How to setup SAMBA in Linux
How to setup SAMBA in Linux
In this post I am going to share steps to configure Samba in Linux.
For this I have created 2 virtual machines out of which once will act as client and other will act as server.
1) Centos1home.lab--Server Machine for Samba
2) Centos2home.lab--Client Machine which will access Samba Shared file system.
Setup on Server Machine:
• Install samba packages
# Become root user
# yum install samba samba-client samba-common
• Enable samba to be allowed through firewall (Only if you have firewall running)
# firewall-cmd --permanent --zone=public --add-service=samba
[root@centos1home ~]# firewall-cmd --permanent --zone=public --add-service=samba success
# firewall-cmd --reload
[root@centos1home ~]# firewall-cmd --reload success
• To stop and disable firewall or iptables(Optional)
# systemctl stop firewalld
# systemctl stop iptables
# systemctl disable firewalld
# systemctl disable iptables
• Create Samba share directory and assign permissions
# mkdir -p /funoracleapps/samba
# chmod a+rwx /funoracleapps/samba
# chown -R nobody:nobody /funoracleapps
[root@centos1home ~]# ls -ld /funoracleapps/samba
drwxrwxrwx. 2 nobody nobody 6 Jun 1 13:18 /funoracleapps/samba
• We need to change the SELinux security context for the samba shared
directory as follows: (Only if you have SELinux enabled)
# chcon -t samba_share_t /funoracleapps/samba
• If you want to disable SELinux, follow these instructions(Optional)
# sestatus (To check the SELinux status)
# vi /etc/selinux/config
Change
SELINUX=enforcing
To
SELINUX=disabled
# reboot
• Modify /etc/samba/smb.conf file to add new shared filesystem (Make sure to
create a copy of smb.conf file)
Delete everything from smb.conf file and add the following parameters
[global]
workgroup = WORKGROUP
netbios name = centos
security = user
map to guest = bad user
dns proxy = no
[Anonymous]
path = /funoracleapps/samba
browsable = yes
writable = yes
guest ok = yes
guest only = yes
read only = no
• Verify the Samba Configuration setting
# testparm
[root@centos1home ~]# testparm Load smb config files from /etc/samba/smb.conf Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions # Global parameters [global] dns proxy = No map to guest = Bad User netbios name = CENTOS security = USER idmap config * : backend = tdb [Anonymous] guest ok = Yes guest only = Yes path = /funoracleapps/samba read only = No
• Once the packages are installed, enable and start Samba services
# systemctl enable smb
# systemctl enable nmb
# systemctl start smb
# systemctl start nmb
Server is configured successfully
Mount on Windows client
- Go to start
- Go to search bar
- Type \\192.168.56.101 (This is my server IP, you can check in CentOS IP by running the command ifconfig)
Mount on Linux client
Become root
# yum -y install cifs-utils samba-client
Create a mount point directory
# mkdir -p /him/funsambashare/
Mount the samba share
# mount -t cifs //192.168.56.101/Anonymous /him/funsambashare/
# Enter root password
How to Install Rar/Unrar in Linux
How to Install Rar/Unrar in Linux
RAR is tool for creating/extracting compressed archive (.rar) files.
Steps to Install on RHEL/Centos
# cd /usr/src (Or any other folder)
# wget https://www.rarlab.com/rar/rarlinux-x64-5.6.0.tar.gz
# tar -zxvf rarlinux-x64-5.6.0.tar.gz
# cd rar
# sudo cp -v rar unrar /usr/local/bin/
Steps to install on Debian and Ubuntu based distributions
$ sudo apt-get install unrar
or
$ sudo apt install unrar
How to find the current patchset levels for products in Oracle Apps
How to find the current patchset levels for products in Oracle Apps
To obtain the current patchset levels for each specific E-Business Suite functional product test the following steps:
1. Log into OAM.
(Responsibility System Administrator,"Oracle Applications Manager", menu "OAM Support Cart")
and Navigate:
2. Support Cart --> Applications Signature --> Collect --> Check "Product Information" box
--> Click on "View" (eyeglasses)
This will display the following patchset information:
Application Name
Current Patch Level
Product Version
Status (Installed, Shared Product, Inactive)
3. The patchset level information can be retrieved directly from sqlplus with the following diagnostic script:
$AD_TOP/sql/adutconf.sql
Important Queries Related to Undo in Oracle
Important Queries Related to Undo in Oracle
To find retention guarantee for undo tablespace
select tablespace_name,status,contents,retention from dba_tablespaces where tablespace_name like '%UNDO%';
To find Undo Space Availability
select a.tablespace_name, SIZEMB, USAGEMB, (SIZEMB - USAGEMB) FREEMB
from (select sum(bytes) / 1024 / 1024 SIZEMB, b.tablespace_name
from dba_data_files a, dba_tablespaces b
where a.tablespace_name = b.tablespace_name
and b.contents = 'UNDO'
group by b.tablespace_name) a,
(select c.tablespace_name, sum(bytes) / 1024 / 1024 USAGEMB
from DBA_UNDO_EXTENTS c
where status <> 'EXPIRED'
group by c.tablespace_name) b
where a.tablespace_name = b.tablespace_name;
To show ACTIVE/EXPIRED/UNEXPIRED Extents of Undo Tablespace
select status,
round(sum_bytes / (1024*1024), 0) as MB,
round((sum_bytes / undo_size) * 100, 0) as PERC
from
(
select status, sum(bytes) sum_bytes
from dba_undo_extents
group by status
),
(
select sum(a.bytes) undo_size
from dba_tablespaces c
join v$tablespace b on b.name = c.tablespace_name
join v$datafile a on a.ts# = b.ts#
where c.contents = 'UNDO'
and c.status = 'ONLINE'
);
To find Undo Retention Value
show parameter undo_retention;
Undo retention in hours
col "Retention" for a30
col name for a30
col value for a50
select name "Retention",value/60/60 "Hours" from v$parameter where name like '%undo_retention%';
Session Details Consuming Undo
SELECT s.inst_id,
r.name rbs,
nvl(s.username, 'None') oracle_user,
s.osuser client_user,
p.username unix_user,
to_char(s.sid)||','||to_char(s.serial#) as sid_serial,
p.spid unix_pid,
TO_CHAR(s.logon_time, 'mm/dd/yy hh24:mi:ss') as login_time,
t.used_ublk * 8192 as undo_BYTES,
st.sql_text as sql_text
FROM gv$process p,
v$rollname r,
gv$session s,
gv$transaction t,
gv$sqlarea st
WHERE p.inst_id=s.inst_id
AND p.inst_id=t.inst_id
AND s.inst_id=st.inst_id
AND s.taddr = t.addr
AND s.paddr = p.addr(+)
AND r.usn = t.xidusn(+)
AND s.sql_address = st.address
AND t.used_ublk * 8192 > 1073741824
ORDER
BY undo_BYTES desc
/
To check space related statistics of UndoTablespace from v$undostat
select
sum(ssolderrcnt) "Total ORA-1555s",
round(max(maxquerylen)/60/60) "Max Query HRS",
sum(unxpstealcnt) "UNExpired STEALS",
sum(expstealcnt) "Expired STEALS"
from v$undostat
order by begin_time;
Find Undo Segments related to users
select s.sid,s.serial#,username,s.machine,
t.used_ublk ,t.used_urec,(rs.rssize)/1024/1024 MB,rn.name
from v$transaction t,v$session s,v$rollstat rs, v$rollname rn
where t.addr=s.taddr and rs.usn=rn.usn and rs.usn=t.xidusn and rs.xacts>0;
Locking and Disabling User Accounts in Linux
Locking and Disabling User Accounts in Linux
1. Locking the user account
To lock a user account use the command usermod -L or passwd -l. Both the commands adds an exclamation mark (“!”) in the second field of the file /etc/shadow.It has to be executed by either bob/privilaged user.
It will deny any access which would be done directly using su or with ssh.
# usermod -L bob
or
# passwd -l bob
Verify if the user account is locked.
Check for the flag *LK* in the below command output which indicates that the account is locked.
# passwd --status bob
bob *LK* 2020-05-01 0 45 7 -1 (Password set, SHA512 crypt.)
Try to Login
[himanshu@lcfs ~]$ su - bob
Password:
su: Authentication failure
But with SSH key still connecting
[himanshu@lcfs ~]$ ssh bob@lcfs.lab
Welcome to Himanshu's Server Remote Login!
Last failed login: Fri May 15 17:52:08 IST 2020 on pts/1
There was 1 failed login attempt since the last successful login.
Last login: Fri May 15 17:51:07 2020 from lcfs.lab
2. Expiring the user account
The problem with above menthod is that if ssh password less key setup is done, then the user can still login via ssh using the keys.
# chage -E0 bob
Expiring an account via use of the 8th field in /etc/shadow (using “chage -E”) will block all access methods that use PAM to authenticate a user.
Verify if the account has been expired.
# chage -l bob
Last password change : Apr 17, 2020
Password expires : never
Password inactive : never
Account expires : Jan 01, 1970
Minimum number of days between password change : 0
Maximum number of days between password change : 999999
Number of days of warning before password expires : 7
Try Login
[himanshu@lcfs ~]$ ssh bob@lcfs.lab
Welcome to Himanshu's Server Remote Login!
Your account has expired; please contact your system administrator
Authentication failed.
So normally I prefer to lock and expire the user account both for better security.
3. Changing the shell to no login
We can also change the default shell of the user to /sbin/nologin so that the user do not get any login shell when he tries to login into the system.
# usermod -s /sbin/nologin bob
You can check for the 7th and last field in /etc/passwd for the change of shell to /sbin/nologin.
Verify for no login shell
# grep ^bob /etc/passwd
bob:x:1001:1001:bob:/bob:/sbin/nologin
Globbing/Wildcards in Linux
Globbing/Wildcards in Linux
Globbing in linux is referred to the use of wildcards. Wildcards, in the Linux file system, allow you to refer to files in a flexible way.
Types of Wildcards in Linux
1) * - Star is for everything. Unlimited number of characters.
example:
ls *
It will give all file names in the current directory, no matter how long they are.
ls a*
All files starting with a
2) ? - Question mark is for one single character.
example:
ls ?
It will give all filesname with single character
3) [] - Square brackets, you can specify a range.
example:
ls [a-c]
It will search with filenames as a, b, or c. It's a range.
We can combine them with other wildcards as well.
example:
ls [a-c]*
It will show all files names starting with a or b or c.
example:
ls ?[z-s]*
It will show you all files where the second character is a z or an s.
example:
ls *?
star already covers all characters and if we put anything behind a star, that makes no sense, especially if you make that star question mark.
example:
ls *?[a-c]
It will mean all files that have a letter(a/b/c) on the last position. In this case, the file name must be at least two characters long.
Installing and Removing Packages in Linux using Yum
Installing and Removing Packages in Linux using Yum
To install/remove a package in linux using yum we have to use root or privilaged user.Package will install all the dependencies as well.
Install package
yum install <package name>
yum install zip
Only Download RPM
yum install --downloadonly --downloaddir=/tmp
Install from local rpm
yum localinstall <rpm name>
Re-install a package
yum reinstall <package name>
Re-install while skipping a dependencies which is not available in repository
yum reinstall --skip-broken <package name>
Upgrade a package
yum upgrade <package name>
Remove a package
It will only remove package and dont remove any dependency
yum remove <package name>
Remove package and its dependencies
yum autoremove <package name>
Subscribe to:
Posts
(
Atom
)
