RHEL Notes

INDEX

Reset root password
NFS normal, secure
Samba

Postfix
DNS unbound

Mariadb
Bash script

Storage
HTTP webserver

Shell
Firewall

Other: Firewall, Network teaming, ip address

Add new disk


CONTENT

Reset root password

-boot server, press any key, press "e" to edit

-linux 16 --> rd.break

-ctrl x to boot

mount -o remount, rw /sysroot

chroot /sysroot

passwd

touch /.autorelabel

exit 

NFS


SAMBA
yum install samba -y
yum install samba-client -y
yum install cifs-utils -y

systemctl start/enable smb
systemctl start/enable nmb

firewall-cmd --permanent --add-service=samba
firewall-cmd --reload

mkdir /sharesamba
semanage fcontext -a -t samba_share_t '/sharesamba(/.*)?'

useradd -s '/sbin/nologin' fred
smbpasswd -a fred

vi /etc/samba/smb.conf
--
workgroup = asiapacific.asiacorp.net
hosts allow = 127. 16.189.16
[mysamba]
comment = my samba
path = /sharesamba
browserable = yes
writeable = yes
guest ok = yes
valid users = fred, @admin
--
testparm
smbclient -L 127.0.0.1 -U fred
smbstatus

POSTFIX

*rimnet orideslo*
vi /etc/postfix/main.cf
--
relayhost = smtp2.example.com
inet_interfaces = loopback-only
mynetworks = 127.0.0.1/8 [::1]/128
myorigin = wani7
mydestinations =
local_transport=error:local delivery disabled
--
postconf -e "myorigin=wani7"
postconf relayhost

Unbound DNS
yum install unbound -y
*inac dofo*

vi /etc/unbound/unbound.conf
interface = loop-back only
access-control = 127.0.0.1/8 [::1]/128
domain-insecure = "asiapacific.asiacorp.net"
forward-zone:
  name: .
  forward-addr: 16.189.16.254

Mariadb

yum groupinstall mariadb-client -y

yum groupinstall mariadb -y

systemctl start mariadb.service

systemctl enable mariadb.service

firewall-cmd --permanent --add-service=mysql

firewall-cmd --reload

mysql -u root

show databases;

create database dbphone;

use dbphone;

create table tphone (name char(10), phonenum int );
describe tphone;
insert into tphone values ('emma', 5551234);
show tables;

select * from tphone;

CREATE USER 'mary@'%' IDENTIFIED BY 'mary123';

grant select on dbphone.* to mary@'%'

flush priveleges;

exit;

Dump table data into db

mysql -u root < /tmp/data.sql dbphone
mysqldump -root dbphone > /tmp/mydata.sql

Show table data from linux cmd line

mysql -u root -p -e 'select * from tphone' dbphone

Other notes:
-create user must use caps
-

BASH SCRIPT

vi myscript.sh

#!/bin/bash

if [ $# -eq 0 ]; then

 echo "need input"

fi

case $1 in

 one)

   echo "satu"

 ;;

 *)

   exit;

 ;;

esac

for i in {1..5}; do

 echo $i;

done

STORAGE
cdialupo -- fw mudo -- dislogses - xfs blkid

install targetcli, iscsi-initiator-utils
start/enable target
fw port 3260

fdisk /dev/sda. new partition sda1

targetcli
>create disk - iscsi - acls -luns - portals
(disk, server, desktop, disk, port)

vi iscsi initiator (desktop)
isciadm >discovery - logins - session

mkfs -t xfs /dev/sda1

blkid /dev/sda1

/etc/fstab --> UUID /mnt/z  xfs  _netdev 0 2

--

FIREWALL

# firewall-cmd --list-all-zones
# firewall-cmd --get-default-zone
# firewall-cmd --zone=work --list-services
# firewall-cmd --permanent --zone=public --add-service=http
success

# firewall-cmd --list-services

# firewall-cmd --list-ports

# firewall-cmd --permanent --add-port=2222/tcp

# systemctl restart firewalld

HTTP WEBSERVER

(A) Web PHP

install --> httpd --- php --- php-mysql

start/en  --> httpd.service

fw --> http, https

ls -lZ /var/www/html/index.php

restorecon -Rv /var/www/

...

(B) Web Vir + SSL

install --> httpd  --- mod_ssl --- mod_wsgi

OTHER

NETWORK IP Config
CLI
ip addr add 192.168.0.35/24 dev eth0
ip route add 192.168.0.1 dev eth0
DNS -> vi /etc/resolv.conf
8.8.8.8

Check:
ip addr
ip route

PERMANENT
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=none
ONBOOT=yes
PREFIX=24
IPADDR=192.168.0.35

vi /etc/sysconfig/network  (gateway)
192.168.0.1

systemctl restart network

NETWORK TOOLS
-no yum install required

yum install net-tools (for basic networking tools)
ifconfig
netstat -rn

NETWORK TEAMING

nmcli con add
 type team
 con-name team0
 ifname team0
 config 'runner:name:roundrobin'

--> '{runner: {name: roundrobin}}'
--> '{"runner":{"name":"activebackup"}}'

nmcli con mod team0
 ipv4.address '192.168.0.15/24'

nmcli con mod team0
 ipv4.method manual

nmcli con add
 type team-slave
 con-name team0-port1
 ifname eth0
 master team0
--> repeat for team0-port2 + eth1

teamdctl team0 state
nmcli dev dis/con team0-port1
nmcli con delete team0-port2
nmcli con delete team0


*notes:
forgot-> config ' ', mod team0, master team0


Add new disk

# fdisk -l
> /dev/sdb = 2GB

# fdisk /dev/sdb
n=new
p=primary partition
t=change type
83=linux
8e=linux LVM
p=print current setting
w= write & quit

# pvcreate /dev/sdb1
  Physical volume "/dev/sdb1" successfully created.

Create new filesystem /opt/mz using new disk

# vgcreate vgopt /dev/sdb1

# lvcreate -L 2G -n lvopt vgopt
# lvdisplay

# mkfs.ext4 /dev/vgopt/lvopt

# mkdir /opt/mz

# mount /dev/vgopt/lvopt  /opt/mz

# df -h /opt/mz

>edit /etc/fstab to mount as persistence

/dev/mapper/vgopt-lvopt      /opt/mz    ext4    defaults  0 0