Networks

Linux CentOS 7 - Mounting the iso file as a CD-ROM in a repo Mount the iso file as a CD-ROM in a repository. Provided your iso file contains the complete operative system, this allows you to disable the default repositories and mirrors and install all required packages without downloading them from the internet. In other words you can work off-line. On system1 and/or system2 Edit the repo file vim /etc/yum.repos.d/CentOS-CD.repo [CentOS-CD] name =  CD ROM baseurl = file:///media/CentOS gpgcheck = 0 enabled = 1 Mount the iso file as a CD-ROM in a repository. Make a mount point mkdir /media/CentOS Edit the fstab file /dev/cdrom     /media/CentOS   iso9660   loop 0 0 mont -a Verify df -Th it must return the /dev/loop0 disk yum repolist it must show the repositories contained in the iso file.

Linux CentOS 7 - Postfix configuration Configure system1 as a mail server and system2 as a null client. From the null client, user alice can send mails to user bob on the mail server. On system1 and system2 Install the packages: # yum install -y postfix mailx Enable and start the service: # systemctl start postfix # systemctl enable postfix Adjust the firewall firewall-cmd --permanent --add-service=smtp firewall-cmd --reload On system1 Configure the server vim /etc/postfix/main.cf myhostname = system1.example.com mydomain = example.com myorigin = $mydomain mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain inet_interface = all mynetworks = 192.168.189.0/24, 127.0.0.0/8 inet_protocols = ipv4 Check the configuration postfix check Restart the service systemctl restart postfix Add user bob useradd bob Check bob received alice's message su - bob mail type 1 From alice@example.com  Sun Jun 23 21:57:45 2019 Return-Path: ...

Linux CentOS 7 - Basic scripting Configure a bash script called  foo.sh; this script reads an input parameter: if the input is "A", it returns "B"; if the input is "B", it returns "A"; otherwise it shows the message "usage foo.sh A|B" On system1 Edit the file: # vim /root/foo.sh #!/bin/bash if [ "$1" == "A" ]; then echo "B" elif [ "$1" == "B" ]; then echo "A"             e lse echo "/root/foo.sh A|B" fi Change the permissions to make it executable by all; # chmod a+x foo.sh Test it: # ./foo.sh A B Configure a script called makeusers.sh which reads a list of users from a file and creates those users with the /bin/false shell;   On system 1 Edit the script vim makeusers.sh #!/bin/bash if [ $# = 0 ]; then echo "usage makeusers.sh <users file>" exit 1 elif [ -f $1 ]; then for i in `cat $1`; do usera...

Linux CentOS 7 - Installing MariaDB Install MariaDB and make sure the databases can be accessed as user root by entering a password; the databases must by accessible only locally. On system1 Install packages for MariaDB # yum install mariadb* -y Enable and start the process # systemctl enable mariadb && systemctl start mariadb Run the installation wizard (script) and anwer the quesitons # mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB       SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user.  If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nob...

Linux CentOS 7 - Configuring IPv6 addresses Configure an IPv6 address for an ethernet type interface. On system1  Make sure the NetworkManager process is up and running. # systemctl status NetworkManager # nmcli con mod ens33 ipv6.addresses 2001:abcd:abcd::1/64 autoconnect yes ipv6.method static Restart the network process # systemctl restart network Verify the interface has the right address # ip a Verify the IPv6 address can be pinged # ping6 2001:abcd:abcd::1 On system2 Repeat the steps above with the address 2001:abcd:abcd::2/64. Verify the interfaces can ping one another. If you experience any problem with this configuration, please let me know.

Linux CentOS 7 - Configuring aliases Configure a simple alias for a complex command. For instance, create a custom command called qstat on system1 that runs the command:  /bin/ps -Ao pid,tt,user,fname,rsz This command should be available to all users on the system.  On system1: Edit the /etc/bashrc file:  # vim /etc/bashrc Scroll to the bottom of the file and add this line: alias qstat=" bin/ps -Ao pid,tt,user,fname,rsz" then save and exit; run the command: # source /etc/bashrc Verfiy by running the command: # qstat Sample output:    PID TT       USER     COMMAND    RSZ      1 ?        root     systemd   6864      2 ?        root     kthreadd     0    ...

Linux CentOS 7 - Configuring a cache-only DNS Configure a cache only DNS server which forwards requests to the well known Google DNS server. On system1 Install the unbound package # yum install -y unbound Enable and start the service # systemctl enable unbound && systemctl start unbound Adjust the configuration file # vim /etc/unbound/unbound.conf interface: 0.0.0.0                       ## all interfaces access-control: 0.0.0.0/0 allow ## from all networks forward-zone      name: "."                              ## from any domain      forward-addr: 8.8.8.8           ## DNS server towards which all requests will be forwarded Check configuration  # unbound-checkconf Modify the DNS server on the interface configuration # vim /etc/sysconfig/network-scripts/ifc...

Linux CentOS 7 - iSCSI configuration Configure the following target on system1: iqn.2019-06.com.example.system1 with 3 GB partition Configure on system2 an initiator iqn.2019-06.com.example.system2 and automatically mount the iSCSI partion. On system1 View the partitions fdisk -l If there is no space on the present disk, add a new disk. Configure the new disk. # fdisk /dev/sdb n for new p for primary 1 as the number first sector: accept default value; last sector: +4GB t for type code 8e for LVM p to show the configured partition w to write the configuration and make it permanent Tell the kernel about the new parttion # partprobe /dev/sdb Create a new physical volume # pvcreate /dev/sdb1 Create a new volume group # vgcreate vg1 /dev/sdb1 Create a new logical volume #lvcreate -n lvm1 -l 100%VG vg1 Install packages for target configuration # yum install -y targetcli Enable and strart the target service # systemctl enable target && sys...

Linux CentOS 7 - Samba server and client  Share a directory via samba so that all users/clients within the example.com domain can read its content; user smbuser1 must have read access  On system1   Install and activate Samba on Server: # yum install samba samba-common-tools –y # systemctl enable smb nmb  # systemctl start smb nmb Firewall rule for Samba: # firewall-cmd –permanent –add-service=samba # firewall-cmd –reload  Create the directory # mkdir /samba-share # chmod 777 /samba-share Create Samba User: # useradd smbuser1 –s /sbin/nologin  # smbpasswd –a smbuser1 Enable Samba user # smppasswd -e smbuser1 enable user   Test user database # pdbedit –L Create your share on the configuration file  # vim /etc/samba/smb.conf  You can allow a specific host in the Global Options if required; [samba]         comment = samba share         path = /...

Linux CentOS 7 - NFS Configuration Setup: 2 systems, sysmtem1 and system2 in the example.com domain; IP address of interface ens33 on system1: 192.168.189.140/24 IP address of interface ens33 on system2: 192.168.189.141/24 CentOS version 7.6 Export a public directory on system1 with read-only access to system2.example.com On system1.example.com: yum install nfs* -y vim /etc/sysconfig/nfs        RPCNFSDARGS="-V4.2" systemctl enable nfs-server systemctl start nfs-server firewall-cmd --permanent --add-service=nfs firewall-cmd --permanent --add-service=mountd firewall-cmd --permanent --add-service=rpc-bind firewall-cmd --reload mkdir /public chmod 777 /public getsebool -a | grep nfs (no changes required on default settings) semanage fcontext -a -t public_content_t '/public(/.*)?' restorecon -RFv /public vim /etc/exports /public *.example.com(ro,sync) exportfs -var systemctl restart nfs-server showmount -e localhost On system...