User:Clarcyl/Linux

DNS1=
DNS2=
DOMAIN=

Ajouter

edit
setfacl -Rm u:bernard:rw RepertoireDeTest/

Supprimer

edit
setfacl -b RepertoireDeTest/
setfacl -x u:patrick,g:bernard test

Afficher

edit
getfacl reperoireDeTest/

Reboot without

edit
touch /fastboot
shutdown -rf now

sudo

edit
  • Editer
sudoedit /etc/sudoers
  • Sans password
identifiant	ALL = NOPASSWD: commande,autrecommande
  • Avec password
identifiant	ALL = (user) commande,autrecommande

Information

edit

Version 32B ou 64B

uname -a

Firewall

edit

Centos 6

edit
  • Logger les drop sur un iptables
iptables -A INPUT -p tcp -m tcp -s 0.0.0.0/0 --dport 22  -j ACCEPT
iptables -N LOGGING
iptables -A INPUT -j LOGGING
iptables -A OUTPUT -j LOGGING
iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
iptables -A LOGGING -j DROP

puis

tail -f /var/log/messages

CentOS 7

edit

To allow the 443/tcp port temporary in the internal zone, type:

# firewall-cmd --permanent --zone=internal --add-service=http
# firewall-cmd --reload
# firewall-cmd  --permanent --zone=public --add-port=53/tcp
# firewall-cmd --reload
#  firewall-cmd [--zone=<zone>] --remove-port=<port>[-<port>]/<protocol>

Note: type –remove-port=443/tcp to deny the port.

Add NFS rule in direct.xml

# Allow TCP and UDP port 2049 for NFS.
# Allow TCP and UDP port 111 (rpcbind/sunrpc).
# Allow the TCP and UDP port specified with MOUNTD_PORT="port"
# Allow the TCP and UDP port specified with STATD_PORT="port"
# Allow the TCP port specified with LOCKD_TCPPORT="port"
# Allow the UDP port specified with LOCKD_UDPPORT="port"

Exemple :

<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p udp --dport 111 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p tcp --dport 111 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p udp --dport 2049 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p tcp --dport 2049 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p tcp --dport 32803 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p udp --dport 32803 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p tcp --dport 32769 -j ACCEPT</rule>
<rule priority="1" table="filter" ipv="ipv4" chain="INPUT">-p udp --dport 32769 -j ACCEPT</rule>

List service/ports

# firewall-cmd --list-services
# firewall-cmd --list-ports

List ports

# firewall-cmd --list-services

Afficher la zone par defaut

# firewall-cmd --set-default-zone=<zone>
# firewall-cmd --get-default-zone
public

@Source : http://www.tejasbarot.com/2014/08/05/rhel-7-centos-7-how-to-get-started-with-firewalld/#axzz3JVeFz0pt

OutGoing Traffix

edit

Example : To DROP all applications ports

firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp --dport=0:1024 -j DROP

Example : To enable only outgoing port 80:

firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp --dport=80 -j ACCEPT
firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 1 -j DROP

This will add it to permanent rules, not the runtime rules. You will need to reload permanent rules so they become runtime rules.

firewall-cmd --reload

to display permanent rules

firewall-cmd --permanent --direct --get-all-rules

to display runtime rules

firewall-cmd --direct --get-all-rules

Désactiver interface graphique

edit

éditer /etc/inittab

id:3:initdefault:
edit
multipath -ll

Scan new Lun

edit
# ls /sys/class/fc_host
# echo "1" > /sys/class/fc_host/host0/issue_lip
# echo "- - -" > /sys/class/scsi_host/host0/scan
# echo "1" > /sys/class/fc_host/host1/issue_lip
# echo "- - -" > /sys/class/scsi_host/host1/scan

Removing a Path to a Storage Device

edit
echo offline > /sys/block/sda/device/state.
echo 1 > /sys/block/device-name/device/delete where device-name may be sde, for example (as described in Procedure 1, “Ensuring a Clean Device Removal”). 

link ( https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Online_Storage_Reconfiguration_Guide/removing_path-to-storage-device.html )

Identifier un volume Datacore sur un système linux

edit

Datacore :

Virtual disks > Selectionner mon vdisk > Settings > advanced >

SCSI device Id :  naa.60030d90a4694d03f162e0255d93aa76

Linux :

ll /dev/disk/by-id
total 0
lrwxrwxrwx 1 root root  9 Jun 14 13:38 scsi-360030d90315f41435231300000000000 -> ../../sdg
lrwxrwxrwx 1 root root 10 Jun 15 14:34 scsi-360030d90315f41435231300000000000-part1 -> ../../sdg1
lrwxrwxrwx 1 root root  9 Jun 14 13:38 scsi-360030d90325f41435231305f41726368 -> ../../sdh
lrwxrwxrwx 1 root root  9 Jun 14 13:38 scsi-360030d9049a34f03aca389ea72edad29 -> ../../sdb
lrwxrwxrwx 1 root root 10 Jun 15 14:34 scsi-360030d9049a34f03aca389ea72edad29-part1 -> ../../sde1
lrwxrwxrwx 1 root root  9 Jun 14 13:38 scsi-360030d909f9cde06e480478a99b099f5 -> ../../sdc
lrwxrwxrwx 1 root root  9 Jun 14 13:38 scsi-360030d90a4694d03f162e0255d93aa76 -> ../../sda

Ou alors :

dmsetup info /dev/dm-1
Name:              360030d9049a34f03aca389ea72edad29
State:             ACTIVE
Read Ahead:        256
Tables present:    LIVE
Open count:        1
Event number:      1
Major, minor:      253, 1
Number of targets: 1
UUID: mpath-360030d9049a34f03aca389ea72edad29

Fait le lien avec /dev/dm-??

dmsetup ls
test-testlv	(253, 7)
SDataCoreSANmelody_2_ACR10_Archives	(253, 4)
360030d909f9cde06e480478a99b099f5	(253, 2)
360030d90a4694d03f162e0255d93aa76	(253, 0)
360030d9049a34f03aca389ea72edad29	(253, 1)
SDataCoreSANmelody_1_ACR10	(253, 3)
SDataCoreSANmelody_1_ACR10p1	(253, 6)
360030d9049a34f03aca389ea72edad29p1	(253, 5)

Le reste je sais tu sais faire !

Ajouter un disque

edit
sudo vgcreate vol_grp1 /dev/sda6 /dev/sda7   
sudo lvcreate -l 20 -n logical_vol1 vol_grp1 
sudo  mkfs.ext3 /dev/vol_grp1/logical_vol1

commande Réseau

edit

Ecoute d'un port (2000)

sudo tcpdump  -XX -vv -s0 -i eth0 tcp  port 2000

Copier un fichier vers un port réseau

# nc  -vv  194.177.51.33 2000 < README.txt
Connection to 194.177.51.33 2000 port [tcp/sieve-filter] succeeded!

Network

edit

Après un changement de carte réseau la modification de la mac adresse dans ifcfg-eth0 ne suffit pas il faut en plus :

cd /etc/udev/rules.d/
cp 70-persistent-net.rules /root/
rm 70-persistent-net.rules
reboot

Si le probleme n'est pas résolu: Si dans dmesg le message suivant apparait :

udev: renamed network interface eth0 to eth1

editer le fichier :

/etc/udev/rules.d/70-persistent-net.rules

Normally, you should have a double entry (eth0 and eth1) with different MAC address. This often happen when the OS is virtualized. Just delete the whole entry for eth1 and then rename eth1 to eth0 on the following entry and reboot

Découpe le fichier en X partie avec le caractère : (:) et récupère la première (1)

cut -d : -f 1 ficher.txt

Renice

edit
renice -19 PID
sed -e "s/avant/apres/g" fichier.txt> test.txt

Classer les répertoires par taille

edit
du -k . | sort -n

Gestion de paquets

edit
  • installalation
rpm -ivh
  • paquets installé
rmp -qa | grep -i NomDupaquet
  • uninstall
rpm -e

Montage

edit
mount -t iso9660 /dev/cdrom /mnt/cdrom
umount /home/
umount: /home/: device is busy.
fuser -kmiuv /home/
                    USER        PID ACCESS COMMAND
/home/:              root     kernel mount (root)/home
                    boinc      2167 F.c.m (boinc)boinc
                    pcr        3326 ..c.. (pcr)sh
Tuer le processus 2167 ? (y/N) N
Tuer le processus 3326 ? (y/N)

Groupe

edit
  • ajouter un utilisateur
usermod -G group user
usermod -g primarygroup user

Compression

edit
  • Compression
tar -cvf fichier.tar MonRepertoire1
tar -czvf fichier.tar.gz MonRepertoire1
  • Décompression
tar -xvf fichier.tar
tar -xzvf fichier.tar.gz

Problème fstab

edit
mount -o remount,rw /

ou

mount -rw -o remount /

MYSQL

edit
  • Definir un mot de passe
/usr/bin/mysqladmin -u root password motdepasse
  • import / export base
mysql -h host -u user -ppass base_de_donnees < fichier_dump
mysqldump [options] base_de_donnees > fichier.sql

Crontab

edit

http://www.siteduzero.com/tutoriel-3-73917-crontab-executer-une-commande-regulierement.html

# * * * * *  command to execute
# │ │ │ │ │
# │ │ │ │ │
# │ │ │ │ └───── day of week (0 - 6) (0 to 6 are Sunday to Saturday, or use names; 7 is Sunday, the same as 0)
# │ │ │ └────────── month (1 - 12)
# │ │ └─────────────── day of month (1 - 31)
# │ └──────────────────── hour (0 - 23)
# └───────────────────────── min (0 - 59)
@reboot      Run once, at startup.
@yearly       Run once a year, "0 0 1 1 *".
@annually    (same as @yearly)
@monthly    Run once a month, "0 0 1 * *".
@weekly     Run once a week, "0 0 * * 0".
@daily        Run once a day, "0 0 * * *".
@midnight   (same as @daily)
@hourly      Run once an hour, "0 * * * *".

Recreer /dev/null

edit
mknod /dev/null c 2 2
~/.rhosts
/etc/hosts.equiv

pour "rsh host command", le /etc/hosts doit être renseigné sur les deux machines.

load average

edit
#  top -b -n 1 | awk '{if (NR <=7) print; else if ($8 == "D") {print; count++} } END {print "Total status D: "count}'
top - 12:02:19 up 11 days,  2:04,  1 user,  load average: 6.15, 6.09, 6.01
Tasks: 613 total,   1 running, 612 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.1%us,  0.1%sy,  0.0%ni, 99.6%id,  0.2%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   8047248k total,  7074380k used,   972868k free,   141636k buffers
Swap:  8388600k total,        0k used,  8388600k free,  4723208k cached
  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
3887 root      20   0  311m 158m  11m D  0.0  2.0 107:51.07 tina_bck
4704 root      20   0  412m 258m  11m D  0.0  3.3  10:53.91 tina_bck
13579 root      20   0  412m 259m  11m D  0.0  3.3  27:07.77 tina_bck
19242 root      20   0  311m 159m  11m D  0.0  2.0  68:56.35 tina_bck
27880 root      20   0  411m 258m  11m D  0.0  3.3   3:09.46 tina_bck
29998 root      20   0  310m 157m  11m D  0.0  2.0  37:54.05 tina_bck

ajouter les depots optionnel de RHEL

edit
yum-config-manager --enable rhel-6-server-optional-rpms

ou

subscription-manager repos --enable rhel-6-server-optional-rpms

Enregistrement Redhat

edit

sur esx 2 rhn_register

date

edit

date "+%y%m%d"

140324

date --date="yesterday"

grep

edit
zgrep -e " 50[234] " prod.access.log.3.gz
.... | awk '{print $6}'
ps -ef | grep tail | grep -v grep |awk '{system("kill -9 "$2)}'
ps -ef | grep tail | grep -v grep |awk '{system("echo kill -9 "$2)}'

history

edit
history | cut -c 8-

reduire nb de processeur

edit

Change the boot arguments to use ony n number of CPU cores instead of m cores which are actually present, PROVIDED n

a) Add "maxcpus=n" in the bootargs during boot time:

    linux    /boot/vmlinuz-2.6.31-21-generic root=UUID=2ebbae04-b641-44e9-935f-8964159d79cb ro   quiet splash maxcpus=n

This will not be persistent across subsequent boots.

b) To make it permanent, modify/edit /etc/default/grub and add "maxcpus=n" in the following line:

   GRUB_CMDLINE_LINUX_DEFAULT="quiet splash maxcpus=n"

Method 2: "Enable/Disable a CPU core on the fly"

On a Linux machine you can get the CPU information from /proc/cpuinfo file. On a dual core machine, you will get the output like this:

   $ cat /proc/cpuinfo
   processor : 0
   vendor_id : GenuineIntel
To disable a core run the following command on a Ubuntu machine:
   $ sudo sh -c "echo 'n' > /sys/devices/system/cpu/cpu1/online"