[root@example ~]#
[root@example ~]# yum install samba-*
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.nsc.liu.se
* updates: centosh.centos.org
* addons: centosh.centos.org
* extras: centosb2.centos.org
base
| 1.1 kB 00:00
updates
| 951 B 00:00
primary.xml.gz
| 131 kB 00:00
updates 196/196
addons
| 951 B 00:00
extras
| 1.1 kB 00:00
Setting up Install Process
Parsing package install arguments
Package samba-common-3.0.33-3.7.el5.i386 already installed and latest version
Package samba-3.0.33-3.7.el5.i386 already installed and latest version
Package samba-client-3.0.33-3.7.el5.i386 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package samba-swat.i386 0:3.0.33-3.7.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================\
=============================================================================
Package Arch Version
Repository Size
================================================================================\
=============================================================================
Installing:
samba-swat i386
3.0.33-3.7.el5 base
8.2 M
Transaction Summary
================================================================================\
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 8.2 M
Is this ok [y/N]: y
Downloading Packages:
samba-swat-3.0.33-3.7.el5.i386.rpm
| 8.2 MB 00:52
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : samba-swat [1/1]
Installed: samba-swat.i386 0:3.0.33-3.7.el5
Complete!
[root@example ~]# vi /etc/samba/smb.conf
#======================= Global Settings =====================================
[global]
# ----------------------- Network Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
#
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# you want to listen on (never omit localhost)
#
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specifiy it as a per share option as well
#
#####Edit this line with your NT workgroup name ########
#####Edited By Baber Zahoor dated 20090805 ########
workgroup = Workgroup
server string = Samba Server Version %v
; netbios name = MYSERVER
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
; hosts allow = 127. 192.168.12. 192.168.13.
######## go to on end of file and add your share ###############
A publicly accessible directory, but read only, except for people in
# the "staff" group
[Share]
comment = Public Stuff
path = /Share #### This can be your own share path #####
public = yes
writable = yes
printable = no
valid users = baber amalik ### can be your user ########
write list = +staff #### this is group name you can add your own.####
wq!
for adding the users in smbpasswd file use this command.
Note: users must be added before adding them into smbpasswd file.
[root@example ~]# smbpasswd -a baber
New SMB password:
Retype new SMB password:
Added user baber.
[root@example ~]#
[root@example ~]# /etc/init.d/smb start
Starting SMB services: [ OK ]
Starting NMB services: [ OK ]
[root@example ~]#
now you can access the samba shares from the WidowsXp pc's
if you have firewall installed on your Linux server kindly open the ports.
[root@example ~]# system-config-securitylevel
enable the samba option in the firewall INPUT tables for incoming request.
Kind Regards,
Babar Zahoor
RHCE 5.0
Wednesday, May 27, 2009
Tuesday, May 26, 2009
How to implement ACL
ACL Access Control List
Linux operating system supports ACL option.
if we want to implement ACL option we have to specify in witch partition we
want to implement ACL
e.g. / we want to implement ACL in this partition.
1st of all open fstab file "Be careful this is file system table file"
vim /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/usr /usr ext3 defaults 1 2
LABEL=/var /var ext3 defaults 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-hda6 swap swap defaults 0 0
add acl option in the line where / partition information is written.
add acl option after defaults option.
e.g. defaults,acl
then save file and exit.
run command on shell
# mount -o remount /
getfacl command is used to implement ACL
-m for adding and editing ACL
-x for removing.
u for user or userid
g for group or groupid
e.g.
# setfacl -m u:baber:rwx /data/file
this command will gives rwx permissions to user baber on specified file.
"/data/file"
# setfacl -m g:baber:rwx /data/file
this command will gives rwx permissions to group baber on specified file.
"/data/file"
to check ACL
# getfacl /data/file
To remove ACL
setfacl -x u:baber
setfacl -x g:baber
Babar Zahoor
RHCE 5.0
Linux operating system supports ACL option.
if we want to implement ACL option we have to specify in witch partition we
want to implement ACL
e.g. / we want to implement ACL in this partition.
1st of all open fstab file "Be careful this is file system table file"
vim /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/usr /usr ext3 defaults 1 2
LABEL=/var /var ext3 defaults 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
LABEL=SWAP-hda6 swap swap defaults 0 0
add acl option in the line where / partition information is written.
add acl option after defaults option.
e.g. defaults,acl
then save file and exit.
run command on shell
# mount -o remount /
getfacl command is used to implement ACL
-m for adding and editing ACL
-x for removing.
u for user or userid
g for group or groupid
e.g.
# setfacl -m u:baber:rwx /data/file
this command will gives rwx permissions to user baber on specified file.
"/data/file"
# setfacl -m g:baber:rwx /data/file
this command will gives rwx permissions to group baber on specified file.
"/data/file"
to check ACL
# getfacl /data/file
To remove ACL
setfacl -x u:baber
setfacl -x g:baber
Babar Zahoor
RHCE 5.0
Useradd
In redhat linux we can add users with useradd command
# useradd username
to assign passwd we must use passwd command..
# passwd username
then specify passwd..........
information about all users will be saved in /etc/passwd file....
all passwords of the users must be saved in /etc/shadow in encrypted form...
all information about groups will saved in /etc/group file
we can add group using
# groupadd groupname
# useradd username
to assign passwd we must use passwd command..
# passwd username
then specify passwd..........
information about all users will be saved in /etc/passwd file....
all passwords of the users must be saved in /etc/shadow in encrypted form...
all information about groups will saved in /etc/group file
we can add group using
# groupadd groupname
Files and Directory Permissions
Written by Babar Zahoor RHCE 5.0
baber@wbitt.com
We have three types of permissions
read = r
write = w
execute = x
we can change permissions for three categories
owner = u
group = g
others = o
if run ls -l
we see
-rw------- 1 root root 1648 Mar 13 13:47 anaconda-ks.cfg
drwx------ 11 root root 4096 Mar 20 08:56 Desktop
-rw-r--r-- 1 root root 41065 Mar 13 13:46 install.log
-rw-r--r-- 1 root root 5891 Mar 13 13:46 install.log.syslog
drwxr-xr-x 3 root root 4096 Mar 18 23:47 ispconfig
drwxr-xr-x 37 root root 4096 Mar 20 08:25 mplayer
-rw-r--r-- 1 root root 224 Mar 14 18:48 scsrun.log
please see install.log
-rw-r--r-- 1 root root 41065 Mar 13 13:46 install.log
we see here
permissions
- 1st dash show this is file (if d then directory, if we see l then indicates
this is link file or shortcut)
rw- for owner of the file
r-- for the owner's group
r-- for all others then owner and it's group
chmod command is used to change the permissions
+ is use to add
- is use to remove
if we consider file for changing permissions.
example: chmod u+rwx,g+rw,o+rw file
We have another method to implement permissions.
Number System
r = 4
w = 2
x = 1
4+2+1 = rwx = 7 for owner or group or others means
777 for all of them
example: chmod 755 file (same for directories)
We have default permissions in the system
umask is the value which can change default permissions.
umask (to see the default permissions)
0022
please subtract 022 from 777 for directories permissions.
777
-022
-----
755
please subtract 022 from 666 for files permissions.
666
-022
-----
644
these 755, 644 are default permissions for the directories and files as well.
Thanks
baber@wbitt.com
We have three types of permissions
read = r
write = w
execute = x
we can change permissions for three categories
owner = u
group = g
others = o
if run ls -l
we see
-rw------- 1 root root 1648 Mar 13 13:47 anaconda-ks.cfg
drwx------ 11 root root 4096 Mar 20 08:56 Desktop
-rw-r--r-- 1 root root 41065 Mar 13 13:46 install.log
-rw-r--r-- 1 root root 5891 Mar 13 13:46 install.log.syslog
drwxr-xr-x 3 root root 4096 Mar 18 23:47 ispconfig
drwxr-xr-x 37 root root 4096 Mar 20 08:25 mplayer
-rw-r--r-- 1 root root 224 Mar 14 18:48 scsrun.log
please see install.log
-rw-r--r-- 1 root root 41065 Mar 13 13:46 install.log
we see here
permissions
- 1st dash show this is file (if d then directory, if we see l then indicates
this is link file or shortcut)
rw- for owner of the file
r-- for the owner's group
r-- for all others then owner and it's group
chmod command is used to change the permissions
+ is use to add
- is use to remove
if we consider file for changing permissions.
example: chmod u+rwx,g+rw,o+rw file
We have another method to implement permissions.
Number System
r = 4
w = 2
x = 1
4+2+1 = rwx = 7 for owner or group or others means
777 for all of them
example: chmod 755 file (same for directories)
We have default permissions in the system
umask is the value which can change default permissions.
umask (to see the default permissions)
0022
please subtract 022 from 777 for directories permissions.
777
-022
-----
755
please subtract 022 from 666 for files permissions.
666
-022
-----
644
these 755, 644 are default permissions for the directories and files as well.
Thanks
Basic Commands
Some basic commands
cat
ls
head
tail
man
touch
mkdir
cd
less
more
grep
also see switches with --help or man or info command
please run these commands and post your views.............
Babar Zahoor
cat
ls
head
tail
man
touch
mkdir
cd
less
more
grep
also see switches with --help or man or info command
please run these commands and post your views.............
Babar Zahoor
Squid Transparent configuration
Please follow these steps you will INSHA ALLAH configure the squid with
transparent option.....
You can also you dhcpd server for ip assigning.
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
save & quit
vim /etc/squid/squid.conf
###......please enable these options......###
http_port 3128 transparent
acl our_networks src 192.168.1.0/24
http_access allow our_networks
cache_mem 16M
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
store_log /var/log/squid/store.log
cache_dir /var/spool/squid 2000 16 256
cache_mgr baber@wbitt.com
visible_hostname squid.linuxlab.int
save and quit
#squid -z
#service squid start
###........then if u want to make it transparent kindly add rule to iptables
firwall........###
#iptables -t nat -A PREROUTING -p tcp -i etho --dport 80 -j REDIRECT --to-port
3128
###......Note: eth0 is connected with your LAN switch......###
Baber Zahoor
RHCE 5.0
transparent option.....
You can also you dhcpd server for ip assigning.
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
save & quit
vim /etc/squid/squid.conf
###......please enable these options......###
http_port 3128 transparent
acl our_networks src 192.168.1.0/24
http_access allow our_networks
cache_mem 16M
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
store_log /var/log/squid/store.log
cache_dir /var/spool/squid 2000 16 256
cache_mgr baber@wbitt.com
visible_hostname squid.linuxlab.int
save and quit
#squid -z
#service squid start
###........then if u want to make it transparent kindly add rule to iptables
firwall........###
#iptables -t nat -A PREROUTING -p tcp -i etho --dport 80 -j REDIRECT --to-port
3128
###......Note: eth0 is connected with your LAN switch......###
Baber Zahoor
RHCE 5.0
Subscribe to:
Posts (Atom)