$ sudo passwd root
enter the password. if you want to become a root, then you can just type $ su
It aways good idea to create one, because the sudo may not be functional, such as this bug:
http://askubuntu.com/questions/106642/how-to-fix-sudo-setreuidroot-uid-user-uid-operation-not-permitted-error
Thursday, January 23, 2014
Monday, January 13, 2014
Configure the hostname in CentOS
Test a hostname if working:
nfslookup HOSTNAME
or
nfslookup IP_ADDRESS
to see if there is an entry in the DNS server
First, you need to have a correct network script in /etc/sysconfig/network-script/ifcfg-eth4
Then, configure the hostname:
http://www.rackspace.com/knowledge_center/article/centos-hostname-change
1. set /etc/sysconfig/network
2. configre /etc/hosts
3. restart network
$ service network restart
nfslookup HOSTNAME
or
nfslookup IP_ADDRESS
to see if there is an entry in the DNS server
First, you need to have a correct network script in /etc/sysconfig/network-script/ifcfg-eth4
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth4
DEVICE=eth4 //device name
HWADDR=00:26:B9:38:4C:23 // mac address
TYPE=Ethernet
ONBOOT=yes // automatically connected after bootup
NM_CONTROLLED=no // does not use Network Manager, use ifcfg-eth4 script
BOOTPROTO=dhcp // use DHCP
DHCP_HOSTNAME=sr2s18 // configure DHCP hostname
PEERDNS=yes //Modify /etc/resolv.conf if the DNS directive is set. If using DHCP, then yes is the default
Then, configure the hostname:
http://www.rackspace.com/knowledge_center/article/centos-hostname-change
1. set /etc/sysconfig/network
[root@sr2s16 ~]# cat /etc/sysconfig/network
NETWORKING_IPV6=no
HOSTNAME=sr2s16.example.com
NETWORKING=yes
2. configre /etc/hosts
[root@sr2s16 ~]# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
129.174.114.142 sr2s16.example.com sr2s16
::1 sr2s16.example.com sr2s16
192.168.0.36 sr2s16.example.com sr2s16
3. restart network
$ service network restart
Friday, January 10, 2014
network configuration sample on Cent OS
External network interface using dhcp: /etc/sysconfig/network-script/ifcfg-eth4
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth4
DEVICE=eth4
HWADDR=00:26:B9:38:4C:23
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
Internal network interface using static IP: /etc/sysconfig/network-script/ifcfg-eth0
[root@sr2s18 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:1B:21:44:96:10
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.0.38
BROADCAST=192.158.0.25
NETMASK=255.255.255.0
NAME=eth0
Run dhcp when system starts up on Cent OS
configure /etc/sysconfig/network-script/ifcfg-eth4
DEVICE=eth4
HWADDR=00:26:B9:38:4C:23
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
if you set the onboot=yes, the system will run dhcp when system boots
Fix nobody issue on CentOS/Ubunut using LDAP and NFS
CentOS
vim /etc/idmapd.conf
add Domain=example.com
restart the services
http://lfhck.com/question/100876/centos-6--ldap--nfs-file-ownership-is-stuck-on-nobody
Ubuntu
vim /etc/idmapd.conf
add Domain=example.com
vim /etc/idmapd.conf
add Domain=example.com
restart the services
/etc/init.d/rpcidmapd restart and /etc/init.d/nfs restarthttp://lfhck.com/question/100876/centos-6--ldap--nfs-file-ownership-is-stuck-on-nobody
Solved!
I happened to notice this line in
/var/log/messages on my NFS server when I was attempting to mount an export from the remote client:Feb 28 15:54:02 storage1 rpc.idmapd[1651]: nss_getpwnam: name 'nobody' does not map into domain 'localdomain'
This caused me to look at the first few lines of
/etc/idmapd.conf:[General]
#Verbosity = 0
# The following should be set to the local NFSv4 domain name
# The default is the host's DNS domain name.
#Domain = local.domain.edu
I then added
Domain=subdomain.mycompany.com under the commented out "Domain" line. Saved, exited and then ran/etc/init.d/rpcidmapd restart and /etc/init.d/nfs restart.Ubuntu
vim /etc/idmapd.conf
add Domain=example.com
reboot
Monday, December 30, 2013
Configure NFS server on CentOS 6.4
I use two physical machines to conduct this experiment.
If you have an error message:
Solution: You need to install nfs-utils on the client side. Also, you need to service rpcbind start
NFS Server IP: 192.168.0.21
NFS Client IP: 192.168.0.27
Install NFS Server (CentOS 6.4)
$ yum install nfs-utils -y
$ service nfs start
$ chkconfig nfs on
Configure NFS Server
$ mkdir /nfs_dir
$ chmod 777 /nfs_dir
$ vim /etc/exports
add this line into the file
/nfs-dir 192.168.0.27(rw.sync,root_squash)
These settings accomplish several tasks:
- rw: This option allows the client server to both read and write within the shared directory
- sync: Sync confirms requests to the shared directory only once the changes have been committed.
- no_subtree_check: This option prevents the subtree checking. When a shared directory is the subdirectory of a larger filesystem, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.
- no_root_squash: This phrase allows root to connect to the designated director
$ exportfs -a
$ exportfs
$ showmount -e
You may want to flush the IP Tables to allow the NFS connection
$ iptables -L
$ iptables -F
Configure NFS Client
$ mkdir /nfs_mnt
$ mount -t nfs 192.168.0.21:/nfs_dir /nfs_mnt
Or you can set the /etc/fstab file, and this line into the file
192.168.0.21:/nfs_dir /nfs_mnt nfs4 defaults,acl 1 1
Show mount list
$ mount
$ df -h
If you have an error message:
# mount -a
mount: wrong fs type, bad option, bad superblock on 172.31.27.164:/nfs_meerkats,
missing codepage or helper program, or other error
(for several filesystems (e.g. nfs, cifs) you might
need a /sbin/mount.<type> helper program)
In some cases useful info is found in syslog - try
dmesg | tail or so
Solution: You need to install nfs-utils on the client side. Also, you need to service rpcbind start
IP Tables
$ iptables -L [--list]
list all of the IP table rules
$ iptables -F [--flush]
flush all of the IP table rules
$ service iptables save
save current iptables to /etc/sysconfig/iptables
Good article from linuxwave blog
http://linuxwave.blogspot.com/2013/11/manually-manipulating-iptables-in.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Linuxwave+%28linuxwave%29
Save IP tables on CentOS
/etc/init.d/iptables start or service iptables save
Remove IPtable rules by line
iptables -vnL --line-numbers
iptables -D INPUT 22
list all of the IP table rules
$ iptables -F [--flush]
flush all of the IP table rules
$ service iptables save
save current iptables to /etc/sysconfig/iptables
Good article from linuxwave blog
Manually manipulating iptables in CentOS and Redhat
The iptables rules in redhat based distro is being kept by default in /etc/sysconfig/iptables and /etc/sysconfig/ip6tables. To manipulate the firewall, just add or remove rules from this file, and restart iptables services. For example, we want to allow tftp port, which is port 69 udp:
- Edit /etc/sysconfig/iptables
# vi /etc/sysconfig/iptables- Add the following lines, before the final LOG and DROP lines for INPUT chain:
-A INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT- Save and close the file
- Restart iptables service:
# /etc/init.d/iptables restart- Check your new iptables rules, where -L is to list all rules in the selected chain, and -n is for printing port in numeric output:
# sudo iptables -L -n- And you can see that
"ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:69"line is in the iptables file.
To block any particular port, you just need to edit /etc/sysconfig/iptables, remove the ACCEPT line that contain that port, and restart iptables, and you are done :)
Save IP tables on CentOS
/etc/init.d/iptables start or service iptables save
Remove IPtable rules by line
iptables -vnL --line-numbers
iptables -D INPUT 22
Subscribe to:
Posts (Atom)