May 2017
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  

Categories

May 2017
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  

RHEL 7 – RHCSA Notes – Create and manage Access Control Lists (ACLs)

The file access control lists (FACLs) or simply ACLs are the list of additional user/groups and their permission to the file. Although the default file permissions does their jobs perfectly, it does not allow you to give permissions to more than one user or one group on the same file.

How to know when a […]

RHEL 7 – RHCSA Notes – Set enforcing and permissive modes for SELinux

SELinux modes

SELinux gives that extra layer of security to the resources in the system. It provides the MAC (mandatory access control) as contrary to the DAC (Discretionary access control). Before we dive into setting the SELinux modes, let us see what are the different SELinux modes of operation and how do they work. SELinux […]

CentOS / RHEL 7 : How to Create and Remove the LVM Mirrors Using lvconvert

When you convert a linear volume to a mirrored volume, you are basically creating an extra mirror copy for an existing volume. This means that your volume group must contain the devices and space for the mirrors and for the mirror log. If losing a copy of a mirror, LVM converts the volume to a […]

CentOS / RHEL 7 : Beginners guide to firewalld

Introduction

– A packet filtering firewall reads incoming network packets and filters (allows or denies) each data packet based on the header information in the packet. The Linux kernel has built-in packet filtering functionality called Netfilter. – Two services are available in RHEL 7 to create, maintain, and display the rules stored by Netfilter: 1. […]

CentOS / RHEL 7 : Configuring an NFS server and NFS client

NFS allows a linux server to share directories with other UNIX clients over network. NFS server exports a directory and NFS client mounts this directory. RHEL 7 supports two version of NFS – NFSv3 and NFSv4.

NFS server and RPC processes

starting the nfs-server process starts the NFS server and other RPC processes. RPC processes […]

CentOS / RHEL 7 : How to switch to iptables from firewalld

Question : How to disable firewalld and enable iptables instead?

Answer : To switch to from firewalld to iptables follow the steps given below.

1. Firstly ensure the iptables-services package is installed.

# yum install -y -q iptables-services 2. Then prepare the iptables rules you wish to use by editing /etc/sysconfig/iptables and /etc/sysconfig/ipt6tables.

3. Next, […]

CentOS / RHEL 7 firewalld : Command line reference (Cheat Sheet)

Firewalld is the new way of interacting with the iptables rules in RHEL 7. It allows to set new sucurity rules and activate them in runtime without disconnecting any existing connections.

Managing firewalld

# firewall-cmd –state — Display whether service is running # systemctl status firewalld — Another command to display status of service # […]

CentOS / RHEL 7 : How to password protect GRUB2 menu entries

Why should a Linux boot loader have password protection?

The following are the primary reasons for password protecting a Linux boot loader: 1. Preventing Access to Single User Mode – If an attacker can boot into single user mode, he becomes the root user. 2. Preventing Access to the GRUB Console – If the machine […]

CentOS / RHEL 7 : Chrony V/s NTP (Differences Between ntpd and chronyd) Chosing between Chrony and NTP

CentOS / RHEL 7 : Chrony V/s NTP (Differences Between ntpd and chronyd) Chosing between Chrony and NTP

– In RHEL 7 ntpd is replaced by chronyd as the default network time protocol daemon. – Basic configuration for synchronize time and date is stored in the file /etc/chrony.conf. – ntpd is still included in yum […]

CentOS / RHEL 7 : How to sync chrony to local clock

Question : How to sync chrony to the local clock.

Answer : When the chrony service starts, there are some settings in the /etc/chrony/chrony.conf file that tells it to actually set the time if specific conditions occur. Below procedure lts you set the local clock as the source for chrony to synchronize the time.

1. […]