SlideShare una empresa de Scribd logo

Unix tc

Descargar como PPTX, PDF
Bill Chea
Bill Chea
1 de 14
The Open Source Solutions Center Red Hat Enterprise Linux Installation, Trouble Shooting and Security Services Prepared By: KIM Heanh
About: KIM Heanh • 6 years experiences on Network Professional Trainer • Completed Training Skill from India
Objectives • RED HAT Enterprise Linux • The Fedora Project • RED HAT Installation Method • Fault Analysis • Fix problems in different areas of the Linux system • Boot the system into various runlevels • Use the Rescue environment • TCP_wrappers • SELinux Management • Iptables rules considerations
RED HAT Enterprise Linux • Enterprise-targeted operating system • Focused on mature open source technology • 18-24 month release cycle
The Fedora Project • Red Hat sponsored open source project • Focused on latest open source technology – Rapid four to six month release cycle – Available as free download from the Internet • An open, community-supported proving ground for technologies which may be used in upcoming enterprise products • Red Hat does not provide formal support
RED HAT Installation Method • Available Installation Methods: – Local CDROM – USB – Hard drive – NFS image – FTP – HTTP – PXE – vmlinuz – vnc • Kickstart – Scripted Installation method – Supports all Anaconda features
Fault Analysis • Useful commands – grub-install – mkinitrd – chroot – rpm -ivh --force – service <service process> configtest • Useful file locations – /etc/inittab – /etc/fstab – /etc/grub.conf
Fix problems in different areas of the Linux system • Based on console running Ctrl + Alt (F1-F6) • ssh remote
Recovery Run-Levels • The default runlevel file /etc/inittab • Runleve 1, s, S or single
Rescue Environment • Required when root filesystem is unavailable • Boot from CDROM (boot.iso or CD #1) • Boot from diskboot.img on USB key
tcp_wrappers • Three stages of access checking Is access explicitly permitted? Otherwise, is access explicitly denied? Otherwise, by default, permit access! • Configuration stored in two files: Permissions in /etc/hosts.allow Denials in /etc/hosts.deny
SELinux: Management • Modes: Enforcing, Permissive, Disabled Changing enforcement is allowed in the Targeted policy getenforce setenforce 0 | 1 Disable from GRUB with selinux=0
iptables rules considerations • Mostly closed is appropriate iptables -P INPUT DROP iptables -A INPUT -j DROP iptables -A INPUT -j REJECT • Criteria also apply to loopback interface The example rules above will have the side effect of blocking localhost!
Question?

Recomendados

Systems administration for coders presentation
Systems administration for coders presentationSystems administration for coders presentation
Systems administration for coders presentation
Matt Willsher
 
Diagnostics of a Linux System
Diagnostics of a Linux SystemDiagnostics of a Linux System
Diagnostics of a Linux System
Novell
 
Opening last bits of the infrastructure
Opening last bits of the infrastructureOpening last bits of the infrastructure
Opening last bits of the infrastructure
Erwan Velu
 
Embedded Systems: Lecture 6: Linux & GNU
Embedded Systems: Lecture 6: Linux & GNUEmbedded Systems: Lecture 6: Linux & GNU
Embedded Systems: Lecture 6: Linux & GNU
Ahmed El-Arabawy
 
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiEmbedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Ahmed El-Arabawy
 
Course 101: Lecture 5: Linux & GNU
Course 101: Lecture 5: Linux & GNU Course 101: Lecture 5: Linux & GNU
Course 101: Lecture 5: Linux & GNU
Ahmed El-Arabawy
 
Embedded Systems: Lecture 5: A Tour in RTOS Land
Embedded Systems: Lecture 5: A Tour in RTOS LandEmbedded Systems: Lecture 5: A Tour in RTOS Land
Embedded Systems: Lecture 5: A Tour in RTOS Land
Ahmed El-Arabawy
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linux
PT Lotus Indah Textile Industries
 

Recomendados

Systems administration for coders presentation
Systems administration for coders presentationSystems administration for coders presentation
Systems administration for coders presentation
Matt Willsher
 
Diagnostics of a Linux System
Diagnostics of a Linux SystemDiagnostics of a Linux System
Diagnostics of a Linux System
Novell
 
Opening last bits of the infrastructure
Opening last bits of the infrastructureOpening last bits of the infrastructure
Opening last bits of the infrastructure
Erwan Velu
 
Embedded Systems: Lecture 6: Linux & GNU
Embedded Systems: Lecture 6: Linux & GNUEmbedded Systems: Lecture 6: Linux & GNU
Embedded Systems: Lecture 6: Linux & GNU
Ahmed El-Arabawy
 
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry PiEmbedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Embedded Systems: Lecture 7: Lab 1: Preparing the Raspberry Pi
Ahmed El-Arabawy
 
Course 101: Lecture 5: Linux & GNU
Course 101: Lecture 5: Linux & GNU Course 101: Lecture 5: Linux & GNU
Course 101: Lecture 5: Linux & GNU
Ahmed El-Arabawy
 
Embedded Systems: Lecture 5: A Tour in RTOS Land
Embedded Systems: Lecture 5: A Tour in RTOS LandEmbedded Systems: Lecture 5: A Tour in RTOS Land
Embedded Systems: Lecture 5: A Tour in RTOS Land
Ahmed El-Arabawy
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linux
PT Lotus Indah Textile Industries
 
Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
Ahmed El-Arabawy
 
Building Embedded Linux
Building Embedded LinuxBuilding Embedded Linux
Building Embedded Linux
Sherif Mousa
 
Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu
Ahmed El-Arabawy
 
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux BoxEmbedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
Ahmed El-Arabawy
 
Embedded Linux Basics
Embedded Linux BasicsEmbedded Linux Basics
Embedded Linux Basics
Marc Leeman
 
Bz backtrack.usage
Bz backtrack.usageBz backtrack.usage
Bz backtrack.usage
djenoalbania
 
Building Mini Embedded Linux System for X86 Arch
Building Mini Embedded Linux System for X86 ArchBuilding Mini Embedded Linux System for X86 Arch
Building Mini Embedded Linux System for X86 Arch
Sherif Mousa
 
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi APEmbedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Ahmed El-Arabawy
 
Firebird on Linux
Firebird on LinuxFirebird on Linux
Firebird on Linux
Mind The Firebird
 
QNAP Multimedia Server and Player
QNAP Multimedia Server and Player QNAP Multimedia Server and Player
QNAP Multimedia Server and Player
Hernan Lopez
 
ONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
ONIE: Open Network Install Environment @ OSDC 2014 Netways, BerlinONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
ONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
Nat Morris
 
QNAP Control4 Training
QNAP Control4 TrainingQNAP Control4 Training
QNAP Control4 Training
Hernan Lopez
 
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGICXPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
The Linux Foundation
 
Fast boot
Fast bootFast boot
Fast boot
SZ Lin
 
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practiceEmbedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
EmbeddedFest
 
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theoryEmbedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
EmbeddedFest
 
Course 101: Lecture 1: Introduction to Embedded Systems
Course 101: Lecture 1: Introduction to Embedded SystemsCourse 101: Lecture 1: Introduction to Embedded Systems
Course 101: Lecture 1: Introduction to Embedded Systems
Ahmed El-Arabawy
 
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B KuteUnit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
Tushar B Kute
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practice
Chris Simmonds
 
Linux red hat overview and installation
Linux red hat overview and installationLinux red hat overview and installation
Linux red hat overview and installation
devenderbhati
 
Open street map
Open street mapOpen street map
Open street map
Bill Chea
 
How to build up communication skill
How to build up communication skillHow to build up communication skill
How to build up communication skill
Bill Chea
 

Más contenido relacionado

La actualidad más candente

Building Embedded Linux
Building Embedded LinuxBuilding Embedded Linux
Building Embedded Linux
Sherif Mousa
 
Bz backtrack.usage
Bz backtrack.usageBz backtrack.usage
Bz backtrack.usage
djenoalbania
 
QNAP Multimedia Server and Player
QNAP Multimedia Server and Player QNAP Multimedia Server and Player
QNAP Multimedia Server and Player
Hernan Lopez
 
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGICXPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
The Linux Foundation
 
Linux red hat overview and installation
Linux red hat overview and installationLinux red hat overview and installation
Linux red hat overview and installation
devenderbhati
 

La actualidad más candente (20)

Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
Embedded Systems: Lecture 10: Introduction to Git & GitHub (Part 1)
 
Building Embedded Linux
Building Embedded LinuxBuilding Embedded Linux
Building Embedded Linux
 
Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu Course 101: Lecture 6: Installing Ubuntu
Course 101: Lecture 6: Installing Ubuntu
 
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux BoxEmbedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
Embedded Systems: Lecture 8: The Raspberry Pi as a Linux Box
 
Embedded Linux Basics
Embedded Linux BasicsEmbedded Linux Basics
Embedded Linux Basics
 
Bz backtrack.usage
Bz backtrack.usageBz backtrack.usage
Bz backtrack.usage
 
Building Mini Embedded Linux System for X86 Arch
Building Mini Embedded Linux System for X86 ArchBuilding Mini Embedded Linux System for X86 Arch
Building Mini Embedded Linux System for X86 Arch
 
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi APEmbedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
Embedded Systems: Lecture 8: Lab 1: Building a Raspberry Pi Based WiFi AP
 
Firebird on Linux
Firebird on LinuxFirebird on Linux
Firebird on Linux
 
QNAP Multimedia Server and Player
QNAP Multimedia Server and Player QNAP Multimedia Server and Player
QNAP Multimedia Server and Player
 
ONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
ONIE: Open Network Install Environment @ OSDC 2014 Netways, BerlinONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
ONIE: Open Network Install Environment @ OSDC 2014 Netways, Berlin
 
QNAP Control4 Training
QNAP Control4 TrainingQNAP Control4 Training
QNAP Control4 Training
 
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGICXPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
XPDS16: Hypervisor Enforced Data Loss Prevention - Neil Sikka, A1LOGIC
 
Fast boot
Fast bootFast boot
Fast boot
 
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practiceEmbedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
Embedded Fest 2019. Wei Fu. Linux on RISC-V--Fedora and Firmware in practice
 
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theoryEmbedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
Embedded Fest 2019. Руслан Биловол. Linux Boot: The Big Bang theory
 
Course 101: Lecture 1: Introduction to Embedded Systems
Course 101: Lecture 1: Introduction to Embedded SystemsCourse 101: Lecture 1: Introduction to Embedded Systems
Course 101: Lecture 1: Introduction to Embedded Systems
 
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B KuteUnit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
Unit 6 Operating System TEIT Savitribai Phule Pune University by Tushar B Kute
 
Read-only rootfs: theory and practice
Read-only rootfs: theory and practiceRead-only rootfs: theory and practice
Read-only rootfs: theory and practice
 
Linux red hat overview and installation
Linux red hat overview and installationLinux red hat overview and installation
Linux red hat overview and installation
 

Destacado

Open street map
Open street mapOpen street map
Open street map
Bill Chea
 
How to build up communication skill
How to build up communication skillHow to build up communication skill
How to build up communication skill
Bill Chea
 
Safety social media for positive social change
Safety social media for positive social changeSafety social media for positive social change
Safety social media for positive social change
Bill Chea
 
Open development cambodia
Open development cambodiaOpen development cambodia
Open development cambodia
Bill Chea
 

Destacado (7)

Open street map
Open street mapOpen street map
Open street map
 
How to build up communication skill
How to build up communication skillHow to build up communication skill
How to build up communication skill
 
Safety social media for positive social change
Safety social media for positive social changeSafety social media for positive social change
Safety social media for positive social change
 
Sithi hub
Sithi hubSithi hub
Sithi hub
 
UrbanVoice
UrbanVoiceUrbanVoice
UrbanVoice
 
Open development cambodia
Open development cambodiaOpen development cambodia
Open development cambodia
 
Unix - An Introduction
Unix - An IntroductionUnix - An Introduction
Unix - An Introduction
 

Similar a Unix tc

linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdflinuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
EduclentMegasoftel
 
Linux操作系统01 简介
Linux操作系统01 简介Linux操作系统01 简介
Linux操作系统01 简介
lclsg123
 
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made EasyBrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
Schlomo Schapiro
 
Facing enterprise specific challenges – utility programming in hadoop
Facing enterprise specific challenges – utility programming in hadoopFacing enterprise specific challenges – utility programming in hadoop
Facing enterprise specific challenges – utility programming in hadoop
fann wu
 

Similar a Unix tc (20)

CentOS Stream at Facebook
CentOS Stream at FacebookCentOS Stream at Facebook
CentOS Stream at Facebook
 
The Ultimate IBM and Lotus on Linux Workshop for Windows Admins
The Ultimate IBM and Lotus on Linux Workshop for Windows AdminsThe Ultimate IBM and Lotus on Linux Workshop for Windows Admins
The Ultimate IBM and Lotus on Linux Workshop for Windows Admins
 
Deployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxDeployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS Linux
 
CentOS at Facebook
CentOS at FacebookCentOS at Facebook
CentOS at Facebook
 
linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdflinuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
linuxredhatoverviewandinstallation-121012094248-phpapp01 (1).pdf
 
Linux: Everyting-as-a-service
Linux: Everyting-as-a-serviceLinux: Everyting-as-a-service
Linux: Everyting-as-a-service
 
Upgrading CentOS on the Facebook fleet
Upgrading CentOS on the Facebook fleetUpgrading CentOS on the Facebook fleet
Upgrading CentOS on the Facebook fleet
 
[발표자료] 오픈소스 Pacemaker 활용한 zabbix 이중화 방안(w/ Zabbix Korea Community)
[발표자료] 오픈소스 Pacemaker 활용한 zabbix 이중화 방안(w/ Zabbix Korea Community) [발표자료] 오픈소스 Pacemaker 활용한 zabbix 이중화 방안(w/ Zabbix Korea Community)
[발표자료] 오픈소스 Pacemaker 활용한 zabbix 이중화 방안(w/ Zabbix Korea Community)
 
Building community with CentOS Stream
Building community with CentOS StreamBuilding community with CentOS Stream
Building community with CentOS Stream
 
File000127
File000127File000127
File000127
 
Linux basics (part 2)
Linux basics (part 2)Linux basics (part 2)
Linux basics (part 2)
 
Docker and the Linux Kernel
Docker and the Linux KernelDocker and the Linux Kernel
Docker and the Linux Kernel
 
Developing a Ceph Appliance for Secure Environments
Developing a Ceph Appliance for Secure EnvironmentsDeveloping a Ceph Appliance for Secure Environments
Developing a Ceph Appliance for Secure Environments
 
Linux操作系统01 简介
Linux操作系统01 简介Linux操作系统01 简介
Linux操作系统01 简介
 
Linux
LinuxLinux
Linux
 
What's new with CentOS at Facebook
What's new with CentOS at FacebookWhat's new with CentOS at Facebook
What's new with CentOS at Facebook
 
DevOps For Solo Developers
DevOps For Solo DevelopersDevOps For Solo Developers
DevOps For Solo Developers
 
2. introduction to linux
2. introduction to linux2. introduction to linux
2. introduction to linux
 
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made EasyBrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
BrainShare 2010 SLC - ELS306 Linux Disaster Recovery Made Easy
 
Facing enterprise specific challenges – utility programming in hadoop
Facing enterprise specific challenges – utility programming in hadoopFacing enterprise specific challenges – utility programming in hadoop
Facing enterprise specific challenges – utility programming in hadoop
 

Más de Bill Chea

Xen cloud platform
Xen cloud platformXen cloud platform
Xen cloud platform
Bill Chea
 
Save time by using sass to develop css
Save time by using sass to develop cssSave time by using sass to develop css
Save time by using sass to develop css
Bill Chea
 
Job hunting & career development
Job hunting & career developmentJob hunting & career development
Job hunting & career development
Bill Chea
 
Internet security
Internet securityInternet security
Internet security
Bill Chea
 
Google mapmaker
Google mapmakerGoogle mapmaker
Google mapmaker
Bill Chea
 
Financial job study travel planning
Financial job study travel planningFinancial job study travel planning
Financial job study travel planning
Bill Chea
 
ERP web based system
ERP web based systemERP web based system
ERP web based system
Bill Chea
 
10 golden features of business website
10 golden features of business website10 golden features of business website
10 golden features of business website
Bill Chea
 
UrbanVoicePDF
UrbanVoicePDFUrbanVoicePDF
UrbanVoicePDF
Bill Chea
 
4 hour-workweek-blogger
4 hour-workweek-blogger4 hour-workweek-blogger
4 hour-workweek-blogger
Bill Chea
 

Más de Bill Chea (15)

Xen cloud platform
Xen cloud platformXen cloud platform
Xen cloud platform
 
Why ruby
Why rubyWhy ruby
Why ruby
 
Save time by using sass to develop css
Save time by using sass to develop cssSave time by using sass to develop css
Save time by using sass to develop css
 
Less css
Less cssLess css
Less css
 
Job hunting & career development
Job hunting & career developmentJob hunting & career development
Job hunting & career development
 
Internet security
Internet securityInternet security
Internet security
 
Google mapmaker
Google mapmakerGoogle mapmaker
Google mapmaker
 
Financial job study travel planning
Financial job study travel planningFinancial job study travel planning
Financial job study travel planning
 
Khmer TTS
Khmer TTSKhmer TTS
Khmer TTS
 
Khmer OCR
Khmer OCRKhmer OCR
Khmer OCR
 
Khmer ASR
Khmer ASRKhmer ASR
Khmer ASR
 
ERP web based system
ERP web based systemERP web based system
ERP web based system
 
10 golden features of business website
10 golden features of business website10 golden features of business website
10 golden features of business website
 
UrbanVoicePDF
UrbanVoicePDFUrbanVoicePDF
UrbanVoicePDF
 
4 hour-workweek-blogger
4 hour-workweek-blogger4 hour-workweek-blogger
4 hour-workweek-blogger
 

Unix tc

  • 1. The Open Source Solutions Center Red Hat Enterprise Linux Installation, Trouble Shooting and Security Services Prepared By: KIM Heanh
  • 2. About: KIM Heanh • 6 years experiences on Network Professional Trainer • Completed Training Skill from India
  • 3. Objectives • RED HAT Enterprise Linux • The Fedora Project • RED HAT Installation Method • Fault Analysis • Fix problems in different areas of the Linux system • Boot the system into various runlevels • Use the Rescue environment • TCP_wrappers • SELinux Management • Iptables rules considerations
  • 4. RED HAT Enterprise Linux • Enterprise-targeted operating system • Focused on mature open source technology • 18-24 month release cycle
  • 5. The Fedora Project • Red Hat sponsored open source project • Focused on latest open source technology – Rapid four to six month release cycle – Available as free download from the Internet • An open, community-supported proving ground for technologies which may be used in upcoming enterprise products • Red Hat does not provide formal support
  • 6. RED HAT Installation Method • Available Installation Methods: – Local CDROM – USB – Hard drive – NFS image – FTP – HTTP – PXE – vmlinuz – vnc • Kickstart – Scripted Installation method – Supports all Anaconda features
  • 7. Fault Analysis • Useful commands – grub-install – mkinitrd – chroot – rpm -ivh --force – service <service process> configtest • Useful file locations – /etc/inittab – /etc/fstab – /etc/grub.conf
  • 8. Fix problems in different areas of the Linux system • Based on console running Ctrl + Alt (F1-F6) • ssh remote
  • 9. Recovery Run-Levels • The default runlevel file /etc/inittab • Runleve 1, s, S or single
  • 10. Rescue Environment • Required when root filesystem is unavailable • Boot from CDROM (boot.iso or CD #1) • Boot from diskboot.img on USB key
  • 11. tcp_wrappers • Three stages of access checking Is access explicitly permitted? Otherwise, is access explicitly denied? Otherwise, by default, permit access! • Configuration stored in two files: Permissions in /etc/hosts.allow Denials in /etc/hosts.deny
  • 12. SELinux: Management • Modes: Enforcing, Permissive, Disabled Changing enforcement is allowed in the Targeted policy getenforce setenforce 0 | 1 Disable from GRUB with selinux=0
  • 13. iptables rules considerations • Mostly closed is appropriate iptables -P INPUT DROP iptables -A INPUT -j DROP iptables -A INPUT -j REJECT • Criteria also apply to loopback interface The example rules above will have the side effect of blocking localhost!