चह चह जतन जतन अछ अछ कर कर कल कल तफ तफ त त लग लग सरशन सरशन रम रम ह ह कक ग ग...... [email protected]#: [email protected]#: ========================= =========================
Dont Break the passwd here login with Root Account Dont Break the passwd here login with Root Account #change the hostname as static
#change the hostname as static #Modify the !" as static #Modify the !" as static # $um %lient
# $um %lient
&uestion#' (Do it in )oth the systems* &uestion#' (Do it in )oth the systems* +et +elinu, in -nforcing mode
+et +elinu, in -nforcing mode
+et the selinu, policy !ermissi/e to -nfrocing on )oth sides. +et the selinu, policy !ermissi/e to -nfrocing on )oth sides.
#/im 0etc0selinu,0config #/im 0etc0selinu,0config
+-1234=permissi/e 5 change permissi/e to -nforcing +-1234=permissi/e 5 change permissi/e to -nforcing :w6
:w6
#setenforce '7 systemctl re)oot #setenforce '7 systemctl re)oot
done done &uestion#8
&uestion#8
%ustomi9e the user en/ironment on )oth systems. %ustomi9e the user en/ironment on )oth systems.
%reate a custom command called 6stat on )oth system' and system8 that runs the %reate a custom command called 6stat on )oth system' and system8 that runs the command 0usr0)in0ps Ao
command 0usr0)in0ps Ao pid;tty;user;fname;rs9 pid;tty;user;fname;rs9
<hat command should )e a/aila)le to all users on the system. <hat command should )e a/aila)le to all users on the system. +olution +olution #which ps #which ps
0usr0)in0ps Ao pid;tty;user;fname;rs9 caopy this one 0usr0)in0ps Ao pid;tty;user;fname;rs9 caopy this one open the 0etc0)ashrc
open the 0etc0)ashrc #/im 0etc0)ashrc #/im 0etc0)ashrc
/im:ts=:sw= ()elow this line* /im:ts=:sw= ()elow this line*
alias 6stat=>0usr0)in0ps Ao pid;tty;user;fname;rs9> alias 6stat=>0usr0)in0ps Ao pid;tty;user;fname;rs9> :w6 :w6 #source 0etc0)ashrc #source 0etc0)ashrc #6stat #6stat ????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????? done????????????????????? done????????????????????? &uestion# &uestion#
%onfigure ssh on )oth the systems. %onfigure ssh on )oth the systems.
%onfigure ssh ser/er on ser/er4.e,ample.com and domain.my''t.org should not ha/e %onfigure ssh ser/er on ser/er4.e,ample.com and domain.my''t.org should not ha/e ssh access. ssh access. solution solution #/im 0etc0hosts.deny #/im 0etc0hosts.deny sshd: .my't.org sshd: .my't.org :w6 :w6 #systemctl restart sshd #systemctl restart sshd ????????????????????????????????????done??????????????????????? ????????????????????????????????????done??????????????????????? &uestion# &uestion# %onfigure ip/ %onfigure ip/
%onfigure !" on )oth desktop4 and ser/er4 on eth de/ice; this should not effect %onfigure !" on )oth desktop4 and ser/er4 on eth de/ice; this should not effect !" network. n
!" network. n
ser/er4 !" should )e fdd):fe8a:a)'e::caC:'0 .n desktop4 !" ser/er4 !" should )e fdd):fe8a:a)'e::caC:'0 .n desktop4 !" fdd):fe8a:a)'e::caC:80 should )e
and after re)oot )oth !" and !" should )e a)le to communicate on )oth sides. +olution:
@ser/er:
#nmcli connection modify +ystem eth ip/.addresses >fdd):fe8a:a)'e::caC:'0> ip/.method static
#nmcli connection down +ystem eth #nmcli connection up +ystem eth
after re)oot try to ping to the )elow ip
#ping fdd):fe8a:a)'e::caC:8(if it is pinging then ok* @%lient:
#nmcli connection modify +ystem eth ip/.addresses >fdd):fe8a:a)'e::caC:80> ip/.method staticile: 0
#nmcli connection reload #systemctl restart network
after re)oot try to ping to the )elow ip
#ping fdd):fe8a:a)'e::caC:'(if it is pinging then ok*
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE EEEEEEEEEEEEEEEEEEEEEEEEEEE
&uestion#F
%onfigure 2etwork <eaming.(linkagregation* on )oth sides.
%onfigure 2etwork teaming on system' and system8 use two de/ice called eth' and eth8
in ser/er4 paddress is 'G8.'C..'08 and desktop4 ipaddress is 'G8.'C..808
do the same configuation on system' or ser/er4 machine;Hust change the !. #localte team
#nmcli connection add type team conname team ifname team config >Irunner: Iname:acti/e)ackupJJ>
#nmcli connection show
#nmcli connection add type teamsla/e conname ganesh ifname eth' master team #nmcli connection add type teamsla/e conname ganesh ifname eth8 master team #nmcli connection modify team ip/.addresses >'G8.'C..'08>
#nmcli connection reload #systemctl restart network #teamdctl team state
setup: runner: acti/e)ackup ports: eth' link watches: link summary: up instanceKlinkEwatchEL: name: ethtool link: up eth8 link watches: link summary: up instanceKlinkEwatchEL: name: ethtool link: up runner:
acti/e port: eth'
#############################################done################################## #######################
port forwarding:
%onfigure !R< RNARD2O incomming connection on port F'0tcp on the firewall to port '0tcp on network
'P8.8F..08.
#firewallcmd permanent addrichrule=>rule family=ip/ source address='P8.8F..08 forwardport
port=F' protocol=tcp toport='> #firewallcmd reload
??????????????????????????????????????????????????????? done?????????????????????????????????????'''
&uestion#P
%onfigure mail on )oth system' and system8.
Q Do not accept incoming mail from e,ternal sources.
Q All mail sent locally on this system automatically routed to system'.group'.e,ample.com
Q Mail sent from these systems should show up as comming from group'.e,ample.com Q $our ma, test )y sending mail to >another
#la) smtpnullclient setup(do in the la) not in e,am*
+etting up ser/er machine... +etting up mutt...
#####if pkg is not installed #### # rpm 6a grep postfi,
postfi,8.'.'.elP.,CE # yum install postfi, yS% # systemctl ena)le postfi,S% # systemctl restart postfi,S%
# firewallcmd addser/ice=smtp permanent # firewallcmd reload
steps you ha/e remem)er and do the same desktop in e,am(system8* #postconf e inetEinterfaces=loop)ackonly
# postconf e mydestination=
# postconf e relayhost=Ksmtp'.e,ample.comL # postconf e myorigin=e,ample.com
# postconf e localEtransport=error: local deli/ery disa)led # postconf e mynetworks='8P...0C K::'L0'8C
# systemctl restart postfi,.ser/ice # su student
Kstudent@ser/er4 TLU mail s >Oanesh is configured smtp null client> student@desktop'.e,ample.com
Vi <o all ;
$ou can>t send the mails to me. )ecause its null client
i can send to you . -< #######################done############### &uestion#C 2+ +er/er:
-,port your 0pu)lic directory /ia 2+ to the e,ample.com domain. Make sure that client in e,ample.com
domain should a)le to read only permission in 0pu)lic.
&uestion#G
%onfigure secure 2+ ser/er.
-,port your 0pu)licsecure directory with using Wer)oros /ia 2+ to the e,ample.com domain.
Make sure client in e,ample.com domain shoud a)le to read and write prmission on 0pu)licsecure and
create a su)directory called pu)licshare.
a.pu)licshare directory owner should )e ldapuser4 and ldapuser4 user should a)le to read and write not
to any other .
).Download keyta) for the ser/er from the is url
http:00classroom.e,ampe.com0pu)0keyta)s0ser/er4.keyta) EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE EEEEEEEEEEEEEEEEEEEEEEE &uestion#' 2+ mounts.
a* Mount 0pu)lic permanently on the 0mnt0secure on the desktop4.
)* Mount the secure nfs share 0pu)licsecure permanently on the 0mnt0securepath on desktop4.
/erify that user ldapuser4 has read and write access on the 0mnt0securepath on the desktop4
Quse keyta) file http:00classroom.e,ample.com0pu)0keyta)s0desktop4.keyta) #############################
+olution of &uestionC and 'a 2+ share
@+er/er machine #yum install nfs y
#systemctl ena)le nfsser/er #systemctl restart nfsser/er
#firewallcmd permanent addser/ice=nfs #firewallcmd permanent addser/ice=mountd #firewallcmd permanent addser/ice=rpc)ind #firewallcmd reload
#mkdir 0pu)lic #/im 0etc0e,ports
0pu)lic 'P8.8F..0'(ro*
in e,am your domain will )e fields #e,portfs r/
#showmount e ser/er4 @%lient(desktop*
#yum install nfsutils y #showmount e ser/er4 #mkdir 0mnt0secure #/im 0etc0fsta)
'P8.8F.4.'':0pu)lic 0mnt0secure nfs defaults :w6
#mount a #df V
+olution of &uestionG and '). 2+ with Wr)F
@+er/er machine
#la) nfskr)F setup(this is only for classroom* #yum install nfs y
(please restart in this se6uence only* #systemctl restart nfsser/er
#systemctl restart nfssecureser/er
#firewallcmd permanent addser/ice=nfs (we already added at first &uestion* #firewallcmd permanent addser/ice=mountd
#firewallcmd permanent addser/ice=rpc)ind #firewallcmd reload
(use capital and keep the file as 0etc0kr)F.keyta) only*
#wget 0etc0kr)F.keyta) http:00classroom.e,ample.com0pu)0keyta)s0ser/er4.keyta) #mkdir mPPP 0pu)licsecure
#mkdir 0pu)licsecure0pu)licshare
#chown ldapuser4 0pu)licsecure0pu)licshare0 #ls ld 0pu)licsecure0pu)licshare0
#ls ld 0pu)licsecure0 #/im 0etc0sysconfig0nfs
at line no ' #R!%2+DARO+=" .8 (!lease use capital "* #/im 0etc0e,ports 0pu)licsecure 'P8.8F..0'(rw;sec=kr)Fp* #e,portfs r/ #showmount e 'P8.8F.4.'' ?????????????????????? @%lient(desktop*
#la) nfskr)F setup (do not do it in e,am* #showmount e ser/er4
(use capital and keep the file as 0etc0kr)F.keyta) only*
#wget 0etc0kr)F.keyta) http:00classroom.e,ample.com0pu)0keyta)s0desktop'.keyta) #systemctl ena)le nfssecure (2.B:only this one ser/ice need to restart at
desktop or clinet not other 8ser/ices*
#systemctl restart nfssecure #mkdir 0mnt0securepath
#/im 0etc0fsta)
'P8.8F.4.'':0pu)licsecure 0mnt0securepath nfs defaults;sec=kr)Fp :w6
#mount a
#ssh lpdauser4@localhost (password is ker)eros* Kldapuser'@ser/er' TLU df V
Kldapuser'@ser/er' TLU cd 0mnt0securepath0pu)licshare in this directory ldapuser should write some content. mkdir coss
touch file
((((((((((((((((((((((((((((((D2-****************************** &uestion#''
%onfigure +AMBA +VAR-:
Q +hare the directory 0common /ia sam)a. $our sam)a ser/er must )e a mem)er of +taff workgroup.
Q <he share name must )e common. Make sure that )rowsa)le must )e ena)led. Q <he shared must )e a/aila)le to e,ample.com clients only.
Q <he user frank should ha/e read access to the share with sam)a. ###################################################################### #yum install sam)a y
#systemctl ena)le sm) nm) #systemctl restart sm) nm)
#firewallcmd permanent addser/ice=sam)a # firewallcmd reload
#chcon t sam)aEshareEt 0common0 #ls ldX 0common0
#sm)passwd a frank 2ew +MB password:
Retype new +MB password: Added user frank.
#/im 0etc0sam)a0sm).conf
at line no CG: change workgroup = +<A
then go to the last line place the cursor at Kpu)licL and copy P lines under it.
7Kpu)licL
7comment = !u)lic +tuff 7path = 0home0sam)a 7pu)lic = yes
7writa)le = yes 7printa)le = no
7write list = Ystaff
please o)ser/e the changes and paste it in the same file KcommonL
comment = !u)lic +tuff path = 0common
#write list = Ystaff )rowsea)le = yes
hosts allow = 'P8.8F. /alid user = frank :w6
#systemctl restart sm) nm) @client
#yum install cifsutils.,CE sam)aclient.,CE y #sm)client 00ser/er'0common 3 frankZredhat
Domain=K+<AL +=K3ni,L +er/er=K+am)a .'.'L sm): [Q ls
if upto this prompt is coming its fine???????????
#######################################################M31<3+-R################## Ne already installed;ena)led;added to firewall also
now starts from &uestion#'8
Multiuser +am)a mount.
Q +hare the directory 0secure /ia sam)a.
Q <he share name must )e secure. Make sure that )rowsa)le must )e ena)led. Q <he shared must )e a/aila)le to e,ample.com clients only .
Q <he user ro) should ha/e read access to the share with sam)a password redhat and user
ro))y shoud ha/e read and write
access to the share with sam)a password redhat
a.Mount sama)a share 0secure permanentely on the 0mnt0securedata. Q on desktop4 as a multiuser mount.
#mkdir 0secure
#chcon t sam)aEshareEt 0secure #useradd ro)
#useradd ro))y
#setfacl m u:ro))y:rw, 0secure #sm)passwd a ro)
2ew +MB password:
Retype new +MB password Added user ro).
#sm)passwd a ro))y 2ew +MB password:
Retype new +MB password: Added user ro))y.
#/im 0etc0sam)a0sm).conf
copy the ' lines from common KcommonL
comment = !u)lic +tuff path = 0common
#write list = Ystaff )rowsea)le = yes
hosts allow = 'P8.8F. /alid users = frank
please o)ser/e the changes KsecureL
comment = !u)lic +tuff path = 0secure
write list = ro))y pu)lic = no
)rowsea)le = yes
hosts allow = 'P8.8F. /alid users = ro) ro))y :w6
@client
################## #useradd ro)
#useradd ro))y
#sm)client 00ser/er'0secure 3 ro) -nter ro)>s password:
Domain=K+<AL +=K3ni,L +er/er=K+am)a .'.'L sm): [Q mkdir coss
2<E+<A<3+EM-DAENR<-E!R<-%<-D making remote directory [coss sm): [Q
#sm)client 00'P8.8F.4.''0secure 3 ro))y -nter ro))y>s password:
Domain=K+<AL +=K3ni,L +er/er=K+am)a .'.'L sm): [Q mkdir coss sm): [Q e,it #/im 0root0sm) username=ro))y redhat=redhat :w6 #mkdir 0mnt0securedata #/im 0etc0fsta)
00'P8.8F.,.''0secure 0mnt0securedata cifs
credentials=0root0sm);multiuser;sec=ntlmssp :w6
#su ro))y
Kro))y@desktop' TLU cifscreds add ser/er'
!assword: please pro/ide same sam)a users credential which is created in ser/er side (ro))y;ro)*.
UKro))y@desktop' securedataLU in this directory please try to create a file. touch file'8
Kro))y@desktop' securedataLU ls file'8
###############done###################
$3 AR- O-<<2O <V- -RRR M+O 1W- !1-A+- <R3B1-+V< < if touch file'8
touch: cannot touch \file']: !ermission denied #####################
################
&uestion#' %onfigure we) ser/er:
Q %onfigure the system' as we) ser/er for the site http:00ser/er4.e,ample.com Q Download the we) page station.html from
http:00classroom.e,ample.com0pu)0updates0station.html Q Rename the downloaded page as inde,.html.
Q %opy the inde,.html file to the document root and dont modify
a. Make sure the we) site should )e allow to e,ample.com only and deny to my't.org doimain .
???????????? +olution
#yum install httpd y
#systemctl ena)le httpd.ser/ice #systemctl restart httpd.ser/ice
#firewallcmd permanent addser/ice=http +uccess
#firewallcmd reload success
#rpm 6d httpd run this command
#cat 0usr0share0doc0httpd8..0httpd/hosts.conf (read this file and copy last P lines*
and paste in /im 0etc0httpd0conf0httpd.conf
####segreate from F line######################### paste is here 5"irtualVost :@@!ort@@Q +er/erAdmin we)master@dummyhost8.e,ample.com DocumentRoot @@+er/erRoot@@0docs0dummyhost8.e,ample.com +er/er2ame dummyhost8.e,ample.com -rror1og 0/ar0log0httpd0dummyhost8.e,ample.comerrorElog
%ustom1og 0/ar0log0httpd0dummyhost8.e,ample.comaccessElog common 50"irtualVostQ
and please o)ser/e the changes
5"irtualVost 'P8.8F.4.'':CQ(4 is your system num)er* +er/erAdmin root@ser/er4.e,ample.com
DocumentRoot 0/ar0www0html +er/er2ame ser/er4.e,ample.com 50"irtualVostQ
5Directory 0/ar0www0htmlQ Kthis is file lines you ha/e to remem)erL rder allow;deny
Allow from .e,ample.com 50DirectoryQ
???????
2ow download the we) page station.html from
http:00classroom.e,ample.com0pu)0updates0station.html
#wget inde,.html http:00classroom.e,ample.com0pu)0updates0station.html ( run this command*
#systemctl restart httpd.ser/ice
#curl k http:00ser/er4.e,ample.com ()etter use firefo,*
(((((((((((((((((((((((((((((((((((((Done****************************** &uestion#'
%onfigure we) ser/er:
%reate the directory confidential for the DocumentRoot of your we)ser/er. Download the page host.html
from http:00classroom.e,ample.com0pu)0updates0host.html And mo/e as inde,.html.t should )e accessa)le to
#mkdir 0/ar0www0html0confidential
2.BAgain open the conifguration file and copy from the
5Directory 0/ar0www0htmlQ Kthis is file lines you ha/e to remem)erL rder allow;deny
Allow from .e,ample.com 50DirectoryQ
please o)ser/e the changesile:
5Directory 0/ar0www0html0confidentialQ rder allow;deny
Allow from 'P8.8F.4.'' 50DirectoryQ
:w6
2ow Download Download the page host.html from http:00classroom.e,ample.com0pu)0updates0host.html
#wget inde,.html http:00classroom.e,ample.com0pu)0updates0host.html (run this command no need to
raname again*
#systemctl restart httpd.ser/ice
open firefo, from desktop;foundation machine it should )e for)iddent;if it )rsowsea)le then mistake with
your configuration
t will only )rowse with ser/er4.e,ample.com
((((((((((((((((((((((((((((((((((((((((((((((((Done*************************** &uestion#'F
%onfigure name /irtual hosting ser/er:
%onfigure the name /irtual hosting ser/er for the site http:00www4.e,ample.com. Download the page
www.html from http:00classroom.e,ample.com0pu)0updates0www.html and rename as inde,.html under
documenRoot 0/ar0www0/irtual. 3ser called rock should a)le to add some content into 0/ar0www0/irtual directory. +olution ######### #mkdir 0/ar0www0/irtual #cd 0/ar0www0/irtual
#wget inde,.html http:00classroom.e,ample.com0pu)0updates0www.html copy the )egining F lines from main we) ser/er configuration
5"irtualVost 'P8.8F.4.'':CQ(4 is your system num)er* +er/erAdmin root@ser/er4.e,ample.com
DocumentRoot 0/ar0www0html +er/er2ame ser/er4.e,ample.com 50"irtualVostQ
and o)ser/e the changes changes
5"irtualVost 'P8.8F.4.'':CQ(4 is your system num)er* +er/erAdmin [email protected],ample.com
DocumentRoot 0/ar0www0/irtual +er/er2ame www4.e,ample.com 50"irtualVostQ
#systemctl restart httpd.ser/ice #useradd rock
#su rock
#/im 0/ar0www0/irtual0rock.html
Rock is modifying the /irtual content :w6
#systemctl restart httpd.ser/ice
first )rowse firefo, http:00www4.e,ample.com
then )rowse firefo, http:00www4.e,ample.com0rock.html
((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((D2-******************* *****************
&uestion#'P
confiure ssl we) ser/er
%onfigure secure we) ser/er site name http:00ser/er4.e,ample.com and the we) site will need to protect
with ++1.
Download the certificates form following locations http:00classroom.e,ample.com0pu)0e,ampleca.crt
http:00classroom.e,ample.com0pu)0tls0pri/ate0ser/er4.key http:00classroom.e,ample.com0pu)0tls0certs0ser/er4.crt #solution
# yum install modEssl y
firewallcmd permanent addser/ice=https success
#firewallcmd reload success
Qdownload the keys )elow location (please download only .crt e,tension keys in this directory* #cd 0etc0pki0tls0certs0 wget http:00classroom.e,ample.com0pu)0e,ampleca.crt wget http:00classroom.e,ample.com0pu)0tls0certs0ser/er4.crt #cd 0etc0pki0tls0pri/ate wget http:00classroom.e,ample.com0pu)0tls0pri/ate0ser/er4.key 2ow run a command
# egrep >++1%++1-++1!> 0etc0httpd0conf.d0ssl.conf and copy form ++1 engine on to ser/erchain.crt
and what e/er # commented delete e,cept ser/erchain.crt(Hust uncomment it* +tep#'
copy the first F lines from the )egining and o)ser/e the changes 5"irtualVost 'P8.8F.4.'':CQ(4 is your system num)er*
+er/erAdmin root@ser/er4.e,ample.com DocumentRoot 0/ar0www0html
+er/er2ame ser/er4.e,ample.com +tep 8
(And what e/er you copied from egrep >++1%++1-++1!> 0etc0httpd0conf.d0ssl.conf * please paste in the middle
++1-ngine on
++1!rotocol all ++1/8
++1%ipher+uite VOV:M-D3M:?a2311:?MDF #
to the ++1%ipher+uite list; and ena)le ++1Vonor%ipherrder. #++1%ipher+uite R%+VA:A-+'8C+VA:VOV:M-D3M:?a2311:?MDF # !oint ++1%ertificateile at a !-M encoded certificate. f ++1%ertificateile 0etc0pki0tls0certs0localhost.crt
++1%ertificateWeyile 0etc0pki0tls0pri/ate0localhost.key #
!oint ++1%ertificate%hainile at a file containing the #
the referenced file can )e the same as ++1%ertificateile #++1%ertificate%hainile 0etc0pki0tls0certs0ser/erchain.crt 50"irtualVostQ
final changes please o)ser/er
5"irtualVost 'P8.8F.4.'':Q(4 is your system num)er* C to +er/erAdmin root@ser/er4.e,ample.com
DocumentRoot 0/ar0www0html +er/er2ame ser/er4.e,ample.com ++1-ngine on
++1!rotocol all ++1/8 ++1/ 5 this one you ha/e to add ++1%ipher+uite VOV:M-D3M:?a2311:?MDF
++1%ertificateile 0etc0pki0tls0certs0ser/er4.crt
++1%ertificateWeyile 0etc0pki0tls0pri/ate0ser/er4.key ++1%ertificate%hainile 0etc0pki0tls0certs0e,ampleca.crt 50"irtualVostQ
#systemctl restart httpd.ser/ices
And this should )e )rowse from all the systems.
(((((((((((((((((((('(((((((((((((((((((((((((((((((((D2-************************* *
&uestion#'
%onfigure wsgi we) ser/er:
%onfigure wsgi we) ser/er site name we)app4.e,ample.com and download dynamic N+O conent from http:00
classroom.e,ample.com0pu)0updates0we)app.wsgi and stored inside /irtual we) ser/er DocumentRoot of your
we)ser/er. and donot effect /irtual we) sere/r. port should )e CGGG and client should access the we) site
using we)app4.e,ample.com:CGGG. ##########
solution
#yum install modEwsgi y #cd 0/ar0www0/irtual
#wget http:00classroom.e,ample.com0pu)0updates0we)app.wsgi #firewallcmd permanent addport=CGGG0tcp
#firewallcmd reload #man semanage port
search for 0e,ample and copy and paste in terminal
#semanage port a t httpEportEt p tcp CGGG (and change it C' to CGGG* open the /im 0etc0httpd0conf0httpd.conf
and search 1isten and %opy the 1isten and paste it and change like this
1isten we)app4.e,ample.com:CGGG down
and in this file only copy from
5"irtualVost 'P8.8F.4.'':CQ(4 is your system num)er* +er/erAdmin [email protected],ample.com
DocumentRoot 0/ar0www0/irtual +er/er2ame www4.e,ample.com 50"irtualVostQ
and o)ser/e the changes
5"irtualVost 'P8.8F.4.'':CQ change C to CGGG (4 is your system num)er*
+er/erAdmin root@we)app4.e,ample.com 5www4 to we)app4 DocumentRoot 0/ar0www0/irtual0we)app.wsgi5 add this one and change DocumentRoot to N+O+criptAlias 0 so final N+O+criptAlias 0 0/ar0www0/irtual0we)app.wsgi
50"irtualVostQ inal output 5"irtualVost 'P8.8F.4.'':CGGGQ N+O+criptAlias 0 0/ar0www0/irtual0we)app.wsgi +er/erAdmin root@we)app4.e,ample.com +er/er2ame we)app4.e,ample.com 50"irtualVostQ :w6
#systemctl restart httpd.ser/ice
Q)rowse #firefo, http:00we)app4.e,ample.com:CGGG (f 3ni, epoch time is coming its done* and ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((D2-***************** *********** &uestion#8 %onfigure mariad).
nstall mariad) data)ase and user root password is redhat data)ase sholud access only localhost. create a
contacts data)ase.
Restore a data )ase )ackup
http:00classroom.e,ample.com0pu)0materials0mariad)0mariad).dump .
>ro)> user can 6uery and access contacts data)ase should )e use password is redhat.
#yum groupinstall mariad) y #systemctl ena)le mariad) #systemctl restart mariad)
#firewallcmd permanent addser/ice=mys6l #firewallcmd reload #/im 0etc0my.cnf unnder Kmys6ldL skipnetworking=' :w6 #mys6lEsecureEinstallation
-nter current password for root (enter for none*: dont gi/e any passwd here Hust hit enter
+et root password^ K$0nL $
Remo/e anonymous users^ K$0nL$
Disallow root login remotely^ K$0nL$
Remo/e test data)ase and access to it^ K$0nL$ Reload pri/ilege ta)les now^ K$0nL$
<hanks for using MariaDB??????????????? #mys6l u root predhat 5 enter
MariaDB K(none*LQ help create7
MariaDB K(none*LQ %R-A<- DA<ABA+- content7
&uery W; ' row affected (. sec*ile: 0run0media0kiosk0DG 8DGP0OA2-+VE%++0OA2-+VERV%-E+13<2
!age '' of '
MariaDB K(none*LQhelp grant7and copy the )elow line
MariaDB K(none*LQ%R-A<- 3+-R >Heffrey>@>localhost> D-2<-D B$ >mypass>7 please o)ser/e the changes
MariaDB K(none*LQ%R-A<- 3+-R >ro)>@>localhost> D-2<-D B$ >redhat>7 MariaDB K(none*LQhelp grant7 and copy the )elow line
ORA2< +-1-%< 2 d)8.in/oice < >Heffrey>@>localhost>7 please o)ser/e the changes
now e,it from the data)ase type e,it7 ##step8#######
download a data)ase from
http:00classroom.e,ample.com0pu)0materials0mariad)0mariad).dump # mys6l u root predhat content 5 0root0mariad).dump
#mys6l u ro) predhat content MariaDB KcontentLQ show ta)les7 YY <a)lesEinEcontent YY category manufacturer product YY rows in set (. sec*
MariaDB KcontentLQ tee 0mnt0password.t,t
MariaDB KcontentLQ select from category where id='7 YYY id name YYY ' 2etworking YYY ' row in set (. sec* #cd 0mnt0
#cat 0mnt0password.t,t
#################################copy the output and paste in a file.t,t################
&uestion#'C
%2O3R- target ser/er
configure target ser/er use the this i6n i6n.8'F8.com.e,ample:system' and O )acking store de/ice
/olume group name iscsiEstorage. iscsi storage should a/aila)e to desktop4.e,ample.com sysetm only.
+olution: @+er/er
#yum install targetcli.noarch y #systemctl ena)le target
#systemctl restart target
#firewallcmd permanent addport=80tcp #firewallcmd reload
#fdisk 0de/0/d)
%ommand (m for help*: n +elect (default p*: e
!artition num)er ('; default '*:(enter*
irst sector (8C8GP'F'G; default 8C*:(enter*
1ast sector; Ysectors or Ysi9eIW;M;OJ (8C8GP'F'G; default 8GP'F'G*:(enter* (!artition ' of type -,tended and of si9e ' OiB is set*
%ommand (m for help*: n
irst sector (G8GP'F'G; default G*:(enter*
1ast sector; Ysectors or Ysi9eIW;M;OJ (G8GP'F'G; default 8GP'F'G*:YO !artition F of type 1inu, and of si9e . OiB is set
!artition num)er (';F; default F*:(enter* Ve, code (type 1 to list all codes*: Ce %ommand (m for help*: p
%ommand (m for help*: w #partpro)e
#p/create 0de/0/d)F
#/gcreate iscsiEstorage 0de/0/d)F
#l/create n storage l 'ZR-- iscsiEstorage #targetcli
0Q ls(you will get output like this )elow*ile: 0run0media0kiosk0DG 8DGP0OA2-+VE%++0OA2-+VERV%-E+13<2
!age '8 of '
o 0 ... K...L o )ackstores ... K...L o )lock ... K+torage )Hects: L o fileio ... K+torage )Hects: L o pscsi ... K+torage )Hects: L o ramdisk ... K+torage )Hects: L o iscsi ... K<argets: L o loop)ack ... K<argets: L 0Q 0)ackstores0)lock create iscsiEstorage 0de/0iscsiEstorage0storage
0Q 0iscsi create i6n.8'F8.com.e,ample:ser/er4 0Q ls(o)ser/e the changed output now*
o 0 ... K...L o )ackstores ... K...L o )lock ... K+torage )Hects: 'L o iscsiEstorage K0de/0iscsiEstorage0storage (.OiB* writethru deacti/atedL o fileio ... K+torage )Hects: L o pscsi ... K+torage )Hects: L o ramdisk ... K+torage )Hects: L o iscsi ... K<argets: 'L o i6n.8'F8.com.e,ample:ser/er4 ... K<!Os: 'L
o tpg' ... Knogenacls; noauthL
o acls ... KA%1s: L
o luns ... K132s: L
o portals ... K!ortals: L
o loop)ack ... K<argets: L 0Q 0iscsi0i6n.8'F8.com.e,ample:system'0tpg'0acls create i6n.8'F
8.com.e,ample:desktop4
0Q 0iscsi0i6n.8'F8.com.e,ample:system'0tpg'0luns create 0)ackstores0)lock0iscsiEstorage
0Q 0iscsi0i6n.8'F8.com.e,ample:system'0tpg'0portals create 'P8.8F.4.'' 0Q ls(you should get final output like this*
o 0 ... K...L o )ackstores ... K...L o )lock ... K+torage )Hects: 'L o iscsiEstorage K0de/0iscsiEstorage0storage (.OiB* writethru acti/atedL o fileio ... K+torage )Hects: L o pscsi ... K+torage )Hects: L o ramdisk ... K+torage )Hects: L o iscsi ... K<argets: 'L o i6n.8'F8.com.e,ample:ser/er4 ... K<!Os: 'L
o tpg' ... Knogenacls; noauthL
o acls ... KA%1s: 'L
o i6n.8'F8.com.e,ample:desktop4 ... KMapped 132s: 'L
o mappedElun ... Klun )lock0iscsiEstorage (rw*L
o luns ... K132s: 'L
o lun ... K)lock0iscsiEstorage (0de/0iscsiEstorage0storage*L
o portals ... K!ortals: 'L
o 'P8.8F.4.'':8 ... KWL
o loop)ack ... K<argets: L 0Q sa/econfig
0Q e,it
#systemctl restart targetd
################################################################################### ####################
&uestion#'G
%onfigure iscsi client.
%reate a new 88M) iscsi target on your Desktop4.e,ample.com machine. this target should )e called
i6n.8'F8.com.e,ample:system' and assign file system e,t and mount under 0mnt0iscsi directory.
@%lint side(Desktop*
#yum install iscsiinitiatorutils.iC y #systemctl ena)le iscsid.ser/ice
#/im 0etc0iscsi0initiatorname.iscsi
nitiator2ame=i6n.8'F8.com.e,ample:ser/er4 :w6?
#systemctl restart iscsid.ser/ice
#man iscsiadm(in a new terminal or ta)* goto to end page and copy this line
iscsiadm mode disco/eryd) type sendtargets portal 'G8.'C.'.' disco/er and make the following changes
#iscsiadm mode disco/eryd) type sendtargets portal 'P8.8F.4.''
disco/erile: 0run0media0kiosk0DG8DGP0OA2-+VE%++0OA2-+VERV%-E+13<2 !age ' of '
Again copy from this line and make following changes as )elow
iscsiadm mode node targetname i6n.8'F.com.doe:test portal 'G8.'C.'.':8 login
o)ser/e the changes
#iscsiadm mode node targetname i6n.8'F8.com.e,ample:ser/er4 portal 'P8.8F.4.'':8 login
#fdisk l(it should show another dri/e as local storage i.e. 0de/0sda* #fdisk 0de/0sda
%ommand (m for help*: n +elect (default p*: p
!artition num)er ('; default '*:(enter*
irst sector (C'G88G'FF; default C'G8*:(enter*
1ast sector; Ysectors or Ysi9eIW;M;OJ (C'G88G'FF; default 8G'FF*: Y88M %ommand (m for help*: p
%ommand (m for help*: w #partpro)e
#mkdir 0mnt0iscsi
#)lkid(copy the 33D of 0de/0sda'* #/im 0etc0fsta)
33D=8FadeP)cFCe8CfGG'CG'fcGc8G 0mnt0iscsi e,t Enetde/ :w6?
#mount a #df V
#iscsiadm mode node targetname i6n.8'F8.com.e,ample:system' portal 'P8.8F.4.'':8 logout
(use the same command which has )een used to login with changing it to logout* #re)oot
#df V(check whther 0de/0sda' is still mounted or not if yes then it is successful* (((((((((((((((((((((((((((((((((((((((((((((((((((((((((D2-********************** ********************
&uestion#8' +cript:
Nrite the script called 0root0script. f you pass an argument as redhat it should print fedora . f
you pass an argument as fedora it should print redhat. f you pass any argument other than redhat
or fedorait will print standard error +<D-RRredfed. #?0)in0)ash
if K U' == redhat L then
echo fedora
elif K U' == fedora L then echo redhat else echo +<D-RRred0fed fi :w6 #chmod Y, 0root0script'.sh # sh 0root0script'.sh redhat (o0p=fedora* # sh 0root0script'.sh fedora (o0p=redhat* # sh 0root0script'.sh ganesh +<D-RRred0fed #############################################done##################### &uestion#88
%reate a script on Desktop4.
Q t should )e a single argument which is the name of file that contain usernames.
Q f argument is not supplied it should display usage :0root0)atchusers and e,it. Q f non e,istant file is specified; it should display file not found.
Q Accounts should )e encounted with no login shell 0)in0false Q +cript does not root need to set password.
#?0)in0)ash if K U# e6 L then echo 1-:2 3+AO- elif K f U' L then
for , in _cat U'_ do
done else
echo file not found fi :w6 #/im coss user' user8 user :w6 #sh 0root0script8.sh coss it will add the users #cd 0home
#########################################################D2-##################### #######
#
#mys6l u root B D mys6l e >select user from user where password=password(>animous>*7> p Q 0mnt0password.t,t