RedHat

=All Redhat=
 * Parse /etc/shadow to show info including last password reset
 * ** Script to show when passwords last changed **


 * RedHat Enterprise EOL schedule
 * Register system : "rhn_update" (RHEL 5) or "up2date --register"

=Redhat 5=
 * Yum tasks

Setup & Registration

 * For non-interactive RHN registration, use rhnreg_ks (do "--help" for details).
 * /usr/sbin/rhnreg_ks -v --username= --password= 

Securing RHEL5

 * SCAP: Guide To The Secure Configuration of Red Hat Enterprise Linux 5 From NIST. The Security Content Automation Protocol (SCAP) is a method for using specific standards to enable automated vulnerability management, measurement, and policy compliance evaluation.
 * Checklist Details for DoD Consensus Security Configuration Checklist for RedHat Rel5 v1.0 (Publication Date: 04/09/2010)
 * Excel Spreadsheet of settings
 * Guide to the Secure Configuration of Red Hat Enterprise Linux 5 - NSA (10/21/09)

Memory
total      used       free     shared    buffers     cached Mem:     66000192   64460472    1539720          0     478596   63340836 -/+ buffers/cache:    641040   65359152 Swap:    65537156        268   65536888
 *  Note  - RedHat uses free memory as Buffer Cache (which holds filesystem metadata). So, to get an accurate reading of how much memory is being used by processes look at the output of the free command (-k in kilobytes [default], -m Megabytes). The second line shows the used/free totals not counting what is buffered. So in this example 641MB is used, and 65GB free.
 * To see the Memory Map of a process (or multiple processes) use: pmap [ -x | -d ] [ -q ] pids...

Network
Bonding Interfaces (from here)

modprobe bonding mode=0 miimon=100 # load bonding module ifconfig eth0 down	# putting down the eth0 interface ifconfig eth1 down	# putting down the eth1 interface ifconfig bond0 hw ether 00:11:22:33:44:55	# changing the MAC address of the bond0 interface ifconfig bond0 192.168.55.55 up	# to set ethX interfaces as slave the bond0 must have an ip. ifenslave bond0 eth0	# putting the eth0 interface in the slave mod for bond0 ifenslave bond0 eth1	# putting the eth1 interface in the slave mod for bond0

Multipath & Disk Related

 * Info on Multipathing
 * To show details of what's managed by multipath : /sbin/multipath -ll -v2
 * Making changes to multipath.conf :
 * Stop the multipath service
 * Clear multipath bindings : /sbin/multipath -F
 * Create new multipath bindings : /sbin/multipath -v2 -l
 * Start the multipath service


 * To show SCSI WWID : scsi_id -g -u -s /block/sda (where "sda" is the disk in question)
 * To show device information : udevtest /block/sda (where "sda" is the disk in question)

Setting up UDEV Device Mapper
(from here, p15)
 * 1. Find the Unique identifier each LUN (will display something like "3600a0b8000122c6d00000000453174fc" or "SSEAGATE_ST318406LC_____3FE27FZP000073302G5W")
 * scsi_id -g -u -s /block/  (where is something like "sda").


 * 2. Assoicate a meaningful name

Customizing Multipath
When using multipath, be sure to blacklist internal drives. Configure something like this in /etc/multipath.conf : blacklist { devnode "^sd[a-b]$" devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*" devnode "^hd[a-z][[0-9]*]"               devnode "^cciss!c[0-9]d[0-9]*[p[0-9]*]" }

You can assign custom names to the devices. The first step is to enable user friendly names: defaults { user_friendly_names yes }

Then there are different ways to alias them. The easiest is using the WWID like this : multipaths { multipath { wwid "368b7b22cf506de5754eda4f1a038280f" alias u99 }       multipath { wwid "368b7b22cf506ce5b54edd4f1a038684c" alias u98 }       multipath { wwid "368b7b22cf506be5454ed74f1a0382896" alias u03 } } The end result will look something like this : [root ~]# multipath -ll u03 (368b7b22cf506be5454ed74f1a0382896) dm-4 EQLOGIC,100E-00 [size=200G][features=0][hwhandler=0][rw] \_ round-robin 0 [prio=4][active] \_ 13:0:0:0 sdn 8:208 [active][ready] \_ 14:0:0:0 sdm 8:192 [active][ready] \_ 16:0:0:0 sdj 8:144 [active][ready] \_ 15:0:0:0 sdl 8:176 [active][ready] u99 (368b7b22cf506de5754eda4f1a038280f) dm-3 EQLOGIC,100E-00 [size=500G][features=0][hwhandler=0][rw] \_ round-robin 0 [prio=4][active] \_ 7:0:0:0 sdc 8:32  [active][ready] \_ 8:0:0:0 sdd 8:48  [active][ready] \_ 5:0:0:0 sdf 8:80  [active][ready] \_ 6:0:0:0 sde 8:64  [active][ready] u98 (368b7b22cf506ce5b54edd4f1a038684c) dm-5 EQLOGIC,100E-00 [size=100G][features=0][hwhandler=0][rw] \_ round-robin 0 [prio=4][active] \_ 12:0:0:0 sdg 8:96 [active][ready] \_ 11:0:0:0 sdh 8:112 [active][ready] \_ 9:0:0:0 sdk 8:160 [active][ready] \_ 10:0:0:0 sdi 8:128 [active][ready]

Then in the /etc/fstab you'd add : /dev/mapper/u03        /u03            ext3    _netdev,defaults,errors=continue 0 2 /dev/mapper/u98        /u98            ext3    _netdev,defaults,errors=continue 0 2 /dev/mapper/u99        /u99            ext3    _netdev,defaults,errors=continue 0 2

Links

 * RHEL5 Administration Guide ("Deployment Guide")
 * how to expand / resize an ext3 file system in linux
 * [http://www.oracle-base.com/articles/10g/OracleDB10gR2InstallationOnRHEL5.php Setup Oracle on RHEL 5
 * Installer (i.e. yum, up2date) related stuff
 * How to tell if a TCP network port is open or not
 * RHEL5 network setup
 * Post install notes
 * Compile OpenSSH 5.2p1 C for Redhat/CentOS 5
 * Also here. A comment recommends uninstalling openssh-askpass

Firewall Stuff
For Netbackup : -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 13724 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 13727 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 13782 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 13783 -j ACCEPT
 * List Firewall Rules : iptables -xvn -L
 * Show if running : service iptables status
 * To change firewall rules : edit /etc/sysconfig/iptables, then run service iptables restart
 * rule for SNMPD : -A RH-Firewall-1-INPUT -p udp --dport 161 -j ACCEPT
 * 1) Added for NetBackup

Change Hostname without rebooting

 * edit /etc/sysconfig/network with new hostname (look for the line "HOSTNAME=.....")
 * edit /etc/hosts with new hostname
 * set new hostname using the hostname command
 * run service network restart
 * To verify the hostname has been fully changed, logout of your system and you should see your new hostname being used at the login prompt and after you've logged back in.

Recover Root password

 * If you have lost the password, you should reboot the system.
 * During Grub splashscreen press ESC to stop the counter, select the right entry (it should be the top most),
 * press e to edit and append a " 1" to the kernel line.
 * Now press b to boot. You should reach the prompt, type passwd to change the root password and then reboot.
 * System will automatically remove the change, so should be good after reboot

Recover/Boot Single User Mode

 * From GRUB edit the boot configuration and at the end of the "kernel" line the word "single" then boot.

Show Hardware

 * (from here) Use dmidecode -q . To show only a particular section use "--type (or -t)".
 * ** Types are: bios, system, baseboard, chassis, processor, memory, cache, connector, slot **
 * For example, "/usr/sbin/dmidecode -t system -q" would give an output like this:

System Information Manufacturer: Dell Inc.       Product Name: PowerEdge M610 Version: Not Specified Serial Number: xxxxxxx                         (numbers removed by me) UUID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx     (numbers removed by me) Wake-up Type: Power Switch SKU Number: Not Specified Family: Not Specified System Configuration Options Option 1: NVRAM_CLR: Clear user settable NVRAM areas and set defaults Option 2: PWRD_EN: Close to enable password System Boot Information Status: No errors detected

Set Default Password Expiry
These are defined in /etc/login.defs. Here's an example:
 * PASS_MAX_DAYS  90
 * PASS_MIN_DAYS  1
 * PASS_MIN_LEN   5
 * PASS_WARN_AGE  7


 * If users are already setup, use chage to change last PW change date & aging definition
 * Change last PW change date : chage -d YYYY-MM-DD  [i.e. "chage -d 2010-12-31 duh"]
 * Change PW aging : chage -M <#days>  [i.e. "chage -M 90 duh"]
 * Force user to change Password : chage -d 0 

Non-Login Account
When an account is first created, the password hash in /etc/shadow has "!!". If this is the hash, then the account can't be logged into, but can still be access via SUDO and have cron jobs run.

Limit Logins

 * The  /etc/security/access.conf  file specifies (user, host), (user, network/netmask) or (user, tty) combinations for which a login will be either accepted or refused.

Misc

 * Change Kernel Parameters : edit: /etc/sysctl.conf, then to effect changes do: sysctl -p 
 * List processes listening on ports : netstat -tulnp
 * Find WWN's : cat /sys/class/fc_host/host*/port_name
 * Fix USB Drive Problems : vgscan ; vgchange -ay ; vgscan ; fsck /san  (or whatever)
 * Check when Patched : rpm -qa --last
 * reconfigure the system upon next boot : /usr/sbin/sys-unconfig
 * DESCRIPTION : sys-unconfig provides  a simple method of reconfiguring a system in a new enviroment.  Upon executing sys-unconfig will halt your system, and run the following configuration programs at  boot: passwd (to change the root password), netconfig, timeconfig, kbdconfig, authconfig, and ntsysv.
 * FILES : /.unconfigured - The presence of this file will cause /etc/rc.d/rc.sysinit to run the programs mentioned above.

Printing

 * Cups PPD driver database
 * To add, copy the *.ppd (or can used gziped file as well [*.ppd.gz]) file somewhere below " /usr/share/cups/model/  " (i.e. can make subdirectories if desired)and is " chmod 0664 ", then restart cupsd with " service cups restart  "


 * GUI tool: /usr/bin/system-config-printer
 * Printers are defined in: /etc/cups/printers.conf, PPD files are in: /etc/cups/ppd
 * to find existing printer definition, grep for "DeviceURI" in printers.conf file
 * To display or set printer options and defaults: lpoptions -p  (use -l to list current settings)

Setup Printer via CLI: /usr/sbin/lpadmin -p testpr1 -E -v socket://192.168.1.9 -m deskjet.ppd "-v" can be other things like "lpd:// " or "parallel"//"             "-m" is PPD (printer definition) file              "-p" is printer name              "-E" enables printer and accepts jobs  To Delete Printer:   /usr/sbin/lpadmin -x testpr1

RPM info
(see here)
 * List files in installed package : rpm -ql
 * List files in RPM file : rpm -qpl
 * List what package owns a file : rpm -qf (i.e. "rpm -qf /bin/ls")
 * Show when last patched : rpm -qa --last
 * Query packages by date : rpm -qa --queryformat '%{installtime:date}\t%{name}-%{version}-%{release}\n'

Grow Disk
Ok, Ran into this with VMWARE - I made the root physical drive larger and then realized it was LVM. There were two slices
 * How To extend root / partition 'on-the-fly', ext3/LVM only
 * LVM Partition Resizing
 * To scan for new disks : echo "- - -" > /sys/class/scsi_host/host0/scan
 * - /dev/sda1 was /boot
 * - /dev/sda2 was /

Here's what I did to grow it :
 * Using fdisk I deleted the 2nd partition and recreated it to the new size.
 * NOTE : be sure to mark as bootable & use the right ID / SYSTEM type (same as before)


 * Reboot - Often it caches the disk layout, so need to reboot to discover new sizing
 * For systems using LVM :
 * Grow the PV : pvresize /dev/sda2
 * Grow the LV : vgextend VolGroup00 /dev/sda2
 * Extend the LV : Looking at the output of lvdisplay note the first number on the "Free PE / Size" line. Using that number do:
 * lvextend -l + /dev/VolGroup00/LogVol00

Finally, the growing part.... All set!
 * Extend the File System : resize2fs /dev/VolGroup00/LogVol00