Pages

Sunday, January 23, 2011

Forcing users to change their password upon first login

The chage command changes the number of days between password changes and the date of the last password change. This information is used by the sys
tem to determine when a user must change his/her password.

#chage -d 0 username

Set the number of since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area).

By using 0, we will automaticaly expire the passwd, forcing user to change it on first login.

How to force every new user to change password at first login


For this change we need to change the default setting of useradd command.

Look for the line or just append the following line in the file.

Expire=0



Posted by at No comments:

Wednesday, January 19, 2011

Indirect reference in bash programming

Indirect reference is a method in programming where you pass the value of one variable to another variable.
For example in bash programming $1 variable is the value of first argument so in order to reference it we can write the program as

#!/bin/bash
user=1
echo ${!user}
More details can be found here
Posted by at No comments:

Thursday, January 13, 2011

How to change the hostname of a Linux system

Normally we will set the hostname of a system during the installation process. Many peoples don’t care about this, and don’t change the hostname.

Change the hostname on a running system

On any Linux system you can change its hostname with the command 'hostname'

Here are some quick usages of the command line hostname:

hostname

without any parameter it will output the current hostname of the system.

hostname --fqd

it will output the fully qualified domain name (or FQDN) of the system.

hostname NEW_NAME

will set the hostname of the system to NEW_NAME. This is active right away and will remain like that until the system will be rebooted (because at system boot it will set this from some particular file configurations – see bellow how to set this permanently). You will most probably need to exit the current shell in order to see the change in your shell prompt.

Permanent hostname change on Debian based systems

Debian based systems use the file /etc/hostname to read the hostname of the system at boot time and set it up using the init script /etc/init.d/hostname.sh

/etc/hostname
server

So on a Debian based system we can edit the file /etc/hostname and change the name of the system and then run:

/etc/init.d/hostname.sh start

to make the change active. The hostname saved in this file (/etc/hostname) will be preserved on system reboot (and will be set using the same script we used hostname.sh).

Permanent hostname change on RedHat based systems

RedHat based system use the file /etc/sysconfig/network to read the saved hostname at system boot. This is set using the init script /etc/rc.d/rc.sysinit

/etc/sysconfig/network
NETWORKING=yes
HOSTNAME="plain.domainname.com"
GATEWAY="192.168.0.1"
GATEWAYDEV="eth0"
FORWARD_IPV4="yes"

So in order to preserve your change on system reboot edit this file and enter the appropriate name using the HOSTNAME variable.

Also replace the old hostname on the file /etc/hosts

Use sysctl to change the hostname

Why would someone need a different method of doing the same thing as above? No idea, but here is anyway: use sysctl to change the variable kernel.hostname:
Use:

sysctl kernel.hostname

to read the current hostname, and

sysctl kernel.hostname=NEW_HOSTNAME

to change it.

If you are using sendmail edit /etc/mail/local-host-names file to include the new host-name. This will prevent sendmail from hanging up when the system is restarted.

Posted by at No comments:

Friday, January 7, 2011

Entering different runlevels from grub

There are occasions you want to boot in non-graphical mode ( in runlevel 3 ) for troubleshooting because the system fails to boot the usual way, X fails to start or some module it fails to load.

Here is how you do it when Grub is your boot loader:

At the grub boot menu press the E key. Next select the distro you want to boot and press the E key again. Now select the line with "kernel /boot/vmlinuz" and hit the E key one more time. Now type a space and the number 3 at the end of that line

Finally press the B key and your distro will boot in runlevel 3

When entering runlevel 1 you are not prompted to enter the root password you directly enter as the root. This can be vulnerable.

We can protect it by using two methods

1. You can force the root password to be entered in single-user mode by adding the following to /etc/inittab:

su:S:wait:/sbin/sulogin

2. Protecting grub using a password

Login as root and execute 'grub' command in terminal/konsole. prompt will change to 'grub>'
execute md5crypt to generate password hash.
Code:
grub> md5crypt
it will prompt you for password, enter the password which you are going to set for GRUB. it will display encrypted password hash.
Code:
Password: ******
Encrypted: $1$jxcdN0$haseNMq1aiPf8FziuGJGZp0
note down encrypted password hash and exit grub mode:
Code:
grub> quit
You can also create md5 crypt password by using the command grub-md5-crypt to get the encrypted password.

edit /boot/grub/grub.conf file and insert encrypted password in between "splashimage" and "title" lines.
Code:
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
password --md5  $1$jxcdN0$haseNMq1aiPf8FziuGJGZp0
title Fedora Core 6
save edited file and reboot.
Posted by at No comments:

Saturday, January 1, 2011

Sharing Ubuntu Linux Folders with Remote Linux and UNIX Systems using NFS

NFS allows the file system on one Linux to be accessed over a network connection by another Linux or UNIX system.

Installing NFS Services on Ubuntu

The services required to enable NFS folder sharing are not installed by default on Ubuntu. They can easily be installed, however, by opening a terminal window and entering the following command: 

sudo apt-get install nfs-kernel-server

The installation process should automatically start the NFS service. To verify that the service is indeed running, execute the following command: 

sudo /etc/init.d/nfs-kernel-server status

If the output from the above command indicates that the service is not running, it may started as follows: 

sudo /etc/init.d/nfs-kernel-server start

Sharing Folders

Once the NFS service is installed and running, the next step is to configure any folders that are to be shared with remote systems. Any folders which are to be shared are listed in the /etc/exports file which may be edited from a terminal window as follows: 

sudo gedit /etc/exports

Each folder that is to be shared via NFS must have an entry in this file. The basic syntax is as follows:

folder path hostname(permissions)

For example, to allow a system with the IP address of 192.168.2.24 to access /tmp with read-only access, the following entry would be added to the /etc/exports file: 

/tmp 192.168.2.24(rw,sync,no_subtree_check)

Similarly, to also make the folder accessible to a system with the hostname ubuntu2 with read/write permission, the line would read as follows: 

/tmp 192.168.2.24(ro,sync,no_subtree_check) ubuntu2(rw,sync,no_sub_tree_check)

Alternatively, to provided read/write access to all hosts, simply use the wildcard character (*): 

/tmp    *((rw,sync,no_sub_tree_check)

Once the folder entries have been made in the /etc/exports file, the current settings may be checked at any time by running the exportfs command: 

sudo exportfs
/tmp           192.168.2.24

Mounting a Remote NFS Folder

Once a folder has been exported it may then be mounted on a client system using the mount command. To mount a remote folder from the command line, open a terminal window and create folder where you would like the remote folder to be mounted: 

mkdir /tmp/mnt

Next enter the command to mount to the remote folder (in this example we use ubuntu as the remote hostname): 

sudo mount ubuntu:/tmp /tmp/mnt

The remote folder will then be mounted on the local system. Once mounted, the /tmp/mnt folder will contain the remote folder and all its contents.

Mounting an NFS Filesystem on System Startup

It is possible to configure an Ubuntu Linux system to automatically mount a remote file system each time the system starts up. This is achieved by editing the /etc/fstab file. To do this use sudo to load the /etc/fstab file into your favorite editor. It will likely look something like the following: 

># /etc/fstab: static file system information.
#
#                
proc            /proc           proc    defaults        0       0
# /dev/sda1
UUID=bcde7125-d38d-4362-bcd8-c64f2b512760 /               ext3    defaults,errors=remount-ro 0    1
# /dev/sda5
UUID=b4ff42fa-7c9a-4c26-a640-b0af94f14820 none            swap    sw              0       0
/dev/hdc        /media/cdrom0   udf,iso9660 user,noauto     0       0
/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0

To mount, for example, a folder with the path /home/demo which resides on a system called ubuntu in the local folder with the path /nfsmount add the following line to the /etc/fstab file: 

ubuntu:/home/demo /nfsmount nfs

Next time the system reboots the /home/demo folder on the remote ubuntu system will be mounted on the local /nfsmount mount point. All the files in the remote folder can then be accessed as if they resided on the local hard disk drive.

Unmounting an NFS Mount Point

Once a remote file system is mounted using NFS it can be unmounted using the unmount command with the local mount point as the command-line argument. For example, to unmount our example filesystem mount point requires the use of the following command: 

sudo umount /nfsmount
Posted by at No comments:
Subscribe to: Comments (Atom)