RHVM Hypervisors Installation, Configuration and Administration

I  am Coming Very Soon.....................!!!!! On your Screen  :) :)

FTP server configuration in Linux

In this tutorial my ftp server ip and hostname are 192.168.1.200 and barunkumar88.com  respectively. I have already configured a local repository and i am gonna to install FTP from my local repository

Before proceed, stop the firewall.

[root@mainserver ~]# service iptables stop

iptables: Flushing firewall rules:                         [  OK  ]

iptables: Setting chains to policy ACCEPT: filter          [  OK  ]

iptables: Unloading modules:                               [  OK  ]

[root@mainserver ~]# service ip6tables stop

ip6tables: Flushing firewall rules:                        [  OK  ]

ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]

ip6tables: Unloading modules:                              [  OK  ]

[root@mainserver ~]# chkconfig iptables off

[root@mainserver ~]# chkconfig ip6tables off

[root@mainserver ~]#

Now let us install FTP service.

[root@mainserver ~]# yum install -y vsftpd

[root@mainserver ~]# Start vsftpd service.

[root@mainserver ~]# service vsftpd start

Starting vsftpd for vsftpd:                                [  OK  ]

[root@mainserver ~]#

Enable vsftpd in multi-user levels.

[root@mainserver ~]# chkconfig vsftpd on

Now edit the /etc/vsftpd/vsftpd.conf file. Uncomment and edit the lines in the vsftpd.conf file which are shown in bold.

[root@mainserver ~]# cat /etc/vsftpd/vsftpd.conf

# Example config file /etc/vsftpd/vsftpd.conf

#

# The default compiled in settings are fairly paranoid. This sample file

# loosens things up a bit, to make the ftp daemon more usable.

# Please see vsftpd.conf.5 for all compiled in defaults.

#

# READ THIS: This example file is NOT an exhaustive list of vsftpd options.

# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's

# capabilities.

#

# Allow anonymous FTP? (Beware - allowed by default if you comment this out).

anonymous_enable=NO

#

# Uncomment this to allow local users to log in.

local_enable=YES

#

# Uncomment this to enable any form of FTP write command.

write_enable=YES

#

# Default umask for local users is 077. You may wish to change this to 022,

# if your users expect that (022 is used by most other ftpd's)

local_umask=022

#

# Uncomment this to allow the anonymous FTP user to upload files. This only

# has an effect if the above global write enable is activated. Also, you will

# obviously need to create a directory writable by the FTP user.

#anon_upload_enable=YES

#

# Uncomment this if you want the anonymous FTP user to be able to create

# new directories.

#anon_mkdir_write_enable=YES

#

# Activate directory messages - messages given to remote users when they

# go into a certain directory.

dirmessage_enable=YES

#

# The target log file can be vsftpd_log_file or xferlog_file.

# This depends on setting xferlog_std_format parameter

xferlog_enable=YES

#

# Make sure PORT transfer connections originate from port 20 (ftp-data).

connect_from_port_20=YES

#

# If you want, you can arrange for uploaded anonymous files to be owned by

# a different user. Note! Using "root" for uploaded files is not

# recommended!

#chown_uploads=YES

#chown_username=whoever

#

# The name of log file when xferlog_enable=YES and xferlog_std_format=YES

# WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log

#xferlog_file=/var/log/xferlog

#

# Switches between logging into vsftpd_log_file and xferlog_file files.

# NO writes to vsftpd_log_file, YES to xferlog_file

xferlog_std_format=YES

#

# You may change the default value for timing out an idle session.

#idle_session_timeout=600

#

# You may change the default value for timing out a data connection.

#data_connection_timeout=120

#

# It is recommended that you define on your system a unique user which the

# ftp server can use as a totally isolated and unprivileged user.

#nopriv_user=ftpsecure

#

# Enable this and the server will recognise asynchronous ABOR requests. Not

# recommended for security (the code is non-trivial). Not enabling it,

# however, may confuse older FTP clients.

#async_abor_enable=YES

#

# By default the server will pretend to allow ASCII mode but in fact ignore

# the request. Turn on the below options to have the server actually do ASCII

# mangling on files when in ASCII mode.

# Beware that on some FTP servers, ASCII support allows a denial of service

# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd

# predicted this attack and has always been safe, reporting the size of the

# raw file.

# ASCII mangling is a horrible feature of the protocol.

ascii_upload_enable=YES

ascii_download_enable=YES

#

# You may fully customise the login banner string:

ftpd_banner=Welcome tobarunkumar88 FTP service.

#

# You may specify a file of disallowed anonymous e-mail addresses. Apparently

# useful for combatting certain DoS attacks.

#deny_email_enable=YES

# (default follows)

#banned_email_file=/etc/vsftpd/banned_emails

#

# You may specify an explicit list of local users to chroot() to their home

# directory. If chroot_local_user is YES, then this list becomes a list of

# users to NOT chroot().

#chroot_local_user=YES

#chroot_list_enable=YES

# (default follows)

#chroot_list_file=/etc/vsftpd/chroot_list

#

# You may activate the "-R" option to the builtin ls. This is disabled by

# default to avoid remote users being able to cause excessive I/O on large

# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume

# the presence of the "-R" option, so there is a strong case for enabling it.

ls_recurse_enable=YES

#

# When "listen" directive is enabled, vsftpd runs in standalone mode and

# listens on IPv4 sockets. This directive cannot be used in conjunction

# with the listen_ipv6 directive.

listen=YES

#

# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6

# sockets, you must run two copies of vsftpd with two configuration files.

# Make sure, that one of the listen options is commented !!

#listen_ipv6=YES

pam_service_name=vsftpd

userlist_enable=YES

tcp_wrappers=YES

use_localtime=YES

Now let us restart the vsftpd service and try to connect to ftp server.

[root@mainserver ~]# service vsftpd restart

Shutting down vsftpd:                                      [  OK  ]

Starting vsftpd for vsftpd:                                [  OK  ]

Connect to the ftp server.

Note: Root is not allowed to connect to ftp server by default for security purpose. So lets us create a new user calledbarunkumar88.

[root@mainserver ~]# useraddbarunkumar88

[root@mainserver ~]# passwdbarunkumar88

Changing password for userbarunkumar88.

New password:

BAD PASSWORD: it is based on a dictionary word

Retype new password:

passwd: all authentication tokens updated successfully.

Connet to FTP server using the new userbarunkumar88.

[root@mainserver ~]# ftp 192.168.1.200

-bash: ftp: command not found

[root@mainserver ~]#

Oops! ftp package is not installed. So let us install ftp package first.

[root@mainserver ~]# yum install -y ftp

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package ftp.i686 0:0.17-51.1.el6 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

================================================================================

 Package       Arch           Version                 Repository           Size

================================================================================

Installing:

 ftp           i686           0.17-51.1.el6           localrepo            55 k

Transaction Summary

================================================================================

Install       1 Package(s)

Total download size: 55 k

Installed size: 91 k

Downloading Packages:

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Warning: RPMDB altered outside of yum.

  Installing : ftp-0.17-51.1.el6.i686                                       1/1

  Verifying  : ftp-0.17-51.1.el6.i686                                       1/1

Installed:

  ftp.i686 0:0.17-51.1.el6                                                     

Complete!

[root@mainserver ~]#

Again connect to the FTP server.

[root@mainserver ~]# ftp 192.168.1.200

Connected to 192.168.1.200 (192.168.1.200).

220 Welcome tobarunkumar88 FTP service.

Name (192.168.1.200:root):barunkumar88

331 Please specify the password.

Password:

500 OOPS: cannot change directory:/home/barunkumar88

Login failed.

ftp>

It shows a error that the user cannot change to his $HOME directory. Type exit to return back from the ftp console and allow vsftpd daemon to change users into their $HOME directories. To do that update SELinux configuration using the command below.

[root@mainserver ~]# setsebool -P ftp_home_dir on

And finally connect to the FTP server.

[root@mainserver ~]# ftp 192.168.1.200

Connected to 192.168.1.200 (192.168.1.200).

220 Welcome to barunkumar88 FTP service.

Name (192.168.1.200:root):barunkumar88

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> pwd

257 "/home/barunkumar88"

ftp>

Its working now. You can use your FTP server.

Connect to FTP server using Filezilla from Client:

Download and install Filezilla client software to any one of the client systems. Open the Filezilla client and enter the username and password which we have created earlier and click connect.

Connect to FTP server via browser from the client:

Open the browser and navigate to ftp://192.1168.1.200. Enter the username and password which we created earlier.

Crontab configuration in Linux

Crontab is use to define a job which will run at a particular time period.Crontab is use to define jobs or tasks which root wants to run at regular period of time for example daily jobs,weekly jobs,hourly jobs or monthly jobs.For single time schedule tasks we can use "AT" command but the difference between AT command and Crontab is that in AT command we cannot define jobs to run daily,hourly,weekly,monthly .

Now to edit Crontab we need to know about few files before define a job.
/etc/cron.allow
/etc/cron.deny

These two files are use to define Cronjobs Access Control

If neither /etc/cron.allow nor /etc/cron.deny exists only root is allowed to define a cronjobs.

If only /etc/cron.deny exists in that case all users except those listed in this file can define cronjobs.

If only /etc/cron.allow exists in that case root and all the users listed in this file can define cronjobs.

If both file exists then cron.deny is ignored.

Note:-- By default /etc/cron.deny file exits but its empty that means every user is allow to define a cronjob.Now if you create a new empty /etc/cron.allow file then none of the user will be allow to define a cronjob only root can define.

Steps to define a new cronjob:-

1.  Login with root user and type in gnome-terminal or virtual-terminal the following command

      crontab -e

2. This command open a empty file with vi editor.Now you need to type the time and the comand in this blank file but with a specific syntax

1. Scheduling a Job For a Specific Time

The basic usage of cron is to execute a job in a specific time as shown below. This will execute the Full backup shell script (full-backup) on 10th June 08:30 AM.

Please note that the time field uses 24 hours format. So, for 8 AM use 8, and for 8 PM use 20.

30 08 10 06 * /home/ramesh/full-backup

30 – 30th Minute

08 – 08 AM

10 – 10th Day

06 – 6th Month (June)

* – Every day of the week

2. Schedule a Job For More Than One Instance (e.g. Twice a Day)

The following script take a incremental backup twice a day every day.

This example executes the specified incremental backup shell script (incremental-backup) at 11:00 and 16:00 on every day. The comma separated value in a field specifies that the command needs to be executed in all the mentioned time.

00 11,16 * * * /home/ramesh/bin/incremental-backup

00 – 0th Minute (Top of the hour)

11,16 – 11 AM and 4 PM

* – Every day

* – Every month

* – Every day of the week

3. Schedule a Job for Specific Range of Time (e.g. Only on Weekdays)

If you wanted a job to be scheduled for every hour with in a specific range of time then use the following.

Cron Job everyday during working hours

This example checks the status of the database everyday (including weekends) during the working hours 9 a.m – 6 p.m

00 09-18 * * * /home/ramesh/bin/check-db-status

00 – 0th Minute (Top of the hour)

09-18 – 9 am, 10 am,11 am, 12 am, 1 pm, 2 pm, 3 pm, 4 pm, 5 pm, 6 pm

* – Every day

* – Every month

* – Every day of the week

Cron Job every weekday during working hours

This example checks the status of the database every weekday (i.e excluding Sat and Sun) during the working hours 9 a.m – 6 p.m.

00 09-18 * * 1-5 /home/ramesh/bin/check-db-status

00 – 0th Minute (Top of the hour)

09-18 – 9 am, 10 am,11 am, 12 am, 1 pm, 2 pm, 3 pm, 4 pm, 5 pm, 6 pm

* – Every day

* – Every month

1-5 -Mon, Tue, Wed, Thu and Fri (Every Weekday)

4. How to View Crontab Entries?

View Current Logged-In User’s Crontab entries

To view your crontab entries type crontab -l from your unix account as shown below.

ramesh@dev-db$ crontab -l

@yearly /home/ramesh/annual-maintenance

*/10 * * * * /home/ramesh/check-disk-space

[Note: This displays crontab of the current logged in user]

View Root Crontab entries

Login as root user (su – root) and do crontab -l as shown below.

root@dev-db# crontab -l

no crontab for root

Crontab HowTo: View Other Linux User’s Crontabs entries

To view crontab entries of other Linux users, login to root and use -u {username} -l as shown below.

root@dev-db# crontab -u sathiya -l

@monthly /home/sathiya/monthly-backup

00 09-18 * * * /home/sathiya/check-db-status

5. How to Edit Crontab Entries?

Edit Current Logged-In User’s Crontab entries

To edit a crontab entries, use crontab -e as shown below. By default this will edit the current logged-in users crontab.

ramesh@dev-db$ crontab -e

@yearly /home/ramesh/centos/bin/annual-maintenance

*/10 * * * * /home/ramesh/debian/bin/check-disk-space

~

"/tmp/crontab.XXXXyjWkHw" 2L, 83C

[Note: This will open the crontab file in Vim editor for editing.

Please note cron created a temporary /tmp/crontab.XX... ]

When you save the above temporary file with :wq, it will save the crontab and display the following message indicating the crontab is successfully modified.

~

"crontab.XXXXyjWkHw" 2L, 83C written

crontab: installing new crontab

Edit Root Crontab entries

Login as root user (su – root) and do crontab -e as shown below.

root@dev-db# crontab -e

Edit Other Linux User’s Crontab File entries

To edit crontab entries of other Linux users, login to root and use -u {username} -e as shown below.

root@dev-db# crontab -u sathiya -e

@monthly /home/sathiya/fedora/bin/monthly-backup

00 09-18 * * * /home/sathiya/ubuntu/bin/check-db-status

~

~

~

"/tmp/crontab.XXXXyjWkHw" 2L, 83C

6. Schedule a Job for Every Minute Using Cron.

Ideally you may not have a requirement to schedule a job every minute. But understanding this example will will help you understand the other examples mentioned below in this article.

* * * * * CMD

The * means all the possible unit — i.e every minute of every hour through out the year. More than using this * directly, you will find it very useful in the following cases.

When you specify */5 in minute field means every 5 minutes.

When you specify 0-10/2 in minute field mean every 2 minutes in the first 10 minute.

Thus the above convention can be used for all the other 4 fields.

7. Schedule a Background Cron Job For Every 10 Minutes.

Use the following, if you want to check the disk space every 10 minutes.

*/10 * * * * /home/ramesh/check-disk-space

It executes the specified command check-disk-space every 10 minutes through out the year. But you may have a requirement of executing the command only during office hours or vice versa. The above examples shows how to do those things.

Instead of specifying values in the 5 fields, we can specify it using a single keyword as mentioned below.

There are special cases in which instead of the above 5 fields you can use @ followed by a keyword — such as reboot, midnight, yearly, hourly.

Table: Cron special keywords and its meaning

Keyword        Equivalent

@yearly        0 0 1 1 *

@daily 0 0 * * *

@hourly        0 * * * *

@reboot       Run at startup.

8. Schedule a Job For First Minute of Every Year using @yearly

If you want a job to be executed on the first minute of every year, then you can use the @yearly cron keyword as shown below.

This will execute the system annual maintenance using annual-maintenance shell script at 00:00 on Jan 1st for every year.

@yearly /home/ramesh/red-hat/bin/annual-maintenance

9. Schedule a Cron Job Beginning of Every Month using @monthly

It is as similar as the @yearly as above. But executes the command monthly once using @monthly cron keyword.

This will execute the shell script tape-backup at 00:00 on 1st of every month.

@monthly /home/ramesh/suse/bin/tape-backup

10. Schedule a Background Job Every Day using @daily

Using the @daily cron keyword, this will do a daily log file cleanup using cleanup-logs shell scriptat 00:00 on every day.

@daily /home/ramesh/arch-linux/bin/cleanup-logs "day started"

11. How to Execute a Linux Command After Every Reboot using @reboot?

Using the @reboot cron keyword, this will execute the specified command once after the machine got booted every time.

@reboot CMD

12. How to Disable/Redirect the Crontab Mail Output using MAIL keyword?

By default crontab sends the job output to the user who scheduled the job. If you want to redirect the output to a specific user, add or update the MAIL variable in the crontab as shown below.

ramesh@dev-db$ crontab -l

MAIL="ramesh"

@yearly /home/ramesh/annual-maintenance

*/10 * * * * /home/ramesh/check-disk-space

[Note: Crontab of the current logged in user with MAIL variable]

If you wanted the mail not to be sent to anywhere, i.e to stop the crontab output to be emailed, add or update the MAIL variable in the crontab as shown below.

MAIL=""

13. How to Execute a Linux Cron Jobs Every Second Using Crontab.

You cannot schedule a every-second cronjob. Because in cron the minimum unit you can specify is minute. In a typical scenario, there is no reason for most of us to run any job every second in the system.

14. Specify PATH Variable in the Crontab

All the above examples we specified absolute path of the Linux command or the shell-script that needs to be executed.

For example, instead of specifying /home/ramesh/tape-backup, if you want to just specify tape-backup, then add the path /home/ramesh to the PATH variable in the crontab as shown below.

ramesh@dev-db$ crontab -l

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/home/ramesh

@yearly annual-maintenance

*/10 * * * * check-disk-space

[Note: Crontab of the current logged in user with PATH variable]

15. Installing Crontab From a Cron File

Instead of directly editing the crontab file, you can also add all the entries to a cron-file first. Once you have all thoese entries in the file, you can upload or install them to the cron as shown below.

ramesh@dev-db$ crontab -l

no crontab for ramesh

$ cat cron-file.txt

@yearly /home/ramesh/annual-maintenance

*/10 * * * * /home/ramesh/check-disk-space

ramesh@dev-db$ crontab cron-file.txt

ramesh@dev-db$ crontab -l

@yearly /home/ramesh/annual-maintenance

*/10 * * * * /home/ramesh/check-disk-space

RHEL Directory Structure (File System Structure)

1. / – Root

§  Every single file and directory starts from the root directory.

§  Only root user has write privilege under this directory.

§  Please note that /root is root user’s home directory, which is not same as /.

2. /bin – User Binaries

§  Contains binary executables.

§  Common linux commands you need to use in single-user modes are located under this directory.

§  Commands used by all the users of the system are located here.

§  For example: ps, ls, ping, grep, cp.

3. /sbin – System Binaries

§  Just like /bin, /sbin also contains binary executables.

§  But, the linux commands located under this directory are used typically by system aministrator, for system maintenance purpose.

§  For example: iptables, reboot, fdisk, ifconfig, swapon

4. /etc – Configuration Files

§  Contains configuration files required by all programs.

§  This also contains startup and shutdown shell scripts used to start/stop individual programs.

§  For example: /etc/resolv.conf, /etc/logrotate.conf

5. /dev – Device Files

§  Contains device files.

§  These include terminal devices, usb, or any device attached to the system.

§  For example: /dev/tty1, /dev/usbmon0

6. /proc – Process Information

§  Contains information about system process.

§  This is a pseudo filesystem contains information about running process. For example: /proc/{pid} directory contains information about the process with that particular pid.

§  This is a virtual filesystem with text information about system resources. For example: /proc/uptime

7. /var – Variable Files

§  var stands for variable files.

§  Content of the files that are expected to grow can be found under this directory.

§  This includes — system log files (/var/log); packages and database files (/var/lib); emails (/var/mail); print queues (/var/spool); lock files (/var/lock); temp files needed across reboots (/var/tmp);

8. /tmp – Temporary Files

§  Directory that contains temporary files created by system and users.

§  Files under this directory are deleted when system is rebooted.

9. /usr – User Programs

§  Contains binaries, libraries, documentation, and source-code for second level programs.

§  /usr/bin contains binary files for user programs. If you can’t find a user binary under /bin, look under /usr/bin. For example: at, awk, cc, less, scp

§  /usr/sbin contains binary files for system administrators. If you can’t find a system binary under /sbin, look under /usr/sbin. For example: atd, cron, sshd, useradd, userdel

§  /usr/lib contains libraries for /usr/bin and /usr/sbin

§  /usr/local contains users programs that you install from source. For example, when you install apache from source, it goes under /usr/local/apache2

10. /home – Home Directories

§  Home directories for all users to store their personal files.

§  For example: /home/john, /home/nikita

11. /boot – Boot Loader Files

§  Contains boot loader related files.

§  Kernel initrd, vmlinux, grub files are located under /boot

§  For example: initrd.img-2.6.32-24-generic, vmlinuz-2.6.32-24-generic

12. /lib – System Libraries

§  Contains library files that supports the binaries located under /bin and /sbin

§  Library filenames are either ld* or lib*.so.*

§  For example: ld-2.11.1.so, libncurses.so.5.7

13. /opt – Optional add-on Applications

§  opt stands for optional.

§  Contains add-on applications from individual vendors.

§  add-on applications should be installed under either /opt/ or /opt/ sub-directory.

14. /mnt – Mount Directory

§  Temporary mount directory where sysadmins can mount filesystems.

15. /media – Removable Media Devices

§  Temporary mount directory for removable devices.

§  For examples, /media/cdrom for CD-ROM; /media/floppy for floppy drives; /media/cdrecorder for CD writer

16. /srv – Service Data

§  srv stands for service.

§  Contains server specific services related data.

§  For example, /srv/cvs contains CVS related data.