RedHat

What is Ext2, Ext3 & Ext4 and How to Create and Convert

What is Ext2, Ext3 & Ext4 and How to Create and Convert &-8211; this Article or News was published on this date:2019-05-28 20:01:20 kindly share it with friends if you find it helpful

I have used my Fedora old system to test where I converted from ext2 to ext3, ext2 to ext4 and ext3 to ext4 file systems successfully. By following this guide anyone can convert their file systems smartly, but still I like to WARN you’ll before doing this, because the following task required skilled administrative practices and make sure you must take important backup of your files before doing this. If in case something goes wrong at least you can revert to back with your backup data.

Linux File SystemLinux File System

Linux File System

In a computer, a file system is the way in which files are named and placed logically to store, retrieve and update the data and also used to manage space on the available devices.

File system is divided in two segments called User Data and Metadata. In this article I am trying to explore how to create and convert various Linux file systems and high level difference amongst Ext2, Ext3 and Ext4 file systems. Before moving further readings, let me introduce a brief about Linux file systems.

Ext2 – Second Extended File System

  1. Ext2 file system was introduced in 1993 and Ext2 was developed by Remy Card. It was the first default file system in several Linux distro like RedHat and Debian.
  2. It was to overcome limitation of legacy Ext file system.
  3. Maximum file size is 16GB – 2TB.
  4. Journaling feature is not available.
  5. It’s being used for normally Flash based storage media like USB Flash drive, SD Card etc.

Ext3 – Third Extended File System

  1. Ext3 file system was introduced in 2001 and same was integrated in Kernel 2.4.15 with journaling feature, which is to improve reliability and eliminates need to check file system after unclean shutdown.
  2. Max file size 16GB – 2TB.
  3. Provide facility to upgrade from Ext2 to Ext3 file systems without having to back up and restore data.

Ext4 – Fourth Extended File System

  1. Ext4, the high-anticipated Ext3 successor.
  2. On October 2008, Ext4 as stable code were merged in the Kernel 2.6.28 which contains Ext4 file system.
  3. Backward compatibility.
  4. Max file size 16GB to 16TB.
  5. Ext4 file system have option to Turn Off journaling feature.
  6. Other features like Sub Directory Scalability, Multiblock Allocation, Delayed Allocation, Fast FSCK etc.

How to Determine File System Type?

To determing your linux file system type, run the following command in terminal as a root user.

- df -hT | awk '{print $1,$2,$NF}' | grep "^/dev"
/dev/sda3 ext3 /
/dev/sda1 ext3 /boot
Warning: Please take important data backup before executing below commands.

Creating an Ext2, or Ext3, or Ext4 File Systems

Once you create file system using fdisk or parted command, use mke2fs command to create either of file system and make sure you replace hdXX with your device name.

Creating Ext2 File System

- mke2fs /dev/hdXX

Creating Ext3 File System

- mke2fs –j  /dev/hdXX
OR
- mkfs.ext3  /dev/hdXX

-j option is used for journaling.

Creating Ext4 File System

- mke2fs -t ext4 /dev/hdXX
OR 
- mkfs.ext4 /dev/hdXX

-t option to specify the file system type.

Converting an Ext2, or Ext3, or Ext4 File Systems

It is always better way to unmount file system and convert. Conversion can be done without unmounting and mounting filesystem. Again replace hdXX with your device name.

Converting Ext2 to Ext3

To change an ext2 file system to ext3 enabling the journal feature, use the command.

- tune2fs -j /dev/hdXX

Converting Ext2 to Ext4

To convert from old ext2 to new ext4 file system with latest journaling feature. Run the following command.

- tune2fs -O dir_index,has_journal,uninit_bg /dev/hdXX

Next do a complete file system check with e2fsck command to fix and repair.

- e2fsck -pf /dev/hdXX

-p option automatically repairs the file system.
-f option force checking file system even it seems clean.

Converting Ext3 to Ext4

To enable the ext4 features on an existing ext3 filesystem, use the command.

- tune2fs -O extents,uninit_bg,dir_index /dev/hdXX

WARNING: You cannot revert or mount back to ext3 filesystem once you run above command.

After running this command we MUST run fsck to fix up some on-disk structures that tune2fs has modified.

- e2fsck -pf /dev/hdXX

WARNING: Please try all these above commands on your tesing Linux server.

8 Linux Nslookup Commands to Troubleshoot DNS

8 Linux Nslookup Commands to Troubleshoot DNS &-8211; this Article or News was published on this date:2019-05-28 20:00:36 kindly share it with friends if you find it helpful

nslookup is a command-line administrative tool for testing and troubleshooting DNS servers (Domain Name Server). It is used to query specific DNS resource records (RR) as well. Most operating systems comes with built-in nslookup feature.

Linux Nslookup CommandsLinux Nslookup Commands

Linux Nslookup Commands

This article demonstrates widely used nslookup command in detail. Nslookup can be run in two modes: Interactive and Non-Interactive. The Interactive mode is used to query DNS-Server about various domains and hosts. Non-Interactive mode is used to query about information of a domain or host.

You might also be interested in following article :

  1. 35 Practical Examples of Linux Find Command
  2. 20 Netstat Commands for Linux Network Management
  3. 20 Linux YUM (Yellowdog Updater, Modified) Commands for Package Management

1. Find out “A” record (IP address) of Domain

- nslookup yahoo.com

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
Name:   yahoo.com
Address: 72.30.38.140
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70

Above command query domain www.yahoo.com with 4.2.2.2 public DNS server and below section shows Non-authoritative answer: displays A record of www.yahoo.com

2. Find out Reverse Domain Lookup

- nslookup 209.191.122.70

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
70.122.191.209.in-addr.arpa     name = ir1.fp.vip.mud.yahoo.com.

Authoritative answers can be found from:

3. Find out specific Domain Lookup.

- nslookup ir1.fp.vip.mud.yahoo.com.

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
Name:   ir1.fp.vip.mud.yahoo.com
Address: 209.191.122.70

4. To Query MX (Mail Exchange) record.

- nslookup -query=mx www.yahoo.com

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.

Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827307
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800

MX record is being used to map a domain name to a list of mail exchange servers for that domain. So that it tells that whatever mail received / sent to @yahoo.com will be routed to mail server.

5. To query NS(Name Server) record.

- nslookup -query=ns www.yahoo.com

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.

Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827782
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800

6. To query SOA (Start of Authority) record.

- nslookup -type=soa www.yahoo.com

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
www.yahoo.com   canonical name = fd-fp3.wg1.b.yahoo.com.
fd-fp3.wg1.b.yahoo.com  canonical name = ds-fp3.wg1.b.yahoo.com.
ds-fp3.wg1.b.yahoo.com  canonical name = ds-any-fp3-lfb.wa1.b.yahoo.com.
ds-any-fp3-lfb.wa1.b.yahoo.com  canonical name = ds-any-fp3-real.wa1.b.yahoo.com.

Authoritative answers can be found from:
wa1.b.yahoo.com
        origin = yf1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 1344827965
        refresh = 30
        retry = 30
        expire = 86400
        minimum = 1800

7. To query all Available DNS records.

- nslookup -query=any yahoo.com

Server:         4.2.2.2
Address:        4.2.2.2-53

Non-authoritative answer:
yahoo.com
        origin = ns1.yahoo.com
        mail addr = hostmaster.yahoo-inc.com
        serial = 2012081016
        refresh = 3600
        retry = 300
        expire = 1814400
        minimum = 600
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70
Name:   yahoo.com
Address: 72.30.38.140
yahoo.com       mail exchanger = 1 mta7.am0.yahoodns.net.
yahoo.com       mail exchanger = 1 mta5.am0.yahoodns.net.
yahoo.com       mail exchanger = 1 mta6.am0.yahoodns.net.
yahoo.com       nameserver = ns3.yahoo.com.
yahoo.com       nameserver = ns4.yahoo.com.
yahoo.com       nameserver = ns2.yahoo.com.
yahoo.com       nameserver = ns8.yahoo.com.
yahoo.com       nameserver = ns1.yahoo.com.
yahoo.com       nameserver = ns6.yahoo.com.
yahoo.com       nameserver = ns5.yahoo.com.

Authoritative answers can be found from:

8. Enable Debug mode

To enable Debug Mode ‘set debug’ will return you verbose information like TTL, here’s the output.

- nslookup -debug yahoo.com

> set debug
> yahoo.com
Server:         4.2.2.2
Address:        4.2.2.2-53

------------
    QUESTIONS:
        yahoo.com, type = A, class = IN
    ANSWERS:
    ->  yahoo.com
        internet address = 72.30.38.140
        ttl = 1523
    ->  yahoo.com
        internet address = 98.139.183.24
        ttl = 1523
    ->  yahoo.com
        internet address = 209.191.122.70
        ttl = 1523
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name:   yahoo.com
Address: 72.30.38.140
Name:   yahoo.com
Address: 98.139.183.24
Name:   yahoo.com
Address: 209.191.122.70

In this article, we have tried to cover nslookup commands which may help you to search (DNS) Domain Name Service related information. Next article will be on Linux Dig command which is Similar to nslookup. If you liked the article please share with your friends and don’t forget to give your valuable feedback’s through comment box.

Setup Samba Server Using tdbsam Backend on RHEL/CentOS 6.3, Fedora 17

Setup Samba Server Using tdbsam Backend on RHEL/CentOS 6.3, Fedora 17 &-8211; this Article or News was published on this date:2019-05-28 19:58:51 kindly share it with friends if you find it helpful

Samba is an open source and most popular widely used program that enables end users to access Linux shared directory from any windows machine on the same network. Samba is also named as a network file system and can be installed on Linux/Unix operating systems. Samba itself is a client/server protocol of SMB ( Server Message Block) and CIFS (Common Internet File System). Using windows smbclient (GUI) or file explorer, end users can connect to Samba server from any windows workstations to access shared files and printers.

Samba Server SetupSamba Server Setup

Samba Server Setup

This tutorial explains how to setup Samba Server (fileserver) Using tdbsam Backend on RHEL 6.3/6.2/6.1/6/5.8, CentOS 6.3/6.2/6.1/6/5.8 and Fedora 17,16,15,14,13,12 systems and also we will learn how to configure it to share files over the network using SMB protocol, as well as we will see how to create and add system users on samba user’s database.

1. Preliminary Note

We are using RHEL 6.3 system with hostname sfnews with IP address 172.16.25.126.

2. Disable SELinux

First, check whether SELinux is currently enabled or disabled with following command.

- selinuxenabled && echo enabled || echo disabled

enabled

In our case, SELinux is currently enabled, so we need to disabled it under RHEL/CentOS/Fedora systems, open file called /etc/selinux/config with your choice of editor. ( Ignore this step, if SELinux is already disabled ).

- vi /etc/selinux/config

And change the line that says SELINUX=enabled to SELINUX=disabled and reboot the system.

- This file controls the state of SELinux on the system.
- SELINUX= can take one of these three values:
-     enforcing - SELinux security policy is enforced.
-     permissive - SELinux prints warnings instead of enforcing.
-     disabled - No SELinux policy is loaded.
SELINUX=disabled
- SELINUXTYPE= can take one of these two values:
-     targeted - Targeted processes are protected,
-     mls - Multi Level Security protection.
SELINUXTYPE=targeted

3. Rebooting System

Here, we will need to reboot the system to re-lable entire file system in the boot process. This reboot process can take some time, depends on the volume of files.

- init 6

Once the system comes to login prompt, login with root user and start installing Samba package.

3. Installing Samba

We use YUM package manager tool to install Samba packages.

- yum install samba samba-common cups-libs samba-client

4. Configure Samba with tdbsam Backend

Once samba installed successfully, now time to configure it using tdbsam password backend. Open file /etc/samba/smb.conf.

- vi /etc/samba/smb.conf

And check for the following lines in the Standalone Server Options section. This line enables users to login into Samba server.

- ----------------------- Standalone Server Options ------------------------
-
- Scurity can be set to user, share(deprecated) or server(deprecated)
-
- Backend to store user information in. New installations should
- use either tdbsam or ldapsam. smbpasswd is available for backwards
- compatibility. tdbsam requires no further configuration.

        security = user 
        passdb backend = tdbsam

5. Creating Samba Share Directory

Now, we will create Samba share directory for sharing files for all users. Run the following commands.

- mkdir -p /home/sambashares/sfnewsusers
- chown -R root:users /home/sambashares/sfnewsusers
- chmod -R 775 /home/sambashares/sfnewsusers

6. Configuring Samba Share Directory

Add following lines at the bottom of the file /etc/samba/smb.conf.

[sfnewsusers]
  comment = All Users
  path = /home/sambashares/sfnewsusers
  valid users = @users
  force group = users
  create mask = 0660
  directory mask = 0771
  writable = yes

7. Creating Samba Start-up Links

Create system start-up links for Samaba.

- chkconfig --levels 235 smb on

8. Restarting Samba Server

Now restart Samba server.

- /etc/init.d/smb restart

9. Creating Samba Users

We will create a user called sfnews and set password to it.

- useradd sfnews -m -G users
- passwd sfnews

Now add newly created user sfnews to Samba user database and set password for him.

- smbpasswd -a sfnews

This way you can create as many as users you want, just replace the username sfnews with the desired username.

10. Verify Samba Server Share

Verify Samba share directory within Linux system using smbclient package with -L option. It will display list of available samba share directories on the host sfnews.

- smbclient -L sfnews

Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

        Sharename       Type      Comment
        ---------       ----      -------
        sfnewsusers    Disk      All Users
        IPC$            IPC       IPC Service (Samba Server Version 3.5.10-125.el6)
Anonymous login successful
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------

Try to login into Samba share directory under Linux system using username as sfnews with password.

- smbclient -L //sfnews/sfnewsusers -U sfnews
Enter sfnews's password:
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

        Sharename       Type      Comment
        ---------       ----      -------
        sfnewsusers     Disk      All Users
        IPC$            IPC       IPC Service (Samba Server Version 3.5.10-125.el6)
        sfnews         Disk      Home Directories
Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.5.10-125.el6]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------

11. Login to Samba Server from Windows

Now try to login from your Windows system, open Windows Explorer and type the address \172.16.25.126sfnews and enter username as sfnews and password, you will see sfnews’s home directory. Refer screenshot below.

Samba Server SetupSamba Share on Windows

Samba Share on Windows

Now to share Samba shared directory type address as \172.16.25.126sfnewsusers. You will see similar to below.

Samba Server SetupSamba Share Directory on Windows

Samba Share Directory on Windows

For more information about Samba configuration see the http://www.samba.org/.

Protect SSH Logins with SSH & MOTD Banner Messages<

Protect SSH Logins with SSH & MOTD Banner Messages &-8211; this Article or News was published on this date:2019-05-28 19:56:48 kindly share it with friends if you find it helpful

One of the easiest way to protect and secure SSH logins by displaying warming message to UN-authorized users or display welcome or informational messages to authorized users.

Protect SSH LoginsProtect SSH Logins

Display SSH Banner Messages

Being a system administrator whenever configure Linux servers I always use to configure a security banners for ssh logins. The banner contains some security warning information or general information. See my example banner message which I used for my all servers.

ALERT! You are entering into a secured area! Your IP, Login Time, Username has been noted and has been sent to the server administrator!
This service is restricted to authorized users only. All activities on this system are logged.
Unauthorized access will be fully investigated and reported to the appropriate law enforcement agencies.

There are two way to display messages one is using issue.net file and second one is using MOTD file.

  1. issue.net : Display a banner message before the password login prompt.
  2. motd : Display a banner message after the user has logged in.

So, I strongly recommended all system administrator to display a banner messages before allowing users to log in to systems. Just follow below simple steps to enable SSH logging messages.

Display SSH Warning Message to Users Before Login

To display Welcome or Warning message for SSH users before login. We use issue.net file to display a banner massages. Open the following file with VI editor.

- vi /etc/issue.net

Add the following banner sample message and save the file. You can add any custom banner message to this file.

---------------------------------------------------------------
-                                                      Welcome to TecMint.com                                                           - 
-                                   All connections are monitored and recorded                                         -
-                          Disconnect IMMEDIATELY if you are not an authorized user!                    -
---------------------------------------------------------------

Open the master ssh configuration file and enable banners.

- vi /etc/ssh/sshd_config

Search for the word “Banner” and uncomment out the line and save the file.

-Banner /some/path

It should be like this.

Banner /etc/issue.net (you can use any path you want)

Next, restart the SSH daemon to reflect new changes.

- /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

Now try to connect to server you will see banner message similar to below.

Protect SSH LoginsDisplay SSH Banner Messages

SSH Banner Messages Before Login

Display SSH Warning Message to Users After Login

To display banner messages after login, we use motd file, which is used to display banner massages after login. Now open it with VI editor.

vi /etc/motd

Place the following banner sample message and save the file.

---------------------------------------------------------------
-                                                   Welcome to TecMint.com                                                             - 
-                                    All connections are monitored and recorded                                       -
-                           Disconnect IMMEDIATELY if you are not an authorized user!                  -
---------------------------------------------------------------

Now again try to login into server you will get both the banner messages. See the screenshot attached below.

Protect SSH LoginsDisplay SSH Banner After Login

Display SSH Banner After Login