SlideShare una empresa de Scribd logo

4. Centos Administration

Descargar como PPT, PDF
Mohd yasin Karim
Mohd yasin Karim

administration centos

Tecnología
1 de 39
Administration By Mohd Yasin Abd Karim yasin@yasin.my
Administration • Becoming the Super User (the su Command) • Administrative GUI Tools • Many commands are intended only for root. • /sbin — This contains commands for modifying your disk partitions (such as fdisk), changing boot procedures (grub), and changing system states (init). • /usr/sbin —This contains commands for managing user accounts (such as useradd) and checking network traffic (wireshark). Commands that run as daemon processes are also contained in this directory. (Look for commands that end in d, such as sshd, pppd, and crond.)
Administrative Config Files • Almost everything you set up for your particular computer — user accounts, network addresses, or GUI preferences — is stored in plaintext files.
$HOME • All users store information in their home directories that directs how their login accounts behave. Most configuration files in $HOME begin with a dot (.), so they don’t appear as a user’s directory when you use a standard ls command (you need to type ls –a to see them)
/etc • adjtime—Holds data to adjust the hardware clock (see the hwclock man page). • aliases —Can contain distribution lists used by the Linux mail service. • bashrc—Sets system-wide defaults for bash shell users. (By default, it sets the shell prompt to include the current user name, hostname, current directory, and other values.) • cdrecord.conf —Contains defaults used for recording CDs. • crontab—Sets cron environment and times for running automated tasks. • csh.cshrc (or cshrc)—Sets system-wide defaults for csh (C shell) users. • dovecot—Contains information needed to support the dovecot IMAPv4/POP3 mail service.
/etc • esd.conf —Sets options used by the Enlightenment Sound Daemon to mix multiple audio streams into a single audio output. • exports—Contains a list of local directories that are available to be shared by remote computers using the Network File System (NFS). • fstab—Identifies the devices for common storage media (hard disk, floppy, CD-ROM, etc.) and locations where they are mounted in the Linux system. This is used by the mount command to choose which file systems to mount.
/etc • group—Identifies group names and group IDs (GIDs) that are defined in the systems. Group permissions in Linux are defined by the second of three sets of rwx (Read, Write, Execute) bits associated with each file and directory. • gshadow—Contains shadow passwords for groups. • host.conf — Sets the locations in which domain names (e.g., redhat.com) are searched for on TCP/IP networks (such as the Internet). By default, the local hosts file is searched, then any nameserver entries in resolv.conf. • hosts—Contains IP addresses and hostnames that you can reach from your computer. (Usually this file is used just to store names of computers on your LAN or small private network.) • hosts.allow—Lists host computers that are allowed to use certain TCP/IP services from the local computer. • hosts.deny—Lists host computers that are not allowed to use certain TCP/IP services from the local computer (doesn’t exist by default).
/etc • inittab—Contains information that defines which programs start and stop when Linux boots, shuts down, or goes into different states (runlevels) in between. This is the most basic configuration file for starting Linux. • issue—Contains the lines that are displayed when a terminal is ready to let you log in to your system from a local terminal, or the console in text mode. • issue.net— Contains login lines that are displayed to users who try to log in to the Linux system from a computer on the network using the telnet service. • mail.rc —Sets system-wide parameters associated with using mail. • man.config—Used by the man command to determine the default path to the location of man pages.
/etc • modprobe.conf — Contains aliases and options related to loadable kernel modules • used by your computer. • mtab—Contains a list of file systems that are currently mounted. • mtools.conf —Contains settings used by DOS tools in Linux. • named.conf —Contains DNS settings if you are running your own DNS server. • ntp.conf —Includes information needed to run the Network Time Protocol (NTP).
/etc • passwd— Stores account information for all valid users for the system. Also includes other information, such as the home directory and default shell. • printcap—Contains definitions for the printers configured for your computer. • profile —Sets system-wide environment and start-up programs for all users. This file is read when the user logs in. • protocols—Sets protocol numbers and names for a variety of Internet services. • redhat-release—Contains a string identifying the current CentOS release.
/etc • resolv.conf — Identifies the locations of DNS name server computers that are used by TCP/IP to translate Internet host.domain names into IP addresses. • rpc —Defines remote procedure call names and numbers. • services— Defines TCP/IP services and their port assignments. • shadow—Contains encrypted passwords for users who are defined in the passwd file. (This is viewed as a more secure way to store passwords than the original encrypted password in the passwd file. The passwd file needs to be publicly readable, whereas the shadow file can be unreadable by all but the root user.)
/etc • shells —Lists the shell command-line interpreters (bash, sh, csh, etc.) that are available on the system, as well as their locations. • sudoers—Sets commands that can be run by users, who may not otherwise have permission to run the command, using the sudo command. In particular, this file is used to provide selected users with root permission. • syslog.conf —Defines what logging messages are gathered by the syslogd daemon and what files they are stored in. (Typically, log messages are stored in files contained in the /var/log directory.) • termcap—Lists definitions for character terminals, so that character-based applications know what features are supported by a given terminal. Graphical terminals and applications have made this file obsolete to most people. (Termcap was the BSD UNIX way of storing terminal information; UNIX System V used definitions in /usr/share/terminfo files.)
/etc/X11 • Contains subdirectories that each contain system-wide configuration files used by X and different X window managers available for Linux. The xorg.conf file (which makes your computer and monitor usable with X) and configuration directories containing files used by xdm and xinit to start X are in here.
/etc • /etc/amanda —Contains files and directories that allow the amanda facility to do network backups of other Linux and UNIX systems. • /etc/cron* — Directories in this set contain files that define how the crond utility runs applications on a daily (cron.daily), hourly (cron.hourly), monthly (cron.monthly), or weekly (cron.weekly) schedule. • /etc/cups —Contains files that are used to configure the CUPS printing service.
/etc • /etc/default —Contains files that set default values for various utilities. For example, the file for the useradd command defines the default group number, home directory, password expiration date, shell, and skeleton directory (/etc/skel) that are used when creating a new user account. • /etc/httpd —Contains a variety of files used to configure the behavior of your Apache Web server (specifically, the httpd daemon process). • /etc/init.d — Contains links to the run-level scripts. These scripts are linked from files in the /etc/rc?.d directories to have each service associated with a script started or stopped for the particular run level. The ? is replaced by the run-level number (0 through 6).
/etc • /etc/mail —Contains files used to configure your sendmail mail service. • /etc/pcmcia — Contains configuration files that allow you to have a variety of PCMCIA cards configured for your computer. (PCMCIA slots are those openings on your laptop that allow you to have credit card–sized cards attached to your computer. You can attach such devices as modems and external CD-ROMs.) • /etc/postfix —Contains configuration files for the postfix mail transport agent. • /etc/ppp —Contains several configuration files used to set up Point-to-Point protocol (so that you can have your computer dial out to the Internet).
/etc • /etc/rc?.d —There is a separate rc?.d directory for each valid system state: rc0.d (shutdown state), rc1.d (single-user state), rc2.d (multiuser state), rc3.d (multiuser plus networking state), rc4.d (user-defined state), rc5.d (multiuser, networking, plus GUI login state), and rc6.d (reboot state). • /etc/security —Contains files that set a variety of default security conditions for your computer. These files are part of the pam (pluggable authentication modules) package. • /etc/skel —Any files contained in this directory are automatically copied to a user’s home directory when that user is added to the system. By default, most of these files are dot (.) files, such as .kde (a directory for setting KDE desktop defaults) and .bashrc (for setting default values used with the bash shell).
/etc • /etc/squid —Contains configuration files for the Squid proxy caching server. • /etc/sysconfig —Contains important system configuration files that are created and • maintained by various system services (including iptables, samba, and most networking services). • /etc/uucp —Contains configuration files used with Taylor UUCP (a nonstandard version of the uucp facility that is used to create modem, direct line, and other serial connections with other computers). • /etc/vsftpd —Contains configuration files used to set up the vsftpd FTP server. • /etc/xinetd.d —Contains a set of files, each of which defines a network service that the xinetd daemon listens for on a particular port. When the xinetd daemon process receives a request for a service, it uses the information in these files to determine which daemon processes to start to handle the request.
Administrative Log Files • keep track of itself. • monitor your system to see if people are trying to access your computer illegally. • General system logging is done by syslogd. • As root user, you can view log files with the less command or watch messages as they enter log file using the tail command (tail -f /var/log/messages).
Ongoing job as a Linux system administrator • Configuring Hardware —Often when you add hardware to your CentOS computer, that hardware will be automatically detected and configured by tools. can use commands such as lsmod, modprobe, insmod, and rmmod to configure the right modules to get the hardware working. • To see what HAL knows about your system, run the lshal command:
Ongoing job as a Linux system administrator • Managing File Systems and Disk Space —You must keep track of the disk space being consumed, especially if your CentOS system is shared by multiple users. At some point, you may need to add a hard disk or track down what is eating up your disk space (you can use commands like find, du, and df to do this).
Ongoing job as a Linux system administrator • Monitoring System Performance —You may have a runaway process on your system, or you may just be experiencing slow performance. Tools that come with CentOS can help you determine how much of your CPU and memory are being consumed.
Mounting/umount Removable Media • CD-ROM—If you are mounting a CD-ROM that is in the standard ISO 9960 format (as most software CD-ROMs are), you can mount that CD-ROM by placing it in your CD-ROM drive and typing the following: • # mount /mnt/cdrom • Floppy Disk • # mount /mnt/floppy
Checking System Space • Checking Disk Space with Disk Usage Analyzer • Displaying System Space with df • To produce output in a more human- readable form, use the -h option as follows: $ df -h
Checking Disk Usage with du • The du command is a good way to check how much space is being used by a particular user (du /home/user1) • To make the output more friendly (in kilobytes, megabytes, and gigabytes), use the –h • $ du -h /home/jake
Watch Computer Usage with System Monitor • System Monitor graphically displays your system’s CPU and memory usage. • Monitoring CPU Usage with top • By adding the -S option to top, you can have the display show you the cumulative CPU time that the process
Using Security Enhanced Linux • When you first install CentOS, you have the opportunity to enable or disable SELinux. • Targeted policies focus on services with vulnerable daemon processes • Targeted policies limit the impact that an attack on the following services can have on your server as a whole: Apache (Web server), Samba (Windows file and print sharing), FTP (file transfer protocol), NFS (network file system), and others
Policies in SELinux • Enforcing —The current SELinux policy is turned on and its policies are enforced. • Permissive —The current SELinux policy is on, but not enforced (so you only see warning messages describing how the policy would be enforced). • Disabled —SELinux is off, so only standard Linux permissions are enforced (as they always were on systems not including SELinux).
Tools in SELinux • SELinux Troubleshooter • SELinux Policy Generation Tool • SELinux Administration Window • SELinux Commands (ftpd_selinux, httpd_selinux, kerberos_selinux, named_selinux, nfs_selinux, nis_selinux, rsync_selinux, and ypbind_selinux).
Creating User Account • Command Line • GUI with User Manager
Adding Users with useradd • # useradd -c "Robert Jones" -m robert • -c "comment“ • -d home_dir • -e expire_date • -g group • -m Automatically create the user’s home directory • -p passwd • # passwd robert
Adding Users with User Manager • A graphical window for adding, changing, and deleting user accounts, you can use the User Manager window.
Adding User Accounts to Servers • To prevent a remote user from logging in and accessing a shell via ssh or another login service, you can set the default shell for a user to nologin. • # useradd -s /sbin/nologin yason • A common practice with Web hosting is to allow a user to place content on the server • # useradd -s /sbin/nologin -d /var/www/html webuser
Resetting a User’s Password • # passwd yason • # chage -M 30 -d 0 yason • The -M 30 option tells the system to expire yason’s password every 30 days. The -d 0 option tricks the system into thinking that her password has not been changed since January 1, 1970. • Keep in mind that using chage activates password aging for any account on which it is used.
Modifying User Accounts with usermod • # usermod -l mike -c "Mike Barnes" -m -d /home/mike yason
Modifying User Accounts with User Manager • Modifying User Accounts with User Manager
Deleting User Accounts • Deleting User Accounts with userdel • # userdel yason • To wipe out her home directory along with her account, type this: • # userdel -r yason • Deleting User Accounts with User Manager
System Startup and Shutdown • During system startup, a series of scripts is run to start the services that you need. • Service Configuration window.
Thank you • http://www.yasin.my

Recomendados

6. centos networking
6. centos networking6. centos networking
6. centos networking
Mohd yasin Karim
 
3. introduction of centos
3. introduction of centos3. introduction of centos
3. introduction of centos
Mohd yasin Karim
 
5. centos security
5. centos security5. centos security
5. centos security
Mohd yasin Karim
 
Building community with CentOS Stream
Building community with CentOS StreamBuilding community with CentOS Stream
Building community with CentOS Stream
Davide Cavalca
 
2. introduction to linux
2. introduction to linux2. introduction to linux
2. introduction to linux
Mohd yasin Karim
 
Centos operating system
Centos operating systemCentos operating system
Centos operating system
Agbada
 
Red hat enterprise linux 7 (rhel 7)
Red hat enterprise linux 7 (rhel 7)Red hat enterprise linux 7 (rhel 7)
Red hat enterprise linux 7 (rhel 7)
Ramola Dhande
 
linux
linuxlinux
linux
Ajay Chawda
 

Recomendados

6. centos networking
6. centos networking6. centos networking
6. centos networking
Mohd yasin Karim
 
3. introduction of centos
3. introduction of centos3. introduction of centos
3. introduction of centos
Mohd yasin Karim
 
5. centos security
5. centos security5. centos security
5. centos security
Mohd yasin Karim
 
Building community with CentOS Stream
Building community with CentOS StreamBuilding community with CentOS Stream
Building community with CentOS Stream
Davide Cavalca
 
2. introduction to linux
2. introduction to linux2. introduction to linux
2. introduction to linux
Mohd yasin Karim
 
Centos operating system
Centos operating systemCentos operating system
Centos operating system
Agbada
 
Red hat enterprise linux 7 (rhel 7)
Red hat enterprise linux 7 (rhel 7)Red hat enterprise linux 7 (rhel 7)
Red hat enterprise linux 7 (rhel 7)
Ramola Dhande
 
linux
linuxlinux
linux
Ajay Chawda
 
CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)
Mahmudul Hasan Porag
 
Install and configure linux
Install and configure linuxInstall and configure linux
Install and configure linux
Vicent Selfa
 
centOS
centOScentOS
centOS
Nikko C. Ebora
 
Linux Fundamental
Linux FundamentalLinux Fundamental
Linux Fundamental
Gong Haibing
 
Rhce ppt
Rhce pptRhce ppt
Rhce ppt
Mohammed Ben
 
Linux Training Workshop
Linux Training WorkshopLinux Training Workshop
Linux Training Workshop
Meraj Khattak
 
Rhel7 vs rhel6
Rhel7 vs rhel6Rhel7 vs rhel6
Rhel7 vs rhel6
Arunvignesh Venkatesh
 
Course 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and PermissionsCourse 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and Permissions
Ahmed El-Arabawy
 
Linux Presentation
Linux PresentationLinux Presentation
Linux Presentation
nishantsri
 
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
Mazenetsolution
 
Meeting 9 nfs network file system
Meeting 9 nfs network file systemMeeting 9 nfs network file system
Meeting 9 nfs network file system
Syaiful Ahdan
 
Introduction to Linux
Introduction to Linux Introduction to Linux
Introduction to Linux
Harish R
 
Linux
Linux Linux
Linux
Kevin James
 
An Introduction To Linux
An Introduction To LinuxAn Introduction To Linux
An Introduction To Linux
Ishan A B Ambanwela
 
Anthony McKeown Drupal Presentation
Anthony McKeown Drupal PresentationAnthony McKeown Drupal Presentation
Anthony McKeown Drupal Presentation
Tony McKeown
 
Linux basics part 1
Linux basics part 1Linux basics part 1
Linux basics part 1
Lilesh Pathe
 
Linux-training-for-beginners-in-mumbai
Linux-training-for-beginners-in-mumbaiLinux-training-for-beginners-in-mumbai
Linux-training-for-beginners-in-mumbai
Unmesh Baile
 
Presentation for RHCE in linux
Presentation for RHCE in linux Presentation for RHCE in linux
Presentation for RHCE in linux
Kuldeep Tiwari
 
Its3 Drupal
Its3 DrupalIts3 Drupal
Its3 Drupal
guest954945a
 
Get method and post method
Get method and post methodGet method and post method
Get method and post method
baabtra.com - No. 1 supplier of quality freshers
 
Administering windows xp
Administering windows xpAdministering windows xp
Administering windows xp
Samaja
 
Twitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
Twitter for Consumer Businesses: Overview of Twitter Business Uses & TrendsTwitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
Twitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
Adam Schoenfeld
 

Más contenido relacionado

La actualidad más candente

Presentation for RHCE in linux
Presentation for RHCE in linux Presentation for RHCE in linux
Presentation for RHCE in linux
Kuldeep Tiwari
 

La actualidad más candente (19)

CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)CentOS Operating System Presentation (Southeast University)
CentOS Operating System Presentation (Southeast University)
 
Install and configure linux
Install and configure linuxInstall and configure linux
Install and configure linux
 
centOS
centOScentOS
centOS
 
Linux Fundamental
Linux FundamentalLinux Fundamental
Linux Fundamental
 
Rhce ppt
Rhce pptRhce ppt
Rhce ppt
 
Linux Training Workshop
Linux Training WorkshopLinux Training Workshop
Linux Training Workshop
 
Rhel7 vs rhel6
Rhel7 vs rhel6Rhel7 vs rhel6
Rhel7 vs rhel6
 
Course 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and PermissionsCourse 102: Lecture 14: Users and Permissions
Course 102: Lecture 14: Users and Permissions
 
Linux Presentation
Linux PresentationLinux Presentation
Linux Presentation
 
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 7
 
Meeting 9 nfs network file system
Meeting 9 nfs network file systemMeeting 9 nfs network file system
Meeting 9 nfs network file system
 
Introduction to Linux
Introduction to Linux Introduction to Linux
Introduction to Linux
 
Linux
Linux Linux
Linux
 
An Introduction To Linux
An Introduction To LinuxAn Introduction To Linux
An Introduction To Linux
 
Anthony McKeown Drupal Presentation
Anthony McKeown Drupal PresentationAnthony McKeown Drupal Presentation
Anthony McKeown Drupal Presentation
 
Linux basics part 1
Linux basics part 1Linux basics part 1
Linux basics part 1
 
Linux-training-for-beginners-in-mumbai
Linux-training-for-beginners-in-mumbaiLinux-training-for-beginners-in-mumbai
Linux-training-for-beginners-in-mumbai
 
Presentation for RHCE in linux
Presentation for RHCE in linux Presentation for RHCE in linux
Presentation for RHCE in linux
 
Its3 Drupal
Its3 DrupalIts3 Drupal
Its3 Drupal
 

Destacado

Administering windows xp
Administering windows xpAdministering windows xp
Administering windows xp
Samaja
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
Arrow ECS UK
 
Direct Line Case Study
Direct Line Case StudyDirect Line Case Study
Direct Line Case Study
Mikekholt
 
CIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
CIM Digital Summit 2015 - Direct Line Group: Ash Root's PresentationCIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
CIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
CIM | The Chartered Institute of Marketing
 
Human-Rights-Report_2015
Human-Rights-Report_2015Human-Rights-Report_2015
Human-Rights-Report_2015
Cam Chau
 
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
Severalnines
 

Destacado (20)

Get method and post method
Get method and post methodGet method and post method
Get method and post method
 
Administering windows xp
Administering windows xpAdministering windows xp
Administering windows xp
 
Twitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
Twitter for Consumer Businesses: Overview of Twitter Business Uses & TrendsTwitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
Twitter for Consumer Businesses: Overview of Twitter Business Uses & Trends
 
Retail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 OverviewRetail Excellence Ireland - Cyber Threats 2015 Overview
Retail Excellence Ireland - Cyber Threats 2015 Overview
 
Global Risks Report 2014
Global Risks Report 2014Global Risks Report 2014
Global Risks Report 2014
 
Insurance Fraud Whitepaper
Insurance Fraud WhitepaperInsurance Fraud Whitepaper
Insurance Fraud Whitepaper
 
CRI Retail Cyber Threats
CRI Retail Cyber ThreatsCRI Retail Cyber Threats
CRI Retail Cyber Threats
 
World Economic Forum Global Risks 2014
World Economic Forum Global Risks 2014World Economic Forum Global Risks 2014
World Economic Forum Global Risks 2014
 
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM USI går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US
 
Aon Retail & Wholesale Update 2016
Aon Retail & Wholesale Update 2016Aon Retail & Wholesale Update 2016
Aon Retail & Wholesale Update 2016
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
Direct Line Case Study
Direct Line Case StudyDirect Line Case Study
Direct Line Case Study
 
UK food and drink market update 2016
UK food and drink market update 2016UK food and drink market update 2016
UK food and drink market update 2016
 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secure
 
CIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
CIM Digital Summit 2015 - Direct Line Group: Ash Root's PresentationCIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
CIM Digital Summit 2015 - Direct Line Group: Ash Root's Presentation
 
Mysql workbench 5
Mysql workbench 5Mysql workbench 5
Mysql workbench 5
 
Salesforce1 PlatformアーキテクチャWebinar
Salesforce1 PlatformアーキテクチャWebinarSalesforce1 PlatformアーキテクチャWebinar
Salesforce1 PlatformアーキテクチャWebinar
 
Php forms
Php formsPhp forms
Php forms
 
Human-Rights-Report_2015
Human-Rights-Report_2015Human-Rights-Report_2015
Human-Rights-Report_2015
 
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
Deep Dive Into How To Monitor MySQL or MariaDB Galera Cluster / Percona XtraD...
 

Similar a 4. Centos Administration

Lamp ppt
Lamp pptLamp ppt
Lamp ppt
Reka
 
Lamp1
Lamp1Lamp1
Lamp1
Reka
 
Lamp
LampLamp
Lamp
Reka
 
Ericas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideEricas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-Guide
Erica StJohn
 

Similar a 4. Centos Administration (20)

Lesson 2 Understanding Linux File System
Lesson 2 Understanding Linux File SystemLesson 2 Understanding Linux File System
Lesson 2 Understanding Linux File System
 
Linux filesystemhierarchy
Linux filesystemhierarchyLinux filesystemhierarchy
Linux filesystemhierarchy
 
Linux week 2
Linux week 2Linux week 2
Linux week 2
 
Lamp ppt
Lamp pptLamp ppt
Lamp ppt
 
Daemons
DaemonsDaemons
Daemons
 
Basic orientation to Linux
Basic orientation to LinuxBasic orientation to Linux
Basic orientation to Linux
 
linux installation.pdf
linux installation.pdflinux installation.pdf
linux installation.pdf
 
Linux Presentation
Linux PresentationLinux Presentation
Linux Presentation
 
Lamp1
Lamp1Lamp1
Lamp1
 
Lamp1
Lamp1Lamp1
Lamp1
 
Lamp
LampLamp
Lamp
 
Lamp ppt
Lamp pptLamp ppt
Lamp ppt
 
RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)RHCE (RED HAT CERTIFIED ENGINEERING)
RHCE (RED HAT CERTIFIED ENGINEERING)
 
Linux 4 you
Linux 4 youLinux 4 you
Linux 4 you
 
Unix Shell Script - 2 Days Session.pptx
Unix Shell Script - 2 Days Session.pptxUnix Shell Script - 2 Days Session.pptx
Unix Shell Script - 2 Days Session.pptx
 
Linux
LinuxLinux
Linux
 
Ppt
PptPpt
Ppt
 
Ericas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-GuideEricas-Linux-Plus-Study-Guide
Ericas-Linux-Plus-Study-Guide
 
Linux
Linux Linux
Linux
 
Linux Commands
Linux CommandsLinux Commands
Linux Commands
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Último (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

4. Centos Administration

  • 1. Administration By Mohd Yasin Abd Karim yasin@yasin.my
  • 2. Administration • Becoming the Super User (the su Command) • Administrative GUI Tools • Many commands are intended only for root. • /sbin — This contains commands for modifying your disk partitions (such as fdisk), changing boot procedures (grub), and changing system states (init). • /usr/sbin —This contains commands for managing user accounts (such as useradd) and checking network traffic (wireshark). Commands that run as daemon processes are also contained in this directory. (Look for commands that end in d, such as sshd, pppd, and crond.)
  • 3. Administrative Config Files • Almost everything you set up for your particular computer — user accounts, network addresses, or GUI preferences — is stored in plaintext files.
  • 4. $HOME • All users store information in their home directories that directs how their login accounts behave. Most configuration files in $HOME begin with a dot (.), so they don’t appear as a user’s directory when you use a standard ls command (you need to type ls –a to see them)
  • 5. /etc • adjtime—Holds data to adjust the hardware clock (see the hwclock man page). • aliases —Can contain distribution lists used by the Linux mail service. • bashrc—Sets system-wide defaults for bash shell users. (By default, it sets the shell prompt to include the current user name, hostname, current directory, and other values.) • cdrecord.conf —Contains defaults used for recording CDs. • crontab—Sets cron environment and times for running automated tasks. • csh.cshrc (or cshrc)—Sets system-wide defaults for csh (C shell) users. • dovecot—Contains information needed to support the dovecot IMAPv4/POP3 mail service.
  • 6. /etc • esd.conf —Sets options used by the Enlightenment Sound Daemon to mix multiple audio streams into a single audio output. • exports—Contains a list of local directories that are available to be shared by remote computers using the Network File System (NFS). • fstab—Identifies the devices for common storage media (hard disk, floppy, CD-ROM, etc.) and locations where they are mounted in the Linux system. This is used by the mount command to choose which file systems to mount.
  • 7. /etc • group—Identifies group names and group IDs (GIDs) that are defined in the systems. Group permissions in Linux are defined by the second of three sets of rwx (Read, Write, Execute) bits associated with each file and directory. • gshadow—Contains shadow passwords for groups. • host.conf — Sets the locations in which domain names (e.g., redhat.com) are searched for on TCP/IP networks (such as the Internet). By default, the local hosts file is searched, then any nameserver entries in resolv.conf. • hosts—Contains IP addresses and hostnames that you can reach from your computer. (Usually this file is used just to store names of computers on your LAN or small private network.) • hosts.allow—Lists host computers that are allowed to use certain TCP/IP services from the local computer. • hosts.deny—Lists host computers that are not allowed to use certain TCP/IP services from the local computer (doesn’t exist by default).
  • 8. /etc • inittab—Contains information that defines which programs start and stop when Linux boots, shuts down, or goes into different states (runlevels) in between. This is the most basic configuration file for starting Linux. • issue—Contains the lines that are displayed when a terminal is ready to let you log in to your system from a local terminal, or the console in text mode. • issue.net— Contains login lines that are displayed to users who try to log in to the Linux system from a computer on the network using the telnet service. • mail.rc —Sets system-wide parameters associated with using mail. • man.config—Used by the man command to determine the default path to the location of man pages.
  • 9. /etc • modprobe.conf — Contains aliases and options related to loadable kernel modules • used by your computer. • mtab—Contains a list of file systems that are currently mounted. • mtools.conf —Contains settings used by DOS tools in Linux. • named.conf —Contains DNS settings if you are running your own DNS server. • ntp.conf —Includes information needed to run the Network Time Protocol (NTP).
  • 10. /etc • passwd— Stores account information for all valid users for the system. Also includes other information, such as the home directory and default shell. • printcap—Contains definitions for the printers configured for your computer. • profile —Sets system-wide environment and start-up programs for all users. This file is read when the user logs in. • protocols—Sets protocol numbers and names for a variety of Internet services. • redhat-release—Contains a string identifying the current CentOS release.
  • 11. /etc • resolv.conf — Identifies the locations of DNS name server computers that are used by TCP/IP to translate Internet host.domain names into IP addresses. • rpc —Defines remote procedure call names and numbers. • services— Defines TCP/IP services and their port assignments. • shadow—Contains encrypted passwords for users who are defined in the passwd file. (This is viewed as a more secure way to store passwords than the original encrypted password in the passwd file. The passwd file needs to be publicly readable, whereas the shadow file can be unreadable by all but the root user.)
  • 12. /etc • shells —Lists the shell command-line interpreters (bash, sh, csh, etc.) that are available on the system, as well as their locations. • sudoers—Sets commands that can be run by users, who may not otherwise have permission to run the command, using the sudo command. In particular, this file is used to provide selected users with root permission. • syslog.conf —Defines what logging messages are gathered by the syslogd daemon and what files they are stored in. (Typically, log messages are stored in files contained in the /var/log directory.) • termcap—Lists definitions for character terminals, so that character-based applications know what features are supported by a given terminal. Graphical terminals and applications have made this file obsolete to most people. (Termcap was the BSD UNIX way of storing terminal information; UNIX System V used definitions in /usr/share/terminfo files.)
  • 13. /etc/X11 • Contains subdirectories that each contain system-wide configuration files used by X and different X window managers available for Linux. The xorg.conf file (which makes your computer and monitor usable with X) and configuration directories containing files used by xdm and xinit to start X are in here.
  • 14. /etc • /etc/amanda —Contains files and directories that allow the amanda facility to do network backups of other Linux and UNIX systems. • /etc/cron* — Directories in this set contain files that define how the crond utility runs applications on a daily (cron.daily), hourly (cron.hourly), monthly (cron.monthly), or weekly (cron.weekly) schedule. • /etc/cups —Contains files that are used to configure the CUPS printing service.
  • 15. /etc • /etc/default —Contains files that set default values for various utilities. For example, the file for the useradd command defines the default group number, home directory, password expiration date, shell, and skeleton directory (/etc/skel) that are used when creating a new user account. • /etc/httpd —Contains a variety of files used to configure the behavior of your Apache Web server (specifically, the httpd daemon process). • /etc/init.d — Contains links to the run-level scripts. These scripts are linked from files in the /etc/rc?.d directories to have each service associated with a script started or stopped for the particular run level. The ? is replaced by the run-level number (0 through 6).
  • 16. /etc • /etc/mail —Contains files used to configure your sendmail mail service. • /etc/pcmcia — Contains configuration files that allow you to have a variety of PCMCIA cards configured for your computer. (PCMCIA slots are those openings on your laptop that allow you to have credit card–sized cards attached to your computer. You can attach such devices as modems and external CD-ROMs.) • /etc/postfix —Contains configuration files for the postfix mail transport agent. • /etc/ppp —Contains several configuration files used to set up Point-to-Point protocol (so that you can have your computer dial out to the Internet).
  • 17. /etc • /etc/rc?.d —There is a separate rc?.d directory for each valid system state: rc0.d (shutdown state), rc1.d (single-user state), rc2.d (multiuser state), rc3.d (multiuser plus networking state), rc4.d (user-defined state), rc5.d (multiuser, networking, plus GUI login state), and rc6.d (reboot state). • /etc/security —Contains files that set a variety of default security conditions for your computer. These files are part of the pam (pluggable authentication modules) package. • /etc/skel —Any files contained in this directory are automatically copied to a user’s home directory when that user is added to the system. By default, most of these files are dot (.) files, such as .kde (a directory for setting KDE desktop defaults) and .bashrc (for setting default values used with the bash shell).
  • 18. /etc • /etc/squid —Contains configuration files for the Squid proxy caching server. • /etc/sysconfig —Contains important system configuration files that are created and • maintained by various system services (including iptables, samba, and most networking services). • /etc/uucp —Contains configuration files used with Taylor UUCP (a nonstandard version of the uucp facility that is used to create modem, direct line, and other serial connections with other computers). • /etc/vsftpd —Contains configuration files used to set up the vsftpd FTP server. • /etc/xinetd.d —Contains a set of files, each of which defines a network service that the xinetd daemon listens for on a particular port. When the xinetd daemon process receives a request for a service, it uses the information in these files to determine which daemon processes to start to handle the request.
  • 19. Administrative Log Files • keep track of itself. • monitor your system to see if people are trying to access your computer illegally. • General system logging is done by syslogd. • As root user, you can view log files with the less command or watch messages as they enter log file using the tail command (tail -f /var/log/messages).
  • 20. Ongoing job as a Linux system administrator • Configuring Hardware —Often when you add hardware to your CentOS computer, that hardware will be automatically detected and configured by tools. can use commands such as lsmod, modprobe, insmod, and rmmod to configure the right modules to get the hardware working. • To see what HAL knows about your system, run the lshal command:
  • 21. Ongoing job as a Linux system administrator • Managing File Systems and Disk Space —You must keep track of the disk space being consumed, especially if your CentOS system is shared by multiple users. At some point, you may need to add a hard disk or track down what is eating up your disk space (you can use commands like find, du, and df to do this).
  • 22. Ongoing job as a Linux system administrator • Monitoring System Performance —You may have a runaway process on your system, or you may just be experiencing slow performance. Tools that come with CentOS can help you determine how much of your CPU and memory are being consumed.
  • 23. Mounting/umount Removable Media • CD-ROM—If you are mounting a CD-ROM that is in the standard ISO 9960 format (as most software CD-ROMs are), you can mount that CD-ROM by placing it in your CD-ROM drive and typing the following: • # mount /mnt/cdrom • Floppy Disk • # mount /mnt/floppy
  • 24. Checking System Space • Checking Disk Space with Disk Usage Analyzer • Displaying System Space with df • To produce output in a more human- readable form, use the -h option as follows: $ df -h
  • 25. Checking Disk Usage with du • The du command is a good way to check how much space is being used by a particular user (du /home/user1) • To make the output more friendly (in kilobytes, megabytes, and gigabytes), use the –h • $ du -h /home/jake
  • 26. Watch Computer Usage with System Monitor • System Monitor graphically displays your system’s CPU and memory usage. • Monitoring CPU Usage with top • By adding the -S option to top, you can have the display show you the cumulative CPU time that the process
  • 27. Using Security Enhanced Linux • When you first install CentOS, you have the opportunity to enable or disable SELinux. • Targeted policies focus on services with vulnerable daemon processes • Targeted policies limit the impact that an attack on the following services can have on your server as a whole: Apache (Web server), Samba (Windows file and print sharing), FTP (file transfer protocol), NFS (network file system), and others
  • 28. Policies in SELinux • Enforcing —The current SELinux policy is turned on and its policies are enforced. • Permissive —The current SELinux policy is on, but not enforced (so you only see warning messages describing how the policy would be enforced). • Disabled —SELinux is off, so only standard Linux permissions are enforced (as they always were on systems not including SELinux).
  • 29. Tools in SELinux • SELinux Troubleshooter • SELinux Policy Generation Tool • SELinux Administration Window • SELinux Commands (ftpd_selinux, httpd_selinux, kerberos_selinux, named_selinux, nfs_selinux, nis_selinux, rsync_selinux, and ypbind_selinux).
  • 30. Creating User Account • Command Line • GUI with User Manager
  • 31. Adding Users with useradd • # useradd -c "Robert Jones" -m robert • -c "comment“ • -d home_dir • -e expire_date • -g group • -m Automatically create the user’s home directory • -p passwd • # passwd robert
  • 32. Adding Users with User Manager • A graphical window for adding, changing, and deleting user accounts, you can use the User Manager window.
  • 33. Adding User Accounts to Servers • To prevent a remote user from logging in and accessing a shell via ssh or another login service, you can set the default shell for a user to nologin. • # useradd -s /sbin/nologin yason • A common practice with Web hosting is to allow a user to place content on the server • # useradd -s /sbin/nologin -d /var/www/html webuser
  • 34. Resetting a User’s Password • # passwd yason • # chage -M 30 -d 0 yason • The -M 30 option tells the system to expire yason’s password every 30 days. The -d 0 option tricks the system into thinking that her password has not been changed since January 1, 1970. • Keep in mind that using chage activates password aging for any account on which it is used.
  • 35. Modifying User Accounts with usermod • # usermod -l mike -c "Mike Barnes" -m -d /home/mike yason
  • 36. Modifying User Accounts with User Manager • Modifying User Accounts with User Manager
  • 37. Deleting User Accounts • Deleting User Accounts with userdel • # userdel yason • To wipe out her home directory along with her account, type this: • # userdel -r yason • Deleting User Accounts with User Manager
  • 38. System Startup and Shutdown • During system startup, a series of scripts is run to start the services that you need. • Service Configuration window.