day time.
RFC = request for change
CR = change request
CEP = plan step by step plan nothing but change execution plan
CAB = change advisory board
TAB = technical advisory board

change management team (PMO) 5

Incident mgmt team 5
problem mgmt team 2
the above teams not technically experts. they are just co-ordinators and they
make sure team is following process.

one of the change we want perform in project. this particular change should carried
away by change management team
there is one incident, this particular incident should be co-ordinated by incident
management team.
your not part of change,incident and problem mgnt team.
your owner of change,incident and problem.

patching
RFC = change management or OS team

extend RAM : requested by db team

RFC = DB team
stage 1 : RFC (monday or before monday)
stage 2 : CR or CEP preparation (tue or before)
steps
stage 3 : conduct TAB meeting. schedule part will be taken care by change
co-ordinator ( tue or before)
technical advisory board(SME or architects)
owner is prasad
prasad will present his plan to sme's or architects
sme's(subject mater expert) will give advises on change.
stage 4 : every week CAB meeting will be there with client SME and service
provider SME's (wensday)
CAB = change advisory board
 every week wensday CAB meeting will run
stage 5 : go or no go call (thur)
in this meeting pmo, client smes, our smes, delivery lead. here
they will discuss we planning so and so changes
delivery lead or manager knows what is happening at business
level.

festival on wen
saturday in case application down on saturday due this change
so customers can't access application(amazon.com)

go ==> procced to execute change in weekend

stage 6 : change co-ordinator will open meeting at change scheduled time
respective teams will join and complete their respective task

Incident Management

SLA = service level aggrement

aggrement between service provider and client.
INCIDENT SLA

SLA
catogory Response ACK Resolve Restore RCA
P1 - critical 15 min 4 hours 1 working day 2 working days
P2 - High 15 min 8 hours N/A N/A
P3 - media 30 min 2 working days N/A N/A
P4 - Low 1 hour 7 working days N/A N/A

P1 = priority 1(critical) incident is impacting to business then we consider that

incident as P1.
business impact means revenue(profit)
acknowledge : assign incident with your name and make status as in-progress
penalty : in case shift engineer not aknowledge ticket with in 15 min then
service provider company has to pay penlty to client.

shift engineer identified P1 ticket. there is business impact then shfit engineer
has been loop or involve incident management team.
incident management team opens conference meeting with respective teams
also incident management team will inform business owner(client) and delivery
leads about the incident over email.
all the teams will join in conference meeting and start understanding
incident and fix
incident management team sends mail to client and delivery leads every 30 min
abour incident status.

Linux L2 tried not fixed so he involved L3 now L3 is trying to fix the issue.
evey L3 couldn't not able to fix so he involved SME and architech.
finally sme fixed issue

http://application
it's not opening web page
or
sessions are getting timed out
solution : ntp restart

RCA = root cause and analyze

root cause for incident and close that thread
RCA : server went into hung mode due to high memory utilization
fix : extended RAM from 4 GB to 8 GB
/application partition unmount , due to this application is not working
RCA : there is no fstab entri about file system
fix : instruct all linux team that make sure we enter the file system details
in /etc/fstab

RCA :/var is 100 % full due to this server went to hung mode.
extend : extend some more space to partition

production : which is generating revenue for company (www.amazon.com)

DR : 5 days server is down do you think is it P1 ? No
QA : 10 days server is down do you think is it P1? No
DEV:
LAB:

ticketing tools
service now (snow)
service manager(SM)
JIRA
remedy

incident flow
ticket arraives in your queue ==> open or new state ==> ack and change status
to in-progress ==> if we done with icident ==> change status to resolved ==> once
we get confirmation from incident owner ==> close ticket

open/new ==> in-progress ==> resolve ==> close

problem:
same incident is repeating but we don't have permanent solution for that that
kindly of incidents we consider as problems.
every day at 11 PM server is rebooting
but we don't have RCA for that . this is problem

open case with OS vendor for permanent fix

change first lab ==> dev ==> qa ==> prod ==> DR

AZURE

platforms
1. Physical
2. virtual
3. cloud( gcp,ms azure,aws )
gcp = google cloud platform
azure = microsoft cloud
aws = amazon web services

1. Build the servers

2. setup the network
3. DNS
4. Load balancer
5. disk management
 6. Backup management(snapshot & full machine backup)
7. IAM (Identity access managment)

pay-as-you-go

600 rupees.
Creating account in azure portal
portal.azure.com

resource group and resources

resource : vm, db, load balancer, virtual network, backup, dns

azure will not allow you to run resource as standalone. we have assign each and
every resource with one resource group.

subscription ==> resource group ==> resource

production subscription ==> batch23rg ==> testvm1

task 1 : create resource group

azure service is available for 64 regions.

region is nothing contry or one data centre.

task 2 : create virtual network

search ==> virtual networks

ip address
vnet 10.0.0.0/16
subnet : 10.0.1.0/24
subnet : 10.0.2.0/24

task 3 : create vm
make sure size we selected as B1S 1 cpu 1 gb ram per month 546 rupees

1. Build
A. through portal
B. trough shell
C. through ARM template(Azure resource manager)

create resource group through shell.

az group create --location eastus -n batch23rg
create vnet(virtual network) along with subnet
32 bit
10.0.0.0/16 vnet
10.1.0.0/24 subnet1
10.2.0.0/24 subnet2
10.2.3.0/24 subnet3
RG=batch23

az network vnet create -g ${RG} -n ${RG}-vNET1 --address-prefix 10.1.0.0/16 \

--subnet-name ${RG}-Subnet-1 --subnet-prefix 10.1.1.0/24 -l eastus

without vairable

az network vnet create -g batch23 -n batch23-vNET1 --address-prefix 10.1.0.0/16 \

--subnet-name batch23-Subnet-1 --subnet-prefix 10.1.1.0/24 -l eastus
deploying vm
az vm create --resource-group batch23rg --name WEBSVR1 --image UbuntuLTS --vnet-
name batch23rg-vNET1 \
--subnet batch23rg-Subnet-1 --admin-username babu --admin-password "India@123456"
--size Standard_B1s

Dev machine: produciton

standard hdd premium ssd
IOPS = input output per sec
throughput = gateway or gate

How to deploy server using ARM template.

search ==> deploy a custom template ==>Build your own template in the
editor ==> Load file ==> save

step 1 : customize parameter file with correct machine name, resource group, vnet
and other details
step 2 : these paramter and template jsons files we will get from client or
seniors.
step 3 : we will deploy server using azure portal
searh ==> deploy a custom template ==>

NSG(network security groups)

Internal firewall

firewall will control the in and out traffic

destionation with portnumber will be monitored by the nsg.

allow and deny traffic.

task1 :created new nsg without any rules(inbound/outbond).

task 2: associated vnet inside nsg
task 3: deploy vm and our nsg

az vm create --resource-group batch23rg --name b23server1 --image UbuntuLTS --vnet-

name VNET1 \
--subnet VNET1-Subnet-1 --admin-username testuser --admin-password "India@123456"
--size Standard_B1s \
--nsg batch23rg-nsg

inbound: source==> azure machine destination is ==> remote machine

file storage(nfs/smb)

create volume and mount across servers

pre-requisites is storage account: we are registering with microsoft for storage.

granting access only to particular network

1. analyzing security vulnerability report and remediating with change

process.
2. Installing symantec antivirus tool on linux servers

*** what is the tool your using for scan vulnurabilities?

nexpose or qualis guard

1. Nexpose
2. Qualis quard

we have tools team who configured nexpose tool. which will discover servers which
are in netwrok.

192.168.145.0/24 if we mention subnet in nexpose tool automcally

servers will be discovered in nexpose tool.

1.The umask value was found to be 0022 but was expected to be 0077
solution: vi /etc/login.defs
2.Java upgradation
3.Permitrootlogin is enabled
4.patching is required
5.update kernel parameters
6.Permissions related vulnurabilities
/etc/fstab some how given 777 it is a vulnurability
solution : the right permissions are 644

sep : symantec endpoint protector

step 1 : install 32 bin glibc pkg

rpm -ivh glibc-32bit-2.30-2.3.x86_64.rpm
step 2 : extract sep.zip file
unzip SEP14RU1-Linux-RPM.zip
grant execution permissions
chmod a+x install.sh
step 3 : execute installer file
./install.sh -i

start the sep service

systemctl start symcfgd.service
systemctl enable symcfgd.service

step 1 : create hubrg,vnet and vm

# creating resource group
az group create -n hubrg -l eastus
# creating vnet1 in hubrg
az network vnet create -g hubrg -n hubrg-vnet1 --address-prefix 10.1.0.0/16 \
--subnet-name hubrgvnet1-Subnet1 --subnet-prefix 10.1.1.0/24 -l eastus
# creating vm1
az vm create --resource-group hubrg --name hubrgvm1 --image UbuntuLTS --vnet-name
hubrg-vnet1 \
--subnet hubrgvnet1-Subnet-1 --admin-username babu --admin-password "India@123456"
--size Standard_B1s

step 2 : create spoke1rg,vnet and vm

# creating resource group

az group create -n spoke1rg -l eastus
# creating vnet1 in spoke1rg
az network vnet create -g spoke1rg -n spoke1-vnet1 --address-prefix 10.2.0.0/16 \
--subnet-name spoke1rgvnet1-Subnet-1 --subnet-prefix 10.2.1.0/24 -l eastus
# creating vm1
az vm create --resource-group spoke1rg --name spoke1rgvm2 --image UbuntuLTS --vnet-
name spoke1-vnet1 \
--subnet spoke1rgvnet1-Subnet-1 --admin-username babu --admin-password
"India@123456" --size Standard_B1s

step 3 : create spoke2rg,vnet and vm

# creating resource group

az group create -n spoke2rg -l eastus
# creating vnet1 in spoke2rg
az network vnet create -g spoke2rg -n spoke2-vnet1 --address-prefix
192.168.0.0/16 \
--subnet-name spoke2rgvnet1-Subnet-1 --subnet-prefix 192.168.1.0/24 -l eastus
# creating vm1
az vm create --resource-group spoke2rg --name spoke1rgvm3 --image UbuntuLTS --vnet-
name spoke2-vnet1 \
--subnet spoke2rgvnet1-Subnet-1 --admin-username babu --admin-password
"India@123456" --size Standard_B1s

step 4: peering from hubrg-vnet1 to spoke1rg-vnet1

note : make sure we are in hubrg vnet and click on peering
go to hubrgvnet ==> peering
step 5: peering from hubrg-vnet1 to spoke2rg-vnet1
note : make sure we are in hubrg vnet and click on peering
go to hubrgvnet ==> peering

step 6 : VNG creation

task 1 : click on hubrgvnet1==> subnet ==> create one
subnet(extra subnet) for vng

IAM (identity access management)

Azure portal access management not server level access.

roles
owner ==> full permissions
contributor ===> full permissions except IAM
reader ==> only read permissions
we can grant permissions on particular resource

step 1 : create users

azure active directory

naukri.com
 Linux + Azure + years of experience + 5

10 resume

3 years = min 5 laksh

our students
3 year = min 4.5

meghna --> accenture contract will be for candidates supply.

meghna is company they will hire employee and deploy into client accenture.
meghan is company they will hire employee and deploy into IBM.

between meghna and IBM for each emplyoee 4 Year 10

Meghna will try pay only 6 lakshs. per year 4 lakshs on one candidate.

working person his 7 with 4 Years of experience

4 year 5 lakhs

prasad hired by meghana deployed into accenture.

who is my pay roll company? meghna
which is the company paying salary to employee
who will give offer letter to employee?
meghna
where candidate will work?
accenture

recruter will call you and few details to schedule interview

company : tech
CTC = 4.5 cost to company
expection : 30 % hike on my current CTC
i am expecting 6 lakhs per an

is it neg ? yes
what is your official notice period? 1 Month is our notice period
in naukri i am going to specify 15 days

a shift ==> 6 AM to 3 PM will not pay any shift allowance

b shift ==> 2 PM to 10 PM 250 per days
c shift ==> 9 PM to 6 AM 750 per day

rotational shifts

20 members team
2 3 3
first week prasad first shift(morning shift)
second week prasad second shift (afternoon shift) 5 * 250 =
third week prasad in c shift (night shift) 5 * 750 =
4th week of month he will get first shift

shift roaster will be there

30 members
 200 servers team size 8 members

we are giving 24/7 support for 200 servers

communicators
my teams (micro soft)
skype
slack

mail :
outlook(ms)

how to setup the singature in outlook

outlook ==> file ==> options ==> mail ==> signatures.

=======================> Fixing boot up issues in VMWARE

and AZURE Platforms <=======================

1. performed patching but server is not coming up after reboot.

scenario 1 : VMware environment
scenario 2 : Azure environment

console : virtual machines ==> Vsphere/Vcentre

console for physical machines ==> HP ILO , DELL IDRAC
console for Azure machine ==> Searial console in azure portal

we will decide based on error message on console.

could not able to mount root disk or root file system.
Grub error
kernel panic error:
couldn't able to load process
couldn't able to mount / file system
couldn't find libraries

approach is take machine into rescue mode and apply the right solution.

Vcentre/vsphere
1. Shut down the virtual machine.
2. Click the virtual machine in the Inventory.
3. Right click Edit Settings.
4. In the Virtual Machine Properties dialog, click the VM Options tab.
5. Under Boot Options, select the check box for Force BIOS setup.
6. Click OK to save the changes.
7. Power on the virtual machine
8. Open a VM console and navigate to the BIOS > Boot section
9. Make your boot order selection and save

Trobleshooting ==>Rescue a redhat hat ==> skip to shell ==> repairing OS

file systems.
OS file systems: / , /var, /boot, /home, /tmp
is it possible to unmount / file system when machine is running? no
is it possible to unmount /var file system when machine is running? no
without unmount we can not repair file system
 Going repair / file system in rescue mode.

step 1 : make sure your in rescue mode

step 2 : enable vg
vgchange -ay
step 3 : Repair os partitions
xfs_repair /dev/vgname/lvname

How to repair normal partitions?

we will get downtime to unmount the partition . after unmount the partition
then we will repair the file system.
Step 1 : umount /data1
error : file system is busy
1 . we are inside mount point
2. still application or db processses are using partition. how to
find out which are processes are using partition?
lsof +D /data1
we identified some processes are running. then we will reques
them to completly stop processes. still we can see some processes are using
partition.
if they ask you to kill processes then kill pid and make sure nothing
is running from partition.
step 2 : Repair the file system
xfs_repair /dev/vg/lv
e2fsck -y /dev/vg/lv

fstab file entries are missing:

rescue ==> add fstab entries
forgot root password
rescue ==> reset the root password

bios
MBR ==> grub error
grub ==> grub will decide which kernel has boot
kernel
mount initramfs
load drivers and modules
mount original / file system

kernel in panic what to do next

ANSIBLE

Infrastructure as code or ansible is a configuration management

tool for infrastructure.

eg for configuration management.

1. install one of the pkg in multiple system
any task want to perform in multiple system there we can preper ansible.

playbooks
play = task or 1 task
playbook = collection of tasks

Task1 = install one pkg in Dev system(100) then do the configuration

changes and start the service. one play
Task2 = create some users and install java
using ansible tower(GUI) we can run or schedule this playbook.

YAML language

play and playbooks we will write in YAML language.

configuration mgmt : Installing pkg in multiple nodes

uninstallation
kernel parameters
useradministration
nfs configuration
centos (free)
redhat (free) support then pay money

1. install and configure Ansible

2. integrate client machines with ansible(password less configuration)
3. execute ad-hoc commands to inventory(list of servers)
4. write simple playbook and run for inventory

step 1 : create pkgs repository and include ansible pkgs in

repository
dvd (4000 pkgs) + ansible pkgs in repository
mount dvd , install vsftpd,createrepo, copy pkgs from dvd
to /var/...
include ansible pkgs also to repo folder.

recreate repository using below command

createrepo --update /rhel7.5
Step 2 : install ansible
yum install ansible

Ansible main configuration file is : /etc/ansible/ansible.cfg

inventory : /etc/ansible/hosts
inventory is nothing but list of clients(nodes)

modules : pre-defined programs which are developed in python language

how to list out ansible modules
ansible-doc -l

how to read about module or how get manual page of module?

ansible-doc -s yum
-s summary
yum is a module.

yum zypper
useradd useradd

Step 3 : integrate client machines with master nodes

generate ssh key and share public from master node to client nodes
master node : ssh-keygen
ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.145.100
executing ad-hoc commands for client machine.
step 1 : update inventory
vi /etc/ansible/hosts
[mylist]
192.168.145.138
192.168.145.100

what is your inventory name ? mylist

vi /etc/ansible/hosts
[prod]
192.168.145.138
192.168.145.100
[dev]
192.168.145.137
192.168.145.120

ansible mylist -m command -a "hostname"

mylist = inventory
-m module name command
-a argument " hostname"

ansible mylist -m command -a "id prasad"

create user using user module

ansible mylist -m user -a "name=batch23user"

error : fail to multi lib glibc32

your operating system is 64 bit
glibc32
yum update

yum logs will be in /var/log/yum

rpm -qa | grep glibc32
or
rpm -qa | grep glibc
if there are 32 pkgs which yum is trying update will it success? no becuase
respository is 64 bit pkgs . it can't find 32 bit related pks in respository so we
can fail

solution : exclude 32 pkgs in yum update

yum update
1000 pkgs are 64 bit
2 pkgs are are 32 which are installed manually.
vi /etc/yum.conf
[main]
exclude=*.i?86 *.i686

we are excluding 32 bit all package from update

what is playbook?
collection of tasks or n number plays.

we have implement playbook in yml language.

 we should start with ---
playbook or yml language will not support tab.
it supports only space

yum repolist zypper lr

yum search pkg zypper se pkgname
yum remove pkg zypper remove pkgname or yum remove pkgname
yum install pkg zypper install pkgname

how to remove repository

zypper rr sles12sp3byprasad
how to create repository with local pkgs
zypper addrepo nfs://localhost/media prasadrepo
how to disable repository
zypper mr -d prasadrepo
how to enable repository
zypper mr -e prasadrepo
how to configure remote machine repository?
zypper addrepo nfs://192.168.145.100/media prasadrepo

playbook

------------------
vi /root/vsftpd.yml
---
- hosts: mylist
tasks:
- name: installing vsftpd pkg in linux machine
yum:
name=vsftpd
state=installed

ansible-playbook /root/vsftpd.yml --check

ansible-playbook /root/vsftpd.yml
-------------------------------------------------------------
---
- hosts: mylist
tasks:
- name: installing vsftpd pkg in linux machine
yum:
name:
- nano
- telnet
- vsftpd
state: present
-----------------------------------------
create file and change ownership

---
- hosts: mylist
tasks:
- name: create file
command: touch /testfilebyansible
args:
creates: /testfilebyanisble
- name: permissions
 file:
path: /testfilebyansible
owner: prasad
group: prasad
mode: '0777'

SHELL Scripting
============
shell is a language. using shell we are going write the simple
programs.

1. harden the server (permitrootlogin, disable common users, apply the grub
password, password policies, kernel parameters, grub parameters)
2. creating partitions ( 2 or 3 servers, in these servers we have create
default partitions, will be near to 20 to 30 partiton)
creating pv,vg,lv,format,add entry in fstab
3. install or upgrade symantec pkg in all servers
4. house keeping tasks( weekly once we will run script which will pull data
like which are the partitions crossed 75 %)
usually we will get alert once partition reach >=80

| cmd1 | cmd2 | cmd3 = command3 will depends on commond 2 and command 2 will
depends on command 1
|| = cmd1 || cmd2 = cmd1 fails then command 2 has to execute
& = send job to back ground
&& = cmd1 && cmd2 && cmd3 = cmd2 will execute if cmd1 success next cmd3 will
execute if cmd2 success
; = cmd1;cmd2;cmd3,cmd4;cmd5 = no relation between cmd to cmd. cmd2 will not
depend on cmd1

awk : print the particular column data from output

df -h | awk '{print $6 " : " $5}'

cat /etc/passwd | awk -F":" '{print $1 " : " $3}'
how to print nomal users?
cat /etc/passwd |awk -F: '{if ($3 >= 1000) print $1}'

sed : stream or string editor

using sed we can search string inside file and replace , delete, modify kind of
tasks we can perform without entering inside file.

vi
/string
:%s/old/new/g
adding also. Insert and add content right
dd
using we can delete particular line
we can add some content
we can replace some content

Replacing string inside file using sed command

sed -i 's/sanepalli/prasad/g' /testfil
add some content once find the string in file
sed -i '/babu/a adding new content' /testfile
delete string line once it find?
 sed -i '/babu/d ' /testfile
print particular line?
sed -n '5p' /etc/fstab
print between lines?
sed -n '3,6p' /etc/fstab

replace string 0 to 2 in last column

sed -i 's/0$/2/g' /etc/fstab

i = insert s = substute g=global $=last column

$ last column
^ is fist column
[root@batch23vm01 /]# grep "^PermitRootLogin" /etc/ssh/sshd_config
PermitRootLogin yes
sed -i 's/^PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
[root@batch23vm01 /]# sed -i 's/^PermitRootLogin yes/PermitRootLogin no/g'
/etc/ssh/sshd_config
[root@batch23vm01 /]# grep "^PermitRootLogin" /etc/ssh/sshd_config
PermitRootLogin no
[root@batch23vm01 /]#

1. Shebang (#! /bin/bash) *

2. variable( system variables and user defined variables)
*
3. Quotes
4. conditional statements
5. Loops
6. Debug mode *
7. Exit codes *
8. options

1. shebang:
by default we have start script with shebang line
eg:
vi /test.sh
#! /bin/bash
h=`hostname`

vi /p1.sh
#! /bin/ksh
program
.....
......
current shell is /bin/sh
echo $0
./p1.sh
identify p1.sh is going to run with which shell?
p1.sh is going to run with ksh shell. because run time shell defined
inside script.

vi /p2.sh
program
--------
--------
--------
the current shell is /bin/sh
./p2.sh
 identify p2.sh is going to run with which shell?
P2.sh will use she bang shell as a run time shell if not difined inside
script then current shell used as a runtime shell.
that is /bin/sh

* what is shebang?
shebang sets runtime shell for program. it's a run time shell.
we are defining shell for particular program.
telling script to run in particular shell.
* is script will execute without shebang?
yes. script will considered runtime shell is current shell
we haven't mentioned shebang line in script in this case script will use
current shell as runtime shell(shebang)

Variables
1. system variables
2. user defined variables

variable is nothing but array which can store the program or value.

echo $HISTSIZE
HISTSIZE is a system variable called using $ symbol
HISTSIZE is a program which can store last 1000 commands.
how to list out system variables?
env
how to list out both system and udv?
compegen -v
how to define udv?
a=1
export HISTSIZE=2000
how to call variable?
echo $a
how to unset variable?
unset a
how to define variable for particular user permanently?
go to home directory of user
cd /home/prasad
vi .bashrc
HISTSIZE=3000
source .bashrc

user defined variables which are unsupported.

2a=value wrong
3_b=value wrong
-ab=value wrong
a-b=value wrong
!

correct or supported variables

start with char and underscore
a_=
_a=20

3. Quotes
" " = it supports commands and variables between quotes
' ' = it just prints the content whatever is between single quotes. it
wont understand variable or command
` ` = to execute command or to call command
" " = echo "my hostname is `hostname`" output my hostname is batch23vm01
' ' = echo 'my hostname is `hostname`' output my hostname is `hostname`

conditions:
arthemetic operators
if conditions
booliean operators

+ = addition
- = sub
\* = multi
expr $a + $b
expr $a + 40
exprt 40 + 20
expr 40 - 20
expr 40 \* 10

> : -gt
>= : -ge
< : -lt
<= : -le
== : -eq
=! : -nq

echo -e "1.linux\t\t2.Solaris\t\t3.SuSE"
\t is tab
\n is new line
\v
-e support extra options in echo
echo -e "1.Linux\n2.solaris\n3.suse"
echo -e "1.Linux\t\t2.solaris\t3.suse"
echo -e "1.Linux\v2.solaris\v3.suse"

1. script for disable root login through ssh and set the banner page

vi script1.sh
#! /bin/bash
echo " script is for disable root login and set banner page"
echo -e " Task 1:\t\t Disabling root login through ssh service"
sed -i 's/^PermitRootLogin/# PermitRootLogin/g' /etc/ssh/sshd_config
sed -i '/^# PermitRootLogin/a PermitRootLogin no' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin/# PermitRootLogin/g' /etc/ssh/sshd_config
sed -i '/^# PermitRootLogin/a PermitRootLogin no' /etc/ssh/sshd_config
systemctl restart sshd
echo " Task 1 is completed"
echo -e " Task 2: \t\t set the banner"
echo " Welcome to google server " > /etc/mybanner
echo " Pleas make sure you are in Google server" >> /etc/mybanner
echo " ****************************************" >> /etc/mybanner
sed -i '/^#Banner/a Banner /etc/mybanner' /etc/ssh/sshd_config
systemctl restart sshd
echo " Task 2 is completed"
===========================================================================
if [ condition -ge value ];then
do
else
do
fi
======================
if [ condition ];then
do
fi
=====================
if [ condition 1];then
do
elif [ condition 2];then
do
elif [ condition 3];then
do
elif [ condition 4];then
do
else
do
fi
==============================

#! /bin/bash
h=`hostname`
d=`date +"%d-%m-%Y"`
echo -e "we are going to harden this server \t : $h"
read -p "Do you want to continue hardening : " yes
if [ $yes = yes ];
then
echo -e "Task 1:\t Disable permit root login"
sed -i 's/^PermitRootLogin/# PermitRootLogin/g' /etc/ssh/sshd_config
sed -i '/^# PermitRootLogin/a PermitRootLogin no' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin/# PermitRootLogin/g' /etc/ssh/sshd_config
sed -i '/^# PermitRootLogin/a PermitRootLogin no' /etc/ssh/sshd_config
echo -e "Task 2:\t Set the banner"
echo " Welcome to google server " > /etc/mybanner
echo " Pleas make sure you are in Google server" >> /etc/mybanner
echo " ****************************************" >> /etc/mybanner
sed -i '/^#Banner/a Banner /etc/mybanner' /etc/ssh/sshd_config
systemctl restart sshd
echo -e "Task 3:\t setting up HISTORY format"
echo 'HISTTIMEFORMAT="%d-%m-%Y %T : "' >> /etc/profile
sleep 1
source /etc/profile
sleep 1
echo -e "Task 4:\t Applying password policies"
sed -i 's/^PASS_MAX_DAYS/# PASS_MAX_DAYS/g' /etc/login.defs
sed -i '/^# PASS_MAX_DAYS/a PASS_MAX_DAYS 60' /etc/login.defs
sed -i 's/^PASS_MIN_DAYS/# PASS_MIN_DAYS/g' /etc/login.defs
sed -i '/^# PASS_MIN_DAYS/a PASS_MIN_DAYS 3' /etc/login.defs
sed -i 's/^PASS_WARN_AGE/# PASS_WARN_AGE/g' /etc/login.defs
sed -i '/^# PASS_WARN_AGE/a PASS_WARN_AGE 7' /etc/login.defs
sed -i 's/^PASS_MIN_LEN/# PASS_MIN_LEN/g' /etc/login.defs
sed -i '/^# PASS_MIN_LEN/a PASS_MIN_LEN 7' /etc/login.defs
else
echo " you selected option is no so existing from script"
exit
fi
==========================================================

#! /bin/bash
read -p " what is user name : " y
useradd $y
read -p "what is password : " p
echo "$y:$p" |chpasswd
=====================================================

send mail configuration

installing send mail tool for sending mail from server

smtp :25
simple message transfer protocol

step 1 : install below pkgs

m4 mailx sendmail sendmail-cf
yum install m4 mailx sendmail sendmail-cf -y
Step 2: replace below parameter in /etc/mail/sendmail.mc
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
to:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
Step 3: push changes from sendmail.mc to sendmail.cf
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Step 4: restart send mail
systemctl restart sendmail
step 5: Host file entry
192.168.145.160 batch23vm01 batch23vm01.localdomain

echo "Test mail from prasad" |mailx -s "Test mail" [email protected]

Body of mal subject
mail id
echo "Test mail from prasad" |mailx -s "Test mail"
[email protected],[email protected]

echo "Test mail from prasad" |mailx -s "Test mail" [email protected]

application & DB

Linux administrator
client : UL, VISA, maruthi,TKS
UL = 5000
TKS
JAVA installation, tomcat installation,

accenture : TKS
oracle
mango
mariadb
java :

ITO : IT operation
subex :

all servers are running in virtual platform. we have vmware

virtual platform which is running esxi 6 and 7 baremetal os.

task 1 : create and extending swap space

task 2 : custominzing kernel parameters
task 3 : ulimits
task 4 : kdump configuration
task 5 : PAM(plugable authentication method)

swap mgmt
1.create new swap file and enable (temp)
2. create new lv and enable the swap (perm)
step 1 : create 1 GB file
dd if=/dev/zero of=/swapfile1 bs=1024k count=1k
step 2 : convert file into swap
mkswap /swapfile1
step 3 : change permissions on swap
chmdo 600 /swapfile1
step 4 : enable the swap
swapon /swapfile1
step 5 : add entry in /etc/fstab
/swapfile1 swap swap defaults 0 0

create new lv and enable as a swap

step 1 : create new lv with required size
lvcreate -L 2G -n swap1 rhel
step 2 : convert lv as a swap
mkswap /dev/rhel/swap1
step 3 : enable the swap
swapon /dev/rhel/swap1
step 4 : add entry in /etc/fstab
/dev/rhel/swap1 swap swap defaults 0 0
extend existing swap lv
swapoff /dev/rhel/swap1
lvextend -L +2G /dev/rhel/swap1
mkswap /dev/rhel/swap1
swapon -a
or
swapon /dev/rhel/swap1
total swap is 5 GB
the swap usage is 2 GB how much is free 3 GB
RAM free is 4 GB
RAM and SWAP both are different
physical virtual

RAM = physical
swap = is a virtaul area or virtual RAM which we will take it from hdd.
swap is going behaviour as RAM but not a original RAM.

* once we disable swap tasks will killed which are there in swap ?
swapoff /dev/rhel/swap
jobs will not be killed, jobs will moved to RAM.

* some jobs struck in swap. how you will enable or push to processor?
swapoff -a

if ram is full then jobs will be kills so before disable swap as a administrator
your responsible to check is there enough ram to adjust swap tasks.

* what is the difference between -L and -l in lvcreate command

-L creating or extending partition space with size based

-l creating or extending partiton space with extenstions
 what is pe= physical extends [ 4 MB]
what is le = logical extends [ 4 MB]

*** what will happen when we covert raw disk to pv?

the size will convert from sectors to PE's
eg : 1 GB = 256 PE's or 256 LE's
there is 100 GB space is available in vg.
25600 PES
lvextend -l +50%FREE /dev/vg/lv1
12800 PE's allocating for lv1

1 PE is equal to how many sectors

2 sec = 1 KB
1 MB = 512 *4 = 2048 sectors required

task 2 : custominzing kernel parameters

kernel is core program of OS.

kenel also one of the pogram of OS.
kernel also program which will follow some instructions. the instruction are
nothing kernel parameters.

how to list out all kernel parameters?

sysctl -a
what is kernel parameter file?
/etc/sysctl.conf

swapiness 30
RAM cross 30 > then swap should get enabled
swappiness 90
RAM cross 90 % then swap will start taking tasks
what is recomended?
90 or 30
90
sysctl -w vm.swappiness=90
sysctl -p

-w write value to buffer

-p make parameter permanent

now requirement is set swappiness value to 95

step 1 : set value in kernel parameter file
vi /etc/sysctl.conf
vm.swappiness = 95
step 2 : apply the parameters as per config file
sysctl -p

what is ulimts
setting up limits to the kernel.
ulimit -a
ulimit configuration file is?
/etc/security/limits.conf

eg : how many processes you want to allow per user

what is max size you want to allow
locking memory
how many users you want to allow

limitting n number processes for user(oracle)

 data base will run with db user(oracle).
1024 processes
that will not enough to run db.
DB team will ask could you please increase number of processes for oracle user

how to set opened files ?

ulimit -n 2048
how to increase max user processes?
ulimit -u 9000

vi /etc/security/limits.conf
nproc - max number of processes
oracle soft nproc 100
oracle hard nproc 10000

for oracle user min(soft) number of processes are 100

for oracle user max(hard) number of processes are 1000
if you want to alloow for the users?
* soft nproc 100
* hard nproc 10000

*** db team complain like we could not able to login getting max number of process
limit is crossed?
login as root and increase nproc value in limits.conf

=================================================Interview
questions========================================
yum update --exclude=java*
vi /etc/yum.conf
[main]
exclude=java

* how to skip the broken packages?

yum -y install yum-skip-broken
* curl is for ping web site or to get the web site status
curl webpage
download web page, download files, to check web site status

*** how to clear the cache memory?

cach is nothing recently opened or exuected tasks .
processor will keep recently opened or executed tasks inside RAM(memory).
recently execute jobs information. who will store ? where?
processor will store inside RAM

anytime we can clear cache? we can clear . there will not be any inturption to
running job.

echo 3 >> /proc/sys/vm/drop_caches ==> clear inactive cache and

active cache and all
echo 1 >> /proc/sys/vm/drop_caches ==> to clear the inactive
cache

LVM1 and LVM2

===================================================================================
=======================

/var/spool/cron/
individual users cron jobs
root
prasad
raja
default jobs : /etc/crond.d

eth0 : primary ip = general communication 10.1.20.31

eth1 : Backup ip = Backup tool will communicate with client machines with this
seperate ethernet card. 192.168.20.31

kdump is nothing kernel dump : dumping kernel activities.

kernel is a heart of the OS , kernel will aware what is happening in system.
some issue is happening like performance is degrading, when we check cpu,memory and
IO is fine.

we can generate kdump. we can share kdump with vendor for RCA.
KDUMP
step 1 : install kexec-tool
rpm -ivh kexec-tools
step 2 : specify kdump size in grub file
include following parameter crashkernel=128M in GRUB_CMDLINE_LINUX=
file path is /etc/default/grub
step 3 : enable kdump service
systemctl enable kdump
step 4 : reboot the server
shutdown -r now

the configuration file of kdump is /etc/kdump.conf

crashing system
echo c > /proc/sysrq-trigger
c crash kernel
b = boot

suse:
zypper update
how to perform minor upgradation
12.3 to 12.4
SLES12 sp3 to sles 12 sp4
zypper migration
1
major version migration
sles 12 to sles 15
rhel 6 to rhel 7

rhel 6.5
rhel 6.7
rhel 7.2

PAM
 pluggable authentication module
authentication means = login
authorization means = access

password: polocies during password reset

while logging in to system = pam will verify account status and allow or deny
AD = we can integrate AD with PAM policies

module : pam_tally2.so

so = shared object (lib)

SbabuSaneSS@123 next

Batch23@4321 1
23B@tch456@ 2
janfebM@r456 3
Batch23@4321 4

How to create 100 users in multiple servers?

jump server
step 1 : create file with remote machine ip's
vi /tmp/slist
192.168.145.138
192.168.145.100
step 2 : create 1 more file with 100 users?
vi /tmp/ulist
user1
user2
user3
step 3 : configure password less between jump host to remaining 100 servers
task 1 : genearate keys
ssh-keygen
task 2 : share public key with remote machines

for i in `cat /tmp/slist`

do
ssh-copy-id -i /root/.ssh/id_rsa.pub $i
done
first we have to enter password for all machines
step 4 : copy file which is having 100 users
for i in `cat /tmp/slist`
do
scp -r /tmp/ulist $i:/tmp/
done
step 5:create simple script to create multiple users
vi /tmp/user.sh
#! /bin/bash
for i in `cat /tmp/ulist`
do
useradd $i
echo "$i:Batch23@passw" |chpasswd
chage -d 0 $i
done
step 6 : copy this script to 100 machines
for i in `cat /tmp/slist`
do
scp -r /tmp/user.sh $i:/tmp/
 done
step 7 : execute script
for i in `cat /tmp/slist`
do
ssh $i "sh /tmp/user.sh
done

========================
[root@batch23vm01 ~]# for i in `cat /tmp/slist`
> do
> ssh $i "hostname"
> done
slesm1
batch23
[root@batch23vm01 ~]# for i in `cat /tmp/slist`; do ssh-copy-id -i
/root/.ssh/id_rsa.pub $i; done

=============================

recent difficult issue you faced?

-----------------------------------------------------------------------------------
----------------------------------------------
1. server performance degraded at 11 PM? application team opened incident for
same.
my senior assigned this job to me.
i started collecting data for same.
here i started performance data at 10:50 PM onward using sar command.
captured and stored in noted
and also verified what are the users logged in at 10:50 to 12 AM between.
and also verified are there any jobs scheduled between 11 to 12
here i identified couple jobs schedule by SAP team as a sapbasis user.
i schedule meeting with sapbasis team to understand what is that script and
what it does. i came to know that script is backing systemdb and tenent db to
remote machine.
here 3 jobs scheduled at 11 to 12 AM so recommended to split jobs with 30 min
gap

solution: i requested sapbasis team to split jobs with 30 min gap

-----------------------------------------------------------------------------------
----------------------------------------------
2. server performence degraded at 11 PM IST.
i was in shift so started diggin more on issue.
as per my analyse cpu was 100 % used between 11 PM to 2 AM.
using sar i have collected previous days data.
next day i connected at 11 PM and started checking server performance. there
i identified rscan process(symantec) was consuming 100 % cpu.
symantec is the colprite for the issue.
when i check with symantec team they said 11o clock scan will trigger for all
servers. we identified (root cause).
i identified root cause for slowness and scheduled meeting with application
team and symantec to finalize the issue.
here symantec team said that is normal usage. so i recommended to inrease cpu
cores.
i recommended to increase CPU cores.
in next weekend we have increased CPU's as per change process.
-----------------------------------------------------------------------------------
---------------------------------------------------
3. devops team compained that server performance is very bad every time.
even i observed that.
executed df -h command and noticed slowness
what ever command executes there is latency(slowness)
when i check cpu and memory usage is very normal . it was below 30 %. but commands
output is coming very slowly.

logged in to vcentre and started anayzing activity logs for that vm.
there i identified one error with that error i requested vmware team to open case
with vmware vendor.
vmware vendor recomended to upgraded the esxi version in hardware
host1(new hardware) ==> esxi 7 ==> vmtools ==> vcentre ==> vm1 . there recent
activity is vm1 migrated.
host2 (old hardware) ==> esxi 6 ==> vmtools ==. vcentre ==>vm2

vmware team identied that vm1 migrated from host1 to host2. here problem is host2
is running with old esxi version(6) and on top of that old hardware component.

solution offered by vmware : migrate back server from host2 to host1

permanent solution is : migrate esxi 6 to esxi7

-----------------------------------------------------------------------------------
----------------------

disk ==> partitons ==> 3 partitons are created

partition1 = /app1
partition 2 = /app2
partition 3 = /app3

/dev/sdc alias name /dev/appdisk1

/dev/sdd alias name /dev/appdisk1
pvcreate /dev/appdisk1
vgcreate appvg /dev/appdisk1
lvcreate -L 100G -n app1 appvg
lvcreate -L 100G -n app2 appvg
lvcreate -L 100G -n app3 appvg
mkfs.xfs /dev/appvg/app1
mkdir /app1 /app2 /app3
mount /dev/appvg/app1 /app1
mount /dev/appvg/app2 /app2
mount /dev/appvg/app3 /app3
3 partitions are coming from same disk
same disk failed
multipath -ll
disk status will show as offline
also there will be log in /var/log/dmesg
cd /app1
i/o error
input/output error or read/write error
cd /app2
also giving same error
i/o error
input/output error or read/write error

vgs | grep appvg

grep appdisk1 /var/log/dmesg
grep sdc /var/log/dmesg

one of lun is failed

opened incident with Storage team to resolve issue.

======================script for performance monitor

alert===============================04-June-2021

script will run every min , it will send mail incase there is high memory
utilization or high cpu utilzation.

#! /bin/bash
d=`date +"%d-%m-%Y"`
h=`hostname`
c=`sar -u 1 1 | awk '{print $8}' | tail -1 | awk -F. '{print $1}'`
cpu=`expr 100 - $c`
mem=`sar -r 1 1 | awk '{print $5}' |tail -1 | awk -F. '{print $1}'`
if [ $mem -ge 20 ];then
echo -e "Critical Alert:\n memory usage is : $mem\n Kindly take look on it" | mailx
-s "Critical alert: High memory usage from $h" [email protected]
elif [ $mem -ge 15 ];then
echo -e "Warning Alert:\n memory usage is : $mem\n Kindly take look on it" | mailx
-s "Warning alert: High memory usage from $h" [email protected]
else
none
fi
if [ $cpu -ge 90 ];then
echo -e "Critical Alert:\n CPU usage is : $cpu\n Kindly take look on it" | mailx -s
"Critical alert: High CPU usage from $h" [email protected]
elif [ $cpu -ge 80 ];then
echo -e "Warning Alert:\n CPU usage is : $cpu\n Kindly take look on it" | mailx -s
"Warning alert: High CPU usage from $h" [email protected]
else
none
fi

-----------------------------------------------------------------------------------
-----------------------------------------------------------------------------------
-

scheduling job in cron

*/2 * * * * su - root -c "sh /scripts/perf.sh"

==========================================Interactive script to get memory and cpu

usage========================================
#! /bin/bash
c=`sar -u 1 1 | awk '{print $8}' | tail -1 | awk -F. '{print $1}'`
cpu=`expr 100 - $c`
mem=`sar -r 1 1 | awk '{print $5}' |tail -1 | awk -F. '{print $1}'`
OPTIONS="MEMORY CPU QUIT "
select opt in $OPTIONS;
do
if [ $opt = MEMORY ];then
echo -e " The current MEMORY usage is \t:\t$mem"
elif [ $opt = CPU ];then
echo -e " the current CPU usage is \t:\t $cpu "
elif [ $opt = QUIT ];then
exit
fi
done

================================================Hardening Tasks
=======================================
######### Filesystem Integrity Checking ##################
echo -e "TASK 5\t:Filesystem Integrity Checking has been enabled for all file
systems now\n"
cp -r /etc/fstab /bkp/fstab-$d-$h.bkp
sed -i -r 's/(\s+)?\S+//6' /etc/fstab
sed -i 's/$/ 1/' /etc/fstab

######### Ensure cron daemon is enabled ################

echo -e "TASK 6\t:Ensure cron daemon is enabled. Find status below\n"
cs0=`systemctl is-enabled cron`
cs1=`systemctl status cron | grep Active |awk '{print $3}' | tr -d "()"`
if [ $cs0 = enabled -a $cs1 = running ];then
echo " cron service is enabled and running "
else
systemctl enable cron && systemctl restart cron
if [ $? = 0 ];then
echo "cron service has been started now and enabled permanently"
else
echo " cron service not able to start. Login to server and start it manually"
fi
fi

######## SSH parameters #############

cp /etc/ssh/sshd_config /bkp/sshd_config-$d-$h.bkp
sed -i '/Protocol 2/s/^#//g' /etc/ssh/sshd_config
sed -i '/PermitRootLogin yes/s/^#//g' /etc/ssh/sshd_config
sed -i -e 's|PermitRootLogin yes|PermitRootLogin no|g' /etc/ssh/sshd_config
sed -i "/X11Forwarding no/s/^#//g" /etc/ssh/sshd_config
sed -i "s/X11Forwarding yes/X11Forwarding no/g" /etc/ssh/sshd_config
sed -i "/AllowTcpForwarding no/s/^#//g" /etc/ssh/sshd_config
sed -i "s/AllowTcpForwarding yes/AllowTcpForwarding no/g" /etc/ssh/sshd_config
sed -i "/IgnoreRhosts/s/^#//g" /etc/ssh/sshd_config
sed -i "/#HostbasedAuthentication no/s/^#//g" /etc/ssh/sshd_config
sed -i "/PermitEmptyPasswords/s/^#//g" /etc/ssh/sshd_config
sed -i "/PermitUserEnvironment/s/^#//g" /etc/ssh/sshd_config
sed -i "/ClientAliveInterval/s/^#//g" /etc/ssh/sshd_config
sed -i "/ClientAliveCountMax/s/^#//g" /etc/ssh/sshd_config
sed -i "s/ClientAliveInterval 0/ClientAliveInterval 300/g" /etc/ssh/sshd_config
sed -i "s/ClientAliveCountMax 3/ClientAliveCountMax 0/g" /etc/ssh/sshd_config
systemctl reload sshd
echo -e "TASK 7\t:Ensure SSH root login is disabled\t : completed\n"
echo -e "TASK 8\t:Ensure SSH Protocol is set to 2\t : completed\n"
echo -e "TASK 9\t:Ensure SSH X11 forwarding is disabled\t : completed\n"
echo -e "TASK 10\t:Ensure SSH MaxAuthTries is set to 4 or less\t : completed\n"
echo -e "TASK 11\t:Ensure SSH IgnoreRhosts is enabled\t : completed\n"
echo -e "TASK 12\t:Ensure SSH HostbasedAuthentication is disabled\t : completed\n"
echo -e "TASK 13\t:Ensure SSH PermitEmptyPasswords is disabled\t : completed\n"
echo -e "TASK 14\t:Ensure SSH PermitUserEnvironment is disabled\t : completed\n"
echo -e "TASK 15\t:Ensure SSH Idle Timeout Interval is configured\t : completed\n"
echo -e "TASK 16\t:Ensure SSH LoginGraceTime is set to one minute or less\t :
completed\n"
############ Set Shadow Password Suite Parameters ####################
sed -i "s/^PASS_MAX_DAYS/#PASS_MAX_DAYS/g" /etc/login.defs
sed -i "/#PASS_MAX_DAYS/a PASS_MAX_DAYS 60" /etc/login.defs
sed -i "s/^PASS_MIN_DAYS/#PASS_MIN_DAYS/g" /etc/login.defs
sed -i "/#PASS_MIN_DAYS/a PASS_MIN_DAYS 2" /etc/login.defs
sed -i "s/^PASS_WARN_AGE/#PASS_WARN_AGE/g" /etc/login.defs
sed -i "/#PASS_WARN_AGE/a PASS_WARN_AGE 7" /etc/login.defs
cp -r /etc/default/useradd /bkp/useradd-$d-$h.bkp
sed -i "s/INACTIVE/# INACTIVE/g" /etc/default/useradd
sed -i "/# INACTIVE/a INACTIVE=30" /etc/default/useradd
echo -e "TASK 17\t:Ensure password expiration is 60 days or less\t : completed\n"
echo -e "TASK 18\t:Ensure minimum days between password changes is 2 or more\t :
completed\n"
echo -e "TASK 19\t:Ensure password expiration warning days is 7 or more\t :
completed\n"
echo -e "TASK 20\t:Ensure inactive password lock is 30 days or less\t : completed\
n"

####### Ensure IPv6 is disabled #########

echo -e "TASK 30\t:Ensure IPv6 is disabled\t : completed\t find status below\n"
iv=`modprobe -c | grep "options ipv6" |wc -l`
if [ "$iv" = "0" ];
then
echo " IPV6 is not enabled in this machine"
elif [ "$iv" = "1" ];
then
echo "options ipv6 disable=1" >> /etc/modprobe.d/CIS.conf
echo " IPV6 has been is disabled now"
fi

####### Ensure rsyslog or syslog-ng is installed #########

echo -e "TASK 35\t:Ensure rsyslog or syslog-ng is installed\t : completed\t find
status below\n"
rsy=`rpm -qa | grep "^rsyslog" |wc -l`
if [ $rsy = 0 ];then
zypper --non-interactive install rsyslog
echo "Rsyslog has been installed now"
else
echo "Rsyslog already installed"
fi

####### Ensure tftp server is not enabled #########

echo -e "TASK 36\t:Ensure tftp server is not enabled\t : completed\n"
zypper --non-interactive remove tftp
####### Ensure rsync service is not enabled ######
echo -e "TASK 37\t:Ensure rsync service is not enabled\t : completed\t find status
below\n"
rs=`systemctl is-enabled rsyncd`
if [ $rs = enabled ];then
systemctl disable rsyncd && echo "rsync service has been disabled now"
else
echo "already rsync service is disabled"
fi

=================================================================
for patching which too your using ?
satelite
<4
satelite management will be taken care by above 6 years

your integrating server with satelite and perform patching manually

=================================================AZURE ======= 09-06-

2021=================

subscription = is nothing but account which we registered with AZURE

under subscription we will create group i.e resource group under resource group we
will start deploying or creating resources.
resources
1. server
2. HDD
3. network card
4. vnet
5. subnet
6. load balancer
7. Blob storage
8. replicate machine
9. backup vault

storage management:
1. Blob storage
2. file share

written simple script to find out password wrong attempts and them self they can
clear wrong attempts.

user1 account is locked due to wrong attempts

pam_tally2 -u user1
only root will have permissioms to check wrongs attempts but our intension is
provide this access to every one.
user2 can login and check user1 wrong attempts

kesava account is locked

arun is his collegue who can help to clear wrong attempts. because both same team.

granting pam_tally2 command access to everyone

chmod 4755 /usr/sbin/pam_tally2
#! /bin/bash

1. every day my script will pull data of partitions which are crossed >
70 % utilization.
alert > 80
but my script is giving report every day morning around 11 am to application
and os report which are partitions crossed 70 %.

morning shift engineer will download the todays report and work on
housekeeping tasks on partitions which are crossed 70 %.
 Azure back

vault
vault is for store your machines data or backed data.
1. local copy(snapshot) - 5 min complete. is it posible to recover
machine using snapshot copy? Yes
2. vault copy ( vault) - 1 or 2 hours will take to copy data into
vault.

backup policy:
every day at 11 PM all machines should backup.

Special permissions
1. Sticky bit 1 chmod -R 1777 /directory rwxrwxrwt
2. Setuid 4 chmod 4755 /bin/script or command rwsr-xr-x
3. Setgid 2 chmod 2770 /directory rwxrws---
4. ACL

setuid:
on /etc/shadow file others doesn't have any permisions.
but when they set password or reset password data(encrypted password) is updating
in /etc/shadow file .
here others able to write data on /etc/shadow

other uses able to write data on /etc/shadow file through passwd command.
because setuid is applied on passwd command.
setuid is nothing command is granted to use every one. passwd command will executed
by normal user but the data (password) will write into /etc/shadow file by root.

behalf of normal user root will write data on /etc/shadow.

how to check is setuid is applied on passwd command.

whcih passwd
ls -ld /usr/bin/passwd
ls -ld /usr/bin/passwd
-rwsr-xr-x 1 root shadow 60904 Aug 28 2019 /usr/bin/passwd

SETGID:
whover creates file or directory inside /HRDATA the group should be unigrp.
chgrp unigrp /HRDATA
reserving group name for /HRDATA
chmod g+s /HRDATA
or
chmod 2777 /HRDATA

==================================================
prasadm1:~ # chmod g+s /HRDATA
prasadm1:~ # chgrp unixgrp /HRDATA
prasadm1:~ # ls -ld /HRDATA
drwxrwsrwx 2 root unixgrp 44 Jun 13 03:26 /HRDATA
prasadm1:~ # su - babu
babu@prasadm1:~> cd /HRDATA
babu@prasadm1:/HRDATA> ls
filebybabu filebysreenu
babu@prasadm1:/HRDATA> ll
total 0
-rw-r--r-- 1 babu users 0 Jun 13 03:25 filebybabu
-rw-r--r-- 1 sreenu users 0 Jun 13 03:26 filebysreenu
babu@prasadm1:/HRDATA> touch babufile1
babu@prasadm1:/HRDATA> ll
total 0
-rw-r--r-- 1 babu unixgrp 0 Jun 13 03:29 babufile1
-rw-r--r-- 1 babu users 0 Jun 13 03:25 filebybabu
-rw-r--r-- 1 sreenu users 0 Jun 13 03:26 filebysreenu
babu@prasadm1:/HRDATA> exit
logout
prasadm1:~ # su - sreenu
sreenu@prasadm1:~> touch sreenufile1
sreenu@prasadm1:~> ll
total 0
drwxr-xr-x 2 sreenu users 6 Mar 3 11:52 bin
-rw-r--r-- 1 sreenu users 0 Jun 13 03:29 sreenufile1
sreenu@prasadm1:~> cd /HRDATA/
sreenu@prasadm1:/HRDATA> touch sreenufile1
sreenu@prasadm1:/HRDATA> ll
total 0
-rw-r--r-- 1 babu unixgrp 0 Jun 13 03:29 babufile1
-rw-r--r-- 1 babu users 0 Jun 13 03:25 filebybabu
-rw-r--r-- 1 sreenu users 0 Jun 13 03:26 filebysreenu
-rw-r--r-- 1 sreenu unixgrp 0 Jun 13 03:29 sreenufile1
sreenu@prasadm1:/HRDATA>

=========================================================================
Clustering

HA = High availability
HA software is pacemaker
node1 & node2
server1 server2
fencing ( it keep monitor the servers health) in case any one node
failed to accept load then other node will consider node 1 is unavailable status so
node 2 will start accepting load.

Advantages of clusterning:
1. HA ( High availability)
2. Load balancing if nodes are under load balancer

How to know the cluster status?

crm status
crm(cluster resource manager)

how to stop the cluster service

systemctl status pacemaker
systemctl stop pacemaker

how to put cluster in maitenance mode

sudo crm configure property maintenance-mode="true" ==> put
cluster nodes in maitenance mode
sudo crm configure property maintenance-mode="true" server1name
==> put cluster single node in maitenance mode
 how to take out cluster from maitenance mode
sudo crm configure property maintenance-mode="false"
sudo crm configure property maintenance-mode="false" server1name
how to disable one particular resource?
crm resource stop resourcename
how to enable one particular resource?
crm resource start resourcename

we are starting one service using crm resource start servicename

================================================================================clu
ster commands==================================
crm status
crm configure property maintenance-mode=true ==> maitenance mode
crm configure property maintenance-mode=false ==> taking out from maitenance
mode
crm resource cleanup ==> refresh the cluster nodes
crm resource cleanup rsc_sap_XX1_ERS70 MAkfdEUtes1PPD06 ==> refresh
particular resource(service)
refreshing one of resource that rsc_sap_xx1_ers70 in which node we are
refreshing MAkfdEUtes1PPD06

every 3 months we are performing patching including for cluster nodes.

patching in cluster nodes

node1 and node2
patching on node1
==================
collect pre-checks
snapshot
disable alerts for both the nodes
put first node in maitenance mode
crm configure property maintenance-mode=true node1servername

sanitory reboot
zypper update
post validation
take out cluster from maintenance mode
crm configure property maintenance-mode=false node1servername

patching on node 2
-------------------
put second node in maitenance mode
crm configure property maintenance-mode=true node2servername

sanitory reboot
zypper update
post validation
take out cluster from maintenance mode
crm configure property maintenance-mode=false node2servername

issue
one of the machine(server) completly down. how you can handle this ?

pm ==>step 1 : login to console and observe the error message on console

step 2 : based on error message on console then i will start
troubleshooting based on error message on cosole.
 identified error is like kernel panic error:

take machine into rescue mode with help of ISO image and rebuild
the initramfs also repair the OS file systems(/).
identified grub error:

take machine into rescue mode and rebuild or regenerate grub and
kernel

identified hardware problem:

open case with hardware vendor

how to see the nfs server status from the client machine?
showmount -e nfsserver
telnet nfsserver 2049
how do you verify is script is successfully executed or not?
sh /script.sh

*** how to run script with debug mode?

sh -x /script.sh
*** how to define debug mode inside script?
#! /bin/bash
set -x
--------
--------
--------
--------
--------
set +x

*** how to change new uuid for partition?

umount
disable lv
generate new uuid
xfs_admin -U generate /dev/mapper/vg_swap-testlv
enable lv
mount it back

AD

lvextend -L +10G /dev/vg/lv

xfs_growfs /dev/vg/lv
resize2fs /dev/vg/lv

lvextend -L +10G /dev/vg/lv -r

new user data will reflect in following locations

/home
/var/spool/mail/
/