Tuesday, December 20, 2011

Force User to Change Password at First Login Fedora /Centos /Suse /Ubuntu

To setup this there are various ways, but I believe one of the very simplest one is the one I am going to explain below.
For ex: You created a new user “fake”:
# useradd fake

Create password for the user
# passwd fake
Changing password for user foo.
New UNIX password:
BAD PASSWORD: it is WAY too short
Retype new UNIX password:
Then to force the user to change the password at the first login, simply set the password to expiry:
#chage -d 0 foo

This command will set the password to expiry and will force user to change their password at the next login.

Setting it default for all new Users:

A system admin is one which who can do the work but a efficient system admin is the one who do the work manually first time and then make computer to work for him next time for same task. Same thing is true over here. You want all the new users added to your system, to be forced to change their password at the first login, update this file
#vi /etc/default/useradd
 GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=0 #(need to add zero "0")
SHELL=/bin/bash
SKEL=/etc/skel
GROUPS=video
CREATE_MAIL_SPOOL=no
UMASK=022
This file contains the details, what all settings will be applied to the new users created into the system with useradd command.
Just set the value of EXPIRE=0 in this file, and after that, every time when a new user will be created, they will be forced to change the password at the next login.

password duration:
for new accounts default settings are in /etc/login.defs
settings for current accounts are in /etc/shadow but we edit by command chage
chage -l [user] #check settings for user
chage -E "YYYY-MM-DD" [user] #set date when account expire, -1 means never
chage -M [nr] [user] #set maximum number of days between password change from last password change, -1 means never expire
chage -d "YYYY-MM-DD" [user] #set last password change
chage -W [nr] [user] #number of days of warning before password expires
chage -i [nr] [user] #set password inactive, when account is blocked after password expire

Friday, November 18, 2011

RedHat / CentOS 6 Bonding

Bonding

Bonding (also known as “Ethernet bonding”) is a computer networking arrangement in which two or more network interfaces on a host computer are combined for redundancy or increased throughput.
mode=0 (Balance-rr) – This mode provides load balancing and fault tolerance.
mode=1 (active-backup) – This mode provides fault tolerance.
mode=2 (balance-xor) – This mode provides load balancing and fault tolerance.
mode=3 (broadcast) – This mode provides fault tolerance.
mode=4 (802.3ad) – This mode provides load balancing and fault tolerance.
mode=5 (balance-tlb) – Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave.
mode=6 (Balance-alb) – Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave.

Note: Always append extra configuration in case of a rollback.

Configuring  Bonding

# cd /etc/sysconfig/network-scripts/
# vi ifcfg-bond0
1
2
3
4
5
6
7
8
9
10
DEVICE=bond0
USERCTL=no
BOOTPROTO=none
ONBOOT=yes
IPADDR=10.0.0.10
NETMASK=255.255.0.0
NETWORK=10.0.0.0
 
TYPE=Unknown
IPV6INIT=no
# vi ifcfg-eth0
1
2
3
4
5
6
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
# vi ifcfg-eth1
1
2
3
4
5
6
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
# vi ifcfg-eth2
1
2
3
4
5
6
DEVICE=eth2
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
Due to the fact that /etc/modprobe.conf has been deprecated in RedHat / CentOS 6, the process of bonding network interfaces has changed a bit.
Now instead of defining your bond in your /etc/modprobe.conf, you define it in /etc/modprobe.d/bonding.conf
# vi /etc/modprobe.d/bonding.conf
We’ll be using mode=6 (Balance-alb)
Append the following onto the end out your modprobe config file
1
2
alias bond0 bonding
options bond0 mode=6 miimon=100
# servive network restart

Monday, October 17, 2011

P2P P2V V2V V2P or Clone RedHat /CentOS /Fedora /Ubuntu

Using dd Clone Server or P2P P2V V2V V2P

 Exactly same hardware.
 Different hardware.
 Virtual  Machian

In my case 2 HP ProLiant DL385, one server is year old and seen come to DC is it on from there we have clone using following.

HP ProLiant DL385 = studyhat.com which is in live for production.
HP ProLiant DL385 = new brought to DC we want to create clone of studyhat.com
We have created on XEN virtualization one clone of HP ProLiant DL385  

* Boot with Live CD's new server where you want clone.
* Give IP Address to eth0 .
* Ping to the server from where you want to clone.
dd if=/dev/sda | ssh root@ipaddress "dd of=/dev/sdb"
* ssh <ipaddress of running server> 'dd if=/dev/sda' | dd of=/dev/sda
* ssh <ipaddress of running server> 'dd if=/dev/sdb' | dd of=/dev/sdb 
* # dd if=/dev/sda | ssh root@xxx.xxx.xxx.xxx (target ip address )'dd of=/dev/sda'
*#dd if=/dev/sda |gzip -c --fast| ssh root@target ip address 'gzip -d | dd of=/dev/sda'
* Once you get # <console> 
* #vi /etc/sysconfig/network
* #vi /etc/hosts /
* #vi /etc/sysconfig/network-scripts/ifcfg-bond0
*  #vi /etc/sysconfig/network-scripts/ifcfg-eth0
*    * #vi /etc/resolv.conf
*    * # reboot


 

Tuesday, September 27, 2011

Linux Directory Structure

/bin - This directory contains most of your non-privileged system commands such as ls, mkdir, rm, etc.
/boot - Contains the systems boot image, bootloader, and the kernel
/dev - Symbolic links to system devices such as optical and removable drives
/etc - Contains all system configuration files and most configurations for installed packages
/home - Contains a directory for each user and contains profile information
/lib - Contains dynamic libraries and modules for the Linux system and installed packages
/media - Contains mount points for optical drives and removable media
/mnt - Used as a location for mounted drives and shares
/opt - Contains user installed packages and custom software not handled by the system or package manager
/proc - An interface between the kernel and the system, useful for diagnostics and system information
/root - The root superuser's home directory
/sbin - Contains privileged commands that are usually run as superuser (root/sudo)
/sys - An interface between the kernel and the system, used for modifying system settings
/tmp - A location for temporary files such as sessions on a web server
/usr - Contains most installed packages that are not part of the system, user installed programs
/usr/bin - Contains commands related to user installed packages in /usr
/usr/sbin - Contains privileged commands related to user installed packages in /usr
/var - Contains files that change often or accessed frequently
/var/log - Contains all system logs and most logs generated by installed packages