How to configure rndc key with chrooted bind on linux?

Environment : RHEL 6.1 .

Here are the steps that I followed :

1. vi /etc/rndc.conf and following line

----
options {
default-server 127.0.0.1;
default-key "rndckey";
};

server 127.0.0.1 {
key "rndckey";
};

key "rndckey" {
algorithm "hmac-md5";
secret "secret key will be placed here";
};
---

2. cd /var/named/chroot/etc/

3. $dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 256 -n HOST rndc
4. cat *.private
5. copy the key from private file and put it in /etc/rndc.conf at "secret" line.
6. Do link :

$ln -s /var/named/chroot/etc/rndc.conf /etc/rndc.conf

7. vi /etc/named.conf put following :

----
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; };
};

key "rndckey" {
algorithm "hmac-md5";
secret "replace_keyhere";
};

----

8. Restart named and check status :

$rndc status

Output will look like :

$rndc status
version: 9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.2
CPUs found: 1
worker threads: 1
number of zones: 20
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

Read More

How to rotate sudo log?

Scenario : Sudo log files will keep the activities of sudo users and their login status in /var/log/sudolog.

Tested platform : RHEL 5

Solution :

1. Create a sudo log file and put it in /etc/sudoers. Then rotate it for 90 days. As an example :

$touch /var/log/sudolog

2. vi /etc/sudoers and add following lines :

-----
Defaults !syslog
Defaults logfile = /var/log/sudolog
-----

Then save it.

3. Rotating this log file :

vi /etc/logrotate.d/sudolog and put following :

------
/var/log/sudolog {
rotate 90
size 5M
postrotate
/usr/bin/killall -HUP syslogd
endscript
}
------

4. Now restart syslogd :

$service syslogd restart

This will keep maximum 5MB file of 90 different copies. Old copy will be removed first.

Read More

Details about SUID, SGID and Sticky bit permission on linux os

* SUID or setuid: change user ID on execution. If setuid bit is set, when the file will be executed by a user, the process will have the same rights as the owner of the file being executed.
* SGID or setgid: change group ID on execution. Same as above, but inherits rights of the group of the owner of the file on execution. For directories it also may mean that when a new file is created in the directory it will inherit the group of the directory (and not of the user who created the file).
* Sticky bit. It was used to trigger process to "stick" in memory after it is finished, now this usage is obsolete. Currently its use is system dependant and it is mostly used to suppress deletion of the files that belong to other users in the folder where you have "write" access to.

Numeric representation :

Octal digit Binary value Meaning
0 000 setuid, setgid, sticky bits are cleared
1 001 sticky bit is set
2 010 setgid bit is set
3 011 setgid and sticky bits are set
4 100 setuid bit is set
5 101 setuid and sticky bits are set
6 110 setuid and setgid bits are set
7 111 setuid, setgid, sticky bits are set

file : 2644
dir : 2755

Textual representation :

SUID If set, then replaces "x" in the owner permissions to "s", if owner has execute permissions, or to "S" otherwise. Examples:
-rws------ both owner execute and SUID are set
-r-S------ SUID is set, but owner execute is not set

SGID If set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise. Examples:
-rwxrws--- both group execute and SGID are set
-rwxr-S--- SGID is set, but group execute is not set

Sticky If set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise. Examples:
-rwxrwxrwt both others execute and sticky bit are set
-rwxrwxr-T sticky bit is set, but others execute is not set

drwxrwxrwt - Sticky Bits - chmod 1777
drwsrwxrwx - SUID set - chmod 4777
drwxrwsrwx - SGID set - chmod 2777

Read More

What are the CPU states found in "top" output?

Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st

# us -> User CPU time: The time the CPU has spent running users’ processes that are not niced.
# sy -> System CPU time: The time the CPU has spent running the kernel and its processes.
# ni -> Nice CPU time: The time the CPU has spent running users’ process that have been niced.
# wa -> iowait: Amount of time the CPU has been waiting for I/O to complete.
# hi -> Hardware IRQ: The amount of time the CPU has been servicing hardware interrupts.
# si -> Software Interrupts.: The amount of time the CPU has been servicing software interrupts.

Read More

How to check details of the rpm pacakge which is yet not installed?

Pass "-qpil" to rpm command. As an example :

#rpm -qpil tftp-0.49-7.el6.x86_64.rpm
Name : tftp Relocations: (not relocatable)
Version : 0.49 Vendor: Red Hat, Inc.
Release : 7.el6 Build Date: Mon 18 Jul 2011 03:10:21 PM EDT
Install Date: (not installed) Build Host: x86-002.build.bos.redhat.com
Group : Applications/Internet Source RPM: tftp-0.49-7.el6.src.rpm
Size : 46554 License: BSD
Signature : (none)
Packager : Red Hat, Inc.
URL : http://www.kernel.org/pub/software/network/tftp/
Summary : The client for the Trivial File Transfer Protocol (TFTP)
Description :
The Trivial File Transfer Protocol (TFTP) is normally used only for
booting diskless workstations. The tftp package provides the user
interface for TFTP, which allows users to transfer files to and from a
remote machine. This program and TFTP provide very little security,
and should not be enabled unless it is expressly needed.
/usr/bin/tftp
/usr/share/doc/tftp-0.49
/usr/share/doc/tftp-0.49/CHANGES
/usr/share/doc/tftp-0.49/README
/usr/share/doc/tftp-0.49/README.security
/usr/share/doc/tftp-0.49/README.security.tftpboot
/usr/share/man/man1/tftp.1.gz


----

To check details of installed package :

#rpm -qi tftp-0.49-7.el6.x86_64
Name : tftp Relocations: (not relocatable)
Version : 0.49 Vendor: Red Hat, Inc.
Release : 7.el6 Build Date: Mon 18 Jul 2011 03:10:21 PM EDT
Install Date: Fri 19 Aug 2011 06:02:18 PM EDT Build Host: x86-002.build.bos.redhat.com
Group : Applications/Internet Source RPM: tftp-0.49-7.el6.src.rpm
Size : 46554 License: BSD
Signature : (none)
Packager : Red Hat, Inc.
URL : http://www.kernel.org/pub/software/network/tftp/
Summary : The client for the Trivial File Transfer Protocol (TFTP)
Description :
The Trivial File Transfer Protocol (TFTP) is normally used only for
booting diskless workstations. The tftp package provides the user
interface for TFTP, which allows users to transfer files to and from a
remote machine. This program and TFTP provide very little security,
and should not be enabled unless it is expressly needed

Show dependencies of a RPM package :

#rpm -qp -requires .rpm

Read More

How to access windows share from Linux machine

Ans : Mount windows share using cifs file system (a kernel module) or add mount entries in fstab file

Example :

#mount -t cifs \\Win_IP\WIN_SHARE /mnt

or# cat /etc/fstab
. . . . .

\\win_ip\winshare /mnt cifs credentials=/root/.smbpasswd 0 0

Note :

win_ip = win server name = win IP
winshare = share directory on windows.
/mnt = mounted directory on linux
/root/.smbpasswd = contains login credentials to access windows share
cifs = filesytem name

Manual test :

$smbclient -L //win_ip -U workgroup/win_user

Note : You can configure autofs to automatically mount the shares.

Debugging of cifs :

1) "dmesg -c" (clear the error log)
2) "echo 7 > /proc/fs/cifs/cifsFYI" (enabling cifs
informational/debug messages)
3) try the mount and examine the dmesg output ("dmesg")
4) capture tcpdump.

Read More

How do I determine if my x86-compatible Intel system is multi-processor, multi-core or supports hyperthreading?

Guys,

We need to know about multi-processor, multi-core or supports hyperthreading. Here are the details :

Physical ID (Physical processor or socket ID): The physical id value is a number assigned to each processor socket. The number of unique physical id values on a system tells you the number of CPU sockets that are in use. All logical processors (cores or hyperthreaded images) contained within the same physical processor will share the same physical id value.

Siblings (ie chield , logical processor): The siblings value tells you how many logical processors are provided by each physical processor.

Core ID (Core ID value) : The core id values are numbers assigned to each physical processor core. Systems with hyperthreading will see duplications in this value as each hyperthreaded image is part of a physical core. Under Red Hat Enterprise Linux 5, these numbers are an index within a particular CPU socket so duplications will also occur in multi-socket systems. Under Red Hat Enterprise Linux 4, which uses APIC IDs to assign core id values, these numbers are not reused between sockets so any duplications seen will be due solely to hyperthreading.

Core value (Number of core value ie how many core can be combined in one logical processor) : The cpu cores value tells you how many physical cores are provided by each physical processor.

Thread (Each core can contain max 2 threads in Intel arch) : Number of threads.

Above all can be viewed in /proc/cpuinfo and dmidecode.

Example from my laptop :

demidecode :

Handle 0x0006, DMI type 4, 42 bytes
Processor Information
Socket Designation: None
Type: Central Processor
Family: Other
Manufacturer: GenuineIntel
ID: 55 06 02 00 FF FB EB BF
Version: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
Voltage: 1.3 V
External Clock: 133 MHz
Max Speed: 2530 MHz
Current Speed: 2530 MHz
Status: Populated, Enabled
Upgrade: None
L1 Cache Handle: 0x000A
L2 Cache Handle: 0x000B
L3 Cache Handle: 0x000C
Serial Number: Not Specified
Asset Tag: Not Specified
Part Number: Not Specified
Core Count: 2 < Core Enabled: 2 << enabled core
Thread Count: 4 << 2*2(each core contains 2 thread in intel arch) =4
Characteristics: None

---

cat /proc/cpuinfo :

[root@kmaiti ~]# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
stepping : 5
cpu MHz : 1199.000
cache size : 3072 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 2
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes lahf_lm ida arat tpr_shadow vnmi flexpriority ept vpid
bogomips : 5054.00
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
stepping : 5
cpu MHz : 1199.000
cache size : 3072 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 2
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes lahf_lm ida arat tpr_shadow vnmi flexpriority ept vpid
bogomips : 5053.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
stepping : 5
cpu MHz : 1199.000
cache size : 3072 KB
physical id : 0
siblings : 4
core id : 2
cpu cores : 2
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes lahf_lm ida arat tpr_shadow vnmi flexpriority ept vpid
bogomips : 5053.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 37
model name : Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
stepping : 5
cpu MHz : 1199.000
cache size : 3072 KB
physical id : 0
siblings : 4
core id : 2
cpu cores : 2
apicid : 5
initial apicid : 5
fpu : yes
fpu_exception : yes
cpuid level : 11
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes lahf_lm ida arat tpr_shadow vnmi flexpriority ept vpid
bogomips : 5053.76
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

Try:)

Read More