Sunday, January 25, 2015

Kernal panic

Request you to assist for the attached error while rebooted my system

Qamre Alam

<linux9833102210@gmail.com>



Error says some problem in HDD. Please check your HDD whether is connected 
properly or not. 

If everything is fine and still you get error than boot your system from 
Redhat installation disk and go to rescue mode and run fsck in root(/) file 
system. 

Your hard disk corrupted 

1)boot system with Live CD 
2) execute "fdisk -l" 
can you see hard disk partitions ? 
3)if yes, try to execute "fsck /dev/PARTITION_NAME , then reboot system 
4)if no, you lost some partitions..., try to recover it 
also you can create lost partitions and restore from latest clean backup 

Q: did you change anything before rebooting ?

kshitij totare

<kshitij13093@gmail.com>




Thursday, January 22, 2015

error in VMware workstation 10 while installing centos 5.

I just install vmware 10 & want to install centos in that with iso image in graphical mode
but when i m trying to install at the end i got this error no free space for selected packages,However i keep HD 50 gb n 1gb ram...
i just create / partition of 100 mb after this also i got same error
please help on same.........

Sudhir Sakore

<sudhirsakore@gmail.com>




 Try keeping your / partition around 5Gb and then check 
Jeetu Patel

<jeetupatel9129@gmail.com>



How many partition you have created? 
 
Qamre Alam<linux9833102210@gmail.com>
 
 
 yet i created only 1 that is / . before this i created / , /boot, /swap,/ home...then also i got same error
but now i created only / partition of 100 MB then also i getting same error

Sudhir Sakore

<sudhirsakore@gmail.com>
 
 
 it's done.......but  in text mode it works with 100 mb ...how it is.
 

Sudhir Sakore

<sudhirsakore@gmail.com>
 
 
 
 
 Pls let us know partition scheme.

If ur having multiple partitions then, pls let us know size for following partition:

/
/usr
 

Nilesh Chavan

<nileshdc8@gmail.com>
 
 
 
just make only 3 partion
/
/boot
/swap
give / 1gb
/boot 512mb
/swap double of ram

faizkamp@gmail.com

<faiz16ahmad@gmail.com>
 
 
 
 
 
 
 
 
 
 
 

Wednesday, January 21, 2015

I need to restrict ssh port (22)

I need to restrict ssh port (22) and mongod port (27017) to be accessible from my office network only, our office network range is 192.168.1.* and 192.168.2.*.

please help me with firewall settings to restict the access to above to ip range 192.168.1.* and 192.168.2.

Mevalal Yadav

<mevalal.yadav@gmail.com>



 # Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.2.0/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A INPUT -s 192.168.2.0/255.255.255.0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j REJECT
-A INPUT -p tcp -m tcp --dport 27017 -j REJECT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT


Devendra Joshi

<devendra.joshi9987@gmail.com>


 you can user TCP wrapper as well as iptables for this or both.

/etc/hosts.deny
sshd: ALL EXCEPT 192.168.1.0/24 192.168.2.0/24
mongod: ALL EXCEPT 192.168.1.0/24 192.168.2.0/24

iptables -A INPUT -s 192.168.1.0/24,192.168.2.0/24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -d 192.1681.0/24,192.168.2.0/24 -p tcp --sport 22 -m state ESTABLISHED -j ACCEPT

iptables -A INPUT -s 192.168.1.0/24,192.168.2.0/24 -p tcp --dport 27017 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -d 192.1681.0/24,192.168.2.0/24 -p tcp --sport 27017 -m state ESTABLISHED -j ACCEPT

Nilesh Chavan

<nileshdc8@gmail.com>




Thanks for your reply, I have below doubts :
1. do i need to run all the commands one after anothere
2. do i need to prefix iptables cmd before each line abov.
 

Mevalal Yadav

<mevalal.yadav@gmail.com>
 
 

Edit iptables files, then paste following 6 iptables rules which are mark bellow,
u have to put 6 rules before -A INPUT -j REJECT --reject-with icmp-host-prohibited  this rule

[root@server ~]# vi /etc/sysconfig/iptables


-A INPUT -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.2.0/255.255.255.0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A INPUT -s 192.168.2.0/255.255.255.0 -p tcp -m tcp --dport 27017 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j REJECT
-A INPUT -p tcp -m tcp --dport 27017 -j REJECT


[root@server ~]# /etc/init.d/iptables restart

Do this. & check
 
 

Devendra Joshi

<devendra.joshi9987@gmail.com>

dd command

dd if =/dev/sda of=funny  bs=1 count=512
In this command  what is the
meaning  of  bs and  count

ganesh kumar dubey

<dubeyganeshkumar07@gmail.com>



Please refer below notes.
Bs is the block size is the physical size of a block.
Source is the data being read. Target is where the data gets written.
Warning!! If you reverse the source and target, you can wipe out a lot of data. This feature has inspired the nickname "dd" Data Destroyer. Warning!! Caution should be observed when using dd to duplicate encrypted partitions.
Examples: duplicate one hard disk partition to another hard disk partition: Sda2 and sdb2 are partitions. You want to duplicate sda2 to sdb2.
Code:
dd if=/dev/sda2 of=/dev/sdb2 bs=4096 conv=notrunc,noerror
If sdb2 doesn't exist, dd will start at the beginning of the disk, and create it. Be careful with order of if and of. You can write a blank disk to a good disk if you get confused. If you duplicate a smaller partition to a larger one, using dd, the larger one will now be formatted the same as the smaller one. And there will be no space left on the drive. The way around this is to use
Code:
rsync
, as described below.
To make an iso image of a CD: This duplicates sector for sector. MyCD.iso will be a hard disk image file of the CD.
Code:
dd if=/dev/hdc of=/home/sam/myCD.iso bs=2048 conv=sync,notrunc
You can mount the image like this:
Code:
mkdir /mnt/myCD
mount -o loop /home/sam/myCD.iso /mnt/myCD
This will make the CD root directory the working directory, and display the CD root directory.
Code:
cd /mnt/myCD
This will duplicate a floppy disk to hard drive image file:
Code:
dd if=/dev/fd0 of=/home/sam/floppy.imageIf you're concerned about spies taking the platters out of your hard drive, and scanning them using superconducting quantum-interference detectors, you can always add a "for" loop for US Government DoD approved secure hard disk erasure. Copy and paste the following two lines into a text editor.
Code:
#!/bin/bash
for n in `seq 7`; do dd if=/dev/urandom of=/dev/sda bs=8b conv=notrunc; done
Save the file as anti_scqid.
Code:
chmod +x anti_swqid
Don't run the program until you want to wipe the drive.
Best Laptop Backup: Purchase a laptop drive and an USB 2.0 drive enclosure (Total cost $100.00USD). Assemble the lappy drive into the external enclosure. Plug the external drive into the lappy USB port, and boot with The Knoppix live CD. Launch a terminal. This command will backup the existing drive:
Code:
dd if=/dev/hda of=/dev/sda bs=64k conv=notrunc,noerror
This command will restore from the USB drive to the existing drive:
Code:
dd if=/dev/sda of=/dev/hda bs=64k conv=notrunc,noerror
If the existing disk fails, you can boot from the external drive backup and have your system back instantaneously.
This series will make a DVD backup of hard drive partition:
Code:
dd if=/dev/hda3 of=/home/sam/backup_set_1.img bs=1M count=4430
dd if=/dev/hda3 skip=4430 of=/home/sam/backup_set_2.img bs=1M count=4430 
dd if=/dev/hda3 skip=8860 of=/home/sam/backup_set_3.img bs=1M count=4430
And so on. This series will burn the images to DVD+/-R/RW:
Code:
wodim -dev=/dev/hdc --driveropts=burnfree /home/sam/backup_set_1.img
and so forth. To restore the from the backup, load the DVDs in order, and use commands like these:
Code:
dd if=/media/dvd/backup_set_1.img of=/dev/hda3 bs=1M conv=sync,noerror
Load another DVD
Code:
dd if=/media/dvd/backup_set_2.img of=/dev/hda3 seek=4430 bs=1M conv=sync,noerror
Load another DVD
Code:
dd if=/media/dvd/backup_set_3.img of=/dev/hda3 seek=8860 bs=1M conv=sync,noerror
 

Anil Mavarkar

<anilmavarkar@gmail.com>


bs= sets the blocksize, for example bs=1M would be 1MiB blocksize.
count= copies only this number of blocks (the default is for dd to keep going forever or until the input runs out). Ideally blocks are of bs= size but there may be incomplete reads, so if you use count= in order to copy a specific amount of data (count*bs), you should also supply iflag=fullblock.

Please refer below mentioned link for more information.

http://unix.stackexchange.com/questions/134299/dd-bs-count-seek


Shashikant More

<m.shashikant86@gmail.com>

 DD command uis used to copy data. Only superuser can execute dd command.


BS = Block size.

Count = No. of blocks to be define  (Its only integer no.)


Example :1)


#dd if =/dev/sda of=funny  bs=1 count=512


“if” represents inputfile, and “of” represents output file. So the exact copy of /dev/sda will be available in /dev/sdb.


BS=1 (This will take default block size)  

To find default block size use below command :


# tune2fs -l /dev/sda1 | grep -i 'block size'


If default block size is 8k then calculation will be  8k X 512 = 4096KB



Example :2)

You can also define BS size in MB or GB

#dd if =/dev/sda of=funny  bs=1MB count=512

This will create 512 MB size of funny file.



Refer below link for DD command examples : 



Tushar Bachhav

<bachhav.tushar@gmail.com>
 
 
 
 


Tuesday, January 20, 2015

Boot process

Boot Process in Linux (Redhat Linux & CentOS 5&6)

Linux Boot Process:


Press the power button on your system, and after few moments you see the Linux login prompt.

Have you ever wondered what happens behind the scenes from the time you press the power button until the Linux login prompt appears?
The following are the 6 high level stages of a typical Linux boot process. 

1. BIOS
§  BIOS stands for Basic Input/Output System

§  Performs some system integrity checks

§  Searches, loads, and executes the boot loader program.

§  It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.

§  Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.

§  So, in simple terms BIOS loads and executes the MBR boot loader.
2. MBR
§  MBR stands for Master Boot Record.

§  It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda

§  MBR is less than 512 bytes in size.

§  It contains information about GRUB (or LILO in old systems).

§  So, in simple terms MBR loads and executes the GRUB boot loader.
3. GRUB
§  GRUB stands for Grand Unified Bootloader.

§  If you have multiple kernel images installed on your system, you can choose which one to be executed.

§  GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.

§  GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).

§  Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is sample grub.conf of CentOS.
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.el5PAE)
          root (hd0,0)
          kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
          initrd /boot/initrd-2.6.18-194.el5PAE.img

§  As you notice from the above info, it contains kernel and initrd image.

§  So, in simple terms GRUB just loads and executes Kernel and initrd images.
4. Init
§  Looks at the /etc/inittab file to decide the Linux run level.

§  Following are the available run levels
§  0 – halt
§  1 – Single user mode
§  2 – Multiuser, without NFS
§  3 – Full multiuser mode
§  4 – unused
§  5 – X11
§  6 – reboot

§  Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.

§  Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level

§  If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.

§  Typically you would set the default run level to either 3 or 5.
5. Runlevel programs
§  When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.

§  Depending on your default init level setting, the system will execute the programs from one of the following directories.

§  Run level 0 – /etc/rc.d/rc0.d/
§  Run level 1 – /etc/rc.d/rc1.d/
§  Run level 2 – /etc/rc.d/rc2.d/
§  Run level 3 – /etc/rc.d/rc3.d/
§  Run level 4 – /etc/rc.d/rc4.d/
§  Run level 5 – /etc/rc.d/rc5.d/
§  Run level 6 – /etc/rc.d/rc6.d/

§  Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.

§  Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.

§  Programs starts with S are used during startup. S for startup.

§  Programs starts with K are used during shutdown. K for kill.

§  There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.

§  For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.

There you have it. That is what happens during the Linux boot process

Configure printer

Hi everyone, how to configure printer on Linux. Please send steps or docs if any.

farista singh singhfarista@gmail.com


Ravindra Sargar ravindra.sargar@gmail.com

string matching

I want to replace a string using perl or sed or any other  which exactly matches, I have googled it but not find suitable for me.  Can some please help me in that case ?

Suresh R. Garge garge.suresh1@gmail.com


 s/\bgreen\b/mauve/g;  



 Suresh R. Garge garge.suresh1@gmail.com

Postfix with DNS MX records

If anybody was successful in configuring postfix using DNS MX records then plz share the steps.

zahid karnekar zahid.k11@gmail.com


Devendra Joshi devendra.joshi9987@gmail.com

restrict users from creating image of server

I am setting up my server environment on premises so client of our application server will have  access to server hardware as well as software.
I am concerning about if the client side manage to create a copy( image ) of the server they may miss use of application and go beyond what they are authorised for.
I want to know how can I secure my server from creating image by someone.
Note:  Cent Os flavour of linux is being used to be a server. 


bankat vikhe vikhe.bankat92@gmail.com

SFTP Issue.

Hi Friends,

I wants to user SFTP (port 22) for the FTP Purpose however at the same
time we need to make sure that user will not not able to take ssh
connection on server(putty, cmd etc.) and logs should also get trigger
for SFTP.

It's quite urgent, we have one of the show-stopper  issue occurred due
to this, Please revert as earliest.

vishal karande karande.vishal23@gmail.com


Multazim Deshmukh multazim.deshmukh0786@gmail.com


No Luck, User not able to do the sftp with provided shell .

Hi Multazim,

I have tried this earlier but it's giving error while restarting the
ssh service.

[root@localhost ~]# service sshd restart
Stopping sshd:                                             [FAILED]
Starting sshd: /etc/ssh/sshd_config: line 123: Bad configuration option: Match
/etc/ssh/sshd_config: line 124: Bad configuration option: ChrootDirectory
/etc/ssh/sshd_config: line 125: Bad configuration option: ForceCommand
/etc/ssh/sshd_config: terminating, 3 bad configuration options
                                                           [FAILED]
[root@localhost ~]# date
Thu Nov 27 00:13:00 PST 2014
[root@localhost ~]#

###########################################################################

Please find /etc/passwd and sshd_config file conf for reference.

vishal:x:500:500:RHEL_5_TEST_VM:/home/vishal:/bin/bash
#test:x:501:501::/home/test:/sbin/nologin
test:x:501:501::/home/test:/usr/libexec/openssh/sftp-server
ftptest:x:502:502::/home/ftptest:/usr/sbin/nologin
guestuser:x:503:503::/incoming:/sbin/nologin

###################################################################

# override default of no subsystems
#Subsystem      sftp    /usr/libexec/openssh/sftp-server
Subsystem       sftp    internal-sftp
#Subsystem    sftp    /usr/libexec/openssh/sftp-server -f LOCAL5 -l INFO
#Subsystem       sftp    /usr/libexec/openssh/sftp-server -l INFO -f AUTH

Match Group sftpusers
        ChrootDirectory /sftp/%u
        ForceCommand internal-sftp

#sftp logging
#local5.*                        /var/log/sftpd.log
[root@localhost ~]# date
Thu Nov 27 00:16:13 PST 2014
[root@localhost ~]#
####################################################################



vishal karande karande.vishal23@gmail.com



These commands for SFTP chroot is supported in OpenSSH 4.9p1 & higher versions.
Please check your openssh version and upgrade it to higher version.
Let me know the outcome.