Adding and quiting services with chkconfig
This implementation of chkconfig was inspired by the chkconfig command present in the IRIX operating system. Rather than maintaining configuation information outside of the /etc/rc[0-6].d hierarchy, however, this version directly manages the symlinks in /etc/rc[0-6].d.
In Redhat Linux you have a powerfull tool called chkconfig, you can list all the services with:
chkconfig --list
To see the services started in runlevel 3:
chkconfig --list | grep 3:on
To turn off a service in all the runlevels:
chkconfig pcmcia off
Turn off a service in a desired runlevel:
[root@monitor1]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@monitor1]# chkconfig --level 3 hpoj off
[root@monitor1 rc3.d]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:off 4:on 5:on 6:off
If you want to add a new service, you created the /etc/rc.d/init.d/ file and now you wans to manage the service, configure it to start and stop on desired runlevels.
Edit the /etc/rc.d/init.d/service-name file, and add this line on the top:
#!/bin/bash
# chkconfig: 2345 55 25
# description: A service that does powerful things
#
This is a description of what this line does:
# chkconfig: 2345 55 25
| | |
| | priority for kill scripts
| |
| priority for start scripts
|
run levels at which to start service
Then execute, for example, adding the qmail service:
[root@monitor1 init.d]# chkconfig --add qmail
[root@monitor1 init.d]# chkconfig --list qmail
qmail 0:off 1:off 2:off 3:on 4:off 5:on 6:off
Now configure it to start on desired runlevels !
Friday, October 2, 2009
Configure ttysnoop with SSH
Configure ttysnoop with SSH in Suse Or Redhat Linux
This time a nice administrator tool called TTYSNOOP, it permits to watch what other persons are doing in other terminals. Usefull for security people.
Steps:
1) Download openssh from http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/
wget http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
2) Uncompress it
tar zxvf openssh-4.6p1.tar.gz
3) Compile it, you have to set the "login" program that ssh has to use !
cd openssh-4.6p1
export LOGIN_PROGRAM="/sbin/foo_login"
cd openssh-4.6p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam --with-tcp-wrappers
make
make install
4) Modify the sshd_config file, should be located in /etc/ssh/sshd_config and change these variables:
PasswordAuthentication yes
UseLogin yes
Compile ttysnoop
5) Download ttysnoop from http://freshmeat.net/redir/ttysnoop26/
wget http://freshmeat.net/redir/ttysnoop26/50871/url_tgz/ttysnoop-0.12d.k26.tar.gz
6) tar xzvf ttysnoop-0.12d.k26.tar.gz
7) cd ttysnoop-0.12d.k26
8) make
9) make install
10) Copy the new login from ttysnoop:
cp ttysnoops /sbin/foo_login
11) This directory is not created, you have to do it:
mkdir /var/spool/ttysnoop
12) copy snooptab.dist to /etc
cp snooptab.dist /etc/snooptab
13) Edit /etc/snooptab
Comment all lines except:
* socket login /bin/login
Now you can use it:
#w
wlamagna pts/1 192.168.2.20 16:51 0.00s 1:42 0.01s login -- wlamagna
In another terminal write this to snoop terminal 1.
#ttysnoop 1
This time a nice administrator tool called TTYSNOOP, it permits to watch what other persons are doing in other terminals. Usefull for security people.
Steps:
1) Download openssh from http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/
wget http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
2) Uncompress it
tar zxvf openssh-4.6p1.tar.gz
3) Compile it, you have to set the "login" program that ssh has to use !
cd openssh-4.6p1
export LOGIN_PROGRAM="/sbin/foo_login"
cd openssh-4.6p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam --with-tcp-wrappers
make
make install
4) Modify the sshd_config file, should be located in /etc/ssh/sshd_config and change these variables:
PasswordAuthentication yes
UseLogin yes
Compile ttysnoop
5) Download ttysnoop from http://freshmeat.net/redir/ttysnoop26/
wget http://freshmeat.net/redir/ttysnoop26/50871/url_tgz/ttysnoop-0.12d.k26.tar.gz
6) tar xzvf ttysnoop-0.12d.k26.tar.gz
7) cd ttysnoop-0.12d.k26
8) make
9) make install
10) Copy the new login from ttysnoop:
cp ttysnoops /sbin/foo_login
11) This directory is not created, you have to do it:
mkdir /var/spool/ttysnoop
12) copy snooptab.dist to /etc
cp snooptab.dist /etc/snooptab
13) Edit /etc/snooptab
Comment all lines except:
* socket login /bin/login
Now you can use it:
#w
wlamagna pts/1 192.168.2.20 16:51 0.00s 1:42 0.01s login -- wlamagna
In another terminal write this to snoop terminal 1.
#ttysnoop 1
Post install in Fedora Core 6 and Fedora 7
Post install in Fedora Core 6 and Fedora 7
Fedora 7 really rocks. I recommend to install the livna repository and these packages after the normal installation.
# rpm -ivh http://rpm.livna.org/livna-release-6.rpm
Install the mp3's plugins
# yum install gstreamer-plugins-ugly
Install totem-xine and firefox plugin
# yum install totem-xine totem-xine-mozplugin
# yum install ffmpeg gstreamer-ffmpeg sox lame faad2 mjpegtools xine-lib-extras-nonfree
Install the plugins to see mpeg videos in Linux
yum install libdvdread
yum install libdvdcss
yum install libdvdnav
yum install xine-lib-extras-nonfree
yum install xine-lib
yum install mplayer
For security reasons i recommend to turnoff these services that come enabled by default:
chkconfig haldaemon off
service haldaemon stop
chkconfig sendmail off
service sendmail stop
chkconfig hplip off
service hplip stop
chkconfig portmap off
service portmap stop
chkconfig avahi-daemon off
service avahi-daemon stop
chkconfig nfs off
service nfs stop
chkconfig rpcidmapd off
service rpcidmapd stop
chkconfig rpcgssd off
service rpcgssd stop
chkconfig autofs off
service autofs stop
chkconfig yum-updatesd off
service yum-updatesd stop
chkconfig nfslock off
service nfslock stop
chkconfig hidd off
service hidd stop
chkconfig pcscd off
chkconfig acpid off
service acpid stop
chkconfig iptables off
service iptables stop
Fedora 7 really rocks. I recommend to install the livna repository and these packages after the normal installation.
# rpm -ivh http://rpm.livna.org/livna-release-6.rpm
Install the mp3's plugins
# yum install gstreamer-plugins-ugly
Install totem-xine and firefox plugin
# yum install totem-xine totem-xine-mozplugin
# yum install ffmpeg gstreamer-ffmpeg sox lame faad2 mjpegtools xine-lib-extras-nonfree
Install the plugins to see mpeg videos in Linux
yum install libdvdread
yum install libdvdcss
yum install libdvdnav
yum install xine-lib-extras-nonfree
yum install xine-lib
yum install mplayer
For security reasons i recommend to turnoff these services that come enabled by default:
chkconfig haldaemon off
service haldaemon stop
chkconfig sendmail off
service sendmail stop
chkconfig hplip off
service hplip stop
chkconfig portmap off
service portmap stop
chkconfig avahi-daemon off
service avahi-daemon stop
chkconfig nfs off
service nfs stop
chkconfig rpcidmapd off
service rpcidmapd stop
chkconfig rpcgssd off
service rpcgssd stop
chkconfig autofs off
service autofs stop
chkconfig yum-updatesd off
service yum-updatesd stop
chkconfig nfslock off
service nfslock stop
chkconfig hidd off
service hidd stop
chkconfig pcscd off
chkconfig acpid off
service acpid stop
chkconfig iptables off
service iptables stop
Upgrading Linux Daylight Saving Time
Upgrading Linux Daylight Saving Time (timezone)
Linux uses a special mechanism called DST (Daylight Saving Time) that is used by linux to update the time of the operating system when the clock has to change for daylight saving. The daylight saving, of course, is different for every location and country.
In 2005, the congress of United States changed its daylight saving, but at that time, Redhat 7.3 already existed and its daylight saving files where deprecated. Newer versions of Linux have their DST files updated but in United States, this year the time changes, and if there are RH 7.3, they will change the incorrect day.
Check if you have the new timezones:
$ zdump -v /etc/localtime | grep 2007
The file /etc/localtime is a link to the corresponding timezone for the country the computer is in, the files of timezones are in /usr/share/zoneinfo/
For example, California's file is in /usr/share/zoneinfo/US/Pacific
You could do:
$ zdump -v /usr/share/zoneinfo/US/Pacific | grep 2007
If the output says:
/usr/share/zoneinfo/US/Pacific Sun Mar 11 09:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 PST isdst=0 gmtoff=-28800
/usr/share/zoneinfo/US/Pacific Sun Mar 11 10:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 PDT isdst=1 gmtoff=-25200
/usr/share/zoneinfo/US/Pacific Sun Nov 4 08:59:59 2007 UTC = Sun Nov 4 01:59:59 2007 PDT isdst=1 gmtoff=-25200
/usr/share/zoneinfo/US/Pacific Sun Nov 4 09:00:00 2007 UTC = Sun Nov 4 01:00:00 2007 PST isdst=0 gmtoff=-28800
All is OK, if not, you have to upgrade Zoneinfo Files.
So it is required, in some "old" linux distributions, to upgrade the timezone files, steps are following:
1) Get the new timezone tzdata2007c.tar.gz copy it to some directory.
wget ftp://elsie.nci.nih.gov/pub/tzdata2007k.tar.gz
2) tar zvxf tzdata2007k.tar.gz
3) zic -d zoneinfo northamerica
4) cd zoneinfo
5) cp -r * /usr/share/zoneinfo
Now try again:
zdump -v /etc/localtime | grep 2007
Linux uses a special mechanism called DST (Daylight Saving Time) that is used by linux to update the time of the operating system when the clock has to change for daylight saving. The daylight saving, of course, is different for every location and country.
In 2005, the congress of United States changed its daylight saving, but at that time, Redhat 7.3 already existed and its daylight saving files where deprecated. Newer versions of Linux have their DST files updated but in United States, this year the time changes, and if there are RH 7.3, they will change the incorrect day.
Check if you have the new timezones:
$ zdump -v /etc/localtime | grep 2007
The file /etc/localtime is a link to the corresponding timezone for the country the computer is in, the files of timezones are in /usr/share/zoneinfo/
For example, California's file is in /usr/share/zoneinfo/US/Pacific
You could do:
$ zdump -v /usr/share/zoneinfo/US/Pacific | grep 2007
If the output says:
/usr/share/zoneinfo/US/Pacific Sun Mar 11 09:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 PST isdst=0 gmtoff=-28800
/usr/share/zoneinfo/US/Pacific Sun Mar 11 10:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 PDT isdst=1 gmtoff=-25200
/usr/share/zoneinfo/US/Pacific Sun Nov 4 08:59:59 2007 UTC = Sun Nov 4 01:59:59 2007 PDT isdst=1 gmtoff=-25200
/usr/share/zoneinfo/US/Pacific Sun Nov 4 09:00:00 2007 UTC = Sun Nov 4 01:00:00 2007 PST isdst=0 gmtoff=-28800
All is OK, if not, you have to upgrade Zoneinfo Files.
So it is required, in some "old" linux distributions, to upgrade the timezone files, steps are following:
1) Get the new timezone tzdata2007c.tar.gz copy it to some directory.
wget ftp://elsie.nci.nih.gov/pub/tzdata2007k.tar.gz
2) tar zvxf tzdata2007k.tar.gz
3) zic -d zoneinfo northamerica
4) cd zoneinfo
5) cp -r * /usr/share/zoneinfo
Now try again:
zdump -v /etc/localtime | grep 2007
How to enter the Linux machine without root password
How to enter the Linux machine without root password
If the linux box's password has changed and it is not possible to loggin, you will need some hacking techniques to go into the linux machine.
The first method is easier and may be possible if you have single user mode enabled in grub.
At grub boot prompt write:
> linux single
Then it will bood in user single mode, runlevel 1, at this point you can just run "passwd root" and change the password.
The advanced technique is, editing the grub kernel boot parameters, press "e" at grub, and add to the kernel options "init=/bin/sh". Then press "b" to boot with that kernel. A command prompt will appear, the linux partition is mounted at this moment read only.
Write:
$ mount / -o remount,rw
Now you can write to the partition and this way edit your password if you loosed it.
How to secure the grub boot loader ?
To secure grub and prevent to enter the machine without a password, letting on a side the fact that you have to physicaly secure the machine (disable cd, floppy,usb,etc), you would want to configure a password for grub:
[root@serverlinux ~]# grub-md5-crypt Password: Retype password: $1$4shhF$MFIg6cjkfUwQYyhA8ZgRH0
Edit /boot/grub/menu.lst and add the password hash that grub-md5-crypt created:
default 0
timeout 5 password --md5 $1$4shhF$MFIg6cjkfUwQYyhA8ZgRH0
title Linux serverlinux.blogspot.com 2.6.22.9-61.fc6 root (hd0,0) kernel /boot/vmlinuz root=/dev/hda3 ro savedefault boot
If the linux box's password has changed and it is not possible to loggin, you will need some hacking techniques to go into the linux machine.
The first method is easier and may be possible if you have single user mode enabled in grub.
At grub boot prompt write:
> linux single
Then it will bood in user single mode, runlevel 1, at this point you can just run "passwd root" and change the password.
The advanced technique is, editing the grub kernel boot parameters, press "e" at grub, and add to the kernel options "init=/bin/sh". Then press "b" to boot with that kernel. A command prompt will appear, the linux partition is mounted at this moment read only.
Write:
$ mount / -o remount,rw
Now you can write to the partition and this way edit your password if you loosed it.
How to secure the grub boot loader ?
To secure grub and prevent to enter the machine without a password, letting on a side the fact that you have to physicaly secure the machine (disable cd, floppy,usb,etc), you would want to configure a password for grub:
[root@serverlinux ~]# grub-md5-crypt Password: Retype password: $1$4shhF$MFIg6cjkfUwQYyhA8ZgRH0
Edit /boot/grub/menu.lst and add the password hash that grub-md5-crypt created:
default 0
timeout 5 password --md5 $1$4shhF$MFIg6cjkfUwQYyhA8ZgRH0
title Linux serverlinux.blogspot.com 2.6.22.9-61.fc6 root (hd0,0) kernel /boot/vmlinuz root=/dev/hda3 ro savedefault boot
Resizing a partition in linux with parted
Resizing a partition in linux with parted
To resize an ext3 partition comes handy LVM, but i will explain how i did it without. I did this in a Fedora 6, booting with a Fedora 7 or Knoppix disk and entering into rescue mode, sorry but i can not take any resposibility if something goes wrong while following this procedures>
After getting the prompt in Fedora 7 or any other distro in rescue mode, unmount all the partitions of the filesystem you want to resize, in my case it is the disk /dev/sda, but it could be /dev/hda
Fedora 7 rescue disk has parted installed and i get , so we are going to use it.
#umount /dev/{sda1,sda2,sda3}
Check the Filesystem to resize, i am going to shrink sda2 first
#e2fsck -f /dev/sda2
Resizing the partition:
#resize2fs -p /dev/sda2 2600M
The size parameter may be suffixed by one of the following the units designators: 's', 'K', 'M', or 'G', for 512 byte sectors, kilobytes, megabytes, or gigabytes, respectively. The -p argument is to display a nice status bar.
The message on screen is:
Resizing the filesystem on /dev/sda2 to 665600 (4k) blocks
So i do the calculation of how many bytes this is to use it later in fdisk:
665600 blocks * 4k = 2662400 Bytes.
My partition had 4 G before, now, after resizing, the partition will still have 4G, but "resize2fs" has prepared for a technical surgical procedure ;-) we are going to delete the partition and recreate it
I entered fdisk and deleted the /dev/sda2 partition, then i recreated it with the same starting cylinder and +2662400K as size (this is imperative and may loose all your information if you do not do this right, again, i take no responsability, the results may depend on filesystems). Then i wrote the partition with "w" and went back to the shell.
Now i execute again:
#resize2fs -p /dev/sda2 2600M
And this command to recreate some information of the partition table.
#e2fsck -f /dev/sda2
Time to reboot and see if all is ok, yes it is all fine and the partition has now 2662400 K.
Now it is time to resize the next partition, /dev/sda3, to take the space left by /dev/sda2, another surgical procedure is required.
Enter the rescue mode again, umount the partitions that are going to be resized and lets delete /dev/sda4 to begin at the end of /dev/sda2, this is done with "fdisk".
From the resize2fs man page:
If you wish to shrink an ext2 partition, first use resize2fs to shrink the size of filesystem. Then you may use fdisk(8) to shrink the size of the partition. When shrinking the size of the partition, make sure you do not make it smaller than the new size of the ext2 filesystem!
My partition distribution looks like this now:
start end
/dev/sda1 1 13
/dev/sda2 14 345
/dev/sda3 1012 1043
/dev/sda4 744 1011
Start - End
1 - 32,3 kb - 107 MB
2 - 107 MB - 2838 MB
4 - 6111 MB - 8316 MB
3 - 8316 MB - 8579 MB
The beginning of /dev/sda4 should be 346, so i used parted to move the partition. Be careful, it is not possible to delete the partition and recreate it with fdisk (well, it is possible but it would corrupt the partition because the partition table would be in the middle of the disk).
#parted
(parted) move
Start? 3000MB
End? 5204MB
Something curious happened here, i had to specify "MB" at the end of the numbers, else it gave me an error about "Can't have overlapping partitions"
To resize an ext3 partition comes handy LVM, but i will explain how i did it without. I did this in a Fedora 6, booting with a Fedora 7 or Knoppix disk and entering into rescue mode, sorry but i can not take any resposibility if something goes wrong while following this procedures>
After getting the prompt in Fedora 7 or any other distro in rescue mode, unmount all the partitions of the filesystem you want to resize, in my case it is the disk /dev/sda, but it could be /dev/hda
Fedora 7 rescue disk has parted installed and i get , so we are going to use it.
#umount /dev/{sda1,sda2,sda3}
Check the Filesystem to resize, i am going to shrink sda2 first
#e2fsck -f /dev/sda2
Resizing the partition:
#resize2fs -p /dev/sda2 2600M
The size parameter may be suffixed by one of the following the units designators: 's', 'K', 'M', or 'G', for 512 byte sectors, kilobytes, megabytes, or gigabytes, respectively. The -p argument is to display a nice status bar.
The message on screen is:
Resizing the filesystem on /dev/sda2 to 665600 (4k) blocks
So i do the calculation of how many bytes this is to use it later in fdisk:
665600 blocks * 4k = 2662400 Bytes.
My partition had 4 G before, now, after resizing, the partition will still have 4G, but "resize2fs" has prepared for a technical surgical procedure ;-) we are going to delete the partition and recreate it
I entered fdisk and deleted the /dev/sda2 partition, then i recreated it with the same starting cylinder and +2662400K as size (this is imperative and may loose all your information if you do not do this right, again, i take no responsability, the results may depend on filesystems). Then i wrote the partition with "w" and went back to the shell.
Now i execute again:
#resize2fs -p /dev/sda2 2600M
And this command to recreate some information of the partition table.
#e2fsck -f /dev/sda2
Time to reboot and see if all is ok, yes it is all fine and the partition has now 2662400 K.
Now it is time to resize the next partition, /dev/sda3, to take the space left by /dev/sda2, another surgical procedure is required.
Enter the rescue mode again, umount the partitions that are going to be resized and lets delete /dev/sda4 to begin at the end of /dev/sda2, this is done with "fdisk".
From the resize2fs man page:
If you wish to shrink an ext2 partition, first use resize2fs to shrink the size of filesystem. Then you may use fdisk(8) to shrink the size of the partition. When shrinking the size of the partition, make sure you do not make it smaller than the new size of the ext2 filesystem!
My partition distribution looks like this now:
start end
/dev/sda1 1 13
/dev/sda2 14 345
/dev/sda3 1012 1043
/dev/sda4 744 1011
Start - End
1 - 32,3 kb - 107 MB
2 - 107 MB - 2838 MB
4 - 6111 MB - 8316 MB
3 - 8316 MB - 8579 MB
The beginning of /dev/sda4 should be 346, so i used parted to move the partition. Be careful, it is not possible to delete the partition and recreate it with fdisk (well, it is possible but it would corrupt the partition because the partition table would be in the middle of the disk).
#parted
(parted) move
Start? 3000MB
End? 5204MB
Something curious happened here, i had to specify "MB" at the end of the numbers, else it gave me an error about "Can't have overlapping partitions"
Subscribe to:
Posts (Atom)