Monitoring Commands in RedHat Linux Servers

Important Monitoring commands in Linux

For a system and network administrator, it’s very tough to debug and monitor the Linux servers activities and performance daily. In this tutorial, I have compiled some important monitoring commands that might be useful for the Linux/UNIX administrators. All these commands are available under all flavors of UNIX and these commands are very much useful in probing the cause for the errors.

1.vmstat(Virtual Memory Statistics):

This command will display the statistics of virtual memory, CPU activity, IO Blocks, Kernel threads and many more.

Some Linux distribution will not be having this command by default, You will need to install the systat package which contains the vmstat command.

#vmstat

2. To check the Active and Inactive Memory Details:
#vmstat -a

From the above output, you can check the active and inactive memory details, the column si and so indicates the following meaning,

si = Swapped in every second from disk in kilobytes

so = Swapped out every second to disk in kilobytes

free = Total free memory spaces
3.lsof(List of Open Files):

This command is very much useful in analyzing which processes are accessing and opening the files, and the open files include are Disk files, Pipes, Devices, Network sockets. For example when you trying to unmount a filesystem and if it not unmounting which means some process is accessing that filesystem, to check which processes are accessing the filesystem we can run this “lsof” command to get the full report. With this command, we can easily identify which files are in use

4. To list all open files
#lsof

From the above output,t it showing the long listing of open files

FD =File Descriptor and under this we will have some values ,

CWD =Current working directory

rtd = Root directory

mem = Memory mapped file

txt = Program text(Data and code)

TYPE of files and its identification

DIR =Directory

REG = Regular file

To learn more about “lsof” command visit this link Importance of lsof command

For More Linux Tutorial Videos visit my Youtube channel 👇🏻👇🏻

5.tcpdump (Network Packet Analyzer):

The tcpdump is the most useful command line  Network packet analyzer or packets sniffer program which is very much useful in capturing the TCP/IP packets that received or transferred on a specified network adapter over a network. This tool has also an option to save the captured data too a file for further analysis.

6. To capture the packets from a specific interface :
#tcpdump   -i   eth0

eth0 = Logical name of the network adapter,0 indicates the first  adapter 

Cancel the program by pressing ctrl+c, you will see the below output,

Note: This command saves the output in "pcap" format which can be viewed only by the "tcpdump" command
7. To capture only “N” number of packets:

By default the “tcpdump” command captures all the packets for the specified interface until you cancel the program, now by using one special option “-c”  you can capture the specified number of packets.

Below example  captures only 4 packets

#tcpdump   -c 4 -i eth0

8. To check the Number of Interfaces in you Server, run the following command
#tcpdump  -D

8.To capture and save the Packets in a File:
#tcpdump   -w   mylog.pcap    -i   eth0

mylog.pcap= filename along with the extension .pcap

9.To View the Captured Packet Files
#tcpdump   -r    mylog.pcap

10.To Capture Packets from a specific Port:

For example, To capture the packets from the “ssh” port, run the following command,

#tcpdump   -i  eth0  port  22

11.Netstat(Network Statistics):

This command is very much useful in monitoring the Incoming and outgoing packets and also you can monitor the interface statistics. When you are having connectivity issues to your server the first most thing is you need to check the port is in listening or non-listening state, that can be done by using the netstat command. This command is very much useful for the network administrators to check and analyze the network related problems.

12. To check all Listening ports of TCP and UDP Connections:
#netstat -a  |more

From the above output from the IP 192.168.1.175, one client is connected to my server via ssh port and the connection status is ESTABLISHED

13.To List only TCP connection details
#netstat -at

14.To Display the Full Statistics by Protocols:

By default, the statistics can be displayed only for the TCP, UDP, ICMP, and IP protocols, The -s option is used to specify a set of protocols

#netstat  -s

You can check the full statistics by protocols like Number of active connections, the total number of packets received, dropped and many more.

15.To display the statistics by TCP Protocols.
#netstat  -st

You can check the total number of active connections and failed attempts via this protocol and many more you can get from this command.

For Linux, Tutorial Videos visit my YouTube channel Linux Vasanth

16.IOTOP Command:

This command is very much similar to the “top” command, the only difference is with iotop you can check the real-time disk I/O and processe. This command is useful to find the exact process and high used Disk read/write processes

I hope you have enjoyed this tutorial if so Kindly subscribe and share it with your friends.
                                          🙏🙏 Thank you 🙏🙏
#############################################################
For More Videos Subscribe My Youtube Channel  Linux Vasanth
If you found this article useful, Kindly Subscribe here 👉  Click this link to Subscribe

################################################################################

 

How to Configure SAMBA Server in Red Hat Linux?

In this article, I will explain how to setup SAMBA in Red Hat Servers followed by how to access the samba shared  files from the Windows client system.

1. With the help of the SAMBA Program, you can configure Linux server for files and printer sharing with the Microsoft Windows Client.SAMBA uses the TCP/IP Protocol for sharing the data between the cross-platform servers.

2. If you want to use Linux as a file server in a windows network, then you must have to know how to configure the SAMBA in Linux. Both Windows and Linux servers use different filesystems, It is impossible to create a Linux file server just by granting the windows clients/users to access the Linux File/Directories.

3. Windows server/system would not be able to access the data/files in the Linux Directories. So many differences are there between Windows and Linux  file systems, Let me tell you one example,

Windows filenames are not  Case sensitive whereas Linux filenames are case-sensitive, In windows data.txt and Data.txt are the same file, In Linux, both the files are different individual files.

4. Windows uses the CIFS(Common Internet File System) protocol for the sharing and this protocol is developed from the Server Message Block(SMB) protocol.

5.SAMBA is implemented by these two Protocols SMB&CIFS

6. Linux Doesn’t have SMB support by default, this is why SAMBA is required here, So SAMBA just imitates the behavior of windows file server by configuring the SMB protocol, when you run the SAMBA on the Linux Server, the Windows servers on the network can able to see the Linux server.

 

RPM’s Required to Configure SAMBA:

Before we configure SAMBA in Linux Server, let me show you what all are the rpm’s required to implement SAMBA.

1.samba = This rpm needed for SAMBA server

2.samba-client = Needed for samba client

3.samba-common = This rpm includes all the samba commands needed to configure SAMA in Linux.

4.samba-winbind = This rpm establish the connection between windows and Linux servers

5.samba-domain-join-GUI = To connect the Linux users with windows domains and workgroup

6.samba-doc =  Contains  SAMBA help documents

 

Configure SAMBA in Linux:

First check the following packages are already installed or not, if it is not installed, install it

*Samba

*Samba-winbind

*samba-common

Check the  Required Samba Packages are already installed or not by using the following command,

#rpm  -qa  samba

#rpm  -qa samba-common

#rpm  -qa samba-wi*

As you can see from the above output all the required packages are installed.

Services Needed to configure SAMBA

smb = Important service for providing authorization and authentication for file sharing between the windows and Linux.

nmb = This service understands and replies to NetBIOS name service requests to those produced by the windows server.

winbind  = This service is needed for host and username resolution

Note: smb&nmb services are mandatory and winbind is an optional service.

Check the status of each service by running the following command,

#service smb status

#service nmb status

#service samba-winbind status

As you can see from the above output, both the services are stopped, Now bring the service online by using the following command,

#service smb start

#service nmb start

Check the status again,

#service smb status

#service nmb status

As you can see from the above output, both the samba services now brought it back to online.

Now make these service online always when the Linux server is booted next time by using the following command,

#chkconfig smb on

#chkconfig nmb on

From now onwards, whenever the server enters the run level,3 or 5 the above services will come to online automatically.

Create new samba users from Linux server

#useradd  nirmal

#useradd jaslyn

Create a password for both the users,i.e don’t create a password for  users to access the local system,

you need to create a samba password for these users, so that these users can access  only the samba services

To create a samba password and add the users to samba database

Syntax:

#smbpasswd -a  <user>

#smbpasswd -a nirmal

#smbpasswd -a jaslyn

 

Configure Samba:

Create a directory and assign full permission, so that other users can read or write the contents from the directory. By default, other users don’t have write access to the directory created by the root user.

#mkdir  /data

#chmod 777 /data

#cd /data

#touch f1 f2 f3

cd /

 

As you can see from the above output, a directory with the name data has been created with full permission.

Now open the samba configuration file and put the  shared data details,

#vi   /etc/samba/smb.conf

Scroll down to the workgroup directory value and mention your workgroup name

Note: Make sure you have created the same workgroup on windows system also.

Now, look for the shared definition variable and mention the directory details along with the permissions.

browsable = yes/No you can Limit the users to his own home directory.

You no need to mention the home directory details here, since the samba reads the user home directory details from the /etc/passwd file.

Now save and exit  from the samba configuration file

To check whether you have mentioned all the details correctly inside the samba configuration file, run the command “testparm”  , if any invalid entries are present it prints the error details on your screen.

#testparm

 

As you can see from the above screenshot, everything so far  configured properly, press the enter button to see the output,

From the above output, the testparm command didn’t find any errors inside the samba configuration file, we have successfully applied all the needed parameters inside the samba configuration file.

Now restart the samba services to take effect

#service smb restart

#service nmb restart

In this Lab, I will disable the firewall and SELinux security features, so that I will not block the access.

Note: If you have Enabled Firewall and SELinux Security, At the end of this article I have explained what are all the policies we need it to enable from firewall and SELinux.

 

To stop the firewall services:

#service iptables stop

#service iptables save

As you can see from the above output, firewall services have been stopped successfully.

To stop the SELinux features:

#setenforce 0

Check the workgroup name from the windows server

As you can see from the above output, windows client system is on the same workgroup LINUXVASANTH as Linux server has.

If you see here different workgroup name then change it to LINUXVASANTH.

Check the connectivity from windows client system:

#ping 192.168.1.253

Linux server IP= 192.168.1.253

As you can see from the above output Linux server is communicating from the windows system.

Now try to connect to the Linux server from windows system  to access the samba shared resources as below,

Now Login as samba user(nirmal)

Now the user(nirmal) will be logged in his home directory path as below,

That’s it…Now we have successfully configured Windows system as a  client system of SAMBA

Now try to edit some files from the shared directory “data”, Let me edit the file “f1” from this directory

Since I have given full permission to the /data directory, samba users can write all the files from the /data directory.

 

Check the /data  directory from Linux server whether the appended content is updated on Linux server samba shared directory file f1,

We have successfully configured the SAMBA in Linux server and also verified the access from the client windows system.

 

*******************************************************************************************************************************

The PORTS and BOOLEAN Needs to be Enable if Firewall and SELinux security features are Enabled:

Allow SAMBA through firewall (i.e iptables)

The following port Numbers are used by the SAMBA

PORT 137 = UDP NetBIOS name service (WINSthe )

PORT 138 = DBP NetBIOS Datagram

PORT 139 = TCP (Windows File and Printer sharing)

PORT 445 = Microsooft DS-Active Directory,shares

PORT 445 = Microsoft DS  SMB file sharing (UDP)

To allow Firewall  for SAMBA ,Add the Following Rules in iptables,

#iptables -A INPUT -m state  --state NEW -m udp -p udp  --dport 137 -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m udp -p udp  --dport 138  -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m tcp -p tcp  --dport 139 -j ACCEPT

#iptables -A INPUT -m state  --state NEW -m tcp  -p tcp  --dport 445 -j ACCEPT

Restart the iptables services to make the changes update

#service iptables restart

#service iptables save

Allow SAMBA through SElinux

In Linux SELinux security features by default, it denies access to any shared resources, You need to enable some couple of booleans from SELinux security

1.samba_enable_home_dirs    =  Enable  the sharing of home directories 

2.samba_export_all_ro = Enable read-only access

3.samba_export_all_rw = Enable read and write access 

4.samba_share_t_Default  = SAMBA could share
#chcon -R -t samba_share_t  /data

Always mention the directory name you would like to give access from SELinux, otherwise, it would be a security risk.

 

 

I hope you have enjoyed this article, if it was please share it with your friends, hit the Subscribe button below and be sure to share among with your friends.

###################################################################################

If you found this article useful, Kindly Subscribe here 👉  Click this link to Subscribe
For More Videos Subscribe My Youtube Channel    https://youtu.be/A7a72pmPa5o

 

Access Control List (ACL)

As a system administrator, we have to protect the files and data from unauthorized access.As we all are very much aware of the permissions we set for files and directories by using chmod,chown,chgrp, however, these permissions have some limitations and may not work as per our needs.We cannot assign different sets of permissions for different users on same directory or files, thus Access control list was implemented.

Before we set the Acl permission we need to check whether ACL is supported by the kernel.

1.Chech Kernel for ACL support.

execute the following command to check ACL support for the filesystem, POSIX_ACL=Y option, if you see ‘N’ instead of ‘Y’ it means kernel doesn’t support ACL, we need to recompile the  kernel

#grep   -i  acl /bootconfig*

Types of ACL

There are two types of ACL available

1.Access ACL Used for allowing permissions on any directory or file

2.Default ACL – Used for granting access control list on a specific directory only.

Note:1 In default, ACL can be used only on directory level, if any subdirectory or file created within that directory will inherit the ACLs from its parent directory.On the other hand, a file inherits the  default ACL’S as its access ACL’s

Note:2 we use “-d” for setting the default ACL’s(default ACL’s are optional only)

Ex:1 To check the ACL details for a directory

Syntax:

#getfacl   <Directory name>
#getfacl   /SAN

Before setting the default ACL the permissions would like above

To set the default ACL’s to a directory we will use the command “setfacl”  command.,In this example setfacl command will set read and write permission for the direcrtory /SAN.

-m indicates Modify

#setfacl  -m  d:o:rw  /SAN

After assigning the default ACL’s the permission would look like this

#getfacl  /SAN

Ex:2 To set a ACL permission for a file or directory use the setfqacl command, here in this example we will assign read and write permission to the user linuxvasanth1

Let me check the default permission set  for the file /mydoc  berfore we assign the  ACL

#getfacl  /mydoc

As you can see from the above output the file has the default permission sets only.

Now set the ACL,

#setfacl  -m u:linuxvasanth1:rw  /mydoc

Now check the ACL permission again

#getfacl /mydoc

From the above output, ACL permission set is successfully assigned to the file

Ex:3 Remove the ACL permission

To remove the ACL’s permissions we will use the option -x and -b with setfacl command

#setfacl   -x ACL file/directory (This will remove only specified ACL from file/directory)
#setfacl  -b  ACL  file/directory (This will remove all ACL from a file/directory)

In this example am going to remove the user linuxvasanth1 from the file /mydoc

#setfacl  -x  u:linuxvasanth1  /mydoc

Now run the getfacl command to check

#getfacl    /mydoc

As you can see from the above output the user has been successfully removed from the ACL set

Never miss any article from this blog ,Kindly do like my FB page Learn Linux in a easier way

If you found this article useful, Kindly Subscribe here 👉👉🏿Click this link to Subscribe

********************************************************************************************************************************

 

 

 

 

 

 

 

 

 

Understanding SSH and SCP Protocols in Linux Operating System

What is SSH?

SSH is a Secure Shell protocol that lets you to open the remote terminal or shell session on any Unix based server where according to the permission available to the account you logged in to and execute commands.The primary advantage of ssh over other protocols including telnet is that everything you do during the session  will be encrypted so that anyone who might be watching at any point between you and  remote host will see only the unreadable text

Note: SSH stands for Secure Shell.All SSH session is encrypted and it requires authentication.It provides a very safe and secure way of exchanging the commands, configuring the services over remotely.Another important point is when you connect to the remote server using ssh you log in using an account that exists on the remote server.

Note: The port number for SSH protocol is 22

An Overview of how SSH works?

1.When an administrator connects to the remote server using SSH he will be dropped in to a shell session (usually bash), where you can execute commands, it will allow you to use only text-based  interface, whatever command you execute in to your local terminal are sent through an SSH tunnel (with encryption)and then it executed on your server

2.The SSH connection is purely based on the client-server model this means for an SSH connection to be established, the remote server must be active with the ssh daemon(sshd).This daemon will listen for the connections on the specific port(ssh), it authenticates the connection request and allows the connection if the user provides the correct credential details.

3.The client system must have an SSH client software and this software knows how to communicate with the SSH protocol, provides information about the remote host, username to use, credentials that need to passed to authenticate and many more.

How does SSH Authenticate users?

1.Most clients use to authenticate by using the password which is very less secured and not recommended to use, use the SSH keys which is a very secure way to connect.

2.SSH keys are sets of cryptographic keys which can be used for the authentication.Each set contains Public key and Private key.

Public Key: It is made available to everyone, it can be shared with anyone without concern.

Private Key: It must remain confidential to its respective owner

Note: Whatever is encrypted with a public key only be decrypted by its corresponding private keys.

Let me tell you how ssh key-based authentication works at the backend,

If you want to authenticate using SSH keys, the user should have an SSH key pair on their local system, now on the remote server, the public key must be copied to the file within the user’s home directory at ~/.ssh/authorzied_keys.This file contains a list of public keys, one per line, that are authorized to log in to this account.

Now when a user connect to a host, wishing to use the SSH key-based authentication, it will inform the server of this request and tell the server which public key to use,then the server checks its authorized_keys file for the public key,generate a random string and encrypts it using the public key,this encrypted message can be only decrypted with the associated private key.The server then will send this encrypted message to the user to test whether they actually have the associated private key.

Upon receipt of this message, the client will decrypt it using the private key, it then compares both the values if both the values are same then it allows the connection.This is how  SSH key based authentication works.

Now let us see how to connect to the remote server with SSH protocol

Ex:1 Connect to remote server  from local server:

The basic syntax to for this as follows,

#ssh <remote server ip address or host name>

In this example, I use my two  Linux servers for the demonstrations.

Server details:

Server1 IP address:10.250.1.50/linuxvasanth.com-Located at USA

Server2 IP address:10.250.1.100/productionclient-Located at LONDON

Let us see how to connect to server2 from server1.

linuxvasanth.com #ssh   10.250.1.100

If this is the first time you use the SSH you will see the below messages on your terminal

 

After giving Yes this will add your server to your list of known hosts(~/.ssh/known_hosts)

Each and every server will have a host key and the above confirmation question is related to verify and save the host key, Now next time when you connect to the server, it can easily verify that it is a trusted known server.After the server authentication is successfully finished it asks for a password.

Note: By default, SSH allows the direct root login, so here you have to give the root user password of the remote server(i.e 10.250.1.100 ip root user)

Now you can execute any commands, can configure services and many more.Here, for example, my task is to create a user account and password on remote server

The above output says the account has been created successfully on the remote server.

Once you have done with your task with the remote server you can leave the session or disconnect by using the exit command

To exit the connection

A

As you can see from the above output after executing “exit” command the remote server login session gets disconnected and your terminal now changes it to your local server session.

Ex 2: How can I log in as a normal user to a remote server?

In our first example I have explained how to login to remote server as a root user, As you know by default SSH allows the direct root login to remote server, in case if you want to connect to the remote server with non-root user run the following syntax

Note: Check the non-root user account exists or not on the remote server before you start.

Syntax:

linuxvasanth.com #ssh non-rootuser@remoteserverip
linuxvasanth.com #ssh john@10.250.1.100

After giving john user password you will connect it to the remote server terminal session as follows

Now if you want to gain root access you can use the switch user command “su” to switch to multiple user accounts as follows

Now to disconnect the session first you need to log out from the accounts you have connected as follows

How to change the default SSH Port number?

To protect your server from anonymous attack changing the default port number to another any unused port number would help .all users with Linux servers can change the SSH port number from SSH configuration file(the default port number for SSH is 22).

The configuration file for SSH is /etc/ssh/sshd_config

All you need to do is edit this sshd _config file, open the file with your preferred editor, before that it is always good to take a backup of the original file before you made any changes in it.

#cp  /etc/ssh/sshd_config    /etc/sshd_config.original

Open the file with the vi editor

#vi   /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22 -->default port number used for SSH now change this to your prefered port number
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
"/etc/ssh/sshd_config" 137L, 3848C

From the above file the line #port 22 here the # means it tells the server to ignore anything after it on the same line, now we will need to remove that character and put your preferred new port number.

Note: Make sure you are not using the port number which is already in use.If you are unsure check this TCP/IP and UDP Port numbers and its uses

Try to use the port number which is not listed in the above link, here I use 2222 port number.

Note: In firewall also you will need to change SSH port number to the new one.

Now restart the SSH service as follows

After making any changes in the default configuration file you will need to restart the respective service to make the changes come in to effect.here we have to restart the ssh service

#service sshd restart

From now onwards SSH will listen to the port number you have specified.

Understanding SCP Protocol in Unix/Linux operating system:

Scp stands for Secure Copy used to send files from Local server to remote server(Uploading) and copying files from remote server to local server(uploading) with securely, secured means all the data while transferring through the network  is encrypted.

SCP is installed by default on all Linux distributions as a part of OpenSSH package

Note: SSH is used to connect to the remote server with text-based interface

SCP- used to transfer files between the different servers

Scp it uses the  SSH port number 22 to establish the connectivity between the server

Ex:1 How to transfer  a file from Local server to remote server

For this example, the syntax would look like this

#scp  <FILE TO BE TRANSFER FROM LOCAL SERVER>  <USERNAME@REMOTESERVER IP ADDRESS>  :<DESTINATION PATH REMOTE SERVER>

Server1:10.250.1.50(Local server)

Server2:10.250.1.100(Remote server)

Now  am going to transfer a file from local server to remote server

#scp  /documents root@10.250.1.100:/tmp

Note:/documents is the local server file to be transfer

/tmp is the remote server destination directory path

Once the authentication is successful the file will transfer to the remote server destination path, you will see the percentage as 100 which indicates the entire data has been successfully transferred to the remote server.

Now to verify go to the remote server (10.250.1.100) /tmp directory and list whether the file /docments is successfully saved.

#cd  /tmp

#ls -t

Note: -t option is to list the latest modified or create file to display  in the first

The above screenshot has confirmed the file has been successfully saved under /tmp directory of the remote server.

Ex:2 How to transfer a directory and all its contents from local server to the remote server?

To copy the entire directory we need to use the option -r  with the scp command i.e recursive which will select the entire directory contents.

Syntax:

#scp  -v  -r  <Local server dir>   <user@remote server ip>:<remote server destination dir path>

you can also use the -v verbose option to view the detail output on your screen.

From Server1 (10.250.1.50) am going to transfer /mydatabase directory to the remote server /myfolder path

As you can see from the above output mydatabase directory is have some files and subdirectories.

#scp   /mydatabase root@10.250.1.100:/myfolder

Note: If you forget to mention -r option while transferring the entire directory you will get the error message it is not a regular file, check the above screenshot.

Always use  -r while transferring the entire directory to the remote server.

After giving the correct password scp will transfer the /mydatabase directory to the remote server directory /myfolder

Now go to the remote server /myfolder path and confirm whether the directory /mydatabase is successfully transferred.

#cd  /myfolder

#ls

AS YOU CAN SEE FROM THE ABOVE OUTPUT THE ENTIRE DIRECTORY ALL ITS CONTENTS FROM THE LOCAL SERVER /MYDATABASE  WAS SUCCESSFULLY TRANSFERRED TO /MYFOLDER PATH.

 

Note: To copy the files from remote server to the local server path you would use the same syntax in reverse as follows
#scp  username@remoteserverip:<remote serverfile>   <local server path>

I hope now you have understood the SSH and SCP protocols their uses in production environment

Never miss an article from this blog, Kindly do like my FB page Learn Linux in a easier way
If you found this article useful, Kindly Subscribe here 👉👉🏿Click this link to Subscribe

Understanding Remote sync(rsync) in RHEL

Introduction:

Rsync(Remote Synchronization) program is used to transfer and sync the files between the servers.rsync is very fast and secure way to transfer and sync the files.You can also use the Rsync command to copy and synchronize your data remotely and locally across the directories, disks, networks, to perform backup and mirroring between two Linux servers.
It offers a large number of options that control every aspect of its behavior and permit very flexible specification of the set of files to be copied.

Advantages of rsync:
1.It efficiently syncs and copies files to/from the servers.
2.It is much faster than the SCP(secure protocol) to transfer the files between the servers.
3.rsync it consumes very less bandwidth as it uses compression and decompression method to transfer the files from/to the servers.
Points to  remember:
1.When you are using the rsync command to copy/sync the data between the server for the first time ,it copies the whole content from the source file and pastes it in the destination file.
2.Next time when you run the rsync command it copies/sync only the updated bytes from the source file and paste it in the destination file.(coz of this rsync consumes less bandwidth while transferring data)
3.rsync uses delta-transfer algorithm, which maximum reduces the amount of data sent over the network by sending only the differences between source files and existing files in the destination.
Note1: This utility(rsync) is mostly used for backup and mirroring and as an improved copy command for everyday use.
Note 2: rsync finds the files that need to be transferred by using the quick-check algorithm that looks for files that have changed in size or in last modified time.Any changes in the other preserved attributes (as requested by options) are made on the destination file directly when the quick check indicates that the file’s data doesn’t need to be updated.
Syntax to run the rsync command:
#rsync   <options>   <source >      <destination >
Options available with rsync command:
-v = Verbose output
-r = Copies the data recursively(it will not preserve the timestamp and permission while transferring data)
-a = Archive mode(In this mode it allows copying the data recursively and it also preserve symbolic links, file permission, timestamp, user and group ownership)
-z = Compress file data
-h = Human readable format(display the size in MB,GB,kb format)
Before you start using the rsync utility you need to check whether rsync package is already installed on your server as follows,
#rpm  -qa rsync

The above output says the rsync package is installed already, so no need to install the package again.(Do this check on both the servers)
EX:1 To Copy/Sync Files and Directory Locally
In this example, we will sync a file on a local machine from one path to another path, Here we have a file  /mywhatsapp.txt needs to be copied/synced  to /var/mybackup  file

Syntax:

#rsync   <option>  <source>  <destination>
#rsync    -zvh   /mywhatsapp.txt   /var/mybackup

 

In the above example, the destination file mybackup is not already existed,rsync will create the destination file if it does not exist already.
Let us check whether the contents of the /mywhatsapp.txt is properly synced to the /var/mybackup file

The above screenshot has confirmed Everything is successfully synced to the destination without any data loss.
Note: As I said already in the beginning when you are running rsync for the first time it copies the entire content from the source file and paste it in the destination by default,After appending some more bytes to the source file,,again run the same command this time it transfers only the  updated bytes from the source to destination.
Now let us add some more bytes to the source file (in our case /whatsapp.txt is the source file)
#cat >>/whatsapp.txt

This is my second line

Control + d to save

Now run the  rsync command again,
#rsync -zvh   /whatsapp.txt    /var/mybackup

As you can see from the above screenshot rsync this time it transfers only the updated bytes to the destination.
Ex:2 Copy/Sync files/Directory from Local server to Remote Server
In this example, we will see how to sync data from local server to remote server.I have a directory on my local server with the name “Softwares” which contains rpm packages and you want that local server directory contents to be sync to a remote server.

Syntax:

#rsync <option> <Local serverfile path>  user@ipaddrofremoteserver:<remote server destinationpath>
Note: Remember to the sync files within your local system we use different syntax and for remote sync, we use the above syntax.

Server Details:

On server1: /Softwares (Source directory)

IP address:10.250.1.16
On server2: /tmp/mydatabase (destination file)

IP address:10.250.1.15
From 10.250.1.16 run the following command to sync:
Before I sync the data’s from /Softwares directory Let me check the total size of the directory by using the following command
#du -sh /Softwares

So the total data to be sync to the remote path is 3.3GB
#rsync  -avzh  /Softwares root@10.250.1.15:/tmp/mydatabase

As you can see from the above screenshot after authentication the files from the Softwares directory started syncing to the /tmp/mydatabase file.
Ex:3 Copy/Sync a Remote Directory to a Local server
In this example, we will see how to copy/sync a remote directory to local directory.Here we have a directory under /var/log/student which is on a remote server is being copied to your Local server under /tmp/serverdata

Syntax:

#rsync  <option> user@remoteserverip:<Remote server path>   <Local server path>
Note: The syntax will change always the way we use the rsync command.
On server1(10.250.1.16) run the following command:
#rsync   -avzh   root@10.250.1.15:/var/log/student   /tmp/serverdata

Now go to the local server path /tmp/serverdata and check whether the remote server directory “student” synced without any error.
On server 10.250.1.16 run the below command to confirm:
#cd /tmp/serverdata

#ls

As you can see from the above output the directory successfully synced to the local server path /tmp/serverdata.
Tips: The rsync utility by default it uses the  SSH port number 22  to sync the files over the local server to remote server.
Never miss any article from this blog ,Kindly do like my FB page   My FB official Linux Page

If you found this article useful, Kindly Subscribe here 👉👉🏿Click this link to Subscribe

*********************************************************************************************************************************

 

Booting Process Linux

Introduction:

In this article, we are going to learn about the booting process in Linux based Servers.As a system administrator knowing the backend process while power on the server is much needed in IT environment.It helps the administrator in resolving the issues during the booting process.

There are five phases available in booting process:

1)BIOS

2)BOOTLOADER

MBR

GRUB

3)KERNEL

4)INIT

5)RUNLEVEL SCRIPTS

Let us have a look at each phase in details

BIOS(Basic input and output system):
  • When you power on the server BIOS is the first program that loads.

After you press the power button the CPU will check in to the ROM for the further process

  • Because the ROM it has the instructions to tell CPU to start the BIOS

Then BIOS will check all the hardware and bootable devices available on your server After analyzing BIOS will check how to boot the operating system (hard disk or CD-ROM or DVD or network boot).

  • If it is a hard disk then it will look for the primary boot loader to start the operating system
BOOTLOADER:
  • Bootloader resides inside the MBR(Master boot recorder) chip, the bootloader program doesn’t know anything about the operating system filesystems, it knows only the partition table layout pieces of information and how many hard disks attached.
MBR:

The master boot recorder resides in the first sector of the hard disk.

  • The total size of the MBR is only 512 bytes.

From this total 512 bytes, the first  434 to 446 bytes are reserved for the primary bootloader, 64 bytes for the partition table and 6 bytes for the MBR timestamp validation.

  • As I have mentioned above the MBR is not aware of the operating system filesystem, so MBR cannot directly load the kernel program it requires a bootloader with the filesystem driver for each supported filesystem, then only they can be understood and accessed by the bootloader.

The Grub  has configuration file in that the details of the filesystem and the filesystem device drivers are loaded

/boot/grub/grub.conf

The original file for the grub is located in  /etc/grub.conf and this file is symbolic linked to /boot/grub/grub.conf

#ls -l  /etc/grub.conf

To view the Grub config file:

#cat /etc/grub.conf or cat /boot/grub/grub.conf

GRUB(GRand Unified Bootloader):

Grub loads the kernel in three stages

Grub stage1:

The total size of the MBR is 512 bytes, the size is too small and it has all the instructions to load the operating system.

  • The total number of space allocated for the bootstrap code in an MBR is 446 bytes, this 446-byte file for stage1 is named boot.img and it doesn’t contain the partition table information which is added separately with the boot record Because boot record must be so small and it doesn’t understand the filesystem structures.So the purpose of stage1 is to locate and load the stage1.5.After loading the stage1.5 in to the RAM stage1 takes control over to stage1.5.
Grub stage1.5:

As I have explained above the grub stage 1.5 must be located between the boot record itself and the first partition on the hard disk.The function of stage1.5 is to start executing the filesystem drivers that are necessary to load the stage2 from the /boot.

Grub stage2:

The grub stage1 can load the Grub stage 2 directly, but the stage1 is by default setup to load the stage2.The location for the stage2 is /boot/grub2 directory and the stage2 doesn’t have image files like stage1 and stage1.5 instead it has only all the runtime kernel modules that are needed to start the operating system.

Note: Stage2 of Grub2  loads the kernel in to the memory and provides the control of the server over to the kernel.
KERNEL:

1.Once the bootloader starts the kernel it uncompress the initrd image  it mount and load all the device drivers

initrd(initial ramdisk is to loading a temporary root file system in to the memory)

  • 2.Loading and unloading the kernel modules can be done with insmod and rmmod commands which is present inside the inirt image.

3.The kernel will mount the root partition as a read-only

  • 4.The kernel will check the /etc/fstsb file for the filesystem check integrity.

5.If no error found from the /etc/fstab file output then it starts the init process

INIT PROCESS:

Run the server in to run level as mentioned in /etc/inittab file

#cat /etc/inittab

Based on the selected run level, the init process then executes all the startup scripts located in /etc/rc.d/rcx.d

  • Note:All the run level scripts are located inside /etc/rc.d/rcx.d

If everything goes fine then it will display the Login screen……

Never miss an article from this blog, Kindly do like my FB page Learn Linux in an easier way

 

######################################################################################

If you found this article useful, Kindly subscribe👇

Click this link to Subscribe

How to configure VNC-SERVER access in Red hat Linux

Virtual Network Computing(VNC):

As a system administrator frequently we access the servers remotely over the network for various reasons, Mostly the system administrator prefers to use the protocols ssh or telnet to connect to the remote server which gives you a non-graphic access to the remote server.Sometimes we need to access the remote server with GUI interface i.e, sharing the server desktop, So if you need to access the client-server desktop we need to configure VNC on RedHat servers.

VNC it allows the administrator to open the remote GUI access to your server and thus it provides you a full Graphical user interface session from any remote location.

Note: The best real-time example for the VNC is "Teamviewer" which gives you the GUI desktop access to another system.
How to Configure VNC Server in Linux?

To configure the VNC on RedHat server two vnc packages should be installed.

1.Vnc-server package

vncserver-1.0.4-8.el5

This package is used to share the desktop with the remote system.

2.Vnc-viewer package

vnc-4.1.3-9.el5

This package is used to access the server from another system.

Configure the following on Linux server:

The IP address of my Linux server is 10.250.1.36

First check the vnc-server package is installed on your server by using the  rpm command

#rpm -qa vnc-server

If the package is not installed then install the package from the media.

To install the vnc packages:
#cd  /media/RHEL_5.7 x86_64_DVD/Server
Check vnc package is listed in cdrom
#ls  tiger(then press the tab twice will give you the package details)

Once you have confirmed the packages are listed in cdrom install them,

#rpm  -ivh tigervnc-server-1.0.90-0.10.2010115svn3945.el6.x86_64.rpm

Configure Linux client:

Note:  Linux client-server IP address is 10.250.1.34

Check the vnc-viewer package is installed or not

#rpm  -qa vnc-1.0.90-0.10.2010115svn3945.el6.x86_64.rpm

If it is not installed then install it from the media

#cd  /media/RHEL_5.7 x86_64_DVD/Server

Install the vncviewer package

#rpm -ivh  tigervnc-1.0.90-0.10.2010115svn3945.el6.x86_64.rpm

Let us confirm whether vnc packages are  installed  successfully or not by using the following command,

Once you have confirmed the required packages are installed on both the servers now its time to check the vnc access.

Note: Before you run the vnc command to connect to the remote server, check with the ping command whether both the servers are communicating each other.

#ping  <remote server IP address>
#ping 10.250.1.34

Once you have confirmed the connectivity test is passed,  check the Linux client IP address status,

To check the IP address status of your Linux client-server:

#ifconfig or ifconfig  eth1

Before you run the vncviewer command to get the access to Linux server desktop, run the ping command to check the connectivity.

#ping 10.250.1.36

Now run the following command to take the remote Linux server desktop access.

Syntax:

#vncviewer   <remote server ip>
#vncviewer 10.250.1.36

On  server side  i.e @10.250.1.36 it will show a pop-up message for confirmation

Once the admin granted the request, you can now access the remote server desktop graphically.

The live session for taking the remote server desktop is added to this video link Vnc server client Demo video
Key point:  If you are getting any error message while connecting to the remote server via vnc go to system setting and choose the remote desktop option and enable the checkbox to allow other users to share your desktop, do this on both the server end and try connect, this time vnc will connect without any error.

 

I hope you have enjoyed this article, in our next article I will explain you about the TCP/IP secured protocols.

Never miss any article from this blog ,Kindly do like my FB page Learn Linux in a easier way

*****************************************************************************************************************

If you found this article useful,kindly 👉🏿👉🏿Subscribe here

 

 

 

How to install the packages in Redhat Linux?

Introduction:
In this tutorial, we are going to learn about how to install, uninstall, modify and update the individual packages in Redhat servers by using the rpm utility.
To install the packages in Redhat based systems we have two powerful tools to perform that,
1)RPM(RedHat Package manager)
2)YUM(Yellow Dog Updatemodifier)

Rpm(Redhat package manager):
The RedHat package manager is a powerful tool for the Redhat based systems like Fedora, Centos, Redhat.It allows the user to install, uninstall, upgrade, modify the packages on the Unix/Linux servers.
  • Basically, Rpm tool works directly with the packages and it will not check and install the dependency packages, Some application might depend on other packages, when you are using rpm to install that first, you need to install the dependency packages manually, then after that, you have to install the main package.In order to work an application properly, we need to install all the chain dependencies packages.
YUM:
Yum works in a different way to install, uninstall and upgrade the  Red Hat packages.It works with the package repositories where all the information about the packages gets stored.By default yum tool automatically check all the dependency packages and install them, When you are using rpm, you no need find and check for the dependencies packages and install them one by one manually, yum does all the works automatically.In order to run yum command We need to configure the YUM package repositories first on your Linux system (I will explain how to configure yum repositories in our next article)
Note:
So the main difference between the rpm and yum tool is rpm will not install the dependencies packages whereas yum will check and install all the required dependencies packages.
Note:
RPM Earlier called as the .rpm file it contains the software programs and libraries that are needed by the packages.And this tool works only with the packages that built in the .rpm format.
RPM packages Details:
It is very important to know about the rpm package file name conventions on Linux package management.By default, all the package includes the version number, hardware architecture and many more details.Let us see the package names along with the details
First, change your working directory path to the /media where the CD-ROM gets mounted.
#cd /media/RHEL_5.7\x86_64\DVD/Server/
This is the path where the rpm packages reside on CD-ROM(on RHEL5.7)

Note:
In RHEL 6.0 the path for the rpm packages are under /media/RHEL_6.0\x86_64\DVD/Packages
Now run the command to list all the available .rpm packages from the CD-ROM
#ls  -l

From the above output, you will see all the .rpm packages from the CD-ROM.
To check the individual package details run the below command(here I use telnet package)
#ls  -l    |grep  telnet

The above output shows the details of the telnet package.

Installing the packages:
The following Procedure to be followed before you install the packages on Linux server.
1)Always check the integrity of the package before you install
2)Check whether the package is already installed on your server
3)If the package is not installed then use the rpm command to install the packages
4)After installation check whether it gets updated on the Linux Package Management.
Ex:1 How to install the Packages on Redhat servers?
Insert the CD-ROM media in to the drive, once the media gets mounted on its mount point directory change your path to that mount point directory
Check whether the CD-ROM is mounted or not,
#df -h

As you can see from the output the cdrom is mounted on the mount point directory /media
/media  – It is default mount point directory for the removable media.
Now change your path to the directory where the packages reside.
#cd  /media/RHEL_5.7\x86_64\ DVD/Server/
Run the “ls” command to check all the available packages from cdrom
In  this example, I will show you how to install nano package .(nano is an editor tool)
Check nano package is listed in CDROM
#ls  nan (then press the tab key twice it will list the package details if it is avaiable)

Once you have confirmed the nano package is available in CD-ROM you can now start to install the package,
Check Whether the nano package is installed on the server or not?
syntax:
#rpm    <options>   <package name>
Options:
-q   -To query
-a  -To print all the installed packages in the system
-R  -To list all the dependent packages
-e   -To uninstall the installed package from the system
-v  – Verbose output
-U -To update the existing installed package
-h – To show the hash progress(display the progress in hash on your screen)
#rpm  -q   nano

From the above output, nothing displayed which confirmed the nano package is not installed on the system, if the package is installed already on the system then it would display the package details.
Make sure you are under the   /media/RHEL_5.7\x86_64\ DVD/Server/
#pwd
Now install the package
#rpm  -ivh    nano-1.3.12-1.1.x86_64.rpm

Now confirm whether the nano package is successfully installed on the system or not,
#rpm  -q   nano

The above output displays the package details(nano), which confirmed the package is successfully installed on the system.
Ex:2 How to uninstall the package from the system?
The same command we have to use it with the option  -e
#rpm  -e  nano

Run the query command to confirm whether the package is uninstalled successfully
#rpm  -q nano
The above output shows the nano package was successfully uninstalled.
Ex:3 How to check the integrity of the package?
Always check the integrity of the package on Linux system before you install them and make sure always the test result gives you ok.
In this example, I will show you how to do the integrity check for a package.
#rpm  --checksig  <package name>
–checksig means Check signature
#rpm  --checksig  pinfo-0.6.9-1.fc6.x86_64.rpm

The output says the package integrity check was not ok i.e, the package has some missing keys.
Note:
If the package has passed the test then it would display as md5 OK
Ex:4 How to check the dependencies of the package?
Checking the dependencies of the package is very important for the system administrator before he installs the package, as you know the rpm tool will not install the dependencies packages, if you haven’t installed the dependencies packages then it will not allow you to install the mentioned package.Do a check about the dependency packages that are needed for the package you are going to install.
#rpm  -qpR   httpd-2.2.3-53.el5.x86_64.rpm
-q –>To query
-p –>Prints the capabilities package provides
-R –>Will print on which this package depends.

The above output prints all the dependent packages that needed by the httpd package, so if you want to install this httpd package with rpm command, first you need to install all the dependent packages one by one manually.
Ex:5 How to install a package without dependencies?
In some case we need to install the package without the need for dependency packages, on that time we can use the special option –nodeps with the rpm command to install it without dependency packages.
#rpm  -ivh  --nodeps  <packagename>
#rpm  -ivh  --nodeps    httpd-2.2.3-53.el5.x86_64.rpm

From the above output, the httpd package was installed without the need for its dependent packages
Ex:6 How to check the latest installed packages information along with the date and time details?
To get the latest installed packages information use the special option –last with the rpm command as follows
#rpm  -qa  --last

The above output shows the installed package details along with Date, time and year details.
Ex:7 How to Upgrade the already installed package on your system?
Use the -U option with the rpm command to upgrade an existing package in your system,The benefit of using this option is, it not only upgrade the existing package but also it takes a backup of the package older version so that in case if the updated version is not working properly then it uses the older version of the backup.
#rpm  -Uvh   nano-1.3.12-1.1.x86_64.rpm

Ex:8 How to check the command belongs to which package?
If you want to check the command belongs to which package in your Linux system we can get that with the rpm, let us say for an example I need to find  the command “top” belongs to which package, Run the following command to get the package details
#rpm -af   <full path to the command>
To print, the full path of the command run the following command,
#which  top

#rpm  -qf  /usr/bin/top

From the above output, the top command belongs to the package procps-3.2.7-17.e15
Ex:9 Check the package details after installed?
Suppose  if you want to check the details of the installed package about the release number, size,  signature key, vendor and much more run the following command
#rpm  -qi  <package name>
qi means (Query info)
#rpm -qi   telnet

From the above output, you would see the entire details about the telnet package.
Ex:10 How to get the information about the package before you install?
Sometimes we may need the internet to download some of the rpm packages to install, after downloading the package if we want to check the details of the package  to know about the author and some other details run the following command
Note:
I have downloaded the rpm package from the internet babel-0.9.5-1.el5.rf.noarch.rpm and I have saved inside the folder /rpm.
#rpm  -qip  <packagename>
-p  -this option allows us to perform the same query analysis on the package which is not installed on the system.
#cd  /rpm
#ls

Now check the details of this downloaded package,
#rpm  -qip babel-0.9.5-1.el5.rf.noarch.rpm

From the above output, you would see the details of the package (which is downloaded from internet).
In our next article, I will explain about the yum repositories in Redhat systems.
Never miss any article from this blog ,Kindly do like my FB page   Learn Linux in a easier way

*************************************************************************************************************************************

If you found this article useful, Kindly Subscribe and do share it with your friends, Thank you🙂🙂

[rainmaker_form id=”235″]

 

 

 

 

How to configure IP address in RHEL server?

Introduction

In this article we are going to cover how to configure the IP address and what all are the initial checks up we need to perform before you configure the IP address.

Every system in a network needs an IP address to communicate with another system, it can be easily configured in RHEL with the help of “ifconfig” command.

Types if IP:

IP address can be configured in two ways

1)Static IP

2)Dynamic IP

Static IP:

The IP can be configured manually by the system administrator or by individuals.Static IP mostly use with the devices like router, printer etc…

Dynamic IP:

In this method, the IP address is automatically configured from the DHCP server, when you set the IP should configure automatically in the network management tool then the system will call the DHCP server for the IP address, DHCP service provides the IP address to the system when it joins the network.

Procedure to configure the IP address:

1)Check how many adapters available and its status from your server

2)Choose the adapter to which you are going to configure

3)Deactivate the network adapter before you assign IP address

4)Configure the IP with the help of “ifconfig” command

5)Make the assigned IP address permanent with the help of “setup” command.

6)After assigned the IP address permanently to the network management file activate the network adapter.

Configure the IP address:

Method: Static IP

To check the network adapter status:
#ifconfig

from the above output, we have only one adapter connected to the server and the logical name for the network adapter is “eth0”, the current IP address for the adapter is 10.0.2.15 and the adapter is in running state.

eth0 –>eth indicates the adapter manufacturer name and “0” indicates the first adapter .if  the server is having two network adapter means it would display as eth1.

Note: You don’t have to worry about the  adapter names and numbers since the kernel device driver will generate all these by default.

To deactivate the network adapater:

syntax:

#ifdown   <Network adapatername>
#ifdown   eth0

Now check the network adapter status whether it is successfully deactivated or not

#ifconfig

From the output, eth0 adapter has been turned in to deactivated mode successfully

Now let us configure the IP address to the eth0 adapter by  using the following command:

syntax:

#ifconfig   <Network adapter>  <ipaddress>
#ifconfig  eth0   10.250.1.50

Check whether the IP is assigned to the eth0 adapter

#ifconfig  eth0

from the output, you could see the IP 10.250.1.50 has been successfully assigned

Note: Now if you deactivate the adapter , next time when you bring it back to the activate state, the IP will get assigned from the DHCP service.This is the default mode in RHEL.Below is the screenshot how the IP get assigned automatically after deactivate and activate the eth0 adapter👇👇

Now its time to make this ip address permanent by using the following command
#setup

From this tool choose the network configuration

Now choose edit devices

Choose the eth0 device from the option

Now check the default setting for the network adapter devices

From the above screenshot, you could find the default mode to configure the IP is in DHCP always.

Now Unselect the DHCP mode and add your static IP here to make it permanent one

Note: Use spacebar from your keyboard to deselect the DHCP

We have now successfully added the static IP 10.250.1.50 to the adapter eth0.

That’s it…Now save the information and exit the network management tool

 

Now activate the network adapater:

syntax:

#ifup  <network adapater>
#ifup  eth0

So from now onwards 10.250.1.50 is the default IP address for your server , even after restart , deactivate and activate the adapter this IP would be the permanent one.

#ifconfig eth0

From the above output, the IP has been permanently activated with the static method.

Note:

If you forget to add the IP address in the network management with the “setup” command then the assigned IP would be a temporary one,if you do a restart or deactivate and activate the adapter it will assign the IP from the DHCP server since in RHEL the default mode after restart or activate the network adapter will be in Dynamic IP mode.

Tips and tricks:

*If you are facing issues while you bringing up your network adapter or assigning the IP address just try to restart the network management service

#service NetworkManagement restart

The above command will do a refresh on all the network adapter configuration files and then try to configure or activate the adapter.

I hope you have enjoyed this article, in our next tutorial I will explain you the troubleshooting concepts in IP configuration.

Never miss any article from this blog ,Kindly do like my FB page 👉👉  Learn Linux in a easier way

*************************************************************************************************************************************

If you found this article useful, Kindly Subscribe here 👉🏿👉🏿Subscribe here

Visit and Subscribe My Youtube Channel for More Videos  https://youtu.be/6vYQYY_zL0o