Stay at Home!! Be Safe!! Take Care!!

For Any queries, please mail us at support@funoracleapps.com

How to setup SAMBA in Linux

How to setup SAMBA in Linux


In this post I am going to share steps to configure Samba in Linux.

For this I have created 2 virtual machines out of which once will act as client and other will act as server.

1) Centos1home.lab--Server Machine for Samba
2) Centos2home.lab--Client Machine which will access Samba Shared file system.


Setup on Server Machine:


• Install samba packages
# Become root user
# yum install samba samba-client samba-common

Samba Server

• Enable samba to be allowed through firewall (Only if you have firewall running)
# firewall-cmd --permanent --zone=public --add-service=samba

[root@centos1home ~]# firewall-cmd --permanent --zone=public --add-service=samba
success

# firewall-cmd --reload

[root@centos1home ~]# firewall-cmd --reload
success


• To stop and disable firewall or iptables(Optional)
# systemctl stop firewalld
# systemctl stop iptables
# systemctl disable firewalld
# systemctl disable iptables

• Create Samba share directory and assign permissions
# mkdir -p /funoracleapps/samba
# chmod a+rwx /funoracleapps/samba
# chown -R nobody:nobody /funoracleapps

[root@centos1home ~]# ls -ld /funoracleapps/samba
drwxrwxrwx. 2 nobody nobody 6 Jun  1 13:18 /funoracleapps/samba

• We need to change the SELinux security context for the samba shared
directory as follows: (Only if you have SELinux enabled)
# chcon -t samba_share_t /funoracleapps/samba

• If you want to disable SELinux, follow these instructions(Optional)
# sestatus (To check the SELinux status)

# vi /etc/selinux/config
Change
SELINUX=enforcing
To
SELINUX=disabled

# reboot

• Modify /etc/samba/smb.conf file to add new shared filesystem (Make sure to
create a copy of smb.conf file)
Delete everything from smb.conf file and add the following parameters
[global]
workgroup = WORKGROUP
netbios name = centos
security = user
map to guest = bad user
dns proxy = no
[Anonymous]
path = /funoracleapps/samba
browsable = yes
writable = yes
guest ok = yes
guest only = yes
read only = no

• Verify the Samba Configuration setting
# testparm

[root@centos1home ~]# testparm
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Server role: ROLE_STANDALONE

Press enter to see a dump of your service definitions

# Global parameters
[global]
	dns proxy = No
	map to guest = Bad User
	netbios name = CENTOS
	security = USER
	idmap config * : backend = tdb


[Anonymous]
	guest ok = Yes
	guest only = Yes
	path = /funoracleapps/samba
	read only = No

• Once the packages are installed, enable and start Samba services
# systemctl enable smb
# systemctl enable nmb
# systemctl start smb
# systemctl start nmb




Server is configured successfully

Mount on Windows client

  • Go to start
  • Go to search bar
  • Type \\192.168.56.101 (This is my server IP, you can check in CentOS IP by running the command ifconfig)

Mount on Linux client

Become root
# yum -y install cifs-utils samba-client

Samba Client


Create a mount point directory

# mkdir -p /him/funsambashare/

Mount the samba share
# mount -t cifs //192.168.56.101/Anonymous /him/funsambashare/
# Enter root  password

Samba Filesystem

How to Install Rar/Unrar in Linux

How to Install Rar/Unrar in Linux


RAR is tool for creating/extracting compressed archive (.rar) files. 


Steps to Install on RHEL/Centos

# cd /usr/src (Or any other folder)
# wget https://www.rarlab.com/rar/rarlinux-x64-5.6.0.tar.gz
# tar -zxvf rarlinux-x64-5.6.0.tar.gz
# cd rar
# sudo cp -v rar unrar /usr/local/bin/


Steps to install on Debian and Ubuntu based distributions

$ sudo apt-get install unrar
or
$ sudo apt install unrar

How to find the current patchset levels for products in Oracle Apps

How to find the current patchset levels for products in Oracle Apps


To obtain the current patchset levels for each specific E-Business Suite functional product test the following steps:

1. Log into OAM.
(Responsibility System Administrator,"Oracle Applications Manager", menu "OAM Support Cart") 
and Navigate:

2. Support Cart --> Applications Signature --> Collect --> Check "Product Information" box
--> Click on "View" (eyeglasses)
This will display the following patchset information:
Application Name
Current Patch Level
Product Version
Status (Installed, Shared Product, Inactive)

3. The patchset level information can be retrieved directly from sqlplus with the following diagnostic script:
$AD_TOP/sql/adutconf.sql

Important Queries Related to Undo in Oracle

Important Queries Related to Undo in Oracle


To find retention guarantee for undo tablespace

select tablespace_name,status,contents,retention from dba_tablespaces where tablespace_name like '%UNDO%';

To find Undo Space Availability

select a.tablespace_name, SIZEMB, USAGEMB, (SIZEMB - USAGEMB) FREEMB
from (select sum(bytes) / 1024 / 1024 SIZEMB, b.tablespace_name
from dba_data_files a, dba_tablespaces b
where a.tablespace_name = b.tablespace_name
and b.contents = 'UNDO'
group by b.tablespace_name) a,
(select c.tablespace_name, sum(bytes) / 1024 / 1024 USAGEMB
from DBA_UNDO_EXTENTS c
where status <> 'EXPIRED'
group by c.tablespace_name) b
where a.tablespace_name = b.tablespace_name;

To show ACTIVE/EXPIRED/UNEXPIRED Extents of Undo Tablespace

select status,
  round(sum_bytes / (1024*1024), 0) as MB,
  round((sum_bytes / undo_size) * 100, 0) as PERC
from
(
  select status, sum(bytes) sum_bytes
  from dba_undo_extents
  group by status
),
(
  select sum(a.bytes) undo_size
  from dba_tablespaces c
    join v$tablespace b on b.name = c.tablespace_name
    join v$datafile a on a.ts# = b.ts#
  where c.contents = 'UNDO'
    and c.status = 'ONLINE'
);

To find Undo Retention Value

show parameter undo_retention;


Undo retention in hours

col "Retention" for a30
col name for a30
col value for a50
select name "Retention",value/60/60 "Hours" from v$parameter where name like '%undo_retention%';


Session Details Consuming Undo


SELECT s.inst_id,
        r.name                   rbs,
        nvl(s.username, 'None')  oracle_user,
        s.osuser                 client_user,
        p.username               unix_user,
        to_char(s.sid)||','||to_char(s.serial#) as sid_serial,
        p.spid                   unix_pid,
        TO_CHAR(s.logon_time, 'mm/dd/yy hh24:mi:ss') as login_time,
        t.used_ublk * 8192  as undo_BYTES,
                st.sql_text as sql_text
   FROM gv$process     p,
        v$rollname     r,
        gv$session     s,
        gv$transaction t,
        gv$sqlarea     st
  WHERE p.inst_id=s.inst_id
    AND p.inst_id=t.inst_id
    AND s.inst_id=st.inst_id
    AND s.taddr = t.addr
    AND s.paddr = p.addr(+)
    AND r.usn   = t.xidusn(+)
    AND s.sql_address = st.address
  AND t.used_ublk * 8192 > 1073741824
  ORDER
       BY undo_BYTES desc
/


To check space related statistics of  UndoTablespace from v$undostat

select
sum(ssolderrcnt) "Total ORA-1555s",
round(max(maxquerylen)/60/60) "Max Query HRS",
sum(unxpstealcnt) "UNExpired STEALS",
sum(expstealcnt) "Expired STEALS"
from v$undostat
order by begin_time;

Find Undo Segments related to users


select  s.sid,s.serial#,username,s.machine,
t.used_ublk ,t.used_urec,(rs.rssize)/1024/1024 MB,rn.name
from    v$transaction t,v$session s,v$rollstat rs, v$rollname rn
where   t.addr=s.taddr and rs.usn=rn.usn and rs.usn=t.xidusn and rs.xacts>0;

Locking and Disabling User Accounts in Linux

Locking and Disabling User Accounts in Linux


1. Locking the user account
To lock a user account use the command usermod -L or passwd -l. Both the commands adds an exclamation mark (“!”) in the second field of the file /etc/shadow.It has to be executed by either bob/privilaged user.
It will deny any access which would be done directly using su or with ssh.

# usermod -L bob
or

 
# passwd -l bob

Verify if the user account is locked.
Check for the flag *LK* in the below command output which indicates that the account is locked.

# passwd --status bob
bob *LK* 2020-05-01 0 45 7 -1 (Password set, SHA512 crypt.)

Try to Login

[himanshu@lcfs ~]$ su - bob
Password: 
su: Authentication failure

But with SSH key still connecting

[himanshu@lcfs ~]$ ssh bob@lcfs.lab
Welcome to Himanshu's Server Remote Login!
Last failed login: Fri May 15 17:52:08 IST 2020 on pts/1
There was 1 failed login attempt since the last successful login.
Last login: Fri May 15 17:51:07 2020 from lcfs.lab


2. Expiring the user account

The problem with above menthod is that if ssh password less key setup is done, then the user can still login via ssh using the keys.


# chage -E0 bob
Expiring an account via use of the 8th field in /etc/shadow (using “chage -E”) will block all access methods that use PAM to authenticate a user.


Verify if the account has been expired.


# chage -l bob
Last password change                                    : Apr 17, 2020
Password expires                                        : never
Password inactive                                       : never
Account expires                                         : Jan 01, 1970
Minimum number of days between password change          : 0
Maximum number of days between password change          : 999999
Number of days of warning before password expires       : 7


Try Login

[himanshu@lcfs ~]$ ssh bob@lcfs.lab
Welcome to Himanshu's Server Remote Login!
Your account has expired; please contact your system administrator
Authentication failed.

So normally I prefer to lock and expire the user account both for better security.

3. Changing the shell to no login
We can also change the default shell of the user to /sbin/nologin so that the user do not get any login shell when he tries to login into the system.

# usermod -s /sbin/nologin bob
You can check for the 7th and last field in /etc/passwd for the change of shell to /sbin/nologin.

Verify for no login shell


# grep ^bob /etc/passwd
bob:x:1001:1001:bob:/bob:/sbin/nologin

Globbing/Wildcards in Linux

Globbing/Wildcards in Linux


Globbing in linux is referred to the use of wildcards. Wildcards, in the Linux file system, allow you to refer to files in a flexible way. 

Types of  Wildcards  in Linux

1) * - Star is for everything. Unlimited number of characters. 
example:
ls *
It will give all file names in the current directory, no matter how long they are. 

ls a*

All files starting with a

2) ? - Question mark is for one single character. 
example:
ls ?

It will give all filesname with single character

3) [] - Square brackets, you can specify a range. 

example:
ls [a-c]

It will search with filenames as a, b, or c. It's a range. 

We can combine them with other wildcards as well.

example:
ls [a-c]*

It will show all files names starting with a or b or c.

example:

ls ?[z-s]*

It will show you all files where the second character is a z or an s. 

example:

ls *?

star already covers all characters and if we put anything behind a star, that makes no sense, especially if you make that star question mark. 


example:

ls *?[a-c]
It will mean all files that have a letter(a/b/c) on the last position. In this case, the file name must be at least two characters long.

Installing and Removing Packages in Linux using Yum

Installing and Removing Packages in Linux using Yum

To install/remove a package in linux using yum we have to use root or privilaged user.Package will install all the dependencies as well.


Install package
yum install <package name>

yum install zip


Only Download RPM

yum install --downloadonly --downloaddir=/tmp

Install from local rpm

yum localinstall  <rpm name>


Re-install a package

yum reinstall <package name>


Re-install while skipping a dependencies which is not available in repository

yum reinstall  --skip-broken <package name>

Upgrade a package

yum upgrade <package name>

Remove a package
It will only remove package and dont remove any dependency

yum remove <package name>

Remove package and its dependencies

yum autoremove <package name>