Tanti Technology

My photo
Bangalore, karnataka, India
Multi-platform UNIX systems consultant and administrator in mutualized and virtualized environments I have 4.5+ years experience in AIX system Administration field. This site will be helpful for system administrator in their day to day activities.Your comments on posts are welcome.This blog is all about IBM AIX Unix flavour. This blog will be used by System admins who will be using AIX in their work life. It can also be used for those newbies who want to get certifications in AIX Administration. This blog will be updated frequently to help the system admins and other new learners. DISCLAIMER: Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility. If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.

Wednesday, 30 August 2017

File System Permissions On Linux



Umask : umask is the value with this umask mask value kernel can identify who is going to create a file or directory.

umask is the command to find out umask value


root users umask 0022
normal users umask 0002


default permissions = maximum permissions-umask

For a file :-
   
root
     maximum permissions of a file 666
              

                                         umask    022    (-)
                                                     -----------
                                                       644 
                                                    ------------
Normal User
        
      
maximum permissions of a file 666
              

                                         umask    002    (-)
                                                     -----------
                                                       664 
                                                    ------------



For a directory :-


root
     maximum permissions of a directory 777
              

                                         umask    022    (-)
                                                     -----------
                                                       755 
                                                    ------------
Normal User
        
      
maximum permissions of a directory 777
              

                                         umask    002    (-)
                                                     -----------
                                                       775 
                                                    ------------


   we can change permissions in two methods

1) symbolic mode
2) absolute mode (numeric mode)




1)symbolic mode

 

 users                     permissions                 operators
u=owner(user)         r=read
g=group w=write -
o=other x=execute                       =



chmod is the command to change permissions

 
   syntax: chmod
   ex: chmod u=rwx,g=rx,o=rx ds
(here we are giving full permissions to owner,read&execute for group & others
 

if we want to change permissions for a specific task

  ex: here i want to give write to group

  chmod g+w ds


2)absolute mode:

 
          In Absolute mode we have to provide permisions in numeric signs

                   r = 4
                  w = 2
                  x = 1


 syntax :
 chmod 755 ds
here we are giving full permissions to owner &read execute to group & others

if we want remove total permissions for others
 

 chmod 750  /home/mahesh
                  ADVANCED FILE PERMISSIONS
          
We have three advanced file permissions.


        1) suid
       2) sgid
       3) stikybit

 

    suid =4 ,  sgid =2  ,  stickybit=1

1) suid:  suid will be apply only on commands suid is used to provide root previlages on a particular administrative command for a normal user
  

       ex: ls -l /bin/ping

In this example by default suid was applied for ping command thats why anybody can use ping command if we remove ping command nobody can use
check : chmod 755 /bin/ping
now try to ping from any user account(it wont ping) provide suid then ping once again
(providing suid chmod 4755 /bin/ping )


2) SGID : It is an advanced file permission for group inheritance. parent dierctory group is inherited to all files and directories.
 

  SYNTAX : chmod g+s
   ex     : chmod g+s /redhat

3) STICKYBIT : stickybit is an advanced file permission through which owner and root can delete his file and no other users to allow to delete files
 

   SYNTAX  : chmod o+t
       ex      : chmod o+t /redhat

                 




Hard link


soft link
1.can create only with in a partition

1.can create accross the partitions.
2.Inode number will be same.

2.Inodes numbers are different.
3.original & link file are in same size.

3.link file size is less than org.file.
4.if original file removed then also we can access link file.

4.link file can't be accessed if original file is removed.

  

 TO CONFIGURE HARDLINK

     SYNTAX :ln
     ex  : ln /dev/sda /dev/sdb

 

TO CONFIGURE SOFTLINK

     SYNTAX : ln -s
     ex  : ln -s /usr/king /root/redhat



                      ACL (Access Control Lists)
       
     To configure different set of file permissions for different users on a single resource (files/folder) Acls are implemented. Acls can be applied on users and groups.
 

To apply an Acl for an user

    SYNTAX : setfacl -m u::
    ex : setfacl -m u:mahesh:rwx  /bsrtech


To check acls of file or directory
 

     SYNTAX :getfacl
     ex : getfacl /bsrtech

To apply an acl for a group

 
    SYNTAX : setfacl -m g::
    ex  : setfacl -m g:sales:rwx /bsrtech

To Remove acl

 
     SYNTAX :setfacl -x u::  
 

     ex :  setfacl -x u:mahesh:  /bsrtech

     ex :  setfacl -x g:sales:  /bsrtech

User and Group Administration Concept On RHEL / CentOS 5&6


In Command Mode Practice These Steps:-

vim  /etc/passwd : contains user information
vim  /etc/shadow  : contains users password information
vim  /etc/group : contains groups information

cat /etc/passwd : to view total users info
cat /etc/passwd | grep sam  (or) getent passwd sam : to view only sam users information
cat /etc/shadow : to view passwords of all existing users
cat /etc/shadow | grep sam (or) getent shadow sam : to view only sam users password
cat /etc/group : to view all groups information
cat /etc/group | grep hr (or) getent group hr : to view only hr group information.

useradd

-u : TO change uid
syn: useradd -u
ex: useradd -u 1000  mahesh

-g : to add an user into a group(with out primary group)
useradd -g

ex: useradd -g cyber naveen

-G :to add an user into a group(with primary group)
useradd -G < username>

-s :to change shell
useradd -s
/sbin/nologin: user can't able to login from this pc(he can login from remote pc)
syntax: useradd -s /sbin/nologin admin
/bin/false : user can't login from this pc from remote pc
useradd -s /bin/false
-d : to change home directory of an user
syntax:useradd -d
useradd -d /usr/mahi  mahi

To modify an existing users account


usermod : usermod is the command to change modifications to an exisiting user account.

usermod -u : to change uid of an existing user
usermod -G : to add an user into an existing group along with his primary group
usermod -g : to add an existing user into an existing group with out his primary group
usermod -d : to change an existing users home directory.
usermod -s : to change shell for an existing user

gpasswd -a  : to add an user into ennumber of groups
syntax: gpasswd -a
ex: gpasswd -a  mahesh  hr
here we are adding mahesh  into hr group

gpasswd -d : to remove an user from a group
syntax: gpasswd -d
ex: gpasswd -d mahesh  hr
here we are removing mahesh from hr group

gpasswd -M : to add ennumber of existing users into  a group along with primary group.
syntax: gpasswd -M ,,
ex: gpasswd -M  mahesh,naveen,raju  hr
here we are adding mahesh,naveen,raju  into hr group

userdel -r : to delete an user account
syntax: userdel -r
ex: userdel -r naveen (here we are deleting user naveen)


Group: group is nothing but logical grouping of users :

groupadd : this is the command to add a group
syntax: groupadd
ex: groupadd  itdepart

groupdel : groupdel is the command to remove a group.
syntax: groupdel
ex: groupdel itdepart (here we are deleting itdepart group).

groupmod : used to modify an existing group.
options:
-n : to change name of a group
syntax: groupmod -n
ex: groupmod -n itdepartment  itdepart

chgrp : chgrp is the command to change group ownership of a file or directory
syntax: chgrp
ex: chgrp itdepartment   /java
here we are changing groupownership of /java to itdepartment  group

chown : chown is the command to change ownership of a file or directory
synax:  chown
ex: chown mahesh   /java/oops
here we are changing ownership of /java/oops to mahesh

chown -R :to change ownership & groupownership of a file or directory
syntax: chown -R
ex: chown -R mahesh:itdepartment  /java/oops
here we are changing ownership of /java/oops to mahesh & groupownership to itdepartment group

FILE SYSTEM HIERARCHY in LINUX


File System is a mechanism used in the O/S environment for storing the data in a systamatical order into a storage device.      

UNIX/LINUX follows hierarchy file system standard (HFS) . In this file system all other directories mounted under the directory called root ( / ) .

                 /       -->  Root (Top of the directory)

                /root  -->  Super User (or) Administrator home directory, it represented by " ~ "(tilde) symbol .                                            

Structure Of  Linux
"/"  this directory is called as root directory
                       
                      It is the top of filesystem structure

 All other directories are mounted under it.

  (1)     /root : this is default homedirectory of administrator

  (2)     /home : It contains all users home directories

  (3)    /boot : It contains bootable files like kernel  (initrd image),  bootloader (GRUB),
                                    installer  (ANACONDA-ks.cfg)

  (4)    /sbin : It contains administrative commands used by super user (root)
                                 i.e. ADMINISTRATOR

  (5)    /bin  : It contains commands used by superuser & normal user

  (6)    /usr  : It contains the packages and application which are available for user
                       (similar to program files on windows)

  (7)    /var  : It contains variable information such as logs and print queries

  (8)   /lib  : It contains libraries need by no. of different application as well as linux kernel 

  (9)    /etc  : It contains all configuration files

 (10)   /proc : This directory contains current running process information.

 (11)   /tmp  : This directory contains temporary files used by the system

 (12)   /opt  : It contains the third party application

                  Eg    : Core word effect, Sun star office

 (13)  /media : Removable media is stored under this directory.

 (14)  /dev  : This directory contains devices modes through which the o/s can access
                    hardware (on software device on the system)

   
       DEVICE                                       IDE                                 SATA
       
   primary master                          /dev/hda /dev/sda
  
   primary slave                            /dev/hdb /dev/sdb

  secondary master                       /dev/hdc                                 /dev/sdc

  secondary slave                        /dev/hdd /dev/sdd

Features Of UNIX

1. Multi User
2. Multi Tasking
3. Open System
4. Programming Facility
5. Security
6. Portability
7. Communication
8. Help Facility
 
1. Multi User : More than one user can access same system resources (hardware,memory,printer,etc..) at the same time known as multi user.

2. Multi Tasking : Execution of more than one task (or) application simultaneously known as multi tasking. The main concept of multi tasking is maximum utilizing CPU resources.

Eg : At a time we can run multiple tasks, i.e editing task,compile task,printing,etc..

3. Open System : UNIX had bright feature, i.e open source code. Any user can modified unix open source code, can develop own O/S based on our business requirements.
It is developed “AT&T” bell labs employes in 1973 by using C-Language.

Using unix open source code


Vendor
Operating System
File System
Redhat
RHEL
ext2,ext3,ext4
SUN-Microsystem
Sun-Solaris
UFS – Unix File System
IBM
IBM-AIX
JFS – Journal File System
HP
HP-UX
HPFS – High Performance FS
SG(Silicon Graphics)
IRIX

SCO(scanta cruz operations)
SCO – UNIX

Microsoft
Xenix



Any Operating System developed based on UNIX open source code known as flavour of Unix

4. Programming Facility : UNIX O/S provides shell, shell works like a programming language. It provides commands and keywords.

         
Scripting Language

Programming Language
i). It is a interpreter based language.

i). Compiler based language.
ii). Interpreter converts high level instructions into machine language line by line.

ii). The whole program in a single short into machine language.
iii). It doesn,t create .exe files.

iii). Create .exe files
iv). No need to compile the program .

iv). Need to compile the program .
v). It takes less time of code.

v). Takes numerous lines of code.
vi). Reduce cost of maintenance .
vi). Increase cost of maintenance .

        
5. Security : UNIX given 2 levels of security 

a) System level security

b). File level security

a) System level security : System level security controlled by System Administrator .

b). File level security : File level security controlled by owner of the file.

6. Portability : portability means independent of hardware and processor. One of the main reasons for the universal popularity of unix is that it can be ported to almost any computer system. It works with 8088 processor to super computer.

7. Communication Facility : The main concept of communication facility exchanging of information (or) files from one user account to another user account.

Unix provides electronic mail. The communication maybe within the network of a single main computer (or) between two or more such computer networks.

The user can easily exchange mail, data, programs through such networks.

8. Help Facility : UNIX provides manual page for Unix commands. Man is the command to see the help.

           Eg :   # man useradd

                    # man userdel


                    # man vim

Linux History

History of linux
         


Unix  is a Operating System .

Operating System: 
       
       Operating System is an interface between user and Computer (Hardware). It is the software that manages the computer hardware and provides a convenient and software environment for running programs.
        
       Operating  System is a collection of system programs, It classified into 2 types
                  
                   1). CUI (Character User Interface)
                           Ex: DOS, UNIX.
                   
                   2). GUI (Graphical User Interface)
                         Ex: WINDOWS, LINUX

   GUI  is user friendly,  CUI  is not user friendly

Now we will discuss about UNIX/LINUX Operating System
      
      UNIX/LINUX is the most important achievement of Free Software, it has been developed for Business, Education and Personal productivity. It is 100% case sensitive.

History of UNIX:
               
              The Journey of UNIX Operating System had been started from the project MULTICS (Multiplex Information Computing System) at AT&T (American Teliphone and Telegraph) Bell Labs in the year 1965. The Software Team  Lead by Ken Thomson, Dennis Ritche and Rudd Candy worked on this Project.
           
              The aim of this Project is to Share the same data by n number of users at the same time.
Intially MULTICS Project was developed for only 2 Users.

In 1969, MULTICS was dropped, because its written 100% Assembly Language.  Based on the same Concept in 1969, UNICS  O/S was developed for 100’s of users.UNICS stands for Uniplexed Information Computing System. It is 80% C-Language and 20% Assembly Language.

In 1973 UNICS Operating System was dropped, because then UNICS Operating System was totally rewritten into 100% C-Language, named it as UNIX.
            
                              MULTICS   ---------1965 ----100% Assembly Language
                              UNICS        ---------1969----80% C-Language,20% Assembly Language
                              UNIX          ---------1973-----100%  C-Language

  • Now approximately 20 Million Computers running on UNIX, and More tham 100 Million People using these Systems.


  •  The Success of UNIX  many factors are there,  Its Multi User and Multi Tasking nature and its suitability for Networking and its provide more security compare with other Operating Systems.

Backup & Recovery Concept on RHEL / CentOS 5.X&6.X

Backup:-

                 
                 Data Backup is the physical copying of data files to a removable  storage device that allows the data to be stored in another location.  When needed, an individual data file or an entire set of data files,  can be restored to a computer system.


USERS OF  BACKUP & RECOVERY:

    1)To copy data to alternate media 
    2)To prevent data loss 
     
     Note: Only administrators can backup the data

Types of data:

      I)System generated data
      II)User generated data
Types of backup:
1)Full backup
      2)Incremental backup
      3)Differential backup

 1)Full backup :   complete backup of entire system

2)Incremental backup:  It includes all files that were changed since last backup. It always smaller than differential backup.



3)Differential backup:  It includes all the files that were changed since last full backup. As time increases since the last full backup the size of differential backup increases.

Commands for backup:

     1)tar (tape archieve)
     2)cpio (copy input/output)
     3)dump

1) tar:

#tar
Note:destination must be in .tar extension
options:
-c=create
-v=verbose
-f=file
-t=table of content
-x=extract to
-w=interactive
-z=zip

To take backup

#tar -cvf
ex:tar -cvf passwd.tar /etc/passwd 

To list the content of tar file
#tar -tvf
ex:tar -tvf passwd.tar 

To extract content of file

#tar -xvf
ex:tar -xvf passwd.tar

To take backup along with zip

#tar -cvzf

Note:file name must be with an extension of .tar.gz

example : #tar -cvzf passwd.tar.gz /etc/passwd

To extract zip file

#tar -xvzf
example : #tar -xvzf passwd.tar.gz

2) cpio(copy input/output):

Backup using cpio:

#ls | cpio -ov >
example:ls -l | cpio -ov > sun

To extract:

#cpio -iv
example:cpio -iv sun

3) dump  : 

Backup using dump:
#dump -Ouf
example:dump -Ouf /media/ sun
To extract:
#restore -f
example:restore -f sun

Remote backup:

#rsync -avz -e ssh :
example:rsync -avz mahesh -e ssh 192.168.1.20:/root/mahesh

#scp -r :
example:scp -r mahesh  192.168.1.20:/root/mahesh

LVM (Logical Volume Manager) Concept on Linux RHEL / CentOS 5&6

L.V.M(Logical Volume Manager)



LVM is a method of allocating harddrive space into logical volumes that can be easily resized instead of partitions.
With LVM the harddrive (or) set of harddrives are allocated to one or more physical volumes.

The physical volumes are combined into volume groups
Each volume group is divided into logical volumes which are assigned mountpoints such as /home and filesystem types such as ext3


To configure LVM
1)Create three LVM partitions
2)Convert them as physical volumes
3)Create volume groups from physical volumes
4)Create logical volumes from volume groups and assign mountpoints

IMPLEMENTATION:
#fdisk /dev/sda
:n
+500M
:t

:8e    (Linux LVM)
:w   (save & exit)
#partx -a /dev/sda (update kernel)


To convert LVM partitions as physical volumes
#pvcreate /dev/sda
ex: pvcreate /dev/sda{9,10,11}

To view physical volumes
#pvdisplay

To create volume group
#vgcreate
ex: vgcreate bsrtech /dev/sda{9,10,11}

To view volume groups
#vgdisplay

To create a logical volume
#lvcreate -L <+size> -n
ex: lvcreate -L +300M /dev/bsrtech -n lv1

To view logical volumes
#lvdisplay

To format logical volumes
#mkfs.ext4 /dev/bsrtech/lv1

Create a mountpoint and mount logical volume on it
#mkdir /mysql
#mount  
/dev/bsrtech/lv1   /mysql
#cd /mysql
 

To extend size of logical volume 
#umount
#lvresize -L +
ex:lvresize -L +200M  
/dev/bsrtech/lv1
To make filesystem for extended size
#resize2fs
ex: resize2fs  
/dev/bsrtech/lv1
 #mount /dev/bsrtech/lv1  /mysql
 

To reduce a logical volume
note: whenever we are reducing an LVM we have to take backup (More Details #man lvreduce)
#mkdir  /lvm-bkp
#cp -rf /mysql/*  /lvm-bkp

#lvreduce -L <-size>
ex: lvreduce -L -100M  
/dev/bsrtech/lv1
 To format LVM
#mkfs.ext4
ex:mkfs.ext4 /dev/bsrtech/lv1

#mount 
/dev/bsrtech/lv1  /mysql
#cp -rf /lvm-bkp/* /mysql

To remove an LVM
#umount
#lvremove
ex:lvremove 
/dev/bsrtech/lv1

 To extend volume group
1)create another LVM partition
2)convert into physical volume

#vgextend
ex:vgextend /dev/bsrtech  /dev/sda12

To reduce volume group
#vgreduce
ex:vgreduce /dev/bsrtech  /dev/sda12


To remove volume group
#vgremove
ex:vgremove /dev/bsrtech

To delete physical volumes
#pvremove
ex:pvremove /dev/sda{9,10,11,12}