Friday, November 18, 2016

Troubleshooting of Linux Issues Part - 3


How to set password to grup.conf file
#grub   ----enter
#grub> md5crypt   ----------password level
#password : **   (xx – set password )
#Encrypted : $1LQzsdasdafkafjkawyfaerfndjsfnsfjoisrhgsrh43  -----encrypted password copy
#grub>quit
---------------------------------------------------------------------------------------------------------------------
#go to the /etc/grup.conf and add password above title
Example
#vi /etc/grub.conf
#boot=/dev/sda
default=0 
timeout=5  
splashimage=(hd0,0)/grub/kcm-grub2-0.6.4.tar.gz 
hiddenmenu
password –md5 $1LQzsdasdafkafjkawyfaerfndjsfnsfjoisrhgsrh43     ---- paste  password
title CentOS (2.6.32-431.el6.x86_64) 
root (hd0,4)   (hd0 -----HDD) 
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=c79924a2-5e11-440d-add6-522144dec58d rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet  
initrd /initramfs-2.6.32-431.el6.x86_64.img
wq!
---------------------------------------------------------------------------------------------------------------------
After above steps reboot the system and try to edit grub file white booting
When you try edit on kernel or grab file you get prompt for password
press p:
Password: xx -----entry (you can edit the grub file )
---------------------------------------------------------------------------------------------------------------------
We can set grub password before login& paste password below title line
#go to the /etc/grup.conf and add password below the title
Example
#vi /etc/grub.conf
#boot=/dev/sda
default=0 
timeout=5  
splashimage=(hd0,0)/grub/kcm-grub2-0.6.4.tar.gz 
hiddenmenu
title CentOS (2.6.32-431.el6.x86_64) 
password –md5 $1LQzsdasdafkafjkawyfaerfndjsfnsfjoisrhgsrh43     ---- paste  password
root (hd0,4)   (hd0 -----HDD) 
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=c79924a2-5e11-440d-add6-
522144dec58d rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD
SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us
rd_NO_DM rhgb quiet  
initrd /initramfs-2.6.32-431.el6.x86_64.img
wq!
---------------------------------------------------------------------------------------------------------------------

Above entry we can’t boot without grub password
---------------------------------------------------------------------------------------------------------------------
  
HOW TO BLOCK DRIVERS AND USB STORAGE
 We have 2 ways to block usb storage or drivers

1)   go to grup.conf
2)   modprobe.d/blacklist.conf

#vi /etc/grub.conf
Example
#vi /etc/grub.conf
#boot=/dev/sda
default=0 
timeout=5  
splashimage=(hd0,0)/grub/kcm-grub2-0.6.4.tar.gz 
hiddenmenu
title CentOS (2.6.32-431.el6.x86_64) 
root (hd0,4)   (hd0 -----HDD) 
kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=UUID=c79924a2-5e11-440d-add6-
522144dec58d rd_NO_LUKS rd_NO_LVM LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto  KEYBOARDTYPE=pc KEYTABLE=us nousbrd_NO_DM rhgb quiet  
initrd /initramfs-2.6.32-431.el6.x86_64.img
wq!

Reboot the system and check, because after reboot this file execute
---------------------------------------------------------------------------------------------------------------------
Check usb storage drive connected status
# lsmod | grep usb_storage
---------------------------------------------------------------------------------------------------------------------
#modprobe –r usb_storage  ------temporary
---------------------------------------------------------------------------------------------------------------------
#vi /etc/modprobe.d/blacklist.conf    ----permanent
blacklist usb_storage
wq!
---------------------------------------------------------------------------------------------------------------------
HOW TO RESET LINUX ROOT PASSOWRD 

Go to splash window and press a
Press space and 1 enter
grup append> ro root=LABEL=/ hdc=ide=scsi 1

We get shell prompt
#passwd root   ---change root password
#qwerty    ------set root password

Reboot and try new password
 ----------------------------------------------------------------------------------------------------------------
How to change Linux date & time
# date -s "2 OCT 2006 18:00:00"  -  set new data to  2 Oct 2006 18:00:00,
----------------------------------------------------------------------------------------------------------------
Windows vs Linux -----3 different

Linux vs Unix       -----3 different
Linux is free                    ----- Unix is proprietors ( commercial)
Hardware independent    ----- Hardware dependent
Linux has source code     ----  Unix no source code
 Xser ---for Linux           -----  Unix  ( HP  UX  --- IBM   AIX )
                                        ------  IBM  ---X-Serve’s
                                        ------  IBM  ---P-Serve’s
----------------------------------------------------------------------------------------------------------------
How to delete history permanently
# history –c  ------------------clear temporary

#  > /root/.bash_history   ------- clear permanent

#  >   ------- means empty file
----------------------------------------------------------------------------------------------------------------
Server vs desktop

Symlinks vs Hardlinks

Archive vs compression

Telnet VS ssh

# Telnet – telnet transfer the ip packet in clear text mode
# ssh – Secure socket host
            ssh is transfer the ip packet in encryption  mode
            [ Public license key + Private key ]

Request
----------------------------------------------------------------------------------------------------------------
how to secure single user mode - Password Protect Single User Mode in Red Hat or CentOS

Allowing access to single user mode in Linux is a major security risk. Setting it to require the root password before booting into single user mode is a good idea.

[root@localhost tushar]# vi /etc/inittab
# password protect single user mode
su:S:wait:/sbin/sulogin
#

How to require password for single user mode in CentOS 5 / RedHat 5:
Insert the following line to /etc/inittab file above the line containing initdefault.

su:S:wait:/sbin/sulogin

NOTE: it must be above the link with initdefault in order to work. Example:
# Password requires for single user mode.
su:S:wait:/sbin/sulogin
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:3:initdefault:

How to require password for single user mode in CentOS 6 / RedHat 6:
Edit the file /etc/sysconfig/init and change the following line:
SINGLE=/sbin/sushell
to
SINGLE=/sbin/sulogin

---------------------------------------------------------------------------

Run levels in Linux

Different Run levels in Linux and how to switch between them

What are different Run levels in Linux and how to switch between them?
Run levels:-Run levels define what processes or services to run automatically while the system boots up. This is defined in /etc/inittab file.
N. B: – The init process is the last step in the boot procedure and has pid of ‘1’.’ “init” is responsible for starting system processes as per defined in the /etc/inittab file.

“init” process checks which default run level is defined in /etc/inittab and starts the system in that run level which means all the services defined for that run level gets executed.

There are 7 different run levels present (run level 0-6) in Linux system for different purpose. The descriptions are given below.
0: Halt System (To shutdown the system)
1: Single user mode
2: Basic multi user mode without NFS
3: Full multi user mode (text based)
4: unused
5: Multi user mode with Graphical User Interface
6: Reboot System

Most desktop Linux distributions boot into run level 5, which starts up the Graphical Login Prompt. This allows the user to use the system with X-Windows server enabled. Most servers boot into run level 3, which starts the text based login prompt as it is advisable not to install graphical windows in a server as lots of space goes waste and also it takes lot of resource to run.

Each run level is defined inside its own directory structure. These directories are located in the /etc/rc.d/ directory, under which you have rc1.d, rc2.d… rc6.d directories where the number from 0 to 6 corresponds to the specific run level. Inside each directory symbolic links are defined to a  to master initscripts found in /etc/init.d or /etc/rc.d/init.d.

Switching or Changing between different runlevels:-
Method-1: Changing run level temporarily without reboot.
We can use init command to change rune levels without rebooting the system.
Ex:-if we are currently in run level 3 and want to go to run level 1, just we need to execute
# init 1
Or if you want to shutdown a machine you can take help of run level ‘0’ .Just you need to execute
#init 0
Remember this change is not permanent and on next reboot you will get your default runlevel.
Method-2: Changing run level permanently
If you want to change your default run level then
Open the file /etc/inittab and edit entry initdefault:
# vi /etc/inittab
Let’s set initdefault to 5, so that you can boot to X next time when Linux comes up:
id:5:initdefault: 
Method-3:-Change run level at boot time
You can also change the run level at boot time. If your system uses LILO as the boot manager, you can append the run level to the boot command:
LILO: linux 3 or
LILO: linux 5
If your system uses GRUB, you can change the boot runlevel by pressing the `e’ key to edit the boot configuration. Append the run level(in our case 5) to the end of the boot command as shown:
kernel /vmlinuz-2.6.18-164.el5 ro root=LABEL=/ rhgb quiet  5

Linux Runlevels Explained

A runlevel is one of the modes that a Unix -based operating system will run in. Each runlevel has a certain number of services stopped or started, giving the user control over the behavior of the machine. Conventionally, seven runlevels exist, numbered from zero to six.
After the Linux kernel has booted, the init program reads the /etc/inittab file to determine the behavior for each runlevel. Unless the user specifies another value as a kernel boot parameter, the system will attempt to enter (start) the default runlevel.

Run Level
Mode
Action
0
Halt
Shuts down system
1
Single-User Mode
Does not configure network interfaces, start daemons, or allow non-root logins
2
Multi-User Mode
Does not configure network interfaces or start daemons.
3
Multi-User Mode with Networking
Starts the system normally.
4
Undefined
Not used/User-definable
5
X11
As runlevel 3 + display manager(X)
6
Reboot
Reboots the system
Standard run levels for Red Hat based distributions
Most Linux servers lack a graphical user interface and therefore start in runlevel 3. Servers with a GUI & desktop Unix systems start runlevel 5.When a server is issued a reboot command, it enters runlevel 6.


Init scripts

Init (short for initialization) is the program on Unix and Unix-like systems that spawns all other processes. It runs as a daemon and typically has PID 1.
The /etc/inittab file is used to set the default run level for the system. This is the runlevel that a system will start up on upon reboot. The applications that are started by init are located in the /etc/rc.d folder. Within this directory there is a separate folder for each run level, eg rc0.d, rc1.d, and so on.

 

 

chkconfig


The chkconfig tool is used in Red Hat based systems (like CentOS) to control what services are started at which runlevels. Running the command chkconfig –list will display a list of services whether they are enabled or disabled for each runlevel.

root@host:~ # chkconfig --list
filelimits 0:off 1:off 2:on 3:on 4:on 5:on 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cpanel 0:off 1:off 2:off 3:on 4:on 5:on 6:off
kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ipchains 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
httpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off


Single User mode is a mode that a multi-user system (like a Linux server) can be booted into the operating system as a superuser. Booting a system into this mode does not start networking, but can be used to make changes to any configuration files on the server. One of the most common usages for single-user mode is to change the root password for a server on which the current password is unknown.


Runlevels are an important part of the core of the Linux operating system. While not something the average administrator will work with on a daily basis, understanding runlevels gives the administrator another layer of control and flexibility over the servers they manage.

Linux Boot Process Detailed explanation Part - 2


Boot Process in Linux (Redhat Linux & CentOS 5&6)
Linux Boot Process:

Press the power button on your system, and after few moments you see the Linux login prompt.
Have you ever wondered what happens behind the scenes from the time you press the power button until the Linux login prompt appears?

The following are the 6 high level stages of a typical Linux boot process. 


1. BIOS
§  BIOS stands for Basic Input/Output System

§  Performs some system integrity checks

§  Searches, loads, and executes the boot loader program.

§  It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.

§  Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.

§  So, in simple terms BIOS loads and executes the MBR boot loader.

2. MBR
§  MBR stands for Master Boot Record.

§  It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda

§  MBR is less than 512 bytes in size.

§  It contains information about GRUB (or LILO in old systems).

§  So, in simple terms MBR loads and executes the GRUB boot loader.

3. GRUB
§  GRUB stands for Grand Unified Bootloader.

§  If you have multiple kernel images installed on your system, you can choose which one to be executed.

§  GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.

§  GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).

§  Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is

sample grub.conf of CentOS.
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-194.el5PAE)
          root (hd0,0)
          kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/
          initrd /boot/initrd-2.6.18-194.el5PAE.img
§  As you notice from the above info, it contains kernel and initrd image.

§  So, in simple terms GRUB just loads and executes Kernel and initrd images.
4. Init
§  Looks at the /etc/inittab file to decide the Linux run level.

§  Following are the available run levels
§  0 – halt
§  1 – Single user mode
§  2 – Multiuser, without NFS
§  3 – Full multiuser mode
§  4 – unused
§  5 – X11
§  6 – reboot

§  Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.

§  Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level

§  If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.

§  Typically you would set the default run level to either 3 or 5.
5. Runlevel programs
§  When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.

§  Depending on your default init level setting, the system will execute the programs from one of the following directories.

§  Run level 0 – /etc/rc.d/rc0.d/
§  Run level 1 – /etc/rc.d/rc1.d/
§  Run level 2 – /etc/rc.d/rc2.d/
§  Run level 3 – /etc/rc.d/rc3.d/
§  Run level 4 – /etc/rc.d/rc4.d/
§  Run level 5 – /etc/rc.d/rc5.d/
§  Run level 6 – /etc/rc.d/rc6.d/

§  Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.

§  Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.

§  Programs starts with S are used during startup. S for startup.

§  Programs starts with K are used during shutdown. K for kill.

§  There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.

§  For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.

There you have it. That is what happens during the Linux boot process