快速业务通道

LinuxCBT_EL-5_Edition_Notes(2)

作者 佚名技术 来源 Linux系统 浏览 发布时间 2012-03-29

e. day of the week (Sun, Mon, Tue, etc. OR 0-7)
f. command to execute (shell, perl, php, etc.)
3. Wakes up every minute in search of programs to execute
4. Reads cron entries from multiple files
5. Maintains per-user and system-wide (/etc/crontab

/etc:
cron.d/
cron.deny - denies cron executinb by user
cron.monthly/ - runs jobs monthly
cron.weekly/ - runs jobs weekly
cron.daily/ - runs jobs daily
cron.hourly/ - runs jobs hourly
crontab - contains system-wide scheduers

Note: ''*'' wildcard in a time column means to run for all values

Per-user Crontabs:
Stored in: /var/spool/cron

Task:
1. Create a cron entry for the user ''student1''
a. ''su student1''
b. ''crontab -e''
c. create an entry, minus the name of the user

Note: ''crontab -l'' enumerates per-user cront entries

System-wide Crontab:
Stored in: /etc/crontab

Task:
1. Create a cron entry in: /etc/crontab

Note: ''crontab -l -u username'' - enumerates per-usercron entries


###SyslogD###

Features:
1. Handles logging
2. Unix Domain sockets (/dev/log)
3. Internet Sockets (UDP:514)
4. Ability to log to local and remote targets

Implented as ''sysklogd'' package

Primary configure file: /etc/syslog.conf

Standard syslog.conf file contains:
1. Rules
a. facilities -> applications/daemons/network device/etc.
b. levels -> Importance of message
Range: 0-7
7 = emergency
6 = alert
5 = critical
4 = error
3 = warning
2 = notice
1 = info
0 = debug (more information)

2. Targets
a. file - /var/log/messages
b. tty - /dev/console
c. remotes host - @IP_ADDR_of_REMOTE_HOST

''*'' = catchall/wildcard to mean any facilities or level
''.none'' = exclusion rule


''man syslog.conf'' to learn about the support facilities.levels

Task:
1. Enable UDP logging for remote Cisco gateway (192.168.75.1)
a. netstat -nul | grep 514 - reveals UDP:514 listener
b. nano /etc/sysconfig/syslog
b1. ''SYSLOGD_OPTIONS="-m 0 -r"
c. restart syslog and confirm UDP:514 listener
c1. ''service syslog restart''
c2. ''netstat -nul | grep 514''
d. Configure the router using facility ''local0'' and level ''info''
e. configure /etc/syslog.conf to accept ''local0.info''
f. restart or reload ''syslog''


###Log Rotation###

Features:
1. Rotation of logs based on criteria
a. size
b. age (daily, weekly, monthly)
2. Compression
3. Maintain logs for a defined period

/etc/logrotate.conf - primary (global) config file for all logs
- can be overriden by context-sensitive files. i.e. apache
run ''man logrotate'' to get help paper
/etc/logrotate.d - directory for logs to be rotated
-httpd - used to rotate Apache logs

/var/log/httpd/*log {
missingok
notifempty
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
endscript
}

Task: Setup rotation rule for Cisco log
1. Create entry in: /etc/logrotate.d based on /etc/logrotate.d/syslog
2. Modified the entry to rotate based on new criteria
3. Rotated using ''logrotate /etc/logrotate.conf''
Note: Force using ''logrotate -f /etc/logrotate.conf''


###Common Network Utilities###

Features:
1. Useful for basic troubleshooting



PING:
Features:
1. ability to communicate with hosts using ICMP
a. PING sends ICMP echo-requests
b. PING expects to receive ICMP echo-replies

Task: PING some hosts and evaluate the output
1. ''ping localhost (127.0.0.1)''
2. ''ping -c 3 localhost'' - sends 3 ICMP echo-requests
Note: ''ping localhost'' performs name resolution using /etc/hosts
Note: ''/etc/hosts'' stores static name-to-IP mappings

Note: 127.0.0.0/8 is full-reserved to the loopback adapter of ALL IPv4 hosts

3. ''ping -c 3 192.168.75.199''
4. ''ping -c 3 -i 3 192.168.75.199'' - delays PINGs to 3 seconds apart

Note: PING defaults to a standard 1-sedond interval
Note: Firewall(s) may block ICMP traffic, causing PING to fail

TELNET:
Features:
1. Great for basic TCP port diagnosis

Task:
1. Connect to TCP ports on various hosts
a. ''telnet 192.168.75.100 22''
b. ''telnet www.linuxcbt.com 80''

NETSTAT:
Features:
1. Provides network connection informationfrom /proc/net/*

Task:
1. Return useful information for various protocols
a. ''netstat''
b. ''netstat -a'' - returns all protocols/sockets
c. ''netstat -ntlp'' - returns all TCP LISTENERS without name resolution
d. ''netstat -nulp'' - returns all UDP LISTENERS without name resolution

Note: netstat use /etc/services to translate ports to names
Note: ''0.0.0.0:514'' - this means that Syslog will accept traffic to any of the defined IP addresses/interfaces on the system

e. ''netstat -ntp'' - returns established connections (sockets)
f. ''netstat -rn'' - returns the route tables

ARP:
Features:
1. Resolves layer-2 (OSI model) MAC addresses to layer-3 IP

Task:
1. Examine MAC addresses using: ifconfig and arp
a. ''ifconfig'' - returns our local MAC addresses
HWaddr 08:00:27:CF:4C:DB
b. ''arp -an'' - returns MAC to IP mappings

Note: When 2 TCP/IP hosts communicate, ARP is performed to translate the IP address(v6/v4) to a MAC address
Note: If a one or more routers seqarate the communicating hosts, then the MAC address of the default router''s (gateway''s) interface is stored by each client


###IPv4 Configuration $ Network Settings###

Network Support:
1. Boot system into a mulit-user mode
2. /etc/modprobe.conf - contains alias and reference to module(s) to be loaded in order to provide netwo***ng
3. Linux decides if the interface is DHCP or static by viewing the contents of:
a. /etc/sysconfig/network - netwo***ng=yes|no, IPv6_Support, Default Gateway, etc.
b. /etc/sysconfig/network-scripts/ifcfg-eth0 - contains ifup, ifdown, and ifcfg-* scripts
c. /etc/init.d/network - main service

service network status - checks netwo***ng

system-config-network-* - network interface configuration

Note: Either update your net configuration manually from the shell, or using the ''system-config-network'' tools to avoid losing setttings

/etc/resolv.conf - DNS configuration file
/etc/hosts - static list of hosts

IPv4 Aliases:
1. ifconfig eth0:1 192.168.75.11
2. ifconfig eth0:2 10.168.76.11

Note: To ensure that aliases persist do the following:
1. cp /etc/sysconfig/network-scripts/ifcfg-eth0 ./ifcfg-eth0:1
2. Modify ifcfg-eth0:1 to reflect aliased IP

Note: Aliases do NOT work dDHCP interfaces

ifconfig eth0:2 del 10.168.76.11 - removes the virtual interface

IPv6 Config

Features:
1. Auto-configured by default gateway (router)
2. fe80:: - link-local address (loopback/local subnet address)
3. 2002:: - 6to4 address, that can be configured based on IPv4 embedded address, using HEX notation
ping6 -I eth0 fe80::a00:27ff:fecf:4cdb
traceroute6 - used to trace routes on IPv6 networks


### Kernel Upgrade ###
Features:
1. Provision of updated/patched kernel

Task:
1. Update the kernel
a. use ''uname -a'' to reveal current version
b. use ''rpm -qa | grep -i kernel'' - to reveal installed version
c. cat /etc/grub.conf -> /boot/grub/grub.conf
2. Proper installation method is as follows:
a. ''rpm -ivh kernel*.rpm'' - install a separate version

Note: Install the following kernel packages if necessary:
a. kernel-devel* - if module compilation is necessary
b. kernel-headers* - if recompilation is necessary


Install:
a. rpm -ivh kernle-2.6.18-53.el5.i686.rpm
Note: This will update GRUB (/boot/grub/grub.conf)
Note: Will also place the new kernel in the /boot file system

Examine traces in:
a. /boot
b. /boot/grub/grub.conf

3. Remove traces of former kernel using ''rpm -e [--nodeps]''
a. rpm -e kernel-2.6.18-8.el5 - remove older version
b. rpm -e --nodeps kernel-headers-2.6.18-8.el5 - force remove ignoring dependencies
c. rpm -e kernel-devel-2.6.18-8.el5

4. Install new ''kernel-headers'' and ''kernel-devel'' packages using YUM
a. yum -y install kernel-headers
b. yum -y install kernel-devel

5. Confirm that the 3 ''kernel-*'' packages are installed:
a. rpm -qa | grep -i kernel

Note: Removal of older kernel-* packages cleans up:
a. /boot
b. /boot/grub/grub.conf (menu.lst)



###Runlevel Service Management Tools###
Features:
1. The ability to indicate desired runlevels for services
2. Service

/usr/sbin/ntsysv

Usage:
1. ''ntsysv'' - manages services in the current run-level
2. ''ntsysv --level 35'' - manages service for run-levels 3 & 5

Note: ntsysv nor chkconfig starts|stops services


/sbin/chkconfig
Chkconfig Usage
1. chkconfig --list ntpd - returns run-level environment for ''ntpd''
Note: items listed as ''off'' have K (kill) scripts
Note: items listed as ''on'' have S (start) scripts

2. ''chkconfig --level 3 ntpd off'' - creates a K(kill) script in run-level 3
3. ''chkconfig --level 35 ntpd off''
4. ''chkconfig ntpd on'' - enables ''ntpd'' in levels 2-5
5. ''chkconfig ntpd off'' - disables ''ntpd'' in levels 0-6

Note: Use ''chkconfig'' from the shell or a script
Note: Use ''ntsysv'' from the shell in interactive mode
Note: When controlling services using ''chkconfig'', reference the name of the service as it''s specified in: /etc/init.d

system-config-services - GUI tools to manage services


###Network Time Protocol (NTP) Implementation###
Features:
1. The ability to synch your system''s clock
2. Also can be used to synch other clocks
3. Implemented as: ''ntp-4.2...rpm'' package
4. Is hierarchial, using strata levels to denote time accuracy

/etc/ntp.conf - primary configuration

NTP Strata:
Features:
1. The ability to denote clock accuracy based on stratum
/etc/httpd/conf.d/ssl.conf - includes key SSL directives

b. crypto-utils - provies /usr/bin/genkey

2. Generate SSL usage keys using: genkey
a. genkey site1.linuxcbt.internal - creates text-gui interface

3. Update /etc/httpd/conf.d/ssl.conf to reference the new keys (public/private)

4. Restart the HTTPD server
a. service httpd restart
b. httpd -S

5. Test HTTPS connectivity
a. https://192.168.75.199

Note: For mutliple SSL sites, copy the: /etc/httpd/confid/ssl.conf file to distinct file, that match your distinct IP-based VHosts


###MySQL###
Features:
1. DBMS Engine
2. Compabtible with various frout-ends:
a. Perl
b. PHP
c. ODBC
d. GUI Management

Tasks:
1. Install MySQL Client & Server
a. yum -y install mysql

/etc/my.cnf - primary config file
/usr/bin/mysql - primary client used to interact with the server
/usr/bin/mysqladmin - primary admin utility to returns sueful info, and perform admin tasks from the shell

凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢!

分享到: 更多
上一篇: RH135-4-regexes下一篇: RH135-7-LVM

Copyright ©1999-2011 厦门凌众科技有限公司 厦门优通互联科技开发有限公司 All rights reserved

地址(ADD):厦门软件园二期望海路63号701E(东南融通旁) 邮编(ZIP):361008

电话:0592-5908028 传真:0592-5908039 咨询信箱:web@lingzhong.cn 咨询OICQ:173723134

《中华人民共和国增值电信业务经营许可证》闽B2-20100024  ICP备案:闽ICP备05037997号