Skip to main content

Posts

Showing posts from February, 2019

Thank you All! I've a surprise for you :)

Many thanks to all of my followers and those who have commented on my posts, and/or replied to my comments. It means a lot. Everyone is so kind, helpful and welcoming, making this blogging journey even more amazing! It's so awesome to see my hobby grow into something even more amazing, Thank you so so much! hope this blog continues to grow!  I received so many request to start writing on Linux from basic so that they can learn Linux. The topics I covered in previous posts were only helpful for more than a years experienced Linux Administrator but not for the those who are new on Linux and planning to learn Linux. So on demand I am starting a series of posts and writing on Linux Administration but won't be able to give very much time on it due to some other priorities. I will try to post at least two posts in a week, requesting you to please practice and let me know if there are any issues/concerns. If you do so I guarantee that at the end of series you will be very...

AIDE(Advanced Intrusion Detection Environment)

Context:- IPS( Intrusion Prevention System ) - A mechanism which help us to prevent intrusions IDS( Intrusion Detection System ) - A mechanism which help us to detect intrusions. Here I will discuss about Intrusion Detection System for file system (files/directories). Normally we listen IDS/IPS this at network and firewall level but this post is for file system. There are some very critical and sensitive files and directories in our system, a small change in these type file may change the system functionality completely and also might compromised with security. Let's have some example. [root@localhost ~]# ll /etc/shadow ----------. 1 root root 1023 Jan 22 16:36 /etc/shadow [root@localhost ~]# ll /etc/passwd -rw-r--r--. 1 root root 1615 Jan 22 14:28 /etc/passwd If some how I have removed 'x'(password link to shadow file for root user)  from /etc/passwd file root user configuration, system won't ask for password when you try to access with root user, and if s...

LVM - Logical Volume Manager

This post will help you to know about below, What is the use of LVM? What is LVM? How to create LVM? How to do LVM resize? Why by default root partition is create using LVM? How to diagnosis and troubleshoot LVM issues? Let's suppose you have three hard disk of below size- Hard disk1 - 100GB Hard disk2 - 200GB  Few usage of LVM(use cases)? 1. Total available storage in your system is 300GB, and you have a requirement to store a file of size 250GB without split/cut. However total space is available in the system but you can't store that file because you don't have a single slot of 250GB. 2. Let's suppose you have a 250 GB file and want to store in your system, but 250GB space is not available in the system, so that you need to increase your partition size. 3. Let's suppose you have two partitions in your system /dev/sda1 and /dev/sda2, due to some requirement you want to reduce the size of /dev/sda2 and want to increase the size of /dev/sd...

Search files which have special permission.

If you want to search files which have some special permission. SUID or SGID [root@localhost rpm]# find /sbin/ -perm /6000 -ls 630385   12 -rwsr-xr-x   1 root     root        11224 Jul 19  2016 /sbin/pam_timestamp_check 630387   36 -rwsr-xr-x   1 root     root        36280 Jul 19  2016 /sbin/unix_chkpwd 1155906   40 -rws--x--x   1 root     root        40312 Jan 28  2014 /sbin/userhelper 1261593   12 -rwx--s--x   1 root     lock        11208 Jan 26  2014 /sbin/lockdev 1225816   12 -rwxr-sr-x   1 root     root        11224 Sep 12  2016 /sbin/netreport 1225821   12 -rwsr-xr-x   1 root     root        11288 Sep 12  2016 /sbin/u...

How to find a file in Linux/Unix?

If you forgot the path of file but know the file name, how to find? We can do this using  find  command- [root@localhost rpm]# find /etc -name passwd /etc/passwd /etc/pam.d/passwd [root@localhost rpm]# find /etc -name pass* /etc/openldap/certs/password /etc/passwd /etc/selinux/targeted/active/modules/100/passenger /etc/passwd- /etc/pam.d/passwd /etc/pam.d/password-auth-ac /etc/pam.d/password-auth [root@localhost rpm]#