Difference between revisions of "NewLinuxInfo"
(17 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | = Guides, Info & Tips on New Modern Linux Server Administration = | + | = '''Guides, Info & Tips on New Modern Linux Server Administration''' = |
− | == [[New_Redhat_Based_Server_Info|Modern Server Administration of Critical Systems]] == | + | == '''[[New_Redhat_Based_Server_Info|Modern Server Administration of Critical Systems]]''' == |
<br /> | <br /> | ||
<h3>This information pertains to very modern recent relases of Redhat based distributions, | <h3>This information pertains to very modern recent relases of Redhat based distributions, | ||
including the latest releases of CentOS and Fedora, which has had most of these service upgrades and replacements for the last few years now!</h3> | including the latest releases of CentOS and Fedora, which has had most of these service upgrades and replacements for the last few years now!</h3> | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''Basic Linux System Commands - System Management''' == | |
<br /> | <br /> | ||
+ | === '''TMUX''' - Terminal Multiplexer === | ||
+ | TMUX is what I consider one of the most invaluable tools when it comes to managing and administering Linux servers from the command line. Among it's many features is it's ability to keep your shell connection running in the event of beding disconnected from a remote SSH session. If used properly, it allows you to reconnect to your SSH session you had running, along with whatever applicatoins, scripts, etc, you had running, without losing a beat! It's really handhy to be able to reconnect to a remote session that was inadvertently disconnected! TMUX has saved my butt many times over the years! It also can be used to open multiple shell connections all in the same window, allowing you to split one terminal into two, four, and so on! Plus, you can share the terminal with other remote users, so they can see waht you are typing, and they can also type and you control the same shell! That comes in very handy when you need to show someone how to do something within a shell. | ||
+ | <br /><br /> | ||
+ | |||
+ | ==== '''Here is the very simple installation process on a Red Hat based distribution, on Rocky Linux 9.2:''' ==== | ||
+ | <br > | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm32.dawgland.com:~]$ sudo dnf install tmux | ||
+ | Last metadata expiration check: 1:30:38 ago on Thu 05 Oct 2023 12:25:59 AM PDT. | ||
+ | Dependencies resolved. | ||
+ | ================================================================================ | ||
+ | Package Architecture Version Repository Size | ||
+ | ================================================================================ | ||
+ | Installing: | ||
+ | tmux x86_64 3.2a-4.el9 baseos 474 k | ||
+ | |||
+ | Transaction Summary | ||
+ | ================================================================================ | ||
+ | Install 1 Package | ||
+ | |||
+ | Total download size: 474 k | ||
+ | Installed size: 1.1 M | ||
+ | Is this ok [y/N]: y | ||
+ | Downloading Packages: | ||
+ | tmux-3.2a-4.el9.x86_64.rpm 612 kB/s | 474 kB 00:00 | ||
+ | -------------------------------------------------------------------------------- | ||
+ | Total 270 kB/s | 474 kB 00:01 | ||
+ | Running transaction check | ||
+ | Transaction check succeeded. | ||
+ | Running transaction test | ||
+ | Transaction test succeeded. | ||
+ | Running transaction | ||
+ | Preparing : 1/1 | ||
+ | Installing : tmux-3.2a-4.el9.x86_64 1/1 | ||
+ | Running scriptlet: tmux-3.2a-4.el9.x86_64 1/1 | ||
+ | Verifying : tmux-3.2a-4.el9.x86_64 1/1 | ||
+ | |||
+ | Installed: | ||
+ | tmux-3.2a-4.el9.x86_64 | ||
+ | |||
+ | Complete! | ||
+ | [jamie@rocky9vm32.dawgland.com:~]$ | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | |||
+ | === '''Using TMUX''' === | ||
+ | Using TMUX is as simple as just typing it's name. It will change the color and look of your prompt to indicate it's running. | ||
+ | <br /> | ||
+ | <br /><br /> | ||
+ | |||
== '''System Power Off & Reboot''' == | == '''System Power Off & Reboot''' == | ||
The "shutdown" command has a number of arguments that control how it behaves, such as shutting completely down, or rebooting, with options to send system-wide broadcast messages to all logged in users, apply a delay before shutting down, and other options. | The "shutdown" command has a number of arguments that control how it behaves, such as shutting completely down, or rebooting, with options to send system-wide broadcast messages to all logged in users, apply a delay before shutting down, and other options. | ||
Line 19: | Line 69: | ||
[jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -r now | [jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -r now | ||
[jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. | [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. | ||
+ | Connection to rocky9vm35 closed. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | To shut down a system completely, without starting it back up, instead of using the "-r" switch without the quotes, as in the previous example, you use the "-h" switch, without the quotes, as in this example: | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -h now | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. | ||
+ | Connection to rocky9vm35 closed. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | To add a time deley to the shutdown command, so as to allow logged in userrs to have time to log out cleanly, modify the command as follows to include a 30 second time delay before actually shutting down, as show here: | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -h -t 30 | ||
+ | Shutdown scheduled for Mon 2023-09-11 19:15:53 PDT, use 'shutdown -c' to cancel. | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. | ||
+ | Connection to rocky9vm35 closed. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | Users logged into the same machine will see messages similiar to this when a time delay is given to the shutdown command: | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ | ||
+ | Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:14:53 PDT): | ||
+ | |||
+ | The system will power off at Mon 2023-09-11 19:15:53 PDT! | ||
+ | |||
+ | |||
+ | Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:15:53 PDT): | ||
+ | |||
+ | The system will power off now! | ||
+ | |||
+ | Connection to rocky9vm35 closed by remote host. | ||
+ | Connection to rocky9vm35 closed. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | And last, but certently not lease, here is an example to reboot a system in ONE minute, while broadcasting a custom message to all logged on users: | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -r +1 "This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly!" | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | This produces these messages in the terminal that called the command: | ||
+ | <pre style="color:blue"> | ||
+ | Reboot scheduled for Mon 2023-09-11 19:33:46 PDT, use 'shutdown -c' to cancel. | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. | ||
+ | Connection to rocky9vm35 closed. | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | Other users logged into the same system will receive messages similar to these: | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm35.dawgland2.com:~]$ | ||
+ | Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:32:46 PDT): | ||
+ | |||
+ | This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly! | ||
+ | The system will reboot at Mon 2023-09-11 19:33:46 PDT! | ||
+ | |||
+ | |||
+ | Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:33:46 PDT): | ||
+ | |||
+ | This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly! | ||
+ | The system will reboot now! | ||
+ | |||
+ | Connection to rocky9vm35 closed by remote host. | ||
Connection to rocky9vm35 closed. | Connection to rocky9vm35 closed. | ||
</pre> | </pre> | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''systemctl''' == | |
− | |||
− | == init.d Retired! == | + | === '''init.d Retired!''' === |
<h4>The first such service upgrade actually replaced most, if not all of the service init.d startup & shutdown scripts with a very different way of managing the startup, status and shutdown of services, such as the Apache webserver, the CUPS print server, the secure shell, aka the SSH server, and all of the other services that used to be controlled by shell scripts located in the /etc/init.d/ directory. This directory still exists so that in the event that an old legacy service needs to still be managed by the init.d shell scripts, due to the service not yet having the required setup to be managed by the replacement of all of those scripts:</h4> | <h4>The first such service upgrade actually replaced most, if not all of the service init.d startup & shutdown scripts with a very different way of managing the startup, status and shutdown of services, such as the Apache webserver, the CUPS print server, the secure shell, aka the SSH server, and all of the other services that used to be controlled by shell scripts located in the /etc/init.d/ directory. This directory still exists so that in the event that an old legacy service needs to still be managed by the init.d shell scripts, due to the service not yet having the required setup to be managed by the replacement of all of those scripts:</h4> | ||
<br /><br /> | <br /><br /> | ||
− | == Query Service Status == | + | |
+ | === '''Query Service Status''' === | ||
<h4>For instance, here is an example of systemctl being used to query the Secure Shell Server(SSH):</h4> | <h4>For instance, here is an example of systemctl being used to query the Secure Shell Server(SSH):</h4> | ||
<pre style="color:blue"> | <pre style="color:blue"> | ||
Line 54: | Line 165: | ||
<br /><br /> | <br /><br /> | ||
− | == Stopping a Service == | + | === '''Stopping a Service''' === |
<h4>This is what is looks like after stopping the SSH server:</h4> | <h4>This is what is looks like after stopping the SSH server:</h4> | ||
<pre style="color:blue"> | <pre style="color:blue"> | ||
Line 77: | Line 188: | ||
</pre> | </pre> | ||
<br /><br /> | <br /><br /> | ||
− | == Starting a Service Back Up == | + | === '''Starting a Service Back Up''' === |
<h4>And this is the command to start it back up, and because there is no output after starting it, | <h4>And this is the command to start it back up, and because there is no output after starting it, | ||
I've also included the output of the status once again after starting the Secure Shell Server back up:</h4> | I've also included the output of the status once again after starting the Secure Shell Server back up:</h4> | ||
Line 102: | Line 213: | ||
</pre> | </pre> | ||
<br /><br /> | <br /><br /> | ||
− | === Disabling a Service === | + | |
+ | === '''Disabling a Service''' === | ||
<br /> | <br /> | ||
To Disable a service, usually replacing status, start, or stop with "disable" works to disable | To Disable a service, usually replacing status, start, or stop with "disable" works to disable | ||
most services, but sometimes, it doesn't always work, and you also need to "mask" the service as well. | most services, but sometimes, it doesn't always work, and you also need to "mask" the service as well. | ||
<br /><br /> | <br /><br /> | ||
+ | |||
=== Using Mask to Forcefully Disable a Service === | === Using Mask to Forcefully Disable a Service === | ||
This proved to be the case with the RPCBIND.service. After stopping and disabling the service, a reboot caused the service to be re-enabled and started back up. To have the service disabled and that state saved after a reboot, the "mask" argument is given to the systemctl command. For instance, in the case of RPCBIND.service, this is how to disable it: | This proved to be the case with the RPCBIND.service. After stopping and disabling the service, a reboot caused the service to be re-enabled and started back up. To have the service disabled and that state saved after a reboot, the "mask" argument is given to the systemctl command. For instance, in the case of RPCBIND.service, this is how to disable it: | ||
Line 121: | Line 234: | ||
<br /><br /> | <br /><br /> | ||
− | == Changing the Default Run Level the Systemd Way == | + | === '''Changing the Default Run Level the Systemd Way''' === |
<br /> | <br /> | ||
To change the default run-level from booting up into the Graphical User Interface(GUI) into straight text multi-user, which is preferable on a server, the old method involved editing the /etc/inittab file changing the default runlevel from 5 to 3, as shown here: | To change the default run-level from booting up into the Graphical User Interface(GUI) into straight text multi-user, which is preferable on a server, the old method involved editing the /etc/inittab file changing the default runlevel from 5 to 3, as shown here: | ||
Line 128: | Line 241: | ||
</pre> | </pre> | ||
<br /><br /> | <br /><br /> | ||
+ | |||
On modern RPM based systems, this has been replaced by using the systemctl command to create/change the symlink /etc/systemd/system/default.target to point to /lib/systemd/multi-user.target, and visa-versa to switch back to the GUI bootup mode. This can be done manually using the shell "ln -sf" symlink creation command, or more easily, and more importantly, more standardized with the systemctl command, as shown here. The following 3 commands show how to first check the default runlevel target, then change it from graphical to text-based multi-user, and then the 3rd command show's confirmation the command was successful. | On modern RPM based systems, this has been replaced by using the systemctl command to create/change the symlink /etc/systemd/system/default.target to point to /lib/systemd/multi-user.target, and visa-versa to switch back to the GUI bootup mode. This can be done manually using the shell "ln -sf" symlink creation command, or more easily, and more importantly, more standardized with the systemctl command, as shown here. The following 3 commands show how to first check the default runlevel target, then change it from graphical to text-based multi-user, and then the 3rd command show's confirmation the command was successful. | ||
<pre style="color:blue"> | <pre style="color:blue"> | ||
Line 139: | Line 253: | ||
</pre> | </pre> | ||
− | = | + | == '''dnf''' == |
<br /> | <br /> | ||
Another '''BIG''' change to a "more modern" way of managing all of the software packages on your Linux machine, | Another '''BIG''' change to a "more modern" way of managing all of the software packages on your Linux machine, | ||
Line 195: | Line 309: | ||
</pre> | </pre> | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''Red Hat Enterprise Linux 5,6 & 7 - Common Administrative Command Cheat Sheets''' == | |
Here are some very nice printable cheat sheets of the most common Red Hat Enterprise Linux administrative commands: | Here are some very nice printable cheat sheets of the most common Red Hat Enterprise Linux administrative commands: | ||
<br /> | <br /> | ||
[http://linuxjamie.com/images/RedHatLinux/RedHatEnterpriseLinux_5_6_7_Cheatsheets.pdf RedHatEnterpriseLinux_5_6_7_Cheatsheets.pdf] | [http://linuxjamie.com/images/RedHatLinux/RedHatEnterpriseLinux_5_6_7_Cheatsheets.pdf RedHatEnterpriseLinux_5_6_7_Cheatsheets.pdf] | ||
<br /><br /> | <br /><br /> | ||
− | < | + | |
+ | == '''File System Tools & Utilities''' == | ||
+ | There are hundreds if not thousands of file system tools, utilities and apps, so here I will try to go over the main, best, and most useful file system tools in my opinion. This section will have to be a "work in progress", and I will add to this section as time permites, as I find myself needing to use these applilcations. | ||
+ | <br /><br /> | ||
+ | '''ALL of these tools and utilities must be ran as either the root superuser, or using the "sudo" prefix!''' | ||
+ | |||
+ | === '''FDISK''' === | ||
+ | fdisk, the disk partitionling command-line tool, as are all Linux command line commands, Case Sensitive, and therefore always lower case! fdisk doesn't always need switches, but ALWAYS MUST have arguments! In the case of fdisk, the most common switch is the "l" switch, a lower-case L. It's used to only LIST, and NOT change/modify any disk partitions. The "l" switch spits out the current partition pointed to with the argument, which is always a Linux "device" file, such as "/dev/sda", case sensitive, without the quotes. /dev/sda is the first hard drive, with the "s" part referring to the old SCSI protocol. Therefore, /dev/sda referres to SCSI device A, the first drive in a Linux system. The next drive would be /dev/sdb, the third drive would be /dev/sdc, and so on. | ||
+ | |||
+ | On more modern systems, that don't use old-school hard drives, the newest technology drives used for storage, especially on laptops, are M.1 drives, which are solid-state drives which usually use the NVMe standard, making the device files for those drives something like /dev/nvme01p0, or similar. CD & DVD writers(also referred to "burners"), often use "/dev/sr0" as the first CD/DVD burner on a system, which stand for "SCSI Recorder Number 0", since numbering usually starts with 0 on computer systems. | ||
+ | |||
+ | Regardless of the device files being used, the "fdisk" commands are all basically the same, other than the actual device you are partitionling, which is CRITICAl, as there is NO going back once you have partitioned and written that partion table to the drive!!! | ||
+ | Therefore, you MUST ALWAYS be 100% CERTAIN you are using the correct hard of solid-state drive file!!! | ||
+ | |||
+ | One more BIG concern to take into account is if the disk already has an existing partion table created, from being previously used, you MUST be sure to use the CORRECT disk partitioning tools, as newer, larger and more modern computers use the new disk partitioning tool called GDISK, instead of FDISK! Both are used with all Lower Case letters(fdis & gdisk), but if there is already a "gdisk" partioned disk, known as a "GPT" partition table, you MUST use the "gdisk" tool to make any changes/modification to the disk's partition table, and visa versa in the case of a disk with an existing "fdisk" partion table, known as the "DOS" partition table type. It usually shows as all lower-case, such as "dos". | ||
+ | |||
+ | Usesage of both partitioning tools are almost identicle, with the only real differences being the partition type hex-codes used to define the partition types at creation time. | ||
+ | |||
+ | The first step is the unmount the USB flash drive, before using any partitioning tools, as it can otherwise corrupt the drive. Because I am using an existing 256GB USB 3.0 flash drive, I prefer to use the udiskctl utility to both unmount and power-off USB flash drives. | ||
+ | Here is the command I use to "unmount" the drive, before making any changes to it's partition table: | ||
+ | <pre style="color:blue"> | ||
+ | [root@server.dawgland.com:~]# udisksctl unmount -b /dev/sdl | ||
+ | Unmounted /dev/sdl. | ||
+ | [root@server.dawgland.com:~]# | ||
+ | </pre> | ||
+ | |||
+ | Next, I need to use the fdisk tool to delete the existing partitions on the USB flash drive: | ||
+ | <pre style="color:blue"> | ||
+ | [root@server.dawgland.com:~]# fdisk /dev/sdl | ||
+ | |||
+ | Welcome to fdisk (util-linux 2.35.2). | ||
+ | Changes will remain in memory only, until you decide to write them. | ||
+ | Be careful before using the write command. | ||
+ | |||
+ | The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. | ||
+ | |||
+ | Command (m for help): p | ||
+ | |||
+ | Disk /dev/sdl: 234.38 GiB, 251658240000 bytes, 491520000 sectors | ||
+ | Disk model: ProductCode | ||
+ | Units: sectors of 1 * 512 = 512 bytes | ||
+ | Sector size (logical/physical): 512 bytes / 512 bytes | ||
+ | I/O size (minimum/optimal): 512 bytes / 512 bytes | ||
+ | Disklabel type: dos | ||
+ | Disk identifier: 0x00000000 | ||
+ | |||
+ | Device Boot Start End Sectors Size Id Type | ||
+ | /dev/sdl1 4294967295 8589934589 4294967295 2T ff BBT | ||
+ | /dev/sdl2 4294967295 8589934589 4294967295 2T ff BBT | ||
+ | /dev/sdl3 4294967295 8589934589 4294967295 2T ff BBT | ||
+ | /dev/sdl4 4294967295 5035196669 740229375 353G ff BBT | ||
+ | |||
+ | Command (m for help): d | ||
+ | Partition number (1-4, default 4): | ||
+ | |||
+ | Partition 4 has been deleted. | ||
+ | |||
+ | Command (m for help): d | ||
+ | Partition number (1-3, default 3): | ||
+ | |||
+ | Partition 3 has been deleted. | ||
+ | |||
+ | Command (m for help): d | ||
+ | Partition number (1,2, default 2): | ||
+ | |||
+ | Partition 2 has been deleted. | ||
+ | |||
+ | Command (m for help): d | ||
+ | Selected partition 1 | ||
+ | Partition 1 has been deleted. | ||
+ | |||
+ | Command (m for help): p | ||
+ | Disk /dev/sdl: 234.38 GiB, 251658240000 bytes, 491520000 sectors | ||
+ | Disk model: ProductCode | ||
+ | Units: sectors of 1 * 512 = 512 bytes | ||
+ | Sector size (logical/physical): 512 bytes / 512 bytes | ||
+ | I/O size (minimum/optimal): 512 bytes / 512 bytes | ||
+ | Disklabel type: dos | ||
+ | Disk identifier: 0x00000000 | ||
+ | |||
+ | Command (m for help): w | ||
+ | The partition table has been altered. | ||
+ | Calling ioctl() to re-read partition table. | ||
+ | Syncing disks. | ||
+ | |||
+ | [root@server.dawgland.com:~]# | ||
+ | </pre> | ||
+ | |||
+ | I like to manually run the "sync" command a couple of times just to make sure the disks are all synced up! Here's is me doing so: | ||
+ | <pre style="color:blue"> | ||
+ | [root@server.dawgland.com:~]# sync | ||
+ | [root@server.dawgland.com:~]# sync | ||
+ | [root@server.dawgland.com:~]# sync | ||
+ | [root@server.dawgland.com:~]# | ||
+ | </pre> | ||
+ | |||
+ | I then use the "fdisk" tool again to view my changes. As can be seen, although the 4 partitions had vanished, as intended, it still shows the deives contains an 'exfat' signature, and althoug it states it will be removed by a "write" command, doing the "w" command does NOT remove the 'exfat' signature, as seen in this example: | ||
+ | <pre style="color:blue"> | ||
+ | [root@server.dawgland.com:~]# fdisk /dev/sdl | ||
+ | |||
+ | Welcome to fdisk (util-linux 2.35.2). | ||
+ | Changes will remain in memory only, until you decide to write them. | ||
+ | Be careful before using the write command. | ||
+ | |||
+ | The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. | ||
+ | |||
+ | Command (m for help): | ||
+ | </pre> | ||
+ | |||
+ | To resolve this issue, the "wipe" options must be CORRECTLY used, as shown in this example: | ||
+ | <pre style="color:blue"> | ||
+ | [root@server.dawgland.com:~]# fdisk -W always /dev/sdl | ||
+ | |||
+ | Welcome to fdisk (util-linux 2.35.2). | ||
+ | Changes will remain in memory only, until you decide to write them. | ||
+ | Be careful before using the write command. | ||
+ | |||
+ | The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. | ||
+ | |||
+ | Command (m for help): w | ||
+ | |||
+ | The partition table has been altered. | ||
+ | Calling ioctl() to re-read partition table. | ||
+ | Syncing disks. | ||
+ | |||
+ | [root@server.dawgland.com:~]# sync | ||
+ | [root@server.dawgland.com:~]# sync | ||
+ | [root@server.dawgland.com:~]# fdisk /dev/sdl | ||
+ | |||
+ | Welcome to fdisk (util-linux 2.35.2). | ||
+ | Changes will remain in memory only, until you decide to write them. | ||
+ | Be careful before using the write command. | ||
+ | |||
+ | Device does not contain a recognized partition table. | ||
+ | Created a new DOS disklabel with disk identifier 0xe345e7b0. | ||
+ | |||
+ | Command (m for help):q | ||
+ | [root@server.dawgland.com:~]# | ||
+ | </pre> | ||
+ | |||
+ | As you can now see, the 'exfat' signature warning is not gone! The disk can now be safely and correctly partitioned as normal! | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | *** '''The "wipe" switch has a caveat which requires the addition of "always" being used after the -W switch, which must be an upper-case W. Here is an example from a disk that had been partioned and formated using the "ExFAT" partition and filesystem, which held onto the 'exfat' signature and didn't want to clear it by a normal delete partion command and write partition table command. It still showed as 'exfat', as seen in these examples! | ||
+ | |||
+ | |||
+ | * df - DiskFree - Shows how much space is used by files, and how much space is left on storage devices connected to the system in one way or another, both locally mounted and remotely mounted file systems. | ||
+ | * du - DiskUsage - Shows how much space is used by files. | ||
+ | * ls - List - List files with a multitude of options and switches. I use ls -l, of which there usually exists an alias using "ll" as a shortcut to the "ls -l" command. The -l switch shows a Long listing, which means it shows not only file names, but file sizes and file attrubutes, ownerships, etc. I often add the "-a" switch to the "ls" command as well, meaning show "ALL" files, including "hidden" files, which start with a dot to hide them from a normal directory listing. So, I usually always use "ls -al" to list the contents of a directory, such as here: | ||
+ | <br /> | ||
+ | <pre style="color:blue"> | ||
+ | [jamie@rocky9vm32.dawgland.com:~]$ ls -al | ||
+ | total 20 | ||
+ | drwx------. 7 jamie jamie 170 Oct 5 02:01 . | ||
+ | drwxr-xr-x. 3 root root 19 Jan 26 2023 .. | ||
+ | drwx------. 3 jamie jamie 17 Oct 4 23:04 .ansible | ||
+ | -rw-------. 1 jamie jamie 2875 Oct 5 02:10 .bash_history | ||
+ | -rw-r--r--. 1 jamie jamie 18 Nov 1 2022 .bash_logout | ||
+ | -rw-r--r--. 1 jamie jamie 141 Nov 1 2022 .bash_profile | ||
+ | -rw-r--r--. 1 jamie jamie 660 Jan 27 2023 .bashrc | ||
+ | drwx------. 3 jamie jamie 24 Jul 25 21:40 .cache | ||
+ | drwx------. 3 jamie jamie 17 Jul 25 21:38 .config | ||
+ | -rw-------. 1 jamie jamie 20 Oct 5 02:01 .lesshst | ||
+ | drwx------. 3 jamie jamie 19 Jul 25 21:38 .local | ||
+ | drwx------. 2 jamie jamie 61 Jan 27 2023 .ssh | ||
+ | [jamie@rocky9vm32.dawgland.com:~]$ | ||
+ | </pre> | ||
+ | <br /><br /> | ||
+ | |||
+ | == '''MariaDB - The "Free" MySQL Alternative''' == | ||
<br /> | <br /> | ||
'''MySQL''', the long time "free" SQL server and client that used to be included in all standard Linux server installations server, has been acquired by Oracle, and they've "commercialized" it, so that it is no longer "officially" free for any commercial or business usage, and only "free" for personal not-for-profit use. This caused a bunch of long time developers to create what has become the "de-facto" MySQL replacement, and uses the exact same MySQL commands and syntax that we have become accustomed to throughout the years. | '''MySQL''', the long time "free" SQL server and client that used to be included in all standard Linux server installations server, has been acquired by Oracle, and they've "commercialized" it, so that it is no longer "officially" free for any commercial or business usage, and only "free" for personal not-for-profit use. This caused a bunch of long time developers to create what has become the "de-facto" MySQL replacement, and uses the exact same MySQL commands and syntax that we have become accustomed to throughout the years. | ||
<br /><br /> | <br /><br /> | ||
+ | |||
+ | === '''Installation of MariaDB''' === | ||
This is how I installed MariaDB on my new Fedora Linux 24, the latest and greatest! In one command, I've installed both the server and client, along with all of their dependencies! Here's how I did it: | This is how I installed MariaDB on my new Fedora Linux 24, the latest and greatest! In one command, I've installed both the server and client, along with all of their dependencies! Here's how I did it: | ||
<br /> | <br /> | ||
Line 301: | Line 589: | ||
<br /><br /> | <br /><br /> | ||
− | + | === '''Secure MariaDB Database Server Before Enabling SQL Server for Production''' === | |
<br /> | <br /> | ||
Before you enable the MariaDB SQL server, you '''MUST''' secure the server, either manually or using the included mysql_secure_installation shell script. Personally, I prefer to do it manually so that I can fine tune and tweak my installation. But the ultimate choice is your's. | Before you enable the MariaDB SQL server, you '''MUST''' secure the server, either manually or using the included mysql_secure_installation shell script. Personally, I prefer to do it manually so that I can fine tune and tweak my installation. But the ultimate choice is your's. | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''Samba/CIFS Information --> Sharing Linux & Windows Stuff - A Necessary Evil~!''' == | |
<br /> | <br /> | ||
Excellent information on Samba 4 and using it to replace Windows AD, can be found here: | Excellent information on Samba 4 and using it to replace Windows AD, can be found here: | ||
Line 313: | Line 601: | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''Password Info & Creation''' == | |
<br /> | <br /> | ||
Usually, passwords are created from the command line using the "passwd" command. | Usually, passwords are created from the command line using the "passwd" command. | ||
Line 339: | Line 627: | ||
The hash is after the "tim:" part, and can be copy and pasted into any file you need it for. | The hash is after the "tim:" part, and can be copy and pasted into any file you need it for. | ||
<br /><br /> | <br /><br /> | ||
− | + | == '''7zip Archive Handling With Linux''' == | |
<br /> | <br /> | ||
Depending on your distro, you will want to get either the 7za package for RPM and APT based distros, and the p7zip packages for Slackware, my preferred server distro! | Depending on your distro, you will want to get either the 7za package for RPM and APT based distros, and the p7zip packages for Slackware, my preferred server distro! | ||
<br /><br/> | <br /><br/> | ||
− | Fedora VNC Information | + | == '''Fedora VNC Information''' == |
<br /> | <br /> | ||
+ | === '''This is where the symlink for the vncserver@ service resides''' === | ||
<pre style="color:blue"> | <pre style="color:blue"> | ||
[jamie@server system]$ ls -l vncserver@.service | [jamie@server system]$ ls -l vncserver@.service | ||
Line 352: | Line 641: | ||
</pre> | </pre> | ||
+ | <br /><br /> | ||
+ | |||
+ | === '''Puppy Linux''' === | ||
+ | Puppy Linux is one of the tiniest Linux distributions, at only 335MB in size for the 32-bit version. | ||
+ | The verified ISO for PuppyLinux Bionic32 can be downloaded from here: https://thebestlinux.com/pub/BionicPup32-19.03-231016.iso | ||
<br /><br /> | <br /><br /> |
Latest revision as of 00:23, 11 August 2024
Guides, Info & Tips on New Modern Linux Server Administration
Modern Server Administration of Critical Systems
This information pertains to very modern recent relases of Redhat based distributions, including the latest releases of CentOS and Fedora, which has had most of these service upgrades and replacements for the last few years now!
Basic Linux System Commands - System Management
TMUX - Terminal Multiplexer
TMUX is what I consider one of the most invaluable tools when it comes to managing and administering Linux servers from the command line. Among it's many features is it's ability to keep your shell connection running in the event of beding disconnected from a remote SSH session. If used properly, it allows you to reconnect to your SSH session you had running, along with whatever applicatoins, scripts, etc, you had running, without losing a beat! It's really handhy to be able to reconnect to a remote session that was inadvertently disconnected! TMUX has saved my butt many times over the years! It also can be used to open multiple shell connections all in the same window, allowing you to split one terminal into two, four, and so on! Plus, you can share the terminal with other remote users, so they can see waht you are typing, and they can also type and you control the same shell! That comes in very handy when you need to show someone how to do something within a shell.
Here is the very simple installation process on a Red Hat based distribution, on Rocky Linux 9.2:
[jamie@rocky9vm32.dawgland.com:~]$ sudo dnf install tmux Last metadata expiration check: 1:30:38 ago on Thu 05 Oct 2023 12:25:59 AM PDT. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: tmux x86_64 3.2a-4.el9 baseos 474 k Transaction Summary ================================================================================ Install 1 Package Total download size: 474 k Installed size: 1.1 M Is this ok [y/N]: y Downloading Packages: tmux-3.2a-4.el9.x86_64.rpm 612 kB/s | 474 kB 00:00 -------------------------------------------------------------------------------- Total 270 kB/s | 474 kB 00:01 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : tmux-3.2a-4.el9.x86_64 1/1 Running scriptlet: tmux-3.2a-4.el9.x86_64 1/1 Verifying : tmux-3.2a-4.el9.x86_64 1/1 Installed: tmux-3.2a-4.el9.x86_64 Complete! [jamie@rocky9vm32.dawgland.com:~]$
Using TMUX
Using TMUX is as simple as just typing it's name. It will change the color and look of your prompt to indicate it's running.
System Power Off & Reboot
The "shutdown" command has a number of arguments that control how it behaves, such as shutting completely down, or rebooting, with options to send system-wide broadcast messages to all logged in users, apply a delay before shutting down, and other options.
For a simple quick reboot, the alias "reboot" causes an immediate shutdown and startup, resulting in a reboot, hence the name of the command!
As with most all system control commands, you must have eleveated privilges to be the root user, or a memeber of the correct group to allow for usage of sudo to run commands as the root, aka, superuser/administrator. So, as the root user, just typing "reboot" from the command line causes in immediate system reboot without warning or options! If you are not logged in as the root user, then using sudo, assuming you are in the corect sudoers group, to allow you to run the command as if you were logged in as the root user. The command "sudo reboot" then causes an immediate reboot without warning.
The real command to shutdown and reboot the system is the "shutdown" command, with appropriate switches and/or arguments. For instance, to reboot the system now, just as before, but using the shutdown command, the full command to reboot using the shutdown command is as follows:
[jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -r now [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
To shut down a system completely, without starting it back up, instead of using the "-r" switch without the quotes, as in the previous example, you use the "-h" switch, without the quotes, as in this example:
[jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -h now [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
To add a time deley to the shutdown command, so as to allow logged in userrs to have time to log out cleanly, modify the command as follows to include a 30 second time delay before actually shutting down, as show here:
[jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -h -t 30 Shutdown scheduled for Mon 2023-09-11 19:15:53 PDT, use 'shutdown -c' to cancel. [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
Users logged into the same machine will see messages similiar to this when a time delay is given to the shutdown command:
[jamie@rocky9vm35.dawgland2.com:~]$ Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:14:53 PDT): The system will power off at Mon 2023-09-11 19:15:53 PDT! Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:15:53 PDT): The system will power off now! Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
And last, but certently not lease, here is an example to reboot a system in ONE minute, while broadcasting a custom message to all logged on users:
[jamie@rocky9vm35.dawgland2.com:~]$ sudo shutdown -r +1 "This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly!"
This produces these messages in the terminal that called the command:
Reboot scheduled for Mon 2023-09-11 19:33:46 PDT, use 'shutdown -c' to cancel. [jamie@rocky9vm35.dawgland2.com:~]$ Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
Other users logged into the same system will receive messages similar to these:
[jamie@rocky9vm35.dawgland2.com:~]$ Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:32:46 PDT): This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly! The system will reboot at Mon 2023-09-11 19:33:46 PDT! Broadcast message from root@rocky9vm35.dawgland2.com on pts/0 (Mon 2023-09-11 19:33:46 PDT): This Server, Rocky9VM35, will be going down in ONE MINUTE for a quick reboot. Please finish up your work and log off immediatelly! The system will reboot now! Connection to rocky9vm35 closed by remote host. Connection to rocky9vm35 closed.
systemctl
init.d Retired!
The first such service upgrade actually replaced most, if not all of the service init.d startup & shutdown scripts with a very different way of managing the startup, status and shutdown of services, such as the Apache webserver, the CUPS print server, the secure shell, aka the SSH server, and all of the other services that used to be controlled by shell scripts located in the /etc/init.d/ directory. This directory still exists so that in the event that an old legacy service needs to still be managed by the init.d shell scripts, due to the service not yet having the required setup to be managed by the replacement of all of those scripts:
Query Service Status
For instance, here is an example of systemctl being used to query the Secure Shell Server(SSH):
[root@fc24 ~]# systemctl status sshd.service ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pres Active: active (running) since Sun 2016-09-11 01:12:21 PDT; 1h 20min ago Docs: man:sshd(8) man:sshd_config(5) Process: 791 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCE Main PID: 810 (sshd) Tasks: 1 (limit: 512) CGroup: /system.slice/sshd.service └─810 /usr/sbin/sshd Sep 11 01:12:20 fc24.dawgland.com systemd[1]: Starting OpenSSH server daemon. Sep 11 01:12:21 fc24.dawgland.com systemd[1]: sshd.service: PID file /var/run Sep 11 01:12:21 fc24.dawgland.com sshd[810]: Server listening on 0.0.0.0 port Sep 11 01:12:21 fc24.dawgland.com systemd[1]: Started OpenSSH server daemon. lines 1-15/15 (END)
Stopping a Service
This is what is looks like after stopping the SSH server:
[root@fc24 ~]# systemctl stop sshd.service [root@fc24 ~]# systemctl status sshd.service ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pres Active: inactive (dead) since Sun 2016-09-11 02:38:55 PDT; 10s ago Docs: man:sshd(8) man:sshd_config(5) Process: 791 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCE Main PID: 810 (code=exited, status=0/SUCCESS) Sep 11 01:12:20 fc24.dawgland.com systemd[1]: Starting OpenSSH server daemon. Sep 11 01:12:21 fc24.dawgland.com systemd[1]: sshd.service: PID file /var/run Sep 11 01:12:21 fc24.dawgland.com sshd[810]: Server listening on 0.0.0.0 port Sep 11 01:12:21 fc24.dawgland.com systemd[1]: Started OpenSSH server daemon. Sep 11 02:38:55 fc24.dawgland.com systemd[1]: Stopping OpenSSH server daemon. Sep 11 02:38:55 fc24.dawgland.com systemd[1]: Stopped OpenSSH server daemon. lines 1-14/14 (END)
Starting a Service Back Up
And this is the command to start it back up, and because there is no output after starting it, I've also included the output of the status once again after starting the Secure Shell Server back up:
[root@fc24 ~]# systemctl start sshd.service [root@fc24 ~]# systemctl status sshd.service ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pres Active: active (running) since Sun 2016-09-11 02:42:38 PDT; 9s ago Docs: man:sshd(8) man:sshd_config(5) Process: 2801 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCC Main PID: 2803 (sshd) Tasks: 1 (limit: 512) CGroup: /system.slice/sshd.service └─2803 /usr/sbin/sshd Sep 11 02:42:38 fc24.dawgland.com systemd[1]: Starting OpenSSH server daemon. Sep 11 02:42:38 fc24.dawgland.com systemd[1]: sshd.service: PID file /var/run Sep 11 02:42:38 fc24.dawgland.com sshd[2803]: Server listening on 0.0.0.0 por Sep 11 02:42:38 fc24.dawgland.com systemd[1]: Started OpenSSH server daemon. lines 1-15/15 (END)
Disabling a Service
To Disable a service, usually replacing status, start, or stop with "disable" works to disable
most services, but sometimes, it doesn't always work, and you also need to "mask" the service as well.
Using Mask to Forcefully Disable a Service
This proved to be the case with the RPCBIND.service. After stopping and disabling the service, a reboot caused the service to be re-enabled and started back up. To have the service disabled and that state saved after a reboot, the "mask" argument is given to the systemctl command. For instance, in the case of RPCBIND.service, this is how to disable it:
(In the below example, ONLY the 3 commands starting with systemctl are typed by the root superuser)
[root@vm1 ~]# systemctl stop rpcbind.service Warning: Stopping rpcbind.service, but it can still be activated by: rpcbind.socket [root@vm1 ~]# systemctl disable rpcbind.service [root@vm1 ~]# systemctl mask rpcbind.service ln -s '/dev/null' '/etc/systemd/system/rpcbind.service
Changing the Default Run Level the Systemd Way
To change the default run-level from booting up into the Graphical User Interface(GUI) into straight text multi-user, which is preferable on a server, the old method involved editing the /etc/inittab file changing the default runlevel from 5 to 3, as shown here:
id:3:initdefault:
On modern RPM based systems, this has been replaced by using the systemctl command to create/change the symlink /etc/systemd/system/default.target to point to /lib/systemd/multi-user.target, and visa-versa to switch back to the GUI bootup mode. This can be done manually using the shell "ln -sf" symlink creation command, or more easily, and more importantly, more standardized with the systemctl command, as shown here. The following 3 commands show how to first check the default runlevel target, then change it from graphical to text-based multi-user, and then the 3rd command show's confirmation the command was successful.
[root@fc21 ~]# systemctl get-default graphical.target [root@fc21 ~]# systemctl set-default multi-user.target Removed symlink /etc/systemd/system/default.target. Created symlink from /etc/systemd/system/default.target to /usr/lib/systemd/system/multi-user.target. [root@fc21 ~]# systemctl get-default multi-user.target
dnf
Another BIG change to a "more modern" way of managing all of the software packages on your Linux machine,
is the dnf command that is a direct drop-in replacement for yum, the old, tried and true RPM package manager that for going on 20 years has been the main interface to manage Linux software installations, taking into account all of the required dependencies, as well as uninstalling, more commonly referred to "removing" software packages.
Here is an example of how to use dnf to first search for, and then install over the internet, Blender, a very powerful tool to create your own custom animation, simulations and movies:
[root@fc24 ~]# dnf search blender Last metadata expiration check: 2:29:11 ago on Sun Sep 11 00:31:02 2016. =========================== N/S Matched: blender ============================ blender.x86_64 : 3D modeling, animation, rendering and post-production
After searching for and finding the package I want to install, I then use dnf, NOT YUM!, to perform the dependency checking, downloading of the package along with the required dependencies, install all of the packages, and then perform what is called the "Cleanup" portion of the process.
This is how to use dnf to download, install, and then clean up any left over junk:
[root@fc24 ~]# dnf install blender Last metadata expiration check: 2:30:45 ago on Sun Sep 11 00:31:02 2016. Dependencies resolved. ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: Field3D x86_64 1.7.2-1.fc24 updates 519 k OpenColorIO x86_64 1.0.9-11.fc24 fedora 439 k OpenImageIO x86_64 1.6.16-1.fc24 updates 1.7 M blender x86_64 1:2.77a-1.fc24 updates 29 M boost-locale x86_64 1.60.0-7.fc24 updates 279 k boost-program-options x86_64 1.60.0-7.fc24 updates 166 k boost-regex x86_64 1.60.0-7.fc24 updates 300 k fftw-libs-double x86_64 3.3.4-7.fc24 fedora 805 k fonts-blender noarch 1:2.77a-1.fc24 updates 4.7 M google-droid-sans-fonts noarch 20120715-10.fc24 fedora 2.5 M hdf5 x86_64 1.8.16-3.fc24 fedora 1.7 M jack-audio-connection-kit x86_64 1.9.10-5.fc24 fedora 555 k jemalloc x86_64 4.2.1-1.fc24 updates 182 k libffado x86_64 2.2.1-8.fc24 fedora 690 k libspnav x86_64 0.2.3-3.fc24 fedora 17 k libxml++ x86_64 2.40.1-2.fc24 fedora 89 k pugixml x86_64 1.7-2.fc24 fedora 92 k python3-numpy x86_64 1:1.11.0-4.fc24 fedora 3.0 M tinyxml x86_64 2.6.2-11.fc24 fedora 54 k yaml-cpp03 x86_64 0.3.0-9.fc24 fedora 151 k Transaction Summary ============================================================================= Install 20 Packages Total download size: 47 M Installed size: 178 M Is this ok [y/N]: y
Red Hat Enterprise Linux 5,6 & 7 - Common Administrative Command Cheat Sheets
Here are some very nice printable cheat sheets of the most common Red Hat Enterprise Linux administrative commands:
RedHatEnterpriseLinux_5_6_7_Cheatsheets.pdf
File System Tools & Utilities
There are hundreds if not thousands of file system tools, utilities and apps, so here I will try to go over the main, best, and most useful file system tools in my opinion. This section will have to be a "work in progress", and I will add to this section as time permites, as I find myself needing to use these applilcations.
ALL of these tools and utilities must be ran as either the root superuser, or using the "sudo" prefix!
FDISK
fdisk, the disk partitionling command-line tool, as are all Linux command line commands, Case Sensitive, and therefore always lower case! fdisk doesn't always need switches, but ALWAYS MUST have arguments! In the case of fdisk, the most common switch is the "l" switch, a lower-case L. It's used to only LIST, and NOT change/modify any disk partitions. The "l" switch spits out the current partition pointed to with the argument, which is always a Linux "device" file, such as "/dev/sda", case sensitive, without the quotes. /dev/sda is the first hard drive, with the "s" part referring to the old SCSI protocol. Therefore, /dev/sda referres to SCSI device A, the first drive in a Linux system. The next drive would be /dev/sdb, the third drive would be /dev/sdc, and so on.
On more modern systems, that don't use old-school hard drives, the newest technology drives used for storage, especially on laptops, are M.1 drives, which are solid-state drives which usually use the NVMe standard, making the device files for those drives something like /dev/nvme01p0, or similar. CD & DVD writers(also referred to "burners"), often use "/dev/sr0" as the first CD/DVD burner on a system, which stand for "SCSI Recorder Number 0", since numbering usually starts with 0 on computer systems.
Regardless of the device files being used, the "fdisk" commands are all basically the same, other than the actual device you are partitionling, which is CRITICAl, as there is NO going back once you have partitioned and written that partion table to the drive!!! Therefore, you MUST ALWAYS be 100% CERTAIN you are using the correct hard of solid-state drive file!!!
One more BIG concern to take into account is if the disk already has an existing partion table created, from being previously used, you MUST be sure to use the CORRECT disk partitioning tools, as newer, larger and more modern computers use the new disk partitioning tool called GDISK, instead of FDISK! Both are used with all Lower Case letters(fdis & gdisk), but if there is already a "gdisk" partioned disk, known as a "GPT" partition table, you MUST use the "gdisk" tool to make any changes/modification to the disk's partition table, and visa versa in the case of a disk with an existing "fdisk" partion table, known as the "DOS" partition table type. It usually shows as all lower-case, such as "dos".
Usesage of both partitioning tools are almost identicle, with the only real differences being the partition type hex-codes used to define the partition types at creation time.
The first step is the unmount the USB flash drive, before using any partitioning tools, as it can otherwise corrupt the drive. Because I am using an existing 256GB USB 3.0 flash drive, I prefer to use the udiskctl utility to both unmount and power-off USB flash drives. Here is the command I use to "unmount" the drive, before making any changes to it's partition table:
[root@server.dawgland.com:~]# udisksctl unmount -b /dev/sdl Unmounted /dev/sdl. [root@server.dawgland.com:~]#
Next, I need to use the fdisk tool to delete the existing partitions on the USB flash drive:
[root@server.dawgland.com:~]# fdisk /dev/sdl Welcome to fdisk (util-linux 2.35.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. Command (m for help): p Disk /dev/sdl: 234.38 GiB, 251658240000 bytes, 491520000 sectors Disk model: ProductCode Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x00000000 Device Boot Start End Sectors Size Id Type /dev/sdl1 4294967295 8589934589 4294967295 2T ff BBT /dev/sdl2 4294967295 8589934589 4294967295 2T ff BBT /dev/sdl3 4294967295 8589934589 4294967295 2T ff BBT /dev/sdl4 4294967295 5035196669 740229375 353G ff BBT Command (m for help): d Partition number (1-4, default 4): Partition 4 has been deleted. Command (m for help): d Partition number (1-3, default 3): Partition 3 has been deleted. Command (m for help): d Partition number (1,2, default 2): Partition 2 has been deleted. Command (m for help): d Selected partition 1 Partition 1 has been deleted. Command (m for help): p Disk /dev/sdl: 234.38 GiB, 251658240000 bytes, 491520000 sectors Disk model: ProductCode Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x00000000 Command (m for help): w The partition table has been altered. Calling ioctl() to re-read partition table. Syncing disks. [root@server.dawgland.com:~]#
I like to manually run the "sync" command a couple of times just to make sure the disks are all synced up! Here's is me doing so:
[root@server.dawgland.com:~]# sync [root@server.dawgland.com:~]# sync [root@server.dawgland.com:~]# sync [root@server.dawgland.com:~]#
I then use the "fdisk" tool again to view my changes. As can be seen, although the 4 partitions had vanished, as intended, it still shows the deives contains an 'exfat' signature, and althoug it states it will be removed by a "write" command, doing the "w" command does NOT remove the 'exfat' signature, as seen in this example:
[root@server.dawgland.com:~]# fdisk /dev/sdl Welcome to fdisk (util-linux 2.35.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. Command (m for help):
To resolve this issue, the "wipe" options must be CORRECTLY used, as shown in this example:
[root@server.dawgland.com:~]# fdisk -W always /dev/sdl Welcome to fdisk (util-linux 2.35.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. The device contains 'exfat' signature and it will be removed by a write command. See fdisk(8) man page and --wipe option for more details. Command (m for help): w The partition table has been altered. Calling ioctl() to re-read partition table. Syncing disks. [root@server.dawgland.com:~]# sync [root@server.dawgland.com:~]# sync [root@server.dawgland.com:~]# fdisk /dev/sdl Welcome to fdisk (util-linux 2.35.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table. Created a new DOS disklabel with disk identifier 0xe345e7b0. Command (m for help):q [root@server.dawgland.com:~]#
As you can now see, the 'exfat' signature warning is not gone! The disk can now be safely and correctly partitioned as normal!
- The "wipe" switch has a caveat which requires the addition of "always" being used after the -W switch, which must be an upper-case W. Here is an example from a disk that had been partioned and formated using the "ExFAT" partition and filesystem, which held onto the 'exfat' signature and didn't want to clear it by a normal delete partion command and write partition table command. It still showed as 'exfat', as seen in these examples!
- df - DiskFree - Shows how much space is used by files, and how much space is left on storage devices connected to the system in one way or another, both locally mounted and remotely mounted file systems.
- du - DiskUsage - Shows how much space is used by files.
- ls - List - List files with a multitude of options and switches. I use ls -l, of which there usually exists an alias using "ll" as a shortcut to the "ls -l" command. The -l switch shows a Long listing, which means it shows not only file names, but file sizes and file attrubutes, ownerships, etc. I often add the "-a" switch to the "ls" command as well, meaning show "ALL" files, including "hidden" files, which start with a dot to hide them from a normal directory listing. So, I usually always use "ls -al" to list the contents of a directory, such as here:
[jamie@rocky9vm32.dawgland.com:~]$ ls -al total 20 drwx------. 7 jamie jamie 170 Oct 5 02:01 . drwxr-xr-x. 3 root root 19 Jan 26 2023 .. drwx------. 3 jamie jamie 17 Oct 4 23:04 .ansible -rw-------. 1 jamie jamie 2875 Oct 5 02:10 .bash_history -rw-r--r--. 1 jamie jamie 18 Nov 1 2022 .bash_logout -rw-r--r--. 1 jamie jamie 141 Nov 1 2022 .bash_profile -rw-r--r--. 1 jamie jamie 660 Jan 27 2023 .bashrc drwx------. 3 jamie jamie 24 Jul 25 21:40 .cache drwx------. 3 jamie jamie 17 Jul 25 21:38 .config -rw-------. 1 jamie jamie 20 Oct 5 02:01 .lesshst drwx------. 3 jamie jamie 19 Jul 25 21:38 .local drwx------. 2 jamie jamie 61 Jan 27 2023 .ssh [jamie@rocky9vm32.dawgland.com:~]$
MariaDB - The "Free" MySQL Alternative
MySQL, the long time "free" SQL server and client that used to be included in all standard Linux server installations server, has been acquired by Oracle, and they've "commercialized" it, so that it is no longer "officially" free for any commercial or business usage, and only "free" for personal not-for-profit use. This caused a bunch of long time developers to create what has become the "de-facto" MySQL replacement, and uses the exact same MySQL commands and syntax that we have become accustomed to throughout the years.
Installation of MariaDB
This is how I installed MariaDB on my new Fedora Linux 24, the latest and greatest! In one command, I've installed both the server and client, along with all of their dependencies! Here's how I did it:
[root@fc24 ~]# dnf install mariadb-server mariadb Last metadata expiration check: 3:08:41 ago on Sun Sep 11 00:31:02 2016. Dependencies resolved. ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: mariadb x86_64 3:10.1.16-1.fc24 updates 6.3 M mariadb-common x86_64 3:10.1.16-1.fc24 updates 66 k mariadb-config x86_64 3:10.1.16-1.fc24 updates 29 k mariadb-errmsg x86_64 3:10.1.16-1.fc24 updates 203 k mariadb-libs x86_64 3:10.1.16-1.fc24 updates 654 k mariadb-server x86_64 3:10.1.16-1.fc24 updates 19 M perl-DBD-MySQL x86_64 4.036-1.fc24 updates 146 k perl-DBI x86_64 1.634-3.fc24 fedora 729 k perl-Math-BigInt noarch 1.9997.15-2.fc24 fedora 178 k perl-Math-Complex noarch 1.59-362.fc24 updates 95 k perl-Storable x86_64 1:2.53-348.fc24 updates 84 k Transaction Summary ============================================================================= Install 11 Packages Total download size: 28 M Installed size: 140 M Is this ok [y/N]:y
Here is the rest of the output from the "dnf" after hitting the "Y" key to proceed to download the installation RPM packages, install them, and then clean things up to finish the installation:
Downloading Packages: (1/11): mariadb-common-10.1.16-1.fc24.x86_64 158 kB/s | 66 kB 00:00 (2/11): perl-DBI-1.634-3.fc24.x86_64.rpm 1.3 MB/s | 729 kB 00:00 (3/11): perl-Math-BigInt-1.9997.15-2.fc24.no 1.9 MB/s | 178 kB 00:00 (4/11): mariadb-errmsg-10.1.16-1.fc24.x86_64 361 kB/s | 203 kB 00:00 (5/11): mariadb-config-10.1.16-1.fc24.x86_64 295 kB/s | 29 kB 00:00 (6/11): perl-DBD-MySQL-4.036-1.fc24.x86_64.r 532 kB/s | 146 kB 00:00 (7/11): mariadb-libs-10.1.16-1.fc24.x86_64.r 930 kB/s | 654 kB 00:00 (8/11): perl-Math-Complex-1.59-362.fc24.noar 1.0 MB/s | 95 kB 00:00 (9/11): perl-Storable-2.53-348.fc24.x86_64.r 1.0 MB/s | 84 kB 00:00 (10/11): mariadb-10.1.16-1.fc24.x86_64.rpm 2.2 MB/s | 6.3 MB 00:02 (11/11): mariadb-server-10.1.16-1.fc24.x86_6 3.8 MB/s | 19 MB 00:05 ----------------------------------------------------------------------------- Total 4.3 MB/s | 28 MB 00:06 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Installing : mariadb-config-3:10.1.16-1.fc24.x86_64 1/11 Installing : mariadb-common-3:10.1.16-1.fc24.x86_64 2/11 Installing : mariadb-errmsg-3:10.1.16-1.fc24.x86_64 3/11 Installing : mariadb-3:10.1.16-1.fc24.x86_64 4/11 Installing : mariadb-libs-3:10.1.16-1.fc24.x86_64 5/11 Installing : perl-Storable-1:2.53-348.fc24.x86_64 6/11 Installing : perl-Math-Complex-1.59-362.fc24.noarch 7/11 Installing : perl-Math-BigInt-1.9997.15-2.fc24.noarch 8/11 Installing : perl-DBI-1.634-3.fc24.x86_64 9/11 Installing : perl-DBD-MySQL-4.036-1.fc24.x86_64 10/11 Installing : mariadb-server-3:10.1.16-1.fc24.x86_64 11/11 Verifying : mariadb-server-3:10.1.16-1.fc24.x86_64 1/11 Verifying : perl-DBI-1.634-3.fc24.x86_64 2/11 Verifying : mariadb-common-3:10.1.16-1.fc24.x86_64 3/11 Verifying : mariadb-errmsg-3:10.1.16-1.fc24.x86_64 4/11 Verifying : perl-Math-BigInt-1.9997.15-2.fc24.noarch 5/11 Verifying : mariadb-3:10.1.16-1.fc24.x86_64 6/11 Verifying : mariadb-config-3:10.1.16-1.fc24.x86_64 7/11 Verifying : perl-DBD-MySQL-4.036-1.fc24.x86_64 8/11 Verifying : mariadb-libs-3:10.1.16-1.fc24.x86_64 9/11 Verifying : perl-Math-Complex-1.59-362.fc24.noarch 10/11 Verifying : perl-Storable-1:2.53-348.fc24.x86_64 11/11 Installed: mariadb.x86_64 3:10.1.16-1.fc24 mariadb-common.x86_64 3:10.1.16-1.fc24 mariadb-config.x86_64 3:10.1.16-1.fc24 mariadb-errmsg.x86_64 3:10.1.16-1.fc24 mariadb-libs.x86_64 3:10.1.16-1.fc24 mariadb-server.x86_64 3:10.1.16-1.fc24 perl-DBD-MySQL.x86_64 4.036-1.fc24 perl-DBI.x86_64 1.634-3.fc24 perl-Math-BigInt.noarch 1.9997.15-2.fc24 perl-Math-Complex.noarch 1.59-362.fc24 perl-Storable.x86_64 1:2.53-348.fc24 Complete! [root@fc24 ~]#
Secure MariaDB Database Server Before Enabling SQL Server for Production
Before you enable the MariaDB SQL server, you MUST secure the server, either manually or using the included mysql_secure_installation shell script. Personally, I prefer to do it manually so that I can fine tune and tweak my installation. But the ultimate choice is your's.
Samba/CIFS Information --> Sharing Linux & Windows Stuff - A Necessary Evil~!
Excellent information on Samba 4 and using it to replace Windows AD, can be found here:
Setting up Samba 4 as Windows Active Directory Domain Controller
Password Info & Creation
Usually, passwords are created from the command line using the "passwd" command.
When creating a new user account, by default no password is set, so it must be done so manually!
If you need to create a pasword hash that can be copy and pasted into some other file manually,
there are a number of ways to do it, however I personally prefer a tool that is included with most
Linux distributions, aka "Distros". This tool is part of the Apache web server, so most systems already have it installed.
The htpasswd command is very versatile. This is an example of how to create a password hash manually:
[root@server ~]# htpasswd -c /tmp/tmppass tim New password: Re-type new password: Adding password for user tim [root@server ~]# cat /tmp/tmppass tim:$apr1$2/FJ6Trp$YF8RcdKJvkHKsyrZBQn9N0
The hash is after the "tim:" part, and can be copy and pasted into any file you need it for.
7zip Archive Handling With Linux
Depending on your distro, you will want to get either the 7za package for RPM and APT based distros, and the p7zip packages for Slackware, my preferred server distro!
Fedora VNC Information
This is where the symlink for the vncserver@ service resides
[jamie@server system]$ ls -l vncserver@.service -rw-r--r--. 1 root root 1734 Jan 21 2014 vncserver@.service [jamie@server system]$ pwd /lib/systemd/system
Puppy Linux
Puppy Linux is one of the tiniest Linux distributions, at only 335MB in size for the 32-bit version.
The verified ISO for PuppyLinux Bionic32 can be downloaded from here: https://thebestlinux.com/pub/BionicPup32-19.03-231016.iso