Difference between revisions of "CentOS Linux Distribution Reference"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
(Created page with "== CentOS boot screen- show messages == CentOS 6 comes with a splash screen that displays a progress bar as it boots. You can hit any key during the boot process to make the boo...")
 
Line 33: Line 33:
 
  # gzip -d foo.tgz
 
  # gzip -d foo.tgz
 
  # tar xvf foo.tar
 
  # tar xvf foo.tar
 +
 +
== iptables/netfilter ==
 +
 +
see if iptables is actually running
 +
 +
# lsmod | grep table
 +
# iptables -L
 +
 +
Save new IP tables entered- writes the current iptables configuration to /etc/sysconfig/iptables
 +
 +
# /sbin/service iptables save
 +
 +
Do not use 'service iptables save'
 +
 +
== adding new users to system ==
 +
 +
set up all the defaults for useradd
 +
 +
# cd /etc/skel
 +
 +
set all the profile defaults, such as in .bash_profile
 +
 +
# vi /etc/login.defs
 +
 +
Every new user is assigned to an initial (or primary) group. Two conventions exist.
 +
 +
Traditionally this primary group is the same for all users and is called users with a group id (GID) of 100. Many Linux distributions adhere to this convention such as Suse and Debian.
 +
 +
The User Private Group scheme (UPG) was introduced by RedHat and changes this convention without changing the way in which UNIX groups work. With UPG each new user belongs to their own primary group. The group has the same name as the login-name (default), and the GID is in the 500 to 60000 range (same as UIDs).
 +
 +
NOTE: When using the traditional scheme for groups the user’s umask (see LPI 101) is set to 022, whereas in the UPG scheme the umask is set to 002.
 +
 +
ref: http://en.wikibooks.org/wiki/Ict-innovation/LPI/107.1
 +
 +
== /sbin/nologin vs /bin/false ==
 +
 +
When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.'. This message can be changed with the file /etc/nologin.txt.
 +
 +
/bin/false is just a binary that immediately exits, returning false, when its called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same affect of not allowing someone to log in but false is probably used as a convention over true since its much better at conveying the concept that person doesn't have a shell.
 +
 +
Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.
 +
 +
nologin is the more user friendly option, with a customizable message given to the user trying to login, so you would theoretically want to use that but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.
  
  

Revision as of 21:50, 21 January 2014

CentOS boot screen- show messages

CentOS 6 comes with a splash screen that displays a progress bar as it boots. You can hit any key during the boot process to make the boot splash screen disappear and display what its doing when its booting.

To make CentOS 6 display the details about what its doing while it boots, first make a backup of the file at /etc/grub.conf

Open /etc/grub.conf in vi and look for the line(s) that begin with ‘kernel’. At the end of them you’ll see ‘rhgb’ and ‘quiet’. Remove both of those words from grub.conf. After saving, reboot the server.

 title CentOS Linux (2.6.32-71.29.1.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-71.29.1.el6.x86_64 ro root=UUID=c209fbd2-0738-4672-b225-6a5c09f65ad2 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto rhgb quiet initrd /initramfs-2.6.32-71.29.1.el6.x86_64.img

source: http://blog.nexcess.net/2011/08/22/making-the-centos-6-boot-splash-screen-more-verbose/

yum versus rpm

RPM is a package manager while YUM is a frontend that can be used with RPM. YUM deals with more dependencies whereas RPM all too frequently does not.

You can 'yum' to install a package and dependencies (additional packages needed to make your package work.)

CentOS How to install lrzsz offering rz and sz commands

# yum install lrzsz

In any unix environment you can extract tzg files

# gtar xzvf foo.tgz

or using gzip and tar

# gzip -d foo.tgz
# tar xvf foo.tar

iptables/netfilter

see if iptables is actually running

# lsmod | grep table
# iptables -L

Save new IP tables entered- writes the current iptables configuration to /etc/sysconfig/iptables

# /sbin/service iptables save

Do not use 'service iptables save'

adding new users to system

set up all the defaults for useradd

# cd /etc/skel

set all the profile defaults, such as in .bash_profile

# vi /etc/login.defs

Every new user is assigned to an initial (or primary) group. Two conventions exist.

Traditionally this primary group is the same for all users and is called users with a group id (GID) of 100. Many Linux distributions adhere to this convention such as Suse and Debian.

The User Private Group scheme (UPG) was introduced by RedHat and changes this convention without changing the way in which UNIX groups work. With UPG each new user belongs to their own primary group. The group has the same name as the login-name (default), and the GID is in the 500 to 60000 range (same as UIDs).

NOTE: When using the traditional scheme for groups the user’s umask (see LPI 101) is set to 022, whereas in the UPG scheme the umask is set to 002.

ref: http://en.wikibooks.org/wiki/Ict-innovation/LPI/107.1

/sbin/nologin vs /bin/false

When /sbin/nologin is set as the shell, if user with that shell logs in, they'll get a polite message saying 'This account is currently not available.'. This message can be changed with the file /etc/nologin.txt.

/bin/false is just a binary that immediately exits, returning false, when its called, so when someone who has false as shell logs in, they're immediately logged out when false exits. Setting the shell to /bin/true has the same affect of not allowing someone to log in but false is probably used as a convention over true since its much better at conveying the concept that person doesn't have a shell.

Looking at nologin's man page, it says it was created in 4.4 BSD (early 1990s) so it came long after false was created. The use of false as a shell is probably just a convention carried over from the early days of UNIX.

nologin is the more user friendly option, with a customizable message given to the user trying to login, so you would theoretically want to use that but both nologin and false will have the same end result of someone not having a shell and not being able to ssh in.