Week 22: Day 057 - Scheduling Tasks

Today we will be learning about timing tasks, with tools mainly such as cron. I've been aware of that tool for a while, and it's very useful for timing actions on your machine, many times being something along the lines of shutting down your computer at a scheduled time.

What is cron? Cron is a service which runs processes at specific times. Some system tasks are already using cron, probably without your awareness, such as "logrotate" which automatically gets rid of old logs at a certain time. To see what's going on with cron right now at this second, type "systemctl status crond -l". The most important part is the first part, because it shows that it's loaded. These are some examples of how you schedule cron properly:

•  * 11 * * * Any minute between 11:00 and 11:59 (probably not what you want)
• 0 11 * * 1-5 Every day at 11 a.m. on weekdays only
• 0 7-18 * * 1-5 Every hour on weekdays on the hour
• 0 */2 2 12 5 Every 2 hours on the hour on December second and every Friday in December

Instead of editing /etc/crontab you can create a configuration file for it seperately, and this will be put into /etc/cron.d then put the scripts for those cron commands into /etc/cron.hourly or cron.daily or cron.monthly, you get the point! User specific files are created with crontab -e (username). This is extremely useful if you don't want to do the job for all users. Then there's anacron which is really a configuration file for cron and where these script files are put. If you want to configure this file go to /etc/ancrontab it's a file not a directory. To restrict who can use cron make a file in /etc/cron.allow and add users on there to whitelist them so they may use it. Then make a similar one in /etc/cron.deny which will deny cron privileges to whomever is attempting use it. Furthermore here's how! In this exercise, you apply some of the cron basics. You schedule cron jobs using different mechanisms:

1. Open a root shell. Type cat /etc/crontab to get an impression of the contents of the /etc/crontab configuration file.

From what I see using cat, this file has got a neat layout showing you how to determine times and dates.

2. Type crontab -e. This opens an editor interface that by default uses vi as its editor. Add the following line:

0 2 * * 1-5 logger message from root

By default this uses "vi", and it opened up crontab automatically.

3. Use the vi command :wq! to close the editing session and write changes.

Same save command to exit as vim.

4. Use cd /etc/cron.hourly. In this directory, create a script file with the name eachhour that contains the following line:

logger This message is written at $(date)

The file does not need an extension as long as it's executable, but as a norm use .sh

5. Use chmod +x eachhour to make the script executable; if you fail to make it executable, it will not work.

This makes it executable automatically, very important to note, instead of manually doing it.

6. Now enter the directory /etc/cron.d and in this directory create a file with the name eachhour. Put the following contents in the file:

11 * * * * root logger This message is written from /etc/cron.d

7. Save the modifications to the configuration file and go work on the next section. (For optimal effect, perform the last part of this exercise after a couple of hours.)

Hopefully it will work haha.

8. After a couple of hours, type grep written /var/log/messages and read the messages that have been written which verifies correct cron operations.

Can't really verify this, but it's probably true.
------------------------------------------------------------------------------------------------------------

Finally, let's talk about scheduling jobs with atd. This is another method of timing processes on your system. In this exercise, you learn how to schedule jobs using the atd service:

1. Type systemctl status atd. In the line that starts with Loaded:, this command should show you that the service is currently loaded and enabled, which means that it is ready to start receiving jobs.

It's enabled and displays that the job spooling tools are active and working properly.

2. Type at 15:00 (or replace with any time near to the time at which you are working on this exercise).

It changed the $ to at> which is also done by python. I probably need to type in a special command.

3. Type logger message from at. Use Ctrl+D to close the at shell.

This created a new job.

4. Type atq to verify that the job has indeed been scheduled.

This indeed scheduled a job. I believe that this tool atd is a really useful tool to shortcut editing and creating script files for cron, and simply typing in commands to atd.
------------------------------------------------------------------------------------------------------------

Review Questions

1. Where do you configure a cron job that needs to be executed once every 2 weeks?

You configure it at /etc/cron.weekly

2. How do you specify the execution time in a cron job that needs to be executed twice every month, on the 1st and the 15th of the month at 2 p.m.?

0 13 1,15 * *

3. How do you specify cron execution time for a job that needs to run every 2 minutes on every day?

*/2

4. How do you specify a job that needs to be executed on September 19 and every Thursday in September?

70 -1 19 sep 4*

5. Which three valid day indicators can you use to specify that a cron job needs to be executed on Sunday?

0, 7, or sun

6. Which command enables you to schedule a cron job for user lisa?

"crontab -e" then type "(job scheduling) lisa /cron.d"

7. How do you specify that user boris is never allowed to schedule jobs through cron?

echo boris >> /etc/cron.deny

8. You need to make sure that a job is executed every day, even if the server at execution time is temporarily unavailable. How do you do this?

Trick question

9. Which service must be running to schedule at jobs?

cron.d

10. Which command enables you to find out whether any current at jobs are scheduled for execution?

atq

Week 21: Day 055 - Managing Software

Hello, this week I'm focusing on yum and rpm. In other words, this is about downloads and repositories. Although I already have a good understanding of it's basic uses, I will delve into more specific things.

First of all, "Red-Hat Package Manager" is a way to archive packages and provide its metadata. This program which comes with Red Hat, is immensely important when dealing with repos. Repositories should be kept up to date as it's important for installations. In the past I have made several repos, in my successful attempt to install Google Chrome and Spotify. To tell the server which repo to use, make the extensions of your repository files ".repo".

In this exercise, you learn how to create your own repository. To perform this exercise, you need to have access to the CentOS installation disk or ISO file.

1. Insert the installation disk in your virtual machine. This mounts it on the directory /run/media/user/CentOS 7 x86_64. Alternatively, you can manually mount the ISO on the /mnt directory, using mount -o loop /path/to/centos.iso /mnt.

I don't really need to do this part.

2. Type mkdir /repo to create a directory /repo that can be used as repository.

3. If you want to create a complete repository, containing all the required files, type cp $MOUNTPATH/Packages/* repo. (Replace $MOUNTPATH with the name of the directory on which the installation disk is mounted.) If you do not need a complete repository, you can copy just a few files from the installation disk to the /repo directory.

4. Type yum install -y createrepo to ensure that the createrepo RPM package is installed.

OR you can just make a new file with the extension ".repo"

5. Type createrepo /repo. This generates the repository metadata, which allows you to use your own repository.

If you do it my way, you open the repo file you made.

6. Now that you have created your own repository, you might as well start using it. In the /etc/yum.repos.d directory, create a file with the name my.repo. Make sure this file has the following contents:
[myrepo]
name=myrepo
baseurl=file:///repo

Then type it into this file. That's all you need, then you're done!

7. Type yum repolist to verify the availability of the newly created repository. It should show the name of the myrepo repository, including the number of packages that is offered through this repository

Done.
------------------------------------------------------------------------------------------------------------

Second of all, let's talk about yum! Even though it may be deprecated some day by dnf, right now it's important for us to use this instead, since it will be on the test. yum works with repositories, which is why RPM is so important, and why they go hand in hand.

Here are all the important yum commands:

- yum install (name of file)
- yum search (name of file)
- yum update (name of file)
- yum history
- yum list
- yum provides

That's pretty much it haha. Thanks for reading.


Review Questions

1. You have a directory containing a collection of RPM packages and want to make that directory a repository. Which command enables you to do that?

createrepo

2. What needs to be in the repository file to point to a repository on http://server.example.com/repo?

[xxxx]
name=xxxxx

baseurl=http://server.example.com/repo?

3. You have just configured a new repository to be used on your RHEL computer. Which command enables you to verify that the repository is indeed available?

yum repolist

4. Which command enables you to search the RPM package containing the file useradd?

5. Which two commands do you need to use to show the name of the yum group that contains security tools and shows what is in that group?

6. Which command enables you to install an RPM that you have downloaded from the Internet and which is not in the repositories?

7. You want to make sure that an RPM package that you have downloaded does not contain any dangerous script code. Which command enables you to do so?

8. Which command reveals all documentation in an RPM?

9. Which command shows the RPM a file comes from?

10. Which command enables you to query software from the repository?

Week 21: Day 054 - Process Management

Everything that happens on a Linux server requires the creation of processes. This chapter will cover specifics on what these processes do. When a process begins, it uses multiple threads, and a thread is a bunch of sub-processes happening at the same time.

To immediately start a job in the background, prefix the command by starting it with the "&" symbol. To return it to the foreground do use the "fg" command. To terminate a process use the "kill" command.


In this exercise, you apply the commands that you just learned about to manage jobs that have been started from the current shell.

1. Open a root shell and type the following commands:

sleep 3600 &
dd if=/dev/zero of=/dev/null &
sleep 7200

2. Because you started the last command with no & after the command, you have to wait 2 hours before you get control to the shell back. Type Ctrl+Z to stop it.

I can no longer access the shell, ctrl-z will stop it.

3. Type jobs. You will see the three jobs that you just started. The first two of them have the Running state, and the last job currently is in the Stopped state.

There are two running jobs, and the one that I stopped.

4. Type bg 3 to continue running job 3 in the background. Notice that because it was started as the last job, you did not really have to add the number 3.

It shows three running jobs.

5. Type fg 1 to move job 1 to the foreground.

This moves "sleep 2500" to the foreground.

6. Type Ctrl+C to cancel job number 1 and use jobs to confirm that it is now gone.

I ended that job, and it no longer exists.

7. Use the same approach to cancel jobs 2 and 3 also.

They're all dead.

8. Open a second terminal on your server.

9. From that second terminal, type dd if=/dev/zero of=/dev/null &.

Don't know what this did.

10. Type exit to close the second terminal.

11. From the other terminal, start top. You will see that the dd job is still running. From top, use k to kill the dd job.

It asked me to type the number of the running job, and I chose the one that said "dd", now it's dead.

You cannot manage a single thread, however you can manage processes. When managing processes, it's easy to identify kernel processes because it's in "[ ]" brackets. Use the "ps aux | head" command to test take a look at an example of kernel processes. Now, "ps" retrieves running processes information, there are several modifiers for it. "aux" will show you a short summary of these processes. To look for the exact command use to start a given process, type "ps -ef". To see hierarchical relationship between parent and child processes types "ps fax". Note: hyphens are optional.


In this exercise, you learn how to work with ps, nice, kill, and related utilities to manage processes.

1. Open a root shell. From this shell, type dd if=/dev/zero of=/dev/null &. Repeat this command three times.

Created 4 different jobs of this.

2. Type ps aux | grep dd. This shows all lines of output that have the letters dd in them; you will see more than just the dd processes, but that should not really matter. The processes you just started are listed last.

This searches for dd in all of the.

3. Use the PID of one of the dd processes to adjust the niceness, using renice -n 5 <PID>. Notice that in top you cannot easily get an overview of processes and their current priority.

I got an error.

4. Type ps fax | grep -B5 dd. The -B5 option shows the matching lines, including the five lines before that. Becauseps fax shows hierarchical relationships between processes, you should also find the shell and its PID from which all the dd processes were started.

5. Find the PID of the shell from which the dd processes were started and type kill -9 <PID>, replacing <PID> with the PID of the shell you just found. You will see that your root shell is closed, and with it, all of the dd processes. Killing a parent process is an easy and convenient way to kill all of its child processes also.


Review Questions

1. Which command gives an overview of all current shell jobs?

jobs

2. How do you stop the current shell job to continue running it in the background?

Ctrl-Z then bg

3. Which keystroke combination can you use to cancel the current shell job?

Ctrl-C

4. A user is asking you to cancel one of the jobs he has started. You cannot access the shell that user currently is working from. What can you do to cancel his job anyway?

ps aux and kill <PID>

5. Which command would you use to show parent-child relationships between processes?

ps fax

6. Which command enables you to change the priority of PID 1234 to a higher priority?

ps -nn p 1234

7. On your system, 20 dd processes are currently running. What is the easiest way to stop all of them?

killall dd

8. Which command enables you to stop the command with the name mycommand?

pkill mycommand

9. Which command do you use from top to kill a process?

k

10. How would you start a command with a reasonably high priority without risking that no more resources are available for other processes?

nice -5

Week 20: Day 053 - Configuring Networking

Hello, today I'm covering network configuration. Since a lot of this stuff overlaps with what I have learned so far with Network+, I will skip some stuff about IP addresses, and go straight to the important stuff.

Quick recap though, IPv4 addresses are what is widely used now, but since there is a shortage of these IPs many are switch to IPv6 addressing to cope with this important issue. Difference between them, IPv4 is 32-bit while IPv6 is 128-bit. DHCP is "Dynamic Host Configuration Protocol", and that distributes IPs in your network on its own, meaning no necessity for static addressing. Network cards in Linux will usually have names like "eth0" or "eth1", and it's ordered based on detection order. Ethernet interfaces begin "en", WLAN interfaces begin with "wl", and WWAN interaces with "ww". The next part of the name represents the adapter "o" is onboard, "s" is hotplug spot, "p" is PCI location, and "x" creates a device name. Finally, the numbers end at a number representing an index, ID, or port.
------------------------------------------------------------------------------------------------------------
Example: eno16777734

------------------------------------------------------------------------------------------------------------

To validate your Network Configuration, there are several commands that can be used with the IP utlity:

- "ip addr"
- "ip route"
- "ip link"

More scientifically in terms of ip addr, to see the current network configuration type, "ip addr show", or "ip a". This will show you the current state, the mac address configuration, and the IPv4 or IPv6 configuration. To see the link state type "ip link show". To validate your routing "ip route show"; you can probably see the trend here, if you want to see it, add the modifier "show".

On another note the command "netstat" will be deprecated, and has been on some Linux distros. The new command for this is "ss" or "ss -lt".

------------------------------------------------------------------------------------------------------------

Exercise: 

1. Open a root shell to your server and type ip addr show. This shows the current network configuration. Note the IPv4 address that is used. Notice the network device names that are used; you need these later in this exercise.

Very messy, but yes.

2. Type ip route show to verify routing configuration.

This shows all the information regarding routes created through your system in relation to the network.

3. If your computer is connected to the Internet, you can now use the ping command to verify the connection to the Internet is working properly. Type ping -c 4 8.8.8.8, for instance, to send four packets to IP address 8.8.8.8. If your Internet connection is up and running, you should get “echo reply” answers.

This will ping the specified DNS server. Fun fact: 8.8.8.8 are Google's servers.

4. Type ip addr add 10.0.0.10/24 dev <yourdevicename>.

This will basically change your IP.

5. Type ip addr show. You’ll see the newly set IP address, in addition to the IP address that was already in use.

Static addressing...

6. Type ifconfig. Notice that you do not see the newly set IP address (and there are no options with the ifconfigcommand that allow you to see it). This is one example why you should not use the ifconfig command anymore.

ifconfig may be deprecated by this soon enough. Sounds ridiculous, but it's true!

7. Type ss -tul. You’ll now see a list of all UDP and TCP ports that are listening on your server.

Very useful command. This will indeed show all ports listening form your system.

------------------------------------------------------------------------------------------------------------

Next up was nmtui and nmcli. Since I've already worked with nmtui, I skimmed over some of the stuff I already knew, but I'm still gonna blog about this. In the case of nmcli, I have not done much with that yet, but nmtui is enough since people like Graham have already posted stuff about nmcli.

Anyways, nmtui is an interesting tool which I've used with my virtual machines. It is used for routing and accepting and distributing DHCP. Here are the important notes:

The nmtui interface consists of three menu options:

- Edit a Connection: Use this option to create new connections or edit existing connections.

- Activate a Connection: Use this to (re)activate a connection.

- Set System Hostname: Use this to set the hostname of your computer.

The option to edit a connection offers almost all features that you might ever need to do while working on network connections. It allows you to do anything you need to be doing on the RHCSA exam. You can use it to add any type of connection. Not just Ethernet connections, but also advanced connection types such as network bridges and teamed network drivers are supported.

When you select the option Edit Connection, you get access to a rich interface that allows you to edit most properties of network connections. After editing the connection, you need to deactivate it and activate it again. This should work automatically, but the fact is it does not. This wraps up my post! Thanks for reading.

Quick Note: "hostname.ctl" is extremely useful, shows you important data about your machine.

Week 20: Day 052 - Managing Users and Groups

Hello, today I will give you a summary of what I learned about managing users and groups. Most of this was done through my own doing on terminal, with some help from the textbook. Let's see what I know:

#1 - Local User Accounts

To create a local user account you need to sudo or get into root by doing "sudo su".

To make a new user type "useradd (name of user)".

To identify which user you are type "whoami".

To edit the sudoers file type "visudo".

To get into the configuration files do "vipw"

To change the password do "passwd (name of user)", usually in sudo.

To remove users do "userdel -r (name of user)".

------------------------------------------------------------------------------------------------------------
Ideal Example: "passwd -n 30 -w 3 -x 90 linda", sets the password for user linda to a minimal usage period of 30 days and an expiry after 90 days, where a warning is generated 3 days before expiry.------------------------------------------------------------------------------------------------------------

#2 - Local Groups

To create a local group you must use the command "vigr" or "groupadd".

To customize the name of the group when creating it "groupadd -g"

To make a user a part of an administrative group do "usermod -aG wheel user".

To make sure that a user is in a certain group type "id (name of user)".

To modify properties of the group "groupmod".
------------------------------------------------------------------------------------------------------------
Ideal Example: Type "groupadd sales" followed by "groupadd account" to add groups with the names sales and account. Then "usermod -aG sales linda" to add Linda to that group.

------------------------------------------------------------------------------------------------------------

#3 - Lightweight Directory Access Protocol (LDAP)

This is hierarchical and organized like DNS.

To configure this to CentOS/RHEL 7, there are several options:

- "authconfig" will let you configure through command line.

- "authconfig-tui" will give let you configure with a Text User Interface.

- "authconfig-gtk" will give you a GUI utility to configure it.

To connect to an LDAP server you must:

- Setup a hostname resolution on your server.

- The IP "192.168.122.200" is used for LDAP

You will be given this in the Text User Interface version, type this stuff in:

Click "OK" and you're done! Finally:

Review Questions

1. What is the UID of user root?

0

2. What is the configuration file in which sudo is defined?

/etc/sudoers

3. Which command should you use to modify a sudo configuration?

visudo

4. Which two files can be used to define settings that will be used when creating users?
/etc/login.defs

5. How many groups can you create in /etc/passwd?

None

6. If you want to grant a user access to all admin commands through sudo, which group should you make that user a member of?

wheel

7. Which command should you use to modify the /etc/group file manually?

vigr

8. Which two commands can you use to change user password information?

passwd chage

9. What is the name of the file where user passwords are stored?

/etc/shadow

10. What is the name of the file where group accounts are stored?

/etc/group