Backup utilities in Linux

tar:

  • Backup include directory inside /usr directory
    • tar  -C /usr   -zcvf   /tmp/include.tar.gz     include   (gzip compression)
    • tar  -C /usr   -jcvf   /tmp/include.tar.bz2   include    (bzip2 compression)
    • tar  -C /usr   -Jcvf   /tmp/include.tar.xz     include    (xzip compression)
    • tar  -zPcvf   /tmp/include.tgz   /usr/include      (Don’t strip leading `/’s)
  • List contents of compressed file:
    • tar  -tvf   /tmp/include.tar.gz
  • Extract  the compressed file:
    • tar  -C   /usr   -xvf   /tmp/include.tgz
    • tar -zxvf  /tmp/include.tgz
    • tar -jxvf  /tmp/include.tar.bz2
    • tar -Jxvf  /tmp/include.tar.xz

cpio:

  • Backup include directory inside /usr directory
    • find /usr/include | cpio -oc  >  /tmp/include.cpio
    • find /usr/include | cpio -oc | gzip -c  >  /tmp/include.cpio.gz
  • List files:
    • cpio -ivt   <   /tmp/include.cpio
  • Extract files:
    • cpio -ivd   <   /tmp/include.cpio

dd:

  • Backup 10 MB file filled with zero:
    • dd if=/dev/zero of=file bs=1M count=10
  • Backup an entire hard drive
    • dd if=/dev/sda of=/dev/sdb
    • dd if=/dev/sda of=sdadisk.img
  • Backup a partition:
    • dd if=/dev/sda1 of=sda1.img
  • Backup Master Boot Loader (MBR):
    • dd if=/dev/sda of=/root/mbr bs=446 count=1   (Backup)
    • dd if=/root/mbr of=/dev/sda bs=446 count=1   (Restore)

rsync:

  • Create a sync of a directory:
    • rsync -av   /opt/proj   /home/proj
Advertisements
Posted in LFCS, Linux

Setup and manage RAID devices

The use of RAID (Redundant Array of Independent Disks) spreads I/O over multiple physical disks. It’s purpose is to enhance data integrity and recover-ability in case of failure. Three essential features of RAID:
a) mirroring: writing the same data to more than one disks
b) stripping: splitting of data to more than one disks
c) parity: extra data is stored to allow problem detection and repair

There are number of RAID specifications of increasing complexity and use:
RAID 0: uses only stripping. Data is spread across multiple disks. However, there’s no redundancy and there’s no stability or recovery capabilities.
RAID 1: uses only mirroring, each disk has a duplicate. At least two disk are required.
RAID 5: uses a rotating parity stripe, a single drive failure cause no data loss. At least 3 disks are required.
RAID 6: has stripped disks with dual parity. It can handle loss of two disks. It requires at least four disks.
RAID 10: is a mirrored and stripped data set. It needs at least four drives.

1. First create two partitions using fdisk utility:
a) fdisk /dev/sdb
b) partprobe -s /dev/sdb; parted /dev/sdb print

2. Create RAID device:
raid1: mdadm –create /dev/md0 –level=1  –raid-devices=2  /dev/sdb1   /dev/sdb2  –verbose
raid5:
mdadm-create /dev/md0   –verbose
–level=5  –raid-devices=3   /dev/sdb1   /dev/sdb2   /dev/sdb3   –spare-devices=1  /dev/sdb4
raid6:
mdadm  -C /dev/md0  -v
-l 6   -n 4    /dev/sdb1   /dev/sdb2   /dev/sdb3   /dev/sdb4  -x 1   /dev/sdb5

3. Format the RAID device:
mkfs.ext4   /dev/md0

4. Mount the RAID device:
a) mkdir /mnt/raid
b)
echo /dev/md0  /mnt/raid  ext4  defaults  0  0″  >>  /etc/fstab
c)
mount -a; df -hT

5. Capture the RAID device details to ensure persistence:
    mdadm –detail –scan >> /etc/mdadm.conf

6. Verify the RAID device status:
a) cat /proc/mdstat
b) mdadm –detail  /dev/md0
c) systemctl enable mdmonitor; systemctl start mdmonitor   

RAID disk failure:
a) mdadm /dev/md0  –fail /dev/sdb2
b) mdadm /dev/md0 –remove /dev/sdb2
c) mdadm /dev/md0 –add /dev/sdb6
d) mdadm  –detail   /dev/md0

Remove RAID device:
a) mdadm –stop /dev/md0
b) rm -rf /etc/mdadm.conf
c) Remove RAID partitions using fdisk or parted

Start RAID device:
mdadm –assemble –scan

Posted in LFCS, Linux

Setup and Manage LVM in Linux

LVM (Logical Volume Management) permits having one logical filesystem span multiple physical volumes and partitions while appearing as a simple partition for normal usage. Disk partitions are converted into physical volumes and multiple physical volumes are grouped into a volume group. Then the volume group is subdivided into logical volumes.

1. Create two logical partitions inside an extended partition and set their type to 8e using fdisk utility:
a) fdisk /dev/sdb
b) Inside fdisk utility, type ‘t‘ to set partition type to 8e (Linux LVM)
c) partprobe -s /dev/sdb; parted /dev/sdb print 

2. Create two Physical Volumes from the partitions:
a) pvcreate    /dev/sdb5    /dev/sdb6
b) pvdisplay; pvs

3. Create a Volume Group:
a) vgcreate vg1   /dev/sdb5   /dev/sdb6
b) vgdisplay; vgs

4. Allocate a Logical Volume from the volume group:
a) lvcreate   –name lv1  –size  300M  vg1
b) lvdisplay; lvs

5. Format the Logical Volume:
a) mkfs.ext4   /dev/vg1/lv1

6. Mount the Logical Volume:
a) mkdir /mnt/lv1; chmod a+rw /mnt/lv1
b) echo/dev/vg1/lv1  /mnt/lv1  ext4   defaults  0  0″ >> /etc/fstab
c) mount -a; df -hT

Extend or increase a logical volume relative size by 100MB:

  • lvextend –resizefs  –size +100M   /dev/vg1/lv1
  • OR, alternatively you may run the following commands:
    • lvextend -L +100M /dev/vg1/lv1
    • resize2fs /dev/vg1/lv1

Reduce or shrink the logical volume size to absolute 200MB:

  • lvredue   –resize   –size   200M   /dev/vg/lv1
  • OR, alternatively you may run the following commands:
    • umount   /mnt/lv1
    • fsck -f   /dev/vg1/lv1
    • resize2fs   /dev/vg1/lv1   200M
    • lvreduce   -L   200M   /dev/vg/lv1
    • mount   /dev/vg1/lv1

Extend and activate Physical Volume group:

  • vgextend vg1 /dev/sdb7
  • vgchange –activate y vg1

Remove Physical Volumes, Volume Group and Logical Volum:

a) umount   /dev/vg1/lv1
b) lvremove   /dev/vg1/lv1
c)
vgremove   /dev/vg1
d)
pvremove   /dev/sdb5   /dev/sdb6

Create LVM snapshot:
When resizing volumes it is useful to create a snapshot of logical volumes to ensure that data is not lost. To do so there must be enough room on the volume group first.

a) lvcreate  –snapshot –size 100M  –name lv1snap  /dev/vg1/lv1
b) mkdir /mnt/lv1snap; mount   /dev/vg1/lv1snap   /mnt/lv1snap 

 

Posted in LFCS, Linux

Setup a encrypted swap partition in Linux

1. Create a partition using the following utilities:
a) fdisk /dev/sdb or parted /dev/sdb
b) partprobe -s /dev/sdb

2. Initializes a LUKS partition and sets the initial passphrase:
a) cryptsetup luksFormat   /dev/sdb1    –force-password –verbose
b) Type  YES and enter password as pass1234

3. Opens the LUKS device and sets up a mapping:
a) cryptsetup luksOpen    /dev/sdb1     sdb1    –verbose
b) ls -l /dev/mapper/

4. Setup a linux swap area on the device and enable the device:
    a) mkswap /dev/mapper/sdb1
    b) swapon /dev/mapper/sdb1

6. Enter the following line in /etc/fstab:
echo/dev/mapper/sdb1   none    swap    defaults   0 0″    >>    /etc/fstab

7. Enter the following line in /etc/crypttab:
echo “sdb1     /dev/sdb1     /dev/urandom     swap”   >>    /etc/crypttab

8. Reboot the system and verify the swap space using the following utilities:
    cat /proc/swaps; free -mh

P.S. If you want to use a loopback file, then create it as:
dd if=/dev/urandom of=/root/file bs=1M count=1024
And replace /dev/sdb1 with /root/file in the above steps.

Posted in LFCS, Linux

Encrypt a partition in Linux

1. Create a partition using the following utilities:
a) fdisk /dev/sdb or parted /dev/sdb
b) partprobe -s /dev/sdb

2. Initializes a LUKS partition and sets the initial passphrase:
a) cryptsetup luksFormat /dev/sdb1 –force-password –verbose
b) Type  YES and enter password as pass1234

3. Opens the LUKS device /dev/sdb1 and sets up a mapping:
a) cryptsetup luksOpen /dev/sdb1 sdb1 –verbose
b) ls -l /dev/mapper/

4. Format the encrypted partition using the following:
mkfs.ext4
/dev/mapper/sdb1

5. Create a mount directory and mount it in /etc/fstab:
a) mkdir /secdir; chmod a+rw /secdir
b) echo “/dev/mapper/sdb1    /secdir    ext4    defaults  1  2″   >>   /etc/fstab
c) mount -a; df -hT

6. Enter the following line in /etc/crypttab:
echo “sdb1    /dev/sdb1″   >   /etc/crypttab

7. (Optional) Setup a keyfile for the encrypted partition:
a) dd if=/dev/urandom of=/root/seckey bs=512 count=4
b) cryptsetup luksAddKey /dev/sdb1 /root/seckey
c) echo “sdb1   /dev/sdb1    /root/seckey    luks”   >    /etc/crypttab
P.S: Above steps will remove password at the boot for an encrypted partition.

Encrypt a loopback device:

Create a 1GB looback file and setup it with the loopback device using the following commands, and then replace /dev/sdb1 in above commands with the loopback device. e.g. /dev/sdb1 -> /dev/loop0
dd if=/dev/zero of=$HOME/file bs=1M count=1024
losetup -f file

Remove the encrypted partition:

a) umount /secdir
b) Remove entry from /etc/fstab and /etc/crypttab
c) cryptsetup luksClose /dev/mapper/sdb1
d) Delete the partition /dev/sdb1 using fdisk or parted utilities.
If using the loopback device then detached it using losetup -d /dev/loop0 and remove the file ~/file.

Posted in LFCS, Linux

Configure user and group quotas in Linux

1. Create two partitions:
a) fdisk /dev/sdb
b) partprobe -s /dev/sdb
c) mkfs.ext4   /dev/sdb1; mkfs.ext4   /dev/sdb2

2. Enable user and group quotas in /etc/fstab
   a) /dev/sdb1       /mnt/sdb1    ext4    defaults,usrquota  0  0
b) /dev/sdb2       /mnt/sdb2    ext4    defaults,grpquota  0  0
c) mount -a

3. Scan file-system for disk usage and create aquota.user and aquota.group:
    quotacheck  -acugv      (auotacheck -uv /mnt/sdb1; quotacheck -gv /mnt/sdb2)

4. Turn on file-system quota:
   a) quotaon   -uv   /mnt/sdb1
   b) quotaon   -gv   /mnt/sdb2

5. Grant permission for the users and group on mount directories:
a) setfacl -m u:user:rwx /mnt/sdb1      (chmod a+rwx /mnt/sdb1)
b) setfacl -m g:grp:rwx   /mnt/sdb2      (chmod a+rwx /mnt/sdb1)

6. Edit/set user and group quotas:
   a) edquota -u user
   b) edquota -g grp

7.  Report user, group and file-systems quotas:
   a) quota user
   b) quota grp
   c) repquota -v /dev/sdb1 

Turn-off quotas:

  1. quotaoff -v /dev/sdb1; quotaoff -v /dev/sdb2 
  2. umount /dev/sdb*
  3. Remove mount points in /etc/fstab
Posted in LFCS, Linux | Tagged

Linux networking basic

ip:   ( ip [options] Object-> addr|link|route {command | help} )

  • ip addr show [eth0]
  • ip addr add|del 192.168.1.3  dev eth0
  • ip link show [eth0]
  • ip link set eth0 down|up    (Stop & Start network device)
  • ip route show; route -nnetstat -r
  • ip route add|del 10.10.10.0/24  via  192.168.1.1  [dev eth1]

P.S. 10.10.10.0/24 should be external network address, wheres 192.168.1.1 need to be the  address that must be accessible by the host.

ifconfig:

  • ifconfig             (Shows all the network interfaces)
  • ifconfig   eth0
  • ifconfig   eth0   down|up  (Stop & Start network device)
  • ifconfig   eth0   192.168.1.3   (Set ip address)
  • ifconfig   eth0   netmask   255.255.255.0
  • ifconfig   eth0   mtu   1480

Network Manager:

  • systemctl enable|disable|status|restart|start|stop| NetworkManager
  • nmtui                        (Network Manager text user interface)
  • nmcli                         (Network Manager command line interface)
  • nmcli device show|status eth0
  • nmcli connection    (Shows all network connection/interfaces)
  • nmcli con   show|up|down|reload    eth0
  • nmcli con   add|del   eth0
  • nmcli con   modify   eth0    +|-ipv4.address   192.168.1.3/24
  • nmcli con   modify   eth0    +|-ipv4.routes    “10.10.10.0/24   192.168.1.1

Miscellaneous:

  • service network status|stop|start
  • systemctl status|restart network
  • hostnamectl set-hostname newhost1.mydomain (–transient|–static|–pretty)
  • hostname | hostnamectl status
  • ping google.com
  • netstat -tulpan
  • route
    • route -n; netstat -r; ip route
    • route add|del  default gw 192.168.1.1
    • route add|del  -net 10.10.10.0 netmask 255.255.255.0 gw 192.168.1.1
  • traceroute google.com
  • dig | host | nslookup ] google.com
  • mtr google.com

Static host resolution -> /etc/hosts 

  • 192.168.1.3  host   host.domain

Static DNS resolution -> /etc/resolv.conf

  • search localdomain
  • nameserver 192.168.1.1
  • nameserver 8.8.8.8
  • systemctl restart network

Assign static IP
(1) Add the following lines into /etc/sysconfig/network-scripts/ifcfg-eth0 

  • NAME=eth0                          (Optional)
  • DEVICE=eth0
  • BOOTPROTO=static
  • ONBOOT=yes
  • IPADDR=192.168.1.3
  • NETMASK=255.255.255.0
  • GATEWAY=192.168.1.1

(2) Add the following line into /etc/resolv.conf:

  • nameserver 192.168.1.1

( 3) Restart the network interface:

  • systemctl restart network

P.S. If you are using Network Manager then you may run the following commands to add static IP:
(1)  nmcli con add con-name eth0 ifname eth0 type ethernet ip4 192.168.1.3/24 gw4 192.168.1.1
(2) nmcli con show; cat /etc/sysconfig/network-scripts/ifcfg-eth0

 Assign static routes -> /etc/sysconfig/network-scripts/route-eth0

  • 10.10.10.0/24 via 192.168.1.1  [dev eth0]
  • default via 192.168.1.1  dev  eth0
  • systemctl restart network

P.S. If you are using Network Manager then you may run the following commands to add static IPs and route:
-> nmcli con modify  eth0  ipv4.routes  “10.10.10.0/24  192.168.1.1
-> nmcli con up eth0

Firewalld:

  • systemctl status|start|stop|enable|disable firewalld
  • firewall-cmd –state
  • firewall-cmd –reload
  • firewall-cmd –list-all|–list-services |–list-ports
  • firewall-cmd  –get-zones|–get-services|–get-default-zone|–get-active-zone
  • firewall-cmd   [–permanent–set-default-zone=trusted
  • firewall-cmd [–permanent–add-service|–remove-service=pop3  [–zone=home]
  • firewall-cmd [–permanent] –add-port|–remove-port=21/tcp
  • Config-> /etc/firewalld/firewalld.conf
  • Enable following if using multiple network interfaces:
    • echonet.ipv4.ip_forward=1” >> /etc/sysctl.conf
    • sysctl -p

Network Monitoring Utilities:

  • netstat (netstat): Detailed network statistics
  • iptraf (iptraf): Gather information on network interfaces
  • tcpdump (tcpdump): Detailed analysis of network packets and traffic
  • wireshark (wireshark): Detailed network traffic analysis

 

Posted in LFCS, Linux | Tagged ,