Just for my memo ...
I got Sagem 376X GE to my home for ADSL, but I'm still on old one (need to upgrade my line, but ...)
I think it is possible to get public IP from that box using my python code (maybe will share it in future as proof of concept).
Small listing after telnet:
HomeGateway> system ver
Version: 4.9.4.TPSA_v8058
Platform: Sagem 376X GE
Compilation Time: 10-Aug-11 09:31:28
Tag: NRD_?bldorg?rg_liveboxPro-V3_0-0-1
Compilation Flags: SOUCHE_DEVICE_DISCOVERY=y CONFIG_TELEFONICA=y CONFIG_VDSL=y CONFIG_ROUTING_WITH_DSPRULES=y CONFIG_37xx_STANDARD=y CONFIG_RGCONF_MIGRATION=y CONFIG_SOUCHE_RECONF=y CONFIG_RG_DB_SEMAPHORE=y CONFIG_SAGEM_DB_ACCESS=y CONFIG_DEFAULT_RGCONF_TELNET=y CONFIG_RG_TELNETS=y CONFIG_SAGEM_IPPRINT=y CONFIG_USB_PRINTER=y CONFIG_HFS_FS=y CONFIG_HFSPLUS_FS=y CONFIG_SAGEM_WIFI_MODE_11N=y CONFIG_LIVEBOX_VOIP=y CONFIG_LOG_ENTITIES=0 CONFIG_KALLSYMS=y CONFIG_RG_GDBSERVER=y CONFIG_LIVEBOX_TV=y CONFIG_SOUCHE_USE_EXTERNAL_OPENSSL=y DIST=SAGEM_376X CONFIG_TPSA=y CONFIG_INTERNAL_FIRMWARE_VERSION=1.1.0.5 CONFIG_FIRMWARE_VERSION=TPSA_v8058 LIC=../../../license/jpkg_ikanos_vx.lic
HomeGateway> net route
(show route table, then get device ppp0 or ppp1 where is default route)
HomeGateway> net ifconfig ppp0
Device ppp0 (0x2b264200) -
type=29(PPPoE) state=down
changed=0 is_sync=0 has_ip=1 metric=1 MTU=1492
depend_on_list=eth2.35(0x2b262e40)
next=ppp1(0x2b2643a0)
ip=0.0.0.0, netmask=0.0.0.0
Returned 0
HomeGateway> net ifconfig ppp1
sobota, 28 grudnia 2013
piątek, 29 listopada 2013
poniedziałek, 25 listopada 2013
Porady dla modeli RC w skali 1/12 czyli pancarów klasy najszybszej :)
1/12 Dylematy itp.
ver 666.001.abram
autor: Michał Abramowicz (m.abramowicz@abram.pl)
data: 25/11/2013
1) Regulator starszej generacji (sprzed epoki 1S)
LRP, GM, hobby wing, speed passion, wszystko to co ma 2S można zmusić do współpracy
z 1S lipo w 1/12 ;)
Regle starszej generacji niemające podbicia napięcia z 1S lipo wymagają boostera lub
oddzielnego zasilania, cała sztuka polega na tym, aby pobrać 3.7V z akumulatora,
zamienić na około 6V i dać w wolne gniazdo w odbiorniku (np 3)
Przewód z regulatora jak miał 3 kable tak ma je mieć! Większe 'napięcie' 'popłynie'
od odbiornika do regulatora i dzięki temu będzie on działać poprawnie na 1S lipo.
1.1) booster...
booster = novak smart, mam polecam jest super.
http://www.teamnovak.com/products/smart_boost/
booster z hk:
http://www.hobbyking.com/hobbyking/store/__7884__voltage_booster_for_bec.html
mam ale nie polecam, działa, ale daje 5.1V ...
1.2) albo life 2S 6.6V
Dodatkowy pakiet, około 200-300mAh wpięty bezpośrednio do odbiornika np w kanał 3
(tylko + i -), żadnych modyfikacji w kablu od regulatora silnika!
Moim zdaniem booster czy life nie należy wpinać w gniazdo BEC w odbiorniku,
po co ma układ jeszcze się zastanawiać co zrobic ;) A tak idzie bezpośrednio
na szynę -/+.
Wadą rozwiązania jest to, że trzeba ładować 2 pakiety ... zapomnisz i jednym i problem ...
Zaletą jest 6.6V na odbiorniku = SUPER SZYBKIE SERWO! Cały czas! 8 minut!
2) Regulatory 1S (czyli takie z wbudowanym boosterem).
- LRP (szukać czy ma 1S),
- team orion,
- hobby wing 2.1 120A 1S (taki bez radiatora na stałe, można założyć, bardzo dobre
rozwiązanie),
- hobby wing 3.1 1S (nowszy produkt HW),
- team yokomo (patrz fortasport.pl),
- każdy inny który ma oprogramowanie z dynamicznym timingiem i 1S będzie dobry!
3) Serwo skrętu:
- futaba cyfrowa S9650 (tanie i dobre!, trochę duże, ale ciągle jest to małe serwo),
plastykowe zębatki! mam i polecam na początek,
- futaba analogowa (rozmiar S9650) czyli S9602 (metalowe zębatki) może być ale ja bym nie kupił,
- sanwa SRG-HR 1/12, najmniejsze serwo, bardzo szybkie, wymaga specjalnego trybu w radiu SANWA,
mam i zdecydowanie polecam!!!, http://fortasport.pl/pl/p/SANWA-SRG-HR-112/3771
- każde inne rozmiaru futaby S9650, ko-propo itp wynalazki ... ale świat jeździ na sanwie z radiem sanwy :)
4) Lipole 1S
Co kto lubi, producent ma znaczenie ale należy się kierować też i ceną na początku.
- nvision (1s 6400) mam i polecam, w tej cenie ciężko coś ...,
- team orion,
- lrp,
- nosram,
- dual sky (patrz fortasport.pl, dobra cena do jakości).
5) Ładowarka do 1S.
Tutaj nie ma kompromisów. Ładujemy do limitu 4.20 na 1 celę (co w przypadku dla 2S lipo
daje max na -/+ 8.44V (więc my możemy tak do 4.22V max).
Co ładowarka to problem...
Ja mam GM ultra duo 50 i tylko jej powierzam swoje pakiety ...
Lepiej mieć tanią ładowarkę turnigy która NIEdoładuje pakietu niż taką która PRZEŁADUJE (spuchnie i
zdechnie taki pakiet).
Ja używam 2 pakiety na zawody, co bieg zmieniam. Jest to trochę uciążliwe ale dłużej pożyją,
może będą użyte w sezonie letnim w GT10/F1.
Ładowarka powinna mieć 10A jako minimum, 20A chciałbym mieć ale nie będe zmieniać GM'a tylko
dla zachcianki. Mając 2 pakiety można się spokojnie ogarnąć na zawodach.
6) Nadajnik
Co kto lubi, futaba 3pks/4pks lub sanwy m11x czy mt-4, m12.
Ja miałem futaby 3PM 2.4ghz, 3pk, 3pks z fast 2.4, mt-4 i wolę m12, leży najlepiej w ręku.
Zaletą M12 jest fabrycznie mały odbiornik w cenie około 260 zł ;) A futaba nowa wiadomo ile kosztuje ;)
7) Silniki
Co do silników są różne teorie. Moim zdaniem najlepsze są takie które nie sprawiają problemów ;)
Twardy rotor to domena LRP/Nosram (palcami nie obrócisz).
Średnio twarde to team orion, GM, speed passion (ja przesiadam się na 4.5T i 5.5T, cena jest około
100 zł na ebay.com za SP więc nie ma co marudzić ;) )
Sztuka polega na tym, aby silnik wytrzymał 8 minut szybkiej jazdy, nie zagotował regulatora i wystarczyła
bateria ;-)
Twarde silniki wymagają zmiany wirnika z np 12.5mm na 12.00 albo 11.50 mm.
Problem jest taki, że puszczasz gaz do neutrum, a efekt jest jakby ręczny na tylnej osi zadziałał.
Tutaj dobór silnika zależy od umiejętności, wielkości toru, przyczepności (takie 3 główne
parametry).
Ja na początek bym polecił silnik 5.5T speed passion albo GM pro 5.5T gray.
LRP/Nosram bym nie polecał, twarde, cieżko się tym jeździ jak dla mnie, gorące, łakome na prąd...
8) Przełożenia
Przełożenie, właściwie droga zależy od średnicy tylniego koła i jaki motor jest założony oraz
jakie są ustawienia regulatora (dużo turbo, mało turbo), timing na silniku, buda, przyczepność ...
Ja do 5.5T daję 90T/23-24-25-26T, koło 44mm srednica to max na początek, następnie toczymy w dół.
Wszystko zależy od tego, jak się jedzi.
Ostatnio zmieniłem silnik GM 5.5T na GM 8.0T delta, przełożenie zostawiłem 90/25 i też było dobrze,
nie mogłem jechać szybciej po łukach ponieważ przód był podsterowny, ale i tak się jezdziło lepiej,
ciut szybciej na prostej ;) niż na 5.5T (GM 8.0T to coś około 4.5T na + w GM).
9) Koła
- RB lub markus mober mobgums,
- JACO (cena dumpingowa w proximie u Jacka, nie zawsze wszystko ma),
- BSR (drogie, chyba zbyt plastykowe felgi),
- matrix (węglowe felgi łatwo pękają, ofstet jak w RB/mobgums, ta sama fabryka ;) chyba),
- xceed (takie szare felgi, pianka spoko, ale fele pękają),
- team shepherd (ci od veloxa), pianka średnia, poziom hobby (info z drugiej ręki).
Posłużę się twardościami JACO/mobers-rb.
- tył pink jak jest słaby grip, przód magenta (będzie podsterowny ale pojedzie się lepiej),
- tył magenta jak grip wzrośnie, przód magenta (będzie szybszy ponieważ tył będzie mniej trzymał,
mniejsze opory toczenia),
- tył magenta, przód pink na duży grip nie zdążyłem w Kobierzycach sprawdzić, ostatni finał B
pojechałem zachowawczo, aby wygrać ;) ;) ;) sztuka polega na tym, że tył dobrze trzyma,
ale przód za bardzo wychodzi, wtedy na przedzie miększe koła, żeby model lepiej skręcał, może
i pewnie będzie tak, że za łatwo będzie skrecać, jakby był nadsterowny, ale w łukach powinien
pozwolić utrzymać większą prędkość (bardziej ciaśniej) niż jakby dać przód twarde pianki (magenta) ...
Ogólnie jeden rodzaj kół, wtedy z ofsetami nie kombinujesz co zmianę, szkoda czasu na pierdoły ;)
9.1) Koła i zaokrąglenia
- tylnie na tokarce ładnie brzegi zaokrąglić papierem ściernym, pytać na zawodach, pomogę,
- przednie tak samo jak tylnie.
Jak promień zaokrąglenia na przedzie jest ZA mały to model jeździ 'kwadratowo', kantuje.
Jak wzrasta grip do ekstremum, to przednie koła oraz tylnie (zewnętrze krawędzie) przypłaścić jak
taki znaczek \, wtedy model nie będzie rolek robić.
9.2) Przednie koła i CA.
- czasem należy przednie koła ranty posmarować klejem CA, ale takie musnięcia, bo wsiąka w piankę, można
też takie koło przednie szlifnąć papierem na tokarce.
9.3) Sprawdzać i zmieniać sety
- sprawdzać czy się nie odklejają pianki od felg!!!, podkleić klejem CA, ale uważąć na palce i wycieki
i wsiąknięcia, ja używam średniego kleju w minimalnej dawce!,
- zmienianie setów jest po to, że jadąc ciągle na jednym, to ten set jest PRZESĄCZONY
płynem i robi się taki flak/kapeć ;)
- można koła przekładać L/R tak, żeby równo zchodziły.
10) Płyn
Tylko markus mobers! Piotrek B. kiedyś sprzedawał, o taki:
http://team-shepherd.nl/shop/index.php?route=product/product&path=69_85&product_id=1430
Można CS high grip, ale od kiedy mam speedtecha ;) po co gorszy jak ma się najlepszy?
11) Smarowanie
- tył całe, 20-30 minut, ogólnie 30 minut, brzegi zewnętrzne wytrzeć 5 minut przed końcem
smarowania, mniej nasiąkną więc będą się mniej wyrywać,
- przód zależy jak leży, standardowo 1/12 od środka mna 5-8 minut, jak długo posmarowane taka
będzie przyczepność z przodu (dłużej = więcej, krócej = mniej-aż zgubi przed końcem czasu 8 min biegu).
11.1) Wycieranie kół przed biegiem.
Ja staram się tak wytrzeć koła, żeby mieć te 2-3 minuty suchawe przed biegiem.
Ręcznik papierowy, złożyć na pół i na pół, następnie takim pasem papierowym owinąć
koło i wymasować. Papier zabierze nadmiar płynu i będzie model gotowy od 1 okrążenia do wyścigu!
12) Wymiary, szerokość modelu.
Tył trzymać symetrycznie, max 172mm.
Przód 168-169mm jest OK, im szerzej, tym bardziej nie chce skrecać, ale dasz za wąsko czyli 165 co jest
prawie std w asso 12R5* to będzie za agresywny! Czyli lipa i nie jedzie ;)
13) Karoserie
- amr-12 (zawsze jest dobra!),
- Blackart 005 jak ktoś lubi przyklejony model do toru ... mi jakoś jak grip poszedł do góry,
przestał model jechać, zmieniłem na amr-12 i było łatwiej i szybciej ...
14) Podstawowe tajniki setupu.
- przednie kingpiny smarować olejem od dyfra, tak 80-100k, czyli zamiast braku
tłumienia robimy taki cierny amorek, sprawdzać przed każdym biegiem,
- amorek centralny powiniem mieć taką długość, aby tylni wózek miał około 0.5mm-1mm max opadu względem
płyty centralnej, większy opad = tor wyboisty, śliski, asfalt, ale te 0.5mm jest powiedzmy niezbędne,
- spreżyna centralna powinna być tak napięta, aby nie było 'flaka', napinamy tak, że widać te
złamanie między centralną częścią, a tyłem jak model stoi na kołach (coś jak scyzoryk), można wtedy
odpuścić 1 obrót i sprawdzic, czy jest 'scyzoryk' czy jest na 'płasko', a może się złamał,
tak, że w zawiasie jest niżej, wtedy dodać napięcia, akurat to mi ciężko wytłumaczyć,
ale lepiej jest mieć mocniej napiętą sprężynę niż 'flaka'!
- sprężnki boczne służą do 'tweak', jak model jest wyważony L/R (-/+ 5g na stronę) to one
'prawie dotykają', tutaj wstawię filmiki z jutuba od Roberta Krens'a,
- olej w amorku centralnym std setup, czyli 20-30wt, ja daję 25wt do amorka do HB cyclone 12,
- olej w amorku poprzecznym też std setup, chyba, że są tube dumpery, wtedy oleje od dyfra 10-20-30-50k,
- prześwit tył ~3.5mm,
- prześwit centralnej części, tam gdzie zaczyna się wózek też 3.5mm-4mm (efekt 'scyzoryk'),
- prześwit przód 3.2m-3.5mm,
- dać na początek pręt antykapotażowy (wysokość max od podłoża 350mm), będzie wtedy wańka wstańka
wrazie rolki albo innej sytuacji kryzysowej,
- kingpiny polerować! chyba, że ma się nowe yokomo, tam nie trzeba ;) musi to chodzić płynnie,
bez zacierek itp...
- pilnowąć luzów, muszą być w drążkach kierowniczych ale bez przesady (i znów yokomo daje kulki i snapy
które są perfect...),
- tylni wózek na linkach bez amorków musi latać lewo/prawo przód/tył bez zacięć/łamania,
- amorek poprzeczny lub tube dumpery (nowe asso, crc, xray nowy) snapy też z luzami, ale bez przesady,
- amorek centralny też jakiś luz na kulkach ale bez przesady,
- zbieżność 0mm, lub 0.5deg na zewnątrz,
- pochylenie przednich kół -1deg (czasem jest to -1.5, -2 max!) wszystko zależy od tego,
jak koła przednie zjada, duży stożek do środka, za duże pochylenie, stożek na zewnątrz, za małe pochylenie
oraz za długi górny wahacz ;)
15) Łożyska
- przednie wytrzymują dość dużo, ale należy je pilnowąć, ja używam olejonych najtańszych z HK, i tak po 2
imprezach są do wywalenia (chyba, że czysty tor!),
- tylnie lecą najszybciej, co bieg kontrola, wymieniać jak niepewne, przed finałem, zakładam 2 nowe na ośkę,
- pilnować łożyska zewnętrznego w dyfrze, ono przenosi naprężęnie (ciasność dyfra), jak masz opcję
z oporowym UŻYJ jej!
16) Dyfer
- zębatka xenona z dużą ilością kulek,
- minimum smaru (taki klejący musi być, ten co jest śliski = ZŁY!, ja używam kyosho, ale nie znam P/N,
asso dawało w zestawie dobry smar),
- można używać zębatek asso 66T/48p (grube zęby są dobre na początek, silnik czasem się
potrafi odsunąć o 0.1mm i 64p się zmieli ;) ),
- skręcić tak dyfer, żeby nie puszczał, jak tylko na torze czujesz, że buksuje, dokręć 1/16 i tak do skutku,
dlatego warto mieć klucz do dyfra w kieszeni i delikatnie model na wykładzinie sprawdzić, ewentualnie
poprawić.
17) Technika jazdy
Co kto lubi, ja się nauczyłem tak, żeby jechać płynnie, bez szarpania, gazem regulować promień skrętu,
jak ciut za szeroko, ujmij gazu, starać się nie puszczać do neutrum, wtedy przestaje jechać,
i zabawy z setupem na nic ;) (coś jak spalina 1/10, za dużo puścisz, sprzęgło zluzuje i nie jedzie ...).
18) Kable elektryczne
- miękki dość długi sensor kabel,
- kable z regla do akumulatora 12AWG/14AWG(minimum), krótkie, tak, żeby nie pomylić -/+,
- kable do silnika 16AWG (TQ RACING najlepsze, turnigy są też ok), kable w łuku,
nie mogą powodować naprężeń, jak dasz za twarde to tył się robi sztywny i nie będzie dobrze jeździć.
19) Części ogólnie potrzebne
- przednie sprężynki (pękają, klapścieją), takie jakie std setup, ewentualnie 1 lub 2gi krok twardsze,
w asso zawsze .20 (czasem .20 + jedna pokładka ekstra), .22 i .24 jak jest mega grip i robi rolki,
- e-clipsy (gubią się), takie jakie są w modelu,
- plastykowe wkładki do regulacji wysokości tylniego zawieszenia (co 0.5mm, są też co 0.25mm),
najlepsze są z miękkiego plastyku, unikać carbonowych (taki twardy plastyk),
- zwrotnice przednie,
- wahacz górny,
- wahacz dolny,
- węglowa ośka (albo cała kompletna ośka, jeden rozmiar zębatki, wtedy szybciej dyfer ogarniamy na imprezie),
- podkładki co 0.25mm stalowe/allu do regulacji przedniego prześwitu,
- podkładki calowe na oski przednie pod łożysko do regulacji szerokości,
- podkładki calowe 0.1mm/0.2mm/0.05mm do regulacji szerokości i symetri tylniej osi,
- śrubki do przykręcania kół tylnich (one normalnie uciekają!!!),
- tanie kulki 1/8 stalowe, w nowoczesnych zębatkach idzie ich aż 18! więc nie ma sensu dawać
ceramików ;) (polecam http://www.kool.com.pl tanie stalowe, nie szkoda je wymienic po 4-5 eliminacji),
- płytki do dyfra.
Poprawnie złożony model, koła zatoczone przód 42/tył 43.5-44mm, zaokrąglone brzegi, wyważony L/R musi
jechać poprawnie!
Sznurki do materiałów www:
Porady działają:
http://richardchang.com/hobby.php?topic=112setup
Chyba nie ze wszystkim się zgadzam ... ale on jest 1024x lepszy niż ja!
http://www.youtube.com/user/Roboscan1987/videos
ver 666.001.abram
autor: Michał Abramowicz (m.abramowicz@abram.pl)
data: 25/11/2013
1) Regulator starszej generacji (sprzed epoki 1S)
LRP, GM, hobby wing, speed passion, wszystko to co ma 2S można zmusić do współpracy
z 1S lipo w 1/12 ;)
Regle starszej generacji niemające podbicia napięcia z 1S lipo wymagają boostera lub
oddzielnego zasilania, cała sztuka polega na tym, aby pobrać 3.7V z akumulatora,
zamienić na około 6V i dać w wolne gniazdo w odbiorniku (np 3)
Przewód z regulatora jak miał 3 kable tak ma je mieć! Większe 'napięcie' 'popłynie'
od odbiornika do regulatora i dzięki temu będzie on działać poprawnie na 1S lipo.
1.1) booster...
booster = novak smart, mam polecam jest super.
http://www.teamnovak.com/products/smart_boost/
booster z hk:
http://www.hobbyking.com/hobbyking/store/__7884__voltage_booster_for_bec.html
mam ale nie polecam, działa, ale daje 5.1V ...
1.2) albo life 2S 6.6V
Dodatkowy pakiet, około 200-300mAh wpięty bezpośrednio do odbiornika np w kanał 3
(tylko + i -), żadnych modyfikacji w kablu od regulatora silnika!
Moim zdaniem booster czy life nie należy wpinać w gniazdo BEC w odbiorniku,
po co ma układ jeszcze się zastanawiać co zrobic ;) A tak idzie bezpośrednio
na szynę -/+.
Wadą rozwiązania jest to, że trzeba ładować 2 pakiety ... zapomnisz i jednym i problem ...
Zaletą jest 6.6V na odbiorniku = SUPER SZYBKIE SERWO! Cały czas! 8 minut!
2) Regulatory 1S (czyli takie z wbudowanym boosterem).
- LRP (szukać czy ma 1S),
- team orion,
- hobby wing 2.1 120A 1S (taki bez radiatora na stałe, można założyć, bardzo dobre
rozwiązanie),
- hobby wing 3.1 1S (nowszy produkt HW),
- team yokomo (patrz fortasport.pl),
- każdy inny który ma oprogramowanie z dynamicznym timingiem i 1S będzie dobry!
3) Serwo skrętu:
- futaba cyfrowa S9650 (tanie i dobre!, trochę duże, ale ciągle jest to małe serwo),
plastykowe zębatki! mam i polecam na początek,
- futaba analogowa (rozmiar S9650) czyli S9602 (metalowe zębatki) może być ale ja bym nie kupił,
- sanwa SRG-HR 1/12, najmniejsze serwo, bardzo szybkie, wymaga specjalnego trybu w radiu SANWA,
mam i zdecydowanie polecam!!!, http://fortasport.pl/pl/p/SANWA-SRG-HR-112/3771
- każde inne rozmiaru futaby S9650, ko-propo itp wynalazki ... ale świat jeździ na sanwie z radiem sanwy :)
4) Lipole 1S
Co kto lubi, producent ma znaczenie ale należy się kierować też i ceną na początku.
- nvision (1s 6400) mam i polecam, w tej cenie ciężko coś ...,
- team orion,
- lrp,
- nosram,
- dual sky (patrz fortasport.pl, dobra cena do jakości).
5) Ładowarka do 1S.
Tutaj nie ma kompromisów. Ładujemy do limitu 4.20 na 1 celę (co w przypadku dla 2S lipo
daje max na -/+ 8.44V (więc my możemy tak do 4.22V max).
Co ładowarka to problem...
Ja mam GM ultra duo 50 i tylko jej powierzam swoje pakiety ...
Lepiej mieć tanią ładowarkę turnigy która NIEdoładuje pakietu niż taką która PRZEŁADUJE (spuchnie i
zdechnie taki pakiet).
Ja używam 2 pakiety na zawody, co bieg zmieniam. Jest to trochę uciążliwe ale dłużej pożyją,
może będą użyte w sezonie letnim w GT10/F1.
Ładowarka powinna mieć 10A jako minimum, 20A chciałbym mieć ale nie będe zmieniać GM'a tylko
dla zachcianki. Mając 2 pakiety można się spokojnie ogarnąć na zawodach.
6) Nadajnik
Co kto lubi, futaba 3pks/4pks lub sanwy m11x czy mt-4, m12.
Ja miałem futaby 3PM 2.4ghz, 3pk, 3pks z fast 2.4, mt-4 i wolę m12, leży najlepiej w ręku.
Zaletą M12 jest fabrycznie mały odbiornik w cenie około 260 zł ;) A futaba nowa wiadomo ile kosztuje ;)
7) Silniki
Co do silników są różne teorie. Moim zdaniem najlepsze są takie które nie sprawiają problemów ;)
Twardy rotor to domena LRP/Nosram (palcami nie obrócisz).
Średnio twarde to team orion, GM, speed passion (ja przesiadam się na 4.5T i 5.5T, cena jest około
100 zł na ebay.com za SP więc nie ma co marudzić ;) )
Sztuka polega na tym, aby silnik wytrzymał 8 minut szybkiej jazdy, nie zagotował regulatora i wystarczyła
bateria ;-)
Twarde silniki wymagają zmiany wirnika z np 12.5mm na 12.00 albo 11.50 mm.
Problem jest taki, że puszczasz gaz do neutrum, a efekt jest jakby ręczny na tylnej osi zadziałał.
Tutaj dobór silnika zależy od umiejętności, wielkości toru, przyczepności (takie 3 główne
parametry).
Ja na początek bym polecił silnik 5.5T speed passion albo GM pro 5.5T gray.
LRP/Nosram bym nie polecał, twarde, cieżko się tym jeździ jak dla mnie, gorące, łakome na prąd...
8) Przełożenia
Przełożenie, właściwie droga zależy od średnicy tylniego koła i jaki motor jest założony oraz
jakie są ustawienia regulatora (dużo turbo, mało turbo), timing na silniku, buda, przyczepność ...
Ja do 5.5T daję 90T/23-24-25-26T, koło 44mm srednica to max na początek, następnie toczymy w dół.
Wszystko zależy od tego, jak się jedzi.
Ostatnio zmieniłem silnik GM 5.5T na GM 8.0T delta, przełożenie zostawiłem 90/25 i też było dobrze,
nie mogłem jechać szybciej po łukach ponieważ przód był podsterowny, ale i tak się jezdziło lepiej,
ciut szybciej na prostej ;) niż na 5.5T (GM 8.0T to coś około 4.5T na + w GM).
9) Koła
- RB lub markus mober mobgums,
- JACO (cena dumpingowa w proximie u Jacka, nie zawsze wszystko ma),
- BSR (drogie, chyba zbyt plastykowe felgi),
- matrix (węglowe felgi łatwo pękają, ofstet jak w RB/mobgums, ta sama fabryka ;) chyba),
- xceed (takie szare felgi, pianka spoko, ale fele pękają),
- team shepherd (ci od veloxa), pianka średnia, poziom hobby (info z drugiej ręki).
Posłużę się twardościami JACO/mobers-rb.
- tył pink jak jest słaby grip, przód magenta (będzie podsterowny ale pojedzie się lepiej),
- tył magenta jak grip wzrośnie, przód magenta (będzie szybszy ponieważ tył będzie mniej trzymał,
mniejsze opory toczenia),
- tył magenta, przód pink na duży grip nie zdążyłem w Kobierzycach sprawdzić, ostatni finał B
pojechałem zachowawczo, aby wygrać ;) ;) ;) sztuka polega na tym, że tył dobrze trzyma,
ale przód za bardzo wychodzi, wtedy na przedzie miększe koła, żeby model lepiej skręcał, może
i pewnie będzie tak, że za łatwo będzie skrecać, jakby był nadsterowny, ale w łukach powinien
pozwolić utrzymać większą prędkość (bardziej ciaśniej) niż jakby dać przód twarde pianki (magenta) ...
Ogólnie jeden rodzaj kół, wtedy z ofsetami nie kombinujesz co zmianę, szkoda czasu na pierdoły ;)
9.1) Koła i zaokrąglenia
- tylnie na tokarce ładnie brzegi zaokrąglić papierem ściernym, pytać na zawodach, pomogę,
- przednie tak samo jak tylnie.
Jak promień zaokrąglenia na przedzie jest ZA mały to model jeździ 'kwadratowo', kantuje.
Jak wzrasta grip do ekstremum, to przednie koła oraz tylnie (zewnętrze krawędzie) przypłaścić jak
taki znaczek \, wtedy model nie będzie rolek robić.
9.2) Przednie koła i CA.
- czasem należy przednie koła ranty posmarować klejem CA, ale takie musnięcia, bo wsiąka w piankę, można
też takie koło przednie szlifnąć papierem na tokarce.
9.3) Sprawdzać i zmieniać sety
- sprawdzać czy się nie odklejają pianki od felg!!!, podkleić klejem CA, ale uważąć na palce i wycieki
i wsiąknięcia, ja używam średniego kleju w minimalnej dawce!,
- zmienianie setów jest po to, że jadąc ciągle na jednym, to ten set jest PRZESĄCZONY
płynem i robi się taki flak/kapeć ;)
- można koła przekładać L/R tak, żeby równo zchodziły.
10) Płyn
Tylko markus mobers! Piotrek B. kiedyś sprzedawał, o taki:
http://team-shepherd.nl/shop/index.php?route=product/product&path=69_85&product_id=1430
Można CS high grip, ale od kiedy mam speedtecha ;) po co gorszy jak ma się najlepszy?
11) Smarowanie
- tył całe, 20-30 minut, ogólnie 30 minut, brzegi zewnętrzne wytrzeć 5 minut przed końcem
smarowania, mniej nasiąkną więc będą się mniej wyrywać,
- przód zależy jak leży, standardowo 1/12 od środka mna 5-8 minut, jak długo posmarowane taka
będzie przyczepność z przodu (dłużej = więcej, krócej = mniej-aż zgubi przed końcem czasu 8 min biegu).
11.1) Wycieranie kół przed biegiem.
Ja staram się tak wytrzeć koła, żeby mieć te 2-3 minuty suchawe przed biegiem.
Ręcznik papierowy, złożyć na pół i na pół, następnie takim pasem papierowym owinąć
koło i wymasować. Papier zabierze nadmiar płynu i będzie model gotowy od 1 okrążenia do wyścigu!
12) Wymiary, szerokość modelu.
Tył trzymać symetrycznie, max 172mm.
Przód 168-169mm jest OK, im szerzej, tym bardziej nie chce skrecać, ale dasz za wąsko czyli 165 co jest
prawie std w asso 12R5* to będzie za agresywny! Czyli lipa i nie jedzie ;)
13) Karoserie
- amr-12 (zawsze jest dobra!),
- Blackart 005 jak ktoś lubi przyklejony model do toru ... mi jakoś jak grip poszedł do góry,
przestał model jechać, zmieniłem na amr-12 i było łatwiej i szybciej ...
14) Podstawowe tajniki setupu.
- przednie kingpiny smarować olejem od dyfra, tak 80-100k, czyli zamiast braku
tłumienia robimy taki cierny amorek, sprawdzać przed każdym biegiem,
- amorek centralny powiniem mieć taką długość, aby tylni wózek miał około 0.5mm-1mm max opadu względem
płyty centralnej, większy opad = tor wyboisty, śliski, asfalt, ale te 0.5mm jest powiedzmy niezbędne,
- spreżyna centralna powinna być tak napięta, aby nie było 'flaka', napinamy tak, że widać te
złamanie między centralną częścią, a tyłem jak model stoi na kołach (coś jak scyzoryk), można wtedy
odpuścić 1 obrót i sprawdzic, czy jest 'scyzoryk' czy jest na 'płasko', a może się złamał,
tak, że w zawiasie jest niżej, wtedy dodać napięcia, akurat to mi ciężko wytłumaczyć,
ale lepiej jest mieć mocniej napiętą sprężynę niż 'flaka'!
- sprężnki boczne służą do 'tweak', jak model jest wyważony L/R (-/+ 5g na stronę) to one
'prawie dotykają', tutaj wstawię filmiki z jutuba od Roberta Krens'a,
- olej w amorku centralnym std setup, czyli 20-30wt, ja daję 25wt do amorka do HB cyclone 12,
- olej w amorku poprzecznym też std setup, chyba, że są tube dumpery, wtedy oleje od dyfra 10-20-30-50k,
- prześwit tył ~3.5mm,
- prześwit centralnej części, tam gdzie zaczyna się wózek też 3.5mm-4mm (efekt 'scyzoryk'),
- prześwit przód 3.2m-3.5mm,
- dać na początek pręt antykapotażowy (wysokość max od podłoża 350mm), będzie wtedy wańka wstańka
wrazie rolki albo innej sytuacji kryzysowej,
- kingpiny polerować! chyba, że ma się nowe yokomo, tam nie trzeba ;) musi to chodzić płynnie,
bez zacierek itp...
- pilnowąć luzów, muszą być w drążkach kierowniczych ale bez przesady (i znów yokomo daje kulki i snapy
które są perfect...),
- tylni wózek na linkach bez amorków musi latać lewo/prawo przód/tył bez zacięć/łamania,
- amorek poprzeczny lub tube dumpery (nowe asso, crc, xray nowy) snapy też z luzami, ale bez przesady,
- amorek centralny też jakiś luz na kulkach ale bez przesady,
- zbieżność 0mm, lub 0.5deg na zewnątrz,
- pochylenie przednich kół -1deg (czasem jest to -1.5, -2 max!) wszystko zależy od tego,
jak koła przednie zjada, duży stożek do środka, za duże pochylenie, stożek na zewnątrz, za małe pochylenie
oraz za długi górny wahacz ;)
15) Łożyska
- przednie wytrzymują dość dużo, ale należy je pilnowąć, ja używam olejonych najtańszych z HK, i tak po 2
imprezach są do wywalenia (chyba, że czysty tor!),
- tylnie lecą najszybciej, co bieg kontrola, wymieniać jak niepewne, przed finałem, zakładam 2 nowe na ośkę,
- pilnować łożyska zewnętrznego w dyfrze, ono przenosi naprężęnie (ciasność dyfra), jak masz opcję
z oporowym UŻYJ jej!
16) Dyfer
- zębatka xenona z dużą ilością kulek,
- minimum smaru (taki klejący musi być, ten co jest śliski = ZŁY!, ja używam kyosho, ale nie znam P/N,
asso dawało w zestawie dobry smar),
- można używać zębatek asso 66T/48p (grube zęby są dobre na początek, silnik czasem się
potrafi odsunąć o 0.1mm i 64p się zmieli ;) ),
- skręcić tak dyfer, żeby nie puszczał, jak tylko na torze czujesz, że buksuje, dokręć 1/16 i tak do skutku,
dlatego warto mieć klucz do dyfra w kieszeni i delikatnie model na wykładzinie sprawdzić, ewentualnie
poprawić.
17) Technika jazdy
Co kto lubi, ja się nauczyłem tak, żeby jechać płynnie, bez szarpania, gazem regulować promień skrętu,
jak ciut za szeroko, ujmij gazu, starać się nie puszczać do neutrum, wtedy przestaje jechać,
i zabawy z setupem na nic ;) (coś jak spalina 1/10, za dużo puścisz, sprzęgło zluzuje i nie jedzie ...).
18) Kable elektryczne
- miękki dość długi sensor kabel,
- kable z regla do akumulatora 12AWG/14AWG(minimum), krótkie, tak, żeby nie pomylić -/+,
- kable do silnika 16AWG (TQ RACING najlepsze, turnigy są też ok), kable w łuku,
nie mogą powodować naprężeń, jak dasz za twarde to tył się robi sztywny i nie będzie dobrze jeździć.
19) Części ogólnie potrzebne
- przednie sprężynki (pękają, klapścieją), takie jakie std setup, ewentualnie 1 lub 2gi krok twardsze,
w asso zawsze .20 (czasem .20 + jedna pokładka ekstra), .22 i .24 jak jest mega grip i robi rolki,
- e-clipsy (gubią się), takie jakie są w modelu,
- plastykowe wkładki do regulacji wysokości tylniego zawieszenia (co 0.5mm, są też co 0.25mm),
najlepsze są z miękkiego plastyku, unikać carbonowych (taki twardy plastyk),
- zwrotnice przednie,
- wahacz górny,
- wahacz dolny,
- węglowa ośka (albo cała kompletna ośka, jeden rozmiar zębatki, wtedy szybciej dyfer ogarniamy na imprezie),
- podkładki co 0.25mm stalowe/allu do regulacji przedniego prześwitu,
- podkładki calowe na oski przednie pod łożysko do regulacji szerokości,
- podkładki calowe 0.1mm/0.2mm/0.05mm do regulacji szerokości i symetri tylniej osi,
- śrubki do przykręcania kół tylnich (one normalnie uciekają!!!),
- tanie kulki 1/8 stalowe, w nowoczesnych zębatkach idzie ich aż 18! więc nie ma sensu dawać
ceramików ;) (polecam http://www.kool.com.pl tanie stalowe, nie szkoda je wymienic po 4-5 eliminacji),
- płytki do dyfra.
Poprawnie złożony model, koła zatoczone przód 42/tył 43.5-44mm, zaokrąglone brzegi, wyważony L/R musi
jechać poprawnie!
Sznurki do materiałów www:
Porady działają:
http://richardchang.com/hobby.php?topic=112setup
Chyba nie ze wszystkim się zgadzam ... ale on jest 1024x lepszy niż ja!
http://www.youtube.com/user/Roboscan1987/videos
poniedziałek, 30 września 2013
piątek, 13 września 2013
niedziela, 8 września 2013
środa, 28 sierpnia 2013
piątek, 23 sierpnia 2013
sobota, 20 lipca 2013
The power of 3d cad system...
I'm looking for space for a ESC so ... wheel base is now 196 mm, it can be made to 200mm and it will give extra 4mm.
Now speedo has 35mm space ...
Now speedo has 35mm space ...
środa, 12 czerwca 2013
The power of 3D t-flex cad and my idea of 1/12th pan car front end ;)
How to put 1/12 sanwa servo between two asso 12R5 front end blocks.
Tire is from xceed.
On top is 2 mm each side moved.
On bottom is std position of 12R5/12R5.1 chassis, 2mm spacer on wheel axle.
At least 165mm wide, usually I prefer on front 169-170mm, rear end 172mm.
Tire is from xceed.
On top is 2 mm each side moved.
On bottom is std position of 12R5/12R5.1 chassis, 2mm spacer on wheel axle.
At least 165mm wide, usually I prefer on front 169-170mm, rear end 172mm.
wtorek, 11 czerwca 2013
Bruteforce search on MS SQL ;) (Platnik, Symbol, ZUS)
1st: list all tables in db and save it to file
use platnik_db
go
SELECT name
FROM sys.Tables
GO
2nd: generate long SQL for each table like this
[abram@pld64 tmp]$ cat x.sh
#!/bin/sh
while read LINE ; do
echo "select * from [platnik_mzdw].[dbo].[$LINE]"
echo "go"
echo "\n"
done < lista.txt
3rd: run in in MS SQL studio or other software and save data to file
4th: search in file for "MY NAME BLA BLA" (content of Symbol)
5th: I found that Symbol is Nazwaskr in table PLATNIK ;)
Then go to previous post ;)
Blah!
use platnik_db
go
SELECT name
FROM sys.Tables
GO
2nd: generate long SQL for each table like this
[abram@pld64 tmp]$ cat x.sh
#!/bin/sh
while read LINE ; do
echo "select * from [platnik_mzdw].[dbo].[$LINE]"
echo "go"
echo "\n"
done < lista.txt
3rd: run in in MS SQL studio or other software and save data to file
4th: search in file for "MY NAME BLA BLA" (content of Symbol)
5th: I found that Symbol is Nazwaskr in table PLATNIK ;)
Then go to previous post ;)
Blah!
Płatnik ZUS i MSSQL (raporty itp) (szukamy pola SYMBOL [symbol płatnika])
Witam!
Jak zawsze chcę coś osiągnąć i nie mogę się doszukać pola "symbol płatnika".
Uruchamiam MS SQL Server Management Studio, przeglądam moją bazę w poszukiwaniu tabeli w której będą zapisane "Symbole Płatnika".
Nazwa skrócona jest w dbo.platnik i to jest pole NAZWASKR które jest widoczne jako Symbol. Nie wiem dlaczego ktoś tak to nazwał, moim zdaniem powinno być SYMBOL ;)
Nazwa skrócona czyli to co interesuje ZUS najbardziej (kwestie formalne, to co jest drukowane na papierach) jest schowana 'sprytnie' w dbo.PLATN_IDENT w polu o nazwie NAZWASKR ;) ;-) 8-) ????
Nie wiem czy moja znajomość SQL pozwoli na dobre odpytanie bazy ale:
select
a.id_platnik as id_platnik,
a.nazwaskr as nazwaskr,
b.nazwaskr as symbol
from [platnik_FIRMA].[dbo].[PLATN_IDENT] a
left join [platnik_FIRMA].[dbo].[PLATNIK] b
on b.id=a.id_platnik
where a.status_dane='K'
order by id_platnik
go
Zdecydowanie ułatwia to szukanie ;) dziury w całym ;)
Pozdrawiam,
abram
Jak zawsze chcę coś osiągnąć i nie mogę się doszukać pola "symbol płatnika".
Uruchamiam MS SQL Server Management Studio, przeglądam moją bazę w poszukiwaniu tabeli w której będą zapisane "Symbole Płatnika".
Nazwa skrócona jest w dbo.platnik i to jest pole NAZWASKR które jest widoczne jako Symbol. Nie wiem dlaczego ktoś tak to nazwał, moim zdaniem powinno być SYMBOL ;)
Nazwa skrócona czyli to co interesuje ZUS najbardziej (kwestie formalne, to co jest drukowane na papierach) jest schowana 'sprytnie' w dbo.PLATN_IDENT w polu o nazwie NAZWASKR ;) ;-) 8-) ????
Nie wiem czy moja znajomość SQL pozwoli na dobre odpytanie bazy ale:
select
a.id_platnik as id_platnik,
a.nazwaskr as nazwaskr,
b.nazwaskr as symbol
from [platnik_FIRMA].[dbo].[PLATN_IDENT] a
left join [platnik_FIRMA].[dbo].[PLATNIK] b
on b.id=a.id_platnik
where a.status_dane='K'
order by id_platnik
go
Zdecydowanie ułatwia to szukanie ;) dziury w całym ;)
Pozdrawiam,
abram
wtorek, 4 czerwca 2013
piątek, 31 maja 2013
środa, 15 maja 2013
wtorek, 7 maja 2013
sobota, 27 kwietnia 2013
piątek, 26 kwietnia 2013
RHCSA exam waiting for result ...
RHCSA exam waiting for result ...
That was big surprise at that exam for me.
Simple problems with more complicated...
I can't share more info due to RedHat accepted options.
But next time it's better to 1st open problems, set them from simple to difficult.
;)
I do not pass one thing :(
Waiting for result from RedHat :)
Regards!
m.
ps: need to learn more LVM ;)
That was big surprise at that exam for me.
Simple problems with more complicated...
I can't share more info due to RedHat accepted options.
But next time it's better to 1st open problems, set them from simple to difficult.
;)
I do not pass one thing :(
Waiting for result from RedHat :)
Regards!
m.
ps: need to learn more LVM ;)
czwartek, 25 kwietnia 2013
Red Hat Skills Assessment
Red Hat Skills Assessment
What are your learning goals for Red Hat training?
I am seeking an introduction to Linux system administration.
I am seeking Red Hat Certified System Administrator (RHCSA) certification.
I am seeking Red Hat Certified Engineer (RHCE) certification.
I currently have my RHCT and would like to obtain an RHCE certification.
What is your current level of Linux system administration knowledge?
I have limited experience with Linux system administration and wish to learn both graphical and command line approaches.
I have limited experience with Linux system administration and work at the command line interface only.
I regularly do Linux system administration in my current job role.
I am currently a full time Solaris System Administrator.
I am currently an HPUX, AIX or other Unix System Administrator.
Other
What is your purpose for taking this pre-assessment questionnaire?
Trying to select the right course. I have already purchased training units/corporate plan.
I plan on enrolling in a course in the next month.
I hope to enroll in a course in the next few months.
I'm just curious, nothing more.
==============================================================================================
Software Management
Question 1 of 25
Configuring yum to point to a custom repository can be done in either /etc/yum.conf or in which of the following?
* Any file name with a .repo extension in /etc/yum.repos.d/ directory.
Same directory as yum.conf but with a .repos extension
Any file under /etc/yum/ as long as it has a .repo extension
Any where in the file /etc/sysconfig/yum
Any file under /etc/sysconfig/ with a .repo extension
The command ???yum list all??? will list all available packages and available groups of packages in all enabled repositories.
TRUE
* FALSE
Which command would discover the names of packages that are not yet installed on your system but available in enabled repositories?
yum available -y
yum available
yum available list
yum find available
* yum list available
What approach could be used to construct a command, using yum, that would install multiple packages from enabled yum repositories?
Use yum install then list all package names encapsulated within double quotation marks.
* Use yum install then list the package names using a space delimiter.
This can only be done using the graphical user interface system-config-packages.
Use yum install then list the package names using a comma delimiter.
This can only be done using scripts.
Which of the following commands will install a package that is not part of a yum repository?
None of the above.
yum install --disablerepos <package name>
* yum localinstall <package name>
yum localrepo <package name>
yum local <package name>
Which of the following commands will list only documentation from the installed iptables rpm package?
rpm -ql iptables
rpm -qpd iptables
rpm -q --documentation iptables
* rpm -qd iptables
rpm -qa iptables
To create a private repository you should proceed as follows: - Install the createrepo software package - Create a <directory> where files can be shared (via FTP or HTTP) - Create a subdirectory called Packages and copy all packages to be published in Packages - run createrepo -v <directory>
FALSE
* TRUE
Consider the following settings when configuring persistent static TCP/IP settings in a network interface configuration file. Of the settings listed which, if any, are incorrect?
IPADDR=<ip address>
NETMASK=<network mask>
* BOOTPROTO=dhcp
ONBOOT=yes
DEVICE=<device name>
Which of the following files is used to configure client side DNS settings?
* /etc/resolv.conf
/etc/sysconfig/dns
/etc/resolve.conf
/etc/hosts
/etc/host
To assign a persistent machine hostname to a machine, modify or add an entry to the following file.
* /etc/sysconfig/network
/etc/hosts
/etc/sysconfig/hostname
/etc/resolve.conf
/etc/sysconfig/network-scripts/hostname
Which command would persistently enable routing in the kernel?
echo 1 > /proc/sys/net/ipv4/ip_forward
sysctl -w net.ipv4.ip_forward = 1
/proc/sys/net/ipv4/ip_forward
* Add the following line to the /etc/sysctl.conf file: net.ipv4.ip_forward = 1
Rebooting the system after any of these approaches will make the setting persistent.
Which of the following statements about SELinux permissive mode is TRUE?
permissive mode will block all access to resources.
* permissive mode will not block access to a resource.
permissive mode will allow access and does not log information.
permissive mode of for testing purposes only.
permissive mode will only block access to remote users and will log access information.
How do you check to see if SELinux is in 'enforcing' mode?
selinuxchk
getselinux
cat /proc/selinux
setenforce --check
* getenforce
How do you change the SELinux context of a file to its default context?
setselinuxcon -d <filename>
secon -d <filename>
chmod -default-context <filename>
chcon --defaults <filename>
* restorecon <filename>
To change to SELinux Booleans for a service you would use ???semanage boolean <service>???.
* FALSE
TRUE
tip: " semanage boolean whatever_blabla -> bad command, too short ;)"
What tool can be used to analyze SELinux audit logs?
getselogs
selogchk
There is no tool to analyze selinux log files.
analog
* sealert
tip: !!!sealert -a /var/log/audit/audit.log!
What SELinux context would need to be set to support a CIFS share?
* samba_share_t
smb_share_t
allow_smb_t
allow_cifs_t
cifs_share_t
Where can you find the primary configuration file used for time synchronization?
/etc/sysconfig/ntp.conf
* /etc/ntp.conf
/etc/sysconfig/ntpd.conf
/etc/ntp/ntpd.conf
/etc/ntpd.conf
Which critical mount option must be specified in /etc/fstab when persistently using filesystems on iSCSI storage?
iqn
* _netdev
scsi
cryptsetup
netfs
tip: Entries with fc- and _netdev sub-strings enable the mount_fcoe_disks_from_fstab function to identify FCoE disk mount entries.
Which Apache configuration directive controls whether CGI scripts are enabled?
httpd_enable_cgi
* ScriptAlias
ScriptCGI
httpd_exec
httpd_builtin_scripting
Which Postfix directive configures a mail server to direct all outgoing e-mail to the outbound relay?
smtp_relay
virtual_alias_map
* relayhost
inet_interfaces
outbound_host
Caching-Only DNS Server
What option in /etc/named.conf allows one name server behind a UDP restricted firewall to talk to another name server that can see out to the internet?
masters
forwarders
root_hints
recursion
allow_recursion
(no time for find it in google ..., probably forwarders)
File Sharing with NFS
Which file allows you to fixate the ports for NFS v2/3 services?
/etc/nfs.conf
/etc/sysconfig/netstat
/etc/sysconfig/services
/etc/services
* /etc/sysconfig/nfs
Securing Network Services
What are the two iptables modules needed for ftp stateful packet inspection?
nfnetlink and nf_conntrack_ftp
nf_state_ftp and nfnetlink
nf_nat_ftp and nf_state_ftp
nf_state_ftp and nfnetlink
* nf_conntrack_ftp and nf_nat_ftp
tip: redhat names ... bleeeee
Troubleshooting Boot Process
What command starts a new shell with a new root file-system context?
grub
/sbin/init
* chroot
fcontext
bash
AND FINAL RESULT
Red Hat Skills Assessment
Your Skills Assessment Results*
Topic Evaluation
Software Management Deep Understanding
Network Management Deep Understanding
Managing SELinux Deep Understanding
NTP Server Configuration Deep Understanding
Centralized and Secure Storage Deep Understanding
Web Server Additional Configuration Deep Understanding
Basic SMTP Configuration Deep Understanding
Caching-Only DNS Server Limited Knowledge
File Sharing with NFS Deep Understanding
Securing Network Services Deep Understanding
Troubleshooting Boot Process Deep Understanding
* The results represent a subset of the knowledge in the curriculum.
Recommendation
RHCE?? Rapid Track Course with RHCSA??? and RHCE Exams (RH300) is the recommended course
Next steps
Open Source Education Center offers a wide choice of Red Hat Training solutions to match your learning goals.
Classroom training: Nearly one million people from all over the world have taken Red Hat classroom training. The RHCE Rapid Track Course with RHCSA and RHCE Exams (RH300), a 5-day class, is available across Europe, the Middle East, and Africa.
Visit osec.pl/redhat/autoryzacja for course dates and locations near you..
Onsite: If you're interested in taking this course with colleagues or your entire team, the RHCE Rapid Track Course is also routinely delivered as onsite training. Whether at your facility or at one of our training venuest, Open Source Education Center on-site solutions offer flexible, cost-effective training options to meet your needs.
For pricing and more information please call us at +48 22 861 96 04 (Poland) or email redhat@osec.pl.
Thank You!
Open Source Education Center
What are your learning goals for Red Hat training?
I am seeking an introduction to Linux system administration.
I am seeking Red Hat Certified System Administrator (RHCSA) certification.
I am seeking Red Hat Certified Engineer (RHCE) certification.
I currently have my RHCT and would like to obtain an RHCE certification.
What is your current level of Linux system administration knowledge?
I have limited experience with Linux system administration and wish to learn both graphical and command line approaches.
I have limited experience with Linux system administration and work at the command line interface only.
I regularly do Linux system administration in my current job role.
I am currently a full time Solaris System Administrator.
I am currently an HPUX, AIX or other Unix System Administrator.
Other
What is your purpose for taking this pre-assessment questionnaire?
Trying to select the right course. I have already purchased training units/corporate plan.
I plan on enrolling in a course in the next month.
I hope to enroll in a course in the next few months.
I'm just curious, nothing more.
==============================================================================================
Software Management
Question 1 of 25
Configuring yum to point to a custom repository can be done in either /etc/yum.conf or in which of the following?
* Any file name with a .repo extension in /etc/yum.repos.d/ directory.
Same directory as yum.conf but with a .repos extension
Any file under /etc/yum/ as long as it has a .repo extension
Any where in the file /etc/sysconfig/yum
Any file under /etc/sysconfig/ with a .repo extension
The command ???yum list all??? will list all available packages and available groups of packages in all enabled repositories.
TRUE
* FALSE
Which command would discover the names of packages that are not yet installed on your system but available in enabled repositories?
yum available -y
yum available
yum available list
yum find available
* yum list available
What approach could be used to construct a command, using yum, that would install multiple packages from enabled yum repositories?
Use yum install then list all package names encapsulated within double quotation marks.
* Use yum install then list the package names using a space delimiter.
This can only be done using the graphical user interface system-config-packages.
Use yum install then list the package names using a comma delimiter.
This can only be done using scripts.
Which of the following commands will install a package that is not part of a yum repository?
None of the above.
yum install --disablerepos <package name>
* yum localinstall <package name>
yum localrepo <package name>
yum local <package name>
Which of the following commands will list only documentation from the installed iptables rpm package?
rpm -ql iptables
rpm -qpd iptables
rpm -q --documentation iptables
* rpm -qd iptables
rpm -qa iptables
To create a private repository you should proceed as follows: - Install the createrepo software package - Create a <directory> where files can be shared (via FTP or HTTP) - Create a subdirectory called Packages and copy all packages to be published in Packages - run createrepo -v <directory>
FALSE
* TRUE
Consider the following settings when configuring persistent static TCP/IP settings in a network interface configuration file. Of the settings listed which, if any, are incorrect?
IPADDR=<ip address>
NETMASK=<network mask>
* BOOTPROTO=dhcp
ONBOOT=yes
DEVICE=<device name>
Which of the following files is used to configure client side DNS settings?
* /etc/resolv.conf
/etc/sysconfig/dns
/etc/resolve.conf
/etc/hosts
/etc/host
To assign a persistent machine hostname to a machine, modify or add an entry to the following file.
* /etc/sysconfig/network
/etc/hosts
/etc/sysconfig/hostname
/etc/resolve.conf
/etc/sysconfig/network-scripts/hostname
Which command would persistently enable routing in the kernel?
echo 1 > /proc/sys/net/ipv4/ip_forward
sysctl -w net.ipv4.ip_forward = 1
/proc/sys/net/ipv4/ip_forward
* Add the following line to the /etc/sysctl.conf file: net.ipv4.ip_forward = 1
Rebooting the system after any of these approaches will make the setting persistent.
Which of the following statements about SELinux permissive mode is TRUE?
permissive mode will block all access to resources.
* permissive mode will not block access to a resource.
permissive mode will allow access and does not log information.
permissive mode of for testing purposes only.
permissive mode will only block access to remote users and will log access information.
How do you check to see if SELinux is in 'enforcing' mode?
selinuxchk
getselinux
cat /proc/selinux
setenforce --check
* getenforce
How do you change the SELinux context of a file to its default context?
setselinuxcon -d <filename>
secon -d <filename>
chmod -default-context <filename>
chcon --defaults <filename>
* restorecon <filename>
To change to SELinux Booleans for a service you would use ???semanage boolean <service>???.
* FALSE
TRUE
tip: " semanage boolean whatever_blabla -> bad command, too short ;)"
What tool can be used to analyze SELinux audit logs?
getselogs
selogchk
There is no tool to analyze selinux log files.
analog
* sealert
tip: !!!sealert -a /var/log/audit/audit.log!
What SELinux context would need to be set to support a CIFS share?
* samba_share_t
smb_share_t
allow_smb_t
allow_cifs_t
cifs_share_t
Where can you find the primary configuration file used for time synchronization?
/etc/sysconfig/ntp.conf
* /etc/ntp.conf
/etc/sysconfig/ntpd.conf
/etc/ntp/ntpd.conf
/etc/ntpd.conf
Which critical mount option must be specified in /etc/fstab when persistently using filesystems on iSCSI storage?
iqn
* _netdev
scsi
cryptsetup
netfs
tip: Entries with fc- and _netdev sub-strings enable the mount_fcoe_disks_from_fstab function to identify FCoE disk mount entries.
Which Apache configuration directive controls whether CGI scripts are enabled?
httpd_enable_cgi
* ScriptAlias
ScriptCGI
httpd_exec
httpd_builtin_scripting
Which Postfix directive configures a mail server to direct all outgoing e-mail to the outbound relay?
smtp_relay
virtual_alias_map
* relayhost
inet_interfaces
outbound_host
Caching-Only DNS Server
What option in /etc/named.conf allows one name server behind a UDP restricted firewall to talk to another name server that can see out to the internet?
masters
forwarders
root_hints
recursion
allow_recursion
(no time for find it in google ..., probably forwarders)
File Sharing with NFS
Which file allows you to fixate the ports for NFS v2/3 services?
/etc/nfs.conf
/etc/sysconfig/netstat
/etc/sysconfig/services
/etc/services
* /etc/sysconfig/nfs
Securing Network Services
What are the two iptables modules needed for ftp stateful packet inspection?
nfnetlink and nf_conntrack_ftp
nf_state_ftp and nfnetlink
nf_nat_ftp and nf_state_ftp
nf_state_ftp and nfnetlink
* nf_conntrack_ftp and nf_nat_ftp
tip: redhat names ... bleeeee
Troubleshooting Boot Process
What command starts a new shell with a new root file-system context?
grub
/sbin/init
* chroot
fcontext
bash
AND FINAL RESULT
Red Hat Skills Assessment
Your Skills Assessment Results*
Topic Evaluation
Software Management Deep Understanding
Network Management Deep Understanding
Managing SELinux Deep Understanding
NTP Server Configuration Deep Understanding
Centralized and Secure Storage Deep Understanding
Web Server Additional Configuration Deep Understanding
Basic SMTP Configuration Deep Understanding
Caching-Only DNS Server Limited Knowledge
File Sharing with NFS Deep Understanding
Securing Network Services Deep Understanding
Troubleshooting Boot Process Deep Understanding
* The results represent a subset of the knowledge in the curriculum.
Recommendation
RHCE?? Rapid Track Course with RHCSA??? and RHCE Exams (RH300) is the recommended course
Next steps
Open Source Education Center offers a wide choice of Red Hat Training solutions to match your learning goals.
Classroom training: Nearly one million people from all over the world have taken Red Hat classroom training. The RHCE Rapid Track Course with RHCSA and RHCE Exams (RH300), a 5-day class, is available across Europe, the Middle East, and Africa.
Visit osec.pl/redhat/autoryzacja for course dates and locations near you..
Onsite: If you're interested in taking this course with colleagues or your entire team, the RHCE Rapid Track Course is also routinely delivered as onsite training. Whether at your facility or at one of our training venuest, Open Source Education Center on-site solutions offer flexible, cost-effective training options to meet your needs.
For pricing and more information please call us at +48 22 861 96 04 (Poland) or email redhat@osec.pl.
Thank You!
Open Source Education Center
Part 7: Manage security
Part 7: Manage security
1) Configure firewall settings using system-config-firewall or iptables.
* yum install system-config-firewall
* system-config-firewall and click and clack ;)
* vim /etc/sysconfig/iptables ;)
2) Set enforcing and permissive modes for SELinux.
* yum whatprovides /usr/sbin/semanage > policycoreutils-python
yum install policycoreutils-python
* check status of SELinux
[root@redhat ~]# getenforce
Enforcing
* checking status
[root@redhat ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
* change status
setenforce 0 (disable) or echo 0 >/selinux/enforce
setenforce 1 (enable) or echo 1 >/selinux/enforce
* set default mode for SELinux in /etc/selinux/config
SELINUX=enforcing or what need
3) List and identify SELinux file and process context.
* file contexts
ls -lZ
* process context
ps -lZ
TIP: add -Z option to ls or ps
4) Restore default file contexts.
* ls -lZ then
* restorecon -vv filename
5) Use boolean settings to modify system SELinux settings.
* get list of settings
[root@redhat ~]# getsebool -a
......
postgresql_can_rsync --> off
pppd_can_insmod --> off
pppd_for_user --> off
privoxy_connect_any --> on
puppet_manage_all_files --> off
......
Take what need
* how set boolean
[root@redhat ~]# setsebool -P allow_ftpd_full_access on (-P means that it will be saved in the policy files)
it will 'open ftpd' for files which has not correct SELinux properties on /var/ftp/pub ;)
* use togglesebool
[root@redhat ~]# togglesebool allow_ftpd_full_access
allow_ftpd_full_access: active
[root@redhat ~]# togglesebool allow_ftpd_full_access
allow_ftpd_full_access: inactive
6) Diagnose and address routine SELinux policy violations.
* yum install setroubleshoot-server for sealert command but it maybe is not need???? taken from google
* ls -Z and ps -Z and ps -AZ to see processes ;)
if there is no access to files on www/ftp or whatever exam will need
* maybe is better to change to mode permissive in dev/testing environment ;) ?
* check audit.log, there should be lines which can go to command audit2why, put lines to file
audit2why < file.audit, then can use audit2allow to prepare module which can be imported by 'semodule -i blabla.123'
* check what system can do for SELinux
man -k _selinux, choose what need, for example man ftpd_selinux
read man and do changes
semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
restorecon -F -R -v /var/ftp
1) Configure firewall settings using system-config-firewall or iptables.
* yum install system-config-firewall
* system-config-firewall and click and clack ;)
* vim /etc/sysconfig/iptables ;)
2) Set enforcing and permissive modes for SELinux.
* yum whatprovides /usr/sbin/semanage > policycoreutils-python
yum install policycoreutils-python
* check status of SELinux
[root@redhat ~]# getenforce
Enforcing
* checking status
[root@redhat ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
* change status
setenforce 0 (disable) or echo 0 >/selinux/enforce
setenforce 1 (enable) or echo 1 >/selinux/enforce
* set default mode for SELinux in /etc/selinux/config
SELINUX=enforcing or what need
3) List and identify SELinux file and process context.
* file contexts
ls -lZ
* process context
ps -lZ
TIP: add -Z option to ls or ps
4) Restore default file contexts.
* ls -lZ then
* restorecon -vv filename
5) Use boolean settings to modify system SELinux settings.
* get list of settings
[root@redhat ~]# getsebool -a
......
postgresql_can_rsync --> off
pppd_can_insmod --> off
pppd_for_user --> off
privoxy_connect_any --> on
puppet_manage_all_files --> off
......
Take what need
* how set boolean
[root@redhat ~]# setsebool -P allow_ftpd_full_access on (-P means that it will be saved in the policy files)
it will 'open ftpd' for files which has not correct SELinux properties on /var/ftp/pub ;)
* use togglesebool
[root@redhat ~]# togglesebool allow_ftpd_full_access
allow_ftpd_full_access: active
[root@redhat ~]# togglesebool allow_ftpd_full_access
allow_ftpd_full_access: inactive
6) Diagnose and address routine SELinux policy violations.
* yum install setroubleshoot-server for sealert command but it maybe is not need???? taken from google
* ls -Z and ps -Z and ps -AZ to see processes ;)
if there is no access to files on www/ftp or whatever exam will need
* maybe is better to change to mode permissive in dev/testing environment ;) ?
* check audit.log, there should be lines which can go to command audit2why, put lines to file
audit2why < file.audit, then can use audit2allow to prepare module which can be imported by 'semodule -i blabla.123'
* check what system can do for SELinux
man -k _selinux, choose what need, for example man ftpd_selinux
read man and do changes
semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
restorecon -F -R -v /var/ftp
Self prepare for REDHAT RHCSA EX200 Part 6: Manage users and groups
Part 6: Manage users and groups
1) Create, delete, and modify local user accounts.
* maybe yum install system-config-users will do trick?
* getent passwd (list users)
* getent group (list groups)
* useradd
* userdel
* usermod
2) Change passwords and adjust password aging for local user accounts.
* passwd or chage
* passwd user
* echo "joe1:passsword1234" | chpasswd
* passwd -x 30 joe1 (password will expire in 30 days)
* passwd -S joe1 (shows some info about user password)
* chage -E "2013-05-05" joe4 (password for joe4 expire at 05/05/2013)
* chage -l joe4 (list some info about joe4)
* or use 'chage username' and go on options
* passwd -l (lock) or -u (unlock), passwd --help or chage --help
3) Create, delete, and modify local groups and group memberships.
* groupadd
* groupdel
* groupmod
* groupmems
TIP: use manual ;)
4) Configure a system to use an existing LDAP directory service for user and group information.
* yum -y install openldap-clients system-config-authentication nss-pam-ldapd
* then run: system-config-authentication
* or run authconfig-tui
1) Create, delete, and modify local user accounts.
* maybe yum install system-config-users will do trick?
* getent passwd (list users)
* getent group (list groups)
* useradd
* userdel
* usermod
2) Change passwords and adjust password aging for local user accounts.
* passwd or chage
* passwd user
* echo "joe1:passsword1234" | chpasswd
* passwd -x 30 joe1 (password will expire in 30 days)
* passwd -S joe1 (shows some info about user password)
* chage -E "2013-05-05" joe4 (password for joe4 expire at 05/05/2013)
* chage -l joe4 (list some info about joe4)
* or use 'chage username' and go on options
* passwd -l (lock) or -u (unlock), passwd --help or chage --help
3) Create, delete, and modify local groups and group memberships.
* groupadd
* groupdel
* groupmod
* groupmems
TIP: use manual ;)
4) Configure a system to use an existing LDAP directory service for user and group information.
* yum -y install openldap-clients system-config-authentication nss-pam-ldapd
* then run: system-config-authentication
* or run authconfig-tui
wtorek, 23 kwietnia 2013
Self prepare for REDHAT RHCSA EX200 Part 5: Deploy, configure, and maintain systems
Part 5: Deploy, configure, and maintain systems
1) Configure networking and hostname resolution statically or dynamically.
* set order in file: /etc/nsswitch.conf
* hostname resolution statically in /etc/hosts, example lines:
# localhost
127.0.0.1 localhost
# pld64 in vbox
172.16.200.11 pld64 pld64.abram.pl
# redhat in vbox
172.16.200.9 redhat redhat.abram.pl
Let's try it how it works using by ping command (in redhat box I add lines to /etc/hosts)
[root@redhat ~]# ping pld64.abram.pl -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.739 ms
[root@redhat ~]# ping pld64 -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.483 ms
[root@pld64 ~]# ping redhat
PING redhat (172.16.200.9) 56(84) bytes of data.
64 bytes from redhat (172.16.200.9): icmp_seq=1 ttl=64 time=1.24 ms
Try ping redhat.abram.pl from host which doesnt has lines in /etc/hosts and redhat doesnt exists in abram.pl ;)
[abram@pld64-laptop ~]$ ping redhat.abram.pl -c 1
ping: unknown host redhat.abram.pl
* hostname resolution dynamically in /etc/resolv.conf, file has lines:
domain abram.pl
search abram.pl abram.eu.org
nameserver 172.16.200.1
nameserver 172.16.11.1
* host order resolution is set in /etc/host.conf, two examples from redhat and pld
[root@pld64 ~]# cat /etc/host.conf
order hosts,bind
multi on
[root@redhat ~]# cat /etc/host.conf
multi on
* networking in /etc/sysconfig/network (in another distros that file can have more lines),
start networking or not, hostname ;)
[root@redhat ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=redhat.abram.pl
* networking dynamically (from dhcp)
[root@redhat ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=08:00:27:68:4b:ac
TYPE=Ethernet
#UUID=94823bdd-27b1-498a-ae17-4bb9c06b9733
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
* networking statically, in file /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
DNS1="10.1.1.1"
GATEWAY="10.1.1.1"
HWADDR="08:00:27:29:51:E8"
IPADDR="10.1.1.2"
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="cee63504-36fa-483b-b272-c4736396bb40"
Sample file from PLD Linux:
IPADDR=192.168.100.234/24
IPADDR2=192.168.136.234/24
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
GATEWAY=192.168.100.1
GATEWAYDEV=eth1
* after change eth files:
ifdown eth1
ifup eth1
or
service network restart (which stop all devices and will start them again)
2) Schedule tasks using cron.
* files and dirs in redhat (in other distros, they can be little different ;) )
/etc/crontab
/etc/cron.d/0hourly
/etc/cron.hourly/0anacron
/etc/cron.daily/{logrotate,makewhatis.cron,rhsmd}
/etc/cron.weekly/
/etc/cron.monthly/
/etc/anacrontab
Just go to files ;), 1st find packages: rpm -qa | grep cron, then rpm -ql cronie and do job!!!
* /etc/cron.deny or in other distro find cron.deny and cron.allow, there put name of user which can use
crontab or can't use it! default in my redhat (Red Hat Enterprise Linux Server release 6.4 (Santiago))
user abram can do crontab. in other distro it is better to allow it ;)
* prepare user crontab
EDITOR=vim crontab -e or just crontab -e
* list crontab as owner
[abram@redhat ~]$ crontab -l
*/1 * * * * /home/abram/bin/x.sh
* list crontab as root for user
[root@redhat ~]# crontab -l -u abram
*/1 * * * * /home/abram/bin/x.sh
* root can edit crontab of user ;)
[root@redhat ~]# crontab -e -u abram
* fields in crontab, that 5 magic stars ;-)
minute (from 0 to 59)
hour (from 0 to 23)
day of month (from 1 to 31)
month (from 1 to 12)
day of week (from 0 to 6) (0=Sunday)
* some crazy sample ;)
*/10 * 4-6 2 * /bin/xxx (each 10 min, 4th,5th,6th day of month,at 2nd month run /bin/xxx)
3) Configure systems to boot into a specific runlevel automatically.
* go to /etc/inittab, find line: id:3:initdefault: and change 3 to whatever need!
4) Install Red Hat Enterprise Linux automatically using Kickstart.
* yum install system-config-kickstart
* run system-config-kickstart, save file
* share it somwhere, in my case my local rhel server in vbox
cp ks.cfg /var/www/html/
* run pc from cdrom, there should few options to boot, choose 1st from top, install new or somethig,
press tab and add
ks=http://172.16.200.9/ks.cfg
in httpd server logs:
==> /var/log/httpd/access_log <==
172.16.200.12 - - [24/Apr/2013:01:54:31 +0200] "GET /ks.cfg HTTP/1.1" 200 1070 "-" "anaconda/13.21.195"
* from NFS
ks=nfs:host:/ks.cfg
* linux ks=http://172.16.200.9/ks.cfg append ip=192.168.111.222 netmask=255.255.255.0
but it is not tested
* DVD drive ks=cdrom:/directory/ks.cfg
* Hard Drive ks=hd:/device/directory/ks.cfg
* Other Device ks=file:/device/directory/ks.cfg
* HTTP Server ks=http://server.mydomain.com/directory/ks.cfg
* FTP Server ks=ftp://server.mydomain.com/directory/ks.cfg
* NFS Server ks=nfs:server.mydomain.com:/directory/ks.cfg
5) Configure a physical machine to host virtual guests.
* probably system need some packages
yum groupinstall "Virtualization"
yum groupinstall "Virtualization Client"
yum install kvm
yum install qemu
6) Install Red Hat Enterprise Linux systems as virtual guests.
* X GUI
maybe need: yum groupinstall 'X Window System'
open virt-manager and click click ...
PICTURES ;) http://virt-manager.et.redhat.com/screenshots/install.html
* console commands, I wonder if it can be done on my VirtualBox RHEL ;)
from that site: http://manyrootsofallevilrants.blogspot.com/2011/06/install-red-hat-enterprise-linux_09.html
virt-install -n test -r 1024 --vcpu=1 -l nfs:10.168.20.227:/distro --os-type='linux' --os-variant='rhel6' --network network:default --file=/var/lib/libvirt/images/test.img --file-size=6 -x console=ttyS0
a lot of BLA BLA ;)
7) Configure systems to launch virtual machines at boot.
* see what virsh can do (man)
* virsh list
* virsh start MACHINE
* virsh shutdown MACHINE
* virsh destroy MACHINE (take power off ;) )
* virsh autostart MACHINE (will add MACINE to start when server boot ;) )
8) Configure network services to start automatically at boot.
* go to chkconfig command!
* maybe is ntsysv ???
9) Configure a system to run a default configuration HTTP server.
* REMEMBER ABOUT SELINUX ...
* install httpd using yum command
yum install httpd
* prepare simple html file
echo "redhat test http server" > /var/www/html/index.html; chmod 644 /var/www/html/index.html
* change ServerName in /etc/httpd/conf/httpd.conf
ServerName redhat.abram.pl:80
* check status of service and set it on when need it ;)
chkconfig httpd --list
chkconfig httpd on
or specify level: chkconfig httpd --level 5 on
* start httpd daemon
service httpd start
* check if that http server works
[root@redhat ~]# echo -e "GET /index.html HTTP/1.0\r\n" | nc redhat.abram.pl 80
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2013 18:19:29 GMT
Server: Apache/2.2.15 (Red Hat)
Last-Modified: Tue, 23 Apr 2013 18:09:58 GMT
ETag: "1024-18-4db0b17e218d0"
Accept-Ranges: bytes
Content-Length: 24
Connection: close
Content-Type: text/html; charset=UTF-8
redhat test http server
or just install lynx text webrowser and then:
lynx redhat.abram.pl
* maybe server need to open in iptables 80 port tcp for http?
[root@redhat ~]# iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
[root@redhat ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
or
system-config-firewall
10) Configure a system to run a default configuration FTP server.
* REMEMBER ABOUT SELINUX ...
* install ftpd daemon and ftp client
yum install vsftpd ftp
* service vsftpd start
* chkconfig vsftpd on (or choose level)
* iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
* iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
* service iptables save
* maybe on redhat it's ok to check that system load module nf_conntrack_ftp via iptables scripts?
in file /etc/sysconfig/iptables-config
* checking selinux
[root@redhat ~]# ls -lZ /var/| grep ftp
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 ftp
[root@redhat ~]# ls -lZ /var/ftp/
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 pub
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# ls -la /var/ftp/pub/test.txt
-rw-r--r--. 1 root root 5 04-23 22:33 /var/ftp/pub/test.txt
[root@redhat ~]# ls -lZ /var/ftp/pub/test.txt
-rw-r--r--. root root unconfined_u:object_r:public_content_t:s0 /var/ftp/pub/test.txt
file test.txt can be downloaded via ftp
moved file from /root to /var/ftp/pub
[root@redhat ~]# ls -lZ install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 install.log
[root@redhat ~]# mv install.log /var/ftp/pub/
[root@redhat ~]# ls -lZ /var/ftp/pub/install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 /var/ftp/pub/install.log
file install.log has 644 but selinux doesnt allow it to see on ftp
lftp 172.16.200.9:/pub> get install.log
get: Access failed: 550 Failed to open file. (install.log)
in /var/log/xferlog:
==> xferlog <==
Tue Apr 23 22:43:11 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
Tue Apr 23 22:43:18 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
get test.txt
Tue Apr 23 22:44:01 2013 1 172.16.200.4 5 /pub/test.txt b _ o a lftp@ ftp 0 * c
* restore selinux context, two ways.
1st) using default context for /var/ftp
restorecon -RvF /var/ftp
restorecon reset /var/ftp/pub/test.txt context unconfined_u:object_r:public_content_t:s0->system_u:object_r:public_content_t:s0
restorecon reset /var/ftp/pub/install.log context system_u:object_r:admin_home_t:s0->system_u:object_r:public_content_t:s0
2nd) command line
chcon -v -R -u system_u -r object_r -t public_content_t /var/ftp
changing security context of `/var/ftp/pub/test.txt'
changing security context of `/var/ftp/pub/install.log'
changing security context of `/var/ftp/pub'
changing security context of `/var/ftp'
* after change selinux things new file is ready to download
lftp 172.16.200.9:/pub> ls
-rw-r--r-- 1 0 0 9694 Apr 15 13:52 install.log
-rw-r--r-- 1 0 0 5 Apr 23 20:33 test.txt
11) Install and update software packages from Red Hat Network, a remote repository, or from the local file system.
* maybe need to import key from repo?
rpm --import gpgkey
* from local file system using rpm
cd /somewhere_for_packages
rpm -Uhv package-to-update.rpm (--test is OK ;) )
rpm -ihv package-to-install.rpm (--test is OK)
* from Red Hat Network, maybe need to register system?
rhn_register, then go, it should prepare yum to use RHN repos
[root@redhat ~]# yum repolist
Loaded plugins: downloadonly, product-id, rhnplugin, subscription-manager
This system is receiving updates from Red Hat Subscription Management.
This system is receiving updates from RHN Classic or RHN Satellite.
rhel-6-server-cf-tools-1-rpms | 2.8 kB 00:00
rhel-6-server-rhev-agent-rpms | 3.1 kB 00:00
rhel-6-server-rpms | 3.7 kB 00:00
repo id repo name status
rhel-6-server-cf-tools-1-rpms Red Hat CloudForms Tools for RHEL 6 (RPMs) 30
rhel-6-server-rhev-agent-rpms Red Hat Enterprise Virtualization Agents for RHEL 6 Server (RPMs) 16
rhel-6-server-rpms Red Hat Enterprise Linux 6 Server (RPMs) 7934
rhel-i386-server-6 Red Hat Enterprise Linux Server (v. 6 for 32-bit x86) 7926
repolist: 15906
* prepare yum to use local repo from directory
create file /etc/yum.repos.d/local.repo with content
[local]
name=local
baseurl=file:///directory/path/to/repo/
enabled=1
gpgcheck=0
TIP: it could be mounted cdrom or copied ISO cdrom/dvd file mounted using loop to directory...
* prepare yum to use local repo from http server
create file /etc/yum.repos.d/from-http.repo
[remote]
name=remote
baseurl=http://10.1.1.1/repo/i386/
enabled=1
gpgcheck=0
* maybe directory with rpm files need to prepare to be repo? then go
cd /directory
createrepo .
* how to use created repo, it is simple
yum --disablerepo=* --enablerepo=remote --enablerepo=local install (packages)
12) Update the kernel package appropriately to ensure a bootable system.
* yum update kernel
* or maybe better is get fresh kernel from repo and then rpm -ihv kernel-*****rpm
* yum install yum-downloadonly (will add special plugin to yum)
yum update kernel -y --downloadonly (will download kernel package)
files goes to: /var/cache/yum/i386/6Server/rhel-6-server-rpms/packages/ (find / -iname "*.rpm" )
install them (check)
rpm -ihv kernel* --test
rpm -ihv kernel*A
CHECK grub! there should be added new kernel as default, reboot server, go!
13) Modify the system bootloader.
* always backup /boot/grub/menu.lst before editing
* cat /boot/grub/menu.lst
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-358.el6.i686)
root (hd0,0)
kernel /vmlinuz-2.6.32-358.el6.i686 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-358.el6.i686.img
* some more grub from my laptop
# windows
title windows
rootnoverify (hd0,0)
makeactive
chainloader +1
# For installing GRUB into the hard disk
title Install GRUB into the hard disk
root (hd0,3)
setup (hd0)
1) Configure networking and hostname resolution statically or dynamically.
* set order in file: /etc/nsswitch.conf
* hostname resolution statically in /etc/hosts, example lines:
# localhost
127.0.0.1 localhost
# pld64 in vbox
172.16.200.11 pld64 pld64.abram.pl
# redhat in vbox
172.16.200.9 redhat redhat.abram.pl
Let's try it how it works using by ping command (in redhat box I add lines to /etc/hosts)
[root@redhat ~]# ping pld64.abram.pl -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.739 ms
[root@redhat ~]# ping pld64 -c 1
PING pld64 (172.16.200.11) 56(84) bytes of data.
64 bytes from pld64 (172.16.200.11): icmp_seq=1 ttl=64 time=0.483 ms
[root@pld64 ~]# ping redhat
PING redhat (172.16.200.9) 56(84) bytes of data.
64 bytes from redhat (172.16.200.9): icmp_seq=1 ttl=64 time=1.24 ms
Try ping redhat.abram.pl from host which doesnt has lines in /etc/hosts and redhat doesnt exists in abram.pl ;)
[abram@pld64-laptop ~]$ ping redhat.abram.pl -c 1
ping: unknown host redhat.abram.pl
* hostname resolution dynamically in /etc/resolv.conf, file has lines:
domain abram.pl
search abram.pl abram.eu.org
nameserver 172.16.200.1
nameserver 172.16.11.1
* host order resolution is set in /etc/host.conf, two examples from redhat and pld
[root@pld64 ~]# cat /etc/host.conf
order hosts,bind
multi on
[root@redhat ~]# cat /etc/host.conf
multi on
* networking in /etc/sysconfig/network (in another distros that file can have more lines),
start networking or not, hostname ;)
[root@redhat ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=redhat.abram.pl
* networking dynamically (from dhcp)
[root@redhat ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=08:00:27:68:4b:ac
TYPE=Ethernet
#UUID=94823bdd-27b1-498a-ae17-4bb9c06b9733
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
* networking statically, in file /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
DNS1="10.1.1.1"
GATEWAY="10.1.1.1"
HWADDR="08:00:27:29:51:E8"
IPADDR="10.1.1.2"
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="cee63504-36fa-483b-b272-c4736396bb40"
Sample file from PLD Linux:
IPADDR=192.168.100.234/24
IPADDR2=192.168.136.234/24
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
GATEWAY=192.168.100.1
GATEWAYDEV=eth1
* after change eth files:
ifdown eth1
ifup eth1
or
service network restart (which stop all devices and will start them again)
2) Schedule tasks using cron.
* files and dirs in redhat (in other distros, they can be little different ;) )
/etc/crontab
/etc/cron.d/0hourly
/etc/cron.hourly/0anacron
/etc/cron.daily/{logrotate,makewhatis.cron,rhsmd}
/etc/cron.weekly/
/etc/cron.monthly/
/etc/anacrontab
Just go to files ;), 1st find packages: rpm -qa | grep cron, then rpm -ql cronie and do job!!!
* /etc/cron.deny or in other distro find cron.deny and cron.allow, there put name of user which can use
crontab or can't use it! default in my redhat (Red Hat Enterprise Linux Server release 6.4 (Santiago))
user abram can do crontab. in other distro it is better to allow it ;)
* prepare user crontab
EDITOR=vim crontab -e or just crontab -e
* list crontab as owner
[abram@redhat ~]$ crontab -l
*/1 * * * * /home/abram/bin/x.sh
* list crontab as root for user
[root@redhat ~]# crontab -l -u abram
*/1 * * * * /home/abram/bin/x.sh
* root can edit crontab of user ;)
[root@redhat ~]# crontab -e -u abram
* fields in crontab, that 5 magic stars ;-)
minute (from 0 to 59)
hour (from 0 to 23)
day of month (from 1 to 31)
month (from 1 to 12)
day of week (from 0 to 6) (0=Sunday)
* some crazy sample ;)
*/10 * 4-6 2 * /bin/xxx (each 10 min, 4th,5th,6th day of month,at 2nd month run /bin/xxx)
3) Configure systems to boot into a specific runlevel automatically.
* go to /etc/inittab, find line: id:3:initdefault: and change 3 to whatever need!
4) Install Red Hat Enterprise Linux automatically using Kickstart.
* yum install system-config-kickstart
* run system-config-kickstart, save file
* share it somwhere, in my case my local rhel server in vbox
cp ks.cfg /var/www/html/
* run pc from cdrom, there should few options to boot, choose 1st from top, install new or somethig,
press tab and add
ks=http://172.16.200.9/ks.cfg
in httpd server logs:
==> /var/log/httpd/access_log <==
172.16.200.12 - - [24/Apr/2013:01:54:31 +0200] "GET /ks.cfg HTTP/1.1" 200 1070 "-" "anaconda/13.21.195"
* from NFS
ks=nfs:host:/ks.cfg
* linux ks=http://172.16.200.9/ks.cfg append ip=192.168.111.222 netmask=255.255.255.0
but it is not tested
* DVD drive ks=cdrom:/directory/ks.cfg
* Hard Drive ks=hd:/device/directory/ks.cfg
* Other Device ks=file:/device/directory/ks.cfg
* HTTP Server ks=http://server.mydomain.com/directory/ks.cfg
* FTP Server ks=ftp://server.mydomain.com/directory/ks.cfg
* NFS Server ks=nfs:server.mydomain.com:/directory/ks.cfg
5) Configure a physical machine to host virtual guests.
* probably system need some packages
yum groupinstall "Virtualization"
yum groupinstall "Virtualization Client"
yum install kvm
yum install qemu
6) Install Red Hat Enterprise Linux systems as virtual guests.
* X GUI
maybe need: yum groupinstall 'X Window System'
open virt-manager and click click ...
PICTURES ;) http://virt-manager.et.redhat.com/screenshots/install.html
* console commands, I wonder if it can be done on my VirtualBox RHEL ;)
from that site: http://manyrootsofallevilrants.blogspot.com/2011/06/install-red-hat-enterprise-linux_09.html
virt-install -n test -r 1024 --vcpu=1 -l nfs:10.168.20.227:/distro --os-type='linux' --os-variant='rhel6' --network network:default --file=/var/lib/libvirt/images/test.img --file-size=6 -x console=ttyS0
a lot of BLA BLA ;)
7) Configure systems to launch virtual machines at boot.
* see what virsh can do (man)
* virsh list
* virsh start MACHINE
* virsh shutdown MACHINE
* virsh destroy MACHINE (take power off ;) )
* virsh autostart MACHINE (will add MACINE to start when server boot ;) )
8) Configure network services to start automatically at boot.
* go to chkconfig command!
* maybe is ntsysv ???
9) Configure a system to run a default configuration HTTP server.
* REMEMBER ABOUT SELINUX ...
* install httpd using yum command
yum install httpd
* prepare simple html file
echo "redhat test http server" > /var/www/html/index.html; chmod 644 /var/www/html/index.html
* change ServerName in /etc/httpd/conf/httpd.conf
ServerName redhat.abram.pl:80
* check status of service and set it on when need it ;)
chkconfig httpd --list
chkconfig httpd on
or specify level: chkconfig httpd --level 5 on
* start httpd daemon
service httpd start
* check if that http server works
[root@redhat ~]# echo -e "GET /index.html HTTP/1.0\r\n" | nc redhat.abram.pl 80
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2013 18:19:29 GMT
Server: Apache/2.2.15 (Red Hat)
Last-Modified: Tue, 23 Apr 2013 18:09:58 GMT
ETag: "1024-18-4db0b17e218d0"
Accept-Ranges: bytes
Content-Length: 24
Connection: close
Content-Type: text/html; charset=UTF-8
redhat test http server
or just install lynx text webrowser and then:
lynx redhat.abram.pl
* maybe server need to open in iptables 80 port tcp for http?
[root@redhat ~]# iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
[root@redhat ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
or
system-config-firewall
10) Configure a system to run a default configuration FTP server.
* REMEMBER ABOUT SELINUX ...
* install ftpd daemon and ftp client
yum install vsftpd ftp
* service vsftpd start
* chkconfig vsftpd on (or choose level)
* iptables -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
* iptables -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
* service iptables save
* maybe on redhat it's ok to check that system load module nf_conntrack_ftp via iptables scripts?
in file /etc/sysconfig/iptables-config
* checking selinux
[root@redhat ~]# ls -lZ /var/| grep ftp
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 ftp
[root@redhat ~]# ls -lZ /var/ftp/
drwxr-xr-x. root root system_u:object_r:public_content_t:s0 pub
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# echo 'test' > /var/ftp/pub/test.txt
[root@redhat ~]# ls -la /var/ftp/pub/test.txt
-rw-r--r--. 1 root root 5 04-23 22:33 /var/ftp/pub/test.txt
[root@redhat ~]# ls -lZ /var/ftp/pub/test.txt
-rw-r--r--. root root unconfined_u:object_r:public_content_t:s0 /var/ftp/pub/test.txt
file test.txt can be downloaded via ftp
moved file from /root to /var/ftp/pub
[root@redhat ~]# ls -lZ install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 install.log
[root@redhat ~]# mv install.log /var/ftp/pub/
[root@redhat ~]# ls -lZ /var/ftp/pub/install.log
-rw-r--r--. root root system_u:object_r:admin_home_t:s0 /var/ftp/pub/install.log
file install.log has 644 but selinux doesnt allow it to see on ftp
lftp 172.16.200.9:/pub> get install.log
get: Access failed: 550 Failed to open file. (install.log)
in /var/log/xferlog:
==> xferlog <==
Tue Apr 23 22:43:11 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
Tue Apr 23 22:43:18 2013 1 172.16.200.4 0 /pub/install.log b _ o a lftp@ ftp 0 * i
get test.txt
Tue Apr 23 22:44:01 2013 1 172.16.200.4 5 /pub/test.txt b _ o a lftp@ ftp 0 * c
* restore selinux context, two ways.
1st) using default context for /var/ftp
restorecon -RvF /var/ftp
restorecon reset /var/ftp/pub/test.txt context unconfined_u:object_r:public_content_t:s0->system_u:object_r:public_content_t:s0
restorecon reset /var/ftp/pub/install.log context system_u:object_r:admin_home_t:s0->system_u:object_r:public_content_t:s0
2nd) command line
chcon -v -R -u system_u -r object_r -t public_content_t /var/ftp
changing security context of `/var/ftp/pub/test.txt'
changing security context of `/var/ftp/pub/install.log'
changing security context of `/var/ftp/pub'
changing security context of `/var/ftp'
* after change selinux things new file is ready to download
lftp 172.16.200.9:/pub> ls
-rw-r--r-- 1 0 0 9694 Apr 15 13:52 install.log
-rw-r--r-- 1 0 0 5 Apr 23 20:33 test.txt
11) Install and update software packages from Red Hat Network, a remote repository, or from the local file system.
* maybe need to import key from repo?
rpm --import gpgkey
* from local file system using rpm
cd /somewhere_for_packages
rpm -Uhv package-to-update.rpm (--test is OK ;) )
rpm -ihv package-to-install.rpm (--test is OK)
* from Red Hat Network, maybe need to register system?
rhn_register, then go, it should prepare yum to use RHN repos
[root@redhat ~]# yum repolist
Loaded plugins: downloadonly, product-id, rhnplugin, subscription-manager
This system is receiving updates from Red Hat Subscription Management.
This system is receiving updates from RHN Classic or RHN Satellite.
rhel-6-server-cf-tools-1-rpms | 2.8 kB 00:00
rhel-6-server-rhev-agent-rpms | 3.1 kB 00:00
rhel-6-server-rpms | 3.7 kB 00:00
repo id repo name status
rhel-6-server-cf-tools-1-rpms Red Hat CloudForms Tools for RHEL 6 (RPMs) 30
rhel-6-server-rhev-agent-rpms Red Hat Enterprise Virtualization Agents for RHEL 6 Server (RPMs) 16
rhel-6-server-rpms Red Hat Enterprise Linux 6 Server (RPMs) 7934
rhel-i386-server-6 Red Hat Enterprise Linux Server (v. 6 for 32-bit x86) 7926
repolist: 15906
* prepare yum to use local repo from directory
create file /etc/yum.repos.d/local.repo with content
[local]
name=local
baseurl=file:///directory/path/to/repo/
enabled=1
gpgcheck=0
TIP: it could be mounted cdrom or copied ISO cdrom/dvd file mounted using loop to directory...
* prepare yum to use local repo from http server
create file /etc/yum.repos.d/from-http.repo
[remote]
name=remote
baseurl=http://10.1.1.1/repo/i386/
enabled=1
gpgcheck=0
* maybe directory with rpm files need to prepare to be repo? then go
cd /directory
createrepo .
* how to use created repo, it is simple
yum --disablerepo=* --enablerepo=remote --enablerepo=local install (packages)
12) Update the kernel package appropriately to ensure a bootable system.
* yum update kernel
* or maybe better is get fresh kernel from repo and then rpm -ihv kernel-*****rpm
* yum install yum-downloadonly (will add special plugin to yum)
yum update kernel -y --downloadonly (will download kernel package)
files goes to: /var/cache/yum/i386/6Server/rhel-6-server-rpms/packages/ (find / -iname "*.rpm" )
install them (check)
rpm -ihv kernel* --test
rpm -ihv kernel*A
CHECK grub! there should be added new kernel as default, reboot server, go!
13) Modify the system bootloader.
* always backup /boot/grub/menu.lst before editing
* cat /boot/grub/menu.lst
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-358.el6.i686)
root (hd0,0)
kernel /vmlinuz-2.6.32-358.el6.i686 ro root=/dev/mapper/VolGroup-lv_root rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD rd_LVM_LV=VolGroup/lv_swap SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=VolGroup/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
initrd /initramfs-2.6.32-358.el6.i686.img
* some more grub from my laptop
# windows
title windows
rootnoverify (hd0,0)
makeactive
chainloader +1
# For installing GRUB into the hard disk
title Install GRUB into the hard disk
root (hd0,3)
setup (hd0)
niedziela, 21 kwietnia 2013
Self prepare for REDHAT RHCSA EX200 Part 4: Create and configure file systems
Part 4: Create and configure file systems
1) Create, mount, unmount, and use ext2, ext3, and ext4 file systems.
* create fs (device can be /dev/sda1 or /dev/lvm/whatever)
mkfs.ext2 /dev/device
mkfs.ext3 /dev/device
mkfs.ext4 /dev/device
* tune2fs for changes on ext*
* mount /dev/device -o ro /mount_point
mount -o bind /source /destination
mount -o loop image-from-cd.iso /mount_point
* umount /mount_point
umount /dev/device
2) Mount, unmount, and use LUKS-encrypted file systems.
* prepare luks device (if not prepared)
cryptsetup luksFormat /dev/sdc1 (then enter password, 2x times)
after this open device using cryptsetup luksOpen /dev/sdc1 NameWhatever then
format it mkfs.ext4 /dev/mapper/NameWhatever
then that /dev/mapper/NameWhatever can be mounted somewhere in system
* if prepared it's better open it then prepare (like above ;) )
cryptsetup luksOpen /dev/sdc1 MyNameCanBeDifferentEachTime (give password),
it prepare device with name MyNameCanBeDifferentEachTime in /dev/mapper
* mount /dev/mapper/MyNameCanBeDifferentEachTime /crypteddevice
* umount /dev/mapper/MyNameCanBeDifferentEachTime
* if want automatic luks prepare device, put line with that content to /etc/crypttab
MyNewName /dev/sdc1
and put this to /etc/fstab if want automount at startup
/dev/mapper/MyNewName /luks ext4 defaults 1 1
Simple isn't it?
3) Mount and unmount CIFS and NFS network file systems.
* cifs (or smbfs or microsoft networking shares from windows)
mount -o rw,user=backup,password=backup -t cifs //172.16.200.41/tmp /cifs
or
mount -o rw,user=abram,password=aa -t cifs //172.16.200.41/tmp /cifs
* cifs automount from /etc/fstab, add that line to file
//172.16.200.41/tmp /cifs cifs rw,user=abram,password=aa 0 0
* nfs from cmdline
check rpcbind or portmap is running on system, then
mount -o rw -t nfs 172.16.200.41:/home /nfs/
* nfs automount from /etc/fstab (in PLD Linux there is very smart package nfs-utils-clients which
has rc.d/nfsfs ;) )
put this to /etc/fstab
172.16.200.41:/home /nfs nfs defaults 0 0
4) Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
I will just show lines which one should be put to /etc/fstab
* ext4 or any fs ;) (xfs, ext2, ext3???)
/dev/sda2 /mountpoint ext4 defaults 1 1
/dev/LVM_VG_NAME/LVM_name /home ext4 defaults 1 1
UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1
LABEL=MyLabel /mynew_data ext4 defaults 1 1
* LUKS-encrypted (some examples are above with UUID)
1) in /etc/crypttab line like this
myname /dev/sdb1
2) in /etc/fstab line like this
/dev/mapper/myname /media/mydata ext4 defaults 1 1
* network files (cifs and nfs)
1) //172.16.200.41/tmp /cifs cifs rw,user=abram,password=aa 0 0
2) 172.16.200.41:/home /nfs nfs defaults 0 0
5) Extend existing unencrypted ext4-formatted logical volumes.
* lvdisplay /dev/XYZ/test (it shows 1GiB size)
* add some space to that device
check free space on VG
[root@localhost ~]# vgdisplay XYZ| grep PE
PE Size 4,00 MiB
Total PE 511
Alloc PE / Size 256 / 1,00 GiB
Free PE / Size 255 / 1020,00 MiB
resize (add 512)
lvextend -v -L +512M /dev/XYZ/test
and resize fs
resize2fs /dev/XYZ/test
TIP: resizing can be done on mounted fs
* set LV to specified size (from big one to small one or small one to big one) (DANGER!!!)
[root@localhost ~]# lvresize -L 400M /dev/XYZ/test
WARNING: Reducing active and open logical volume to 400,00 MiB
THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce test? [y/n]: n
Logical volume test NOT reduced
after y -> got this
[root@localhost ~]# mount /dev/XYZ/test /cifs/
mount: wrong fs type, bad option, bad superblock on /dev/mapper/XYZ-test,
and fs is broken ...
[root@localhost ~]# fsck.ext4 /dev/XYZ/test
e2fsck 1.41.12 (17-May-2010)
Error reading block 131072 (Invalid argument). Ignore error<y>? yes
Force rewrite<y>? yes
Error writing block 131072 (Invalid argument). Ignore error<y>? yes
Superblock has an invalid journal (inode 8).
Clear<y>? yes
*** ext3 journal has been deleted - filesystem is now ext2 only ***
Superblock has_journal flag is clear, but a journal inode is present.
Clear<y>? yes
The filesystem size (according to the superblock) is 393216 blocks
The physical size of the device is 102400 blocks
Either the superblock or the partition table is likely to be corrupt!
Abort<y>? no
/dev/XYZ/test contains a file system with errors, check forced.
Error writing block 131072 (Invalid argument). Ignore error<y>?
Pass 1: Checking inodes, blocks, and sizes
Journal inode is not in use, but contains data. Clear<y>? yes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Block bitmap differences: -(131072--139263)
Fix<y>?
then a lot of errors 8-) fix it fix it ... bla bla ;)
WITHOUT BACKUP OF DATA ;) it is ... BROKEN ;)
6) Create and configure set-GID directories for collaboration.
* Probably it could be like this, 4 users, one group to connect them, directory where they
can share files.
* [root@localhost ~]# for i in `seq 1 4`; do echo joe$i;useradd joe$i; done
joe1
joe2
joe3
joe4
[root@localhost ~]# id joe1
uid=500(joe1) gid=500(joe1) groups=500(joe1)
[root@localhost ~]# id joe2
uid=501(joe2) gid=501(joe2) groups=501(joe2)
...
* create group
[root@localhost ~]# groupadd union
[root@localhost ~]# getent group union
union:x:504:
* put joe2 and joe4 to that group
usermod -G union joe2; usermod -G union joe4
check it
[root@localhost ~]# id joe4
uid=503(joe4) gid=503(joe4) groups=503(joe4),504(union)
[root@localhost ~]# id joe2
uid=501(joe2) gid=501(joe2) groups=501(joe2),504(union)
* prepare catalog
mkdir /home/union
chown root:union /home/union
* add SGID to /home/union (set rwx for owner, rwx for group, no access to others)
chmod 2770 /home/union
[root@localhost ~]# ls -la /home/ | grep union
drwxrws---. 2 root union 4096 Apr 22 01:43 union
* login as joe1 and try create any file in /home/union
[root@localhost ~]# su - joe1 -c 'echo aa > /home/union/aa'
-bash: /home/union/aa: Permission denied
or su - joe1 then echo aa > /home/union/aa
[root@localhost ~]# su - joe1
[joe1@localhost ~]$ echo aa > /home/union/aa
-bash: /home/union/aa: Permission denied
* login as joe2 and create file
[root@localhost ~]# su - joe2 -c 'echo joe2 line > /home/union/joe2file'
[root@localhost ~]# cat /home/union/joe2file
joe2 line
[root@localhost ~]# ls -la /home/union/joe2file
-rw-rw-r--. 1 joe2 union 10 Apr 22 01:47 /home/union/joe2file
[root@localhost ~]# ls -lZ /home/union/joe2file
-rw-rw-r--. joe2 union unconfined_u:object_r:home_root_t:s0 /home/union/joe2file
* login as joe2 and create directory
[root@localhost ~]# su - joe2 -c 'mkdir /home/union/joe2dir'
[root@localhost ~]# ls -la /home/union/
total 20
drwxrws---. 3 root union 4096 Apr 22 01:48 .
drwxr-xr-x. 7 root root 4096 Apr 22 01:43 ..
drwxrwsr-x. 2 joe2 union 4096 Apr 22 01:48 joe2dir
* login as joe4 and create dir in joe2dir
[root@localhost ~]# su - joe4 -c 'mkdir /home/union/joe2dir/joe4dir'
[root@localhost ~]# ls -la /home/union/joe2dir/
total 12
drwxrwsr-x. 3 joe2 union 4096 Apr 22 01:49 .
drwxrws---. 3 root union 4096 Apr 22 01:48 ..
drwxrwsr-x. 2 joe4 union 4096 Apr 22 01:49 joe4dir
* login as joe4 and add one line to joe2file
su - joe2 -c 'echo joe4 line >> /home/union/joe2file'
cat /home/union/joe2file
[root@localhost ~]# su - joe2 -c 'echo joe4 line >> /home/union/joe2file'
[root@localhost ~]# cat /home/union/joe2file
joe2 line
joe4 line
[root@localhost ~]# ls -la /home/union/joe2file
-rw-rw-r--. 1 joe2 union 20 Apr 22 01:51 /home/union/joe2file
owner joe2 left on file, joe4 add line because of member in union group ;)
* joe3 can't add line to joe2file because is not member of union group
[root@localhost ~]# su - joe3 -c 'echo joe3 line >> /home/union/joe2file'
-bash: /home/union/joe2file: Permission denied
TIP: anyone in union group can do dirs/files and there is no problem with access ;)
7) Create and manage Access Control Lists (ACLs).
* check if file system support acl
mount
...
/dev/mapper/XYZ-test on /test type ext4 (rw)
* in fstab add ACL option
/dev/XYZ/test /test ext4 defaults,acl 1 1
mount -o remount /test
mount and then acl is in line
/dev/mapper/XYZ-test on /test type ext4 (rw,acl)
;)
* prepare catalog test and test.log with some info
mkdir /test/test/
dmesg > /test/test.log
* default permisions
[root@localhost ~]# ls -la /test/test.log
-rw-r--r--. 1 root root 24688 Apr 22 01:59 /test/test.log
[root@localhost ~]# ls -lZa /test/test.log
-rw-r--r--. root root unconfined_u:object_r:file_t:s0 /test/test.log
for directory
drwxr-xr-x. 2 root root 1024 Apr 22 01:58 test
* show acls
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
group::r--
other::r--
* allow user joe2 to edit test.log
setfacl --help as 1st step :)
setfacl -m u:joe2:rwx /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
user:joe2:rwx
group::r--
mask::rwx
other::r--
and try use that file ;)
[root@localhost ~]# su - joe2 -c 'echo test1 > /test/test.log'
[root@localhost ~]# su - joe2 -c 'echo test2 >> /test/test.log'
[root@localhost ~]# cat /test/test.log
test1
test2y
[root@localhost ~]# su - joe1 -c 'echo test > /test/test.log'
-bash: /test/test.log: Permission denied
* allow group xyz (which will have joe1 and joe3) to that file
dissallow group union (and then see that joe2 can work with that file but joe4 can not!)
[root@localhost ~]# setfacl -m g:xyz:rwx /test/test.log
[root@localhost ~]# setfacl -m g:union:- /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
user:joe2:rwx
group::r--
group:union:---
group:xyz:rwx
mask::rwx
other::r--
CHECKING!
[root@localhost ~]# su - joe1 -c 'echo joe1 can because is in xyz >> /test/test.log'
[root@localhost ~]# su - joe3 -c 'echo joe3 can because is in xyz >> /test/test.log'
[root@localhost ~]# su - joe2 -c 'echo joe2 can because is joe2 >> /test/test.log'
[root@localhost ~]# su - joe4 -c 'echo joe4 CAN not because is in union ... >> /test/test.log'
-bash: /test/test.log: Permission denied
[root@localhost ~]# cat /test/test.log
joe2 test1
joe2 test2
joe1 can
joe3 can
joe1 can because is in xyz
joe3 can because is in xyz
joe2 can because is joe2
* remove some acl from file
[root@localhost ~]# setfacl -x u:joe2 /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
group::r--
group:union:---
group:xyz:rwx
mask::rwx
other::r--
8) Diagnose and correct file permission problems.
* checking by
ls -la
ls -lZ
getfacl
* then repair ;)
1) Create, mount, unmount, and use ext2, ext3, and ext4 file systems.
* create fs (device can be /dev/sda1 or /dev/lvm/whatever)
mkfs.ext2 /dev/device
mkfs.ext3 /dev/device
mkfs.ext4 /dev/device
* tune2fs for changes on ext*
* mount /dev/device -o ro /mount_point
mount -o bind /source /destination
mount -o loop image-from-cd.iso /mount_point
* umount /mount_point
umount /dev/device
2) Mount, unmount, and use LUKS-encrypted file systems.
* prepare luks device (if not prepared)
cryptsetup luksFormat /dev/sdc1 (then enter password, 2x times)
after this open device using cryptsetup luksOpen /dev/sdc1 NameWhatever then
format it mkfs.ext4 /dev/mapper/NameWhatever
then that /dev/mapper/NameWhatever can be mounted somewhere in system
* if prepared it's better open it then prepare (like above ;) )
cryptsetup luksOpen /dev/sdc1 MyNameCanBeDifferentEachTime (give password),
it prepare device with name MyNameCanBeDifferentEachTime in /dev/mapper
* mount /dev/mapper/MyNameCanBeDifferentEachTime /crypteddevice
* umount /dev/mapper/MyNameCanBeDifferentEachTime
* if want automatic luks prepare device, put line with that content to /etc/crypttab
MyNewName /dev/sdc1
and put this to /etc/fstab if want automount at startup
/dev/mapper/MyNewName /luks ext4 defaults 1 1
Simple isn't it?
3) Mount and unmount CIFS and NFS network file systems.
* cifs (or smbfs or microsoft networking shares from windows)
mount -o rw,user=backup,password=backup -t cifs //172.16.200.41/tmp /cifs
or
mount -o rw,user=abram,password=aa -t cifs //172.16.200.41/tmp /cifs
* cifs automount from /etc/fstab, add that line to file
//172.16.200.41/tmp /cifs cifs rw,user=abram,password=aa 0 0
* nfs from cmdline
check rpcbind or portmap is running on system, then
mount -o rw -t nfs 172.16.200.41:/home /nfs/
* nfs automount from /etc/fstab (in PLD Linux there is very smart package nfs-utils-clients which
has rc.d/nfsfs ;) )
put this to /etc/fstab
172.16.200.41:/home /nfs nfs defaults 0 0
4) Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
I will just show lines which one should be put to /etc/fstab
* ext4 or any fs ;) (xfs, ext2, ext3???)
/dev/sda2 /mountpoint ext4 defaults 1 1
/dev/LVM_VG_NAME/LVM_name /home ext4 defaults 1 1
UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1
LABEL=MyLabel /mynew_data ext4 defaults 1 1
* LUKS-encrypted (some examples are above with UUID)
1) in /etc/crypttab line like this
myname /dev/sdb1
2) in /etc/fstab line like this
/dev/mapper/myname /media/mydata ext4 defaults 1 1
* network files (cifs and nfs)
1) //172.16.200.41/tmp /cifs cifs rw,user=abram,password=aa 0 0
2) 172.16.200.41:/home /nfs nfs defaults 0 0
5) Extend existing unencrypted ext4-formatted logical volumes.
* lvdisplay /dev/XYZ/test (it shows 1GiB size)
* add some space to that device
check free space on VG
[root@localhost ~]# vgdisplay XYZ| grep PE
PE Size 4,00 MiB
Total PE 511
Alloc PE / Size 256 / 1,00 GiB
Free PE / Size 255 / 1020,00 MiB
resize (add 512)
lvextend -v -L +512M /dev/XYZ/test
and resize fs
resize2fs /dev/XYZ/test
TIP: resizing can be done on mounted fs
* set LV to specified size (from big one to small one or small one to big one) (DANGER!!!)
[root@localhost ~]# lvresize -L 400M /dev/XYZ/test
WARNING: Reducing active and open logical volume to 400,00 MiB
THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce test? [y/n]: n
Logical volume test NOT reduced
after y -> got this
[root@localhost ~]# mount /dev/XYZ/test /cifs/
mount: wrong fs type, bad option, bad superblock on /dev/mapper/XYZ-test,
and fs is broken ...
[root@localhost ~]# fsck.ext4 /dev/XYZ/test
e2fsck 1.41.12 (17-May-2010)
Error reading block 131072 (Invalid argument). Ignore error<y>? yes
Force rewrite<y>? yes
Error writing block 131072 (Invalid argument). Ignore error<y>? yes
Superblock has an invalid journal (inode 8).
Clear<y>? yes
*** ext3 journal has been deleted - filesystem is now ext2 only ***
Superblock has_journal flag is clear, but a journal inode is present.
Clear<y>? yes
The filesystem size (according to the superblock) is 393216 blocks
The physical size of the device is 102400 blocks
Either the superblock or the partition table is likely to be corrupt!
Abort<y>? no
/dev/XYZ/test contains a file system with errors, check forced.
Error writing block 131072 (Invalid argument). Ignore error<y>?
Pass 1: Checking inodes, blocks, and sizes
Journal inode is not in use, but contains data. Clear<y>? yes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Block bitmap differences: -(131072--139263)
Fix<y>?
then a lot of errors 8-) fix it fix it ... bla bla ;)
WITHOUT BACKUP OF DATA ;) it is ... BROKEN ;)
6) Create and configure set-GID directories for collaboration.
* Probably it could be like this, 4 users, one group to connect them, directory where they
can share files.
* [root@localhost ~]# for i in `seq 1 4`; do echo joe$i;useradd joe$i; done
joe1
joe2
joe3
joe4
[root@localhost ~]# id joe1
uid=500(joe1) gid=500(joe1) groups=500(joe1)
[root@localhost ~]# id joe2
uid=501(joe2) gid=501(joe2) groups=501(joe2)
...
* create group
[root@localhost ~]# groupadd union
[root@localhost ~]# getent group union
union:x:504:
* put joe2 and joe4 to that group
usermod -G union joe2; usermod -G union joe4
check it
[root@localhost ~]# id joe4
uid=503(joe4) gid=503(joe4) groups=503(joe4),504(union)
[root@localhost ~]# id joe2
uid=501(joe2) gid=501(joe2) groups=501(joe2),504(union)
* prepare catalog
mkdir /home/union
chown root:union /home/union
* add SGID to /home/union (set rwx for owner, rwx for group, no access to others)
chmod 2770 /home/union
[root@localhost ~]# ls -la /home/ | grep union
drwxrws---. 2 root union 4096 Apr 22 01:43 union
* login as joe1 and try create any file in /home/union
[root@localhost ~]# su - joe1 -c 'echo aa > /home/union/aa'
-bash: /home/union/aa: Permission denied
or su - joe1 then echo aa > /home/union/aa
[root@localhost ~]# su - joe1
[joe1@localhost ~]$ echo aa > /home/union/aa
-bash: /home/union/aa: Permission denied
* login as joe2 and create file
[root@localhost ~]# su - joe2 -c 'echo joe2 line > /home/union/joe2file'
[root@localhost ~]# cat /home/union/joe2file
joe2 line
[root@localhost ~]# ls -la /home/union/joe2file
-rw-rw-r--. 1 joe2 union 10 Apr 22 01:47 /home/union/joe2file
[root@localhost ~]# ls -lZ /home/union/joe2file
-rw-rw-r--. joe2 union unconfined_u:object_r:home_root_t:s0 /home/union/joe2file
* login as joe2 and create directory
[root@localhost ~]# su - joe2 -c 'mkdir /home/union/joe2dir'
[root@localhost ~]# ls -la /home/union/
total 20
drwxrws---. 3 root union 4096 Apr 22 01:48 .
drwxr-xr-x. 7 root root 4096 Apr 22 01:43 ..
drwxrwsr-x. 2 joe2 union 4096 Apr 22 01:48 joe2dir
* login as joe4 and create dir in joe2dir
[root@localhost ~]# su - joe4 -c 'mkdir /home/union/joe2dir/joe4dir'
[root@localhost ~]# ls -la /home/union/joe2dir/
total 12
drwxrwsr-x. 3 joe2 union 4096 Apr 22 01:49 .
drwxrws---. 3 root union 4096 Apr 22 01:48 ..
drwxrwsr-x. 2 joe4 union 4096 Apr 22 01:49 joe4dir
* login as joe4 and add one line to joe2file
su - joe2 -c 'echo joe4 line >> /home/union/joe2file'
cat /home/union/joe2file
[root@localhost ~]# su - joe2 -c 'echo joe4 line >> /home/union/joe2file'
[root@localhost ~]# cat /home/union/joe2file
joe2 line
joe4 line
[root@localhost ~]# ls -la /home/union/joe2file
-rw-rw-r--. 1 joe2 union 20 Apr 22 01:51 /home/union/joe2file
owner joe2 left on file, joe4 add line because of member in union group ;)
* joe3 can't add line to joe2file because is not member of union group
[root@localhost ~]# su - joe3 -c 'echo joe3 line >> /home/union/joe2file'
-bash: /home/union/joe2file: Permission denied
TIP: anyone in union group can do dirs/files and there is no problem with access ;)
7) Create and manage Access Control Lists (ACLs).
* check if file system support acl
mount
...
/dev/mapper/XYZ-test on /test type ext4 (rw)
* in fstab add ACL option
/dev/XYZ/test /test ext4 defaults,acl 1 1
mount -o remount /test
mount and then acl is in line
/dev/mapper/XYZ-test on /test type ext4 (rw,acl)
;)
* prepare catalog test and test.log with some info
mkdir /test/test/
dmesg > /test/test.log
* default permisions
[root@localhost ~]# ls -la /test/test.log
-rw-r--r--. 1 root root 24688 Apr 22 01:59 /test/test.log
[root@localhost ~]# ls -lZa /test/test.log
-rw-r--r--. root root unconfined_u:object_r:file_t:s0 /test/test.log
for directory
drwxr-xr-x. 2 root root 1024 Apr 22 01:58 test
* show acls
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
group::r--
other::r--
* allow user joe2 to edit test.log
setfacl --help as 1st step :)
setfacl -m u:joe2:rwx /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
user:joe2:rwx
group::r--
mask::rwx
other::r--
and try use that file ;)
[root@localhost ~]# su - joe2 -c 'echo test1 > /test/test.log'
[root@localhost ~]# su - joe2 -c 'echo test2 >> /test/test.log'
[root@localhost ~]# cat /test/test.log
test1
test2y
[root@localhost ~]# su - joe1 -c 'echo test > /test/test.log'
-bash: /test/test.log: Permission denied
* allow group xyz (which will have joe1 and joe3) to that file
dissallow group union (and then see that joe2 can work with that file but joe4 can not!)
[root@localhost ~]# setfacl -m g:xyz:rwx /test/test.log
[root@localhost ~]# setfacl -m g:union:- /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
user:joe2:rwx
group::r--
group:union:---
group:xyz:rwx
mask::rwx
other::r--
CHECKING!
[root@localhost ~]# su - joe1 -c 'echo joe1 can because is in xyz >> /test/test.log'
[root@localhost ~]# su - joe3 -c 'echo joe3 can because is in xyz >> /test/test.log'
[root@localhost ~]# su - joe2 -c 'echo joe2 can because is joe2 >> /test/test.log'
[root@localhost ~]# su - joe4 -c 'echo joe4 CAN not because is in union ... >> /test/test.log'
-bash: /test/test.log: Permission denied
[root@localhost ~]# cat /test/test.log
joe2 test1
joe2 test2
joe1 can
joe3 can
joe1 can because is in xyz
joe3 can because is in xyz
joe2 can because is joe2
* remove some acl from file
[root@localhost ~]# setfacl -x u:joe2 /test/test.log
[root@localhost ~]# getfacl /test/test.log
getfacl: Removing leading '/' from absolute path names
# file: test/test.log
# owner: root
# group: root
user::rw-
group::r--
group:union:---
group:xyz:rwx
mask::rwx
other::r--
8) Diagnose and correct file permission problems.
* checking by
ls -la
ls -lZ
getfacl
* then repair ;)
piątek, 19 kwietnia 2013
Self prepare for REDHAT RHCSA EX200 Part 3: Configure local storage
Part 3: Configure local storage
1) List, create, delete, and set partition type for primary, extended, and logical partitions.
* fdisk or parted. fdisk is better for me ;)
* fdisk -l /dev/sda (show/list)
[root@localhost ~]# fdisk -l /dev/sdb
Disk /dev/sdb: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
[root@localhost ~]# fdisk -l /dev/sda
Disk /dev/sda: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00002249
Device Boot Start End Blocks Id System
/dev/sda1 * 1 64 512000 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2 64 1045 7875584 8e Linux LVM
* fdisk /dev/sda(device) then do create, delete whatever
* for disks > 2TB -> use parted, then mklabel gpt, then can set default unit to TB -> 'unit TB'
then do partitions by "mkpart ..." in parted!
2) Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes.
* for my examples in vbox on rhel I will go on sdb(4gb) + sdc(1gb) + sdd (1gb)
* main thing ;)
PV (physical volumes) (storage devices like /dev/sdb1 or /dev/hda1 ...)
VG (volume groups) (grouped storage devices, lets say that in group we can connect sdb1 and hda1 and as result got more place)
LV (logical volumes) (our partitions :) where we can store our data ;) )
* create PV
pvcreate /dev/sdb1 /dev/sdc1 /dev/sdd (yes! can be used sdd ;) )
[root@localhost ~]# pvcreate /dev/sdb1 /dev/sdc1 /dev/sdd
Physical volume "/dev/sdb1" successfully created
Physical volume "/dev/sdc1" successfully created
Physical volume "/dev/sdd" successfully created
* remove PV (at next example I will add sdd to show how to extend that PV ;) )
[root@localhost ~]# pvremove /dev/sdd
Labels on physical volume "/dev/sdd" successfully wiped
* display PV
[root@localhost ~]# pvdisplay
--- Physical volume ---
PV Name /dev/sdb1
VG Name MyName
PV Size 2.00 GiB / not usable 3.32 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 511
Free PE 511
Allocated PE 0
PV UUID rp0Dj3-KO1P-47FL-5XnE-5IVK-cV4m-9vFHIs
--- Physical volume ---
PV Name /dev/sdc1
VG Name MyName
PV Size 1019.72 MiB / not usable 3.72 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 254
Free PE 254
Allocated PE 0
PV UUID rsWkWp-wnOh-YoZ6-DDbj-ywZC-zByc-Yo7Oca
* create VG
[root@localhost ~]# vgcreate MyName /dev/sdb1 /dev/sdc1
Volume group "MyName" successfully created
* delete VG
[root@localhost ~]# vgremove -v MyName
Using volume group(s) on command line
Finding volume group "MyName"
Archiving volume group "MyName" metadata (seqno 1).
Removing physical volume "/dev/sdb1" from volume group "MyName"
Removing physical volume "/dev/sdc1" from volume group "MyName"
Volume group "MyName" successfully removed
* reduce VG
[root@localhost ~]# vgreduce -v MyName /dev/sdc1
Finding volume group "MyName"
Using physical volume(s) on command line
Archiving volume group "MyName" metadata (seqno 1).
Removing "/dev/sdc1" from volume group "MyName"
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 2).
Removed "/dev/sdc1" from volume group "MyName"
New vg size is 2.00 GiB
* extend VG
[root@localhost ~]# vgextend -v MyName /dev/sdc1
Checking for volume group "MyName"
Archiving volume group "MyName" metadata (seqno 2).
Wiping cache of LVM-capable devices
Adding physical volume '/dev/sdc1' to volume group 'MyName'
Volume group "MyName" will be extended by 1 new physical volumes
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 3).
Volume group "MyName" successfully extended
New extended size is ~3GB (2 + 1)
* change vg status by hand
vgchange -a y (activate all)
vgchange -n y (deactivate all)
* create LV (lvcreate -L SIZE -n NAME WHERE)
lvcreate -L 512M -n data MyName
[root@localhost ~]# lvcreate -L 512M -n data MyName
Logical volume "data" created
[root@localhost ~]# lvdisplay
--- Logical volume ---
LV Path /dev/MyName/data
LV Name data
VG Name MyName
LV UUID SAIzgv-J0hv-V0vs-KLIv-9fsS-eT1I-ORhQ6M
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-04-20 01:24:31 +0200
LV Status available
# open 0
LV Size 512.00 MiB
Current LE 128
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:2
* extend LV
[root@localhost ~]# lvextend -v -L +512M /dev/MyName/data
Finding volume group MyName
Archiving volume group "MyName" metadata (seqno 4).
Extending logical volume data to 1.00 GiB
Found volume group "MyName"
Found volume group "MyName"
Loading MyName-data table (253:2)
Suspending MyName-data (253:2) with device flush
Found volume group "MyName"
Resuming MyName-data (253:2)
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 5).
Logical volume data successfully resized
* another extend ;) (prepare small lv and then resize it to 100% of free on VG)
[root@localhost ~]# lvcreate -L 512M -n test MyName
Logical volume "test" created
[root@localhost ~]# lvextend -l 100%FREE /dev/MyName/test
Extending logical volume test to 1.49 GiB
Logical volume test successfully resized
* remove lv
[root@localhost ~]# lvremove /dev/MyName/test
Do you really want to remove active logical volume test? [y/n]: y
Logical volume "test" successfully removed
*** RESIZE fs system when resize LV ***
a) mkfs.ext4 /dev/MyName/data
mkfs.ext4 /dev/MyName/test
b) mkdir /XXX/
mkdir /XXX/data
mkdir /XXX/test
c) mount /dev/MyName/data /XXX/data
mount /dev/MyName/test /XXX/test
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
6.5G 1.1G 5.1G 18% /
tmpfs 250M 0 250M 0% /dev/shm
/dev/sda1 485M 30M 430M 7% /boot
/dev/mapper/MyName-data
1008M 34M 924M 4% /XXX/data
/dev/mapper/MyName-test
504M 17M 462M 4% /XXX/test
d) lets add some data to test (128m)
[root@localhost ~]# lvextend -v -L +128M /dev/MyName/test
Finding volume group MyName
Archiving volume group "MyName" metadata (seqno 9).
Extending logical volume test to 640.00 MiB
e) resize FS/ext4
[root@localhost ~]# resize2fs /dev/MyName/test
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/MyName/test is mounted on /XXX/test; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/MyName/test to 163840 (4k) blocks.
The filesystem on /dev/MyName/test is now 163840 blocks long.
f) final check using df -h command gives
/dev/mapper/MyName-test
630M 17M 582M 3% /XXX/test
was 504, now is 630 ;)
3) Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
* one small partition for crypted data ;) sdd1 has 256M
* add some random data to partition (it can be also LVM ;)) (for 256M it take some time ...)
dd if=/dev/urandom of=/dev/sdd1
dd: writing to `/dev/sdd1': No space left on device
546148+0 records in
546147+0 records out
279627264 bytes (280 MB) copied, 75.4289 s, 3.7 MB/s
* cryptsetup luksFormat /dev/sdd1 (prepare luks format)
[root@localhost ~]# cryptsetup luksFormat /dev/sdd1
WARNING!
========
This will overwrite data on /dev/sdd1 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
* add label for partition
cryptsetup luksOpen /dev/sdd1 mydata
Enter passphrase for /dev/sdd1: (enter passsword)
* preare filesystem on mydata (BUT USE LABELED DEVICE under /dev/mapper!!! CAN'T USE /dev/sdd1!!!!!)
[root@localhost ~]# mkfs.ext4 /dev/mapper/mydata
* mount it somewhere and copy some data
mount /dev/mapper/mydata /media/
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/mydata 257M 11M 234M 5% /media
* preparing for automount in redhat system (remember about >>, because it can be some lines in /etc/crypttab!)
echo "mydata /dev/sdd1" >> /etc/crypttab
mkdir /media/mydata
echo "/dev/mapper/mydata /media/mydata ext4 defaults 1 1" >> /etc/fstab
reboot system to check it or if not need, mount -a
after reboot it should ask for password :D
* another option for that automount using UUID
[root@localhost ~]# blkid /dev/mapper/mydata
/dev/mapper/mydata: UUID="96871128-21c3-4591-9632-973097cad8b5" TYPE="ext4"
and that UUID goes to FSTAB!
take UUID from sdd1
[root@localhost ~]# blkid /dev/sdd1
/dev/sdd1: UUID="6051a2a2-37c6-456c-ad72-ea00edbbf442" TYPE="crypto_LUKS"
and that UUID goes to CRYPTTAB!!!
echo "mydata UUID=6051a2a2-37c6-456c-ad72-ea00edbbf442" >> /etc/crypttab
mkdir /media/mydata
echo "UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1" >> /etc/fstab
4) Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label.
* blkid
[root@localhost ~]# blkid
/dev/sda1: UUID="ca799f51-2805-43d2-a1aa-07c92d1d121d" TYPE="ext4"
/dev/sda2: UUID="bhUaaD-z1Sy-IijR-oC3H-Fhpw-Zfwf-OYmUTJ" TYPE="LVM2_member"
/dev/sdd1: UUID="6051a2a2-37c6-456c-ad72-ea00edbbf442" TYPE="crypto_LUKS"
/dev/mapper/VolGroup-lv_root: UUID="26e56548-0361-47a3-be1f-8d33f2f593df" TYPE="ext4"
/dev/mapper/VolGroup-lv_swap: UUID="9101544f-78c0-448b-96d6-7a0c1c77623e" TYPE="swap"
/dev/mapper/mydata: UUID="96871128-21c3-4591-9632-973097cad8b5" TYPE="ext4"
then in /etc/fstab something like this
UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1
* label option in 2 steps
mkfs.ext4 /dev/sdd2
e2label /dev/sdd2 MyLabel02
check it ;)
[root@localhost ~]# blkid /dev/sdd2
/dev/sdd2: LABEL="MyLabel02" UUID="41c9e8d1-edc1-4fa5-90ff-3678618bed63" TYPE="ext4"
* or label option in 1 step
mkfs.ext4 -L MyLabel /dev/sdd2
and check it ;)
[root@localhost ~]# blkid /dev/sdd2
/dev/sdd2: LABEL="MyLabel" UUID="2c8dc3db-87e5-465e-8c71-0fbbe0ab582c" TYPE="ext4"
then in /etc/fstab add something like this
LABEL=MyLabel /mynew_data ext4 defaults 1 2
then mount -a; mount to check mounted /mynew_data
result: /dev/sdd2 on /mynew_data type ext4 (rw)
5) Add new partitions and logical volumes, and swap to a system non-destructively.
* fdisk -cu /dev/disk, partitions, like swap, linux, lvm whatever
* do pg/vg/lv, whatever
* mkswap /dev/device; swapon /dev/device
* check swaps -> swapon -s
1) List, create, delete, and set partition type for primary, extended, and logical partitions.
* fdisk or parted. fdisk is better for me ;)
* fdisk -l /dev/sda (show/list)
[root@localhost ~]# fdisk -l /dev/sdb
Disk /dev/sdb: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
[root@localhost ~]# fdisk -l /dev/sda
Disk /dev/sda: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00002249
Device Boot Start End Blocks Id System
/dev/sda1 * 1 64 512000 83 Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2 64 1045 7875584 8e Linux LVM
* fdisk /dev/sda(device) then do create, delete whatever
* for disks > 2TB -> use parted, then mklabel gpt, then can set default unit to TB -> 'unit TB'
then do partitions by "mkpart ..." in parted!
2) Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes.
* for my examples in vbox on rhel I will go on sdb(4gb) + sdc(1gb) + sdd (1gb)
* main thing ;)
PV (physical volumes) (storage devices like /dev/sdb1 or /dev/hda1 ...)
VG (volume groups) (grouped storage devices, lets say that in group we can connect sdb1 and hda1 and as result got more place)
LV (logical volumes) (our partitions :) where we can store our data ;) )
* create PV
pvcreate /dev/sdb1 /dev/sdc1 /dev/sdd (yes! can be used sdd ;) )
[root@localhost ~]# pvcreate /dev/sdb1 /dev/sdc1 /dev/sdd
Physical volume "/dev/sdb1" successfully created
Physical volume "/dev/sdc1" successfully created
Physical volume "/dev/sdd" successfully created
* remove PV (at next example I will add sdd to show how to extend that PV ;) )
[root@localhost ~]# pvremove /dev/sdd
Labels on physical volume "/dev/sdd" successfully wiped
* display PV
[root@localhost ~]# pvdisplay
--- Physical volume ---
PV Name /dev/sdb1
VG Name MyName
PV Size 2.00 GiB / not usable 3.32 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 511
Free PE 511
Allocated PE 0
PV UUID rp0Dj3-KO1P-47FL-5XnE-5IVK-cV4m-9vFHIs
--- Physical volume ---
PV Name /dev/sdc1
VG Name MyName
PV Size 1019.72 MiB / not usable 3.72 MiB
Allocatable yes
PE Size 4.00 MiB
Total PE 254
Free PE 254
Allocated PE 0
PV UUID rsWkWp-wnOh-YoZ6-DDbj-ywZC-zByc-Yo7Oca
* create VG
[root@localhost ~]# vgcreate MyName /dev/sdb1 /dev/sdc1
Volume group "MyName" successfully created
* delete VG
[root@localhost ~]# vgremove -v MyName
Using volume group(s) on command line
Finding volume group "MyName"
Archiving volume group "MyName" metadata (seqno 1).
Removing physical volume "/dev/sdb1" from volume group "MyName"
Removing physical volume "/dev/sdc1" from volume group "MyName"
Volume group "MyName" successfully removed
* reduce VG
[root@localhost ~]# vgreduce -v MyName /dev/sdc1
Finding volume group "MyName"
Using physical volume(s) on command line
Archiving volume group "MyName" metadata (seqno 1).
Removing "/dev/sdc1" from volume group "MyName"
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 2).
Removed "/dev/sdc1" from volume group "MyName"
New vg size is 2.00 GiB
* extend VG
[root@localhost ~]# vgextend -v MyName /dev/sdc1
Checking for volume group "MyName"
Archiving volume group "MyName" metadata (seqno 2).
Wiping cache of LVM-capable devices
Adding physical volume '/dev/sdc1' to volume group 'MyName'
Volume group "MyName" will be extended by 1 new physical volumes
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 3).
Volume group "MyName" successfully extended
New extended size is ~3GB (2 + 1)
* change vg status by hand
vgchange -a y (activate all)
vgchange -n y (deactivate all)
* create LV (lvcreate -L SIZE -n NAME WHERE)
lvcreate -L 512M -n data MyName
[root@localhost ~]# lvcreate -L 512M -n data MyName
Logical volume "data" created
[root@localhost ~]# lvdisplay
--- Logical volume ---
LV Path /dev/MyName/data
LV Name data
VG Name MyName
LV UUID SAIzgv-J0hv-V0vs-KLIv-9fsS-eT1I-ORhQ6M
LV Write Access read/write
LV Creation host, time localhost.localdomain, 2013-04-20 01:24:31 +0200
LV Status available
# open 0
LV Size 512.00 MiB
Current LE 128
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:2
* extend LV
[root@localhost ~]# lvextend -v -L +512M /dev/MyName/data
Finding volume group MyName
Archiving volume group "MyName" metadata (seqno 4).
Extending logical volume data to 1.00 GiB
Found volume group "MyName"
Found volume group "MyName"
Loading MyName-data table (253:2)
Suspending MyName-data (253:2) with device flush
Found volume group "MyName"
Resuming MyName-data (253:2)
Creating volume group backup "/etc/lvm/backup/MyName" (seqno 5).
Logical volume data successfully resized
* another extend ;) (prepare small lv and then resize it to 100% of free on VG)
[root@localhost ~]# lvcreate -L 512M -n test MyName
Logical volume "test" created
[root@localhost ~]# lvextend -l 100%FREE /dev/MyName/test
Extending logical volume test to 1.49 GiB
Logical volume test successfully resized
* remove lv
[root@localhost ~]# lvremove /dev/MyName/test
Do you really want to remove active logical volume test? [y/n]: y
Logical volume "test" successfully removed
*** RESIZE fs system when resize LV ***
a) mkfs.ext4 /dev/MyName/data
mkfs.ext4 /dev/MyName/test
b) mkdir /XXX/
mkdir /XXX/data
mkdir /XXX/test
c) mount /dev/MyName/data /XXX/data
mount /dev/MyName/test /XXX/test
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
6.5G 1.1G 5.1G 18% /
tmpfs 250M 0 250M 0% /dev/shm
/dev/sda1 485M 30M 430M 7% /boot
/dev/mapper/MyName-data
1008M 34M 924M 4% /XXX/data
/dev/mapper/MyName-test
504M 17M 462M 4% /XXX/test
d) lets add some data to test (128m)
[root@localhost ~]# lvextend -v -L +128M /dev/MyName/test
Finding volume group MyName
Archiving volume group "MyName" metadata (seqno 9).
Extending logical volume test to 640.00 MiB
e) resize FS/ext4
[root@localhost ~]# resize2fs /dev/MyName/test
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/MyName/test is mounted on /XXX/test; on-line resizing required
old desc_blocks = 1, new_desc_blocks = 1
Performing an on-line resize of /dev/MyName/test to 163840 (4k) blocks.
The filesystem on /dev/MyName/test is now 163840 blocks long.
f) final check using df -h command gives
/dev/mapper/MyName-test
630M 17M 582M 3% /XXX/test
was 504, now is 630 ;)
3) Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
* one small partition for crypted data ;) sdd1 has 256M
* add some random data to partition (it can be also LVM ;)) (for 256M it take some time ...)
dd if=/dev/urandom of=/dev/sdd1
dd: writing to `/dev/sdd1': No space left on device
546148+0 records in
546147+0 records out
279627264 bytes (280 MB) copied, 75.4289 s, 3.7 MB/s
* cryptsetup luksFormat /dev/sdd1 (prepare luks format)
[root@localhost ~]# cryptsetup luksFormat /dev/sdd1
WARNING!
========
This will overwrite data on /dev/sdd1 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
* add label for partition
cryptsetup luksOpen /dev/sdd1 mydata
Enter passphrase for /dev/sdd1: (enter passsword)
* preare filesystem on mydata (BUT USE LABELED DEVICE under /dev/mapper!!! CAN'T USE /dev/sdd1!!!!!)
[root@localhost ~]# mkfs.ext4 /dev/mapper/mydata
* mount it somewhere and copy some data
mount /dev/mapper/mydata /media/
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/mydata 257M 11M 234M 5% /media
* preparing for automount in redhat system (remember about >>, because it can be some lines in /etc/crypttab!)
echo "mydata /dev/sdd1" >> /etc/crypttab
mkdir /media/mydata
echo "/dev/mapper/mydata /media/mydata ext4 defaults 1 1" >> /etc/fstab
reboot system to check it or if not need, mount -a
after reboot it should ask for password :D
* another option for that automount using UUID
[root@localhost ~]# blkid /dev/mapper/mydata
/dev/mapper/mydata: UUID="96871128-21c3-4591-9632-973097cad8b5" TYPE="ext4"
and that UUID goes to FSTAB!
take UUID from sdd1
[root@localhost ~]# blkid /dev/sdd1
/dev/sdd1: UUID="6051a2a2-37c6-456c-ad72-ea00edbbf442" TYPE="crypto_LUKS"
and that UUID goes to CRYPTTAB!!!
echo "mydata UUID=6051a2a2-37c6-456c-ad72-ea00edbbf442" >> /etc/crypttab
mkdir /media/mydata
echo "UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1" >> /etc/fstab
4) Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label.
* blkid
[root@localhost ~]# blkid
/dev/sda1: UUID="ca799f51-2805-43d2-a1aa-07c92d1d121d" TYPE="ext4"
/dev/sda2: UUID="bhUaaD-z1Sy-IijR-oC3H-Fhpw-Zfwf-OYmUTJ" TYPE="LVM2_member"
/dev/sdd1: UUID="6051a2a2-37c6-456c-ad72-ea00edbbf442" TYPE="crypto_LUKS"
/dev/mapper/VolGroup-lv_root: UUID="26e56548-0361-47a3-be1f-8d33f2f593df" TYPE="ext4"
/dev/mapper/VolGroup-lv_swap: UUID="9101544f-78c0-448b-96d6-7a0c1c77623e" TYPE="swap"
/dev/mapper/mydata: UUID="96871128-21c3-4591-9632-973097cad8b5" TYPE="ext4"
then in /etc/fstab something like this
UUID=96871128-21c3-4591-9632-973097cad8b5 /media/mydata ext4 defaults 1 1
* label option in 2 steps
mkfs.ext4 /dev/sdd2
e2label /dev/sdd2 MyLabel02
check it ;)
[root@localhost ~]# blkid /dev/sdd2
/dev/sdd2: LABEL="MyLabel02" UUID="41c9e8d1-edc1-4fa5-90ff-3678618bed63" TYPE="ext4"
* or label option in 1 step
mkfs.ext4 -L MyLabel /dev/sdd2
and check it ;)
[root@localhost ~]# blkid /dev/sdd2
/dev/sdd2: LABEL="MyLabel" UUID="2c8dc3db-87e5-465e-8c71-0fbbe0ab582c" TYPE="ext4"
then in /etc/fstab add something like this
LABEL=MyLabel /mynew_data ext4 defaults 1 2
then mount -a; mount to check mounted /mynew_data
result: /dev/sdd2 on /mynew_data type ext4 (rw)
5) Add new partitions and logical volumes, and swap to a system non-destructively.
* fdisk -cu /dev/disk, partitions, like swap, linux, lvm whatever
* do pg/vg/lv, whatever
* mkswap /dev/device; swapon /dev/device
* check swaps -> swapon -s
Subskrybuj:
Posty (Atom)