Professional Documents
Culture Documents
Below are the notes, I gathered from my RHCE training. It was an in house training session
conducted within our organisaiton. It does not cover all the topics to be covered for the RHCE
exam.
I have just made notes of the the relevant sections which I don't tend to use on day to day basis
and i need to rememeber for the exam.
_____________________________________________________________________
------------------------------------------------------------------------------------------
cd /sys/devices/system/cpu/cpu0/cpufreq/
ls
affected_cpus
cpuinfo_cur_freq
cpuinfo_max_freq
cpuinfo_min_freq
scaling_available_frequencies
scaling_available_governors
scaling_cur_freq
scaling_driver
scaling_max_freq
scaling_min_freq
scaling_governor
cat cpuinfo_cur_freq
2000000
cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
performance
----------------------------------------------------------------------------------------------
whatis grub
is the same as
man -f grub
the above commands will search for the whole word grub,
man -k grub
will search for the pattern grub anywhere in the string..
apropos grub
info grub
man -f signal
signal (2) - ANSI C signal handling
signal (3p) - signal management
signal (7) - list of available signals
signal.h [signal] (0p) - signals
/usr/share/doc
www.tdlp.org
-----------------------------------------------
/rhome/station4/nisuser4
[root@station3 ~]# echo camel
camel
[root@station3 ~]# ^m^ram
echo caramel
caramel
The ^cow command replaces cow with nothing so the command becomes "echo dog"
history
!45 (runs the 45th command in the history)
!-3 run the 3rd command from the bottom..
!! runs the last command in the history
!hi runs the last command that start with hi
ctrl l
will clear the screen..
-------------------------------------------------------------------------------------
Filesystem.
man hier
/etc
/bin
/sbin
/lib
/dev
dd
(copy and covert)
file
the file command will give you informa/rhome/station4/nisuser4tion about what type of file it is..
dumpe2fs /dev/hdb1 | less
the command dumps the superblock..
stat /etc/passwd
dumps the information in the inode of the /etc/passwd
df -i
lists the available list of inodes.. on each partition..
ls -i
gives you the inode number of the files..
---------------
available channels.
STDIN 0 <>
STDERR 2 2>
tee
is like a t piece which can be used to direct output of a command to both a file and to the stdout
tr command
stat
the stat command can be used to display file or filesystem status
if you want to make sure that you bypass the alias when you run a command. you can escape the
command with a \
ls on its own will use the alias which possible includes "ls --color"
\ls will run the native command ls bypassing the alias setting.
reset
reset command can be used to reset the terminal. specially when your command prompt is all
messed up.
login shell - will process the following startup scripts
/etc/profile
~/.bash_profile
paste
the paste command is used to take 2 files and combine them as delimited columns
aspell check
used to spell check a file.
-----------------------------
regex
so \ will match the exact word "test" excluding all the words which includes the substring test.
if you want to search for a bigger string you can use the below
\(sample\|test\)
----------------------------------------------
Unit - 4
bios uses the IPL (initial program loader) to find the boot loader..
mount aliases
mount --bind /mnt/stuff /mnt/usb
allows you to have multiple location where the device appears to be mounted..
nfsserver mounts
showmount -e server1
smbclient -U'eur\sushil.suresh' -L lonfs01
auto mounting..
/etc/auto.master
/etc/autofs/auto.master
laattr /etc/passwd
chattr +i /etc/passwd
attributes
+i immutable
+a append mode only
----------------------------------------------
Unit 6
Rpm installation
-i install (typical for kernel install as the old version is left as it is.. )
-U upgrade
-F freshen
RPM removal
-e erase
RPM queries
-q query
-qa query all
-ql obtain a list of files installed by package
-qlp query the package file for a list of files..
-qi query for information
-qip query for information from the package file
-q --changelog show you the change lock of the package
-q --script shows you the script that is run when you install the rpm package or uninstall it.
-qf search the origin of a file..
-q --provides will list libraries that are provided by the
-q --whatrequires will tell you what requires the library
-q --whatprovides
rpm --import
gpg --import
rpm -V initscripts
.......T c /etc/inittab
S.5....T c /etc/rc.d/rc
S.5....T c /etc/sysctl.conf
rpm2cpio filename.rpm
rpm2cpio initscripts-8.45.19.EL-1.el5.centos.1.x86_64.rpm | cpio --extract --make-directories
*inittab*
Kickstart file has got several sections
the config section has got configuration information
package section(which contains categories and individual pacakges)
%pre (section)
This section will contain information to be used and peformed before installation
%post (section)
This section will contain information to be used and performed post installation
----------------------------------------------
Unit - 7
system-config-authentication
can be used to change the authentication method between local auth, ldap, nis etc..
you might have to use --nox if you want to run it in text mode.
Nis.
getfacl
setfacl -m u::rw
setfacl -m u::rw
setfacl -m d:u::rwx set the default permission and can be applied only to a directory
setfacl -x u: (deletes the user permissions for username)
SELinux
each process or object has an SElinux context.
context :- identity:role:domain/type
3 modes of operation
1) completely off,
2) on, but permissive mode,
3) on , and is restrictive
the default log file for selinux is /var/log/audit/audit.log
getenforce
setenforce
setsebool (set boolean values in a persistent manner)
/etc/sysconfig/selinux edi
from grub append enforcing=0 or selinux=0
ls -Z /etc/passwd
-rw-r--r-- root root system_u:object_r:etc_t /etc/passwd
ps -Zax
The Z switch is used to get hold of the contexts for a file or process..
system-config-securitylevel
system-config-selinux(part of policycoreutils-gui)
Y
Y
setroubleshoot-server
cups
/etc/cups/cupsd.conf
/etc/cups/printers.conf
lpadmin
system-config-printer
or localhost:631
to configure printers..
Crontab.
/etc/cron.allow
/etc/cron.deny
star
star is the equivalent of tar but is aware of SE linux contexts ...
so ifyou want to backup selinux enabled disks.. always use star
----------------------------------------------
Unit 8
Ä
mdadm /dev/md0 -C
I tend to prefer the longer version of the options as it is self explanator, and easier to remember
or recollect, especially when you don't use it on a daily basis. The shorter version of the
command would be
______________________________________________________
Creating LVMs
pvcreate
vgcreate
lvcreate
lvm-greats
lvcreate
-L sizein MB/Gb etc ..
-l Size in physical extend.
pvcreate /dev/sda9
pvcreate /dev/sda10
vgcreate lvmgroup /dev/sda9 /dev/sda10
lvcreate --size 200M lvmgroup --name lvm_disk
pvcreate /dev/sda11
vgextend lvmgroup /dev/sda11
lvextend -L +50M /dev/lvmgroup/lvm_disk /dev/sda11
resize2fs -p /dev/lvmgroup/lvm_disk
----------------------------------------------
æ
!"
When setting quota's for the first time, make sure you run quotacheck command to create the
quota database for first use. The -c option creates the "aquota.user" and "aquota.group" database
which are necessary to facilitate the usage of quotas.
quotacheck -cm /home
Once the quota database is setup, you need to enable or switch on quotas.
quotaon /home
edquota can be used to edit the quota setting for a user or group
edquota bob (can be used to edit the quota setting for bob)
one can use -u for user quota or -g for group quota
The -p option can be used to replicate or copy quota setting of an existing user to another.
edquota -p bob joe
(copies bobs quotas to joe)
repquota generes a report on all user based quotas
repquota /home (reports on all user based quotas.. )
Warkquota can be used to send emails to all users exceeding their quota
warnquota /home
The default grace period once the soft limits are exceeded by are user is 7 days.
If exceeded, the user;s soft limits become his hard lmit
----------------------------------------------
troubleshooting
service --status-all
----------------------------------------------
iptables..
firewalling happens at the kernel level.
iptables is just used to interface with the kernel
Architecture..
netfilter
1. incoming packet
2. crc/sanity check
3. pre-routing check
4. routing decision ?
5. is this packet "to me", "through me", or "from me"
Rule targets
builtin targets - DROP, ACCEPT
extension targets - LOG,REJECT, custom
To change the the default policy of a table you can use the -P flag
----------------------------------------------
file sharing
----------------------------------------------
Bind on redhat
required packages
bind-utils, bind-chroot, bind, caching-nameserver
if you want to install chroot.. always.. install bind-chroot before you install bind
----------------------------------------------
----------------------------------------------
sysadmin
v
#
$
%#% #
$
"
Documentation is in
/usr/share/doc/pam-versionnumber/txts/
/etc/pam.d/
there is a separate configuration file for each application
the configuration file is broken into 3 columns
right most column is the name of the module called.
The first column Module type will be one of the 4 stages of PAM authentication process
discussed above (auth,account,password,session). It dictates which phase of the authentication is
handled by the line.
The third column or Module_Path indicates which module is invoked or used to verify the
current phase of the pam authentication.
Note: if the file /etc/nologin file exists, regular users are not allowed to login into the local
console. Any regular user that tries to log in gets to the contents of the /etc/nologin as a message.
/etc/security/
pam limits /etc/security/limits.conf you can allocate cpu time for users etc..
/etc/securetty
This file configures/lists the consoles from where you can login as the root user. This does not
affect the regular users.
-----
pam_listfile.so
This module can be used to configure pam to limit access to specif users
auth required pam_listfile.so onerr=succeed item=user sense=allow file=/etc/special
If the item(user) is found in file /etc/special and as sense is allow, PAM will allow the user to run
the application.
__________________________________________________________________________
find / -f -perm -2
search for files with write permisions to other..
-----------------------
turn on process accounting
accton /var/account/pacct
lastcomm
ac
ac --daily-totals --individual-totals
-----------------------
Ä
THe RHEL exam expects you to have a decent understanding of mail services
sendmail, dovecot, postfix, and procmail.
Dovecot provides IMAP, POP3, and POP3S services.
system-switch-mail
system-switch-mail-gnome
above commands can be used to switch between the various mail systems.
so once you edit the sendmail.mc file you need to regenerate the sendmail.cf file
This can be done in one of the 2 way below.
/etc/aliases
/etc/mail/local-host-names
has a list of domains for which the mail server will accept emails.
/etc/mail/access
let you configure who you will accept email from and who you will relay email for
mail -v user
the -v option is quite useful..
alternatives program is used to switch between different version or alternatives of the same
program.
%
!
The configuration files are stored in /etc/postfix
postconf
postconf -e 'my_interfaces=locahost,172.24.0.1'
The above command will update the postfix
postsuper
the above command is quite useful tool
control command for postfix.. postfix superintendant.
postmap - to get postfix to regenerate the hash map of the modular config files
postalias - used to inform postfix that you have updated the alisa file
PROCMAIL
procmail is the MDA or the mail delivery agent.
postconf -e 'mailbox-command=/usr/bin/procmail'
is used to enable the procmail mail handing for postfix.4
procmailex
useful to configure procmail
The default values for the varibales are shown in # comment lines. If you are going to use the
default values you don't have to uncomment them.
The one setting you definitely have to configure is the "mail_location" variable.
This variable is required for Dovecot to function properly, and defines the location where email
is stored.
Certificates and keys for secure POP3 and IMAP connection are stored in the following
directories
/etc/pki/dovecot/certs
/etc/pki/dovecot/private
Before deploying new certs, move the existing ones out of the way.
The main configuration file which holds setting for the certificate are located in
/etc/pki/dovecot/dovecot-openssl.cnf
Make the necessary changes to the above configuration file and run the below script to generate
new certs and keys.
/usr/share/doc/dovecot-1.0.7/examples/mkcert.sh
-----------------------
-----------------------
fun and games
--------------------
sniffit
htop
bing
latencytop
powertop
cowsay
smbnuke
adventure shell
mp (can be used to play video in text mode)
vimtutor
ccze (colourise text)
pbzip2 (parallel bzip2)
rbash (restrictive bash shell)
inkscape ( An Open Source vector graphics editor, with capabilities similar to Illustrator,
CorelDraw, or Xara X, using the W3C standard Scalable Vector Graphics (SVG) file format)
gpart - can be used to guess partitions.. once deleted and recover stuff etc..
http://www.stud.uni-hannover.de/user/76201/gpart/
http://www.alink.co.za/books/
wikipedia searches
echelon
carnivore software