Sei sulla pagina 1di 514

Activity Guide

D74508GC10
Edition 1.0
August 2012
D78746

Oracle Internal & Oracle Academy Use Only

Oracle Linux System


Administration

Copyright 2012, Oracle and/or its affiliates. All rights reserved.


Disclaimer
This document contains proprietary information and is protected by copyright and other intellectual property laws. You may copy and
print this document solely for your own use in an Oracle training course. The document may not be modified or altered in any way.
Except where your use constitutes "fair use" under copyright law, you may not use, share, download, upload, copy, print, display,
perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without the express authorization
of Oracle.
The information contained in this document is subject to change without notice. If you find any problems in the document, please
report them in writing to: Oracle University, 500 Oracle Parkway, Redwood Shores, California 94065 USA. This document is not
warranted to be error-free.
Restricted Rights Notice

U.S. GOVERNMENT RIGHTS


The U.S. Governments rights to use, modify, reproduce, release, perform, display, or disclose these training materials are restricted
by the terms of the applicable Oracle license agreement and/or the applicable U.S. Government contract.
Trademark Notice
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective
owners.

Author
Craig McBride
Technical Contributors and Reviewers
Avi Miller, Elena Zannoni, Lenz Grimmer, Sergio Leunissen, Waseem Daher, Wim Coekaerts,
Al Flournoy, Harald Van Breederode, Joel Goodman, Manish Kapur, Soeren Binner, Jeremy
Smyth, Yasar Akthar, Javier Saiz, Ozgur Yuksel, Antoinette OSullivan, Frank Allan, Gavin
Bowe, Gino Kawalski, Jeff Suchomel, Rob Swank, Ron Hardin, Michele Dady, Matt Taylor
This book was published using:

Oracle Tutor

Oracle Internal & Oracle Academy Use Only

If this documentation is delivered to the United States Government or anyone using the documentation on behalf of the United
States Government, the following notice is applicable:

Table of Contents
Practices for Lesson 1: Course Introduction.................................................................................................1-1
Practices for Lesson 1....................................................................................................................................1-2
Practice 1-1: Exploring the dom0 Environment ..............................................................................................1-3
Practice 1-2: Starting, Stopping, and Listing Guests ......................................................................................1-9
Practice 1-3: Connecting to a Guest VM ........................................................................................................1-11
Practice 1-4: Logging Off Your Student PC....................................................................................................1-15
Practices for Lesson 2....................................................................................................................................2-2
Practice 2-1: Quiz Introduction to Oracle Linux...........................................................................................2-3
Solution 2-1: Quiz Introduction to Oracle Linux...........................................................................................2-5
Practice 2-2: Viewing Kernel Information .......................................................................................................2-6
Solution 2-2: Viewing Kernel Information .......................................................................................................2-7
Practices for Lesson 3: Installing Oracle Linux ............................................................................................3-1
Practices for Lesson 3....................................................................................................................................3-2
Practice 3-1: Installing Oracle Linux...............................................................................................................3-3
Practice 3-2: Using FirstBoot .........................................................................................................................3-37
Practice 3-3: Logging In to Oracle Linux and Shutting Down .........................................................................3-44
Practice 3-4: Post-Installation Tasks ..............................................................................................................3-46
Practices for Lesson 4: Linux Boot Process .................................................................................................4-1
Practices for Lesson 4....................................................................................................................................4-2
Practice 4-1: Exploring the GRUB Boot Loader .............................................................................................4-3
Solution 4-1: Exploring the GRUB Boot Loader .............................................................................................4-8
Practice 4-2: Booting Different Kernels ..........................................................................................................4-16
Solution 4-2: Booting Different Kernels ..........................................................................................................4-17
Practice 4-3: Using the GRUB Menu..............................................................................................................4-19
Solution 4-3: Using the GRUB Menu..............................................................................................................4-20
Practice 4-4: Changing the Default Runlevel .................................................................................................4-26
Solution 4-4: Changing the Default Runlevel .................................................................................................4-27
Practice 4-5: Exploring and Configuring init Services.....................................................................................4-30
Solution 4-5: Exploring and Configuring init Services.....................................................................................4-32
Practices for Lesson 5: System Configuration..............................................................................................5-1
Practices for Lesson 5....................................................................................................................................5-2
Practice 5-1: Exploring /etc/sysconfig ............................................................................................................5-3
Solution 5-1: Exploring /etc/sysconfig ............................................................................................................5-5
Practice 5-2: Exploring /proc ..........................................................................................................................5-8
Solution 5-2: Exploring /proc ..........................................................................................................................5-9
Practice 5-3: Exploring the sysfs File System ................................................................................................5-12
Solution 5-3: Exploring the sysfs File System ................................................................................................5-13
Practice 5-4: Using sysctl...............................................................................................................................5-15
Solution 5-4: Using sysctl...............................................................................................................................5-16
Practices for Lesson 6: Package Management .............................................................................................6-1
Practices for Lesson 6....................................................................................................................................6-2
Practice 6-1: Using the rpm Utility ..................................................................................................................6-3
Solution 6-1: Using the rpm Utility ..................................................................................................................6-4
Practice 6-2: Oracle Public Yum Server.........................................................................................................6-7
Solution 6-2: Oracle Public Yum Server.........................................................................................................6-9
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Linux System Administration Table of Contents


i

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 2: Introduction to Oracle Linux...................................................................................2-1

Practice 6-3: Creating a Local yum Repository ..............................................................................................6-13


Solution 6-3: Creating a Local yum Repository ..............................................................................................6-15
Practice 6-4: Using the yum Utility .................................................................................................................6-18
Solution 6-4: Using the yum Utility .................................................................................................................6-19
Practice 6-5: Unbreakable Linux Network (ULN)............................................................................................6-23
Solution 6-5: Unbreakable Linux Network (ULN)............................................................................................6-24
Practices for Lesson 7: Ksplice ......................................................................................................................7-1
Practices for Lesson 7....................................................................................................................................7-2
Practices for Lesson 8: Automating Tasks....................................................................................................8-1
Practices for Lesson 8....................................................................................................................................8-2
Practice 8-1: Automating Tasks .....................................................................................................................8-3
Solution 8-1: Automating Tasks .....................................................................................................................8-5
Practices for Lesson 9....................................................................................................................................9-2
Practice 9-1: System Log File Configuration ..................................................................................................9-3
Solution 9-1: System Log File Configuration ..................................................................................................9-5
Practice 9-2: Using rsyslog Templates...........................................................................................................9-9
Solution 9-2: Using rsyslog Templates...........................................................................................................9-10
Practice 9-3: Using logwatch..........................................................................................................................9-12
Solution 9-3: Using logwatch..........................................................................................................................9-13
Practices for Lesson 10: Kernel Module Configuration................................................................................10-1
Practices for Lesson 10..................................................................................................................................10-2
Practice 10-1: Using Loadable Kernel Modules .............................................................................................10-3
Solution 10-1: Using Loadable Kernel Modules .............................................................................................10-5
Practices for Lesson 11: User and Group Administration ...........................................................................11-1
Practices for Lesson 11..................................................................................................................................11-2
Practice 11-1: User Account Administration...................................................................................................11-3
Solution 11-1: User Account Administration...................................................................................................11-5
Practice 11-2: Group Account Administration ................................................................................................11-14
Solution 11-2: Group Account Administration ................................................................................................11-15
Practice 11-3: User Private Groups................................................................................................................11-16
Solution 11-3: User Private Groups................................................................................................................11-17
Practice 11-4: Password Aging ......................................................................................................................11-19
Solution 11-4: Password Aging ......................................................................................................................11-20
Practice 11-5: Using the User Manager GUI ..................................................................................................11-22
Solution 11-5: Using the User Manager GUI..................................................................................................11-24
Practices for Lesson 12: Oracle Linux Filesystems......................................................................................12-1
Practices for Lesson 12..................................................................................................................................12-2
Practice 12-1: Listing the Current Disk Partitions ...........................................................................................12-3
Solution 12-1: Listing the Current Disk Partitions ...........................................................................................12-5
Practice 12-2: Partitioning a Storage Device..................................................................................................12-8
Solution 12-2: Partitioning a Storage Device..................................................................................................12-10
Practice 12-3: Creating ext Filesystems.........................................................................................................12-14
Solution 12-3: Creating ext Filesystems.........................................................................................................12-15
Practice 12-4: Implementing Access Control Lists .........................................................................................12-18
Solution 12-4: Implementing Access Control Lists .........................................................................................12-19
Practice 12-5: Creating a btrfs Filesystem .....................................................................................................12-22
Solution 12-5: Creating a btrfs Filesystem .....................................................................................................12-23
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Linux System Administration Table of Contents


ii

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 9: System Logging.......................................................................................................9-1

Practice 12-6: Increasing Swap Space ..........................................................................................................12-26


Solution 12-6: Increasing Swap Space ..........................................................................................................12-27
Practice 12-7: Setting Disk Quotas ................................................................................................................12-29
Solution 12-7: Setting Disk Quotas ................................................................................................................12-31
Practices for Lesson 13..................................................................................................................................13-2
Practice 13-1: Creating Linux LVM Partitions.................................................................................................13-3
Solution 13-1: Creating Linux LVM Partitions.................................................................................................13-5
Practice 13-2: Creating a Logical Volume ......................................................................................................13-8
Solution 13-2: Creating a Logical Volume ......................................................................................................13-9
Practice 13-3: Creating a Filesystem and Mounting a Logical Volume ..........................................................13-12
Solution 13-3: Creating a Filesystem and Mounting a Logical Volume ..........................................................13-13
Practice 13-4: Creating a Logical Volume Snapshot ......................................................................................13-14
Solution 13-4: Creating a Logical Volume Snapshot ......................................................................................13-15
Practice 13-5: Increasing the Capacity of a Logical Volume ..........................................................................13-17
Solution 13-5: Increasing the Capacity of a Logical Volume ..........................................................................13-18
Practice 13-6: Creating a RAID Device ..........................................................................................................13-21
Solution 13-6: Creating a RAID Device ..........................................................................................................13-22
Practice 13-7: Encrypting a Filesystem ..........................................................................................................13-25
Solution 13-7: Encrypting a Filesystem ..........................................................................................................13-27
Practice 13-8: Using kpartx ............................................................................................................................13-31
Solution 13-8: Using kpartx ............................................................................................................................13-33
Practices for Lesson 14: Network Configuration ..........................................................................................14-1
Practices for Lesson 14..................................................................................................................................14-2
Practice 14-1: Configuring the eth1 Network Interface...................................................................................14-3
Solution 14-1: Configuring the eth1 Network Interface...................................................................................14-5
Practice 14-2: Using NetworkManager...........................................................................................................14-8
Solution 14-2: Using NetworkManager...........................................................................................................14-10
Practice 14-3: Using the system-config-network Utility ..................................................................................14-15
Solution 14-3: Using the system-config-network Utility ..................................................................................14-16
Practices for Lesson 15: Network Addressing and Name Services ............................................................15-1
Practices for Lesson 15..................................................................................................................................15-2
Practice 15-1: Configuring a DHCP Server ....................................................................................................15-3
Solution 15-1: Configuring a DHCP Server ....................................................................................................15-4
Practice 15-2: Configuring a DHCP Client .....................................................................................................15-5
Solution 15-2: Configuring a DHCP Client .....................................................................................................15-6
Practice 15-3: DNS Configuration ..................................................................................................................15-8
Solution 15-3: DNS Configuration ..................................................................................................................15-10
Practice 15-4: Accessing the Public Yum Repository.....................................................................................15-14
Solution 15-4: Accessing the Public Yum Repository.....................................................................................15-17
Practices for Lesson 16: File Sharing ............................................................................................................16-1
Practices for Lesson 16..................................................................................................................................16-2
Practice 16-1: Configuring an NFS Server and an NFS Client.......................................................................16-3
Solution 16-1: Configuring an NFS Server and an NFS Client.......................................................................16-5
Practice 16-2: Using Auto-Mounter ................................................................................................................16-8
Solution 16-2: Using Auto-Mounter ................................................................................................................16-10
Practice 16-3: Configuring an FTP Server .....................................................................................................16-12
Solution 16-3: Configuring an FTP Server .....................................................................................................16-13
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Linux System Administration Table of Contents


iii

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 13: Storage Administration .........................................................................................13-1

Practice 16-4: Downloading a File from an FTP Server .................................................................................16-15


Solution 16-4: Downloading a File from an FTP Server .................................................................................16-16
Practices for Lesson 17: OpenSSH ................................................................................................................17-1
Practices for Lesson 17..................................................................................................................................17-2
Practice 17-1: Connecting to a Remote Server by Using ssh ........................................................................17-3
Solution 17-1: Connecting to a Remote Server by Using ssh ........................................................................17-5
Practice 17-2: Configuring OpenSSH to Connect Without a Password..........................................................17-8
Solution 17-2: Configuring OpenSSH to Connect Without a Password..........................................................17-9
Practice 17-3: Using the sftp Utility to Install a New Kernel............................................................................17-11
Solution 17-3: Using the sftp Utility to Install a New Kernel............................................................................17-13
Practices for Lesson 18..................................................................................................................................18-2
Practice 18-1: Configuring an NIS Server ......................................................................................................18-3
Solution 18-1: Configuring an NIS Server ......................................................................................................18-5
Practice 18-2: Configuring an NIS Client........................................................................................................18-8
Solution 18-2: Configuring an NIS Client........................................................................................................18-9
Practice 18-3: Implementing NIS Authentication............................................................................................18-10
Solution 18-3: Implementing NIS Authentication............................................................................................18-11
Practice 18-4: Testing NIS Authentication......................................................................................................18-14
Solution 18-4: Testing NIS Authentication......................................................................................................18-15
Practice 18-5: Auto-mounting a User Home Directory ...................................................................................18-17
Solution 18-5: Auto-mounting a User Home Directory ...................................................................................18-18
Practices for Lesson 19: Pluggable Authentication Modules (PAM)...........................................................19-1
Practices for Lesson 19..................................................................................................................................19-2
Practice 19-1: Configuring PAM for a Single Login Session ..........................................................................19-3
Solution 19-1: Configuring PAM for a Single Login Session ..........................................................................19-5
Practice 19-2: Configuring PAM to Prevent Non-root Login ...........................................................................19-9
Solution 19-2: Configuring PAM to Prevent Non-root Login ...........................................................................19-11
Practices for Lesson 20: Security Administration ........................................................................................20-1
Practices for Lesson 20..................................................................................................................................20-2
Practice 20-1: Exploring SELinux...................................................................................................................20-3
Solution 20-1: Exploring SELinux...................................................................................................................20-5
Practice 20-2: Configuring an SELinux Boolean ............................................................................................20-11
Solution 20-2: Configuring an SELinux Boolean ............................................................................................20-13
Practice 20-3: Configuring a chroot Jail .........................................................................................................20-16
Solution 20-3: Configuring a chroot Jail .........................................................................................................20-18
Practice 20-4: Configuring a chroot Jail for ftp Users .....................................................................................20-20
Solution 20-4: Configuring a chroot Jail for ftp Users .....................................................................................20-22
Practice 20-5: Configuring iptables ................................................................................................................20-27
Solution 20-5: Configuring iptables ................................................................................................................20-30
Practice 20-6: Configuring a TCP Wrapper....................................................................................................20-37
Solution 20-6: Configuring a TCP Wrapper....................................................................................................20-38
Practices for Lesson 21: Web and Email Services........................................................................................21-1
Practices for Lesson 21..................................................................................................................................21-2
Practice 21-1: Configuring Apache Web Server.............................................................................................21-3
Solution 21-1: Configuring Apache Web Server.............................................................................................21-6
Practices for Lesson 22: System Monitoring and Troubleshooting ............................................................22-1
Practices for Lesson 22..................................................................................................................................22-2
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Linux System Administration Table of Contents


iv

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 18: Authentication and Directory Services ................................................................18-1

Practice 22-1: Using sosreport to Collect System Information .......................................................................22-3


Solution 22-1: Using sosreport to Collect System Information .......................................................................22-4
Practice 22-2: Configuring kdump ..................................................................................................................22-7
Solution 22-2: Configuring kdump ..................................................................................................................22-9
Practice 22-3: Installing and Using OSWatcher .............................................................................................22-16
Solution 22-3: Installing and Using OSWatcher .............................................................................................22-19
Practices for Lesson 23..................................................................................................................................23-2
Practice 23-1: Using sftp to Upload oracle* Packages ...................................................................................23-3
Solution 23-1: Using sftp to Upload oracle* Packages ...................................................................................23-4
Practice 23-2: Installing and Running Oracle RDBMS Pre-Install ..................................................................23-5
Solution 23-2: Installing and Running Oracle RDBMS Pre-Install ..................................................................23-6
Practice 23-3: Preparing Disks for ASM Use .................................................................................................23-9
Solution 23-3: Preparing Disks for ASM Use .................................................................................................23-11
Practice 23-4: Installing and Configuring ASMLib ..........................................................................................23-15
Solution 23-4: Installing and Configuring ASMLib ..........................................................................................23-16
Appendixes: Remote Access Options ...........................................................................................................24-1
Appendix ........................................................................................................................................................24-3
Appendix A: Using an NX Client to Connect to dom0 ....................................................................................24-4
Appendix B: Using an NX Player to Connect to dom0 ...................................................................................24-8
Appendix C: Using VNC (TightVNC) to Connect Directly to VM Guests ........................................................24-14

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Oracle Linux System Administration Table of Contents


v

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 23: Oracle on Oracle ....................................................................................................23-1

Oracle Internal & Oracle Academy Use Only

Chapter 1

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 1:


Course Introduction

Practices for Lesson 1


Practices Overview
In these practices, you become familiar with the Oracle VM Server environment installed on
your classroom PC. You log on to your classroom PC and connect to the virtual machines used
for the hands-on practices.

Your instructor has assigned a student PC to you.


The student PC is running OVM 2.2.1.
The GNOME desktop is installed on dom0.
Three guests (virtual machines) are created: host01, host02, and host03.
Guest VMs host01 and host02 are running Oracle Linux 6.2
You install Oracle Linux 6.2 on host03 in Practice 3.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 2

Oracle Internal & Oracle Academy Use Only

Assumptions

Practice 1-1: Exploring the dom0 Environment


Overview
In this practice, you explore dom0 configuration and directory structure.

Tasks
Open a terminal window.
Begin this task from the dom0 GNOME virtual desktop window as shown below.

a.

Double-click the Terminal icon on the GNOME desktop.

A terminal window opens.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 3

Oracle Internal & Oracle Academy Use Only

1.

Become the root user.

Enter the commands from an open terminal window as shown below.

a.

Become root by using the su - command. The root password is oracle. Use the
whoami command to print the user identity to confirm that you are root:
$ su
Password: oracle
# whoami
root

3.

Determine the operating system running on dom0.


a. Use the uname a command to display the operating system version. The output
shown is a sample and may not represent the host name and kernel version running on
your system.
# uname a
Linux EDT3R17P0 2.6.18-128.2.1.4.25.el5xen #1 SMP Tue Mar 23
12:43:27 EDT 2010 i686 i686 i383 GNU/Linux
In this example, the operating system is Linux.

The Linux kernel is 2.6.18-128.2.1.4.25.el5xen.

The host name is EDT3R17P0 (your host name is different).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 4

Oracle Internal & Oracle Academy Use Only

2.

Determine the network configuration of dom0.


a. Use the ifconfig a command to display the network configuration. The output
shown is a sample and may not represent the network configuration of your system.
Only partial output is shown.
# ifconfig -a
...
eth0
Link encap:Ethernet
inet addr:10.150.30.68
...
lo
Link encap:Local Loopback
inet addr:127.0.0.1
...
vif...
Link encap:Ethernet
...
virbr0
Link encap:Ethernet
inet addr:192.0.2.1
...
virbr1
Link encap:Ethernet
inet addr:192.168.1.1
...
xenbr0
Link encap:Ethernet
inet addr:10.150.30.68
...
In this example, the network interface for dom0 is eth0 and is assigned an IP
address of 10.150.30.68. Connection to the outside world is provided from this
interface.
The lo interface is a software loopback interface that identifies the localhost. It is
always assigned an IP address of 127.0.0.1.

The virbr0 interface is a xen bridge interface used by the VM guests. It is


assigned an IP address of 192.0.2.1.

The virbr1 interface is a second xen bridge interface used by the VM guests. It is
assigned an IP address of 192.168.1.1.

As you will see later, each of the guest virtual machines is on the 192.0.2 subnet
and the 192.168.1 subnet. Communication to the classroom network is through
xenbr0.

You also notice vif<#>.0 and vif<#>.1 entries. These are the virtual interfaces
that are tied to the VM/domU IDs. You can get the VM/domU IDs from the xm list
command, which you run later in this practice.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 5

Oracle Internal & Oracle Academy Use Only

4.

Explore the /OVS directory structure on dom0.

The output shown is a sample and may not represent your system. Only partial output
is shown.
Explore the top level of the /OVS directory:

a.

# ls l /OVS
lrwxrwxrwx /OVS -> /var/ovs/mount/...
# cd /OVS
# ls l
drwxrwxrwx iso_pool
drwxrwxrwx lost+found
drwxrwxrwx publish_pool
drwxrwxrwx running_pool
drwxrwxrwx seed_pool
drwxrwxrwx sharedDisk
Note that /OVS is a symbolic link to the /var/ovs/mount/... directory.

b.

There are six directories in the /OVS directory.


Explore the /OVS/running_pool directory:

# cd /OVS/running_pool
# ls l
drwxr-xr-x host01
drwxr-xr-x host02
drwxr-xr-x host03
The files needed to create the VMs are in separate directories in the
/OVS/running_pool directory.

c.

This example shows that three VMs currently exist: host01, host02 and host03.
Explore the host03 VM directory.

# cd /OVS/running_pool/host03
# ls l
-rw-r--r-- system.img
-rw-r--r-- u01.img
-rw-r--r-- u02.img
-rw-r--r-- vm.cfg
The system.img file is the operating system virtual disk.

The u01.img and u02.img files are additional virtual disks used by the storage
administration practices.
The vm.cfg file is the configuration file for the virtual machine. This file is read
when the virtual machine is created.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 6

Oracle Internal & Oracle Academy Use Only

5.

View the vm.cfg file.


# cat vm.cfg
name = host03
builder = hvm
memory = 2048
boot = cd
disk = [ file:/OVS/running_pool/host03/system.img,hda,w,
file:/OVS/running_pool/host03/u01.img,hdb,w,
file:/OVS/running_pool/host03/u02.img,hdd,w,
file:/OVS/seed_pool/OracleLinux-R6-U2-Server-x86_64dvd.iso,hdc:cdrom,r]
vif = [ mac=00:16:3e:00:01:03, bridge=virbr0,
mac=00:16:3e:00:02:03, bridge=virbr1]
device_model = /usr/lib/xen/bin/qemu-dm
kernel = /usr/lib/xen/boot/hvmloader
vnc = 1
vncunused=1
vcpus = 1
timer_mode = 0
apic = 1
acpi = 1
pae = 1
serial = pty
on_reboot = restart
on_crash = restart
usb = 1
usbdevice = 'tablet'
Notice there are three virtual disks represented by the three .img files.

Notice the Oracle Linux dvd.iso is mounted on a virtual cdrom device.

Notice there are two virtual network interfaces. The interface on the virbr0 bridge
is eth0, and the interface on the virbr1 bridge is eth1.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 7

Oracle Internal & Oracle Academy Use Only

d.

Oracle Internal & Oracle Academy Use Only

The following displays the configuration. host01 has one disk. host02 and host03 each have
three disks.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 8

Practice 1-2: Starting, Stopping, and Listing Guests


Overview
In this practice, you use xm commands to list, create, and shut down virtual machines.

Assumptions

You are logged on to dom0.


You have a terminal window open.

You are the root user.

1.

2.

List all currently active guests, as well as dom0 itself.


a. Use the xm list command. The output shown is a sample and will not represent your
system exactly.
# xm list
Name
ID
Mem VCPUs
State
Time(s)
Domain-0
0
1024
2
r----281.1
host01
3
2240
1
-b---157.6
host02
1
2240
1
-b---159.0
host03
2
2240
1
-b---13.2
You should have three guests (host01, host02, and host03) listed in the preceding
output.
Shut down the specified VMs.
a. Use the xm shutdown w <VM name> command to shut down the VMs. The w
option tells the system to wait until all services in the domain shut down cleanly.
# xm shutdown w host01
Domain host01 terminated
All domains terminated
# xm shutdown w host02
Domain host02 terminated
All domains terminated
# xm shutdown w host03
Domain host03 terminated
All domains terminated
# xm list
Name
ID
Mem VCPUs
State
Time(s)
Domain-0
0
1024
2
r----289.6

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 9

Oracle Internal & Oracle Academy Use Only

Tasks

Start the VMs.


a. Use the xm create <config_file> command to start the host01 and host02
VMs. The <config_file> is named vm.cfg and is located in the
/OVS/running_pool/<VM_name> directory.
# cd /OVS/running_pool/host01
# xm create vm.cfg
Using config file ./vm.cfg.
Started domain host01 (id=4)
# xm list
Name
ID
Mem VCPUs
Domain-0
0
1024
2
host01
4
2240
1
# cd /OVS/running_pool/host02
# xm create vm.cfg
Using config file ./vm.cfg.
Started domain host02 (id=5)
# xm list
Name
ID
Mem VCPUs
Domain-0
0
1024
2
host01
4
2240
1
host02
5
2240
1

State
r-----b----

Time(s)
304.5
18.7

State
r-----b----b----

Time(s)
318.4
24.7
13.7

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 10

Oracle Internal & Oracle Academy Use Only

3.

Practice 1-3: Connecting to a Guest VM


Overview
In this practice, you connect to a virtual machine guest.

Assumptions

You are logged on to dom0.


You have a terminal window open.

You are the root user.

Both host01 and host02 VMs are running.

1.

Connect to host01 guest by using vncviewer.


a. Determine the vnc port number for host01 by running the xm list l host01 |
grep location command.
# xm list l host01 | grep location
(location 0.0.0.0:5900)
(location 2)
The sample shown indicates that the port number is 5900. This may not be true in
your case.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 11

Oracle Internal & Oracle Academy Use Only

Tasks

b.

Run the vncviewer& command:

c.

Enter the localhost:<port_number> command, substituting the port number


displayed from the previous xm list command. For example, if the port number is
5900, enter localhost:5900 and click OK.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 12

Oracle Internal & Oracle Academy Use Only

# vncviewer&

The VNC Viewer: Connection Details dialog box is displayed:

The window shown below is displayed. Log in as root with password 0racle (leading
zero, not letter O).

e.

Use the hostname command to confirm that you are logged on to the host01 VM.
# hostname
host01.example.com

f.

Log out by entering either the logout command or the exit command.
# logout

2.

g. Close the VNC window by clicking the X at the top-right corner of the window.
Connect to host01 guest by using ssh.
a. Alternatively, use the ssh command to connect to the VM guest.

You are presented with the RSA key fingerprint question the first time you connect.
Answer yes to the question and then enter the root password 0racle.

RSA and the ssh utility are covered in Lesson 17, OpenSSH.
# ssh host01
The authenticity of host host01 (192.0.2.101) cant be
established. RSA key fingerprint is ...
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added host03,192.0,2,103 (RSA) to the
list of known hosts.
root@host01s password:
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 13

Oracle Internal & Oracle Academy Use Only

d.

b.

To confirm that you have connected to host01, enter the hostname command:
# hostname
host01.example.com

c.

# exit
Connection to host01 closed.
# hostname
EDT3R17P0
In this example, the host name is EDT3R17P0. Your host name is different.

Oracle Internal & Oracle Academy Use Only

Terminate the ssh connection by entering the exit command. To verify that you are
back to dom0, enter the hostname command:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 14

Practice 1-4: Logging Off Your Student PC


Overview
In this practice, you learn how to log off your system.

Tasks
Log off your student PC.
a. Open the System menu on the GNOME desktop.

b.
c.

Select Log Out vncuser from the System menu:


Click the Log Out button to log out.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 15

Oracle Internal & Oracle Academy Use Only

1.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 1: Course Introduction


Chapter 1 - Page 16

Chapter 2

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 2:


Introduction to Oracle Linux

Practices for Lesson 2


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you test your knowledge of Linux and of Oracles contributions and
commitment to Linux. You also view the different kernel packages that are installed with Oracle
Linux.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 2

Practice 2-1: Quiz Introduction to Oracle Linux


Overview
In this quiz, you answer questions about the history of Linux in general, as well as Oracles
commitment and contributions to Linux.

Choose the best answer from those provided for each multiple choice or True/False question.
1. Which of the following statements are true? (Choose all that apply).
a. Linux is a UNIX-like operating system named for its developer, Linus Torvalds.
b. Richard Stallman released version 0.01 of the Linux kernel in September 1991.
c. The goal of the GNU Project to create a free, UNIX-like operating system was realized
in 1992 with the addition of the Hurd kernel.
d. Distributors of GPL software must provide the binaries at no cost, but they can charge
for the source code.
2. Thousands of programmers all over the world participate in development of the Linux
operating system.
a. True
b. False
3. Linus Torvalds releases a new version of the mainline kernel approximately:
a. Every month
b. Every three months
c. Every six months
d. Every year
4. The revision control system for the Linux kernel source code is called:
a. SCCS
b. RCS
c. BitKeeper
d. Git
5. A Linux distribution is a collection of software built on top of the Linux kernel and offered as
a complete package.
a. True
b. False
6. Which of the following statements about Oracles commitment to Linux are true? (Choose
all that apply).
a. Oracle runs its business on Linux.
b. Oracle has a global Linux support organization.
c. Oracle has a dedicated Linux kernel development team.
d. Oracles goal is to deliver the best-performing, most modern, most reliable Linux
operating system for the enterprise.
7. Oracle Linux is fully compatible with which of the following Linux distributions?
a. Debian
b. Ubuntu
c. SUSE
d. RHEL
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 3

Oracle Internal & Oracle Academy Use Only

Quiz Questions

The Unbreakable Enterprise Kernel is optimized for Oracle applications and is the only
kernel offered with Oracle Linux.
a. True
b. False

Oracle Internal & Oracle Academy Use Only

8.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 4

Solution 2-1: Quiz Introduction to Oracle Linux


1.
2.

3.
4.
5.

6.

7.
8.

Which of the following statements are true? (Choose all that apply).
a. Linux is a UNIX-like operating system named for its developer, Linus Torvalds.
Thousands of programs all over the world participate in development of the Linux operating
system.
a. True
Linus Torvalds releases a new version of the mainline kernel approximately:
b. Every three months
The revision control system for the Linux kernel source code is called:
d. Git
A Linux distribution is a collection of software built on top of the Linux kernel and offered as
a complete package.
a. True
Which of the following statements about Oracles commitment to Linux are true? (Choose
all that apply).
a. Oracle runs its business on Linux.
b. Oracle has a global Linux support organization.
c. Oracle has a dedicated Linux kernel development team.
d. Oracles goal is to deliver the best-performing, most modern, most reliable Linux
operating system for the enterprise.
Oracle Linux is fully compatible with which of the following Linux distributions?
d. RHEL
The Unbreakable Enterprise Kernel is optimized for Oracle applications and is the only
kernel offered with Oracle Linux.
b. False. It is true that the Unbreakable Enterprise Kernel is optimized for Oracle
applications. But Oracle Linux also includes a Red Hat Compatible Kernel for customers
requiring strict RHEL compatibility.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 5

Oracle Internal & Oracle Academy Use Only

Quiz Solutions

Practice 2-2: Viewing Kernel Information


Overview
In this practice, you connect to host01 VM, view the installed kernel packages, and determine
which kernel is running. You also view the text file used by Oracle support teams to easily
identify the active kernel. Note that the displayed sample output might not represent your own
system.

Assumptions

You are logged on to dom0.


VM host01 is running.

1.

2.

Open a terminal window.


a. Double-click the Terminal icon on the GNOME desktop.
A terminal window opens.
Become the root user.

a.

3.
4.
5.

6.

Enter the commands from an open terminal window.


Become root by using the su - command. The root password is oracle. Use the
whoami command to print the user identity to confirm that you are root:
Connect to host01 guest as root user (password is 0racle) using ssh.
List the kernel release that is currently running on your system.
Note that the Unbreakable Enterprise Kernel is running by default.
List the kernel packages installed on your system.
Note that the following two kernel packages are installed (associated firmware
packages are also installed):
Unbreakable Enterprise Kernel package (kernel-uek-2.6.32300.3.1.el6uek.x86_64)
Red Hat Compatible Kernel package (kernel-2.6.32-220.el6.x86_64)
View the /etc/*release files on your system.

Note that /etc/system-release is a symbolic link to /etc/oracle-release.

7.

If the Red Hat Compatible Kernel were running, /etc/system-release would link to
/etc/redhat-release.
Log out from host01.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 6

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 2-2: Viewing Kernel Information


Tasks
Open a terminal window.
Begin this task from the GNOME virtual desktop window:

a.

Double-click the Terminal icon on the GNOME desktop.


A terminal window opens.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 7

Oracle Internal & Oracle Academy Use Only

1.

Become the root user.

Enter the commands from an open terminal window:

a.

Become root by using the su - command. The root password is oracle. Use the
whoami command to print the user identity to confirm that you are root:
$ su
Password: oracle
# whoami
root

3.

Connect to host01 guest as root user (password is 0racle) using ssh.


a.

Use the ssh command to connect to the VM guest host01 as root. The password is
0racle. Confirm that you have connected to host01 by entering the hostname
command:
# ssh host01
root@host01s password: 0racle
# hostname
host01.example.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 8

Oracle Internal & Oracle Academy Use Only

2.

5.

List the kernel release that is currently running on your system.


a. Use the uname r command to print the kernel release:
# uname r
2.6.32-300.3.1.el6uek.x86_64
Note that the Unbreakable Enterprise Kernel is running by default.
List the kernel packages that are installed on your system.
a. Use the rpm qa command to query the kernel packages installed on your system:
# rpm qa | grep ^kernel
kernel-uek-firmware-2.6.32-300.3.1.el6uek.noarch
kernel-firmware-2.6.32-220.el6.noarch
kernel-2.6.32-220.el6.x86_64
kernel-uek-2.6.32-300.3.1.el6uek.x86_64
Note that the following two kernel packages are installed (associated firmware
packages are also installed):

6.

Unbreakable Enterprise Kernel package (kernel-uek-2.6.32300.3.1.el6uek.x86_64)

Red Hat Compatible Kernel package (kernel-2.6.32-220.el6.x86_64)

View the /etc/*release files on your system.


a. Change to the /etc/ directory and view the release files:
# cd /etc
# ls l *release
-rw-r--r--. oracle-release
-rw-r--r--. redhat-release
lrwxrwxrwx. system-release - > oracle-release
# cat oracle-release
Oracle Linux Server release 6.2
# cat redhat-release
Red Hat Enterprise Linux Server release 6.2 (Santiago)
Note that /etc/system-release is a symbolic link to /etc/oracle-release.

7.

If the Red Hat Compatible Kernel were running, /etc/system-release would


link to /etc/redhat-release.
Log out from host01.
# logout
Connection to host01 closed.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 9

Oracle Internal & Oracle Academy Use Only

4.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 2: Introduction to Oracle Linux


Chapter 2 - Page 10

Chapter 3

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 3:


Installing Oracle Linux

Practices for Lesson 3


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you install Oracle Linux on a new virtual machine. You run FirstBoot and
perform post-installation configuration tasks. You also log in to Oracle Linux and perform
shutdown operations.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 2

Practice 3-1: Installing Oracle Linux


Overview
In this practice, you install Oracle Linux on the host03 virtual machine (VM).

Assumptions

You are logged on as the root user on dom0.

You have a terminal window open.

1.

Create the host03 VM.


a. Change to the /OVS/running_pool/host03 directory and use the xm create
command as follows:
# cd /OVS/running_pool/host03
# xm create vm.cfg
Using config file ./vm.cfg.
Started domain host03 (id=6)

2.

Connect to host03 guest using vncviewer.


a. Determine the vnc port number for host03 by running the xm list l host03 |
grep location command.
# xm list l host03 | grep location
(location 0.0.0.0:5903)
(location 3)
The sample shown indicates that the port number is 5903. This may not be true in
your case.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

b.

Run the vncviewer& command.

c.

Enter localhost:<port_number>, substituting the port number displayed from the


previous xm list l host03 | grep location command. For example, if the
port number is 5903, enter localhost:5903 and click OK.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 4

Oracle Internal & Oracle Academy Use Only

# vncviewer&

The VNC Viewer: Connection Details dialog box is displayed.

Select Install or upgrade an existing system from the Oracle Linux boot menu.

The default option of Install or upgrade an existing system is selected automatically


after 60 seconds. Therefore, this boot menu may or may not appear, depending on
how quickly you connected to host03 using vncviewer.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 5

Oracle Internal & Oracle Academy Use Only

3.

The next window to appear is the Media Test window.


a. Use the Tab key to select the Skip button, and then press Enter.

Oracle Internal & Oracle Academy Use Only

4.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 6

The Logo window appears.

a.

Scroll down if necessary and click the Next button.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 7

Oracle Internal & Oracle Academy Use Only

5.

The Language Selection window appears.

a.
b.

Select the appropriate language.


1) If taking this class in the United States, select English (English).
Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 8

Oracle Internal & Oracle Academy Use Only

6.

The Keyboard Selection window appears.

a.
b.

Select the appropriate keyboard for your system.


1) If taking this class in the United States, select U.S. English.
Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 9

Oracle Internal & Oracle Academy Use Only

7.

The Storage Devices Selection window appears.

a.
b.

Ensure that Basic Storage Devices is selected.


Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 10

Oracle Internal & Oracle Academy Use Only

8.

The Storage Devices Warning dialog box appears.

a.

Click the Yes, discard any data button.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 11

Oracle Internal & Oracle Academy Use Only

9.

a.
b.

Enter host03.example.com as the Hostname.


Scroll down if necessary and click the Configure Network button.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 12

Oracle Internal & Oracle Academy Use Only

10. The Set Hostname window appears.

Oracle Internal & Oracle Academy Use Only

11. Configure Network.


The Network Connections window appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 13

Select System eth0 from the list and click Edit. Then click the IPv4 Settings tab to
display the following screen.

b.

Make the following changes:


1) Select Connect automatically.
2) Change Method=Manual.
3) Click Add to add the following:
a) Address=192.0.2.103
b) Netmask=24
c) Gateway=192.0.2.1
4) Click Apply.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 14

Oracle Internal & Oracle Academy Use Only

a.

The Network Connections window appears, select System eth0 and click Edit.
a) Click the IPv4 Settings tab.

b)
c)
d)

The screen should appear as follows.

Click Cancel to close the Editing System eth0 window.


Click Close to close the Network Connections window.
Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 15

Oracle Internal & Oracle Academy Use Only

5)

a.

b.
c.

Select the appropriate time zone for your location.


1) The time zone can be chosen by either selecting from the drop-down list or clicking
the map.
Select the System clock uses UTC check box (this is the default).
Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 16

Oracle Internal & Oracle Academy Use Only

12. The Time Zone Selection window appears.

a.
b.
c.
d.

Enter a password of 0racle for the root user (leading zero, not letter O).
Press Tab or click the Confirm field and re-enter the same password of 0racle.
Scroll down if necessary and click Next.
A Weak Password box appears. Click Use Anyway.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 17

Oracle Internal & Oracle Academy Use Only

13. The Set Root Password window appears.

a.
b.
c.
d.

Select Use All Space.


Scroll down if necessary.
Do not select the Encrypt system check box.
Select the Review and modify partitioning layout check box.

e.

Click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 18

Oracle Internal & Oracle Academy Use Only

14. The Disk Partitioning Setup window appears.


You select an option that creates a default partition layout.
You then delete the default partitions and create a custom layout.
An easier way is to select Create Custom Layout from the following window.
However, it is beneficial to see the default partition layout.

a.

Three virtual disk images appear. These were pre-created for you:
12 GB disk image (system.img) for the operating system
5 GB disk image (u01.img) for the storage administration practices
5 GB disk image (u02.img) for the storage administration practices
b. Select the 12 GB disk (xen-vbd-768 from the list in the Storage Devices window) and
click the right arrow to move the disk to the right column.
c. Ensure that Boot Loader is selected for this 12 GB disk.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 19

Oracle Internal & Oracle Academy Use Only

15. The Storage Devices window appears.

After you select the designated disk, the Storage Devices window should look like the
following screenshot:

d.

Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 20

Oracle Internal & Oracle Academy Use Only

a.

b.
c.

Notice that the default layout uses Logical Volume Manager (LVM).
One volume group (vg_host03) is created.
Two logical volumes (lv_root and lv_swap) are created.
Select the first entry, vg_host03, scroll down if needed, and click Delete.
A Confirm Delete box appears. Click Delete to confirm.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 21

Oracle Internal & Oracle Academy Use Only

16. Delete all the default partitions.


The Default Partition Layout window appears:

After you delete a volume group, all associated logical volumes are deleted. The
window should look like the following:

d.
e.

Select the first virtual hard drive, xvda, and click Delete.
A Confirm Delete box is again displayed. Click Delete to confirm.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 22

Oracle Internal & Oracle Academy Use Only

a.

Scroll down if necessary and click Create.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 23

Oracle Internal & Oracle Academy Use Only

17. Create Custom Layout.


After deleting all the default partitions, the window should look like the following:

b.
c.

Select Standard Partition and click Create.


The Add Partition box appears.
Add a standard partition with the following characteristics:
Mount Point: /

File System Type: ext4


Allowable Drives: xvda
Size (MB): 6000
Additional Size Options: Fixed size

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 24

Oracle Internal & Oracle Academy Use Only

The Create Storage dialog box appears:

d.
e.

Click OK.
Click Create to add a second standard partition with the following characteristics:
Mount Point: /boot

File System Type: ext4


Allowable Drives: xvda
Size (MB): 100
Additional Size Options: Fixed size

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 25

Oracle Internal & Oracle Academy Use Only

The completed Add Partition dialog box should look like the following:

The completed Add Partition dialog box should look like the following:

f.
g.

Click OK.
Click Create to add a third standard partition with the following characteristics:
Mount Point: /home

File System Type: ext4


Allowable Drives: xvda
Size (MB): 2000
Additional Size Options: Fixed size

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 26

Oracle Internal & Oracle Academy Use Only

The completed Add Partition dialog box should look like the following:

h.
i.

Click OK.
Click Create to add a fourth standard (swap) partition with the following characteristics:
Mount Point: no selection
File System Type: swap
Allowable Drives: xvda
Size (MB): no selection
Additional Size Options: Fill to maximum allowable size

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 27

Oracle Internal & Oracle Academy Use Only

The completed Add Partition dialog box should look like the following:

j.

Click OK.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 28

Confirm that the final custom layout looks like the following:

k.

Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 29

Oracle Internal & Oracle Academy Use Only

A Format Warnings box appears.

l.

Click Format.
A Writing storage configuration to disk dialog box appears.
m. Click Write changes to disk.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 30

Oracle Internal & Oracle Academy Use Only

a.

Ensure that the Install boot loader on /dev/xvda check box is selected (this is the
default).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 31

Oracle Internal & Oracle Academy Use Only

18. The Boot Loader Selection window appears.

Click Change device to display the Boot loader device dialog box:

c.
d.

Do not make any changes. Click OK to install the boot loader on the MBR.
Scroll down if necessary and click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 32

Oracle Internal & Oracle Academy Use Only

b.

a.
b.

Select Desktop from the list of software sets.


Scroll down if necessary and click Customize Now.

c.
d.

Accept all the other default selections.


Click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 33

Oracle Internal & Oracle Academy Use Only

19. Select software to install.


The Software Package Selection window appears:

The Customize Package Selection window appears.

e.

Select Servers from the left pane, and then select System administration tools from
the right pane (as shown in the screenshot).
Scroll down if necessary and click Optional packages.

f.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 34

Oracle Internal & Oracle Academy Use Only

The Packages in System administration tools screen appears as follows:

g.

Select the following Optional packages (as shown):


1) ocfs2-tools
2) ocfs2console
3) oracleasm-support
Click Close.
Click Next.
The Software Install screen is displayed, showing the progress as the selected
software packages are installed.

h.
i.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 35

Oracle Internal & Oracle Academy Use Only

After the installation is complete, the following window appears:

j.

Click Reboot

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 36

Practice 3-2: Using FirstBoot


Overview
In this practice, you complete the FirstBoot.

Assumptions

You have completed the installation of Oracle Linux.


You have rebooted your system

Tasks
Connect to host03 guest by using vncviewer.

a.

After you reboot your system, your vnc session closes.


Run the vncviewer& command.

b.

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter localhost:<port_number>, substituting the correct port number for the
host03 guest. For example, if the port number is 5903, enter localhost:5903 and
click OK (as shown in the following screenshot):

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 37

Oracle Internal & Oracle Academy Use Only

1.

Complete FirstBoot.
The Welcome window appears.

a.

Scroll down if necessary and click Forward.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 38

Oracle Internal & Oracle Academy Use Only

2.

b.
c.

The License Information window appears.

Scroll down if necessary and click Yes, I agree to the License Agreement.
Click Forward.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 39

Oracle Internal & Oracle Academy Use Only

The Set Up Software Updates window appears.

d.

The Unbreakable Linux Network (ULN) is discussed in a later lesson.


Select No, I prefer to register at a later time.

e.
f.

A FirstBoot window displays reasons why you should connect to ULN.


Click No thanks, Ill connect later.
Scroll down if necessary and click Forward.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 40

Oracle Internal & Oracle Academy Use Only

g.
h.

FirstBoot requires you to create an initial user to log in to your system


Create a user with the following attributes:
Username: oracle
Full Name: Oracle Student
Password: oracle

i.
j.

Confirm Password: oracle


Scroll down if necessary and click Forward.
Click Yes to use the chosen password.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 41

Oracle Internal & Oracle Academy Use Only

The Create User window appears.

k.
l.

Set the current date and time.


Scroll down if necessary and click Forward.
Kdump is the last component to configure with FirstBoot.
However, an Insufficient memory to configure kdump! message appears.
m. Click OK.
Another window with kdump information is displayed.
n. Scroll down if necessary and click Finish.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 42

Oracle Internal & Oracle Academy Use Only

The Date and Time window appears.

Oracle Internal & Oracle Academy Use Only

The GNOME desktop login window appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 43

Practice 3-3: Logging In to Oracle Linux and Shutting Down


Overview
In this practice, you log in as the oracle user. Then you shut down the host03 VM.

Tasks
1.

Log in to Oracle Linux from the GNOME desktop.


a. Select Oracle Student.

b.
c.

Enter the password oracle for Oracle Student.


Click Log In.
The GNOME desktop appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 44

Oracle Internal & Oracle Academy Use Only

The following window appears:

Shut down Oracle Linux.


a. Open the System menu:

b.

Select Shut Down from the System menu.


The following dialog box appears:

c.

Click Shut Down.


The VM host03 is shut down and the vnc session closes.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 45

Oracle Internal & Oracle Academy Use Only

2.

Practice 3-4: Post-Installation Tasks


Overview
In this practice, you update the vm.cfg file and re-create the VM.

Tasks
Update the host03 vm.cfg configuration file.
a. Run the xm list command as follows to ensure that host03 is no longer running.

b.

c.

# xm list
Name
ID
Mem VCPUs
State
Time(s)
Domain-0
0
1024
2
r----758.9
host01
4
2240
1
-b---37.4
host02
5
2240
1
-b---37.3
Only dom0 (Domain-0) and two guests (host01 and host02) are running.
Use the pwd command to ensure that you are in the /OVS/running_pool/host03
directory:
# pwd
/OVS/running_pool/host03
If you are not in the correct directory, use the cd command as follows:
# cd /OVS/running_pool/host03

d.

Use the vi editor to edit the vm.cfg file and change the boot parameter as follows.
Change boot = cd to boot = c:
# vi vm.cfg
...
boot = cd (old entry)
boot = c (new entry)

2.

Create the VM:


a. Use the xm create command as follows:
# xm create vm.cfg
Using config file ./vm.cfg.
Started domain host03 (id=8)
b.

Confirm that host03 VM is running by using the xm list command as follows:


# xm list
Name
Domain-0
host01
host02
host03

ID
0
4
5
8

Mem VCPUs
1024
2
2240
1
2240
1
2240
1

State
r-----b----b----b----

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 3: Installing Oracle Linux


Chapter 3 - Page 46

Time(s)
774.6
37.5
37.4
3.3

Oracle Internal & Oracle Academy Use Only

1.

Chapter 4

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 4: Linux


Boot Process

Practices for Lesson 4


Practices Overview
In these practices, you perform the following tasks:
Explore the GRUB boot loader.
Edit the GRUB configuration file to boot different kernels.
Use the GRUB menu to modify kernel boot parameters.
Change the default runlevel.
Explore the init script directories.

Configure a service to start and stop at a given runlevel.


Notice that Unbreakable Enterprise Kernel Release 1 (based on 2.6.32 Linux kernel) is currently
installed. In a later practice, you install Unbreakable Enterprise Kernel Release 2 (based on
2.6.39 Linux kernel).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 2

Oracle Internal & Oracle Academy Use Only

Practice 4-1: Exploring the GRUB Boot Loader


Overview
In this practice, you relate boot loader options selected during the installation of Oracle Linux to
actual disk partitions and directories. You explore the /boot directory, the GRUB configuration
file, and kernel boot parameters. The displayed sample output may not exactly match what you
see on your system. In some cases, only partial output is shown.

You are logged on to dom0.


You have a terminal window open.

You are the root user.

You completed Practice 3 (OS install and FirstBoot configuration).


VM host03 is running.
If you were unable to complete the OS install and FirstBoot configuration on host03 in Practice
3, substitute host02 for host03 in this practice and all future practices in this course.

Tasks
1.

Connect to host03 guest using vncviewer.


a. Determine the vnc port number for host03.
The sample shown indicates that the port number is 5903. This may not be true in
your case.
b. Run the vncviewer& command.

c.

2.

3.

The VNC Viewer: Connection Details dialog box is displayed.


Enter localhost:<port_number>, substituting the port number displayed from the
previous xm list command. Then click OK.

After you connect, the GNOME login window appears.


Log in from the GNOME desktop.
a. Select Oracle Student.
b. Enter the password oracle for Oracle Student.
c. Click Log In.
After you log in, the GNOME desktop appears.
Open a terminal window and become the root user.
a. Right-click the desktop to display the pop-up menu:
b. Click Open in Terminal to display a terminal window.
c. In the terminal window, enter the su command, and enter the root password
0racle (leading zero) to become root.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

Recall the partition layout that you created when installing Oracle Linux.
The Storage Devices that you selected during the installation process are shown here:

You indicated that the GRUB boot loader should be installed on the 12 GB virtual drive.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 4

Oracle Internal & Oracle Academy Use Only

4.

You configured the boot loader during the installation process as follows:

You accepted the defaults, which resulted in installing the GRUB boot loader on the
MBR on /dev/xvda.

Recall from the lecture portion of the lesson that only a subset of the GRUB boot
loader is written to the MBR. The remainder of the GRUB boot loader is written to the
/boot partition.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 5

Oracle Internal & Oracle Academy Use Only

The partition layout that you created during the installation process is shown here:

a.

Use the df command to confirm the mounted partitions.

5.

Notice that /boot is a separate partition mounted on /dev/xvda1.

Explore the /boot partition.


a. View the /boot/grub directory.

GRUB works in stages: stage 1, stage 1_5, and stage 2.


Notice the various stage files in the /boot/grub directory.

Notice the splash screen file, splash.xpm.gz, displayed during the boot process.

b.

Notice the GRUB configuration file, grub.conf, in this directory.


View the GRUB configuration file: /boot/grub/grub.conf.

Each title line specifies a bootable kernel.

With Oracle Linux, two bootable kernels are included:


UEK (2.6.32-300.3.1.el6uek.x86_64)

c.
d.

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

Each title has associated root, kernel, and initrd directives.


With default=0, the kernel associated with the first title is booted.
Use the grep title /boot/grub/grub.conf command to list the bootable
kernels.
View the kernel files: /boot/vmlinuz*.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 6

Oracle Internal & Oracle Academy Use Only

6.

e. View the initial RAM disk files: /boot/init*.


View the kernel boot parameters.
a. Use the grep kernel /boot/grub/grub.conf command to view the kernel boot
parameters.

Kernel boot parameters are appended to the kernel entry in grub.conf.

These parameters are written to the /proc/cmdline file and viewable after boot.

b.

View the /proc/cmdline file.


Notice that the content is the same as the kernel boot parameters in grub.conf.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 7

Solution 4-1: Exploring the GRUB Boot Loader


Tasks
1.

Connect to host03 guest using vncviewer.


a. Run the xm list l host03 | grep location command to determine the vnc
port number for host03.

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
c. Enter localhost:<port_number>, substituting the port number displayed from the
previous xm list command. For example, if the port number is 5903, enter
localhost:5903. Then click OK.

After you connect, the GNOME login window appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 8

Oracle Internal & Oracle Academy Use Only

# xm list l host03 | grep location


(location 0.0.0.0:5903)
(location 3)
The sample shown indicates that the port number is 5903. This may not be true in
your case.
b. Run the vncviewer& command.

Log in from the GNOME desktop.


a. Select Oracle Student.

b.
c.

The following window appears:

Enter the password oracle for Oracle Student.


Click Log In.
After you log in, the GNOME desktop appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 9

Oracle Internal & Oracle Academy Use Only

2.

Open a terminal window and become the root user.


a. Right-click the desktop to display the pop-up menu:

b.
c.

Click Open in Terminal to display a terminal window.


In the terminal window, enter the su command. Then enter the root password
0racle (leading zero) to become root.
$ su
Password: 0racle
# whoami
root
The whoami command confirms that you are the root user.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 10

Oracle Internal & Oracle Academy Use Only

3.

Recall the partition layout that you created when installing Oracle Linux.
The Storage Devices that you selected during the installation process are shown here:

You indicated that the GRUB boot loader should be installed on the 12 GB virtual drive.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 11

Oracle Internal & Oracle Academy Use Only

4.

You configured the boot loader during the installation process as follows:

You accepted the defaults, which resulted in installing the GRUB boot loader on the
MBR on /dev/xvda.

Recall from the lecture portion of the lesson that only a subset of the GRUB boot
loader is written to the MBR. The remainder of the GRUB boot loader is written to the
/boot partition.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 12

Oracle Internal & Oracle Academy Use Only

The partition layout that you created during the installation process is shown here:

a.

Use the df command to confirm the mounted partitions.


# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 2.7G 2.9G 49% /
...
/dev/xvda1
97M 47M 46M 51% /boot
/dev/xvda3
2.0G 36M 1.8G
2% /home
...
Notice that /boot is a separate partition mounted on /dev/xvda1.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 13

Oracle Internal & Oracle Academy Use Only

Explore the /boot partition. (Your system may be different from the following sample
output.)
a. Use the ls command to view the /boot/grub directory.
# ls /boot/grub
device.map
grub.conf
minix_stage1_5
e2fs_stage1_5 iso9660_stage1_5 reiserfs_stage1_5
ufs2_stage1_5 fat_stage1_5
jfs_stage1_5
splash.xpm.gz vstafs_stage1_5
ffs_stage1_5
stage1
xfs_stage1_5
GRUB works in stages: stage 1, stage 1_5, and stage 2.
Notice the various stage files in the /boot/grub directory.

stage2

menu.lst

Notice the splash screen file, splash.xpm.gz, displayed during the boot process.

Notice the GRUB configuration file, grub.conf, in this directory.

b.

Use the cat command to view the GRUB configuration file /boot/grub/grub.conf.
# cat /boot/grub/grub.conf
# grub.conf generated by anaconda
...
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.qz
hiddenmenu
title Oracle Linux Server-uek (2.6.32-300.3.1.el6uek.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-300...
initrd /initramfs-2.6.32-300...
title Oracle Linux Server (2.6.32-220.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-220...
initrd /initramfs-2.6.32-220...
Each title line specifies a bootable kernel.

With Oracle Linux, two bootable kernels are included:


UEK (2.6.32-300.3.1.el6uek.x86_64)

c.

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

Each title has associated root, kernel, and initrd directives.


With default=0, the kernel associated with the first title is booted.
Use the grep command to list the bootable kernels.
# grep title /boot/grub/grub.conf
title Oracle Linux Server-uek (2.6.32-300.3.1.el6uek.x86_64)
title Oracle Linux Server (2.6.32-220.el6.x86_64)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 14

Oracle Internal & Oracle Academy Use Only

5.

d.

Use the ls command to view the kernel files.


# ls /boot/vmlinuz*
vmlinuz-2.6.32-220.el6.x86_64
vmlinuz-2.6.32-300.3.1.el6uek.x86_64

e.

Use the ls command to view the initial RAM disk files.


# ls /boot/init*
initramfs-2.6.32-220.el6.x86_64.img
initramfs-2.6.32-300.3.1.el6uek.x86_64.img

View the kernel boot parameters.


a. Use the grep command to view the kernel boot parameters.
# grep kernel /boot/grub/grub.conf
...
kernel /vmlinuz-2.6.32-300.3.1.el6uek.x86_64 ro
root=UUID=5bde06cf-bd57-45fa-81ea-ee8d7ed76ee0 rd_NO_LUKS
rd_NO_LVM LANG-en_US.UTF-8 rd_NO_MD quiet SYSFONT=latarcyrhebsun16 rhgb KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM
...
Kernel boot parameters are appended to the kernel entry in grub.conf.

b.

These parameters are written to the /proc/cmdline file and viewable after boot.
Use the cat command to view the /proc/cmdline file.

# cat /proc/cmdline
ro root=UUID=5bde06cf-bd57-45fa-81ea-ee8d7ed76ee0 rd_NO_LUKS
rd_NO_LVM LANG-en_US.UTF-8 rd_NO_DM quiet SYSFONT=latarcyrhebsun16 rhgb KEYBOARDTYPE=pc KEYTABLE=us rd_NO_MD
Notice that the content is the same as the kernel boot parameters in grub.conf.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 15

Oracle Internal & Oracle Academy Use Only

6.

Practice 4-2: Booting Different Kernels


Overview
In this practice, you edit the GRUB configuration file to boot different kernels.

Assumptions

You are the root user on host03 VM.

1.

Boot the Red Hat Compatible Kernel.


a. Display the current running kernel.
The current running kernel is the UEK.
b. Change the default entry in /boot/grub/grub.conf to 1, and change the timeout
entry to 10.

c.
d.
e.
f.
g.
h.

The timeout entry is increased to 10 seconds primarily for the next practice.
Reboot your system.
After you reboot your system, your VNC session closes.
Connect to host03 by using VNC.
Log in as Oracle Student from the GNOME login window. The password is
oracle.
Open a terminal window.
Become the root user. The password is 0racle (leading zero).
Display the running kernel.

2.

With default=1, the kernel associated with the second title in grub.conf is booted.

The second bootable kernel is the Red Hat Compatible kernel.


Boot the UEK.
a. Change the default entry in /boot/grub/grub.conf to 0.
b. Reboot your system.
c. Connect to host03 by using VNC.
d. Log in as Oracle Student.
e. Open a terminal window.
f. Become the root user.
g. Display the running kernel.

With default=0, the kernel associated with the first title in grub.conf is booted.

The first bootable kernel is the UEK.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 16

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 4-2: Booting Different Kernels


Tasks
1.

Boot the Red Hat Compatible Kernel.


a. Use the uname r command to display the current running kernel:

# vi /boot/grub/grub.conf
...
default=0 (old entry)
timeout=5 (old entry)
default=1 (new entry)
timeout=10 (new entry)
The timeout entry is increased to 10 seconds primarily for the next practice.
c.

Use the reboot command to reboot your system:

# reboot
...
After you reboot your system, your VNC session closes.
d. Connect to host03 by using VNC.
1) Run the vncviewer& command.

2)

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command localhost:<port_number>, substituting the correct
port number for the host03 guest. For example, if the port number is 5903,
enter the following and click OK:
localhost:5903

e.
f.
g.

Select Oracle Student from the GNOME login window, password is oracle.
Right-click the GNOME desktop and select Open in Terminal from the pop-up menu.
In the terminal window, become the root user by entering the su - command
followed by the root password 0racle (leading zero).
$ su
Password: 0racle
# whoami
root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 17

Oracle Internal & Oracle Academy Use Only

# uname r
2.6.32-300.3.1.el6uek.x86_64
The current running kernel is the UEK.
b. Use the vi editor to change the default entry in grub.conf from 0 to 1, and change
the timeout entry from 5 to 10.

h.

Use the uname r command to display the new running kernel:


# uname r
2.6.32-220.el6.x86_64
With default=1, the kernel associated with the second title in grub.conf is booted.

b.

Use the reboot command to reboot your system.

c.

After you reboot your system, your VNC session closes.


Connect to host03 by using VNC.
1) Run the command vncviewer& from dom0.
2)

Enter localhost:<port_number>, substituting the correct port number for the


host03 guest (for example, localhost:5903).
Select Oracle Student from the GNOME login window. The password is oracle.
Right-click the GNOME desktop and open a terminal window.
Become the root user by entering the su command. The password is 0racle.
Use the uname r command to ensure that you are running the UEK:

d.
e.
f.
g.

# uname -r
2.6.32-300.3.1.el6uek.x86_64
With default=0, the kernel associated with the first title in grub.conf is booted.

The first bootable kernel is the UEK.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 18

Oracle Internal & Oracle Academy Use Only

2.

The second bootable kernel is the Red Hat Compatible kernel.


Boot the UEK.
a. Use the vi editor to change the default entry in /boot/grub/grub.conf from 1
back to 0.

Practice 4-3: Using the GRUB Menu


Overview
In this practice, you access the GRUB menu and modify the kernel boot parameter to boot into
single-user mode.

Assumptions

You are the root user on host03 VM.

1.
2.
3.
4.

Display the current runlevel.


Reboot your system and display the GRUB menu.
Edit a bootable kernel entry to boot into single-user mode.
Bring the system from single-user mode to the previous runlevel.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 19

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 4-3: Using the GRUB Menu


Tasks

2.

Display the current runlevel.


a. Use the who r command (or runlevel command) to display the current runlevel:
# who r
run-level 5 2011-12-08 08:55
# runlevel
N 5
The current runlevel in the example is 5.
Reboot your system and display the GRUB menu.
a. Reboot your VM by using the reboot command:
# reboot
After you reboot your system, your VNC session closes.
b. Run the command vncviewer& from dom0.
c.
d.

Enter localhost:<port_number>, substituting the correct port number for the


host03 guest (for example, localhost:5903).
Press the Esc key before the timeout expires to display the GRUB menu.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 20

Oracle Internal & Oracle Academy Use Only

1.

The GRUB menu is shown here:

Each entry in the GRUB menu is associated with a title entry in the grub.conf file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 21

Oracle Internal & Oracle Academy Use Only

Edit a bootable kernel entry to boot into single-user mode.


a. Use the up-arrow and down-arrow keys if necessary to highlight the first entry (UEK).
b. Press the E key to edit the entry.

c.
d.

The associated root, kernel, and initrd directives for the selected title are shown:

Use the up-arrow and down-arrow keys if necessary to highlight the kernel entry (as
shown above).
Press the E key to edit the kernel entry.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 22

Oracle Internal & Oracle Academy Use Only

3.

e.
f.

The end of the kernel entry is shown below:

Use the left-arrow and right-arrow keys to view the entire kernel entry.
After viewing the entire entry, use the right-arrow key to move the cursor to the end of
the line.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 23

Oracle Internal & Oracle Academy Use Only

Add the word single to the end of the kernel line:

h.
i.

After adding the word single as shown above, press the Enter key.
Press the B key to boot.

j.

4.

Note that the system boots and you are automatically logged in as the root user.
Use the who r command to determine the current runlevel:

# who r
run-level S 2011-12-08 10:55
The current runlevel in the example is S, or single-user mode.
Bring the system from single-user mode to the previous runlevel.
a. Press Ctrl + D to bring the system back to runlevel 5.

b.
c.
d.

The GNOME login window appears.


Select Oracle Student in the GNOME login window. The password is oracle.
Right-click the GNOME desktop and open a terminal window.
Become the root user by entering the su command. The password is 0racle.
$ su
Password: 0racle
# whoami
root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 24

Oracle Internal & Oracle Academy Use Only

g.

e.

Use the who r command to determine the current runlevel:


last=S

Oracle Internal & Oracle Academy Use Only

# who r
run-level 5 2011-12-08 11:15
The runlevel in the example is 5.
The previous runlevel was single-user mode.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 25

Practice 4-4: Changing the Default Runlevel


Overview
In this practice, you change the default runlevel.

Assumptions

You are the root user on host03 VM.

1.

Edit /etc/inittab and change the default runlevel to 3.


a. Change the runlevel from 5 to 3.
b. Reboot your system.
c. Connect to host03 by using VNC.
The GNOME login does not appear. Instead, a text-based login window appears.

2.

Booting to runlevel 3 does not start the X Window services.


d. Log in as root with password 0racle.
e. Display the current runlevel.
The runlevel is now 3.
Edit /etc/inittab and change the default runlevel from 3 back to 5.
a. Change the runlevel from 3 back to 5.
b. Reboot your system.
c. Connect to host03 by using VNC.
d. Log in as Oracle Student with password oracle.
e.
f.
g.

Open a terminal window.


Become the root user. The password is 0racle (leading zero).
Display the current runlevel.
The runlevel is now 5.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 26

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 4-4: Changing the Default Runlevel


Tasks
1.

Edit /etc/inittab and change the default runlevel to 3.


a.

Use the vi editor to change the default runlevel from 5 to 3:


# vi /etc/inittab
...
id:5:initdefault: (old entry)
id:3:initdefault: (new entry)
Use the reboot command to reboot your system:

# reboot
...
After you reboot your system, your VNC session closes.
c. Connect to host03 by using VNC.
1) Run the vncviewer& command.

2)

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command localhost:<port_number>, substituting the correct port
number for the host03 guest. For example, if the port number is 5903, enter the
following and click OK:
localhost:5903
The GNOME login does not appear. Instead, a text-based login window
appears.
Booting to runlevel 3 does not start the X Window services.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 27

Oracle Internal & Oracle Academy Use Only

b.

2.

The text-based login window appears:

d.

Log in as root. The password is 0racle.

e.

Use the who r command to display the current runlevel:

# who r
run-level 3 2011-12-09 01:12
The default runlevel in the example is now 3.
Edit /etc/inittab and change the default runlevel from 3 back to 5.
a. Use the vi editor to change the default runlevel from 3 back to 5:
# vi /etc/inittab
...
id:3:initdefault: (old entry)
id:5:initdefault: (new entry)
b.

Use the reboot command to reboot your system:

# reboot
...
After you reboot your system, your VNC session closes.
c. Connect to host03 by using VNC.
1) Run the vncviewer& command.
# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
2) Enter the command localhost:<port_number>, substituting the correct port
number for the host03 guest. For example, if the port number is 5903, enter the
following and click OK:

d.
e.

localhost:5903
The GNOME login does appear in runlevel 5 because the X Window services
are started.
Select Oracle Student from the GNOME login window. The password is oracle.
Right-click the GNOME desktop and select Open in Terminal from the pop-up menu.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 28

Oracle Internal & Oracle Academy Use Only

f.

In the terminal window, become the root user by entering the su - command
followed by the root password 0racle (leading zero).
$ su
Password: 0racle
# whoami
root

g.

Use the who r command to display the current runlevel:

Oracle Internal & Oracle Academy Use Only

# who r
run-level 5 2011-12-09 01:23
The default runlevel in the example is now 5.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 29

Practice 4-5: Exploring and Configuring init Services


Overview
In this practice, you explore the init script directories. You also configure a service to start and
stop at a specific runlevel.

Assumptions

You are the root user on host03 VM.

Tasks
Explore the /etc/rc.d directory.
a.

Display the contents of /etc/rc.d.

/etc/rc.d/rc.sysinit: Runs once at boot time

/etc/rc.d/rc: Starts and stops services when the runlevel changes

/etc/rc.d/rc.local: The last script that the init program runs


Display the contents of the /etc/rc.d/init.d directory.

The directory contains scripts that start and stop services.


Display the contents of the /etc/rc.d/rc5.d directory.

b.
c.

The directory contains symbolic links to scripts in the /etc/rc.d/init.d


directory.

2.

This allows services to be stopped (K files) or started (S files) when entering a


particular runlevel (runlevel 5 in this example).
d. Display the services that are stopped and started when entering runlevel 3 (the
contents of /etc/rc.d/rc3.d).
Start the httpd service when entering runlevel 3.
a. Display all http files in the /etc/rc.d directory.

b.
c.
d.
e.

Currently, the httpd service is configured to stop when entering each runlevel.
Verify that the httpd service is stopped.
Query the runlevel information for the httpd service.
This confirms that the httpd service is not configured to run at any runlevel.
Configure the httpd service to start at runlevel 3.
Display all http files in the /etc/rc.d/ directory.

f.
g.
h.
i.
j.

Now a start script exists in the runlevel 3 directory,


/etc/rc.d/rc3.d/S85httpd.
Check the status of the httpd service.
Reboot your system.
Connect to host03 by using VNC, and log in as Oracle Student (with password
oracle).
Open a terminal window and become the root user. The password is 0racle
(leading zero).
Check the status of the httpd service.
The httpd service is now running.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 30

Oracle Internal & Oracle Academy Use Only

1.

3.

Stop the httpd service when entering runlevel 3.


a. Configure the httpd service so that is does not run at runlevel 3.
b. Display all http files in the /etc/rc.d directory.

Oracle Internal & Oracle Academy Use Only

c.
d.

Now the start script in the runlevel 3 directory, /etc/rc.d/rc3.d/, is gone.


Check the status of the httpd service.
Stop the httpd service.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 31

Solution 4-5: Exploring and Configuring init Services


Tasks
Explore the /etc/rc.d directory.
a.

Use the ls l command to display the contents of the directory.


# ls l /etc/rc.d
drwxr-xr-x.
init.d
-rwxr-xr-x.
rc
drwxr-xr-x.
rc0.d
drwxr-xr-x.
rc1.d
drwxr-xr-x.
rc2.d
drwxr-xr-x.
rc3.d
drwxr-xr-x.
rc4.d
drwxr-xr-x.
rc5.d
drwxr-xr-x.
rc6.d
-rwxr-xr-x.
rc.local
-rwxr-xr-x.
rc.sysinit
/etc/rc.d/rc.sysinit: Runs once at boot time

b.

/etc/rc.d/rc: Starts and stops services when runlevel changes


/etc/rc.d/rc.local: The last script that the init program runs
Use the ls command to display the contents of the /etc/rc.d/init.d directory.

# ls /etc/rc.d/init.d
abrtd
functions mdmonitor pcscd
sandbox
acpid
haldaemon messagebus portreserve
saslauthd
...
The directory contains scripts that start and stop services.

c.

Note that /etc/init.d is a symbolic link to /etc/rc.d/init.d.


Use the ls -l command to display the contents of the /etc/rc.d/rc5.d directory.

# ls l /etc/rc.d/rc5.d
lrwxrwxrwx.
K01certmonger -> ../init.d/certmonger
lrwxrwxrwx.
K01smartd -> ../init.d/smartd
...
lrwxrwxrwx.
K95firstboot -> ../init.d/firstboot
lrwxrwxrwx.
S01sysstat -> ../init.d/sysstat
lrwxrwxrwx.
S02lvm2-monitor -> ../init.d/lvm2-monitor
...
lrwxrwxrwx.
S99local -> ../rc.local
The directory contains symbolic links to scripts in the /etc/rc.d/init.d
directory.
This allows services to be stopped (K files) or started (S files) when entering a
particular runlevel (runlevel 5 in this example).
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 32

Oracle Internal & Oracle Academy Use Only

1.

# find /etc/rc.d name *http*


/etc/rc.d/rc6.d/K15httpd
/etc/rc.d/rc1.d/K15httpd
/etc/rc.d/rc3.d/K15httpd
/etc/rc.d/init.d/httpd
/etc/rc.d/rc4.d/K15httpd
/etc/rc.d/rc0.d/K15httpd
/etc/rc.d/rc5.d/K15httpd
/etc/rc.d/rc2.d/K15httpd
Currently, the httpd service is configured to stop when entering each runlevel.
b. Use the service command to verify that the httpd service is stopped.
# service httpd status
httpd is stopped
c.

Use the chkconfig command to query runlevel information for the httpd service.

# chkconfig --list httpd


httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
This confirms the httpd service is not configured to run at any runlevel.
d. Use the chkconfig command to configure the httpd service to start at runlevel 3.
# chkconfig --level 3 httpd on
# chkconfig --list httpd
httpd 0:off 1:off 2:off 3:on 4:off 5:off 6:off
Now the service is configured to start at runlevel 3.
e. Use the find command to display all http files in the /etc/rc.d directory.
# find /etc/rc.d name *http*
/etc/rc.d/rc3.d/S85httpd
/etc/rc.d/rc1.d/K15httpd
/etc/rc.d/rc0.d/K15httpd
/etc/rc.d/init.d/httpd
/etc/rc.d/rc4.d/K15httpd
/etc/rc.d/rc2.d/K15httpd
/etc/rc.d/rc3.d/K15httpd
/etc/rc.d/rc6.d/K15httpd

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 33

Oracle Internal & Oracle Academy Use Only

2.

Note that /etc/rc5.d is a symbolic link to /etc/rc.d/rc5.d.


d. Use the ls -l command to display the services that are stopped and started when
entering runlevel 3.
# ls l /etc/rc.d/rc3.d
...
Note that /etc/rc3.d is a symbolic link to /etc/rc.d/rc3.d.
Start the httpd service when entering runlevel 3.
a. Use the find command to display all http files in the /etc/rc.d directory.


f.

Now a start script exists in the runlevel 3 directory,


/etc/rc.d/rc3.d/S85httpd.
Use the service command to check the status of the httpd service.

# service httpd status


httpd is stopped
The chkconfig command only configures a service to start or stop at a given
runlevel.
The chkconfig command does not actually start or stop a service.
Use the reboot command to reboot your system.

# reboot
...
After you reboot your system, your VNC session closes.
h. Connect to host03 by using VNC, and log in as Oracle Student (with password
oracle).
1)

Run the vncviewer& command.

2)

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command localhost:<port_number>, substituting the correct port
number for the host03 guest. For example, if the port number is 5903, enter the
following and click OK:
localhost:5903

i.

3) Select Oracle Student in the GNOME login window (password is oracle).


Open a terminal window and become the root user.
1) Right-click the GNOME desktop and select Open in Terminal from the pop-up
menu.
2) In the terminal window, become the root user by entering the su - command
followed by the root password 0racle (leading zero).
$ su
Password: 0racle
# whoami
root

j.

3.

Use the service command to check the status of the httpd service.

# service httpd status


httpd (pid 1405) is running...
The httpd service is now running.
Stop the httpd service when entering runlevel 3.
a. Use the chkconfig command to configure the httpd service so that it does not run at
runlevel 3.
# chkconfig --level 3 httpd off
# chkconfig --list httpd
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Now the service is configured so that it does not start at runlevel 3.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 34

Oracle Internal & Oracle Academy Use Only

g.

b.

Use the find command to display all http files in the /etc/rc.d directory.

c.

Use the service command to check the status of the httpd service.

# service httpd status


httpd (pid 1405) is running...
The chkconfig command only configures a service. It does not start or stop the
service.
d. Use the service command to stop the httpd service.
# service httpd stop
Stopping httpd:
# service httpd status
httpd is stopped

OK

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 35

Oracle Internal & Oracle Academy Use Only

# find /etc/rc.d name *http*


/etc/rc.d/rc5.d/K15httpd
/etc/rc.d/rc1.d/K15httpd
/etc/rc.d/rc0.d/K15httpd
/etc/rc.d/init.d/httpd
/etc/rc.d/rc4.d/K15httpd
/etc/rc.d/rc2.d/K15httpd
/etc/rc.d/rc3.d/K15httpd
/etc/rc.d/rc6.d/K15httpd
Now the start script in the runlevel 3 directory, /etc/rc.d/rc3.d/, is gone.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 4: Linux Boot Process


Chapter 4 - Page 36

Chapter 5

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 5:


System Configuration

Practices for Lesson 5


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you modify the system configuration files, view and modify kernel settings,
and view hardware device and device driver attributes.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 2

Practice 5-1: Exploring /etc/sysconfig


Overview
In this practice, you perform the following tasks:

Explore the /etc/sysconfig directory.

Explore selected files in this directory.


See that many initialization scripts derive values from files in the directory.

View the documentation file that describes the entries in the directory.
Make changes to the content of files in the directory.
Observe the effect of the changes.

You are the root user on the host03 VM.

Tasks
1.

Explore the /etc/sysconfig directory.


a.

Display the contents of the /etc/sysconfig directory.

b.

System configuration settings are stored in these files.


The values from many of these files are initialized by their respective initialization
script when the service is started.
Display /etc/sysconfig entries in initialization scripts using the following grep
commands:
# grep /etc/sysconfig/ssh /etc/init.d/sshd

# grep /etc/sysconfig/nfs /etc/init.d/nfs

# grep /etc/sysconfig/atd /etc/init.d/atd


# grep /etc/sysconfig/init /etc/init.d/functions
# grep /etc/sysconfig/network /etc/init.d/*
2.

3.

Explore the /usr/share/doc/init*/sysconfig.txt file.


a. View the contents of the /usr/share/doc/init* directory.
b. Display the contents of the /usr/share/doc/init*/sysconfig.txt file.
c. Search the contents of the sysconfig.txt file for /etc/sysconfig.
d. Scroll down through the file browsing the /etc/sysconfig entries.
e. At the /etc/sysconfig/network entry, notice some of the variables initialized in this file.
Change the system time zone.
a. Display the contents of the /etc/sysconfig/clock file.

b.
c.

Time zone settings are stored in this file.


You can change the time zone and date/time settings after installation by editing
this file or by running the system-config-date command.
Run the system-config-date command.
Change the Time Zone to any different zone (for example, Detroit) and click OK.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

Display the contents of the /etc/sysconfig/clock file again.

e.
f.

Note that the /etc/sysconfig/clock file is updated with the new time zone.
Change the time zone back to the appropriate zone.
Display the contents of the /etc/sysconfig/clock file to confirm that the change is
correct.

Oracle Internal & Oracle Academy Use Only

d.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 4

Solution 5-1: Exploring /etc/sysconfig


Tasks
Explore the /etc/sysconfig directory.
a.

b.

Use the ls command to display the contents of the /etc/sysconfig directory.


# ls /etc/sysconfig
atd
iptables-config nfs
selinux
auditd
iptables.old
nspluginwrapper smartmontools
autoconfig iptables
ntpd
snmpd
...
System configuration settings are stored in these files.
The values from many of these files are initialized by their respective initialization
script when the service is started.
Use the grep command to display specific /etc/sysconfig entries in initialization
scripts.
# grep /etc/sysconfig/ssh /etc/init.d/sshd
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
# grep /etc/sysconfig/nfs /etc/init.d/nfs
[ -f /etc/sysconfig/nfs ] && . /etc/sysconfig/nfs
# grep /etc/sysconfig/atd /etc/init.d/atd
config=/etc/sysconfig/atd
# grep /etc/sysconfig/init /etc/init.d/functions
if [ -f /etc/sysconfig/init ]; then
. /etc/sysconfig/init
...
# grep /etc/sysconfig/network /etc/init.d/*
/etc/init.d/avahi-daemon:. /etc/sysconfig/network
/etc/init.d/dnsmasq:. /etc/sysconfig/network
/etc/init.d/mysqld:. /etc/sysconfig/network
/etc/init.d/netconsole:. /etc/sysconfig/network
...

2.

Explore the /usr/share/doc/init*/sysconfig.txt file.


a.

Use the cd command to change to the /usr/share/doc/init* directory.


# cd /usr/share/doc/init*
# pwd
/usr/share/doc/initscripts-9.03.27
# ls
changes.ipv6 ipv6-6to4.howto
README-init
sysconfig.txt COPYING
ipv6-tunnel.howto
static-routes-ipv6
sysvinitfiles

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 5

Oracle Internal & Oracle Academy Use Only

1.

b.

Use the less command to display the contents of the sysconfig.txt file.
# less sysconfig.txt
...

c.

Search the contents of the sysconfig.txt file for /etc/sysconfig.


While viewing the file using the less command, use the forward slash (/) followed
by etc/sysconfig to search for this string.

d.

Press the N key (next) to display the next instance of the string.
Continue to view the /etc/sysconfig entries in this file.

3.

At the /etc/sysconfig/network entry, notice some of the variables initialized in


this file. Here are some examples:
NETWORKING=yes|no
HOSTNAME=<fqdn by default, but whatever hostname you want>
GATEWAY=<gateway IP>
Change the system time zone.
a. Use the cat command to display the contents of the /etc/sysconfig/clock file.
# cat /etc/sysconfig/clock
# The time zone of the system...
# This file is only for evaluation by system-config-date...
ZONE=America/Denver
Time zone settings are stored in this file.
You can change the time zone and date/time settings after installation by editing this
file or by running the system-config-date command.
b.

Change the time zone by running the system-config-date command.


# system-config-date

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 6

Oracle Internal & Oracle Academy Use Only

e.

c.
d.

e.
f.

This window has both a Date and Time tab and a Time Zone tab.
Change the Time Zone to any different zone (for example, Detroit) and click OK.
Use the cat command to display the contents of the /etc/sysconfig/clock file
again.
# cat /etc/sysconfig/clock
...
ZONE=America/Detroit
Note that the /etc/sysconfig/clock file is updated with the new time zone.
Run the system-config-date command again and change the time zone back to
the appropriate zone.
Display the contents of the /etc/sysconfig/clock file to confirm that the change is
correct.
Alternatively, you can edit the /etc/sysconfig/clock file, link the
/usr/share/zoneinfo file to /etc/localtime, and then run the systemconfig-date command to confirm the change. See the following page for details:
http://www.redhat.com/advice/tips/timezone.html.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 7

Oracle Internal & Oracle Academy Use Only

Running the system-config-date command displays the following window.

Practice 5-2: Exploring /proc


Overview
In this practice, you explore the /proc file system (directory), view various files and directories
that represent the current state of the kernel, and change the value of current settings.

Assumptions

You are the root user on the host03 VM.

Tasks

2.

Explore the /proc file system (directory).


a.

Display the contents of the /proc directory.

b.

Directories with numerical names are named after a programs process ID.
Display entries in the /proc directory without numerical names.

Notice that some entries are files and some entries are directories.
c. View the meminfo file to display information about RAM.
d. View the cpuinfo file to display information about the processor(s) used by your
system.
e. View the devices file to display information about the various character and block
devices currently configured.
f. View the /proc/fs/ext4 directory to display the ext4 file systems currently
configured.
Explore process directories in the /proc file system.
a. Display only the directories in /proc with numerical names.
b.

3.

Show that one process directory exists for each process running on your system.
Count the number of process directories.
Count the number of running processes.
The ps command produces one more entry due to the column headings.
c. View the contents of the process directory for PID=1.
Notice that some entries are files, some entries are directories, and some entries
are symbolic links.
d. Display the status of PID=1.
Change the values of kernel settings.
a. Display the /proc/sys/net/ipv4/ip_forward file to check whether IP Forwarding
is enabled.
With the value set to 0, IP Forwarding is disabled.
b. Enable IP Forwarding (to set up a Linux router or gateway for example).
c.

Define the local port range used by TCP and UDP traffic.
Set the first local port allowed value to 32768.
Set the last local port allowed value to 61000.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 8

Oracle Internal & Oracle Academy Use Only

1.

Solution 5-2: Exploring /proc


Tasks
Explore the /proc file system (directory).
a.

Use the ls command to display the contents of the /proc directory.

# ls /proc
1
1305 1612 1840 2012 3
879 kallsyms self
10
1310 1618 1841 2013 30
883 kcore
slabinfo
1052 1328 1659 1843 2014 353 9
keys
softirqs
...
Directories with numerical names are named after a programs process ID.
b. Use the ls command to display entries without numerical names.
# ls ld /proc/*[a-z]* | less
dr-xr-xr-x. acpi
-r--r--r--. buddyinfo
dr-xr-xr-x. bus
-r--r--r--. cgroups
-r--r--r--. cmdline
-r--r--r--. cpuinfo
...
Notice that some entries are files and some entries are directories.
c. View the meminfo file to display information about RAM.
# less /proc/meminfo
MemTotal: 2243452 kB
MemFree:
1682184 kB
...
d.

View the cpuinfo file to display information about the processor(s) used by your
system.
# less /proc/cpuinfo
processor
: 0
vendor_id
: GenuineIntel
cpu_family
: 6
model
: 23
...

e.

View the devices file to display information about the various character and block
devices currently configured.
# less /proc/devices
Character devices:
1 mem
4 /dev/vc/0
4 tty
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 9

Oracle Internal & Oracle Academy Use Only

1.

...
Block devices:
1 ramdisk
2 fd
...
f.

Explore process directories in the /proc file system.


a. Use the ls command to display only the directories in /proc with numerical names.
# ls d /proc/*[0-9]*
1
1149 13
1464
10
1150 1304 1472
1052 1167 1305 1483
...
b.

1525
1527
1542

1698
17
1707

1819
1822
1825

1846
1848
1849

19
1903
1905

2014
2015
2054

Show that one process directory exists for each process running on your system
# ls d /proc/*[0-9]* | wc l
136
# ps e | wc l
137
The ps command produces one more entry due to the column headings.
# ps e | less
PID TTY
TIME
1 ?
00:00:00
...

c.

CMD
init

View the contents of the process directory for PID=1.


# cd /proc/1
# ls l
dr-xr-xr-x. attr
-r--------. auxv
-r--r--r--. cgroup
--w-------. clear_refs
-r--r--r--. cmdline
-rw-r--r--. coredump_filter
-r--r--r--. cpuset
lrwxrwxrwx. cwd -> /
-r--------. environ
lrwxrwxrwx. exe -> /sbin/init
dr-x------. fd
...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 10

...
...
...

Oracle Internal & Oracle Academy Use Only

2.

View the /proc/fs/ext4 directory to display the ext4 file systems currently
configured.
# ls /proc/fs/ext4
xvda1 xvda2 xvda3


d.

Notice that some entries are files, some entries are directories, and some entries
are symbolic links.
Use the less command to display the status of PID=1.
# less status
Name:
init
State: S (sleeping)
Tgid:
1
Pid:
1
PPid:
0
...

Change the values of kernel settings.


a. Use the cat command to check whether IP Forwarding is enabled.
# cat /proc/sys/net/ipv4/ip_forward
0
With the value set to 0, IP Forwarding is disabled.
b. Use the echo command to enable IP Forwarding (for example, to set up a Linux router
or gateway).
# echo 1 > /proc/sys/net/ipv4/ip_forward
# cat /proc/sys/net/ipv4/ip_forward
1
c.

Use the echo command to define the local port range used by TCP and UDP traffic.
# echo "32768 61000" > /proc/sys/net/ipv4/ip_local_port_range
Notice that the first local port and the last local port allowed are surrounded by
quotation marks.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 11

Oracle Internal & Oracle Academy Use Only

3.

Practice 5-3: Exploring the sysfs File System


Overview
In this practice, you explore the sysfs file system. You view the virtual block devices and virtual
interfaces and determine which power states are supported on your system.

Tasks
Explore the /sys directory
a.
b.
c.
d.
e.

Display the contents of the /sys directory.


Display the virtual disk block (vbd) devices on your system.
Traverse the /sys/bus directory and display the virtual interface (vif) devices.
Display the operational state, MAC address, and MTU of eth0.
Determine which power states are supported.
mem means Suspend-to-RAM.
disk means Suspend-to-Disk.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 12

Oracle Internal & Oracle Academy Use Only

1.

Solution 5-3: Exploring the sysfs File System


Tasks
Explore the /sys directory
a.

Use the ls command to display the contents of the /sys directory.


# ls l /sys
drwxr-xr-x.
drwxr-xr-x.
drwxr-xr-x.
drwxr-xr-x.
drwxr-xr-x.
drwxr-xr-x.
...

b.

block
bus
class
dev
devices
firmware

Use the ls command to display the virtual disk block (xvd) devices on your system.
# ls l /sys/block | grep xvd
lrwxrwxrwx. xvda -> ../devices/vbd-768/block/xvda
lrwxrwxrwx. xvdb -> ../devices/vbd-832/block/xvdb
lrwxrwxrwx. xvdd -> ../devices/vbd-5696/block/xvdd
Recall these entries from the installation:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 13

Oracle Internal & Oracle Academy Use Only

1.

Traverse the /sys/bus directory and display the virtual interface (vif) devices.
# cd /sys/bus/xen/devices
# ls vif*
vif-0:
devtype driver modalias
uevent
vif-1:
devtype driver modalias
uevent

d.

net

nodename

power

subsystem

net

nodename

power

subsystem

Display the operational state, MAC address, and MTU of eth0.


# cd vif-0/net/eth0
# pwd
/sys/bus/xen/devices/vif-0/net/eth0
# ls
...
# cat operstate
up
# cat address
00:16:3e:00:01:03
# cat mtu
1500

e.

Determine which power states are supported.


# cd /sys/power
# ls
disk image_size pm_test pm_trace
# cat state
mem disk
mem means Suspend-to-RAM.

resume

disk means Suspend-to-Disk.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 14

state

Oracle Internal & Oracle Academy Use Only

c.

Practice 5-4: Using sysctl


Overview
In this practice, you use the sysctl utility and view the sysctl configuration file.

Tasks
Use the sysctl utility.
a.
2.

Use the sysctl command to disable IP Forwarding.

b. Use the sysctl command to display the current kernel settings.


View the contents of the /etc/sysctl.conf file.

Changes that are made by using both echo and sysctl are lost when the system is
rebooted.
To preserve custom settings, add them to the /etc/sysctl.conf file.

Values that are added to this file take effect each time the system boots.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 15

Oracle Internal & Oracle Academy Use Only

1.

Solution 5-4: Using sysctl


Tasks
1.

Use the sysctl utility.


a.

Use the sysctl command to disable IP Forwarding.

b.

Use the sysctl command to display the current kernel settings.


# sysctl a
kernel.sched_child_runs_first = 0
kernel.sched_min_granularity_ns = 0
...
vm.overcommmit_memory = 0
vm.panic_on_oom = 0
...
fs.inode-nr = 38454
42
fs.inode-state = 38454
42 0 0 0 0 0
...
debug.exception-trace = 1
dev.scsi.logging_level = 0
dev.raid.speed_limit_min = 1000
...
net.netfilter.nf_log.0 = NONE
net.netfilter.nf_log.1 = NONE
...
net.ipv4.route.gc_thresh = 131072
net.ipv4.route.max_size = 2097152
...
net.ipv6.neigh.default.mcast_solicit = 3
net.ipv6.neigh.default.ucast_solicit = 3
...
sunrpc.rpc_debug = 0
sunrpc.nfs_debug = 0
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 16

Oracle Internal & Oracle Academy Use Only

# cat /proc/sys/net/ipv4/ip_forward
1
# sysctl -w net.ipv4.ip_forward=0
net.ipv4.ip_forward = 0
# cat /proc/sys/net/ipv4/ip_forward
0

Use the less command to view the contents of the /etc/sysctl.conf file.
# less /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
# For binary values, 0 is disabled, I is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
# Controls source route verification
net.ipv4.conf.default.rp_filter = 0
...
Changes that are made by using both echo and sysctl are lost when the system is
rebooted.
To preserve custom settings, add them to the /etc/sysctl.conf file.

Values that are added to this file take effect each time the system boots.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 17

Oracle Internal & Oracle Academy Use Only

2.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 5: System Configuration


Chapter 5 - Page 18

Chapter 6

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 6:


Package Management

Practices for Lesson 6


Practices Overview
In these practices, you do the following:
Use the rpm utility to perform software package management.

Become familiar with the Oracle Public Yum Server.

Create a local yum repository and use the yum utility.

Become familiar with the Oracle Unbreakable Linux Network (ULN).

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 2

Practice 6-1: Using the rpm Utility


Overview
In this practice, you use the rpm utility to query installed packages, install packages, and
remove packages.
Note: In Practice 17, you use the rpm utility to install a new kernelUnbreakable Enterprise
Kernel Release 2 (2.6.39)after you configure the network and file transfer services.

Assumptions

You are the root user on the host03 VM.

1.

Query packages by using rpm.


a. Query all installed packages.
b. Query whether a specific package (bash, for example) is installed.
c. Get detailed information about the bash package.
d. List the files in the bash package.
e. Perform a reverse search. That is, determine what package the /etc/sysconfig file
belongs to.
f. List the configuration files associated with the cups package.

2.

Install packages by using rpm.


a. Determine the mount point for Oracle Linux installation media.

b.
c.
d.
e.
f.
g.
h.
i.

3.

In this example, the mount point is /media/OL*.


Change to the /media/OL* directory.

List the contents of the directory.


Notice the Packages subdirectory.
Change to the Packages subdirectory, and then list the contents.
Verify that the zsh package (Z-Shell) is not already installed.
In this example, the zsh package is not installed.
Install the zsh package.
Verify that the zsh package is now installed.
Run the zsh command, and then display the process ID of zsh.
Use the exit command to log out of zsh.

Remove packages by using rpm.


a. Remove the zsh package.
b. Verify that the zsh package has been removed.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 6-1: Using the rpm Utility


Tasks
1.

Query packages by using rpm.


a. Query all installed packages.
# rpm qa
...
b.

Query whether a specific package (bash, for example) is installed.


# rpm qa bash
bash-4.1.2-8.el6.x86_64
Get detailed information about the bash package.
# rpm qi bash
Name
: bash
Version
: 4.1.2
Release
: 8.el6
Install Date: Thu 08 Dec 2011
Group
: System Environment/Shells
...

d.

List the files in the bash package.


# rpm ql bash
/bin/bash
/bin/sh
/etc/skel/.bash_logout
/etc/skel/.bash_profile
...

e.

Perform a reverse search. That is, determine what package the /etc/sysconfig file
belongs to.
# rpm qf /etc/sysconfig
filesystem-2.4.30-3.el6.x86_64

f.

List the configuration files associated with the cups package.


# rpm qc cups
/etc/cups/classes.conf
/etc/cups/client.conf
/etc/cups/cupsd.conf
/etc/cups/lpoptions
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 4

Oracle Internal & Oracle Academy Use Only

c.

2.

Install packages by using rpm.


a.

Use the df command to determine the mount point for Oracle Linux installation media.

# df h
Filesystem Size Used Avail
Use% Mounted on
...
/dev/sr0
3.4G 3.4G
0
100% /media/OL6.2...
In this example, the mount point is /media/OL*.
b. Use the cd command to change to the /media/OL* directory.
# cd /media/OL*
Use the ls command to list the contents of the directory.

# ls
EFI
media.repo
RELEASE-NOTES-x86-en.html
EULA
Packages
repodata
...
Notice the Packages subdirectory.
d. Use the cd command to change to the Packages directory, and then list the contents
of the directory.
# cd Packages
# ls
389-ds-base-1.2.9.14-1.el6.x86_64.rpm
389-ds-base-libs-1.2.9.14-1.el6.x86_64.rpm
...
zlib-devel-1.2.3-27.el6.x86_64.rpm
zsh-4.3.10-4.1.el6.x86_64.rpm
e.

Verify that the zsh package (Z-Shell) is not already installed.

# zsh
-bash: zsh: command not found
# rpm qa zsh
In this example, the zsh package is not installed.
f. Install the zsh package by using rpm.
# rpm Uvh zsh-4.3.10-4.1.el6.x86_64.rpm
...
Preparing...
############################### [100%]
1:zsh
############################### [100%]
g.

Verify that the zsh package is now installed.


# rpm qa zsh
zsh-4.3.10-4.1.el6.x86_64

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 5

Oracle Internal & Oracle Academy Use Only

c.

Run the zsh command, and then display the process ID of zsh.
# zsh
# ps
PID
7887
7895
16690
16697

i.

pts/0
pts/0
pts/0
pts/0

su
bash
zsh
ps

Use the exit command to log out of zsh.


# exit
# ps
PID
7887
pts/0
7895
pts/0
16697 pts/0

3.

00:00:00
00:00:00
00:00:00
00:00:00

00:00:00 su
00:00:00 bash
00:00:00 ps

Remove packages by using rpm.


a. Remove the zsh package.
# rpm e zsh
b.

Verify that the zsh package has been removed.


# rpm qa zsh
# zsh
-bash: /bin/zsh: No such file or directory

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 6

Oracle Internal & Oracle Academy Use Only

h.

Practice 6-2: Oracle Public Yum Server


Overview
In this practice, you access the Oracle Public Yum Server, download the repo file for Oracle
Linux, and enable a yum repository.

Assumptions

This practice is performed from dom0.

You are logged on as root on dom0.

1.

2.

Access the Oracle Public Yum Server.


a. On dom0, open Firefox web browser by clicking the icon on the desktop.
b. Enter the URL for the public yum server, http://public-yum.oracle.com.
c. Scroll down the webpage if necessary and view the steps for Oracle Linux 6.
These commands are executed from the command line.
Determine HTTP Proxy server on dom0.
a. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
b. Click the Advanced menu option on the Firefox Preferences window, then select the
Network tab.
c. Click the Settings button.
d. Record the HTTP Proxy setting.

3.

In this example, the setting is ges-proxy.us.oracle.com. Your setting may be


different.
You need to know the setting for this practice as well as in Practice 15.
Do not make any changes to the settings.
e. Click Cancel to close the Connection Settings window.
f. Click Close to close the Firefox Preferences window.
g. Click File > Quit to close the browser on dom0.
Download the yum repo file and enable the Oracle Linux 6 Update 3 repository.
a.

From the command line, use the export command to set


http_proxy=http://ges-proxy.us.oracle.com.

This is an example only using ges-proxy.us.oracle.com.

b.
c.

Use the value determined in the previous step.


Change to the yum repository directory: /etc/yum.repos.d.
Use the wget command to download the Oracle Linux 6 yum repo file.

d.

Display the contents of the repo file.

In this example, the downloaded repo defines seven repositories:

The latest version of Oracle Linux 6, ol6_latest

The base GA version of Oracle Linux 6, ol6_ga_base

Update 1 of Oracle Linux 6, ol6_u1_base


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 7

Oracle Internal & Oracle Academy Use Only

Tasks

Update 2 of Oracle Linux 6, ol6_u2_base

Update 3 of Oracle Linux 6, ol6_u3_base

The latest version of Unbreakable Enterprise Kernel, ol6_UEK_latest

The base version of Unbreakable Enterprise Kernel, ol6_UEK_base

The location of the repositories is given by the baseurl directive.

The location of the GPG key (which is used to verify the authenticity of the
packages) is given by the gpgkey directive.

When the gpgcheck directive is set to 1, yum will check the GPG signatures.

e.

Edit the repo file and enable the appropriate repository.


Change enabled=0 to enabled=1.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 8

Solution 6-2: Oracle Public Yum Server


Tasks
1.

Access the Oracle Public Yum Server.


a. On dom0, open Firefox web browser by clicking the following icon on the desktop.

Enter the following URL for the public yum server:


http://public-yum.oracle.com.

Oracle Internal & Oracle Academy Use Only

b.

c.

2.

Scroll down the web page if necessary and view the steps for Oracle Linux 6.
These commands are executed from the command line.
Determine HTTP Proxy server on dom0.
a. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
b. Click the Advanced menu option on the Firefox Preferences window, then select the
Network tab.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 9

Click the Settings button to display the following screen.

d.

Record the HTTP Proxy setting.

3.

In this example, the setting is ges-proxy.us.oracle.com. Your setting may be


different.
You need to know the setting for this practice as well as in Practice 15.
Do not make any changes to the settings.
e. Click Cancel to close the Connection Settings window.
f. Click Close to close the Firefox Preferences window.
g. Click File > Quit to close the browser on dom0.
Download the yum repo file and enable the Oracle Linux 6 Update 3 repository.
a.

b.

From the command line, use the export command to set


http_proxy=http://ges-proxy.us.oracle.com.

This is an example only using ges-proxy.us.oracle.com.

Use the value determined in the previous step.


# export http_proxy=http://ges-proxy.us.oracle.com
Use the cd command to change to the yum repository directory: /etc/yum.repos.d.
# cd /etc/yum.repos.d

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 10

Oracle Internal & Oracle Academy Use Only

c.

Use the wget command to download the yum repo file (Oracle Linux 6 in this
example).
# wget http://public-yum.oracle.com/public-yum-ol6.repo
...
Resolving ges-proxy.us.oracle.com...
Connecting to ges-proxy.us.oracle.com...
Proxy request sent, awaiting response... 200 OK
Length: 1461 (1.4K) [test/plain]
Saving to: public-yum-ol6.repo
100%[================================>] 1,461 --.-K/s in 0s
... public-yum-ol6.repo saved [1461/1461]

d.

Use the less command to display the contents of the repo file.
# less public-yum.ol6.repo
[ol6_latest]
name=Oracle Linux $releasever Latest ($basearch)
baseurl=http://publicyum.oracle.com/repo/OracleLinux/OL6/latest/$basearch/
gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=0
[ol6_ga_base]
name=Oracle Linux $releasever GA installation media copy
($basearch)
baseurl=http://publicyum.oracle.com/repo/OracleLinux/OL6/0/base/$basearch/
gpgkey=http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
gpgcheck=1
enabled=0
[ol6_u1_base]
...
[ol6_u2_base]
...
[ol6_u3_base]
...
[ol6_UEK_latest]
...
[ol6_UEK_base]
...
In this example, the downloaded repo defines seven repositories:

The latest version of Oracle Linux 6, ol6_latest


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 11

Oracle Internal & Oracle Academy Use Only

c.

The base GA version of Oracle Linux 6, ol6_ga_base

Update 1 of Oracle Linux 6, ol6_u1_base

Update 2 of Oracle Linux 6, ol6_u2_base

Update 3 of Oracle Linux 6, ol6_u3_base

The latest version of Unbreakable Enterprise Kernel, ol6_UEK_latest

The base version of Unbreakable Enterprise Kernel, ol6_UEK_base

The location of the repositories is given by the baseurl directive.

The location of the GPG key (which is used to verify the authenticity of the
packages) is given by the gpgkey directive.

When the gpgcheck directive is set to 1, yum will check the GPG signatures.
Use the vi editor to edit the repo file and enable the appropriate repository.

In this example, enable the Oracle Linux 6 Update 3 repository, ol6_u3_base, by


changing enabled=0 to enabled=1.
# vi public-yum.ol6.repo
...
[ol6_u3_base]
...
enabled=0
(old entry)
enabled=1
(new entry)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 12

Oracle Internal & Oracle Academy Use Only

e.

Practice 6-3: Creating a Local yum Repository


Overview
In this practice, you install the createrepo utility (if necessary), create a local yum repository,
and create a repo file to enable the local repository.

Assumptions

This practice is performed from the host03 VM.

You are logged on as root on host03.

The Oracle Linux dvd.iso image is mounted on /media.

1.

Ensure that the Oracle Linux dvd.iso image is mounted on /media.


a. Display the mounted file systems.

2.

Ensure that the createrepo utility is installed. If it is not, install it now.


a. Check whether the createrepo package is installed.

In this example, the package is not installed.


Change to the /media/OL*/Packages directory in order to install createrepo.
Use the rpm command to install the package.

The package does not install because the dependent packages are not installed.
Attempt to use yum to install, because yum resolves dependencies.

b.
c.
d.

e.
f.
3.

Notice the OL6.2 media is mounted on /media.

The yum command fails because no repository is available.


Install the dependent packages first, and then install createrepo.
Verify that createrepo is installed and in the search path.

Create the local repository.


a. Change to the /media directory.
b. Use the createrepo command to create a repository of the current directory.
c. View the results of the createrepo command.

Notice that the repodata directory has been created.

d.

View the contents of the repodata directory.

e.

Run the yum clean all command to clean up the yum cache.

f.

Change to the yum repository directory, create the iso.repo file, and enable the local
repository using the following parameters:
Repository=[Myrepo]
name=Oracle Linux
baseurl=file:///media
enabled=1
gpgkey=file:///media/RPM-GPG-KEY-oracle

gpgcheck=1

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 13

Oracle Internal & Oracle Academy Use Only

Tasks

g.

In this example, the GPG key is located on the Oracle Linux dvd.iso image.

h.
i.

The files are the same, so either can be used.


Copy the RPM-GPG-KEY-oracle file from /media/OL* to /media.
Manually install the public key using the rpm --import RPM-GPG-KEY-oracle
command.
Confirm the import of the public key by using the rpm qa gpg-pubkey* command.

Oracle Internal & Oracle Academy Use Only

j.

There are two files that contain the GPG key.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 14

Solution 6-3: Creating a Local yum Repository


Tasks
Ensure that the Oracle Linux dvd.iso image is mounted on /media.
a.

2.

Use the df command to display the mounted file systems.

# df h
Filesystem
Size Used Avail Use% Mounted on
...
/dev/sr0
3.4G 3.4G
0 100% /media/OL6.2 x86_64
Disc...
Notice the OL6.2 media is mounted on /media.
Ensure that the createrepo utility is installed. If it is not, install it now.
a.

Use the rpm command to check whether the createrepo package is installed.

# rpm qa createrepo
In this example, the package is not installed.
b. Change to the /media/OL*/Packages directory to install createrepo.
# cd /media/OL*/Packages
# ls creat*
createrepo-0.9.8-4.el6.noarch.rpm
c.

Use the rpm command to install the package.

# rpm Uvh createrepo-0.9.8-4.el6.noarch.rpm


...
error: Failed dependencies:
deltarpm is needed by createrepo-0.9.8-4.el6.noarch
python-deltarpm is needed by createrepo-0.9.84.el6.noarch
The package does not install because the dependent packages are not installed.
d. Attempt to use yum to install because yum resolves dependencies.
# yum install createrepo
Loaded plugins: refresh-packagekit
Setting up Install Process
No package createrepo available
Error: Nothing to do
The yum command fails because no repository is available.
e. The only alternative is to use rpm and install the dependent packages first, and then
install createrepo.
# rpm Uvh deltarpm-3.5-0.5.2009013git.el6.x86_64.rpm
...
Preparing...
############################### [100%]
1:deltarpm
############################### [100%]
# rpm Uvh python-deltarpm-3.5-0.5.2009013git.el6.x86_64.rpm
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 15

Oracle Internal & Oracle Academy Use Only

1.

...
Preparing...
###############################
1:python-deltarpm
###############################
# rpm Uvh createrepo-0.9.8-4.el6.noarch.rpm
...
Preparing...
###############################
1:createrepo
###############################
f.

[100%]
[100%]

[100%]
[100%]

Verify that createrepo is installed and in the search path.

3.

Create the local repository.


a. Change to the /media directory.
# cd /media
# ls
OL6.2 x86_64 Disc 1 20111212
b.

Use the createrepo command to create a repository of the current directory.


# createrepo .
...
21504/21504 OL6.2.../Server/Packages/zsh-4.3.104.1.el6.x86_64.rpm
Saving Primary metadata
Saving file lists metadata
Saving other metadata

c.

View the results of the createrepo command.

# pwd
/media
# ls l
drwx-r-x-r-x.
OL6.2 x86_64 Disc 1 20111212
drwx-r-x-r-x.
repodata
Notice that the repodata directory has been created.
d. View the contents of the repodata directory.
# ls l repodata
-rw-r--r-filelists.xml.gz
-rw-r--r-other.xml.gz
-rw-r--r-primary.xml.gz
-rw-r--r-repomd.xml

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 16

Oracle Internal & Oracle Academy Use Only

# which createrepo
/usr/bin/createrepo

e.

Run the yum clean all command to clean up the yum cache.
# yum clean all
Loaded plugins: refresh-packagekit
Cleaning repos:
Cleaning up Everything
Change to the yum repository directory and use the vi editor to create the iso.repo
file:
# cd /etc/yum.repos.d
# vi iso.repo
[Myrepo]
name=Oracle Linux
baseurl=file:///media
enabled=1
gpgkey=file:///media/RPM-GPG-KEY-oracle
gpgcheck=1

g.

In this example, the GPG key is located on the Oracle Linux dvd.iso image.
# cd /media/OL*
# ls *GPG*
RPM-GPG-KEY
RPM-GPG-KEY-oracle
There are two files that contain the GPG key.
The files are the same, so either can be used.
# diff RPM-GPG-KEY RPM-GPG-KEY-oracle

h.

Use the cp command to copy the RPM-GPG-KEY-oracle file from /media/OL* to


/media.
# cp /media/OL*/RPM-GPG-KEY-oracle /media

i.

Manually install the public key.


# rpm --import RPM-GPG-KEY-oracle

j.

Confirm the import of the public key.


# rpm qa gpg-pubkey
gpg-pubkey-...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 17

Oracle Internal & Oracle Academy Use Only

f.

Practice 6-4: Using the yum Utility


Overview
In this practice, you use the yum utility to list both installed packages and packages available to
be installed, install a package, check for packages with updates available, update a package,
and remove a package.

Assumptions

This practice assumes that you have a yum repository configured.

This practice is performed from the host03 VM.

You are logged on as root on host03.

1.

2.
3.

4.

List packages by using yum.


a. List all packages that are installed on your system and all packages that are available
in all configured repositories.
Notice that some packages were installed during installation (@anaconda) and
some are available in the new repository (Myrepo).
b. List only the installed packages.
c. List only the packages that are available to be installed from enabled repositories.
d. List the name of the package to which the /etc/sysconfig/crond file belongs.
Install packages by using yum.
a. Install the 389-ds-base package.
Update packages by using yum.
You have no packages with updates available.
This exercise is an example and only shows the steps needed to update a package.
a. Check to see which installed packages have updates available.
b. Update the DeviceKit-power package.
Remove packages by using yum.
a. Remove the 389-ds-base package.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 18

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 6-4: Using the yum Utility


1.

List packages by using yum.


a. List all packages installed on your system and all packages available in all configured
repositories.
# yum list
Loaded plugins: refresh-packagekit, security
Installed Packages
ConsoleKit.x86_64
0.4.1-3.el6
@anacondaOra...
ConsoleKit.libs.x86_64
0.4.1-3.el6
@anacondaOra...
...
zlib.i686
1.2.3-27.el6
Myrepo
zlib-devel.i686
1.2.3-27.el6
Myrepo
zlib-devel.x86_64
1.2.3-27.el6
Myrepo
zsh.x86_64
4.3.10-4.1.el6
Myrepo
Notice that some packages were installed during installation (@anaconda) and
some are available in the new repository (Myrepo).
b. List only the installed packages.
# yum list installed
Loaded plugins: refresh-packagekit, security
Installed Packages
ConsoleKit.x86_64
0.4.1-3.el6
Ora...
...
zlib.x86_64
1.2.3-27.el6
Ora...
c.

@anaconda-

List only the packages that are available to be installed from enabled repositories.
# yum list available
Available Packages
389-ds-base.x86_64
389-ds-base-libs.i686
...

d.

@anaconda-

1.2.9.14-1.el6
1.2.9.14-1.el6

Myrepo
Myrepo

List the name of the package to which the /etc/sysconfig/crond file belongs.
# yum provides /etc/sysconfig/crond
cronie-1.4.4-7.el6.x86_64
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 19

Oracle Internal & Oracle Academy Use Only

Tasks

Install packages by using yum.


a. Install the 389-ds-base package.
# yum install 389-ds-base
Setting up Install Process
Resolving Dependencies
--> Running transaction check
...
--> Finished Dependency Resolution
Dependencies Resolved
===================================================
Package
===================================================
Installing:
389-ds-base
Installing for dependencies:
389-ds-base-libs
...
Transaction Summary
===================================================
Install
12 Package(s)
Total download size: 3.3 M
Installed size: 11 M
Is this ok [y/N]: y
Downloading packages
...
Running rpm_check debug
Running Transaction Test
...
Installing : svrcore-4.0.4-5.1.el6.x86_64
...
Installed:
389-ds-base.x86_64 0:1.2.9.14-1.el6
Dependency Installed:
389-ds-base-libs.x86_64 0:1.2.9.14-1.el6
...
Complete!

3.

Update packages by using yum.

You have no packages with updates available.


This exercise is an example and only shows the steps needed to update a package.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 20

Oracle Internal & Oracle Academy Use Only

2.

b.

Check to see which installed packages have updates available.


# yum check-update
DeviceKit-power.x86_64
014-1.el6
...

Myrepo

Update the DeviceKit-power package.


# yum update DeviceKit-power
Setting up Update Process
Resolving Dependencies
--> Running transaction check
...
--> Finished Dependency Resolution
Dependencies Resolved
===================================================
Package
===================================================
Updating:
DeviceKit-power
Transaction Summary
===================================================
Upgrade
1 Package(s)
Total download size: 90 k
Is this ok [y/N]: y
Downloading packages
DeviceKit-power-014-3.el6.x86_64.rpm
Running rpm_check debug
Running Transaction Test
...
Updating
: DeviceKit-power-014-3.el6.x86_64
Cleanup
: DeviceKit-power-014-3.el6.x86_64
Updated:
DeviceKit-power-014-3.el6.x86_64
Complete!

4.

Remove packages by using yum.


a. Remove the 389-ds-base package.
# yum remove 389-ds-base
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
...
--> Finished Dependency Resolution
Dependencies Resolved
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 21

Oracle Internal & Oracle Academy Use Only

a.

Removed:
389-ds-base.x86_64 0:1.2.9.14-1.el6
Complete!

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 22

Oracle Internal & Oracle Academy Use Only

===================================================
Package
===================================================
Removing:
389-ds-base
Transaction Summary
===================================================
Remove
1 Package(s)
Installed size: 4.5 M
Is this ok [y/N]: y
Downloading packages
Running rpm_check debug
Running Transaction Test
...
Erasing
: 389-ds-base-1.2.9.14-1.el6.x86_64

Practice 6-5: Unbreakable Linux Network (ULN)


Overview
In this practice, you access the ULN and become familiar with the ULN web interface.

This practice is performed from dom0.

You are logged on as root on dom0.

To fully complete this practice, you must be a licensed Oracle customer with an active
Oracle Linux support subscription.
If you do not have an Oracle Linux support contract, browse to the ULN site, click some
of the links, and read through the tasks in this practice to understand the capabilities of
ULN.

Tasks
1.

2.

Access the Unbreakable Linux Network (ULN).


a. From a browser, enter the following URL for the Unbreakable Linux Network (ULN):
https://linux.oracle.com
b. Click Sign On to be prompted for login credentials.
The first time you access the ULN, use your email address and your Customer
Support Identifier (CSI) to log in. You are then required to create a password.
In the future, use your email address and password to log in to ULN.
When you register for the first time, you are subscribed to the default channel of
ol6_<arch>_latest.
After registering, you can specify a different channel by using the web interface.
Use the ULN web interface.
a. You are first taken to the ULN Home page.

The ULN web interface allows subscribers to register systems and subscribe to
channels.
b. Click the Channels tab to list of all the channels available via ULN.
For each channel, you can see its detailed description and how many packages are
available for download.
c. Click the Systems tab to see registered systems and the number of RPMs available on
the subscribed channels to be downloaded and installed.
From this screen, you can also subscribe to additional channels.
For each channel, you can see a comprehensive listing of each available package.
You can also search the list.
You can get many package details, including a list of the files installed on the
system when the RPM is downloaded, and a list of the other packages that are
necessary for this one to be installed.
You can also select to download the source RPMs in addition to the binary RPMs.
d. Click the Errata tab to list all errata that have been published.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 23

Oracle Internal & Oracle Academy Use Only

Assumptions

Solution 6-5: Unbreakable Linux Network (ULN)


Tasks
Access the Unbreakable Linux Network (ULN).
a. From a browser, enter the following URL for the Unbreakable Linux Network (ULN):
https://linux.oracle.com.

b.

Click Sign On to be prompted for login credentials.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 24

Oracle Internal & Oracle Academy Use Only

1.

The first time you access the ULN, use your email address and your Customer Support
Identifier (CSI) to log in. You are then required to create a password.

2.

In the future, use your email address and password to log in to ULN.
When you register for the first time, you are subscribed to the default channel of
ol6_<arch>_latest.

After registering, you can specify a different channel by using the web interface.
Use the ULN web interface.
a. You are first taken to the ULN Home page.

The ULN web interface allows subscribers to register systems and subscribe to
channels.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 25

Oracle Internal & Oracle Academy Use Only

c.

Click the Channels tab to list of all the channels available via ULN.

For each channel, you can see its detailed description and how many packages are
available for download.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 26

Oracle Internal & Oracle Academy Use Only

b.

Click the Systems tab to see registered systems and the number of RPMs available on
the subscribed channels to be downloaded and installed.

From this screen, you can also subscribe to additional channels.


For each channel, you can see a comprehensive listing of each available package.
You can also search the list.
You can get many package details, including a list of the files installed on the
system when the RPM is downloaded and a list of the other packages that are
necessary for this one to be installed.
You can also select to download the source RPMs in addition to the binary RPMs.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 27

Oracle Internal & Oracle Academy Use Only

c.

Click the Errata tab to list all errata that have been published.

Oracle Internal & Oracle Academy Use Only

d.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 6: Package Management


Chapter 6 - Page 28

Chapter 7

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 7: Ksplice


Chapter 7 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 7:


Ksplice

Practices for Lesson 7


Practices Overview

Oracle Internal & Oracle Academy Use Only

There are no practices for this lesson.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 7: Ksplice


Chapter 7 - Page 2

Chapter 8

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 8:


Automating Tasks

Practices for Lesson 8


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you use and configure utilities to automate tasks.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 2

Practice 8-1: Automating Tasks


Overview
In this practice, you use the crontab utility and the at utility to automate tasks. You also
prevent the oracle user from being able to use the at utility.

Assumptions

You are the root user on the host03 VM.

Tasks
Create a crontab for the root user.
a. List the contents of your (root) crontab file.
b.

View the contents of the /var/spool/cron directory.

c.

Notice that there are no files in this directory.


Create a crontab job that runs the ls command every minute.

d.

The crontab e command uses the vi editor.


View the contents of the /var/spool/cron directory again.
Now there is a root file in the /var/spool/cron directory.

e.
f.

You also have mail, because the output from cron jobs is sent to the users
mailbox.
Display the contents of the /var/spool/cron/root file.
Use the mail command to view the results of your job.

g.
h.
i.

To view details of mailbox entries, press the associated number and then press
Enter.
To re-display the header, press H and then press Enter.
To quit the mail program, press Q and then press Enter.
Quit the mail program.
Remove your crontab.
View the contents of the /var/spool/cron directory.
Notice that the root file has been removed from this directory.

2.

Create a crontab for the oracle user.

a.

b.
c.

In this task, you switch back and forth between the root user and the oracle user.
Open another tab in your terminal window by pressing Ctrl + Shift + T, or right-click
and select Open Tab.
Your terminal window now has a tab where you are logged in as root and a tab
where you are logged in as the oracle user.
Click the oracle@host03 tab and confirm that you are logged in as the oracle user.

d.
e.

List the contents of your crontab file.


Create a cron job that runs the echo Hello World command every other minute.
List the contents of your crontab file.

f.
g.

Use the mail command to view the results of your job.


View the details of each mailbox entry.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 3

Oracle Internal & Oracle Academy Use Only

1.

h.
i.

After viewing the details, quit the mail program.


View the contents of the /var/spool/cron directory.
Notice that only the root user has permission to view this directory.

j.

Click the root@host03 tab and confirm that you are logged in as the root user.

k.

View the contents of the /var/spool/cron directory.


Notice that there is an oracle file in the /var/spool/cron directory.

l.

m. Remove the crontab for the oracle user.


Use the at command to schedule a one-time task at a specific time.
a. Click the oracle@host03 tab and confirm that you are logged in as the oracle user.
b.
c.
d.

4.

Use at to run the pwd command in 1 minute.


List the pending job.
After 1 minute has passed, list the pending job again.
Notice that this time there are no pending jobs.
e. Use the mail command to view the results of your job.
f. View the details of each mailbox entry.
g. After viewing the details, quit the mail program.
Restrict usage of the at command.

a.
b.
c.
d.

5.

In this task, you also switch back and forth between the root user and the oracle
user.
Click the root@host03 tab and confirm that you are logged in as the root user.
Add user oracle to the /etc/at.deny file.
Click the oracle@host03 tab and confirm that you are logged in as the oracle user.
Attempt to use at to run a command in 1 minute.

Notice that you do not have permission to use the at utility.


Close the oracle@host03 tab in the terminal window.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 4

Oracle Internal & Oracle Academy Use Only

3.

Display the contents of the /var/spool/cron/oracle file.

Solution 8-1: Automating Tasks


Tasks
1.

Create a crontab for the root user.


a.

Use the crontab l command to list the contents of your crontab file.
# crontab l
no crontab for root
Use the ls command to view the contents of the /var/spool/cron directory.

# ls /var/spool/cron
Notice that there are no files in this directory.
c. Use the crontab e command to create a crontab job that runs the ls command
every minute.
# crontab e
* * * * * ls
The crontab e command uses the vi editor. Save your changes and exit vi.
The following messages will be displayed:
no crontab for root using an empty one
crontab: installing new crontab
d. Use the ls command to view the contents of the /var/spool/cron directory.
# ls /var/spool/cron
root
You have new mail in /var/spool/mail/root
Now there is a root file in the /var/spool/cron directory.

e.

You also have mail, because the output from cron jobs is sent to the users
mailbox.
Use the cat command to display the contents of the /var/spool/cron/root file.
# cat /var/spool/cron/root
* * * * * ls

f.

Use the mail command to view the results of your job.


# mail
...
>N 1 Cron Daemon Tue Dec 13 07:17 23/726 Cron <root@host03>
ls
N 2 Cron Daemon Tue Dec 13 07:18 23/726 Cron <root@host03>
ls
N 3 Cron Daemon Tue Dec 13 07:19 23/726 Cron <root@host03>
ls
&
To view details of mailbox entries, press the associated number and then press
Enter.
To re-display the header, press H and then press Enter.
To quit the mail program, press Q and then press Enter.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 5

Oracle Internal & Oracle Academy Use Only

b.

g.

Press Q and then Enter to quit the mail program.


& q

h.

Use the crontab r to remove the crontab.


# crontab r
# crontab l
no crontab for root

i.

Use the ls command to view the contents of the /var/spool/cron directory.


# ls /var/spool/cron
Notice that the root file has been removed from this directory.

Create a crontab for the oracle user.

a.

In this task, you switch back and forth between the root user and the oracle user.
Open another tab in your terminal window by pressing Ctrl + Shift + T, or right-click
and select Open Tab.
Your terminal window now has a tab where you are logged in as root and a tab
where you are logged in as the oracle user:

b.

Click the oracle@host03 tab and confirm that you are logged in as the oracle user.
[oracle@host03 ~]$ whoami
oracle
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 6

Oracle Internal & Oracle Academy Use Only

2.

c.

Use the crontab l command to list the contents of your crontab file.
[oracle@host03 ~]$ crontab l
no crontab for oracle

d.

Use the crontab e command to create a cron job that runs the echo Hello
World command every other minute.
[oracle@host03 ~]$ crontab e
*/2 * * * * echo Hello World

e.

Use the crontab l command to list the contents of your crontab file.
[oracle@host03 ~]$ crontab l
*/2 * * * * echo Hello World
Use the mail command to view the results of your job.
[oracle@host03 ~]$ mail
...
>N 1 Cron Daemon Tue Dec 13 08:40
<oracle@host03>
N 2 Cron Daemon Tue Dec 13 08:42
<oracle@host03>
&

g.
h.

21/728

Cron

23/726

Cron

To view details of mailbox entries, press the associated number and then press Enter.
After viewing the details, press Q and then Enter to quit.
& 1
...
Hello World
& q

i.

Use the ls command to view the contents of the /var/spool/cron directory.

[oracle@host03 ~]$ ls /var/spool/cron


ls: cannot open directory /var/spool/cron/: Permission denied
Notice that only the root user has permission to view this directory.
j. Click the root@host03 tab and confirm that you are logged in as the root user.
[root@host03 ~]# whoami
root
k.

Use the ls command to view the contents of the /var/spool/cron directory.


[root@host03 ~]# ls /var/spool/cron
oracle
Notice that there is an oracle file in the /var/spool/cron directory.

l.

Use the cat command to display the contents of the oracle users crontab.
[root@host03 ~]# cat /var/spool/cron/oracle
*/2 * * * * echo Hello World

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 7

Oracle Internal & Oracle Academy Use Only

f.

m. Use crontab r to remove the crontab for the oracle user.


[root@host03 ~]# crontab u oracle r
[root@host03 ~]# crontab u oracle l
no crontab for oracle
3.

Use the at command to schedule a one-time task at a specific time.


a. Click the oracle@host03 tab and confirm that you are logged in as the oracle user.
[oracle@host03 ~]$ whoami
oracle
Use at to run the pwd command in 1 minute.

[oracle@host03 ~]$ at now + 1 minute


at> pwd
at> <EOT>
Press Ctrl + D for <EOT>.
c. Use the atq command to list the pending job.
[oracle@host03 ~]$ atq
1
2011-12-13 10:16 a oracle
d.

After 1 minute has passed, run the atq command again.

[oracle@host03 ~]$ atq


Notice that this time there are no pending jobs.
e. Use the mail command to view the results of your job.
[oracle@host03 ~]$ mail
...
>N 1 Oracle Student Tue Dec 13 10:16 14/509
job
&
f.
g.

Output from your

To view details of mailbox entries, press the associated number and then press Enter.
After viewing the details, press Q and then Enter to quit.
& 1
...
/home/oracle
& q

4.

Restrict usage of the at command.

a.

In this task, you also switch back and forth between the root user and the oracle
user.
Click the root@host03 tab and confirm that you are logged in as the root user.
[root@host03 ~]# whoami
root

b.

Use the vi editor to add user oracle to the /etc/at.deny file.


[root@host03 ~]# vi /etc/at.deny
oracle
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 8

Oracle Internal & Oracle Academy Use Only

b.

c.

Click the oracle@host03 tab and confirm that you are logged in as the oracle user.
[oracle@host03 ~]$ whoami
oracle

d.

Attempt to use at to run a command in 1 minute.


[oracle@host03 ~]$ at now + 1 minute
You do not have permission to use at.

In the terminal window, click the X in the oracle@host03 tab to close this tab.

Oracle Internal & Oracle Academy Use Only

5.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 9

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 8: Automating Tasks


Chapter 8 - Page 10

Chapter 9

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 9:


System Logging

Practices for Lesson 9


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you configure system logging, use rsyslog templates to format message
logs, and install and run logwatch.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 2

Practice 9-1: System Log File Configuration


Overview
In this practice, you view the system logging configuration file, modify the file, and observe the
impact of the modifications. You also configure log file rotation.

Assumptions

You are the root user on the host03 VM.

1.

2.

Explore the main configuration file for system logging, /etc/rsyslog.conf.


a. View the system logging configuration file.
b. Use the up-arrow and down-arrow keys to view the various sections of the file.
The MODULES section uses the $ModLoad command to load the modules.
The GLOBAL DIRECTIVES section specifies configuration options.
The RULES section defines a filter (facility.priority) and an action.
Change the action for cron logging.
a. List the cron* files in the /var/log directory.

b.

Modify the system logging configuration file. Change the action for cron logging to log
to a different log file: /var/log/cron_new.

c.
d.
e.

Restart the rsyslog service.


Create a cron job that runs the ls command every minute.
List the cron* files in the /var/log directory.

Notice the new log file, cron_new.

f.

View the last two lines in the cron log file.

g.

View the newest entries in the cron_new log file.

Notice that there are time stamps and that the new log entries are being written to
cron_new.
Modify the system logging configuration file. Change the action for cron to log back to
the original log file: /var/log/cron.
Restart the rsyslog service.
View the latest entries in the two log files, /var/log/cron and
/var/log/cron_new, to verify that cron is now logging to /var/log/cron.

Notice that the entry in cron has a later time stamp than the entry in cron_new.

h.
i.
j.

3.

You may not have a cron- file with a time stamp appended to the file name.

k.

Delete the /var/log/cron_new log file.

l.

Remove the crontab.

Configure rsyslog to log debug messages.


a. Modify the system logging configuration file: Add an entry at the bottom of the file to log
all debug messages to /var/log/debug.
b.

Restart the rsyslog service.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

c.

Use the logger command to generate an informational log message, as in the


following example:
# logger p info This is an info-priority message

d.

View the latest entries in the /var/log/messages and /var/log/debug log files.

e.

Notice that the message was written to both log files.


Use the logger command to generate a debug-level log message, as in this
example:
# logger p debug This is a debug-priority message

f.

View the latest entries in the /var/log/messages and /var/log/debug log files.

4.

Notice that the debug-level message was only written to /var/log/debug.


g. Modify /etc/rsyslog.conf and remove the entry at the bottom of the file to log all
debug messages.
h. Restart the rsyslog service.
Configure log file rotation.
a. View the contents of the /var/log directory.

Specifically, view messages*, maillog*, and cron*.

Notice that some files in /var/log have numbers at the end of the file name.

These numbers represent a rotated log with the time stamp added to the log file
name.
You may not have log files with a time stamp appended to the file name. It depends
on how long your system has been running.
b. Modify the /etc/logrotate.conf configuration file. Change the frequency of detail
log file rotation from weekly to daily.

Your log files now rotate daily after making this change.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 4

Oracle Internal & Oracle Academy Use Only

Solution 9-1: System Log File Configuration


Tasks
Explore the main configuration file for system logging, /etc/rsyslog.conf.
a.

Use the less command to view the system logging configuration file.
# less /etc/rsyslog.conf
# rsyslog v3 config file
...
#### MODULES ####
$ModLoad imuxsock.so # provides support for local system
logging...
$ModLoad imklog.so
# provides kernel logging support...
...
#### GLOBAL DIRECTIVES ####
# use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
...
#### RULES ####
...
# Log anything (except mail) of level info or higher.
# Dont log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
...
# Log all the mail messages in one place.
mail.*
-/var/log/maillog
# Log cron stuff
cron.*
/var/log/cron
...

b.

Use the up-arrow and down-arrow keys to view the various sections of the file.

2.

The MODULES section uses the $ModLoad command to load the modules.

The GLOBAL DIRECTIVES section specifies configuration options.


The RULES section defines a filter (facility.priority) and an action.
Change the action for cron logging.
a. Use the ls command to list the cron* files in the /var/log directory.
# ls /var/log/cron*
cron
cron-20111211

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 5

Oracle Internal & Oracle Academy Use Only

1.

Use the vi editor to modify the system logging configuration file. Change the action for
cron logging to log to a different log file: /var/log/cron_new.
# vi /etc/rsyslog.conf
...
cron.*
/var/log/cron
cron.*
/var/log/cron_new

c.

(old entry)
(new entry)

Use the service command to restart the rsyslog service.


# service rsyslog restart
Shutting down system logger:
Starting system logger:

[
[

OK
OK

]
]

d.

Use the crontab e command to create a cron job that runs the ls command every
minute.
# crontab e
* * * * * ls

e.

Use the ls command to list the cron* files in the /var/log directory.
# ls /var/log/cron*
cron
cron-20111211
cron_new
Notice the new log file, cron_new.

f.

Use the tail command to view the last two lines in the cron log file.

# tail -2 /var/log/cron
Dec 13 11:22:51 host03 crontab[8129]: (root) LIST (root)
Dec 13 11:23:01 host03 CROND[8129]: (root) CMD (root)
This is sample output only.
g. Use the head command to view the newest entries in the cron_new log file.
# head /var/log/cron_new
Dec 13 11:24:01 host03 CROND[8178]: (root) CMD (ls)
Dec 13 11:25:01 host03 CROND[8196]: (root) CMD (ls)
...
Notice that there are time stamps and that the new log entries are being written to
cron_new.
h.

Use the vi editor to modify the system logging configuration file. Change the action for
cron logging back to the original log file.
# vi /etc/rsyslog.conf
...
cron.*
/var/log/cron_new
cron.*
/var/log/cron

i.

(old entry)
(new entry)

Use the service command to restart the rsyslog service.


# service rsyslog restart
Shutting down system logger:
Starting system logger:

[
[

OK
OK

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 6

]
]

Oracle Internal & Oracle Academy Use Only

b.

j.

Use the tail command to ensure that cron is now logging to /var/log/cron.

# tail /var/log/cron
...
Dec 13 11:44:01 host03 CROND[8404]: (root) CMD (ls)
# tail /var/log/cron_new
...
Dec 13 11:43:01 host03 CROND[8376]: (root) CMD (ls)
Notice that the entry in cron has a later time stamp than the entry in cron_new.
k. Use the rm command to delete the cron_new log file.

l.

Use crontab r to remove the crontab.


# crontab r

3.

Configure rsyslog to log debug messages.


a.

Use the vi editor to modify the system logging configuration file. Add an entry at the
bottom of the file to log all debug messages to /var/log/debug.
# vi /etc/rsyslog.conf
...
*.debug

b.

/var/log/debug

Use the service command to restart the rsyslog service.


# service rsyslog restart
Shutting down system logger:
Starting system logger:

c.

[
[

OK
OK

]
]

Use the logger command to generate an informational log message.


# logger p info This is an info-priority message

d.

Use the tail command to view the log files.

# tail /var/log/messages
...
Dec 13 13:36:12 host03 oracle: This is an info-priority message
# tail /var/log/debug
...
Dec 13 13:36:12 host03 oracle: This is an info-priority message
Notice that the message was written to both log files.
e. Use the logger command to generate a debug-level log message.
# logger p debug This is a debug-priority message
f.

Use the tail command to view the log files.


# tail /var/log/messages
...
Dec 13 13:36:12 host03 oracle: This is an info-priority message
# tail /var/log/debug
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 7

Oracle Internal & Oracle Academy Use Only

# rm /var/log/cron_new
rm: remove regular file cron_new? y

...
Dec 13 13:42:16 host03 oracle: This is a debug-priority message
Notice that the debug-level message was only written to /var/log/debug.
g. Use the vi editor to modify /etc/rsyslog.conf and remove the entry at the bottom
of the file to log all debug messages.

/var/log/debug.

Use the service command to restart the rsyslog service.


# service rsyslog restart
Shutting down system logger:
Starting system logger:

4.

[
[

OK
OK

]
]

Configure log file rotation.


a. Use the ls command to view the contents of the /var/log directory.
# ls /var/log/messages*
messages messages-20111211
# ls /var/log/maillog*
maillog
maillog-20111211
# ls /var/log/cron*
cron
cron-20111211
Notice that some files in /var/log have numbers at the end of the file name.

These numbers represent a rotated log with the time stamp added to the log file
name.
You may not have log files with a time stamp appended to the file name. It depends
on how long your system has been running.
b. Use the vi editor to modify the /etc/logrotate.conf configuration file. Change
the frequency of the default log file rotation from weekly to daily.
# vi /etc/logrotate.conf
...
# rotate log files weekly
weekly
(old entry)
daily
(new entry)
Your log files now rotate daily after making this change.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 8

Oracle Internal & Oracle Academy Use Only

h.

Remove this entry: *.debug

Practice 9-2: Using rsyslog Templates


Overview
In this practice, you use rsyslog templates to format rsyslog output.

Assumptions

You are the root user on the host03 VM.

Tasks
Use the vi editor to modify /etc/rsyslog.conf and define a template.
a. Add a new line at the bottom of the file as follows:
$template class,Message: %msg%\n

2.

This entry creates a template named class.

Continuing editing /etc/rsyslog.conf and create a log file that uses the template.
a. Add a new line at the bottom of the file as follows:
*.*
/var/log/class.log;class

3.

This entry must be after the entry that defined the template.
This entry writes all messages to the /var/log/class.log file and formats the
entries using the template class.
After saving the changes to /etc/rsyslog.conf, restart the rsyslog service.

4.

View the /var/log/class.log file.

5.

Notice that all entries are preceded by the text Message: followed by the actual
message, as defined in the template class.

6.

Use the vi editor to modify /etc/rsyslog.conf and modify the class template.
a. Change the template definition as follows:
$template class,Time: %timestamp%, Facility: %syslogfacilitytext%, Priority: %syslogpriority-text%, Hostname: %hostname%,
Message: %msg%\n
After saving the changes to /etc/rsyslog.conf, restart the rsyslog service.

7.

View the /var/log/class.log file.

8.

Notice that all entries now include the Time, Facility, Priority, Hostname, and
Message properties, as defined as defined in the template class.
Use the vi editor to modify /etc/rsyslog.conf and delete the following entries you
added in this practice.
$template class,Time: %timestamp%, Facility: %syslogfacilitytext%, Priority: %syslogpriority-text%, Hostname: %hostname%,
Message: %msg%\n

*.*

/var/log/class.log;class

9. After saving the changes to /etc/rsyslog.conf, restart the rsyslog service.


10. Remove the /var/log/class.log file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 9

Oracle Internal & Oracle Academy Use Only

1.

Solution 9-2: Using rsyslog Templates


Tasks
Use the vi editor to modify /etc/rsyslog.conf and define a template.
a. Add a new line at the bottom of the file as follows:
$template class,Message: %msg%\n

2.

This entry creates a template named class.

Continuing editing /etc/rsyslog.conf and create a log file that uses the template.
a. Add a new line at the bottom of the file as follows:
*.*
/var/log/class.log;class

3.

This entry must be after the entry that defined the template.
This entry writes all messages to the /var/log/class.log file and formats the
entries using the template class.
After saving the changes to /etc/rsyslog.conf, use the service command to restart
the rsyslog service.
# service rsyslog restart
Shutting down system logger:
Starting system logger:

4.

6.

]
]

# cat /var/log/class.log
Message: ...
...
Notice that all entries are preceded by the text Message: followed by the actual
message, as defined in the template class.

Use the vi editor to modify /etc/rsyslog.conf and modify the class template.
a. Change the template definition as follows:
$template class,Time: %timestamp%, Facility: %syslogfacilitytext%, Priority: %syslogpriority-text%, Hostname: %hostname%,
Message: %msg%\n
After saving the changes to /etc/rsyslog.conf, use the service command to restart
the rsyslog service.
# service rsyslog restart
Shutting down system logger:
Starting system logger:

7.

OK
OK

Use the cat command to view the /var/log/class.log file.

5.

[
[

[
[

OK
OK

]
]

Use the cat command to view the /var/log/class.log file.

# cat /var/log/class.log
Message: ...
...
Time: ...
...
Notice that all entries now include the Time, Facility, Priority, Hostname, and
Message properties, as defined as defined in the template class.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 10

Oracle Internal & Oracle Academy Use Only

1.

8.

Use the vi editor to modify /etc/rsyslog.conf and delete the following entries you
added in this practice.
$template class,Time: %timestamp%, Facility: %syslogfacilitytext%, Priority: %syslogpriority-text%, Hostname: %hostname%,
Message: %msg%\n

9.

*.*

/var/log/class.log;class

After saving the changes to /etc/rsyslog.conf, use the service command to restart
the rsyslog service.
# service rsyslog restart
Shutting down system logger:
Starting system logger:

[
[

OK
OK

]
]

# rm /var/log/class.log
rm: remove regular file /var/log/class.log? y

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 11

Oracle Internal & Oracle Academy Use Only

10. Use the rm command to remove the /var/log/class.log file.

Practice 9-3: Using logwatch


Overview
In this practice, you install the logwatch package, view the main configuration file (the cron
file), and run the logwatch utility from the command line.

Assumptions

You completed Practice 6-3 (Creating a Local Yum Repository).


You are the root user on the host03 VM.

Tasks
Install the logwatch package.
a.

Determine whether the logwatch package is already installed.

2.

b. Install the logwatch package (and dependency packages).


c. Verify that logwatch has successfully installed.
View logwatch files.
a. List all logwatch files.
b.

View the main logwatch configuration file.

3.

In this example, the logwatch package is not installed.

Notice various configurable items such as the following:


LogDir

TmpDir

MailTo

Print

Save

Range

Detail

Service

DailyReport
c. View the logwatch cron file.
Run logwatch from the command line.
a.
b.

View the logwatch help.


Run logwatch and display output to your screen.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 12

Oracle Internal & Oracle Academy Use Only

1.

Solution 9-3: Using logwatch


Tasks
Install the logwatch package.
a.

b.

Use the rpm command to determine whether the logwatch package is already
installed.
# rpm qa logwatch
In this example, the logwatch package is not installed.
Use the yum command to install the logwatch package.
# yum install logwatch
...
Setting up Install Process
Resolving Dependencies
--> Running transaction check
...
--> Finished Dependency Resolution
Dependencies Resolved
===================================================
Package
===================================================
Installing:
logwatch
Installing for dependencies:
perl-Date-Manip
perl-YAML-Syck
Transaction Summary
===================================================
Install
3 Package(s)
Total download size: 1.7 M
Installed size: 11 M
Is this ok [y/N]: y
Downloading packages
...
Running rpm_check debug
Running Transaction Test
...
Installing : perl-YAML-Syck-1.07-4.el6.x86_64
Installing : perl-Date-Manip-6.24-1.el6.noarch
Installing : logwatch-7.3.6-49.el6.noarch
Installed:
logwatch.noarch 0:7.3.6-49.el6
Dependency Installed:
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 13

Oracle Internal & Oracle Academy Use Only

1.

perl-Date-Manip.noarch 0:6.24-1.el6

perl-YAML-Syck.x86_64...

Complete!
c.

Use the rpm command to verify that logwatch has successfully installed.
# rpm qa logwatch
logwatch-7.3.6-49.el6.noarch

View logwatch files.


a.

Use the find command to list all logwatch files.


# find / -name *logwatch*
/var/cache/logwatch
/var/lib/yum/yumdb...logwatch-7.3.6-49.el6.noarch
/usr/sbin/logwatch
...
/usr/share/logwatch/default.conf/logwatch.conf
/usr/share/logwatch/scripts/logwatch/pl
...
/etc/cron.daily/0logwatch
/etc/logwatch
/etc/logwatch/conf/logwatch.conf

b.

Use the less command to view the main logwatch configuration file.
# less /usr/share/logwatch/default.conf/logwatch.conf
...
Notice various configurable items such as the following:
LogDir

c.

TmpDir

MailTo

Print

Save

Range

Detail

Service

DailyReport
Use the less command to view the logwatch cron file.
# less /etc/cron.daily/0logwatch
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 14

Oracle Internal & Oracle Academy Use Only

2.

3.

Run logwatch from the command line.


a. Run the logwatch --help command to view the logwatch help.
# logwatch --help
Usage: /usr/sbin/logwatch [--detail <level] [--logfile <name>]
[--print] [--mailto <addr>] ...
b.

Run logwatch and display output to your screen.

Oracle Internal & Oracle Academy Use Only

# logwatch --print
################# logwatch 7.3.6 (05/19/07) #################
Proccessing Initiated: Fri Jan...
Date Range Processed: yesterday
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 15

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 9: System Logging


Chapter 9 - Page 16

Chapter 10

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 10:


Kernel Module Configuration

Practices for Lesson 10


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you work with loadable kernel modules.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 2

Practice 10-1: Using Loadable Kernel Modules


Overview
In this practice, you perform the following tasks:
Use kernel module utilities to list modules.
Get detailed information on modules.
Load and unload kernel modules.
Explore the kernel module configuration directory.

Assumptions

Tasks
1.

List kernel modules.


a. List kernel modules currently loaded into the kernel.
The Size column displays the amount of memory the module uses.
The Used by column gives the total number of processes that are using the
module and other modules that it depends on, followed by a list of those dependent
modules.
For example, nf_conntrack depends on modules ipv4, nf_conntrack_ipv6,
and other listed modules being loaded before nf_conntrack loads.
b. List detailed information about a specific kernel module, for example nls_utf8.

2.

Notice that the kernel modules are loaded from the


/lib/modules/<kernel_version>/kernel directory.
c. Display the kernel version.
d. List the kernel modules for the kernel version.
The top level directories are listed.
The actual kernel modules have a .ko (kernel object) extension.
Load kernel modules.
a. Determine if the nfs kernel module is currently loaded.
In this example, nfs is not loaded.
b. Load the nfs kernel module.

Include the v (verbose) option.

Notice that the dependent modules are loaded prior to loading the nfs module.

3.

Also notice that modprobe uses the insmod command to load the modules.
c. Confirm that the nfs module is loaded.
List module dependencies.

Kernel module dependencies are listed in


/lib/modules/<kernel_version>/modules.dep.
a. List the kernel module dependencies for nfs.
Notice that the dependencies listed in the modules.dep file for nfs correspond with
the modules loaded when running the modprobe nfs command.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 3

Oracle Internal & Oracle Academy Use Only

You are the root user on the host03 VM.

4.

Unload kernel modules.


a. Unload the nfs kernel module.

Include the v (verbose) option.

Notice that modprobe -r uses the rmmod command to remove the modules.

a.

This directory contains files that specify kernel modules to be loaded at boot time.
List the contents of the /etc/sysconfig/modules directory.

b.
6.

Files in this directory must end in .modules.


View the contents of the .modules file.

Notice that the .modules files are executable shell scripts.


Explore the /etc/modprobe.d directory.

Files in this directory end with .conf and are used for specifying the options that are
to be used with kernel modules.
List the contents of the /etc/modprobe.d directory.
Search for the occurrence of alias in the dist.conf file.

a.
b.

c.
d.
e.

The alias command is used to create alternate names for kernel modules.
The alias name is the first argument; kernel module name is the second argument.
Load the nfs module using the nfs4 alias name.
Unload the nfs module using the nfs4 alias name.
Search for the occurrence of options in the openfwwf.conf file.

f.
g.
h.
i.

Notice the nohwcrypt and qos options for the b43 kernel module.
Load the b43 kernel module.
List detailed information about the b43 kernel module.
Notice the nohwcrypt and qos parameters for the b43 kernel module.
Unload the b43 kernel module.
Search for the occurrence of install in the dist.conf file.

For the net-pf-3 kernel module, the /bin/true command runs instead of loading
the kernel module when using modprobe.
j. Attempt to load the net-pf-3 kernel module. Then determine if the module loaded.
Notice that the net-pf-3 kernel module did not load.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 4

Oracle Internal & Oracle Academy Use Only

5.

Also notice that the dependent modules are removed when possible.
The sunrpc module could not be removed because it is a dependent module for
other kernel modules
b. List the kernel module dependencies for sunrpc.
The sunrpc module was not removed when removing the nfs module because
there are several dependencies (10 lines in modules.dep) for the sunrpc module.
Explore the /etc/sysconfig/modules directory.

Solution 10-1: Using Loadable Kernel Modules


Tasks
List kernel modules.
a. Use the lsmod command to list kernel modules currently loaded into the kernel.
# lsmod
Module
Size
Used by
nls_utf8
1405
1
fuse
58446
0
autofs4
22739
3
...
nf_conntrack
72187
3 ipv4,nf_conntrack_ipv6,...
...
The Size column displays the amount of memory the module uses.
The Used by column gives the total number of processes that are using the
module and other modules that it depends on, followed by a list of those dependent
modules.
In the sample output, nf_conntrack depends on modules ipv4,
nf_conntrack_ipv6, and other listed modules being loaded before
nf_conntrack loads.
b. Use the modinfo command to list detailed information about a specific kernel module
(for example, nls_utf8).
# modinfo nls_utf8
filename: /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/nls/nls_utf8
license:
Dual BSD/GPL
srcversion:
...
Notice that the kernel modules are loaded from the
/lib/modules/<kernel_version>/kernel directory.
c. Use the uname r command to display the kernel version.
# uname r
2.6.32-300.3.1.el6uek.x86_64
d.

List the kernel modules for the kernel version.


# ls R /lib/modules/`uname r`/kernel
arch
crypto
drivers
fs
kernel
lib
net
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 5

Oracle Internal & Oracle Academy Use Only

1.

2.

sound
...
The actual kernel modules have a .ko (kernel object) extension.
Load kernel modules.
a. Determine if the nfs kernel module is currently loaded.

# modprobe v nfs
insmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/net/sunrpc/auth_gss/auth_rpcgss.ko
insmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/nfs_common/nfs_acl.ko
insmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/fscache/fscache.ko
insmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/lockd/lockd.ko
insmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/nfs/nfs.ko
The above example includes the v (verbose) option.

c.

Notice that the dependent modules are loaded prior to loading the nfs module.
Also notice that modprobe uses the insmod command to load the modules.
Confirm that the nfs module is loaded.
# lsmod | grep nfs
nfs
266190
lockd
66514
fscache
41704
nfs_acl
2477
auth_rpcgss
38928
sunrpc
203671

3.

0
1
1
1
1
5

nfs
nfs
nfs
nfs
nfs,lockd,nfs_acl,auth_rpcgss

List module dependencies.

a.

Kernel module dependencies are listed in


/lib/modules/<kernel_version>/modules.dep.
Use the grep command to list the kernel module dependencies for nfs.
# grep nfs.ko /lib/modules/`uname r`/modules.dep
kernel/fs/nfs/nfs.ko: kernel/fs/lockd/lockd.ko ...fscache.ko
...nfs_acl.ko ...auth_rpcgss.ko ...sunrpc.ko
Notice that the dependencies listed in the modules.dep file for nfs correspond with
the modules loaded when running the modprobe nfs command.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 6

Oracle Internal & Oracle Academy Use Only

# lsmod | grep nfs


In this example, nfs is not loaded.
b. Use the modprobe command to load the nfs kernel module.

Unload kernel modules.


a. Use the modprobe -r command to unload the nfs kernel module.
# modprobe rv nfs
rmmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/nfs/nfs.ko
rmmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/lockd/lockd.ko
rmmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/fscache/fscache.ko
rmmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/fs/nfs_common/nfs_acl.ko
rmmod /lib/modules/2.6.32300.3.1.el6uek.x86_64/kernel/net/sunrpc/auth_gss/auth_rpcgss.ko
...
FATAL: Module sunrpc is in use.
WARNING: Error running remove command for sunrpc
The above example includes the v (verbose) option.

b.

Notice that modprobe -r uses the rmmod command to remove the modules.

Also notice that the dependent modules are removed when possible.
The sunrpc module could not be removed because it is a dependent module for
other kernel modules
Use the grep command to list the kernel module dependencies for sunrpc.

# grep sunrpc.ko /lib/modules/`uname r`/modules.dep


kernel/fs/nfs_common/nfs_acl.ko: kernel/net/sunrpc/sunrpc.ko
...
# grep sunrpc.ko /lib/modules/`uname r`/modules.dep | wc l
10
The sunrpc module was not removed when removing the nfs module because
there are several dependencies (10 lines in modules.dep) for the sunrpc module.
5.

Explore the /etc/sysconfig/modules directory.

a.

This directory contains files that specify kernel modules to be loaded at boot time.
List the contents of the /etc/sysconfig/modules directory.

# ls l /etc/sysconfig/modules
...
-rwxr-xr-x.
bluez-uinput.modules
Files in this directory must end in .modules.
b. View the contents of the .modules file.
# cat /etc/sysconfig/modules/bluez-uinput.modules
#!/bin/sh
if [ ! c /dev/input/uinput ]; then
exec /sbin/modprobe uinput
fi
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 7

Oracle Internal & Oracle Academy Use Only

4.

Files in this directory end with .conf and are used for specifying the options that are
to be used with kernel modules.
List the contents of the /etc/modprobe.d directory.

a.

# ls l /etc/modprobe.d
-rw-r--r--.
anaconda.conf
-rw-r--r--.
blacklist.conf
-rw-r--r--.
blacklist-visor.conf
-rw-r--r--.
dist-alsa.conf
-rw-r--r--.
dist.conf
-rw-r--r--.
dist-oss.conf
-rw-r--r--.
openfwwf.conf
b.

Use the grep command to search for the occurrence of alias in the dist.conf file.
# grep alias /etc/modprobe.d/dist.conf
...
alias nfs4 nfs
alias rpc_pipefs sunrpc
...
The alias command is used to create alternate names for kernel modules.

c.

The alias name is the first argument; kernel module name is the second argument.
Load the nfs module using the nfs4 alias name.
# modprobe nfs4
# lsmod | grep nfs
nfs
266190
lockd
66514
fscache
41704
nfs_acl
2477
auth_rpcgss
38928
sunrpc
203671

d.

0
1
1
1
1
5

nfs
nfs
nfs
nfs
nfs,lockd,nfs_acl,auth_rpcgss

Unload the nfs module using the nfs4 alias name.


# modprobe r nfs4
FATAL: Module sunrpc is in use.
WARNING: Error running remove command for sunrpc
# lsmod | grep nfs

e.

Use the grep command to search for the occurrence of options in the
openfwwf.conf file.
# grep options /etc/modprobe.d/openfwwf.conf
options b43 nohwcrypt=1 qos=0
Notice the nohwcrypt and qos options for the b43 kernel module.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 8

Oracle Internal & Oracle Academy Use Only

6.

Notice that the .modules files are executable shell scripts.


Explore the /etc/modprobe.d directory.

f.

Load the b43 kernel module.


# modprobe b43

g.

Use the modinfo command to list detailed information about the b43 kernel module.

# modinfo b43
...
parm:
nohwcrypt:Disable hardware encryption. (int)
parm:
qos:Enable QOS support (default on) (int)
...
Notice the nohwcrypt and qos parameters for the b43 kernel module.
h. Unload the b43 kernel module.
i.

Use the grep command to search for the occurrence of install in the dist.conf file.

# grep install /etc/modprobe.d/dist.conf


...
install net-pf-3 /bin/true
...
For the net-pf-3 kernel module, the /bin/true command runs instead of loading
the kernel module when using modprobe.
j. Attempt to load the net-pf-3 kernel module. Then determine if the module loaded.
# modprobe net-pf-3
# lsmod | grep net-pf-3
Notice that the net-pf-3 kernel module did not load.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 9

Oracle Internal & Oracle Academy Use Only

# modprobe r b43

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 10: Kernel Module Configuration


Chapter 10 - Page 10

Chapter 11

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 11: User


and Group Administration

Practices for Lesson 11


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you create user and group accounts, understand the benefits of user private
groups, configure password aging, and use the User Manager GUI.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 2

Practice 11-1: User Account Administration


Overview
In this practice, you use command-line utilities to create new user accounts, view files that are
updated when adding a new user, modify a user account, set a password for the new user, and
log in as the new user.

Assumptions

You are the root user on host03 VM.

1.

Add a user.
a. Use the command-line utility to add student1 user.
b. View the new student1 entry in the /etc/passwd file.
Notice that the new users UID and GID incremented by one.
Notice that a home directory was created for the new user (/home/student1).
c.

d.
e.

Notice that the default shell for the new user is bash (/bin/bash).
Verify that the new users home directory was created.
A home directory was created because CREATE_HOME in /etc/login.defs is
set to yes.
View the value of CREATE_HOME in /etc/login.defs.
View the default settings for a new user, stored in /etc/default/useradd.
Notice that the SKEL directive is set to /etc/skel.

f.
g.

h.

View the contents of /etc/skel.


View the contents of the new users home directory.
Notice that the contents of SKEL (/etc/skel) are copied to the new users home
directory.
View the new student1 entry in the /etc/group file.

i.

Because Oracle Linux uses a user private group (UPG) scheme, a new private
group (student1, GID=501) was created when the user student1 was created.
View the new student1 entry in the /etc/shadow file.

j.
k.

View the new student1 entry in the /etc/gshadow file.


Add a new user with the following characteristics:
Username=student2
UID=555
GECOS information=Oracle Student2
Default shell=/bin/sh (Bourne shell)

l.

View the new student2 entry in /etc/passwd.


Notice that the UID and GID are 555.
Notice the GECOS information.
Notice the default shell.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

2.

Modify a user account.


a. Modify the GECOS information for student1 user as follows:
GECOS information=Oracle Student1

b.

Notice the !! in the student1 and student2 records, indicating that no


password has been assigned (and that the accounts are locked).
Create a password (of password) for the student1 user.

c.

Ignore the BAD PASSWORD warning, continuing to use password as the


password.
View the /etc/shadow file.
Now the !! for student1 has been replaced with a hashed password value.

4.

Notice that the student2 account is still locked because a password has not been
assigned.
Log in as the new user.
a. Log out as user oracle by selecting Log out oracle from the System menu on the
GNOME desktop.
b. Click Log Out from the pop-up menu.
c. Attempt to log in as student2 by selecting Oracle Student2 from the GNOME
login menu.
You are prompted for a password, but because no password has been assigned to
student2, the account is locked.

d.
e.
f.
g.
h.
i.

Regardless of what you enter for a password, the Authentication failure message
appears, and you cannot log in as student2.
Log in as student1 by selecting Oracle Student1 from the GNOME login menu.
Enter password when prompted for the password.
Click Log In to successfully log in as student1.
Right-click the GNOME desktop to display the pop-up menu.
Select Open in Terminal to open a terminal window.
Verify that you are logged in as student1.

j.

Become the root user. The password is 0racle (leading zero).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 4

Oracle Internal & Oracle Academy Use Only

3.

b. View the student1 entry in the /etc/passwd file.


Assign a password to the new user.
a. View the /etc/shadow file.

Solution 11-1: User Account Administration


Tasks
1.

Add a user.
a. Use the command-line utility to add student1 user.
# useradd student1
Use the cat command to view the new student1 entry in the /etc/passwd file.
# cat /etc/passwd
...
oracle:x:500:500:Oracle Student:/home/oracle:/bin/bash
student1:x:501:501::/home/student1:/bin/bash
Notice that the new users UID and GID incremented by one.
Notice that a home directory was created for the new user (/home/student1).

c.

Notice that the default shell for the new user is bash (/bin/bash).
Use the ls command to verify that the new users home directory was created.

# ls /home
lost+found oracle student1
A home directory was created because CREATE_HOME in /etc/login.defs is
set to yes.
d. View the value of CREATE_HOME in /etc/login.defs.
# grep CREATE_HOME /etc/login.defs
CREATE_HOME
yes
e.

View the default settings for a new user, stored in /etc/default/useradd.

# cat /etc/default/useradd
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
Notice that the SKEL directive is set to /etc/skel.
f. View the contents of /etc/skel.
# ls la /etc/skel
-rw-r--r--. .bash_logout
-rw-r--r--. .bash_profile
-rw-r--r--. .bashrc
drwxr-xr-x. .gnome2
drwxr-xr-x. .mozilla

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 5

Oracle Internal & Oracle Academy Use Only

b.

View the contents of the new users home directory.


# ls la /home/student1
-rw-r--r--. .bash_logout
-rw-r--r--. .bash_profile
-rw-r--r--. .bashrc
drwxr-xr-x. .gnome2
drwxr-xr-x. .mozilla
Notice that the contents of SKEL (/etc/skel) are copied to the new users home
directory.
h. View the new student1 entry in the /etc/group file.

# cat /etc/group
...
oracle:x:500:
student1:x:501:
Because Oracle Linux uses a user private group (UPG) scheme, a new private
group (student1, GID=501) was created when the user student1 was created.
i. View the new student1 entry in the /etc/shadow file.
# cat /etc/shadow
...
oracle:$6$4paxy...:15316:0:99999:7:::
student1:!!:15328:0:99999:7:::
j.

View the new student1 entry in the /etc/gshadow file.


# cat /etc/gshadow
...
oracle:!!::
student1:!!::

k.

Add a new user with the following characteristics:

Username=student2

UID=555

GECOS information=Oracle Student2

Default shell=/bin/sh (Bourne shell)


# useradd u 555 c Oracle Student2 s /bin/sh student2

l.

View the new student2 entry in /etc/passwd.


# tail -2 /etc/passwd
student1:x:501:501::/home/student1:/bin/bash
student2:x:555:555:Oracle Student2:/home/student2:/bin/sh
Notice that the UID and GID are 555.

Notice the GECOS information.


Notice the default shell.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 6

Oracle Internal & Oracle Academy Use Only

g.

2.

Modify a user account.


a. Use the usermod command to modify GECOS information for student1 user as
follows:
# usermod c Oracle Student1 student1
b.

View the student1 entry in the /etc/passwd file.


# grep student1 /etc/passwd
student1:x:501:501:Oracle Student1:/home/student1:/bin/bash

Assign a password to the new user.


a. Use the cat command to view the /etc/shadow file.
# cat /etc/shadow
...
oracle:$6$4paxy...:15316:0:99999:7:::
student1:!!:15328:0:99999:7:::
student2:!!:15328:0:99999:7:::
Notice the !! in the student1 and student2 records, indicating that no
password has been assigned (and that the accounts are locked).
b. Use the passwd command to create a password (of password) for the student1
user.
# passwd student1
Changing password for user student1.
New password: password
BAD PASSWORD: it is based on a dictionary word
Retype new password: password
passwd: all authentication tokens updated successfully.
Ignore the BAD PASSWORD warning, continuing to use password as the
password.
c. View the /etc/shadow file.
# cat /etc/shadow
...
oracle:$6$4paxy...:15316:0:99999:7:::
student1:$6$CN0...:15328:0:99999:7:::
student2:!!:15328:0:99999:7:::
Now the !! for student1 has been replaced with a hashed password value.

Notice that the student2 account is still locked because a password has not been
assigned.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 7

Oracle Internal & Oracle Academy Use Only

3.

Log in as new user.


a. Log out as user oracle by selecting Log out oracle from the System menu, as
shown below.

Oracle Internal & Oracle Academy Use Only

4.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 8

Click Log Out from the pop-up, as shown below.

Oracle Internal & Oracle Academy Use Only

b.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 9

Attempt to log in as student2 by selecting Oracle Student2 from the menu, as


shown below.

You are prompted for a password, but because no password has been assigned to
student2, the account is locked.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 10

Oracle Internal & Oracle Academy Use Only

c.

Regardless of what you enter for a password, the following screen appears, and you
cannot log in as student2.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 11

Log in as student1 by selecting Oracle Student1 from the login menu.


Enter password when prompted for the password, as shown below.

f.

Click Log In to successfully log in as student1.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 12

Oracle Internal & Oracle Academy Use Only

d.
e.

Right-click the desktop to display the pop-up menu as shown below.

h.
i.

Select Open in Terminal to open a terminal window.


From the terminal window, use the whoami command to verify that you are logged in
as student1.
$ whoami
student1

j.

Use the su - command to become the root. The password is 0racle (leading zero).
$ su
Password: 0racle
# whoami
root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 13

Oracle Internal & Oracle Academy Use Only

g.

Practice 11-2: Group Account Administration


Overview
In this practice, you create a new group account and add users to this new group.

Tasks
Add a group.
a. Use the command-line utility to add the students group.
b.
2.

View the new students entry in the /etc/group file.

Notice that the GID for the new group is incremented by one.
Add users to the new group.
a. Add users student1 and student2 to the students group.
Notice that that both student1 and student2 have a secondary group
membership in the students group.
b.

View the primary group membership for student1 and student2.


Notice that student1 primary group is still 501.
Notice that student2 primary group is still 555.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 14

Oracle Internal & Oracle Academy Use Only

1.

Solution 11-2: Group Account Administration


Tasks
1.

Add a group.
a. Use the groupadd command without any options to add the students group.
# groupadd students

2.

View the new students entry in the /etc/group file.

# cat /etc/group
...
oracle:x:500:
student1:x:501:
student2:x:555:
students:x:556:
Notice that the GID for the new group is incremented by one.
Add users to the new group.
a. Use the usermod command to add users student1 and student2 to the students
group.
# usermod aG 556 student1
# tail -1 /etc/group
students:x:556: student1
# usermod aG 556 student2
# tail -1 /etc/group
students:x:556:student1,student2
Notice that both student1 and student2 have a secondary group membership in
the students group.
b. View the primary group membership for student1 and student2.
# grep student /etc/passwd
student1:x:501:501:Oracle Student1:/home/student1:/bin/bash
student2:x:555:555:Oracle Student2:/home/student2:/bin/sh
Notice that student1 primary group is still 501.

Notice that student2 primary group is still 555.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 15

Oracle Internal & Oracle Academy Use Only

b.

Practice 11-3: User Private Groups


Overview
In this practice, you use the UPG scheme to give different users write access to files in a single
directory.

Tasks
1.

Set up a shared /students directory.


a.

Create the /students directory.

b.

Change the group for this /students directory to the students group.

c.

The -R option (recursive) sets the new group for files and directories within
/students.
Set the setgid bit on the directory, and give write permissions to the group.
Notice the new group permissions on the /students directory.

2.

3.

Create files in the /students directory as the oracle user.


a. Add the oracle user to the students group.
b.
c.

Use the su command to become the oracle user.


Use the groups command to display group membership.

d.
e.
f.

Notice that the oracle user belongs to two groups, oracle and students.
Change to the /students directory.
Create a file in the /students directory.
Display the permissions and ownership of the new file.

Notice that the permissions are read-write for the students group.
Create and edit files within the /student directory as a different user.
a. Use the su command to become the student1 user. The password is password.
b. Use the groups command to display group membership.
c.

Notice that the student1 user belongs to two groups, student1 and students.
Change to the /students directory.

d.

Create a file in the /students directory.

e.

Display the permissions and ownership of the new files.


Notice that the permissions are read-write for the students group.
Edit the file created by the oracle user.

f.

g.

Using the touch command to update the time stamp implies write permissions on
the file.
Return to being the root user by logging out as student1 user, and then as the
oracle user.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 16

Oracle Internal & Oracle Academy Use Only

Notice that the group was set to root before issuing the chgrp command.

Solution 11-3: User Private Groups


Tasks
1.

Set up a shared /students directory.


a.

Use the mkdir command to create the /students directory.


# mkdir /students
Use the chgrp command to change the group for this /students directory to the
students group.
# ls ld /students
drwxr-xr-x. root root /students
# chgrp R students /students
# ls ld /students
drwxr-xr-x. root students /students
Notice that the group was set to root before issuing the chgrp command.

c.

2.

The -R option (recursive) sets the new group for files and directories within
/students.
Use the chmod command to set the setgid bit on the directory, and give write
permissions to the group.

# chmod R 2775 /students


# ls ld /students
drwxrwsr-x. root students /students
Notice the new group permissions on the /students directory.
Create files in the /students directory as the oracle user.
a.

Use the usermod command to add the oracle user to the students group.
# usermod aG students oracle

b.

Use the su command to become the oracle user.


# su oracle
$ whoami
oracle

c.

Use the groups command to display group membership.


$ groups
oracle students
Notice that the oracle user belongs to two groups, oracle and students.

d.

Use the cd command to change to the /students directory.


$ cd /students

e.

Use the touch command to create a file in the /students directory.


$ touch oracle_file

f.

Use the ls command to display the permissions and ownership of the new file.
$ ls l oracle_file
rw-rw-r-- oracle students

oracle_file

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 17

Oracle Internal & Oracle Academy Use Only

b.

3.

Notice that the permissions are read-write for the students group.
Create and edit files within the shared directory as a different user.
a. Use the su command to become the student1 user. The password is password.
# su student1
Password: password
$ whoami
student1
b.

Use the groups command to display group membership.

c.

Use the cd command to change to the /students directory.


$ cd /students

d.

Use the touch command to create a file in the /students directory.


$ touch student1_file

e.

Use the ls command to display the permissions and ownership of the files.

$ ls l
rw-rw-r-- oracle
students oracle_file
rw-rw-r-- student1 students student1_file
Notice that the permissions are read-write for the students group.
f. Use the touch command to update the time stamp on the oracle_file.
$ touch oracle_file
Updating the time stamp implies write permissions on the file.
g. Use the exit command twice to log out as the student1 user, and then as the
oracle user.
$ exit
$ whoami
oracle
$ exit
# whoami
root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 18

Oracle Internal & Oracle Academy Use Only

$ groups
student1 students
Notice that the student1 user belongs to two groups, student1 and students.

Practice 11-4: Password Aging


Overview
In this practice, you modify the password aging parameters for a user.

Tasks
1.

View the password aging information.


a. List password aging information in /etc/shadow for user student1.
This example gives 15328 days since password has changed (counted in days
since Jan 1, 1970). This will differ depending on when you created the account.

99999 is the maximum number of days since the password changed that the
password can be used. After this amount of days, the password needs to be
changed by the user.

2.

7 is the number of days before expire date that the user is warned about the
pending password change policy. If the password is not changed after this number
of days, the user account is locked.
b. Use the chage command to view password aging information for user student1.
Modify the password aging parameters.
a. Make the following changes to password aging for user student1:
Minimum password age value = 14
Maximum password age value = 30

b.
c.

Making these changes means that in 14 days, the user has 30 days to change his or
her password.
View the results of the change for student1 in /etc/shadow.
Use the chage command to view password aging information for user student1.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 19

Oracle Internal & Oracle Academy Use Only

0 is the number of days that need to pass before the password must be changed by
the user (0 means never).

Solution 11-4: Password Aging


Tasks
1.

View the password aging information.


a. List password aging information in /etc/shadow for user student1.

b.

99999 is the maximum number of days since the password changed that the
password can be used. After this amount of days, the password needs to be
changed by the user.
7 is the number of days before expire date that the user is warned about the
pending password change policy. If the password is not changed after this number
of days, the user account is locked.
Use the chage command to view password aging information for user student1.
# chage l student1
Last password change
:
Password expires
:
Password inactive
:
Account expires
:
Minimum number of days between password change
:
Maximum number of days between password change
:
Number of days or warning before password expires:

2.

Dec 20, 2011


never
never
never
0
99999
7

Modify the password aging parameters.


a. Make the following changes to password aging for user student1:
Change the minimum password age value to 14
Change the maximum password age value to 30
# chage student1
Changing the aging information for student1
Enter the new value, or press ENTER for the default
Minimum Password Age [0]: 14
Maximum Password Age [99999]: 30
Last Password Change (YYYY-MM-DD) [2011-12-20]: ENTER
Password Expiration Warning [7]: ENTER
Password Inactive [-1]: ENTER
Account Expiration Date (YYYY-MM-DD) [1969-12-31]: ENTER
Making these changes means that in 14 days, the user has 30 days to change his or
her password.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 20

Oracle Internal & Oracle Academy Use Only

# grep student1 /etc/shadow


student1:$6$CN...:15328:0:99999:7:::
This example gives 15328 days since password has changed (counted in days
since Jan 1, 1970). This will differ depending on when you created the account.
0 is the number of days that need to pass before the password must be changed by
the user (0 means never).

b.

View the results of the change for student1 in /etc/shadow.


# grep student1 /etc/shadow
student1:$6$CN...:15328:14:30:7:::
Use the chage command to view password aging information for user student1.
# chage l student1
Last password change
:
Password expires
:
Password inactive
:
Account expires
:
Minimum number of days between password change
:
Maximum number of days between password change
:
Number of days or warning before password expires:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 21

Dec 20, 2011


Jan 19, 2012
never
never
14
30
7

Oracle Internal & Oracle Academy Use Only

c.

Practice 11-5: Using the User Manager GUI


Overview
In this practice, you use the User Manager GUI to add a user, and add and delete a group
account.

Tasks
1.

Add a new user by using the User Manager GUI.


a. Display the User Manager Tool GUI.
b. Click Add User and provide the new user information as follows:
User Name: student3
Password: password
Confirm Password: password
Login Shell: /bin/bash
Create home directory: yes (checked)
Home Directory: /home/student3
c.
d.

2.

3.

Create a private group for the user: yes (checked)


Click OK.
Click Yes to use the weak password.

The updated list of user accounts is displayed.


Add a new group.
a. Click the Groups tab to display the list of group accounts as shown below.
b. Click Add Group and provide a Group Name of your choice when prompted.
c. Click OK and notice the updated group list.
Delete a group.
a. Select the newly added group and click the Delete button.
b. Click Yes to confirm the delete.
c. Select the student1 group and click the Delete button.
Notice that you cannot delete this group, because the user student1 still exists.

4.
5.

6.

Exit the User Manager tool.


a. Select Quit from the File menu.
Log out as user student1.
a. Select Log out student1 from the System menu.
b. Click Log Out from the pop-up window.
Log in as user oracle.
a.

Log in as oracle user by selecting Oracle Student from the login menu.

b.
c.
d.

Enter password of oracle when prompted for the password.


Right-click on the desktop and select Open in Terminal from the pop-up menu.
Use the su - command to become the root user. Password is 0racle (leading
zero).
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 22

Oracle Internal & Oracle Academy Use Only

Full Name: Oracle Student3

Solution 11-5: Using the User Manager GUI


Tasks
1.

Add a new user by using the User Manager GUI.


a. Use the system-config-users command to display the User Manager Tool GUI.

Oracle Internal & Oracle Academy Use Only

# system-config-users

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 23

b.

Click Add User and provide the new user information, as shown below.

c.
d.

Click OK.
Click Yes to use the weak password.
The updated list of user accounts is displayed.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 24

Oracle Internal & Oracle Academy Use Only

Use password for the Password and Confirm Password fields.

Add a new group.


a. Click the Groups tab to display the list of group accounts, as shown below.

b.
c.

Click Add Group and provide a Group Name of your choice when prompted.
Click OK and notice the updated group list.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 25

Oracle Internal & Oracle Academy Use Only

2.

Delete a group
a. Select the newly added group and click the Delete button.
b. Click Yes to confirm the delete, as shown below.

c.
4.

Select the student1 group and click the Delete button.

Notice that you cannot delete this group, because the user student1 still exists.
Exit the User Manager tool.
a. Select Quit from the File menu.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 26

Oracle Internal & Oracle Academy Use Only

3.

Log out as user student1.


a. Log out as user student1 by selecting Log out student1 from the System menu
as shown below.

Oracle Internal & Oracle Academy Use Only

5.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 27

Click Log Out from the pop-up as shown below.

Oracle Internal & Oracle Academy Use Only

b.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 28

Log in as user oracle.


a. Log in as oracle user by selecting Oracle Student from the menu as shown
below.

b.

Enter password of oracle when prompted for the password.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 29

Oracle Internal & Oracle Academy Use Only

6.

c.
d.

Right-click on the desktop and select Open in Terminal from the pop-up menu.
From the command prompt in the terminal window, use the su - command to become
the root user. Password is 0racle (leading zero).

Oracle Internal & Oracle Academy Use Only

$ su
Password: 0racle
# whoami
root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 11: User and Group Administration


Chapter 11 - Page 30

Chapter 12

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 12:


Oracle Linux Filesystems

Practices for Lesson 12


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you:


Display the partition table, list the mounted filesystems, and display the swap space
configured during installation
Partition disk devices, and create and mount filesystems on the partitions
Mount a filesystem with ACL support
Increase the amount of swap space by creating a swap file
Set quotas on a directory

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 2

Practice 12-1: Listing the Current Disk Partitions


Overview
In this practice, you verify the selections made during installation regarding disk partitioning,
mount points for filesystems, and swap space.

Assumptions

You are the root user on host03 VM.

1.

Relate the partition table to selections made during installation.


Recall that you created three virtual disk images prior to initiating the installation:
A 12 GB disk image (system.img) for the operating system
A 5 GB disk image (u01.img) for the various storage administration practices

a.

A 5 GB disk image (u02.img) for the various storage administration practices


These three Storage Devices were presented during the installation.
Display the partition table.
This lists the three storage devices:
/dev/xvda, approximately 12 GB in size
/dev/xvdb, approximately 5 GB in size
/dev/xvdd, approximately 5 GB in size
This also indicates that the first partition on xvda contains Boot files (marked with
*).
This also indicates that the fourth partition on xvda is an Extended partition.

2.

A maximum of four primary partitions can be placed on any hard disk.


One of the four partitions may be designated as an extended partition.
This extended partition may then be subdivided into multiple logical partitions.
The /dev/xvda5 is a logical partition.
Relate the mounted partitions to selections made during installation.
Recall the final partition table created during the installation.
a. List the mounted filesystems.
The first partition on hard drive xvda (xvda1) contains boot files, mounted on
/boot.
The second partition on hard drive xvda (xvda2) is the root filesystem, mounted on
/.

3.

The third partition on hard drive xvda (xvda3) is for user home directories, mounted
on /home.
Relate the swap space to selections made during installation.
a. Use the swapon -s command to display the swap space.
The fifth partition (the first logical partition) on hard drive xvda (xvda5) is swap
space.
The /proc/swaps file provides the same information.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 12-1: Listing the Current Disk Partitions


Tasks
Relate the partition table to selections made during installation.
Recall that you created three virtual disk images prior to initiating the installation:
12 GB disk image (system.img) for the operating system
5 GB disk image (u01.img) for the various storage administration practices
5 GB disk image (u02.img) for the various storage administration practices

These three Storage Devices were presented during the installation, as shown below.

a.

Use the fdisk command to display the partition table.


# fdisk l | grep /dev
Disk /dev/xvda: 12.9 GB, 12884901888
/dev/xvda1
*
1
13
102400
/dev/xvda2
13
778 6144000
/dev/xvda3
778
1033 2048000
/dev/xvda4
1033
1567 4287488
/dev/xvda5
1033
1567 4286464
Disk /dev/xvdb: 5368 MB, 5368709120
Disk /dev/xvdd: 5368 MB, 5368709120
This lists the three storage devices:

bytes
83 Linux
83 Linux
83 Linux
5 Extended
82 Linux swap / Solaris
bytes
bytes

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 4

Oracle Internal & Oracle Academy Use Only

1.

/dev/xvda, approximately 12 GB in size

/dev/xvdb, approximately 5 GB in size

/dev/xvdd, approximately 5 GB in size

This also indicates that the first partition on xvda contains Boot files (marked with
*).

This also indicates that the fourth partition on xvda is an Extended partition.

A maximum of four primary partitions can be placed on any hard disk.

One of the four partitions may be designated as an Extended partition.


This Extended partition may then be subdivided into multiple logical partitions.

The /dev/xvda5 is a logical partition as shown below.


Relate the mounted partitions to selections made during installation.
Recall the final partition table created during the installation, shown below.

a.

Use the df command to list the mounted partitions.


# df h
Filesystem
/dev/xvda2
...
/dev/xvda1
/dev/xvda3

Size
5.8G

Used
2.8G

Avail
2.8G

Use%
50%

97M
2.0G

47M
38M

46M
1.8G

51%
2%

Mounted on
/
/boot
/home

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 5

Oracle Internal & Oracle Academy Use Only

2.

The first partition on hard drive xvda (xvda1) contains boot files, mounted on
/boot.

The second partition on hard drive xvda (xvda2) is the root filesystem, mounted on
/.

# swapon s
Filename
Type
Size
Used Priority
/dev/xvda5
partition
4286456 0
-1
The fifth partition (the first logical partition) on hard drive xvda (xvda5) is swap
space.
The /proc/swaps file provides the same information.
# cat /proc/swaps
Filename
/dev/xvda5

Type
partition

Size
Used
4286456 0

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 6

Priority
-1

Oracle Internal & Oracle Academy Use Only

3.

The third partition on hard drive xvda (xvda3) is for user home directories, mounted
on /home.
Relate the swap space to selections made during installation.
a. Use the swapon command to display the swap space.

Practice 12-2: Partitioning a Storage Device


Overview
In this practice, you create a partition by using the fdisk utility, and create a second partition
by using the parted utility.

Tasks
Partition a storage device by using fdisk.
a.

2.

Use the fdisk command to partition /dev/xvdb.

DOS does not allow a partition to start (or end) mid-cylinder. Toggling those two
items ('c' and 'u') allows partition start and end points to be entered in a sector-exact
way, rather than by cylinder.
b. Perform the recommended actions (switch off DOS-compatible mode and change
display units to sectors).
c. Display the fdisk menu.
d. Add a new primary partition, giving the partition number 1.
As was previously discussed, a maximum of four primary partitions can be placed
on any hard disk.
One of the four partitions may be designated as an extended partition. This partition
may then be subdivided into multiple logical partitions.
e. Continue adding the new partition, using the parameters given below.
First sector: 2048 (default)
Last sector: 2100000
f. Print the new partition table.
g. Save the new partition table (write the table to disk and exit).
h. Use the fdisk command to list the partition table on /dev/xvdb.
Partition a storage device by using parted.
a. Use the parted command to partition /dev/xvdd.
b. View a list of commands.
c. Print the partition table.
Notice that the disk has not been partitioned.
d. Get help for the mkpart command.
e. Use the mkpart command to create a partition, using the parameters given below.

f.
g.
h.

Partition type: primary


Filesystem type: press Enter (take the default)
Start: 0
End: 20%
Ignore the warning (press i)
Print the partition table.
Save the partition table and exit.
Use the fdisk command to list the partition table on /dev/xvdd.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 7

Oracle Internal & Oracle Academy Use Only

1.

3.

Display the major and minor numbers.


a. Display the partitions in /proc/partitions.

Oracle Internal & Oracle Academy Use Only

b.

The kernel uses the major and minor numbers to access a device.
List the major and minor numbers for devices in /dev.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 8

Solution 12-2: Partitioning a Storage Device


Tasks
Partition a storage device using fdisk.
a.

Use the fdisk command to partition /dev/xvdb.

# fdisk /dev/xvdb
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help):
DOS does not allow a partition to start (or end) mid-cylinder. Toggling those two
items ('c' and 'u') allows partition start and end points to be entered in a sector-exact
way, rather than by cylinder.
b. Perform the recommended actions (switch off DOS-compatible mode and change
display units to sectors).
Command (m for help): c
DOS Compatibility flag is not set
Command (m for help): u
Changing display/entry units to sectors
c.

Display the fdisk menu.


Command (m for help): m
a
toggle a bootable flag
b
edit bsd disklabel
c
toggle the dos compatibility flag
d
delete a partition
l
list known partition types
m
print this menu
n
add a new partition
o
create a new empty DOS partition table
p
print the partition table
q
quit without saving changes
s
create a new empty sun disklabel
t
change a partitions system id
u
change display/entry units
v
verify the partition table
w
write table to disk and exit
x
extra functionality (experts only)

d.

Add a new primary partition, giving the partition number 1.


Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 9

Oracle Internal & Oracle Academy Use Only

1.

p
Partition number (1-4): 1
As was previously discussed, a maximum of four primary partitions can be placed
on any hard disk.
One of the four partitions may be designated as an extended partition. This partition
may then be subdivided into multiple logical partitions.
e. Continue adding the new partition, using the parameters given below.

f.

Display the new partition table.


Command (m for help): p
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot
Start
End
Blocks
/dev/xvdb1
2048
2100000
1048976+

g.

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

h.

Use the fdisk command to list the partition table on /dev/xvdb.


# fdisk l /dev/xvdb
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot
Start
End
Blocks
/dev/xvdb1
1
519
1048976+

2.

Id
83

Id
83

System
Linux

System
Linux

Partition a storage device by using parted.


a.

Use the parted command to partition /dev/xvdd.


# parted /dev/xvdd
GNU Parted 2.1
Using /dev/xvdd
Welcome to GNU Parted! Type help to view a list of commands.
(parted)

b.

Enter help to view a list of commands.


(parted) help
align-check TYPE N
alignment
check NUMBER
...

check partition N for TYPE(min|opt)


do a simple check on the file system

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 10

Oracle Internal & Oracle Academy Use Only

First sector (2048-10485759, default 2048): ENTER


Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-10485759, default
10485759): 2100000

Enter print to print the partition table.

(parted) print
Model: Xen Virtual Block Device (xvd)
Disk /dev/xvdd: 5369MB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start
End
Size
Type
File system
Notice that the disk has not been partitioned.
d. Get help for the mkpart command.

Flags

(parted) help mkpart


mkpart PART-TYPE [FS-TYPE] START END
make a partition
PART-TYPE is one of: primary, logical, extended
FS-TYPE is one of: ext4, ext3, ext2, fat32, fat16...
START and END are disk locations, such as 4GB or 10%...
mkpart makes a partition without creating a new file
system on the partition. FS-TYPE may be specified to set
an appropriate partition ID.
e.

Use the mkpart command to create a partition, using the parameters given below.
(parted) mkpart
Partition type? primary/extended? primary
File system type? [ext2] ENTER
Start? 0
End? 20%
Warning: The resulting partition is not properly aligned for
best performance. Ignore/Cancel? i

f.

Print the partition table.


(parted) print
Model: Xen Virtual Block Device (xvd)
Disk /dev/xvdd: 5369MB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start
End
Size
Type
File system
1
512B
1074MB
1074MB
primary

g.

Flags

Save the partition table and exit.


(parted) quit
Information: You may need to update /etc/fstab

h.

Use the fdisk command to list the partition table on /dev/xvdd.


# fdisk l /dev/xvdd
Disk /dev/xvdd: 5368 MB, 5368709120 bytes
...
Device
Boot
Start
End
Blocks
/dev/xvdd1
1
1886
1048575+
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 11

Id
83

System
Linux

Oracle Internal & Oracle Academy Use Only

c.

Display the major and minor numbers.


a. Display the partitions in /proc/partitions.
# cat /proc/partitions
major minor #blocks name
202
0 12582912 xvda
202
1
102400 xvda1
202
2
6144000 xvda2
202
3
2048000 xvda3
202
4
1 xvda4
202
5
4286464 xvda5
202
16
5242880 xvdb
202
17
1048976 xvdb1
202
48
5242880 xvdd
202
49
1048575 xvdd1
The kernel uses the major and minor numbers to access a device.
b. Use the ls command to list the major and minor numbers for devices in /dev.
# ls l /dev/xvd*
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root
brw-rw----. 1 root

disk
disk
disk
disk
disk
disk
disk
disk
disk
disk

202,
202,
202,
202,
202,
202,
202,
202,
202,
202,

0
1
2
3
4
5
16
17
48
49

Dec
Dec
Dec
Dec
Dec
Dec
Dec
Dec
Dec
Dec

22
22
22
22
22
22
22
22
22
22

05:19
03:18
03:18
03:18
03:18
03:18
05:19
03:18
06:22
10:25

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 12

/dev/xvda
/dev/xvda1
/dev/xvda2
/dev/xvda3
/dev/xvda4
/dev/xvda5
/dev/xvdb
/dev/xvdb1
/dev/xvdd
/dev/xvdd1

Oracle Internal & Oracle Academy Use Only

3.

Practice 12-3: Creating ext Filesystems


Overview
In this practice, you create ext3 and ext4 filesystems on the new partitions, mount the
filesystems, and update the filesystem mount table.

Tasks

2.

Make an ext3 filesystem on /dev/xvdb1.


a.

Make an ext3 filesystem on /dev/xvdb1.

b.

Display the attributes of the /dev/xvdb1 block device.

Make an ext4 filesystem on /dev/xvdd1.


a.
b.

3.

Make an ext4 filesystem on /dev/xvdd1 and assign a label of Test.


Display the attributes of the /dev/xvdd1 block device.

Set the filesystem label on /dev/xvdb1.


a.
b.

4.

Set the filesystem label on /dev/xvdb1 to Dev.


Display the attributes of all the block devices.
Notice that both /dev/xvdb1 and /dev/xvdd1 now have labels.
Mount the filesystems.
a. Create the following directories to be used as mount points.
/Test
/Dev

5.

b.

Mount /dev/xvdb1 on /Dev.

c.
d.
e.

Mount /dev/xvdd1 on /Test.


Use the df command to display the mounted filesystems.
Use the mount command to display the mounted filesystems.

Notice that the filesystems are mounted read-write (rw) by default.


f. Display the mounts in /proc/mounts.
Update the filesystems mount table.
a. Add the following two entries to /etc/fstab.

LABEL=Dev

/Dev

ext3

defaults

LABEL=Test

/Test

ext4

defaults

After updating /etc/fstab, the new filesystems will mount after a reboot.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 13

Oracle Internal & Oracle Academy Use Only

1.

Solution 12-3: Creating ext Filesystems


Tasks
Make an ext3 filesystem on /dev/xvdb1.
a.

Use the mkfs command to make an ext3 filesystem on /dev/xvdb1.


# mkfs t ext3 /dev/xvdb1
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
...
Writing inode tables: done
Creating journal (8192 blocks): done
...

b.

Use the blkid command to display the attributes of the /dev/xvdb1 block device.
# blkid /dev/xvdb1
/dev/xvdb1: UUID=5309cc7a... SEC_TYPE=ext2 TYPE=ext3

2.

Make an ext4 filesystem on /dev/xvdd1.


a. Use the mkfs command to make an ext4 filesystem on /dev/xvdd1 and assign a
label of Test.
# mkfs t ext4 L Test /dev/xvdd1
mke2fs 1.41.12 (17-May-2010)
Filesystem label=Test
OS type: Linux
...
Writing inode tables: done
Creating journal (4096 blocks): done
...
b.

Display the attributes of the /dev/xvdd1 block device.


# blkid /dev/xvdd1
/dev/xvdd1: LABEL=Test UUID=048b6205... TYPE=ext4

3.

Set the filesystem label on /dev/xvdb1.


a.

Use the e2label command to set the filesystem label on /dev/xvdb1 to Dev.
# e2label /dev/xvdb1 Dev

b.

Display the attributes of all the block devices.


# blkid
/dev/xvdb1: UUID=5309cc7a... SEC_TYPE=ext2 TYPE=ext3
LABEL=Dev
/dev/xvdd1: LABEL=Test UUID=048b6205... TYPE=ext4
/dev/xvda1: UUID=600039db... TYPE=ext4
/dev/xvda2: UUID=6f6afe2d... TYPE=ext4
/dev/xvda3: UUID=58705bf5... TYPE=ext4
/dev/xvda5: UUID=f1c923a6... TYPE=swap
Notice that both /dev/xvdb1 and /dev/xvdd1 now have labels.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 14

Oracle Internal & Oracle Academy Use Only

1.

4.

Mount the filesystems.


a. Use the mkdir command to create mount points.
# mkdir /Test /Dev
b.

Use the mount command to mount /dev/xvdb1 on /Dev.


# mount /dev/xvdb1 /Dev

c.

Mount /dev/xvdd1 on /Test.


# mount /dev/xvdd1 /Test
Use the df command to display the mounted filesystems.
# df h
Filesystem
/dev/xvda2
...
/dev/xvda1
/dev/xvda3
...
/dev/xvdb1
/dev/xvdd1

e.

Size
5.8G

Used
2.8G

Avail
2.8G

Use%
50%

Mounted on
/

97M
2.0G

47M
38M

46M
1.8G

51%
2%

/boot
/home

1008M
1008M

34M
18M

924M
940M

4%
2%

/Dev
/Test

Use the mount command to display the mounted filesystems.

# mount
/dev/xvda2 on / type ext4 (rw)
...
/dev/xvda1 on /boot type ext4 (rw)
/dev/xvda3 on /home type ext4 (rw)
...
/dev/xvdb1 on /Dev type ext3 (rw)
/dev/xvdd1 on /Test type ext4 (rw)
Notice that the filesystems are mounted read-write (rw) by default.
f. Display the mounts in /proc/mounts.
# cat /proc/mounts
rootfs / rootfs rw 0 0
/proc /proc proc rw,relatime 0 0
...
/dev/xvdb1 /Dev ext3 rw,seclabel,relatime,errors=continue...
/dev/xvdd1 /Test ext4 rw,seclabel,relatime,barrier=1,...
5.

Update the filesystems mount table.


a. Use the vi editor to add the following entries to /etc/fstab.
# vi /etc/fstab
LABEL=Dev
/Dev
ext3 defaults 0 0
LABEL=Test /Test ext4 defaults 0 0
After updating /etc/fstab, the new filesystems will mount after a reboot.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 15

Oracle Internal & Oracle Academy Use Only

d.

Practice 12-4: Implementing Access Control Lists


Overview
In this practice, you create an ACL on a directory.

Assumptions

You will switch between the root user and the oracle user for this practice.

Tasks
1.

Open a tab in the current window.


a. From the terminal window menu bar, select File > Open Tab, or press Shift + Ctrl + T.

2.

3.
4.

As the oracle user, use the touch command to create the test file in the /Dev
directory.
Notice that you do not have permission to create files in the /Dev directory.
As the root user, use the getfacl command to display the /Dev directorys ACL.
As the root user, use the setfacl command to add a rule to the ACL giving the oracle
user read, write, and execute permissions to the /Dev directory.

5.
6.

7.

Notice that the command failed because the filesystem was not mounted with the -o
acl option.
As the root user, un-mount /Dev and mount again with ACL support.
As the root user, use the setfacl command to add a rule to the ACL giving the oracle
user read, write, and execute permissions to the /Dev directory.
Notice that the command succeeded this time.
As the root user, use the getfacl command to display the /Dev directorys ACL.

Notice the new user:oracle:rwx line in the output of the getfacl command.
8. As the root user, use the ls ld command to display the permissions for the /Dev
directory.
Notice the plus sign (+), indicating that the directory has an ACL.
9. As the oracle user, use the touch command to create the test file in the /Dev
directory.
Notice that the command succeeded this time.
10. As the oracle user, display a long listing of the /Dev directory.

Notice that the test file is owned by the oracle user.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 16

Oracle Internal & Oracle Academy Use Only

You are the root user in one tab and you are the oracle user in the other.

Solution 12-4: Implementing Access Control Lists


Tasks
1.

Open a tab in the current window.


a. From the terminal window menu bar, select File > Open Tab, or press Shift + Ctrl + T.

2.

3.

As the oracle user, use the touch command to create the test file in the /Dev
directory.
[oracle@host03]$ touch /Dev/test
touch: cannot touch Dev/test: Permission denied
Notice that you do not have permission to create files in the /Dev directory.
As the root user, use the getfacl command to display the /Dev directorys ACL.
[root@host03]# getfacl /Dev
getfacl: Removing leading / from absolute path names
# file: Dev
# owner: root
# group: root
user::rwx
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 17

Oracle Internal & Oracle Academy Use Only

Your window should look similar to the following screenshot.


You are the root user in one tab and you are the oracle user in the other.

group::r-x
other::r-x
4.

As the root user, use the setfacl command to add a rule to the ACL giving the oracle
user read, write, and execute permissions to the /Dev directory.

5.

[root@host03]# setfacl m u:oracle:rwx /Dev


setfacl: /Dev: Operation not supported
Notice that the command failed because the filesystem was not mounted with the -o
acl option.

As the root user, un-mount /Dev and mount again with ACL support.

6.

7.

8.

As the root user, use the setfacl command to add a rule to the ACL giving the oracle
user read, write, and execute permissions to the /Dev directory.
[root@host03]# setfacl m u:oracle:rwx /Dev
Notice that the command succeeded this time.
As the root user, use the getfacl command to display the /Dev directorys ACL.
[root@host03]# getfacl /Dev
getfacl: Removing leading / from absolute path names
# file: Dev
# owner: root
# group: root
user::rwx
user:oracle:rwx
group::r-x
mask::rwx
other::r-x
Notice the new user:oracle:rwx line in the output of the getfacl command.
As the root user, use the ls ld command to display the permissions for the /Dev
directory.

9.

[root@host03]# ls -ld /Dev


drwxrwxr-x+ ... /Dev
Notice the plus sign (+), indicating that the directory has an ACL.

As the oracle user, use the touch command to create the test file in the /Dev
directory.

[oracle@host03]$ touch /Dev/test


Notice that the command succeeded this time.
10. As the oracle user, use the ls command to display a long listing of the /Dev directory.

[oracle@host03]$ ls -l /Dev
drwx------. 2 root
root ...
lost+found
-rw-rw-r--. 1 oracle oracle ... test
Notice that the test file is owned by the oracle user.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 18

Oracle Internal & Oracle Academy Use Only

[root@host03]# umount /Dev


[root@host03]# mount o acl /dev/xvdb1 /Dev

Practice 12-5: Creating a btrfs Filesystem


Overview
In this practice, you install the btrfs package, create a new partition, create a btrfs filesystem
on the new partition, and mount the filesystem.

Assumptions

The btrfs package is not installed.

You completed Practice 6-3 (Creating a Local Yum Repository)

You are the root user on host03.

1.

2.

Install the btrfs package.


a. Change to the /media/OL*/Packages directory.
b. Determine the btrfs package name.
c. Determine whether the btrfs package is already installed.
d. Use the yum command to install the btrfs package.
e. Verify that the btrfs package is installed.
Create a new partition on /dev/xvdb.
a.

Un-mount all filesystems currently mounted on /dev/xvdb.

b.

3.

Use the fdisk command to create a new primary partition on /dev/xvdb, using the
parameters given below.
Partition number: 2
First cylinder: 519 (default)
Last cylinder (or +size): +1G
c. Print the new partition table.
d. Save the new partition table.
e. Re-mount the /dev/xvdb1 partition on /Dev.
Make a btrfs filesystem on /dev/xvdb2.
a.

4.

Use the mkfs.btrfs command to make a btrfs filesystem on /dev/xvdb2.

b. Display the attributes of the /dev/xvdb2 block device.


Mount the btrfs filesystem.
a. Create a /Btrfs mount point.
b.

Mount /dev/xvdb2 on /Btrfs.

c.
d.
e.

Display the mounted filesystems by using the df and mount commands.


Display the mounts in /proc/mounts.
Add the following entry to /etc/fstab.
/dev/xvdb2

/Btrfs

btrfs

defaults

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 19

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 12-5: Creating a btrfs Filesystem


Tasks
1.

Install the btrfs package.


a. Change to the /media/OL*/Packages directory
# cd /media/OL*/Packages
# pwd
/media/OL6.1 x86)64 Disc 1 20110526/Packages
b.

Use the ls command to determine the btrfs package name.

c.

Use the rpm command to determine whether the btrfs package is already installed.
# rpm qa btrfs-progs
In this example, the btrfs package is not installed.

d.

Use the yum command to install the btrfs package.


# yum install btrfs-progs
Loaded plugins: refresh-packagekit
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package btrfs-progs.x86_64 0:0.19-12.el6 will be installed
...
Total download size: 194 k
Installed size: 1.5 M
Is this ok [y/N]: y
Downloading packages:
...
Installing btrfs-progs-0.19-12.el6.x86_64
1/1
Installed btrfs-progs-0.19-12.el6.x86_64
Complete!

e.

Use the rpm command to verify that the btrfs is installed.


# rpm qa btrfs-progs
btrfs-progs-0.19-12.el6.x86_64

2.

Create a new partition on /dev/xvdb.


a.

Un-mount all filesystems currently mounted on /dev/xvdb.


# df h | grep xvdb
/dev/xvdb1
1008M
# umount /dev/xvdb1

34M

924M

4%

/Dev

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 20

Oracle Internal & Oracle Academy Use Only

# ls *btrfs*
btrfs-progs-0.19-12.el6.x86_64.rpm

Use the fdisk command to create a new primary partition on /dev/xvdb, using the
parameters given below.
# fdisk /dev/xvdb
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (519-2590, default 519): ENTER
Using default value 519
Last cylinder, +cylinders or +size{K,M,G} (519-2590, default
2590): +1G

c.

Print the new partition table.


Command (m for help): p
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot Start
End
Blocks
/dev/xvdb1
1
519
1048976+
/dev/xvdb2
519
1037
1048887+

d.

Id
83
83

System
Linux
Linux

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

e.

Re-mount the /dev/xvdb1 partition on /Dev.


# mount /dev/xvdb1 /Dev

3.

Make a btrfs filesystem on /dev/xvdb2.


a.

Use the mkfs.btrfs command to make a btrfs filesystem on /dev/xvdb2.


# mkfs.btrfs /dev/xvdb2
WARNING! Btrfs Btrfs v0.19 IS EXPERIMENTAL
WARNING! see http://btrfs.wiki.kernel.org before using
Fs created label (null) on /dev/xvdb2
Nodesize 4096 leafsize 4096 sectorsize 4096 size 1.00GB
Btrfs Btrfs v0.19

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 21

Oracle Internal & Oracle Academy Use Only

b.

b.

Use the blkid command to display the attributes of the /dev/xvdb2 block device.
# blkid /dev/xvdb2
/dev/xvdb2: UUID=63468f21... UUID_SUB=bba22c08...
TYPE=btrfs

4.

Mount the btrfs filesystem.


a. Use the mkdir command to create a /Btrfs mount point.
# mkdir /Btrfs
b.

Use the mount command to mount /dev/xvdb2 on /Btrfs.


# mount /dev/xvdb2 /Btrfs
Display the mounted filesystems by using the df and mount commands.
# df h
Filesystem
Size Used Avail Use%
...
/dev/xvdb2
1.1G
28M
1.1G
1%
# mount
...
/dev/xvdb2 on /Btrfs type btrfs (rw)

d.

Mounted on
/Btrfs

Display the mounts in /proc/mounts.


# cat /proc/mounts
...
/dev/xvdb2 /Btrfs btrfs rw,seclabel,relatime,ssd 0 0

e.

Use the vi editor to update the filesystems mount table, /etc/fstab.


# vi /etc/fstab
/dev/xvdb2
/Btrfs

btrfs

defaults

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 22

Oracle Internal & Oracle Academy Use Only

c.

Practice 12-6: Increasing Swap Space


Overview
In this practice, you increase the amount of swap space by creating, initializing, and enabling a
swap file.

Tasks

2.

3.

Display the current amount of swap space.


a. Use the swapon -s command to display the current amount of swap space.
b. Display the amount of swap space used, by viewing the /proc/meminfo file.
c. Use the free command to display the amount of swap space.
Create and initialize a swap file.
a. Use the dd command to create a 1 GB swap file, /swapfile.
b. Initialize the swap file.
Enable swapping on the swap file.
a. Enable swapping on the swap file.
b. Display the updated amount of swap space (repeat step 1).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 23

Oracle Internal & Oracle Academy Use Only

1.

Solution 12-6: Increasing Swap Space


Tasks
Display the current amount of swap space.
a. Use the swapon command to display the current amount of swap space.
# swapon s
Filename
/dev/xvda5
b.

Type
partition

Size
Used
4286456 0

Priority
-1

Display the amount of swap space using by viewing the /proc/meminfo file.
# grep i swap /proc/meminfo
SwapCached:
0 kB
SwapTotal:
4286456 kB
SwapFree:
4286456 kB

c.

Use the free command to display the amount of swap space.


# free
...
Swap

2.

total

used

free

4286456

4286456

Create and initialize a swap file.


a. Use the dd command to create a 1 GB swap file, /swapfile.
# dd if=/dev/zero of=/swapfile bs=1024 count=1000000
1000000+1 records in
1000000+1 records in
1024000000 bytes (1.0 GB) copied, 7.97119 s, 128 MB/s
b.

Use the mkswap command to initialize the swap file.


# mkswap /swapfile
mkswap: /swapfile: warning: dont erase bootbits sectors
on whole disk. Use f to force.
Setting up swapspace version 1, size = 999996 KiB
no label, UUID=0dc3d607...

3.

Enable swapping on the swap file.


a. Use the swapon command to enable swapping on the swap file.
# swapon /swapfile
b.

Display the updated amount of swap space (repeat step 1).


# swapon s
Filename
Type
/dev/xvda5
partition
/swapfile
file
# grep i swap /proc/meminfo
SwapCached:
0 kB

Size
Used
4286456 0
999992 0

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 24

Priority
-1
-2

Oracle Internal & Oracle Academy Use Only

1.

SwapTotal:
SwapFree:
# free

total

used

free

5286448

5286448

Oracle Internal & Oracle Academy Use Only

...
Swap

5286448 kB
5286448 kB

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 25

Practice 12-7: Setting Disk Quotas


Overview
In this practice, you set quotas on a directory for the oracle user. You also remove the quotas
and the ACL on the directory.

Assumptions

You switch between the root user and the oracle user for this practice.

1.

2.

As the root user, use the vi editor to change the entry in /etc/fstab for /Dev and
include ACL support and the user and group quota options.
LABEL=Dev /Dev ext3 defaults
0 0 (old entry)
LABEL=Dev /Dev ext3 acl,usrquota,grpquota 0 0 (new entry)
As the root user, use the mount command with the o remount option to remount /Dev.

3.
4.

As the root user, use the mount command to display the new mount options on /Dev.
As the root user, use the quotacheck command to create disk usage tables for /Dev.

5.

Notice the Permission denied message.


This is caused by an SELinux policy enforcement.
The following command temporarily disables SELinux enforcement.
As the root user, use the echo 0 > /selinux/enforce command to disable SELinux.

6.

SELinux is covered in Lesson 20 Security Administration.


As the root user, use the quotacheck command to create disk usage tables for /Dev.

Notice the command succeeded this time.


7. As the root user, use the ls command to display the files created in /Dev.
8. As the root user, use the quotaon command to enable quotas on /Dev.
9. As the root user, use the repquota command to report disk usage on /Dev.
10. As the root user, use the edquota command to limit the oracle user.

a.

This command invokes the vi editor.


Change the block quota to set a hard limit of 2048 blocks (2 MB) for the oracle user.
/dev/xvdb1
0
0
0
1
0
0 (old entry)
/dev/xvdb1
0
0 2048
1
0
0 (new entry)

Alternatively, you could use the setquota oracle 0 2048 0 0 /Dev


command.
11. As the root user, use the repquota command to report disk usage on /Dev.
12. As the oracle user, use the dd if=/dev/zero of=bigfile bs=1M count=4096
command to attempt to create a 4 MB file on /Dev.
13. As the oracle user, use the ls command to display a long listing of the /Dev directory.

Notice the bigfile is not 4 MB, but was truncated after quota limits were reached.

14. As the oracle user, use the quota command to display quota information.
15. As the oracle user, delete the bigfile file in the /Dev directory.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 26

Oracle Internal & Oracle Academy Use Only

Tasks

16. As the oracle user, use the quota command to display quota information.
Notice the difference in the number of blocks and number of files from step 14.
17. As the oracle user, delete the test file in the /Dev directory.
18. As the root user, use the setquota oracle 0 0 0 0 /Dev command to reset the
disk quota for the oracle user.
19. Remove ACL from /Dev.
a.
b.

As the root user, use the setfacl command to remove the ACL from the /Dev
directory.
As the root user, use the getfacl command to display the /Dev directorys ACL.
Notice that the user:oracle:rwx line in the output has been removed.

20.

21.
22.
23.

As the root user, display the permissions for the /Dev directory.

Notice that there is no plus sign (+), indicating that the directory has no ACL.
As the root user, use the vi editor to change the entry in /etc/fstab for /Dev to
remove the ACL and the user and group quota options.
LABEL=Dev /Dev ext3 acl,usrquota,grpquota 0 0 (old entry)
LABEL=Dev /Dev ext3 defaults
0 0 (new entry)
As the root user, use the mount command with the o remount option to remount /Dev.
As the root user, use the mount command to display the new mount options on /Dev.
Click the X on the oracle@host03 tab to close the tab.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 27

Oracle Internal & Oracle Academy Use Only

c.

Solution 12-7: Setting Disk Quotas


Tasks
1.

As the root user, use the vi editor to change the entry in /etc/fstab for /Dev and
include ACL support and the user and group quota options.
[root@host03]# vi /etc/fstab
LABEL=Dev /Dev ext3 defaults
0 0 (old entry)
LABEL=Dev /Dev ext3 acl,usrquota,grpquota 0 0 (new entry)

2.

As the root user, use the mount command with the o remount option to remount /Dev.
[root@host03]# mount o remount /Dev
As the root user, use the mount command to display the new mount options on /Dev.
[root@host03]# mount | grep /Dev
/dev/xvdb1 on /Dev type ext3 (rw,acl,userquota,grpquota)

4.

As the root user, use the quotacheck command to create disk usage tables for /Dev.

5.

[root@host03]# quotacheck cug /Dev


quotacheck: Cannot create new quotafile /Dev/aquota.user.new
(Permission denied
...
Notice the Permission denied message.
This is caused by an SELinux policy enforcement.
The following command temporarily disables SELinux enforcement.
As the root user, use the echo 0 > /selinux/enforce command to disable SELinux.

6.

[root@host03]# echo 0 > /selinux/enforce


SELinux is covered in Lesson 20 Security Administration.
As the root user, use the quotacheck command to create disk usage tables for /Dev.

7.

[root@host03]# quotacheck cug /Dev


Notice the command succeeded this time.
As the root user, use the ls command to display the files created in /Dev.
[root@host03]# ls l /Dev
-rw-------. root root ... aquota.group
-rw-------. root root ... aquota.user
...

8.

As the root user, use the quotaon command to enable quotas on /Dev.
[root@host03]# quotaon /Dev

9.

As the root user, use the repquota command to report disk usage on /Dev.
[root@host03]# repquota /Dev
*** Report for user quotas on device /dev/xvdb1
Block grace time: 7days; Inode grace time: 7days
Block limits
File limits
User
used soft
hard grace used soft hard
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 28

grace

Oracle Internal & Oracle Academy Use Only

3.

------------------------------------------------------------root
-- 34088
0
0
4
0
0
oracle -0
0
0
1
0
0

This command invokes the vi editor.

a.

Change the block quota to set a hard limit of 2048 blocks (2 MB) for the oracle user.

[root@host03]# edquota oracle


Disk quotas for user oracle (uid 500):
Filesystem blocks soft hard inodes soft hard
/dev/xvdb1
0
0
0
1
0
0 (old entry)
/dev/xvdb1
0
0 2048
1
0
0 (new entry)
Alternatively, you could use the setquota oracle 0 2048 0 0 /Dev
command.
11. As the root user, use the repquota command to report disk usage on /Dev.
[root@host03]# repquota /Dev
*** Report for user quotas on device /dev/xvdb1
Block grace time: 7days; Inode grace time: 7days
Block limits
File limits
User
used soft
hard grace used soft hard grace
------------------------------------------------------------root
-- 34088
0
0
4
0
0
oracle -0
0
2048
1
0
0
12. As the oracle user, use the dd if=/dev/zero of=bigfile bs=1M count=4096
command to attempt to create a 4 MB file on /Dev.
[oracle@host03]$ cd /Dev
[oracle@host03]$ dd if=/dev/zero of=bigfile bs=1M count=4096
dd: writing bigfile: Disk quota exceeded
2+0 records in
1+0 records out
2088960 bytes (2.1 MB) copied, ...
13. As the oracle user, use the ls command to display a long listing of the /Dev directory.

[oracle@host03]$ ls l /Dev
...
-rw-rw-r--. 1 oracle oracle 2088960 ... bigfile
...
Notice the bigfile is not 4 MB, but was truncated after quota limits were reached.

14. As the oracle user, use the quota command to display quota information.
[oracle@host03]$ quota
Disk quotas for user oracle (uid 500):
Filesystem blocks quota limit grace files quota limit grace
/dev/xvdb1
2048*
0 2048
2
0
0
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 29

Oracle Internal & Oracle Academy Use Only

10. As the root user, use the edquota command to limit the oracle user.

15. As the oracle user, use the rm command to delete the bigfile file in the /Dev directory.
[oracle@host03]$ rm /Dev/bigfile
16. As the oracle user, use the quota command to display quota information.
[oracle@host03]$ quota
Disk quotas for user oracle (uid 500):
Filesystem blocks quota limit grace files quota limit grace
/dev/xvdb1
4
0 2048
1
0
0
Notice the difference in the number of blocks and number of files from step 14.
17. As the oracle user, use the rm command to delete the test file in the /Dev directory.
18. As the root user, use the setquota oracle 0 0 0 0 /Dev command to reset the
disk quota for the oracle user.
[root@host03]$ setquota oracle 0 0 0 0 /Dev
19. Remove ACL from /Dev.
a. As the root user, use the setfacl command to remove the ACL from the /Dev
directory.
[root@host03]# setfacl b /Dev
b.

As the root user, use the getfacl command to display the /Dev directorys ACL.
[root@host03]# getfacl /Dev
getfacl: Removing leading / from absolute path names
# file: Dev
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
Notice that the user:oracle:rwx line in the output has been removed.

c.

As the root user, use the ls ld command to display the permissions for the /Dev
directory.
[root@host03]# ls -ld /Dev
drwxr-xr-x ... /Dev
Notice that there is no plus sign (+), indicating that the directory has no ACL.

20. As the root user, use the vi editor to change the entry in /etc/fstab for /Dev to
remove the ACL and the user and group quota options.
[root@host03]# vi /etc/fstab
LABEL=Dev /Dev ext3 acl,usrquota,grpquota 0
LABEL=Dev /Dev ext3 defaults
0

0 (old entry)
0 (new entry)

21. As the root user, use the mount command with the o remount option to remount /Dev.
[root@host03]# mount o remount /Dev

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 30

Oracle Internal & Oracle Academy Use Only

[oracle@host03]$ rm /Dev/test

22. As the root user, use the mount command to display the new mount options on /Dev.
[root@host03]# mount | grep /Dev
/dev/xvdb1 on /Dev type ext3 (rw)

Oracle Internal & Oracle Academy Use Only

23. Click the X on the oracle@host03 tab to close the tab.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 31

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 12: Oracle Linux Filesystems


Chapter 12 - Page 32

Chapter 13

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 13:


Storage Administration

Practices for Lesson 13


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you create and work with logical volumes, RAID devices, and encrypted
filesystems.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 2

Practice 13-1: Creating Linux LVM Partitions


Overview
In this practice, you create new partitions and change the system ID to Linux LVM.

Assumptions

You completed Practice 12-2 (Partitioning a Storage Device)


You completed Practice 12-3 (Creating ext Filesystems)
You completed Practice 12-5 (Creating btrfs Filesystems)

You are the root user on host03 VM.

1.

Un-mount all filesystems currently mounted on /dev/xvdb.


a.

2.

3.

4.

Determine what is currently mounted on /dev/xvdb.

b. Un-mount /dev/xvdb1 and /dev/xvdb2.


Create a new partition on /dev/xvdb.
a. Use the fdisk command to create a new primary partition on /dev/xvdb using the
parameters given below.
Partition number: 3
First cylinder: 1038 (default)
Last cylinder (or +size): +1G
b. Change the system ID to 8e on the new partition.
c. Print the new partition table.
d. Save the new partition table.
Un-mount all filesystems currently mounted on /dev/xvdd.
a. Determine what is currently mounted on /dev/xvdd.
b. Un-mount /dev/xvdd1.
Create a new partition on /dev/xvdd.
a. Use the fdisk command to create a new primary partition on /dev/xvdd using
parameters given below.
Partition number: 2
First cylinder: 1886 (default)
Last cylinder (or +size): +1G
b. Change the system ID to 8e on the new partition.
c. Save the new partition table.
d. Use the fdisk command to list the partition table on /dev/xvdd.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

5.

Oracle Internal & Oracle Academy Use Only

6.

Re-mount the filesystems.


a. Use the mount a command to mount all filesystems mentioned in /etc/fstab.
Display the mounted filesystems.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 4

Solution 13-1: Creating Linux LVM Partitions


Tasks
1.

Un-mount all filesystems currently mounted on /dev/xvdb.


a.

Determine what is currently mounted on /dev/xvdb.


# df h | grep xvdb
/dev/xvdb1
1008M
/dev/xvdb2
1.1G

b.

34M
28M

924M
1.1G

4%
1%

/Dev
/Btrfs

Un-mount both /dev/xvdb1 and /dev/xvdb2.

2.

Create a new partition on /dev/xvdb.


a. Use the fdisk command to create a new primary partition on /dev/xvdb using the
parameters given below.
# fdisk /dev/xvdb
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
p
Partition number (1-4): 3
First cylinder (1038-2590, default 1038): ENTER
Using default value 1038
Last cylinder, +cylinders or +size{K,M,G} (1038-2590, default
2590): +1G
b.

Use the t command to change the system ID on the new partition.


Command (m for help): t
Partition number (1-4): 3
Hex code (type L to list codes): L
0 Empty
24 NEC DOS
81 Minix / old Lin
1 FAT12
39 Plan 9
82 Linux swap
2 XENIX root 3c PartitionMagic 83 Linux
...
8 AIX
4f QNX4.x 3rd part
8e Linux LVM
...
Hex code (type L to list codes): 8e
Changed system type of partition 3 to 8e (Linux LVM)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 5

...
...
...
...

Oracle Internal & Oracle Academy Use Only

# umount /dev/xvdb1 /dev/xvdb2

d.

Print the new partition table.


Command (m for help): p
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot Start
End
Blocks
/dev/xvdb1
1
519
1048976+
/dev/xvdb2
519
1037
1048887+
/dev/xvdb3
1038
1556
1050456

Id
83
83
8e

System
Linux
Linux
Linux LVM

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

3.

Un-mount all filesystems currently mounted on /dev/xvdd.


a.

Determine what is currently mounted on /dev/xvdd.


# df h | grep xvdd
/dev/xvdd1
1008M

b.

18M

940M

2%

/Test

Un-mount /dev/xvdd1.
# umount /dev/xvdd1

4.

Create a new partition on /dev/xvdd.


a.

Use the fdisk command to create a new primary partition on /dev/xvdd using the
parameters given below.
# fdisk /dev/xvdd
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (1886-9429, default 1886): ENTER
Using default value 1886
Last cylinder, +cylinders or +size{K,M,G} (1886-9429, default
9429): +1G

b.

Use the t command to change the system ID on the new partition.


Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 8e
Changed system type of partition 2 to 8e (Linux LVM)
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 6

Oracle Internal & Oracle Academy Use Only

c.

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

d.

List the partition table on /dev/xvdd.


# fdisk l /dev/xvdd
Disk /dev/xvdd: 5368 MB, 5368709120 bytes
...
Device
Boot Start
End
Blocks
Id
/dev/xvdd1
1
1886 1048575+
83
/dev/xvdd2
1886
3772 1048656+
8e

5.

Re-mount the filesystems.


a. Use the mount a command to mount all filesystems mentioned in /etc/fstab.
# mount -a

6.

System
Linux
Linux LVM

Display the mounted filesystems.


# df h
...
/dev/xvdb1
/dev/xvdd2
/dev/xvdd1

1008M
1.1G
1008M

34M
28M
18M

924M
1.1G
940M

4%
1%
2%

/Dev
/Btrfs
/Test

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 7

Oracle Internal & Oracle Academy Use Only

c.

Practice 13-2: Creating a Logical Volume


Overview
In this practice, you create physical volumes, a volume group, and a logical volume. You also
use LVM utilities to display information about the LVM entities.

1.

2.

3.
4.

Initialize the new partitions for use by LVM (create physical volumes).
a. List the partitions with the Linux LVM (8e) system ID.
b. Create physical volumes on both partitions.
Display information about the physical volumes.
a. Use the pvdisplay command to display attributes of the physical volumes.
b. Use the pvs command to report information in a more condensed form.
c. Use the pvscan command to scan all disks for physical volumes.
Create a volume group.
a. Create a volume group named myvolg from the /dev/xvdb3 physical volume.
Display information about the volume group.
a. Use the vgdisplay command to display attributes of the volume group.
b. Use the vgs command to report information in a more condensed form.
c.
d.

5.
6.

Use the vgscan command to scan all disks for volume groups and rebuild caches.
Display information about the physical volumes.

Notice that the /dev/xvdb3 physical volume is assigned to the myvolg volume
group.
Create a logical volume.
a. Create a 500 MB logical volume named myvol from the myvolg volume group.
Display information about the logical volume.
a. Use the lvdisplay command to display attributes of the logical volume.
b. Use the lvs command to report information in a more condensed form.
c. Use the lvscan command to scan all disks for logical volumes.
d. Display information about the physical volumes.
e.

Notice that the free space in the /dev/xvdb3 physical volume has been reduced.
Display information about the volume group.
Notice that the free space in the myvolg volume group has also been reduced.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 8

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 13-2: Creating a Logical Volume


Tasks
Initialize the new partitions for use by LVM (create physical volumes).
a. List the partitions with the Linux LVM (8e) system ID.
# fdisk l | grep 8e
/dev/xvdb3
1083
/dev/xvdd2
1886
b.

1556
3772

1050456
1048656

8e
8e

Linux LVM
Linux LVM

Use the pvcreate command to create physical volumes on both partitions.


# pvcreate -v /dev/xvdb3 /dev/xvdd2
Set up physical volume for /dev/xvdb3 with ...
Zeroing start of device /dev/xvdb3
Writing physical volume data to disk /dev/xvdb3
Physical volume /dev/xvdb3 successfully created
Set up physical volume for /dev/xvdd2 with ...
Zeroing start of device /dev/xvdd2
Writing physical volume data to disk /dev/xvdd2
Physical volume /dev/xvdd2 successfully created

2.

Display information about the physical volumes.


a. Use the pvdisplay command to display attributes of the physical volumes.
# pvdisplay
/dev/xvdb3 is a new physical volume of 1.00 GiB
--- NEW Physical volume --PV Name
/dev/xvdb3
VG Name
PV Size
1.00 GiB
...
/dev/xvdd2 is a new physical volume of 1.00 GiB
--- NEW Physical volume --PV Name
/dev/xvdd2
VG Name
PV Size
1.00 GiB
...
b.

Use the pvs command to report information in a more condensed form.


# pvs
PV
/dev/xvdb3
/dev/xvdd2

VG

Fmt
lvm2
lvm2

Attr PSize PFree


a1.00g 1.00g
a1.00g 1.00g

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 9

Oracle Internal & Oracle Academy Use Only

1.

c.

Use the pvscan command to scan all disks for physical volumes.
# pvscan
PV /dev/xvdb3
lvm2 [1.00 GiB]
PV /dev/xvdd2
lvm2 [1.00 GiB]
Total: 2 [2.00 GiB] / in use: 0 [0 ] / in no VG: 2 [2.00...

Create a volume group.


a. Use the vgcreate command to create a volume group named myvolg from the
/dev/xvdb3 physical volume.
# vgcreate -v myvolg /dev/xvdb3
Wiping cache of LVM-capable devices
Adding physical volume dev/xvdb3 to volume group...
Archiving volume group myvolg metadata (seqno 0).
Creating volume group backup /etc/lvm/backup/myvolg...
Volume group myvolg successfully created

4.

Display information about the volume group.


a. Use the vgdisplay command to display attributes of the volume group.
# vgdisplay
--- Volume group --VG Name
myvolg
System ID
Format
lvm2
...
VG Size
1.00 GiB
...
b.

Use the vgs command to report information in a more condensed form.


# vgs
VG
myvolg

c.

#PV #LV #SN Attr


VSize VFree
1
0
0 wz--n- 1.00g 1.00g

Use the vgscan command to scan all disks for volume groups and rebuild caches.
# vgscan
Reading all physical volumes. This may take a while...
Found volume group myvolg using metadata type lvm2

d.

Display information about the physical volumes.


# pvs
PV
VG
Fmt
Attr PSize PFree
/dev/xvdb3 myvolg lvm2 a1.00g 1.00g
/dev/xvdd2
lvm2 a1.00g 1.00g
Notice that the /dev/xvdb3 physical volume is assigned to the myvolg volume
group.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 10

Oracle Internal & Oracle Academy Use Only

3.

5.

Create a logical volume.


a. Use the lvcreate command to create a 500 MB logical volume named myvol from
the myvolg volume group.
# lvcreate -v L 500m n myvol myvolg
Setting logging type to disk
Finding volume group myvolg
Archiving volume group myvolg metadata (seqno 1).
Creating logical volume myvol
...
Logical volume myvol created
Display information about the logical volume.
a. Use the lvdisplay command to display attributes of the logical volume.
# lvdisplay
--- Logical volume --LV Name
/dev/myvolg/myvol
VG Name
myvolg
...
LV Size
500.00 MiB
...
b.

Use the lvs command to report information in a more condensed form.


# lvs
LV
VG
Attr
LSize
Origin Snap% Move Log Copy%...
myvol myvolg -wi-a- 500.00m

c.

Use the lvscan command to scan all disks for logical volumes.
# lvscan
ACTIVE

d.

/dev/myvolg/myvol [500.00 MiB] inherit

Display information about the physical volumes.

# pvs
PV
VG
Fmt
Attr PSize PFree
/dev/xvdb3 myvolg lvm2 a1.00g 524.00m
/dev/xvdd2
lvm2 a1.00g
1.00g
Notice that the free space in the /dev/xvdb3 physical volume has been reduced.
e. Display information about the volume group.
# vgs
VG
#PV #LV #SN Attr
VSize VFree
myvolg
1
0
0 wz--n- 1.00g 524.00m
Notice that the free space in the myvolg volume group has also been reduced.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 11

Oracle Internal & Oracle Academy Use Only

6.

Practice 13-3: Creating a Filesystem and Mounting a Logical Volume


Overview
In this practice, you create a filesystem on the logical volume and mount the logical volume.

Tasks
1.

Display the block device name that was automatically created.


a. List the /dev entries for the myvol logical volume.
Notice that two entries were automatically created.
Notice that both entries are symbolic links to /dev/dm-0.

2.

3.

List the /dev/dm-0 entry.

Notice that /dev/dm-0 is a block device.


Create a filesystem on the logical volume.
a. Create an ext4 filesystem on the myvol logical volume.
b. Create a /myvol mount point.
c. Mount the filesystem.
d. Display the mounted filesystems.
Update the filesystems mount table.
a. Add the following line to /etc/fstab.
dev/mapper/myvolg-myvol /myvol ext4 defaults

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 12

Oracle Internal & Oracle Academy Use Only

b.

Solution 13-3: Creating a Filesystem and Mounting a Logical Volume


Tasks
1.

Display the block device name that was automatically created.


a. List the /dev entries for the myvol logical volume.
# ls l /dev/myvolg/myvol
lrwxrwxrwx. /dev/myvolg/myvol -> ../dm-0
# ls l /dev/mapper/myvolg-myvol
lrwxrwxrwx. /dev/mapper/myvolg-myvol -> ../dm-0
Notice that two entries were automatically created.
Notice that both entries are symbolic links to /dev/dm-0.

2.

List the /dev/dm-0 entry.

Oracle Internal & Oracle Academy Use Only

b.

# ls l /dev/dm-0
brw-rw----. /dev/dm-0
Notice that /dev/dm-0 is a block device.
Create a filesystem on the logical volume.
a. Create an ext4 filesystem on the myvol logical volume.
# mkfs.ext4 /dev/mapper/myvolg-myvol
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
...
Writing inode tables: done
Creating journal (8192 blocks): done
...
b.

Create a /myvol mount point.


# mkdir /myvol

c.

Mount the filesystem.


# mount /dev/mapper/myvolg-myvol /myvol

d.

Display the mounted filesystems.


# df h
Filesystem
Size Used
...
/dev/mapper/myvolg-myvol
485M
11M

3.

Avail

Use%

449M

3%

Mounted on

/myvol

Update the filesystems mount table.


a. Use the vi editor to add the following line to /etc/fstab.
/dev/mapper/myvolg-myvol /myvol

ext4

defaults

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 13

Practice 13-4: Creating a Logical Volume Snapshot


Overview
In this practice, you create a snapshot volume, mount the snapshot, and remove the snapshot
volume.

Tasks

2.

Create a snapshot volume.


a. Copy /boot/init* to the mounted logical volume, /myvol.
b. Create a 500 MB snapshot named myvol-snapshot of the myvol logical volume.
c. List the logical volumes.
d. List the contents of the /dev/myvolg and /dev/mapper directories.
Mount the snapshot.
a. Mount the snapshot onto /mnt.
b. Display the mounted filesystems.
c. List the files on /mnt.
Notice that these are the same files that were copied onto /myvol.
d.
e.

3.

Remove the files on /myvol.


List the files on /mnt.

Notice that these files are still present.


Removing files from the original volume does not change the snapshots content.
Remove the snapshot.
a. Un-mount the snapshot from /mnt.
b. Remove the snapshot.
c. List the logical volumes.
Notice that the myvol-snapshot logical volume has been deleted.
d. List the contents of the /dev/myvolg and /dev/mapper directories.
Notice that the snapshot entries have been deleted.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 14

Oracle Internal & Oracle Academy Use Only

1.

Solution 13-4: Creating a Logical Volume Snapshot


Tasks
1.

Create a snapshot volume.


a. Copy /boot/init* to the mounted logical volume, /myvol.
# cp /boot/init* /myvol
# ls /myvol
init...
b.

Create a 500 MB snapshot named myvol-snapshot of the myvol logical volume.

c.

List the logical volumes.


# lvs
LV
VG
Attr
LSize
Origin Snap% Move...
myvol
myvolg owi-ao 500.00m
myvol-snapshot myvolg swi-a- 500.00m myvol
0.00

d.

List the contents of the /dev/myvolg and /dev/mapper directories.


# ls l /dev/myvolg
lrwxrwxrwx. myvol -> ../dm-0
lrwxrwxrwx. myvol-snapshot -> ../dm-1
# ls l /dev/mapper
crw-rw----. control
lrwxrwxrwx. myvolg-myvol -> ../dm-0
lrwxrwxrwx. myvolg-myvol-real -> ../dm-2
lrwxrwxrwx. myvolg-myvol--snapshot -> ../dm-1
lrwxrwxrwx. myvolg-myvol--snapshot-cow -> ../dm-3

2.

Mount the snapshot.


a. Mount the snapshot onto /mnt.
# mount -t ext4 /dev/myvolg/myvol-snapshot /mnt
b.

Display the mounted filesystems.


# df h
Filesystem
Size Used Avail Use%
...
/dev/mapper/myvolg-myvol
485M
39M
421M
9%
/dev/mapper/myvolg-myvol--snapshot
485M
39M
421M
9%

c.

Mounted on

/myvol
/mnt

List the files on /mnt.


# ls /mnt
init...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 15

Oracle Internal & Oracle Academy Use Only

# lvcreate -L 500m s n myvol-snapshot myvolg/myvol


Logical volume myvol-snapshot created


d.

Notice that these are the same files that were copied onto /myvol.
Remove the files on /myvol.
# rm /myvol/init*
rm: remove regular file /myvol/init...? y
...

3.

List the files on /mnt.

# ls /mnt
init...
Notice that these files are still present.
Removing files from the original volume does not change the snapshots content.
Remove the snapshot.
a. Un-mount the snapshot from /mnt.
# umount /mnt
b.

Use the lvremove command to remove the snapshot.


# lvremove -v myvolg/myvol-snapshot
Using logical volume(s) on command line
Do you really want to remove active logical volume myvolsnapshot? [y/n]: y
...
Logical volume myvol-snapshot successfully removed

c.

List the logical volumes.

# lvs
LV
VG
Attr
LSize
Origin Snap% Move...
myvol
myvolg -wi-ao 500.00m
Notice that the myvol-snapshot logical volume has been deleted.
d. List the contents of the /dev/myvolg and /dev/mapper directories.
# ls l /dev/myvolg
lrwxrwxrwx. myvol -> ../dm-0
# ls l /dev/mapper
crw-rw----. control
lrwxrwxrwx. myvolg-myvol -> ../dm-0
Notice that the snapshot entries have been deleted.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 16

Oracle Internal & Oracle Academy Use Only

e.

Practice 13-5: Increasing the Capacity of a Logical Volume


Overview
In this practice, you increase the size of a logical volume and add a physical volume to a volume
group.

1.

2.

Increase the size of a logical volume.


a. List the volume group.
Notice that the myvolg volume group has 524 MB of free space.
b. List the logical volume.
Notice that the myvol logical volume is 500 MB in size.
c. Display the mounted filesystems.
Notice that the size of the filesystem is 485 MB.
d. Increase the size of the myvolg/myvol logical volume and the filesystem by 500 MB.
The r option causes the filesystem to be resized.
e. List the volume group.
Notice that the myvolg volume group now has only 24 MB of free space.
f. List the logical volume.
Notice that the myvol logical volume is now 1,000 MB in size.
g. Display the mounted filesystems.
Notice that the size of the filesystem is now 969 MB.
Add a physical volume to a volume group.
a. List the physical volumes.
Notice that the /dev/xvdd2 physical volume is not assigned to a volume group.
b. List the volume group.
Notice that the myvolg volume group is 1 GB in size.
c. Add the /dev/xvdd2 physical volume to the myvolg volume group.
d. List the physical volumes.

e.

f.
g.
h.
i.

Notice that the /dev/xvdd2 physical volume is now assigned to the myvolg
volume group.
List the volume group.
Notice that the myvolg volume group now has two PVs (physical volumes).
Notice that the VSize and VFree have increased.
List the logical volume.
Increase the size of the myvolg/myvol logical volume and the filesystem by 500 MB.
List the logical volume.
Display the mounted filesystems.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 17

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 13-5: Increasing the Capacity of a Logical Volume


Tasks
Increase the size of a logical volume.
a. List the volume group.
# vgs
VG
#PV #LV #SN Attr
VSize VFree
myvolg
1
1
0 wz--n- 1.00g 524.00m
Notice that the myvolg volume group has 524 MB of free space.
b. List the logical volume.
# lvs
LV
VG
Attr
LSize
Origin Snap% Move...
myvol
myvolg -wi-ao 500.00m
Notice that the myvol logical volume is 500 MB in size.
c. Display the mounted filesystems.
# df h
Filesystem
Size Used Avail Use% Mounted on
...
/dev/mapper/myvolg-myvol
485M
11M
449M
3% /myvol
Notice that the size of the filesystem is 485 MB.
d. Use the lvextend command to increase the size of the myvolg/myvol logical volume
and the filesystem by 500 MB.
# lvextend -L +500M -r myvolg/myvol
Extending logical volume myvol to 1000.00 MiB
Logical volume myvol successfully resized
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/mapper/myvolg-myvol is mounted on /myvol; online resize required
...
Performing an on-line resize of /dev/mapper/myvolg-myvol to
1024000 (1k) blocks.
The filesystem on /dev/mapper/myvolg-myvol is now 1024000 blocks
long.
The r option causes the filesystem to be resized.
e.

List the volume group.


# vgs
VG
#PV #LV #SN Attr
VSize VFree
myvolg
1
1
0 wz--n- 1.00g 24.00m
Notice that the myvolg volume group now only has 24 MB of free space.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 18

Oracle Internal & Oracle Academy Use Only

1.

2.

List the logical volume.


# lvs
LV
VG
Attr
LSize
Origin Snap% Move...
myvol
myvolg -wi-ao 1000.00m
Notice that the myvol logical volume is now 1,000 MB in size.
g. Display the mounted filesystems.
# df h
Filesystem
Size Used Avail Use% Mounted on
...
/dev/mapper/myvolg-myvol
969M
11M
909M
2% /myvol
Notice that the size of the filesystem is now 969 MB.
Add a physical volume to a volume group.
a. List the physical volumes.
# pvs
PV
VG
Fmt
Attr PSize PFree
/dev/xvdb3 myvolg lvm2 a1.00g 24.00m
/dev/xvdd2
lvm2 a1.00g 1.00g
Notice that the /dev/xvdd2 physical volume is not assigned to a volume group.
b. List the volume group.
# vgs
VG
#PV #LV #SN Attr
VSize VFree
myvolg
1
1
0 wz--n- 1.00g 24.00m
Notice that the myvolg volume group is 1 GB in size.
c. Use the vgextend command to add the /dev/xvdd2 physical volume to the myvolg
volume group.
# vgextend -v myvolg /dev/xvdd2
Checking for volume group myvolg
...
Adding physical volume /dev/xvdd2 to volume group myvolg
...
Volume group myvolg successfully extended
d.

List the physical volumes.


# pvs
PV
VG
Fmt
Attr PSize
PFree
/dev/xvdb3 myvolg lvm2 a1.00g
24.00m
/dev/xvdd2 myvolg lvm2 a1020.00m 1020.00m
Notice that the /dev/xvdd2 physical volume is now assigned to the myvolg
volume group.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 19

Oracle Internal & Oracle Academy Use Only

f.

e.

List the volume group.


# vgs
VG
#PV #LV #SN Attr
VSize VFree
myvolg
2
1
0 wz--n- 2.00g 1.02g
Notice that the myvolg volume group now has two PVs (physical volumes).
Notice that the VSize and VFree have increased.
f. List the logical volume.
# lvs
LV
VG
Attr
LSize
Origin Snap% Move...
myvol
myvolg -wi-ao 1000.00m
Increase the size of the myvolg/myvol logical volume and the filesystem by 500 MB.
# lvextend -L +500M -r myvolg/myvol
Extending logical volume myvol to 1.46 GiB
Logical volume myvol successfully resized
resize2fs 1.41.12 (17-May-2010)
...
The filesystem on /dev/mapper/myvolg-myvol is now 1536000 blocks
long.

h.

List the logical volume.


# lvs
LV
myvol

i.

VG
Attr
LSize
myvolg -wi-ao 1.46g

Origin Snap% Move...

Display the mounted filesystems.


# df h
Filesystem
Size Used Avail Use% Mounted on
...
/dev/mapper/myvolg-myvol
1.5G
11M
1.4G
1% /myvol
Notice that the size of the filesystem is now 1.5 GB.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 20

Oracle Internal & Oracle Academy Use Only

g.

Practice 13-6: Creating a RAID Device


Overview
In this practice, you remove the logical volume and LVM entities, create a RAID array device,
and create a filesystem and mount the RAID device.

1.

Remove the logical volume, volume group, and physical volume.


a. Un-mount the myvol logical volume.
b. Remove the myvol logical volume.
c. Remove the myvolg volume group.
d. Remove the /dev/xvdb3 and /dev/xvdd2 physical volumes.
e. Remove the /myvol mount point.
f.

2.

Remove the following line from /etc/fstab.


/dev/mapper/myvolg-myvol /myvol ext4 defaults 0 0
Create a new RAID array.
Disk partitions used in a RAID device should have the partition type changed to fd
(Linux raid auto-detect). This step is omitted however in this practice.
a. Create a RAID-1 device, /dev/md0, from the /dev/xvdb3 and /dev/xvdd2
partitions.
b. View the /proc/mdstat file to check the status of the MD RAID devices.

3.

4.

Wait until the resync is complete before continuing.


c. Use the mdadm command to view information about the RAID device.
Create a filesystem on the RAID device.
a. Create an ext4 filesystem on /dev/md0.
b. Create a mount point named /raid.
c. Mount the filesystem.
d. Display the mounted filesystems.
Create the mdadm configuration file, /etc/mdadm.conf.
a.

Create /etc/mdadm.conf and add the following entry.


ARRAY /dev/md0 devices=/dev/xvdb3,/dev/xvdd2

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 21

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 13-6: Creating a RAID Device


Tasks
1.

Remove the logical volume, volume group, and physical volume.


a. Un-mount the myvol logical volume.
# umount /myvol
b.

Use the lvremove command to remove the myvol logical volume.


# lvremove myvolg/myvol
Do you really want to remove active logical volume myvol? [y/n]:
y
Logical volume myvol successfully removed
Use the vgremove command to remove the myvolg volume group.
# vgremove myvolg
Volume group myvolg successfully removed

d.

Use the pvremove command to remove the physical volumes.


# pvremove /dev/xvdb3 /dev/xvdd2
Labels on physical volume /dev/xvdb3 successfully wiped
Labels on physical volume /dev/xvdd2 successfully wiped

e.

Remove the /myvol mount point.


# rmdir /myvol

f.

Using the vi editor, remove the following line from /etc/fstab.


# vi /etc/fstab
/dev/mapper/myvolg-myvol /myvol

2.

ext4

defaults

Create a new RAID array.


Disk partitions used in a RAID device should have the partition type changed to fd
(Linux raid auto-detect). This step is omitted however in this practice.
a. Use the mdadm command to create a RAID-1 device, /dev/md0, from the
/dev/xvdb3 and /dev/xvdd2 partitions.
# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/xvdb3
/dev/xvdd2
...
Continue creating array? y
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md0 started.
b.

View the /proc/mdstat file to check the status of the MD RAID devices.
# cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 xvdd2[1] xvdb3[0]
1047620 blocks supper 1.2 [2/2] [UU]
[==========>.......] resync = ...
unused devices: <none>
Wait until the resync is complete before continuing.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 22

Oracle Internal & Oracle Academy Use Only

c.

Use the mdadm command to view information about the RAID device.
# mdadm --query /dev/md0
/dev/md0: 1023.07MiB raid1 2 devices, 0 spares. Use mdadm -detail for more detail.
# mdadm --detail /dev/md0
/dev/md0:
Version : 1.2
Creation Time : Thu Dec 29...
Raid Level : raid1
Array Size : 1047620 (1023.24 MiB 1072.76 MB)
Used Dev Size : 1047620 (1023.24 MiB 1072.76 MB)
Raid Devices : 2
Total Devices : 2
...
Number Major Minor RaidDevice State
0
202
19
0
active sync /dev/xvdb3
1
202
50
1
active sync /dev/xvdd2

3.

Create a filesystem on the RAID device.


a. Create an ext4 filesystem on /dev/md0.
# mkfs.ext4 /dev/md0
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
...
Writing inode tables: done
Creating journal (4096 blocks): done
...
b.

Create a mount point named /raid.


# mkdir /raid

c.

Mount the filesystem.


# mount /dev/md0 /raid

d.

4.

Display the mounted filesystems.


# df h
Filesystem
Size Used Avail
...
/dev/md0
1007M
18M
939M

Use%
2%

Mounted on
/raid

Create the mdadm configuration file, /etc/mdadm.conf.


a.

Use the vi editor to create /etc/mdadm.conf and add the following entry.
# vi /etc/mdadm.conf
ARRAY /dev/md0 devices=/dev/xvdb3,/dev/xvdd2
With this file, the RAID array is properly detected and initialized after a reboot.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 23

Oracle Internal & Oracle Academy Use Only

c.

Practice 13-7: Encrypting a Filesystem


Overview
In this practice, you create an encrypted filesystem, create a filesystem on the encrypted
volume, reboot your system and provide the passphrase to mount the encrypted filesystem, and
remove the encrypted filesystem.

Tasks
Remove the RAID array.
a. Remove the /etc/mdadm.conf file.
b. Un-mount the raid volume.
c. Use the mdadm command to deactivate the array and release all resources.
d.

Display the attributes of the /dev/xvdb3 block device.

e.

2.

3.

4.

Use the mdadm command to over-write the md superblock on the /dev/xvdb3 disk
partition.
f. Display the attributes of the /dev/xvdb3 block device again to ensure that the md
superblock was overwritten.
Set up a cryptographic volume.
a. Use the cryptsetup command with luksFormat to initialize the /dev/xvdb3
volume and set an initial key of pass.
b. Use the cryptsetup command with luksOpen to open the partition and create the
device mapping of cryptfs.
c. Use the cryptsetup command to check the status of the encrypted volume.
d. Display the attributes of the /dev/xvdb3 block device.
e. List the /dev entries for the cryptfs encrypted volume.
Create a filesystem on the encrypted volume.
a. Create an ext4 filesystem.
b. Create a mount point named /cryptfs.
c. Mount the filesystem.
d. Display the mounted filesystems.
Update the /etc/crypttab configuration file and the filesystem mount table.
a. Create /etc/crypttab and add the following entry.
cryptfs /dev/xvdb3 none luks
b.

Add the following line to /etc/fstab.


/dev/mapper/cryptfs /cryptfs ext4

defaults

5.

After updating these files, the encrypted filesystem is properly set up and mounted at
reboot.
Reboot your system and enter the passphrase to mount the encrypted filesystem.
a. Reboot your system.
After you reboot your system, your vnc session closes.
b. Connect to host03 guest by using vncviewer.
The VNC Viewer: Connection Details window appears.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 24

Oracle Internal & Oracle Academy Use Only

1.

6.

Enter the command, localhost:<port_number>, substituting the correct port


number for the host03 guest. For example, if the port number is 5903, enter
localhost:5903 and click OK.
d. Provide the passphrase, pass, when prompted for the encrypted filesystem
passphrase during reboot.
Remove the encrypted filesystem.
a. Log in as Oracle Student, with password oracle.
b. Open a terminal window.
c. Become the root user. The password is 0racle (leading zero).
d. Display the mounted filesystems.
e. Un-mount the encrypted filesystem, /cryptfs.
f.

Remove the following entry from /etc/crypttab.


cryptfs /dev/xvdb3 none luks

g.

Remove the following entry from /etc/fstab.


/dev/mapper/cryptfs /cryptfs ext4 defaults 0 0
Use the cryptsetup command with luksOpen to remove the device mapping.
Verify that the device mapping has been removed.

h.
i.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 25

Oracle Internal & Oracle Academy Use Only

c.

Solution 13-7: Encrypting a Filesystem


Tasks
1.

Remove the RAID array.


a. Remove the /etc/mdadm.conf file.
# rm /etc/mdadm.conf
rm: remove regular file /etc/mdadm.conf? y
b.

Un-mount the raid volume.


# umount /raid
Use the mdadm command to deactivate the array and release all resources.
# mdadm --stop /dev/md0
mdadm: stopped /dev/md0

d.

Display the attributes of the /dev/xvdb3 block device.


# blkid /dev/xvdb3
/dev/xvdb3: UUID=aa168e4c... UUID_SUB=0a672cd0...
LABEL=host03.example.com:0 TYPE=linux_raid_member

2.

e.

Use the mdadm command to over-write the md superblock on the /dev/xvdb3 disk
partition.
# mdadm --zero-superblock /dev/xvdb3

f.

Display the attributes of the /dev/xvdb3 block device again to ensure that the md
superblock was overwritten.
# blkid /dev/xvdb3

Set up a cryptographic volume.


a. Use the cryptsetup command with luksFormat to initialize the /dev/xvdb3
volume and set an initial key of pass.
# cryptsetup luksFormat /dev/xvdb3
WARNING!
========
This will overwrite data on /dev/xvdb3 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: pass
Verify passphrase: pass
b.

Use the cryptsetup command with luksOpen to open the partition and create the
device mapping of cryptfs.
# cryptsetup luksOpen /dev/xvdb3 cryptfs
Enter passphrase for /dev/xvdb3: pass

c.

Use the cryptsetup command to check the status of the encrypted volume.
# cryptsetup status cryptfs
/dev/mapper/cryptfs is active.
type: LUKS1
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 26

Oracle Internal & Oracle Academy Use Only

c.

cipher:
keysize:
device:
offset:
size:
mode:
d.

aes-cbs-essiv:sha256
256 bits
/dev/xvdb3
4096 sectors
2093679 sectors
read/write

Display the attributes of the /dev/xvdb3 block device.


# blkid /dev/xvdb3
/dev/xvdb3: UUID=e4a853db... TYPE=crypto_LUKS
List the /dev entries for the cryptfs encrypted volume.
# ls l /dev/mapper
...
lrwxrwxrwx. cryptfs -> ../dm-0

3.

Create a filesystem on the encrypted volume.


a. Create an ext4 filesystem.
# mkfs.ext4 /dev/mapper/cryptfs
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
...
Writing inode tables: done
Creating journal (4096 blocks): done
...
b.

Create a mount point named /cryptfs.


# mkdir /cryptfs

c.

Mount the filesystem.


# mount /dev/mapper/cryptfs /cryptfs

d.

Display the mounted filesystems.


# df h
Filesystem
Size Used
...
/dev/mapper/cryptfs
1007M
18M

4.

Avail

Use%

938M

2%

Mounted on

/cryptfs

Update the /etc/crypttab configuration file and the filesystem mount table.
a.

Use the vi editor to create /etc/crypttab and to add the following entry.
# vi /etc/crypttab
cryptfs /dev/xvdb3 none luks

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 27

Oracle Internal & Oracle Academy Use Only

e.

b.

5.

Use the vi editor to add the following line to /etc/fstab.

# vi /etc/fstab
/dev/mapper/cryptfs /cryptfs ext4 defaults 0 0
After updating these files, the encrypted filesystem is properly set up and mounted at
reboot.
Reboot your system and enter the passphrase to mount the encrypted filesystem.
a. Use the reboot command to reboot your system.

# vncviewer&
The VNC Viewer: Connection Details window appears.
c. Enter the command, localhost:<port_number>, substituting the correct port
number for the host03 guests. For example, if the port number is 5903, enter the
following and click OK.
localhost:5903
d.

6.

Provide the passphrase, pass, when prompted for the encrypted filesystem
passphrase during reboot.
/cryptfs is password protected: pass

Remove the encrypted filesystem.


a. Log in as Oracle Student, with password oracle.
b. Open a terminal window.
c. Become the root user. The password is 0racle (leading zero).
$ su
0racle
# whoami
root
d.

Display the mounted filesystems.


# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 3.7G
1.9G
68% /
...
/dev/xvda1
97M
47M
46M
51% /boot
/dev/xvda3
2.0G
38M
1.8G
2% /home
/dev/xvdb1
1008M
34M
924M
4% /Dev
/dev/xvdd1
1008M
18M
940M
2% /Test
/dev/xvdb2
1.1G
28K
1.1G
1% /Btrfs
/dev/mapper/cryptfs
1008M
18M
940M
2% /cryptfs
You see all the filesystems created throughout the practices.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 28

Oracle Internal & Oracle Academy Use Only

# reboot
After you reboot your system, your vnc session closes.
b. Connect to host03 guest by using vncviewer.

e.

Un-mount the encrypted filesystem, /cryptfs.


# umount /cryptfs

f.

Using the vi editor, remove the following entry from /etc/crypttab.


# vi /etc/crypttab
cryptfs /dev/xvdb2 none luks

g.

Using the vi editor, remove the following entry from /etc/fstab.


# vi /etc/fstab
/dev/mapper/cryptfs /cryptfs

h.

ext4

defaults

Use the cryptsetup command with luksOpen to remove the device mapping.

i.

Verify that the device mapping has been removed.


# ls /dev/mapper

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 29

Oracle Internal & Oracle Academy Use Only

# cryptsetup luksClose /dev/mapper/cryptfs

Practice 13-8: Using kpartx


Overview
In this practice, you use the kpartx utility to create device maps from partitions tables.

Assumptions
This practice is performed on dom0 and on host03 VM. You must have a terminal window open
on each system. In this practice, be careful to enter the commands on the correct VM, dom0 or
host03.

1.

Change to the /OVS/running_pool/host03 directory on dom0.

2.

List the directory to ensure that you are in the correct directory. The system.img file is the
virtual disk image that you installed Oracle Linux on.

3.

4.

5.

The system.img file is represented by /dev/xvda.

The u01.img file is represented by /dev/xvdb.

The u02.img file is represented by /dev/xvdd.

View the vm.cfg file.

Notice that system.img file is mapped to hda or /dev/xvda.

Notice that u01.img file is mapped to hdb or /dev/xvdb.

Notice that u02.img file is mapped to hdd or /dev/xvdd.

Use the kpartx l command to list the partitions that are found on the system.img
drive image.

The output shows that the system.img drive image contains four partitions.

The first column gives the names of the device files that will be created by kpartx.

From host03 VM, use the fdisk command to confirm that the OS disk has four partitions.

6.
7.

The /dev/xvda5 partition is logically the fourth partition.


From host03 VM, use the fdisk command to list the partition table on /dev/xvdb.
The output shows three partitions.
From dom0, use the kpartx l command to list the partitions that are found on the
u01.img drive image.

8.

The output shows five partitions, but /dev/xvda4 is an extended partition.

The output confirms that the u01.img drive image contains three partitions.

From host03 VM, list the mounted filesystems on /dev/xvdb.

9. Copy the init* files from /boot to /Dev.


The remaining commands in this practice are entered from dom0.
10. List the contents of the /dev/mapper directory.

Before adding the device files, a listing of /dev/mapper shows only the control file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 30

Oracle Internal & Oracle Academy Use Only

Tasks

11. Use the kpartx a u01.img command to add the device mappings for the detected
partitions.
The host03 VM should be shutdown before creating device mappings and before
mounting inside dom0.
Even though you are not touching files, it is a very risky operation.
12. List the contents of the /dev/mapper directory.
Notice that a file was created for each of the three partitions on /dev/xvdb.
13. Create a mount point, /mnt/map1.
14. Mount the first partition on /mnt/map1 and view the files that it contains.
Notice that these are the same files that you copied to /Dev, which is mounted on
/dev/xvdb1.
15. Un-mount the partition.
16. Use the kpartx d command to disconnect the device.
17. List the contents of /dev/mapper.

Notice that the mapping is gone in /dev/mapper.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 31

Oracle Internal & Oracle Academy Use Only

Solution 13-8: Using kpartx


Tasks
1.

Use the cd command to change to the /OVS/running_pool/host03 directory on dom0.

2.

Run the ls command to ensure that you are in the correct directory. The system.img file
is the virtual disk image that you installed Oracle Linux on.
[dom0]# ls l
-rw-r--r-- 12884901888 system.img
-rw-r--r-- 5368709120 u01.img
-rw-r--r-- 5368709120 u02.img
-rw-r--r-658 vm.cfg
The system.img file is represented by /dev/xvda.

3.

4.

The u02.img file is represented by /dev/xvdd.


Use the cat command to view the vm.cfg file.

[dom0]# cat vm.cfg


name = host03
builder = hvm
memory = 2048
boot = c
disk = [ file:/OVS/running_pool/host03/system.img,hda,w,
file:/OVS/running_pool/host03/u01.img,hdb,w,
file:/OVS/running_pool/host03/u02.img,hdd,w,
...
Notice that system.img file is mapped to hda or /dev/xvda.

Notice that u01.img file is mapped to hdb or /dev/xvdb.

Notice that u02.img file is mapped to hdd or /dev/xvdd.

Use the kpartx l command to list the partitions that are found on the system.img
drive image.

5.

The u01.img file is represented by /dev/xvdb.

[dom0]# kpartx l system.img


loop2p1 : 0 204800 /dev/loop2 2048
loop2p2 : 0 12288000 /dev/loop2 206848
loop2p3 : 0 4096000 /dev/loop2 12494848
loop2p5 : 0 8572928 /dev/loop2 16590848
The output shows that the system.img drive image contains four partitions.

The first column gives the names of the device files that will be created by kpartx.
From host03 VM, use the fdisk command to confirm that the OS disk has four partitions.
[host03]# fdisk l | grep /dev/xvda
Disk /dev/xvda: 12.9 GB, 12884901888 bytes
/dev/xvda1
*
1
13
102400
83 Linux
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 32

Oracle Internal & Oracle Academy Use Only

[dom0]# cd /OVS/running_pool/host03

7.

The /dev/xvda5 partition is logically the fourth partition.

From host03 VM, use the fdisk command to list the partition table on /dev/xvdb.
[host03]# fdisk l | grep /dev/xvdb
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
/dev/xvdb1
1
519 1048976+ 83 Linux
/dev/xvdb2
519
1037 1048887+ 83 Linux
/dev/xvdb3
1038
1556 1050456
8e Linux LVM
The output shows three partitions.
From dom0, use the kpartx l command to list the partitions that are found on the
u01.img drive image.

8.

[dom0]# kpartx l u01.img


loop3p1 : 0 2097953 /dev/loop3 2048
loop3p2 : 0 2097775 /dev/loop3 2100001
loop3p3 : 0 2100912 /dev/loop3 4197776
The output confirms that the u01.img drive image contains three partitions.

From host03 VM, use the df command to list the mounted filesystems on /dev/xvdb.
[host03]# df h | grep xvdb
/dev/xvdb1
1008M
34M 924M
/dev/xvdb2
1.1G
28K 1.1G

9.

4%
1%

/Dev
/Btrfs

Use the cp command to copy the init* files from /boot to /Dev.
[host03]# cp /boot/init* /Dev
[host03]# ls /Dev
aquota.user
initramfs-2.6.32-220.el6.x86_64.img lost+found
aquota.group initramfs-2.6.32-300.3.1.el6uek.x86_64.img

The remaining commands in this practice are entered from dom0.


10. From dom0, use the ls command to list the /dev/mapper directory.

[dom0]# ls /dev/mapper
control
Before adding the device files, a listing of /dev/mapper shows only the control file.

11. Use the kpartx a command to add the device mappings for the detected partitions.

The host03 VM should be shut down before creating device mappings and before
mounting inside dom0.

Even though you are not touching files, it is a very risky operation.
[dom0]# kpartx a u01.img

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 33

Oracle Internal & Oracle Academy Use Only

6.

/dev/xvda2
13
778 6144000
83 Linux
/dev/xvda3
778
1033 2048000
83 Linux
/dev/xvda4
1033
1567 4287488
5 Extended
/dev/xvda5
1033
1567 4286464
82 Linux swap
The output shows five partitions, but /dev/xvda4 is an extended partition.

12. Use the ls command to list the /dev/mapper directory.

[dom0]# ls /dev/mapper
control
loop3p1
loop3p2
loop3p3
Notice that a file was created for each of the three partitions on /dev/xvdb.

13. Use the mkdir command to create a mount point, /mnt/map1.


[dom0]# mkdir /mnt/map1

[dom0]# mount /dev/mapper/loop3p1 /mnt/map1


[dom0]# ls /mnt/map1
aquota.user
initramfs-2.6.32-220.el6.x86_64.img lost+found
aquota.group initramfs-2.6.32-300.3.1.el6uek.x86_64.img
Notice that these are the same files that you copied to /Dev, which is mounted on
/dev/xvdb1.

15. Use the umount command to un-mount the partition.


[dom0]# umount /mnt/map1
16. Use the kpartx d command to disconnect the device.
[dom0]# # kpartx d u01.img
loop deleted : /dev/loop3
17. Use the ls command to list the contents of /dev/mapper.

[domo]# ls /dev/mapper
control
Notice that the mapping is gone in /dev/mapper.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 13: Storage Administration


Chapter 13 - Page 34

Oracle Internal & Oracle Academy Use Only

14. Use the mount command to mount the first partition and view the files that it contains.

Chapter 14

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 14:


Network Configuration

Practices for Lesson 14


Practices Overview
In these practices, you:
Configure the eth1 network interface by editing network interface configuration files

Use NetworkManager to configure network interfaces

Use the system-config-network text-based utility

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 2

Practice 14-1: Configuring the eth1 Network Interface


Overview
In this practice, you:
Display the available network interfaces on your system
View the network interface configuration files

Configure a static IP address for the eth1 network interface

Update your /etc/hosts file

Create a default gateway and display your route table


Ensure that connectivity to dom0 and the other VM guests

You are the root user on host03 VM.

For task #5 only, issue the commands from a terminal window on dom0.
If you were unable to complete the OS install and FirstBoot configuration on host03 in Practice
3, substitute host02 for host03 in this practice and all future practices in this course. Use the IP
address of 192.168.1.102 for the eth1 interface if configuring host02.

Tasks
1.

Use the ifconfig command to display your available network interfaces.

2.

Notice that you have two Ethernet interfaces (eth0 and eth1) and the loopback
interface (lo).

The eth0 Ethernet interface has an IPv4 address, but eth1 does not.
View the network interface configuration files.
a. Change to the /etc/sysconfig/network-scripts directory.
b. View the contents of this directory.
Notice that you have a configuration file for eth0, ifcfg-eth0.

Notice that you have a configuration file for eth1, ifcfg-eth1.

Notice that you have a configuration file for the loopback interface, ifcfg-lo.

3.

There are also several Interface control scripts used to activate and deactivate
network interfaces in this directory.
Configure eth1 with a static IP address of 192.168.1.103.
a. Edit the ifcfg-eth1 file as follows (the use of quotes around the assigned values is
optional):
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
IPV6INIT=no
PEERDNS=yes
TYPE=Ethernet
HWADDR=00:16:3e:00:02:03
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

4.

IPADDR=192.168.1.103
NETMASK=255.255.255.0
BROADCAST=192.0.2.255
GATEWAY=192.0.2.1
NM_CONTROLLED=yes
Specify routing and host information for all network interfaces.
a. Change to the /etc/sysconfig directory.

Use the vi editor to edit the network file as follows:


NETWORKING=yes
HOSTNAME=host03.example.com
GATEWAY=192.0.2.1
5. Obtain the host name and IP address of dom0.
Issue these next two commands from a terminal window on dom0.
a. Use the ifconfig command to identify the IP address assigned to eth0 for dom0.
6.

7.
8.
9.

b. Use the hostname command to determine the host name of dom0.


Return to the host03 VM terminal and update the /etc/hosts file.
a. Edit the /etc/hosts file as follows (substitute the IP address and host name of your
dom0 system as determined in the previous step):
127.0.0.1
localhost.localdomain localhost
<dom0_IP>
<dom0_hostname>
dom0
192.0.2.1
example.com
192.0.2.101
host01.example.com
host01
192.0.2.102
host02.example.com
host02
192.0.2.103
host03.example.com
host03
Restart the network.
Display the status of the interfaces.
Notice that both eth0 and eth1 now have IP addresses.
Display the route table.

Notice that all packets destined for the 192.168.1 subnet use the eth1 interface.

Notice that all packets destined for the 192.0.2 subnet use the eth0 interface.

Notice that all other packets are routed through the 192.0.2.1 default gateway
(example.com), via eth0.
10. Use the ping command to verify that you can communicate to dom0 and the other VM
guests.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 4

Oracle Internal & Oracle Academy Use Only

b.

Solution 14-1: Configuring the eth1 Network Interface


Tasks
1.

Use the ifconfig command to display your available network interfaces.

lo

...
Notice that you have two Ethernet interfaces (eth0 and eth1) and the loopback
interface (lo).

2.

Link encap:Local Loopback


inet addr:127.0.0.1

The eth0 Ethernet interface has an IPv4 address, but eth1 does not.
View the network interface configuration files.
a. Use the cd command to change to the /etc/sysconfig/network-scripts
directory.
# cd /etc/sysconfig/network-scripts
b.

Use the ls command to view the contents of this directory.


# ls
ifcfg-eth0 ifdown-ipv6 ifup
ifup-plip...
ifcfg-eth1 ifdown-isdn ifup-aliases ifup-plush...
ifcfg-lo
ifdown-post...
...
Notice that you have a configuration file for eth0, ifcfg-eth0.

Notice that you have a configuration file for eth1, ifcfg-eth1.

Notice that you have a configuration file for the loopback interface, ifcfg-lo.

3.

There are also several Interface control scripts used to activate and deactivate
network interfaces in this directory.
Configure eth1 with a static IP address of 192.168.1.103.
a. Use the vi editor to edit the ifcfg-eth1 file as follows (the use of quotes around the
assigned values is optional):
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
IPV6INIT=no
PEERDNS=yes
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 5

Oracle Internal & Oracle Academy Use Only

# ifconfig
eth0
Link encap:Ethernet HWaddr 00:16:3E:00:01:03
inet6 addr:192.0.2.103 ...
...
eth1
Link encap:Ethernet HWaddr 00:16:3E:00:02:03
inet6 addr:...
...

4.

TYPE=Ethernet
HWADDR=00:16:3e:00:02:03
IPADDR=192.168.1.103
NETMASK=255.255.255.0
BROADCAST=192.0.2.255
GATEWAY=192.0.2.1
NM_CONTROLLED=yes
Specify routing and host information for all network interfaces.
a. Use the cd command to change to the /etc/sysconfig directory.
# cd /etc/sysconfig

Use the vi editor to edit the network file as follows:


NETWORKING=yes
HOSTNAME=host03.example.com
GATEWAY=192.0.2.1
5. Obtain the host name and IP address of dom0.
Issue these next two commands from a terminal window on dom0.
a. Use the ifconfig command to identify the IP address assigned to eth0 for dom0. In
the following example, the IP address is 10.150.30.68. The IP address of your
dom0 system is different.
[dom0]# ifconfig eth0
eth0
Link encap:Ethernet HWaddr ...
inet addr:10.150.30.68 ...
...
b.

Use the hostname command to determine the host name of dom0. In the following
example, the host name is EDDDR5P1. The host name of your dom0 is different.
[dom0]# hostname
EDDDR5P1

6.

Return to the host03 VM terminal and update the /etc/hosts file.


a.

7.

Use the vi editor to edit the /etc/hosts file as follows (substitute the IP address and
host name of your dom0 system as determined in previous step):
127.0.0.1
localhost.localdomain localhost
<dom0_IP>
<dom0_hostname>
dom0
192.0.2.1
example.com
192.0.2.101
host01.example.com
host01
192.0.2.102
host02.example.com
host02
192.0.2.103
host03.example.com
host03

Use the service command to restart the network.


# service network restart
Shutting down interface eth0...
Shutting down interface eth1...
Shutting down loopback interface...
Bringing up loopback interface...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 6

Oracle Internal & Oracle Academy Use Only

b.

Bringing up interface eth0...


Bringing up interface eth1...
...
Use the ifconfig command to display the status of the interfaces.
# ifconfig
eth0
Link encap:Ethernet HWaddr 00:16:3E:00:01:03
inet addr:192.0.2.103 Bcast:192.0.2.255 Mask:...
inet6 addr:
UP BROADCAST RUNNING MULTICAST MTU:1500...
...
eth1
Link encap:Ethernet HWaddr 00:16:3E:00:02:03
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:...
inet6 addr:
UP BROADCAST RUNNING MULTICAST MTU:1500...
...

9.

Notice that both eth0 and eth1 now have IP addresses.

Use the netstat r command (or route r) to display the route table.

# netstat r
Destination Gateway
Genmask
Flags ... Iface
192.168.1.0 *
255.255.255.0 U
eth1
192.0.2.0
*
255.255.255.0 U
eth0
default
example.com 0.0.0.0
UG
eth0
Notice that all packets destined for the 192.168.1 subnet use the eth1 interface.

Notice that all packets destined for the 192.0.2 subnet use the eth0 interface.

Notice that all other packets are routed through the 192.0.2.1 default gateway
(example.com), via eth0.
10. Use the ping command to verify that you can communicate to dom0 and the other VM
guests.
# ping dom0
64 bytes from ...
CTRL-C
# ping host01
...
CTRL-C
# ping host02
...
CTRL-C

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 7

Oracle Internal & Oracle Academy Use Only

8.

Practice 14-2: Using NetworkManager


Overview
In this practice, you:
Use the NetworkManager utility to disable and enable network connections
View the configuration capabilities of NetworkManager

Run the nm-tool utility that is included with NetworkManager

Assumptions

You are the root user on host03 VM.

1.

2.

Install NetworkManager if necessary.


NetworkManager is installed and running if you see the computer screens icon on the
GNOME panel.
a. Use the rpm command to verify that the NetworkManager package is installed.
b. If NetworkManager is not installed, use the yum command to install the package.
c. Use the service command to verify that NetworkManager is running.
d. If NetworkManager is not running, use the service command to start it.
Use NetworkManager to enable/disable networking.
a. Right-click the computer screens icon to display the drop-down menu.
b. Deselect the Enable Networking check box to disable networking.
Notice that an X in red appears on the icon.
c. Use the ifconfig command to display the network status.

d.
e.
f.

Notice that eth0 and eth1 interfaces do not appear in the output.
Right-click the computer screens icon to display the drop-down menu.
Click Enable Networking. Ensure that the check box is selected and the X in red
disappears.
Run the ifconfig command again to ensure that eth0 and eth1 interfaces display.
Notice that the eth0 and eth1 interfaces now appear.

g.

Click the computer screens icon to display the drop-down menu.


Notice that System eth0 is in bold font, meaning it is connected.
Notice that System eth1 is in bold font, meaning it is also connected.
h. Click Disconnect under System eth0 to disconnect eth0.

Notice that Wired Network (eth0) is disconnected, but System eth0 (not in bold) is
listed under the Available heading.
From a command window, use the ifconfig command to display the network status.

Notice that both eth0 and eth1 are listed, but eth0 does not include an IP
address.
Click the computer screens icon and click System eth0 to re-connect the eth0
interface.

i.

j.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 8

Oracle Internal & Oracle Academy Use Only

Tasks

3.

Use NetworkManager to view network connections.


a. Right-click the computer screens icon to display the drop-down menu.
b. Click Edit Connections.

You can also access this Network Connections window by entering nmconnection-editor& from a command line.
c. Select System eth0, then click Edit, and then select the IPv4 Settings tab.
Notice that the information displayed is included in the configuration file,
/etc/sysconfig/network-scripts/ifcfg-eth0.

Oracle Internal & Oracle Academy Use Only

4.

Any updates made from this screen are written to the configuration file.
d. Do not make any changes; click Cancel after viewing the different tabs and settings.
e. Click Close to close the Network Connections window.
Run the nm-tool utility that is included with NetworkManager.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 9

Solution 14-2: Using NetworkManager


Tasks
Install NetworkManager if necessary.
NetworkManager is installed and running if you see this computer screens icon on the
GNOME panel as follows:

a.

Use the rpm command to verify that the NetworkManager package is installed.
# rpm qa | grep i networkmanager
NetworkManager-...
NetworkManager-glib-...
NetworkManager-gnome-...

b.

If NetworkManager is not installed, use the yum command to install the package.
# yum install NetworkManager
...

c.

Use the service command to verify that NetworkManager is running.


# service NetworkManager status
NetworkManager (pid ...) is running...

d.

If NetworkManager is not running, use the service command to start it.


# service NetworkManager start
...

2.

Use NetworkManager to enable/disable networking.


a. Right-click the computer screens icon to display the following drop-down menu:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 10

Oracle Internal & Oracle Academy Use Only

1.

Deselect the Enable Networking check box to disable networking.


Notice that an X in red appears on the icon, as shown:

c.

d.
e.
f.

g.

From a command window, use the ifconfig command to display the network status.
# ifconfig
lo
Link encap: Local Loopback
...
Notice that eth0 and eth1 interfaces do not appear in the output.
Right-click the computer screens icon to display the drop-down menu.
Click Enable Networking. Ensure that the check box is selected and the X in red
disappears.
Run the ifconfig command again to ensure that the eth0 and eth1 interfaces
display.
# ifconfig
eth0
Link encap:Ethernet HWaddr 00:16:3E:00:01:03
...
eth1
Link encap:Ethernet HWaddr 00:16:3E:00:02:03
...
lo
Link encap:Local Loopback
...
Notice that the eth0 and eth1 interfaces now appear.
Click the computer screens icon to display the following drop-down menu:

Notice that System eth0 is in bold font, meaning it is connected.


Notice that System eth1 is in bold font, meaning it is also connected.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 11

Oracle Internal & Oracle Academy Use Only

b.

Click Disconnect under System eth0 to disconnect eth0. The menu now appears as
follows:

i.

3.

Notice that Wired Network (eth0) is disconnected, but System eth0 (not in bold) is
listed under the Available heading.
From a command window, use the ifconfig command to display the network status.

# ifconfig
...
Notice that both eth0 and eth1 are listed, but eth0 does not include an IP
address.
j. Click the computer screens icon and click System eth0 to re-connect the eth0
interface.
Use NetworkManager to view network connections.
a. Right-click the computer screens icon to display the following drop-down menu:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 12

Oracle Internal & Oracle Academy Use Only

h.

Click Edit Connections to display the following screen:

You can also access this Network Connections window by entering nmconnection-editor& from a command line.
# nm-connection-editor&

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 13

Oracle Internal & Oracle Academy Use Only

b.

Select System eth0, then click Edit, and then select the IPv4 Settings tab to display
the following screen:

4.

Notice that this information displayed is included in the configuration file,


/etc/sysconfig/network-scripts/ifcfg-eth0.

Any updates made from this screen are written to the configuration file.
d. Do not make any changes; click Cancel after viewing the different tabs and settings.
e. Click Close to close the Network Connections window.
Run the nm-tool utility that is included with NetworkManager.
# nm-tool
NetworkManager Tool
State: connected
- Device: eth0 [System eth0] Type:
Wired
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 14

Oracle Internal & Oracle Academy Use Only

c.

Practice 14-3: Using the system-config-network Utility


Overview
In this practice, you use the system-config-network text-based utility to configure the
network interfaces.

Assumptions

You are the root user on host03 VM.

Tasks
1.

Install system-config-network if necessary.

2.

Use the rpm command to verify that the system-config-network package is


installed.
b. If the utility is not installed, use the yum command to install the package.
Use system-config-network to configure network interfaces.
a.
b.
c.

Enter system-config-network from the command line.


Use the up/down arrows to select Device configuration and press Enter.
Use the up/down arrows to select eth1 (eth1) - Ethernet and press Enter.
Notice that this information displayed is included in the configuration file,
/etc/sysconfig/network-scripts/ifcfg-eth1.

d.
e.
f.

Any updates made from this screen are written to the configuration file.
Do not make any changes; use the arrow keys to highlight Cancel and then press
Enter.
Highlight Cancel on the previous screen and press Enter.
Highlight Quit on the initial screen and press Enter to exit the utility.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 15

Oracle Internal & Oracle Academy Use Only

a.

Solution 14-3: Using the system-config-network Utility


Tasks
1.

Install system-config-network if necessary.


a.

Use the rpm command to verify that the system-config-network package is


installed.
# rpm qa | grep system-config-network
system-config-network-tui-...

b.

If the utility is not installed, use the yum command to install the package.

2.

Use system-config-network to configure network interfaces.


a. Enter system-config-network from the command line.
# system-config-network
The screen appears as follows:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 16

Oracle Internal & Oracle Academy Use Only

# yum install system-config-network-tui


...

Use the up/down arrows to select Device configuration and press Enter. The screen
appears as follows:

Oracle Internal & Oracle Academy Use Only

b.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 17

Use the up/down arrows to select eth1 (eth1) - Ethernet and press Enter. The screen
appears as follows:

d.
e.
f.

Notice that this information displayed is included in the configuration file,


/etc/sysconfig/network-scripts/ifcfg-eth1.
Any updates made from this screen are written to the configuration file.
Do not make any changes; use the arrow keys to highlight Cancel and then press
Enter.
Highlight Cancel on the previous screen and press Enter.
Highlight Quit on the initial screen and press Enter to exit the utility.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 14: Network Configuration


Chapter 14 - Page 18

Oracle Internal & Oracle Academy Use Only

c.

Chapter 15

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 15:


Network Addressing and
Name Services

Practices for Lesson 15


Practices Overview

Dynamically obtain an IP address for eth1 on host01

View the DNS server configuration on dom0


Configure host03 to use DNS for name-to-IP address resolution
Test the DNS configuration
Access the Public Yum Repository from host03 VM
Download the Oracle Linux 6 repository to host03
Simulate upgrading your system (you do not actually perform the upgrade)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 2

Oracle Internal & Oracle Academy Use Only

In these practices, you:


Configure host03 VM as a DHCP server and host01 VM as a DHCP client

Practice 15-1: Configuring a DHCP Server


Overview
In this practice, you configure host03 VM as a DHCP server.

Assumptions

You are the root user on host03 VM.

You completed Practice 6-3 (Creating a Local Yum Repository).

Tasks
Install the dhcp package on host03 if necessary.
a.

2.

3.

Use the rpm command to check whether the dhcp package is installed.

In this example, only the dhcp-common package is installed, this package provides
common files used by DHCP and the dhclient packages.

The dhcp package does need to be installed in this example.

b. Use the yum command to install the dhcp package.


Use the vi editor to edit /etc/dhcp/dhcpd.conf as follows:
option routers
192.0.2.1;
option subnet-mask
255.255.255.0;
option domain-name
"example.com";
option domain-name-servers
192.0.2.1;
option broadcast-address
192.168.1.255;
default-lease-time
21600;
max-lease-time
43200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.200 192.168.1.254;
}
Use the vi editor to edit /etc/sysconfig/dhcpd as follows:
DHCPDARGS=eth1

4.

This causes the server to start the service only on the eth1 interface.
Start the dhcpd service.

5.

Enable the dhcpd service to start at boot time.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 3

Oracle Internal & Oracle Academy Use Only

1.

Solution 15-1: Configuring a DHCP Server


Tasks
1.

Install the dhcp package on host03 if necessary.


a.

Use the rpm command to check whether the dhcp package is installed.
# rpm qa | grep dhcp
dhcp-common-...
In this example, only the dhcp-common package is installed, this package provides
common files used by DHCP and the dhclient packages.

b.

The dhcp package does need to be installed in this example.


Use the yum command to install the dhcp package.
# yum install dhcp
...

2.

Use the vi editor to edit /etc/dhcp/dhcpd.conf as follows:


option routers
192.0.2.1;
option subnet-mask
255.255.255.0;
option domain-name
"example.com";
option domain-name-servers
192.0.2.1;
option broadcast-address
192.168.1.255;
default-lease-time
21600;
max-lease-time
43200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.200 192.168.1.254;
}

3.

Use the vi editor to edit /etc/sysconfig/dhcpd as follows:


DHCPDARGS=eth1

4.

This causes the server to start the service only on the eth1 interface.

Start the dhcpd service.


# service dhcpd start

5.

Enable the dhcpd service to start at boot time.


# chkconfig dhcpd on
# chkconfig dhcpd list

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 4

Oracle Internal & Oracle Academy Use Only

Practice 15-2: Configuring a DHCP Client


Overview
In this practice you, configure host01 VM as a DHCP client. You obtain an IP address from the
DHCP server (host03) for the eth1 network interface.

This lab is performed on host01 and on host03 VMs.

Open a terminal window on each system.

Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.
2.
3.

Verify that the dhclient package is installed on host01.


In this example, the package is already installed.
Ensure that IPv4 networking is enabled on host01.
IPv4 networking is already enabled in this example.
Configure eth1 on host01 for DHCP.
a.

4.

Use the vi editor and change /etc/sysconfig/network-scripts/ifcfg-eth1


as follows:
DEVICE=eth1
HWADDR=00:16:3e:00:02:01
NM_CONTROLLED=yes
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes
IPV6INIT=no
Display the network interfaces on host01.

Notice that eth1 is not listed.

5.

From host01, request a lease for eth1 from the DHCP server.

6.
7.

Verify that eth1 on host01 obtained an IP address.


View the /etc/resolv.conf file on host01.

8.
9.

Notice that the nameserver and search domain were obtained from the DHCP server.
View information about the lease on the client (host01).
View information about the lease on the server (host03).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 5

Oracle Internal & Oracle Academy Use Only

Assumptions

Solution 15-2: Configuring a DHCP Client


Tasks

2.

3.

4.

Use the rpm command to verify that the dhclient package is installed on host01.
[host01]# rpm qa dhclient
dhclient-4.1.1-25.P1.el6.x86_64
In this example, the package is already installed.
Ensure that IPv4 networking is enabled on host01 by verifying that NETWORKING=yes in
the /etc/sysconfig/network file.
[host01]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=host01.example.com
GATEWAY=192.0.2.1
IPv4 networking is already enabled in this example.
Configure eth1 on host01 for DHCP.
a. Use the vi editor and change /etc/sysconfig/network-scripts/ifcfg-eth1
as follows:
DEVICE=eth1
HWADDR=00:16:3e:00:02:01
NM_CONTROLLED=yes
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
PEERDNS=yes
IPV6INIT=no
Use the ifconfig command to display the network interfaces on host01.

5.

[host01]# ifconfig
eth0
Link encap:Ethernet HWaddr 00:16:3E:00:01:01
inet addr:192.0.2.101...
...
lo
Link encap:Local Loopback
inet addr:127.0.0.1
...
Notice that eth1 is not listed.

From host01, use the dhclient command to request a lease for eth1 from the DHCP
server.
[host01]# dhclient eth1

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 6

Oracle Internal & Oracle Academy Use Only

1.

6.

Use the ifconfig command on host01 to verify that eth1 obtained an IP address.

7.

View the /etc/resolv.conf file on host01.

8.

[host01]# cat /etc/resolv.conf


search example.com
nameserver 192.0.2.1
Notice that the nameserver and search domain was obtained from the DHCP
server.
View information about the lease on the client (host01).
[host01]# cat /var/lib/dhclient/dhclient.leases
...

9.

View information about the lease on the server (host03).


[host03]# cat /var/lib/dhcpd/dhcpd.leases
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 7

Oracle Internal & Oracle Academy Use Only

[host01]# ifconfig eth1


eth1
Link encap:Ethernet HWaddr 00:16:3E:00:02:01
inet addr:192.168.1.200...
...

Practice 15-3: DNS Configuration


Overview
In this practice, you:
View the DNS configuration on dom0
Configure host03 to use DNS
Test the look-up functionality of DNS from host03

Dom0 is already configured as a DNS server.


This lab is performed on dom0 and on host03 VM.

Open a terminal window on each system.


Log in as the root user on each system.

The prompts in the solution section include either dom0 or host03 to indicate which
system to enter the command from.

Tasks
1.

Verify that the bind package is installed on dom0.

2.

In this example, the package is installed.


Verify that the named service is started on dom0.

3.

In this example, the service is running.


Verify that the named service is configured to start at boot time on dom0.

4.

In this example, the service is configured to start at boot time.


On dom0, view the main BIND configuration file, /etc/named.conf.

This file lists location and characteristics of your domains zone files.
Notice that the zone file, /var/named/data/master-example.com, is defined.

5.

Notice that a reverse look-up zone file, /var/named/data/reverse-192.0.2, is


also defined.
On dom0, view the /var/named/data/master-example.com zone file.

6.

This file defines IPv4 addresses (A records) for the DNS server, the DNS domain,
and the three VM guest systems.
On dom0, view the /var/named/data/reverse-192.0.2 file.

7.

This file defines PTR records for reverse name resolution.


On host03, use the ping command to contact host01 and host02.

8.

You can successfully contact these systems by name, because /etc/hosts resolves
names to IP addresses.
On host03, use the vi editor to edit the /etc/hosts file and comment out the lines for the
VMs with a # sign as follows.
#192.0.2.101
host01.example.com
host01
#192.0.2.102
host02.example.com
host02
#192.0.2.103
host03.example.com
host03

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 8

Oracle Internal & Oracle Academy Use Only

Assumptions

9.

On host03, use the ping command to contact host01 and host02.

You cannot contact these systems by name now.


10. Use the vi editor to change the /etc/resolv.conf file on host03 as follows.
search example.com
nameserver 192.0.2.1
11. On host03, use the ping command to contact host01 and host02.

You can successfully contact these systems by name, because DNS resolves names
to IP addresses.

The nameserver, 192.0.2.1, for the example.com domain, stores the zone files that
provide resolution.
12. On host03, update the name service switch configuration file, /etc/nsswitch.conf, to
query the DNS server before querying /etc/hosts when resolving names to IP
addresses.
hosts: files dns (old entry)
hosts: dns files (new entry)
13. On host03, use the host command to perform DNS lookups.
a.
b.
c.

Query DNS for the nameserver for the example.com domain.


Query DNS for the IP address that corresponds to host01 system.
Perform a reverse lookup by querying DNS for the domain name that corresponds to IP
address 192.0.2.102.
14. On host03, use the vi editor to edit the /etc/hosts file and remove the comment (#
sign) from the entries previously commented out (in step 8) as follows.
192.0.2.101
host01.example.com
host01
192.0.2.102
host02.example.com
host02
192.0.2.103
host03.example.com
host03

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 9

Oracle Internal & Oracle Academy Use Only

Solution 15-3: DNS Configuration


1.

Use the rpm command to verify that the bind package is installed on dom0.

2.

[dom0]# rpm qa | grep bind


ypbind-...
bind-utils-...
bind-...
bind-libs-...
In this example, the package is installed.
Use the service command to verify that the named service is started on dom0.

3.

4.

[dom0]# service named status


number of zones: 3
debug level: 0
...
named (pid ...) is running...
In this example, the service is running.
Use the chkconfig command to verify that the named service is configured to start at boot
time on dom0.
[dom0]# chkconfig named --list
mamed
0:off 1:off 2:on 3:on 4:on 5:on 6:off
In this example, the service is configured to start at boot time.
On dom0, view the main BIND configuration file, /etc/named.conf.

[dom0]# cat /etc/named.conf


...
directory /var/named;
...
zone example.com {
type master;
file data/master-example.com;
allow-update { key rndckey; };
notify yes;
};
...
zone 2.0.192.in-addr.arpa IN {
type master;
file data/reverse-192.0.2;
allow-update { key rndckey; };
notify yes;
};
...
This file lists location and characteristics of your domains zone files.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 10

Oracle Internal & Oracle Academy Use Only

Tasks

Notice that the zone file, /var/named/data/master-example.com, is defined.

5.

Notice that a reverse look-up zone file, /var/named/data/reverse-192.0.2, is


also defined.
On dom0, view the /var/named/data/master-example.com zone file.

6.

[dom0]# cat /var/named/data/master-example.com


...
dns
IN
A
192.0.2.1
example.com IN
A
192.0.2.1
host01
IN
A
192.0.2.101
host02
IN
A
192.0.2.102
host03
IN
A
192.0.2.103
...
This file defines IPv4 addresses (A records) for the DNS server, the DNS domain,
and the three VM guest systems.
On dom0, view the /var/named/data/reverse-192.0.2 file.

7.

[dom0]# cat /var/named/data/reverse-192.0.2


...
1
IN
PTR
dns.us.oracle.com.
101
IN
PTR
host01.example.com.
102
IN
PTR
host02.example.com.
103
IN
PTR
host03.example.com.
...
This file defines PTR records for reverse name resolution.
On host03, use the ping command to contact host01 and host02.

8.

[host03]# ping host01


PING host01.example.com (192.0.2.101) 56(84) bytes of data.
64 bytes from host01.example.com (192.0.2.101): icmp_seq=1...
...
CTRL-C
[host03]# ping host02
PING host02.example.com (192.0.2.102) 56(84) bytes of data.
64 bytes from host02.example.com (192.0.2.102): icmp_seq=1...
...
CTRL-C
You can successfully contact these systems by name, because /etc/hosts resolves
names to IP addresses.
On host03, use the vi editor to edit the /etc/hosts file and comment out the lines for the
VMs with a # sign as follows.
#192.0.2.101
host01.example.com
host01
#192.0.2.102
host02.example.com
host02
#192.0.2.103
host03.example.com
host03

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 11

Oracle Internal & Oracle Academy Use Only

9.

On host03, use the ping command to contact host01 and host02.

[host03]# ping host01


ping: unknown host host01
[host03]# ping host02
ping: unknown host host01
You cannot contact these systems by name now.
10. Use the vi editor to change the /etc/resolv.conf file on host03 as follows.
[host03]# vi /etc/resolv.conf
search example.com
nameserver 192.0.2.1
[host03]# ping host01
PING host01.example.com (192.0.2.101) 56(84) bytes of data.
64 bytes from host01.example.com (192.0.2.101): icmp_seq=1...
...
CTRL-C
[host03]# ping host02
PING host02.example.com (192.0.2.102) 56(84) bytes of data.
64 bytes from host01.example.com (192.0.2.102): icmp_seq=1...
...
CTRL-C
You can successfully contact these systems by name, because DNS resolves names
to IP addresses.
The nameserver, 192.0.2.1, for the example.com domain, stores the zone files that
provide resolution.
12. On host03, update the name service switch configuration file, /etc/nsswitch.conf, to
query the DNS server before querying /etc/hosts when resolving names to IP
addresses.
[host03]# vi /etc/nsswitch.conf
...
hosts:
files dns (old entry)
hosts:
dns files (new entry)
...
13. On host03, use the host command to perform DNS lookups.
a.

Query DNS for the nameserver for the example.com domain.


[host03]# host t NS example.com
example.com name server dns.example.com.

b.

Query DNS for the IP address that corresponds to host01 system.


[host03]# host host01
host01.example.com has address 192.0.2.101

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 12

Oracle Internal & Oracle Academy Use Only

11. On host03, use the ping command to contact host01 and host02.

c.

Perform a reverse lookup by querying DNS for the domain name that corresponds to IP
address 192.0.2.102.
[host03]# host 192.0.2.102
102.2.0.192.in-addr-arpa domain name pointer host02.example.com

Oracle Internal & Oracle Academy Use Only

14. On host03, use the vi editor to edit the /etc/hosts file and remove the comment (#
sign) from the entries previously commented out (in step 8) as follows.
192.0.2.101
host01.example.com
host01
192.0.2.102
host02.example.com
host02
192.0.2.103
host03.example.com
host03

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 13

Practice 15-4: Accessing the Public Yum Repository


Overview
In this practice, you configure your system to access the Public Yum Repository from host03
VM. You then download the Oracle Linux 6 repository and simulate upgrading your system (you
do not actually perform the upgrade).

Assumptions

You are the root user on host03 VM.

You are the root user on dom0.

1.

2.

3.

From dom0, view the /etc/resolv.conf file.


a. Record the entries. You update /etc/resolv.conf on host03 with these entries.
search us.oracle.com
nameserver 152.68.154.3
nameserver 10.216.106.3
nameserver 193.32.3.252
This is sample output only; your system may be different.
On host03, include the search domain and the nameserver entries in the dom0
/etc/resolv.conf file to the /etc/resolv.conf file on host03.
search example.com us.oracle.com #(added us.oracle.com)
nameserver 192.0.2.1
nameserver 152.68.154.3
#(added this nameserver)
nameserver 10.216.106.3
#(added this nameserver)
nameserver 193.32.3.252
#(added this nameserver)
This is sample listing only, your system may be different.
Determine the HTTP Proxy server on dom0.
a. On dom0, open the Firefox web browser by double-clicking the icon on the desktop.
b. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
c. Click the Advanced menu option in the Firefox Preferences window, and then select
the Network tab.
d. Click the Settings button.
e. Record the HTTP Proxy setting.

In this example, the setting is ges-proxy.us.oracle.com on Port 80.


f. Click Cancel to close the Connection Settings window.
g. Click Close to close the Firefox Preferences window.
h. Click File > Quit to close the browser on dom0.
All remaining commands are issued from host03 VM.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 14

Oracle Internal & Oracle Academy Use Only

Tasks

4.

Set the HTTP Proxy in Firefox to the setting configured on dom0.

5.

6.

In this example, the HTTP Proxy is ges-proxy.us.oracle.com; yours may be


different.
a. On the GNOME menu bar, click the icon to the right of the System menu option to start
Firefox.
The browser appears.
b. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
c. Click the Advanced menu option, and then select the Network tab.
d. Click the Settings tab and enter the following settings:
1) Click Manual proxy configuration.
2) Set HTTP Proxy to ges-proxy.us.oracle.com on Port 80 (or whatever was
set on dom0).
3) Select Use this proxy server for all protocols.
e. Click OK.
f. Click Close in the Firefox Preferences window.
Access the Oracle Public Yum Server.
a. From a browser, enter the URL for the Public Yum Server, http://publicyum.oracle.com.
b. Scroll down to see the instructions for Oracle Linux 6, which are:
cd /etc/yum.repos.d
wget http://public-yum.oracle.com/public-yum-ol6.repo
c. Close the browser by selecting File > Quit.
From the command line, use the export command to set both http_proxy and
HTTP_PROXY to the HTTP Proxy as obtained from dom0.

7.

This example uses ges-proxy.us.oracle.com as the proxy; your proxy may be


different.
# export http_proxy=http://ges-proxy.us.oracle.com:80
# export HTTP_PROXY=http://ges-proxy.us.oracle.com:80

Use the yum repolist command to list the configured repositories.

8.

Notice that you only have one repository, which is the local repository that you created
earlier.
Download the yum repo file and enable the latest Oracle Linux 6 and UEK repositories.
a.

b.

Change to the yum repository directory, /etc/yum.repos.d, and then display the
directory contents.
Notice that you do not have the public-yum-ol6.repo file in this directory.
Use the wget command to download the public-yum-ol6.repo file.
1)

If the wget command fails, use the vi editor to add the following entries to the
/etc/profile file, and then reboot host03 VM. Your VNC connection closes,
so you need to log back in to host03 as Oracle Student (password is oracle),
open a terminal window, and su - to root (password is 0rancle).

This example uses ges-proxy.us.oracle.com as the proxy; your proxy


may be different.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 15

Oracle Internal & Oracle Academy Use Only

export
export
export
export

Display the /etc/yum.repos.d directory.

# ls /etc/yum.repos.d
iso.repo
packagekit-mdeia.repo
public-yum-ol6.repo
Notice the new public-yum-ol6.repo file.
9. To upgrade your system to the latest Oracle Linux 6 version and latest UEK versions,
enable the [ol6_latest] and [ol6_UEK_latest] repositories, and disable all other
repositories.
a. Use the vi editor to edit the public-yum-ol6.repo file and change enabled=0 to
enabled=1 for [ol6_latest] and [ol6_UEK_latest].
10. Run the yum repolist command to list the configured repositories.

Notice that you now have ol6_latest and the ol6_UEK_latest included in the
output.
11. Run the yum update command to display available updates. Do not apply updates!
You should see that a number of new packages are available to be installed.
You should also a number of packages with updates available.
Do not update at this time. It takes a couple of hours to update.
12. Disable all repositories in the public-yum-ol6.repo file.
a.

Use the vi editor to edit the public-yum-ol6.repo file and change enabled=0 for
ALL repositories.
13. Run the command yum clean all, and then run yum repolist.

You should now only have one repository, Myrepo.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 16

Oracle Internal & Oracle Academy Use Only

c.

HTTP_PROXY=http://ges-proxy.us.oracle.com:80
FTP_PROXY=http://ges-proxy.us.oracle.com:80
http_proxy=http://ges-proxy.us.oracle.com:80
ftp_proxy=http://ges-proxy.us.oracle.com:80

Solution 15-4: Accessing the Public Yum Repository


Tasks

2.

From dom0, use the cat command to view the /etc/resolv.conf file.
[dom0]# cat /etc/resolv.conf
search us.oracle.com
nameserver 152.68.154.3
nameserver 10.216.106.3
nameserver 193.32.3.252
This is sample output only; your system may be different.
On host03, use the vi editor to include the search domain and the nameserver entries in
the dom0 /etc/resolv.conf file to the /etc/resolv.conf file on host03 as follows.
# vi /etc/resolv.conf
search example.com us.oracle.com
nameserver 192.0.2.1
nameserver 152.68.154.3
nameserver 10.216.106.3
nameserver 193.32.3.252

3.

#(added us.oracle.com)
#(added this nameserver)
#(added this nameserver)
#(added this nameserver)

Determine the HTTP Proxy server on dom0.


a. On dom0, open Firefox by double-clicking the Firefox icon on the desktop.

b.
c.

From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
Click the Advanced menu option on the Firefox Preferences window, and then select
the Network tab.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 17

Oracle Internal & Oracle Academy Use Only

1.

Click the Settings button. The Connection Settings window appears.

e.

Note the HTTP Proxy setting.

In this example, the setting is ges-proxy.us.oracle.com on Port 80.


f. Click Cancel to close the Connection Settings window.
g. Click Close to close the Firefox Preferences window.
h. Click File > Quit to close the browser on dom0.
All remaining commands are issued from host03 VM.
4. Set the HTTP Proxy in Firefox to the setting configured on dom0.

In this example, the HTTP Proxy is ges-proxy.us.oracle.com; yours may be


different.
On the GNOME menu bar, click the icon to the right of the System menu option to start
the Firefox web browser.

a.

b.
c.

The browser appears.


From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
Click the Advanced menu option and then select the Network tab.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 18

Oracle Internal & Oracle Academy Use Only

d.

d.

Click the Settings tab and enter the following settings:


1) Click Manual proxy configuration.
2) Set HTTP Proxy to ges-proxy.us.oracle.com on Port 80 (or whatever was
set on dom0).
3) Select Use this proxy server for all protocols.
The Connection Settings window should look like the following (substituting
the HTTP Proxy settings from dom0):

Oracle Internal & Oracle Academy Use Only

5.

e. Click OK.
f. Click Close in the Firefox Preferences window.
Access the Oracle Public Yum Server.
a. From a browser, enter the URL for the Public Yum Server, http://publicyum.oracle.com.

The page looks like the following:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 19

6.

Scroll down to see the instructions for Oracle Linux 6, which are:
cd /etc/yum.repos.d
wget http://public-yum.oracle.com/public-yum-ol6.repo
c. Close the browser by selecting File > Quit.
From the command line, use the export command to set both http_proxy and
HTTP_PROXY to the HTTP Proxy as obtained from dom0.

7.

8.

This example uses ges-proxy.us.oracle.com as the proxy; your proxy may be


different.
# export http_proxy=http://ges-proxy.us.oracle.com:80
# export HTTP_PROXY=http://ges-proxy.us.oracle.com:80

Use the yum repolist command to list the configured repositories.


# yum repolist
repo id
repo name
status
Myrepo
Oracle Linux
21,504
Repolist: 21,504
Notice that you only have one repository, which is the local repository that you created
earlier.
Download the yum repo file and enable the latest Oracle Linux 6 and UEK repositories.
a. Use the cd command to change to the yum repository directory, /etc/yum.repos.d,
and then use the ls command to display the directory contents.
# cd /etc/yum.repos.d
# ls
iso.repo
packagekit-media.repo
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 20

Oracle Internal & Oracle Academy Use Only

b.


b.

Notice that you do not have the public-yum-ol6.repo file in this directory.
Use the wget command to download the public-yum-ol6.repo file.

1)

If the wget command fails, use the vi editor to add the following entries to the
/etc/profile file, and then reboot host03 VM. Your VNC connection closes,
so you need to log back in to host03 as Oracle Student (password is oracle),
open a terminal window, and su - to root (password is 0racle).

This example uses ges-proxy.us.oracle.com as the proxy; your proxy


may be different.

# vi /etc/profile
export HTTP_PROXY=http://ges-proxy.us.oracle.com:80
export FTP_PROXY=http://ges-proxy.us.oracle.com:80
export http_proxy=http://ges-proxy.us.oracle.com:80
export ftp_proxy=http://ges-proxy.us.oracle.com:80
Save your changes
# reboot
...
c.

9.

Use the ls command to display the /etc/yum.repos.d directory.

# ls /etc/yum.repos.d
iso.repo
packagekit-mdeia.repo
public-yum-ol6.repo
Notice the new public-yum-ol6.repo file.
To upgrade your system to the latest Oracle Linux 6 version and latest UEK versions,
enable the [ol6_latest] and [ol6_UEK_latest] repositories, and disable all other
repositories.
a. Use the vi editor to edit the public-yum-ol6.repo file and change enabled=0 to
enabled=1 for [ol6_latest] and [ol6_UEK_latest].
# cd /etc/yum.repos.d
# vi public-yum-ol6.repo
...
[ol6_latest]
enabled=1

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 21

Oracle Internal & Oracle Academy Use Only

# wget http://public-yum.oracle.com/public-yum-ol6.repo
...
Resolving ges-proxy.us.oracle.com...
Connecting to ges-proxy.us.oracle.com...
Proxy request sent, awaiting response... 200 OK
Length: 1461 (1.4K) [test/plain]
Saving to: public-yum-ol6.repo
100%[================================>] 1,461 --.-K/s in 0s
... public-yum-ol6.repo saved [1461/1461]

[ol6_ga_base]
enabled=0
[ol6_u1_base]
enabled=0
[ol6_u2_base]
enabled=0

[ol6_UEK_latest]
enabled=1
[ol6_UEK_base]
enabled=0
10. Run the yum repolist command to list the configured repositories.
# yum repolist
...
repo id
Repo name
status
Myrepo ...
ol6_UEK_latest ...
ol6_latest ...
Notice that you now have ol6_latest and ol6_UEK_latest included in the output.
11. Run the yum update command to display available updates. Do not apply updates!

# yum update
...
Transaction Summary
========================================================
Install ...
Upgrade ...
Total download size: ...
Is this ok [y/N]: n
Exiting on user Command
You should see that a number of new packages are available to be installed.

You should also a number of packages with updates available.


Do not update at this time. It takes a couple of hours to update.
12. Disable all repositories in the public-yum-ol6.repo file.
a. Use the vi editor to edit the public-yum-ol6.repo file and change enabled=0 for
ALL repositories.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 22

Oracle Internal & Oracle Academy Use Only

[ol6_u3_base]
enabled=0

13. Run the command yum clean all, and then run yum repolist.

status

Oracle Internal & Oracle Academy Use Only

# yum clean all


...
# yum repolist
...
repo id
Repo name
Myrepo ...
You should now only have one repository, Myrepo.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 23

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 15: Network Addressing and Name Services


Chapter 15 - Page 24

Chapter 16

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 16: File


Sharing

Practices for Lesson 16


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you:


Configure an NFS server and client and mount an exported file system
Use auto-mounter to mount the virtual CD drive
Configure and use an FTP server

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 2

Practice 16-1: Configuring an NFS Server and an NFS Client


Overview
In this practice, you:
Export a file system from host03 VM and mount it on host01 VM
Ensure that the required package is installed and that services are running
Use various NFS-related commands and files to share file systems using NFS

You completed Practice 12-2 (Partitioning a Storage Device).


You completed Practice 12-3 (Creating ext File Systems).
This practice is performed on host01 and on host03 VMs.

Open a terminal window on each system.


Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

Verify that the nfs-utils package is installed on host03.

2.

3.

In this example, the package is already installed along with the nfs-utils-lib
package.
Edit /etc/exports on host03 to add an entry to export /Dev to all client systems, as
follows.
/Dev *
Verify that the required services are started on host03.
a. Verify that the rpcbind service is started.
b.

In this example, the rpcbind service is running.


Verify that the nfs service is started.

c.
d.

In this example, the services are not running and must be started.
Start the nfs service and associated services.
Verify that the nfslock service is started.

4.

In this example, the service is running.


Configure the rpcbind, nfs, and nfslock services to start at boot time.

5.

Use the showmount command on host03 to display exported file systems.

If the exported file system is not listed, restart the nfs service.

Whenever a new entry is made to /etc/exports, restart the nfs service.

6.

Use the exportfs command on host03 to export /Test to all clients and allow read-write
permission. Include the option to ignore /etc/exports entries.

7.

Use the showmount command on host03 to display exported file systems.

Notice that both exported file systems are listed.


You do not need to restart the nfs service when using exportfs.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

8.

View the contents of /var/lib/nfs/etab on host03.

Notice that both exported file systems are listed in this master export table.

9.

The rpc.mountd process reads this file when a client attempts to mount an NFS file
system.
Edit /etc/exports on host03 and change the entry exporting /Dev to the following:
/Dev *(rw,no_root_squash)

10. Run the exportfs r command on host03.

This command re-exports the entries in /etc/exports and synchronizes


/var/lib/nfs/etab with /etc/exports.

Notice the new options on the /Dev NFS share.

Also notice that /Test is no longer listed.

12. Use the showmount command on host03 to display exported file systems.
This confirms that the /Test file system is no longer exported.
13. Mount the exported /Dev file system on host01.
a.

Create a mountpoint named /remote_dev on host01.

b.

Mount the exported file system from host03, /Dev, with ro and nosuid options on the
local mountpoint, /remote_dev.

c.

d.

In this example, the mount command failed.


If the mount command failed, disable the firewall on host03 by running the following
command.
[host03]# service iptables stop
iptables: Firewall is not running.
Firewalls, the iptables command, and other system security related issues are
covered in Lesson 20, Security Administration.
You can allow NFS connectivity without disabling the entire firewall, which is
covered in Lesson 20.
For purposes of this practice, simple stop the iptables service on host03 to allow
the host01 to mount the exported file system from host03.
Re-issue the mount command from host01, if it is necessary to mount the NFS share.

In this example, the mount command was successful.


14. Verify that the NFS file system is mounted.
a. On host01, use the df command to display the mounted file systems.

b.

Notice that the host03:/Dev file system is mounted on the local file system
/remote_dev.
Use the ls command to list the contents of /remote_dev on host01.

c.

Use the ls command to list the contents of /Dev on host03.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 4

Oracle Internal & Oracle Academy Use Only

11. View the contents of /var/lib/nfs/etab on host03.

Solution 16-1: Configuring an NFS Server and an NFS Client


Tasks

2.

3.

Use the rpm command to verify that the nfs-utils package is installed on host03.
[host03]# rpm qa | grep nfs-utils
nfs-utils-lib-...
nfs-utils-...
In this example, the package is already installed along with the nfs-utils-lib
package.
Use the vi editor and edit /etc/exports on host03 to add an entry to export /Dev to all
client systems, as follows.
/Dev *
Use the service command to verify that the required services are started on host03.
a.

Verify that the rpcbind service is started.

[host03]# service rpcbind status


rpcbind (pid ...) is running...
In this example, the rpcbind service is running.
b. Verify that the nfs service is started.
[host03]# service nfs status
rpc.svcgssd is stopped
rpc.mountd is stopped
nfsd is stopped
rpc.rquotad is stopped
In this example, the services are not running and must be started.
c. Start the nfs service and associated services.
[host03]# service nfs start
Starting NFS services: exportfs: No options for /Dev *:...
Starting NFS quotas:
[ OK ]
Starting NFS daemon:
[ OK ]
Starting NFS mountd:
[ OK ]
d.

4.

Verify that the nfslock service is started.

[host03]# service nfslock status


rpc.statd (pid ...) is running...
In this example, the service is running.
Use the chkconfig command to configure the services to start at boot time.
[host03]# chkconfig rpcbind on
[host03]# chkconfig nfs on
[host03]# chkconfig nfslock on

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 5

Oracle Internal & Oracle Academy Use Only

1.

5.

Use the showmount command on host03 to display exported file systems.

6.

[host03]# showmount -e
Export list for host03.example.com:
/Dev *
If the exported file system is not listed, restart the nfs service.

Whenever a new entry is made to /etc/exports, restart the nfs service.


Use the exportfs command on host03 to export /Test to all clients and allow read-write
permission. Include the option to ignore /etc/exports entries.

7.

Use the showmount command on host03 to display exported file systems.

8.

[host03]# showmount -e
Export list for host03.example.com:
/Dev *
/Test *
Notice that both exported file systems are listed.
You do not need to restart the nfs service when using exportfs.
Use the cat command to view the contents of /var/lib/nfs/etab on host03.

9.

[host03]# cat /var/lib/nfs/etab


/Dev *(ro,sync,wdelay,hide,nocrossmnt,secure,root_squash,...
/Test *(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,...
Notice that both exported file systems are listed in this master export table.
The rpc.mountd process reads this file when a client attempts to mount an NFS file
system.
Use the vi editor to edit /etc/exports on host03 and change the entry exporting /Dev
to the following:
/Dev *(rw,no_root_squash)

10. Run the exportfs r command on host03.

[host03]# exportfs -r
This command re-exports the entries in /etc/exports and synchronizes
/var/lib/nfs/etab with /etc/exports.

11. Use the cat command to view the contents of /var/lib/nfs/etab on host03.

[host03]# cat /var/lib/nfs/etab


/Dev *(rw,sync,wdelay,hide,nocrossmnt,secure,no_root_squash,
...
Notice the new options on the /Dev NFS share.

Also notice that /Test is no longer listed.

12. Use the showmount command on host03 to display exported file systems.

[host03]# showmount -e
Export list for host03.example.com:
/Dev *
This confirms that the /Test file system is no longer exported.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 6

Oracle Internal & Oracle Academy Use Only

[host03]# exportfs i o rw *:/Test

13. Mount the exported /Dev file system on host01.


a. Use the mkdir command to create a mountpoint named /remote_dev on host01.
[host01]# mkdir /remote_dev
b.

Use the mount command to mount the exported file system from host03, /Dev, with
ro and nosuid options on the local mountpoint, /remote_dev.

[host03]# service iptables stop


iptables: Firewall is not running.
Firewalls, the iptables command, and other system security related issues are
covered in Lesson 20, Security Administration.
You can allow NFS connectivity without disabling the entire firewall, which is
covered in Lesson 20.
For purposes of this practice, simple stop the iptables service on host03 to allow
the host01 to mount the exported file system from host03.
d. Re-issue the mount command from host01, if it is necessary to mount the NFS share.
[host01]# mount t nfs o ro,nosuid host03:/Dev /remote_dev
In this example, the mount command was successful.
14. Verify that NFS file system is mounted.
a. On host01, use the df command to display the mounted file systems.
[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
host03:/Dev 1008M
62M
896M
7% /remote_dev
Notice that the host03:/Dev file system is mounted on the local file system
/remote_dev.
b.

Use the ls command to list the contents of /remote_dev on host01.


[host01]# ls /remote_dev
initramfs-2.6.32-220.el6.x86_64.img
initramfs-2.6.32-300.3.1.el6uek.x86_64.img

c.

lost+found

Use the ls command to list the contents of /Dev on host03.


[host03]# ls /Dev
initramfs-2.6.32-220.el6.x86_64.img
initramfs-2.6.32-300.3.1.el6uek.x86_64.img

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 7

lost+found

Oracle Internal & Oracle Academy Use Only

[host01]# mount t nfs o ro,nosuid host03:/Dev /remote_dev


mount.nfs: mount system call failed
In this example, the mount command failed.
c. If the mount command failed, disable the firewall on host03 by running the following
command.

Practice 16-2: Using Auto-Mounter


Overview
In this practice, you:
Use auto-mounter to mount the virtual CD drive
Use the hosts map to auto-mount all exports from host03
In Lesson 18 you have another practice in which you auto-mount a user home directory.

This practice is performed on host01 VM, but you are asked to run a single command
from dom0.

Open a terminal window on each system.

Log in as the root user on each system.

The prompts in the solution section include either dom0 or host01 to indicate which
system to enter the command from.

Tasks
1.

From dom0, search for the string cd in the vm.cfg file for host01,
/OVS/running_pool/host01/vm.cfg.

Notice that the dvd.iso image of Oracle Linux 6.2 is on the virtual cdrom drive.
All remaining commands are run from host01 VM.
2. Verify that the autofs package is installed.
3.

In this example, the package is already installed.


Verify that the autofs service is running.

4.

In this example, the service is already running.


Search for the string misc in the /etc/auto.master master map file.

Notice that the /misc mount point is associated with the /etc/auto.misc map file.

5.

Search for the string cd in the /etc/auto.misc file.

6.

Notice that the cd mount point is associated with the /dev/cdrom device.
Display the mounted file systems.

7.

8.

Notice that the cdrom is not mounted.

Use the ls /misc/cd command, combining the /misc mountpoint from


/etc/auto.master with the cd mountpoint from /etc/auto.misc.
Notice that this is the contents of the Oracle Linux 6.2 dvd-iso image.
Display the mounted file systems.

9.

Notice that the cdrom was auto-mounted simply by accessing it with the ls
command.
Search for the string net in the /etc/auto.master master map file.

Notice that the /net mount point is associated with the -hosts map.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 8

Oracle Internal & Oracle Academy Use Only

Assumptions

Oracle Internal & Oracle Academy Use Only

10. Change to the /net/hosts03 directory to auto-mount all exports from host03. List the
contents of the directory.
Notice that the /net/host03 directory contains the exported file system from host03,
/Dev.
11. List the contents of /net/host03/Dev on host01.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 9

Solution 16-2: Using Auto-Mounter


Tasks
1.

From dom0, use the grep command to search for cd in the vm.cfg file for host01.

3.

[host01]# rpm qa autofs


autofs-...
In this example, the package is already installed.
Use the service command to verify that the autofs service is running.

4.

[host01]# service autofs status


automount (pid ...) is running...
In this example, the service is already running.
Use the grep command to search for misc in the /etc/auto.master master map file.

5.

[host01]# grep misc /etc/auto.master


/misc
/etc/auto.misc
...
Notice that the /misc mount point is associated with the /etc/auto.misc map file.
Use the grep command to search for cd in the /etc/auto.misc file.

6.

Use the df command to display the mounted file systems.

7.

# grep cd /etc/auto.misc
cd
-fstype=iso9600,ro,nosuid,nodev
:/dev/cdrom
Notice that the cd mount point is associated with the /dev/cdrom device.
[host01]# df h
Filesystem
Size Used Avail
/dev/xvda2
5.8G 1.8G
3.8G
...
Notice that the cdrom is not mounted.

Use%
32%

Mounted on
/

Use the ls /misc/cd command, combining the /misc mountpoint from


/etc/auto.master with the cd mountpoint from /etc/auto.misc.

# ls /misc/cd
ls
EFI
media.repo
RELEASE-NOTES-x86-en.html
EULA
Packages
repodata
eula.en_US README-en
ResilientStorage
...
Notice that this is the contents of the Oracle Linux 6.2 dvd-iso image.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 10

Oracle Internal & Oracle Academy Use Only

[dom0]# grep cd /OVS/running_pool/host01/vm.cfg


file:/OVS/seed_pool/OracleLinux-R6-U2-Server-x86_64dvd.iso,hdc:cdrom,r]
Notice that the dvd.iso image of Oracle Linux 6.2 is on the virtual cdrom drive.
All remaining commands are run from host01 VM.
2. Use the rpm command to verify that the autofs package is installed.

Use the df command to display the mounted file systems.

9.

[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
/dev/sr0
3.4G 3.4G
0 100% /misc/cd
Notice that the cdrom was auto-mounted simply by accessing it with the ls
command.
Use the grep command to search for net in the /etc/auto.master master map file.

[host01]# grep net /etc/auto.master


/net
-hosts
...
Notice that the /net mount point is associated with the -hosts map.

10. Use the cd command to change to the /net/hosts03 directory to auto-mount all exports
from host03. Use the ls command to list the contents of the directory.
[host01]# cd /net/host03
[host01]# ls
Dev
Notice that the /net/host03 directory contains the exported file system from host03,
/Dev.
11. Use the ls command to list the contents of /net/host03/Dev on host01.
[host01]# ls /net/host03/Dev
initramfs-2.6.32-220.el6.x86_64.img
initramfs-2.6.32-300.3.1.el6uek.x86_64.img

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 11

lost+found

Oracle Internal & Oracle Academy Use Only

8.

Practice 16-3: Configuring an FTP Server


Overview
In this practice, you:

Install the vsftpd server package on host03 and start the service

Install the ftp (client) package and test the setup

Assumptions

You completed Practice 6-3 (Creating a Local Yum Repository).

You are the root user on host03 VM.

1.

Install the vsftpd package on host03.

2.

Start the vsftpd service.

3.
4.
5.

Configure vsftpd to start at boot time.


Install the ftp (client) package on host03.
Test the setup.
a. Use the ftp command to connect to localhost and log in as anonymous.
a.
b.

6.
7.

8.

Use any password.


After connecting, run the ls command to display the contents of /var/ftp.
Conclude the test by running the quit command to exit.

Notice that the contents of /var/ftp is a pub directory for anonymous users.
Display the ftp user information in /etc/passwd.
In this example, the home directory of the ftp user is /var/ftp.
Ensure that the permissions on the home directory are set to 755. Change the settings, if
necessary.
In this example, the permissions are correct.
Copy the /root/install.log file to /var/ftp/pub and rename it test_file.

This file is used in the next practice.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 12

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 16-3: Configuring an FTP Server


Tasks
1.

Use the yum command to install the vsftpd package on host03.


# yum install vsftpd
...

2.

Use the service command to start the vsftpd service.


# service vsftpd start
Starting vsftpd for vsftpd:

3.

OK

Use the chkconfig command to configure vsftpd to start at boot time.

4.

Use the yum command to install the ftp (client) package on host03.
# yum install ftp
...

5.

Test the setup.


a. Use the ftp command to connect to localhost and log in as anonymous.
b.
c.

6.

Use any password.


After connecting, run the ls command to display the contents of /var/ftp.
Conclude the test by running the quit command to exit.

# ftp localhost
Connected to localhost (127.0.0.1).
220 (vsFTPd 2.2.2)
Name (localhost:oracle): anonymous
331 Please specify the password.
Password: your_email_address
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (127,0,0,1,106,79).
150 Here comes the directory listing.
drwxr-xr-x 2 0
0
4096 Mar 09 2011 pub
226 Directory send OK.
ftp> quit
221 Goodbye.
Notice that the contents of /var/ftp is a pub directory for anonymous users.
Use the grep command to display the ftp user information in /etc/passwd.
# grep ftp /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
In this example, the home directory of the ftp user is /var/ftp.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 13

Oracle Internal & Oracle Academy Use Only

# chkconfig vsftpd on

7.

8.

Ensure that the permissions on the home directory are set to 755. Change the settings if
necessary.
# ls ld /var/ftp
drwxr-xr-x 3 root root 4096 Mar 10 11:01 /var/ftp
In this example, the permissions are correct.
Copy the /root/install.log file to /var/ftp/pub and rename it test_file.

Oracle Internal & Oracle Academy Use Only

# cp /root/install.log /var/ftp/pub/test_file
This file is used in the next practice.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 14

Practice 16-4: Downloading a File from an FTP Server


Overview
In this practice, you install the ftp package on host01 VM and download a file from the FTP
server on host03.

Assumptions

You are the root user on host01 VM.

1.
2.
3.

From host01, use the cd /misc/cd command to auto-mount the virtual cdrom, which
contains Oracle Linux dvd.iso image.
Change to the Packages directory.
Display the ftp package name.

4.

This is an example only; your version may be different.


Use the rpm command to install the ftp (client) package name displayed in step 3.

5.
6.
7.

The ftp package may already be installed on your system.


Change to your home directory.
Use the ftp utility to connect to the FTP server, host03, as anonymous user.
Enter help or ? to display a list of available commands.

8.

Get help on some of the available commands.

9.

Change to the pub directory.

10. List the contents of the /var/ftp/pub directory on the FTP server.
Notice that the test_file exists in the pub directory on the FTP server.
11. List the contents of the local directory on host01.
12. Download the test_file file from the FTP server.
13. List the contents of the local directory on host01.
Notice that the test_file exists in the local directory on host01.
14. Exit ftp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 15

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 16-4: Downloading a File from an FTP Server


Tasks
1.

From host01, use the cd /misc/cd command to auto-mount the virtual cdrom, which
contains Oracle Linux dvd.iso image.
[host01]# cd /misc/cd

2.

Use the cd command to change to the Packages directory.

3.

Use the ls command to display the ftp package name.

4.

[host01]# ls ftp*
ftp-0.17-51.1.el6.x86_64.rpm
This is an example only; your version may be different.
Use the rpm command to install the ftp (client) package name displayed in step 3.

5.

[host01]# rpm Uvh ftp-0.17-51.1.el6.x86_64.rpm


...
The ftp package may already be installed on your system.
Use the cd command to change back to your home directory.
[host01]# cd
[host01]# pwd
/root

6.

Use the ftp utility to connect to the FTP server, host03, as anonymous user.
[host01]# ftp host03
Connected to localhost (192.0.2.103).
220 (vsFTPd 2.2.2)
Name (host03:root): anonymous
331 Please specify the password.
Password: your_email_address
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

7.

Enter help or ? to display a list of available commands.


ftp> help
...

8.

Get help on some of the available commands, for example:


ftp> help get
get
receive file
ftp> help put
put
send one file
ftp> help mget
mget
get multiple files
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 16

Oracle Internal & Oracle Academy Use Only

[host01]# cd Packages

9.

Use the cd command to change to the pub directory.

10. Use the ls command to list the contents of the /var/ftp/pub directory on the FTP
server.
ftp> ls
227 Entering Passive Mode (192,0,2,103,26,76).
150 Here comes the directory list.
-rw-r--r-1 0
0
50204 May 22 22:51 test_file
226 Directory send OK.
Notice that the test_file exists in the pub directory on the FTP server.
11. Use the !ls command to list the contents of the local directory on host01.
ftp> !ls
anaconda-ks.cfg
...

install.log

12. Use the get command to download the test_file file from the FTP server.
ftp> get test_file
local: test_file remote: test_file
227 Entering Passive Mode (192,0,2,103,79,51).
150 Opening BINARY mode data connection for test_file ...
226 Transfer complete.
50204 bytes received in ...
13. Use the !ls command to list the contents of the local directory on host01.
ftp> !ls
anaconda-ks.cfg
install.log
test_file
...
Notice that the test_file exists in the local directory on host01.
14. Use the quit command to exit ftp.
ftp> quit
221 Goodbye.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 17

Oracle Internal & Oracle Academy Use Only

ftp> cd pub
Directory successfully changed.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 16: File Sharing


Chapter 16 - Page 18

Chapter 17

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 17:


OpenSSH

Practices for Lesson 17


Practices Overview
In these practices, you do the following:

You use the ssh-keygen utility to generate keys enabling connectivity without
supplying a password.
After configuring OpenSSH to transfer files, you transfer the Unbreakable Enterprise
Kernel Release 2 kernel files provided on dom0 and install the new kernel.

Oracle Internal & Oracle Academy Use Only

You verify that the OpenSSH packages are installed and that the sshd service is
running.
You use the ssh, scp, and sftp utilities.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 2

Practice 17-1: Connecting to a Remote Server by Using ssh


Overview
In this practice, you verify that the OpenSSH packages are installed, verify that the sshd
service is started on the server, and use the ssh utility to establish a connection and execute a
command on a remote system.

This practice is performed on host01 and on host03 VMs.

Open a terminal window on each system.

Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

On host03, verify that the openssh packages are installed.

2.

In this example, the packages are already installed.


Verify that the sshd service is started on host03.

3.

In this example, the service is running.


Verify that the sshd service is configured to start at boot time on host03.

4.

In this example, the service is configured to start at boot time.


On host01, verify that the openssh packages are installed.

5.
6.
7.

In this example, the packages are already installed.


On host01, create the oracle user. Assign a password of oracle. Ignore the too simple
warning.
Log off as root on host01. Log back on as user oracle.
Display a long listing of all files in the home directory of user oracle.

Notice that there is no ~/.ssh directory.

8. Perform a remote login to host03 by using the ssh command.


9. Display the host name to confirm that you successfully logged on to host03.
10. Close the ssh connection to host03. Display the host name to confirm that you are back to
host01.
11. Display a long listing of all files in the home directory of user oracle.

Notice that there is now a ~/.ssh directory.

12. Change to the ~/.ssh directory, and then view the contents of the directory.
Notice that the known_hosts file was created.
13. View the contents of the known_hosts file.
Notice that host03 is now a known host.
14. Perform a remote login to host03 by using the ssh command.

Notice that you are not asked to confirm this time, because of the existence of the
known_hosts file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

15. Close the ssh connection to host03. Display the host name to confirm that you are back to
host01. Change back to the users home directory.
16. Log on to host03 as user root and run the ls command with a single ssh command.

Oracle Internal & Oracle Academy Use Only

Notice that the ls command ran on the remote system, and then the remote
connection closed.
17. Display the host name to confirm that you are back to host01.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 4

Solution 17-1: Connecting to a Remote Server by Using ssh


1.

On host03, use the rpm command to verify that the openssh packages are installed.

2.

[host03]# rpm qa | grep openssh


openssh-clients-...
openssh-server-...
openssh-...
In this example, the packages are already installed.
Use the service command to verify that the sshd service is started on host03.

3.

4.

5.

[host03]# service sshd status


openssh-daemon (pid ...) is running...
In this example, the service is running.
Use the chkconfig command to verify that the sshd service is configured to start at boot
time on host03.
[host03]# chkconfig sshd --list
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
In this example, the service is configured to start at boot time.
On host01, use the rpm command to verify that the openssh packages are installed.
[host01]# rpm qa | grep openssh
openssh-clients-...
openssh-server-...
openssh-...
In this example, the packages are already installed.
On host01, use the useradd and passwd commands to create the oracle user. Assign a
password of oracle. Ignore the BAD PASSWORD warning.
[host01]# useradd oracle
[host01]# passwd oracle
Changing password for user oracle.
New password: oracle
...
Retype new password: oracle
passwd: all authentication tokens updated successfully.

6.

Use the exit command to log off as root on host01. Log back on as user oracle.
[host01]# exit
host01 login: oracle
Password: oracle

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 5

Oracle Internal & Oracle Academy Use Only

Tasks

8.

Use the ls command to display a long listing of all files in the home directory of user
oracle.
[oracle@host01 ~]$ ls la
...
Notice that there is no ~/.ssh directory.
Perform a remote login to host03 by using the ssh command.
[oracle@host01 ~]$ ssh host03
The authenticity of host host03 (192.0.2.103) cant be
established. RSA key fingerprint is ...
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added host03,192.0,2,103 (RSA) to the
list of known hosts.
oracle@host03s password: oracle
[oracle@host03 ~]$

9.

Use the hostname command to display the host name to confirm that you successfully
logged on to host03.
[oracle@host03 ~]$ hostname
host03.example.com

10. Use the logout command to close the ssh connection to host03. Use the hostname
command to confirm that you are back to host01.
[oracle@host03 ~]$ logout
Connection to host03 closed.
[oracle@host01 ~]$ hostname
host01.example.com
11. Use the ls command to display a long listing of all files in the home directory of user
oracle.
[oracle@host01 ~]$ ls la
...
drwx------ 2 oracle oracle 4096 Mar 8 08:23 .ssh
Notice that there is now a ~/.ssh directory.
12. Use the cd command to change to the ~/.ssh directory, and then use ls to view the
contents of the directory.
[oracle@host01 ~]$ cd .ssh
[oracle@host01 .ssh]$ ls
known_hosts
Notice that the known_hosts file was created.
13. Use the cat command to view the contents of the known_hosts file.

[oracle@host01 .ssh]$ cat known_hosts


host03,192.0.2.103 ssh-rsa ...
Notice that host03 is now a known host.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 6

Oracle Internal & Oracle Academy Use Only

7.

[oracle@host01 .ssh]$ ssh host03


oracle@host03s password: oracle
Last login...
[oracle@host03 ~]$
Notice that you are not asked to confirm this time, because of the existence of the
known_hosts file.
15. Use the logout command to close the ssh connection to host03. Use the hostname
command to confirm that you are back to host01. Use the cd command to change back to
the users home directory.
[oracle@host03 ~]$ logout
Connection to host03 closed.
[oracle@host01 .ssh]$ hostname
host01.example.com
[oracle@host01 .ssh]$ cd
[oracle@host01 ~]$
16. Log on to host03 as user root and run the ls command with a single ssh command.
[oracle@host01 ~]$ ssh root@host03 ls
root@host03s password: 0racle
...
[oracle@host01 ~]$
Notice that the ls command ran on the remote system, and then the remote
connection closed.
17. Use the hostname command to confirm that you are back to host01.
[oracle@host01 ~]$ hostname
host01.example.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 7

Oracle Internal & Oracle Academy Use Only

14. Perform a remote login to host03 using the ssh command.

Practice 17-2: Configuring OpenSSH to Connect Without a Password


Overview
In this practice, you use the ssh-keygen command to generate an RSA key pair and configure
OpenSSH to connect to a remote system without supplying a password. You also use the scp
command in this practice.

This practice is performed on host01 and on host03 VMs.


Open a terminal window on each system.

Log in as the root user on host03.

Log in as the oracle user on host01.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

From host03, use the su command to become the oracle user.

2.

View the contents of the ~/.ssh directory.

3.
4.
5.

Notice that the directory is empty.


Use the ssh-keygen command to create the public and private parts of an RSA key.
Accept all the defaults.
View the contents of the ~/.ssh directory.
Notice that the ssh-keygen command generated two keys.
Use the scp command to copy ~/.ssh/id_rsa.pub on the local system (host03) to
~/.ssh/authorized_keys on the remote system (host01). Password is oracle.

6.

Because you are connecting to this OpenSSH server for the first time, you are asked to
confirm the connection.
Notice that a password is required to make the connection.
Notice that the file is copied but you are still connected to the local system (host03).
Perform a remote login to host01 by using the ssh command.

7.
8.

Notice that you no longer need to enter a password.


Confirm that you successfully logged on to host01.
View the contents of the ~/.ssh directory.

Notice the existence of the authorized_keys file, which allowed you to connect
without supplying a password.
9. Close the connection to host01. Confirm that you are back to host03.
10. Log out as oracle user and return to the root login. Confirm that you are logged on as
root.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 8

Oracle Internal & Oracle Academy Use Only

Assumptions

Solution 17-2: Configuring OpenSSH to Connect Without a Password


Tasks
1.

From host03, use the su command to become the oracle user.


[root@host03 ~]# su oracle
[oracle@host03 ~]$ whoami
oracle
[oracle@host03 ~]$ pwd
/home/oracle

3.

4.

Use the ls command to view the contents of the ~/.ssh directory.


[oracle@host03 ~]$ ls ~/.ssh
Notice that the directory is empty.
Use the ssh-keygen command to create the public and private parts of an RSA key.
Accept all the defaults.
[oracle@host03 ~]$ ssh-keygen t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
ENTER
Enter passphrase (empty for no passphrase): ENTER
Enter same passphrase again: ENTER
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:...
The keys randomart image is:...
Use the ls command to view the contents of the ~/.ssh directory.

5.

[oracle@host03 ~]$ ls ~/.ssh


id_rsa
id_rsa.pub
Notice that the ssh-keygen command generated two keys.

Use the scp command to copy ~/.ssh/id_rsa.pub on the local system (host03) to
~/.ssh/authorized_keys on the remote system (host01). Password is oracle.

[oracle@host03 ~]$ scp .ssh/id_rsa.pub


host01:~/.ssh/authorized_keys
The authenticity of host host01 (192.0.2.101) cant be
established. RSA key fingerprint is ...
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added host01,192.0,2,101 (RSA) to the
list of known hosts.
oracle@host01s password: oracle
id_rsa.pub
100% 407
0.4KB/s
00:00
[oracle@host03 ~]$
Because you are connecting to this OpenSSH server for the first time, you are asked to
confirm the connection.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 9

Oracle Internal & Oracle Academy Use Only

2.

6.

Notice that a password is required to make the connection.


Notice that the file is copied but you are still connected to the local system (host03).
Perform a remote login to host01 using the ssh command.

7.

[oracle@host03 ~]$ ssh host01


Last login:...
Notice that you no longer need to enter a password.
Use the hostname command to confirm that you successfully logged on to host01.
[oracle@host01 ~]$ hostname
host01.example.com

9.

Use the ls command to view the contents of the ~/.ssh directory.


[oracle@host01 ~]$ ls ~/.ssh
authorized_keys
known_hosts
Notice the existence of the authorized_keys file, which allowed you to connect
without supplying a password.
Use the logout command to close the connection to host01. Use the hostname
command to confirm that you are back to host03.
[oracle@host01 ~]$ logout
Connection to host01 closed.
[oracle@host03 ~]$ hostname
host03.example.com

10. Use the exit command to log out as oracle user and return to the root logon. Use the
whoami and pwd commands to confirm that you are logged on as root.
[oracle@host03 ~]$ exit
logout
[root@host03 ~]$ whoami
root
[root@host03 ~]$ pwd
/root

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 10

Oracle Internal & Oracle Academy Use Only

8.

Practice 17-3: Using the sftp Utility to Install a New Kernel


Overview
In this practice, you use the sftp command to copy a new Linux kernel from dom0. You then
install the new kernel.

This practice is performed on dom0 and on host03 VMs.

Open a terminal window on each system.

Log in as the root user on dom0.

Log in as the root user on host03.

The prompts in the solution section include either dom0 or host01 to indicate which
system to enter the command from.
The Unbreakable Enterprise Kernel Release 2 files reside in the
/OVS/seed_pool/sfws directory on dom0. Normally, you would obtain a new
release of the kernel from ULN. However, because you do not have access to ULN
from the classroom, the kernel files are provided for you.

Tasks
1.

2.
3.
4.

From dom0, change to the /OVS/seed_pool/sfws directory and view the kernel* files
in this directory.
The kernel-uek-firmware file is needed by the kernel-uek.
From dom0, use the sftp command to transfer the kernel* files to host03. Password is
0racle.
From host03, change to the root users home directory, /root, and use the ls command
to view the kernel* files in this directory.
Before installing the new kernel, obtain information about the existing kernels on host03.
a. View the GRUB configuration file, /boot/grub/grub.conf.
Your system currently has two bootable kernels:

Unbreakable Enterprise Kernel Release 1 (2.6.32300.3.1.el6uek.x86_64)

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

With default=0, the first kernel, 2.6.32-300.3.1.el6uek.x86_64) is running.


5.

b. Use the uname command to confirm the loaded kernel.


Use the rpm -i command to install the new kernel. When installing a new kernel, use the
-i option so as not to upgrade the current kernel.

6.
7.

Notice that the kernel-uek-firmware file is needed by the kernel-uek.

Use the rpm -i command to install the kernel-uek-firmware file. You can then install
the kernel-uek file.
After installing the new kernel, obtain information about the kernels on host03.
a. View the GRUB configuration file.
Notice that your system now has three bootable kernels:
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 11

Oracle Internal & Oracle Academy Use Only

Assumptions

Unbreakable Enterprise Kernel Release 1 (2.6.32300.3.1.el6uek.x86_64)

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

c.
d.

Use the ls /boot/init* command to view the initial RAM disk files.

Use the reboot command to boot host03 and load the new kernel.
After you reboot your system, your vnc session closes.
Connect to host03 guest using vncviewer.
a. Determine the vnc port number for host03 by running the xm list l host03 |
grep location command.

b.
c.

The example shown indicates that the port number is 5903. This may not be true in
your case.
Run the vncviewer& command.
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command, localhost:<port_number>, substituting the port number
displayed from the previous xm list command. For example, if the port number is
5903, enter localhost:5903, and click OK.

After connecting, the GNOME login window appears.


10. Log in from GNOME Desktop.
a. Select Oracle Student from the list of users.
b. Enter the password, oracle, for Oracle Student.
c. Click Log In.
d. After logging in, the GNOME desktop appears.
11. Open a terminal window and become root user.
a. Right-click the desktop to display the pop-up menu.
b. Click Open in Terminal to display a terminal window.
c. In the terminal window, enter the su command, and then enter root with password
0racle (leading zero) to become root.
12. Use the uname command to display the loaded kernel version.

Notice that the newly installed Unbreakable Enterprise Kernel Release 2 (2.6.39) is
loaded.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 12

Oracle Internal & Oracle Academy Use Only

9.

Unbreakable Enterprise Kernel Release 2 (2.6.39100.5.1.el6uek.x86_64)

The newly installed kernel is listed first. With default=0, this new kernel loads at
reboot.
Use the grep title /boot/grub/grub.conf command to list the bootable
kernels.
Use the ls /boot/vmlinuz* command to view the kernel files.

b.

8.

Solution 17-3: Using the sftp Utility to Install a New Kernel


1.

From dom0, change to the /OVS/seed_pool/sfws directory and view the kernel* files
in this directory.
[dom0]# cd /OVS/seed_pool/sfws
[dom0]# ls kernel*
kernel-uek-2.6.39...
kernel-uek-firmware-2.6.39...
The kernel-uek-firmware file is needed by the kernel-uek.

2.

From dom0, use the sftp command to transfer the kernel* files to host03. Password is
0racle.
[dom0]# sftp host03
Connecting to host03...
root@host03s password: 0racle
sftp> mput kernel*
Uploading kernel-uek-2.6.39... to /root/kernel-uek.2.6.39...
kernel-uek-2.6.39...
Uploading kernel-uek-firmware2.6.39... to /root/kernel-uek...
kernel-uek-firmware-2.6.39...
sftp> quit

3.

From host03, change to the root users home directory, /root, and use the ls command
to view the kernel* files in this directory.
[host03]# cd
[host03]# ls kernel*
kernel-uek-2.6.39...
kernel-uek-firmware-2.6.39...

4.

Before installing the new kernel, obtain information about the existing kernels on host03.
a. Use the cat command to view the GRUB configuration file.
[host03]# cat /boot/grub/grub.conf
# grub.conf generated by anaconda
...
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.qz
hiddenmenu
title Oracle Linux Server-uek (2.6.32-300.3.1.el6uek.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-300...
initrd /initramfs-2.6.32-300...
title Oracle Linux Server (2.6.32-220.el6.x86_64)
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 13

Oracle Internal & Oracle Academy Use Only

Tasks

b.

root (hd0,0)
kernel /vmlinuz-2.6.32-220...
initrd /initramfs-2.6.32-220...
Your system currently has two bootable kernels:

Unbreakable Enterprise Kernel Release 1 (2.6.32300.3.1.el6uek.x86_64)

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

With default=0, the first kernel, 2.6.32-300.3.1.el6uek.x86_64) is running.


Use the uname command to confirm the loaded kernel.

5.

6.

Use the rpm -i command to install the new kernel. When installing a new kernel, use the
-i option so as not to upgrade the current kernel.
[host03]# rpm ivh kernel-uek-2.6.39-100.5.1.el6uek.x86_64.rpm
Error: Failed dependencies:
Kernel-uek-firmware = ... is needed by kernel-uek...
Notice that the kernel-uek-firmware file is needed by the kernel-uek.
Use the rpm -i command to install the kernel-uek-firmware file. You can then install
the kernel-uek file.
[host03]# rpm ivh kernel-uek-firmware.6.39100.5.1.el6uek.noarch.rpm
Preparing...
########################## [100%]
1:kernel-uek-firmware ########################## [100%]
[host03]# rpm ivh kernel-uek-6.39-100.5.1.el6uek.x86_64.rpm
Preparing...
########################## [100%]
1:kernel-uek
########################## [100%]

7.

After installing the new kernel, obtain information about the kernels on host03.
a. Use the cat command to view the GRUB configuration file.
[host03]# cat /boot/grub/grub.conf
# grub.conf generated by anaconda
...
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.qz
hiddenmenu
title Oracle Linux Server (2.6.39-100.5.1.el6uek.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.39-100...
initrd /initramfs-2.6.39-100...
title Oracle Linux Server-uek (2.6.32-300.3.1.el6uek.x86_64)
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 14

Oracle Internal & Oracle Academy Use Only

[host03]# uname r
2.6.32-300.3.1.el6uek.x86_64


b.

Unbreakable Enterprise Kernel Release 1 (2.6.32300.3.1.el6uek.x86_64)

Red Hat Compatible kernel (2.6.32-220.el6.x86_64)

The newly installed kernel is listed first. With default=0, this new kernel loads at
reboot.
Use the grep command to list the bootable kernels.
[host03]# grep title /boot/grub/grub.conf
title Oracle Linux Server (2.6.39-100.5.1.el6uek.x86_64)
title Oracle Linux Server-uek (2.6.32-300.3.1.el6uek.x86_64)
title Oracle Linux Server (2.6.32-220.el6.x86_64)

c.

Use the ls command to view the kernel files.


[host03]# ls /boot/vmlinuz*
vmlinuz-2.6.32-220.el6.x86_64
vmlinuz-2.6.32-300.3.1.el6uek.x86_64
vmlinuz-2.6.39-100.5.1.el6uek.x86_64

d.

Use the ls command to view the initial RAM disk files.


[host03]# ls /boot/init*
initramfs-2.6.32-220.el6.x86_64.img
initramfs-2.6.32-300.3.1.el6uek.x86_64.img
initramfs-2.6.39-100.5.1.el6uek.x86_64.img

8.

Use the reboot command to boot host03 and load the new kernel.

9.

[host03]# reboot
After you reboot your system, your vnc session closes.
Connect to host03 guest using vncviewer.
a. Determine the vnc port number for host03 by running the xm list l host03 |
grep location command.
# xm list l host03 | grep location
(location 0.0.0.0:5903)
(location 3)
The example shown indicates that the port number is 5903. This may not be true in
your case.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 15

Oracle Internal & Oracle Academy Use Only

root (hd0,0)
kernel /vmlinuz-2.6.32-300...
initrd /initramfs-2.6.32-300...
title Oracle Linux Server (2.6.32-220.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-220...
initrd /initramfs-2.6.32-220...
Notice that your system now has three bootable kernels:
Unbreakable Enterprise Kernel Release 2 (2.6.39100.5.1.el6uek.x86_64)

Run the vncviewer& command.

c.

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command, localhost:<port_number>, substituting the port number
displayed from the previous xm list command (for example, if the port number is
5903, enter localhost:5903), and click OK.

After connecting, the GNOME login window appears.


10. Log in from GNOME Desktop.
a. Select Oracle Student from the list of users.
b. Enter the password, oracle, for Oracle Student.
c. Click Log In.
d. After logging in, the GNOME desktop appears.
11. Open a terminal window and become root user.
a. Right-click the desktop to display the pop-up menu.
b. Click Open in Terminal to display a terminal window.
c. In the terminal window, enter the su command, and then enter root with password
0racle (leading zero) to become root.
$ su
Password: 0racle
12. Use the uname command to display the loaded kernel version.

[host03]# uname r
2.6.39-100.5.1.el6uek.x86_64
Notice that the newly installed Unbreakable Enterprise Kernel Release 2 (2.6.39) is
loaded.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 17: OpenSSH


Chapter 17 - Page 16

Oracle Internal & Oracle Academy Use Only

b.

Chapter 18

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 18:


Authentication and Directory
Services

Practices for Lesson 18


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you configure an NIS server and an NIS client and implement NIS
authentication. You also configure auto-mounting of a user home directory.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 2

Practice 18-1: Configuring an NIS Server


Overview
In this practice, you configure an NIS server in preparation to implementing NIS authentication.
You install the NIS service package (ypserv), start the service, and configure the service to
automatically start at boot time. You also explore the various NIS files and directories, and
create NIS maps.

Assumptions

You completed Practice 6-3 (Creating a Local Yum Repository).


You are the root user on host03 VM.

1.

Install the ypserv package on host03.

2.

Use the vi editor to edit the /etc/sysconfig/network file and set the NIS domain
name (NISDOMAIN) directive to nis.example.com.
NISDOMAIN=nis.example.com

3.

Use the vi editor to create the following access rule in the /etc/ypserv.conf file.
192.0.2.1/24: * : * : none

4.

Use the vi editor to create the /var/yp/securenets file with the following content:
255.255.255.255
127.0.0.1
255.255.255.0
192.0.2.0

5.

These entries enhance system security by only allowing access from localhost
(127.0.0.1) and from systems with IP addresses starting with 192.0.2.

View the /var/yp/Makefile file and locate the following block of lines:
all: passwd group hosts rpc services netid protocols mail \
# netgrp shadow publickey networks ethers bootparams printcap \
# amd.home auto.master auto.home auto.local. passwd.adjunct \
# timezone locale netmasks

6.

This rule allows access to the NIS server from any system on the 192.0.2 subnet.

The all: target specifies which NIS maps to create.

Do not make any changes to this file at this time.


Configure the following NIS services to start at boot time:
ypserv

ypxfrd

yppasswdd

7.

Start the three services (ypserv, ypxfrd, and yppasswdd).

8.

Change to the /var/yp directory and view the contents of this directory

9.

Notice that there are only four entries in this directory at this time.
The ypinit command is not in your search path. Use the find command to find the
location of the ypinit command.

In this example, the ypinit command is located in the /usr/lib64/yp directory.


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

10. Include the absolute pathname and run ypinit with the m option. Do not add any
additional hosts, press Ctrl + D to complete the list.
11. View the contents of the /var/yp directory.

Notice the addition of the nis.example.com directory and the ypservers file.

12. Display the contents of the ypservers file.


Notice that this file contains the host name of the NIS server.
13. View the contents of the nis.example.com directory.
Notice that this directory contains the NIS maps.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 4

Solution 18-1: Configuring an NIS Server


Tasks
1.

Use the yum command to install the ypserv package on host03.

2.

Use the vi editor to edit the /etc/sysconfig/network file and set the NIS domain
name (NISDOMAIN) directive to nis.example.com.
NISDOMAIN=nis.example.com

3.

Use the vi editor to create the following access rule in the /etc/ypserv.conf file.
192.0.2.1/24: * : * : none

4.

Use the vi editor to create the /var/yp/securenets file with the following content:
255.255.255.255
127.0.0.1
255.255.255.0
192.0.2.0

5.

These entries enhance system security by only allowing access from localhost
(127.0.0.1) and from systems with IP addresses starting with 192.0.2.

View the /var/yp/Makefile file (using cat, less, or vi) and locate the following block
of lines:
all: passwd group hosts rpc services netid protocols mail \
# netgrp shadow publickey networks ethers bootparams printcap \
# amd.home auto.master auto.home auto.local. passwd.adjunct \
# timezone locale netmasks

6.

This rule allows access to the NIS server from any system on the 192.0.2 subnet.

The all: target specifies which NIS maps to create.

Do not make any changes to this file at this time.


Use the chkconfig command to configure the following NIS services to start at boot time:

ypserv

ypxfrd

yppasswdd
[host03]#
ypbind
yppasswdd
ypserv
ypxfrd
[host03]#
[host03]#
[host03]#
[host03]#
ypbind
yppasswdd
ypserv

chkconfig --list | grep yp


0:off 1:off 2:off 3:off
0:off 1:off 2:off 3:off
0:off 1:off 2:off 3:off
0:off 1:off 2:off 3:off
chkconfig ypserv on
chkconfig ypxfrd on
chkconfig yppasswdd on
chkconfig --list | grep yp
0:off 1:off 2:off 3:off
0:off 1:off 2:on
3:on
0:off 1:off 2:on
3:on

4:off
4:off
4:off
4:off

5:off
5:off
5:off
5:off

6:off
6:off
6:off
6:off

4:off
4:on
4:on

5:off
5:on
5:on

6:off
6:off
6:off

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 5

Oracle Internal & Oracle Academy Use Only

[host03]# yum install ypserv


...

9.

6:off

The ypbind service only needs to run on NIS clients.


Use the service command to start the three services.
[host03]# service ypserv start
Setting NIS domain name nis.example.com:
Starting YP server services:
[host03]# service ypxfrd start
Starting YP map server:
[host03]# service yppasswdd start
Starting YP passwd service:

8.

5:on

[
[

OK
OK

]
]

OK

OK

Use the cd command to change to the /var/yp directory. Use the ls command to view
the contents.
[host03]# cd /var/yp
# ls
binding Makefile nicknames securenets
Notice that there are only four entries in this directory at this time.
The ypinit command is not in your search path. Use the find command to find the
location of the ypinit command.

[host03]# which ypinit


/usr/bin/which: no ypinit in (...)
[host03]# find / -name ypinit
/usr/lib64/yp/ypinit
In this example, the ypinit command is located in the /usr/lib64/yp directory.
10. Include the absolute pathname and run ypinit with the m option. Do not add any
additional hosts, press Ctrl + D to complete the list.
[host03]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which
will run NIS servers. host03.example.com is in the list of NIS
server hosts. Please continue to add the names for the other
hosts, one per line. When you are done with the list, type a
<control D>.
Next host to add: host03.example.com
Next host to add: <CTRL-D>
The current list of NIS servers looks like this:
host03.example.com
Is this correct? [y/n: y] ENTER
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 6

Oracle Internal & Oracle Academy Use Only

7.

ypxfrd
0:off 1:off 2:on
3:on
4:on
The ypbind daemon binds NIS clients to an NIS domain.

11. Use the ls command to view the contents of the /var/yp directory.

[host03]# ls /var/yp
binding Makefile nicknames nis.example.com securenets
ypservers
Notice the addition of the nis.example.com directory and the ypservers file.

12. Use the cat command to display the contents of the ypservers file.

[host03]# ls nis.example.com
group.byid mail.aliases protocols.bynames
...
Notice that this directory contains the NIS maps.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 7

services.byname

Oracle Internal & Oracle Academy Use Only

[host03]# cat ypservers


host03.example.com
Notice that this file contains the host name of the NIS server.
13. Use the ls command to view the contents of the nis.example.com directory.

Practice 18-2: Configuring an NIS Client


Overview
In this practice, you configure an NIS client in preparation to implement NIS authentication. You
verify that the NIS client packages are installed, you configure the NIS client, and you start the
NIS client service.

Assumptions

This practice is performed exclusively on host01.

Open a terminal window and log in as the root user on host01.

1.

2.

On host01, verify that the required NIS client packages (yp-tools and ypbind) are
installed.
In this example, the two required packages are already installed.
Use the vi editor to edit the /etc/sysconfig/network file and set the NIS domain
name (NISDOMAIN) directive to nis.example.com.
NISDOMAIN=nis.example.com

3.
4.

Alternatively, you could use the nisdomainname command to set the NIS domain
name.
Setting the NISDOMAIN from the command line is not persistent across a reboot.
Use the vi editor to edit /etc/yp.conf and specify the NIS domain and NIS server.
domain nis.example.com server host03.example.com

Start the ypbind service.

5.

If the ypbind service fails to start, stop the iptables service on host03, and then
start ypbind on host01.
Run the ypwhich command to display the NIS server name.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 8

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 18-2: Configuring an NIS Client


Tasks

2.

On host01, use the rpm command to verify that the required NIS client packages are
installed.
[host01]# rpm qa | grep yp-tools
[host01]# rpm qa | grep ypbind
In this example, the two required packages are already installed.
Use the vi editor to set the NIS domain name (NISDOMAIN) to nis.example.com in the
/etc/sysconfig/network file.
NISDOMAIN=nis.example.com

Alternatively, you could use the nisdomainname command to set the NIS domain
name to nis.example.com.
[host01]# nisdomainname nis.example.com

3.

Setting the NISDOMAIN from the command line is not persistent across a reboot.
Use the vi editor to edit /etc/yp.conf and specify the NIS domain and NIS server.
domain nis.example.com server host03.example.com

4.

Use the service command to start the ypbind service.


[host01]# service ypbind start
Setting NIS domain: domain is nis.example.com
Binding NIS service:

[
[

OK
OK

]
]

a.

If the ypbind service fails to start, disable the firewall on host03 by running the
following command.
[host03]# service iptables stop
iptables: Firewall is not running.
You were prompted to disable the firewall in Practice 16-1; however, if you rebooted
host03 since then, the service restarted.
b. After stopping the iptables service, use the service command to start the ypbind
service.
[host01]# service ypbind start
Setting NIS domain: domain is nis.example.com
Binding NIS service:

5.

Run the ypwhich command to display the NIS server name.


[host01]# ypwhich
host03.example.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 9

[
[

OK
OK

]
]

Oracle Internal & Oracle Academy Use Only

1.

Practice 18-3: Implementing NIS Authentication


Overview
In this practice, you use the Authentication Configuration Tool to implement NIS authentication.

Assumptions

This practice is performed exclusively on host03.

Open a terminal window and log in as the root user on host03.

Tasks

2.

From host03, open the Authentication Configuration Tool by running the systemconfig-authentication command.
The GUI appears.
Make the following changes in the GUI.
a. Select NIS from the User Account Database drop-down list.
b. Enter nis.example.com as the NIS domain.
c.

Enter host03.example.com as the NIS server.

3.

Alternatively, you could implement NIS authentication from the command line by using
the authconfig command.
Click Apply to save your changes.

4.

5.

After clicking Apply, the Authentication Configuration Tool closes and the following
messages appear in your terminal window:
Starting NIS service:
[ OK ]
Binding NIS service:
[ OK ]
If either service fails to start, do the following:
a. Use the service command to restart the ypserv service.
b. Run the Authentication Configuration tool again (repeat step 1).
c. Ensure that the settings are correct (repeat step 2).
d. Click Apply (repeat step 3).
Run the authconfig --test command to view the authentication settings.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 10

Oracle Internal & Oracle Academy Use Only

1.

Solution 18-3: Implementing NIS Authentication


Tasks
1.

From host03, open the Authentication Configuration Tool by running the systemconfig-authentication command.

Oracle Internal & Oracle Academy Use Only

[host03]# system-config-authentication
The GUI appears, as follows:

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 11

2.

Make the following changes:


a. Select NIS from the User Account Database drop-down list.
b. Enter nis.example.com as the NIS domain.
c.

Enter host03.example.com as the NIS server.

Alternatively, you could implement NIS authentication from the command line by using
the following command:
[host03]# authconfig --enablenis --nisdomain nis.example.com -nisserver host03.example.com --update

3.

Click Apply to save your changes.

4.

After clicking Apply, the Authentication Configuration Tool closes and the following
messages appear in your terminal window:
Starting NIS service:
[ OK ]
Binding NIS service:
[ OK ]
If either service fails to start, do the following:
a. Use the service command to restart the ypserv service.
[host03]# service ypserv restart
Stopping YP server services:
Starting YP server services:
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 12

[
[

OK
OK

]
]

Oracle Internal & Oracle Academy Use Only

Ensure that your screen looks like the following:

5.

b. Run the Authentication Configuration tool again (repeat step 1).


c. Ensure the settings are correct (repeat step 2).
d. Click Apply (repeat step 3).
Run the authconfig --test command to view the authentication settings.

Oracle Internal & Oracle Academy Use Only

[host03]# authconfig --test


caching is disabled
...
nss_nis is enabled
NIS server = host03.example.com
NIS domain = nis.example.com
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 13

Practice 18-4: Testing NIS Authentication


Overview
In this practice, you test NIS authentication by creating a new user on the NIS server and
logging in as the new user from a remote system.

This practice is performed on host01 and on host03 VMs.

Open a terminal window on each system.

Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

On host03, use the useradd and passwd commands to create a new user, nis_user.
Assign a password of password. Ignore the BAD PASSWORD warning.

2.
3.

These commands create entries in the /etc/passwd and /etc/shadow files on the
NIS server, host03.
On host03, update the NIS maps by running ypinit m (include the absolute pathname).
Do not add any additional hosts, press Ctrl + D to complete the list.
From host01, use the vi editor to edit the /etc/nsswitch.conf file. Change the
following entries to query NIS maps first before querying local files.
The current entries appear as follows:
passwd:
files
shadow:
files
group:
files

4.

Edit these lines to query nis first as follows:


passwd:
nis files
shadow:
nis files
group:
nis files

From host01, log in as nis_user to test NIS authentication.


a. Log out as root user.
b.

Log in as nis_user. Password is password.


Notice that you were able to authenticate from the NIS server and log in from
host01.
However, the nis_user home directory is on the NIS server, host03.
In the next practice, you export the nis_user home directory as an NFS share and
auto-mount the home directory upon nis_user remote login.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 14

Oracle Internal & Oracle Academy Use Only

Assumptions

Solution 18-4: Testing NIS Authentication


Tasks

2.

On host03, use the useradd and passwd commands to create a new user, nis_user.
Assign a password of password. Ignore the BAD PASSWORD warning.
[host03]# useradd nis_user
[host03]# passwd nis_user
Changing password for user nis_user.
New password: password
...
Retype new password: password
passwd: all authentication tokens updated successfully.
These commands create entries in the /etc/passwd and /etc/shadow files on the
NIS server, host03.
On host03, update the NIS maps by running ypinit m (include the absolute pathname).
Do not add any additional hosts, press Ctrl + D to complete the list.
[host03]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which
will run NIS servers. host03.example.com is in the list of NIS
server hosts. Please continue to add the names for the other
hosts, one per line. When you are done with the list, type a
<control D>.
Next host to add: host03.example.com
Next host to add: <CTRL-D>
The current list of NIS servers looks like this:
host03.example.com
Is this correct? [y/n: y] ENTER
...

3.

From host01, use the vi editor to edit the /etc/nsswitch.conf file. Change the
following entries to query NIS maps first before querying local files.
The current entries appear as follows:
passwd:
files
shadow:
files
group:
files

4.

Edit these lines to query nis first as follows:


passwd:
nis files
shadow:
nis files
group:
nis files
From host01, log in as nis_user to test NIS authentication.

a.

Use the logout command to log out as root user.


[host01]# logout

b.

Log in as nis_user. Password is password.


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 15

Oracle Internal & Oracle Academy Use Only

1.

However, the nis_user home directory is on the NIS server, host03.

In the next practice, you will export the nis_user home directory as an NFS share
and auto-mount the home directory upon nis_user remote login.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 16

Oracle Internal & Oracle Academy Use Only

host01 login: nis_user


Password: password
No directory /home/nis_user!
Logging in with home = /.
[host01]$ whoami
nis_user
[host01]$ pwd
/
Notice that you were able to authenticate from the NIS server and log in from
host01.

Practice 18-5: Auto-mounting a User Home Directory


Overview
In this practice, you export a user home directory as an NFS share, and you configure automounter on a client system to auto-mount the remote home directory upon login.

Assumptions

This practice is performed on host01 and on host03 VMs.


The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

1.
2.

From host01, log out as nis_user.


Log in as root on host01. Password is 0racle.

3.

Verify that the autofs package is installed.

4.

In this example, the autofs package is already installed.


Use the vi editor to edit /etc/auto.master and add the following entry:
/home
/etc/auto.home

5.

Use the vi editor to create the /etc/auto.home file with the following entry:
nis_user
-fstype=nfs
host03:/home/nis_user

6.
7.

Restart the autofs service.


From host03, use the vi editor to edit /etc/exports and add the following entry:
/home/nis_user
*(rw)

8.

From host03, restart the nfs service.

9.

From host03, use the showmount command to display the exported file systems.

Notice that the nis_user home directory is now exported.


10. From host01, log in as nis_user to test auto-mounter.
a.
b.

Log out as root user.


Log in as nis_user. Password is password.

Notice that you were able to authenticate from the NIS server and log in, and automount the nis_user home directory.
11. Use the df command to display the mounted file systems.

Notice that the host03:/home/nis_user file system is mounted on local file system
/home/nis_user.

12. Use the vi editor to create a file and confirm read-write permissions.

Create any file name in the nis_user home directory with any content.

Save the file to confirm write permission to the file system.


13. Log out as nis_user.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 17

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 18-5: Auto-mounting a User Home Directory


Tasks
1.

From host01, use the logout command to log out as nis_user.


[host01]# logout

2.

Log in as root on host01. Password is 0racle.


host01 login: root
Password: 0racle
Last login: ...
[root@host01 ~]#

4.
5.
6.

Use the rpm command to verify that the autofs package is installed.
[host01]# rpm qa autofs
autofs-...
In this example, the autofs package is already installed.
Use the vi editor to edit /etc/auto.master and add the following entry:
/home
/etc/auto.home
Use the vi editor to create the /etc/auto.home file with the following entry:
nis_user
-fstype=nfs
host03:/home/nis_user
Use the service command to restart the autofs service.
[host01]# service autofs restart
Stopping automount:
Starting automount:

7.
8.

OK
OK

]
]

From host03, use the vi editor to edit /etc/exports and add the following entry:
/home/nis_user
*(rw)
From host03, use the service command to restart the nfs service.
[host03]# service nfs restart
Shutting down NFS mountd:
...
Shutting down NFS services:
Starting NFS services:
...
Starting NFS mountd:

9.

[
[

OK

[
[

OK
OK

]
]

OK

From host03, use the showmount command to display the exported file systems.

[host03]# showmount e
/home/nis_user *
/Dev
*
Notice that the nis_user home directory is now exported.

10. From host01, log in as nis_user to test auto-mounter.


a. Use the logout command to log out as root user.
[host01]# logout
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 18

Oracle Internal & Oracle Academy Use Only

3.

b.

Log in as nis_user. Password is password.

[nis_user@host01 ~]$ df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
host03:/home/nis_user
2.0G
38M
1.8G
2% /home/nis_user
Notice that the host03:/home/nis_user file system is mounted on local file system
/home/nis_user.
12. Use the vi editor to create a file and confirm read-write permissions.

Create any file name in the nis_user home directory with any content.

Save the file to confirm write permission to the file system.


[nis_user@host01 ~] $ vi test_file
Insert some text
Save the file by pressing <Esc> then :wq

13. Use the logout command to log out as nis_user.


[nis_user@host01]# logout

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 19

Oracle Internal & Oracle Academy Use Only

host01 login: nis_user


Password: password
[nis_user@host01 ~]$ pwd
/home/nis_user
Notice that you were able to authenticate from the NIS server and log in, and automount the nis_user home directory.
11. Use the df command to display the mounted file systems.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 18: Authentication and Directory Services


Chapter 18 - Page 20

Chapter 19

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 19:


Pluggable Authentication
Modules (PAM)

Practices for Lesson 19


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you configure PAM authentication modules first to allow a single login only,
and then to disable all non-root logins.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 2

Practice 19-1: Configuring PAM for a Single Login Session


Overview
In this practice, you configure a PAM authentication module on host03 to allow only a single
login session for a user.

This practice is performed on host01 and on host03 VMs.

You open a terminal window on each system.

You log in as the root user on host03.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

On host03, view the PAM configuration directory, /etc/pam.d.

2.

This directory contains files that describe the authentication procedure for an
application.
View the sshd configuration file in /etc/pam.d.

3.
4.
5.

6.

7.

This file contains a group of directives that define the authentication modules as well as
any controls or arguments.
The authentication modules are listed in the third column.
Locate the pam_sepermit.so authentication module.

In this example, the authentication module is located in /lib64/security.


View the authentication modules directory.
Notice that all authentication modules are located in this directory.
Most of the authentication modules have a man page describing their purpose and usage.
Use the man pam_sepermit command to view the man page for the pam_sepermit
authentication module.
Notice that this module uses a config file, sepermit.conf, which controls access
when SELinux is in enforcing mode.
SELinux is covered in the next lesson (Lesson 20, Security Administration) but for the
purposes of this practice, use the sestatus command to display information about
SELinux.
Output shown is a sample showing that SELinux is enabled and is in enforcing mode.
Your output may be different.
Locate the sepermit.conf file.

8.

Notice that the sepermit.conf file is located in the /etc/security directory.

From host01, log in as oracle user. Password is oracle.

An error occurs because you configured auto-mounter for home directories in the last
practice.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

9.

Disable auto-mounter.
a. Use the su - command to become root. Password is 0racle.
b. Use the service command to stop the autofs service.

c. Use the logout command to log off as root, then again to log off as oracle.
10. From host01, log in as oracle user. Password is oracle.

Notice that you are now logged in to host03.


13. Close the connection to host03.
Notice that you are now logged off of host03 and back to host01.
14. From host03, use the vi editor to add the following entry to
/etc/security/sepermit.conf.
oracle:exclusive

This entry when read by the PAM module, pam_sepermit.so, only allows a single
login session for the oracle user.
15. From host01, use the ssh command to connect to host03. Password is oracle.

Notice that the connection is denied by the PAM authentication module.

Only a single login session is allowed for user oracle and the oracle user is already
logged in on host03.
To permit the oracle user login from host01, you can either:

Log out from host03 as user oracle.

Remove the entry in the /etc/pam.d/sshd file to use the pam_sepermit.so


module.
Remove the entry in the /etc/security/sepermit.conf file to allow only a single
login session.
16. From host03, permit user oracle to log in from host01 by commenting out the entry to
use the pam_sepermit.so module from the /etc/pam.d/sshd file.

The current entry appears as follows:


auth
required
pam_sepermit.so

Comment out this line by inserting a # sign at the beginning of the line as follows:
#auth
required
pam_sepermit.so

17. From host01, use the ssh command to connect to host03. Password is oracle.

Notice that the connection is allowed, and no longer denied by the PAM authentication
module.
18. Close the connection to host03.
Notice that you are now logged off of host03 and back to host01.
19. Return host03 back to the original state.
a. From host03, edit /etc/pam.d/sshd and un-comment the entry to use the
pam_sepermit.so module (remove the # sign).
b.

From host03, edit /etc/security/sepermit.conf and remove the entry to allow


only a single login for user oracle.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 4

Oracle Internal & Oracle Academy Use Only

11. From host01, use the ssh command to connect to host03. Password is oracle.
12. Confirm that you successfully logged in to host03.

Solution 19-1: Configuring PAM for a Single Login Session


1.

On host03, use the ls command to view the PAM configuration directory, /etc/pam.d.

2.

[host03]# ls /etc/pam.d
atd
login
smtp.postfix
authconfig
newrole
sshd
...
This directory contains files that describe the authentication procedure for an
application.
Use the cat command to view the sshd configuration file in /etc/pam.d.

3.

[host03]# cat /etc/pam.d/sshd


#%PAM-1.0
auth
required
pam_sepermit.so
auth
include
password-auth
account
required
pam_nologin.so
...
This file contains a group of directives that define the authentication modules as well as
any controls or arguments.
The authentication modules are listed in the third column.
Use the find command to locate the pam_sepermit.so authentication module.

4.

[host03]# find / -name pam_sepermit.so


/lib64/security/pam_sepermit.so
In this example, the authentication module is located in /lib64/security.
Use the ls command to view the authentication modules directory.

5.

[host03]# ls /lib64/security
pam_access.so
pam_krb5afs.so
pam_sepermit.so
pam_cap.so
pam_krb5.so
pam_shells.so
...
Notice that all authentication modules are located in this directory.
Most of the authentication modules have a man page describing their purpose and usage.
Use the man pam_sepermit command to view the man page for the pam_sepermit
authentication module.
[host03]# man pam_sepermit
...
pam_sepermit PAM module to allow/deny login depending
On SELinux enforcement state
...
When the user which is logging in matches an entry in the
config file he is allowed access only when the SELinux
is in enforcing mode. Otherwise he is denied access...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 5

Oracle Internal & Oracle Academy Use Only

Tasks

...

7.

[host03]# sestatus
SELinux status:
enabled
...
Current mode:
enforcing
...
Output shown is a sample showing that SELinux is enabled and is in enforcing mode.
Your output may be different.
Use the find command to locate the sepermit.conf file.

8.

[host03]# find / -name sepermit.conf


/etc/security/sepermit.conf
Notice that the sepermit.conf file is located in the /etc/security directory.
From host01, log in as oracle user. Password is oracle.

9.

host01 login: oracle


Password: oracle
Last login...
No directory /home/oracle!
Logging in with home /
-bash-4.1$
The error message is because you configured auto-mounter for home directories in the
last practice.
Disable auto-mounter.
a. Use the su - command to become root. Password is 0racle.
-bash-4.1$ su
Password: Oracle
[root@host01 ~]#
b.

Use the service command to stop the autofs service.


[root@host01 ~]# service autofs stop
Stopping automount:

c.

OK

Use the logout command to log off as root, then again to log off as oracle.
[root@host01 ~]# logout
-bash-4.1$ logout

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 6

Oracle Internal & Oracle Academy Use Only

6.

See sepermit.conf(5) for details.


...
Notice that this module uses a config file, sepermit.conf, which controls access
when SELinux is in enforcing mode.
SELinux is covered in the next lesson (Lesson 20, Security Administration) but for the
purposes of this practice, use the sestatus command to display information about
SELinux.

10. From host01, log in as oracle user. Password is oracle.


host01 login: oracle
Password: oracle
Last login...
[oracle@host01 ~]$
11. From host01, use the ssh command to connect to host03. Password is oracle.
[oracle@host01 ~]$ ssh host03
oracle@host03s password: oracle
Last login:...
[oracle@host03 ~]$
[oracle@host03 ~]$ hostname
host03.example.com
Notice that you are now logged in to host03.
13. Use the logout command to close the connection to host03.
[oracle@host03 ~]$ logout
Connect to host03 closed.
[oracle@host01 ~]$ hostname
host01.example.com
Notice that you are now logged off of host03 and back to host01.
14. From host03, use the vi editor to add the following entry to
/etc/security/sepermit.conf.
oracle:exclusive

This entry when read by the PAM module, pam_sepermit.so, only allows a single
login session for the oracle user.

15. From host01, use the ssh command to connect to host03. Password is oracle.

[oracle@host01 ~]$ ssh host03


oracle@host03s password: oracle
Permission denied, please try again.
oracle@host03s password: CTRL-C
[oracle@host01 ~]$
Notice that the connection is denied by the PAM authentication module.

Only a single login session is allowed for user oracle and the oracle user is already
logged in on host03.
To permit the oracle user login from host01, you can either:

Log out from host03 as user oracle.

Remove the entry in the /etc/pam.d/sshd file to use the pam_sepermit.so


module.

Remove the entry in the /etc/security/sepermit.conf file to allow only a single


login session.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 7

Oracle Internal & Oracle Academy Use Only

12. Use the hostname command to confirm that you successfully logged in to host03.

16. From host03, permit user oracle to log in from host01 by using the vi editor to comment
out the entry to use the pam_sepermit.so module from the /etc/pam.d/sshd file.

The current entry appears as follows:


auth
required
pam_sepermit.so

[oracle@host01 ~]$ ssh host03


oracle@host03s password: oracle
Last login
[oracle@host03 ~]$ hostname
host03.example.com
Notice that the connection is allowed, and no longer denied by the PAM authentication
module.
18. Use the logout command to close the connection to host03.
[oracle@host03 ~]$ logout
Connect to host03 closed.
[oracle@host01 ~]$ hostname
host01.example.com
Notice that you are now logged off of host03 and back to host01.
19. Return host03 back to the original state.
a. From host03, use the vi editor to edit /etc/pam.d/sshd and un-comment the entry
to use the pam_sepermit.so module (remove the # sign).
b.

From host03, use the vi editor to edit /etc/security/sepermit.conf and


remove the entry to allow only a single login for user oracle.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 8

Oracle Internal & Oracle Academy Use Only

Comment out this line by inserting a # sign at the beginning of the line as follows:
#auth
required
pam_sepermit.so
17. From host01, use the ssh command to connect to host03. Password is oracle.

Practice 19-2: Configuring PAM to Prevent Non-root Login


Overview
In this practice, you configure a PAM authentication module on host01 to prevent all non-root
user logins.

This practice is performed on host01 and on host03 VMs.

Open a terminal window on each system.

Log in as the root user on host01.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

On host01, view the login configuration file in /etc/pam.d.

2.

The login utility uses the pam_nologin.so authentication module as well as several
other modules.
View the man page for the pam_nologin authentication module.

3.
4.

Notice that this module uses a config file, /etc/nologin, which, if it exists, disables
non-root logins.

Create the /etc/nologin file with the following contents.


No logins allowed at this time.
From host03, use the ssh command to connect to host01 as user oracle.
Notice that the connection is denied by the PAM authentication module.
To permit the non-root user logins, you can do either of the following:

Delete the /etc/nologin file from host01.

5.

Remove the entry in the /etc/pam.d/login file to use the pam_nologin.so


module.
From host01, permit non-root user logins from host03 by using the vi editor to comment
out the entry to use the pam_nologin.so module from the /etc/pam.d/login file.

The current entry is:


account
required

pam_nologin.so

Comment out this line by inserting a # sign at the beginning of the line as follows:
#account
required
pam_nologin.so

6.

From host03, use the ssh command to connect to host01 as user oracle.

7.

Notice that the connection is still denied by the PAM authentication module.
From host01, search for the string pam_nologin in all the files in the /etc/pam.d
directory.

Notice that this module also is called from the remote file and from the sshd file.

You would need to comment out these lines in these two files as well.

Alternatively, simply remove the /etc/nologin file to allow non-root logins.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 9

Oracle Internal & Oracle Academy Use Only

Assumptions

Return host01 back to the original state.


a. From host01, delete the /etc/nologin file.
b. From host01, use the vi editor to edit /etc/pam.d/login and un-comment the
entry to use the pam_nologin.so module (remove the # sign).

Oracle Internal & Oracle Academy Use Only

8.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 10

Solution 19-2: Configuring PAM to Prevent Non-root Login


Tasks

2.

3.
4.

On host01, use the cat command to view the login configuration file in /etc/pam.d.
[host01]# cat /etc/pam.d/login
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore ...
auth
include
system-auth
account
required
pam_nologin.so
...
The login utility uses the pam_nologin.so authentication module as well as several
other modules.
Use the man pam_nologin command to view the man page for the pam_nologin
authentication module.
[host01]# man pam_nologin
...
pam_nologin Prevent non-root users from login
...
pam_nologin is a PAM module that prevents users from
logging into the system when /etc/nologin exists. The
contents of the /etc/nologin file are displayed to the
user...no effect on the root users ability to log in.
...
Notice that this module uses a config file, /etc/nologin, which, if it exists, disables
non-root logins.
Use the vi editor and create the /etc/nologin file with the following contents:
No logins allowed at this time.
From host03, use the ssh command to connect to host01 as user oracle.
[host03]# ssh oracle@host01
No logins allowed at this time.
Connection closed by 192.0.2.101
Notice that the connection is denied by the PAM authentication module.
To permit the non-root user logins, you can do either of the following:

Delete the /etc/nologin file from host01.

5.

Remove the entry in the /etc/pam.d/login file to use the pam_nologin.so


module.
From host01, permit non-root user logins from host03 by using the vi editor to comment
out the entry to use the pam_nologin.so module from the /etc/pam.d/login file.

The current entry appears is:


account
required
pam_nologin.so

Comment out this line by inserting a # sign at the beginning of the line as follows:
#account
required
pam_nologin.so
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 11

Oracle Internal & Oracle Academy Use Only

1.

7.

8.

From host03, use the ssh command to connect to host01 as user oracle.
[host03]# ssh oracle@host01
No logins allowed at this time.
Connection closed by 192.0.2.101
Notice that the connection is still denied by the PAM authentication module.
From host01, use the grep command to search for the string pam_nologin in all the files
in the /etc/pam.d directory.

[host01]# grep pam_nologin /etc/pam.d/*


/etc/pam.d/login:#account
required
pam_nologin.so
/etc/pam.d/remote:account
required
pam_nologin.so
/etc/pam.d/sshd:account
required
pam_nologin.so
Notice that this module also is called from the remote file and from the sshd file.

You would need to comment out these lines in these two files as well.

Alternatively, simply remove the /etc/nologin file to allow non-root logins.


Return host01 back to the original state.
a. From host01, delete the /etc/nologin file.
b. From host01, use the vi editor to edit /etc/pam.d/login and un-comment the
entry to use the pam_nologin.so module (remove the # sign).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 19: Pluggable Authentication Modules (PAM)


Chapter 19 - Page 12

Oracle Internal & Oracle Academy Use Only

6.

Chapter 20

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 20:


Security Administration

Practices for Lesson 20


Practices Overview
In these practices, you:
Perform SELinux configuration from the GUI and the command line
Create chroot jails

Configure iptables from the GUI and the command line

Configure a TCP wrapper

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 2

Practice 20-1: Exploring SELinux


Overview
In this practice, you explore SELinux files and directories, execute SELinux commands, install
the SELinux Administration GUI package, and explore the GUI.

Assumptions

You are the root user on host03 VM.

Tasks
View the /etc/selinux/config file.

Notice that that SELinux security policy is enforced.

2.

Notice that the targeted policy is in use, meaning that only targeted network daemons
are protected.
Run the sestatus command.

3.

Notice that this output confirms the settings in the /etc/selinux/config file.
Run the getenforce command.

4.

Notice that this output also confirms the settings in the /etc/selinux/config file.
List the installed selinux packages.

5.

Some SELinux tools are provided by other packages. List the policycore packages.

6.

Notice that the policycoreutils-gui package, which provides the SELinux


Administration GUI, is not installed by default.
Install the policycoreutils-gui package.

7.

Start the SELinux Administration GUI by using the system-config-selinux command.

8.

9.

Notice that the GUI indicates that the policy type is targeted and policy is enforced.
Display the System Default Enforcing Mode options by clicking the drop-down list.
Notice that the three options:
Disabled: No security policy is loaded in the kernel.
Permissive: A diagnostic state. Security policy rules are not enforced but messages
are logged.
Enforcing: Access is denied to users and programs unless permitted by SELinux
security policy rules.
Display the System Default Policy Type options by clicking the drop-down list.
Notice that targeted is the only option.
The other possible policy type option is MLS (Multi-Level Security).

MLS requires the selinux-policy-mls package be installed (it is not installed by


default).
10. Select Boolean in the left pane of the GUI.
Booleans allow parts of SELinux policy to be changed.
The Active check box indicates whether the Boolean is on or off.
11. Enter ftp as a filter and press Enter.

Notice that each item contains ftp in the long description.


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 3

Oracle Internal & Oracle Academy Use Only

1.

12. Scroll to the right to display the Boolean name.


Notice that each Boolean is referenced by a short name.
The short name can be used as an argument to several SELinux commands.
13. Close the SELinux Administration GUI by selecting File > Quit from the menu bar.
14. Use the semanage command to list the Booleans. If the semanage command is not found,
install the policycoreutils-python package.

b.

Notice that this command does not include the long description.
Include a Boolean name (for example, use_nfs_home_dirs) as an argument to
display a specific Boolean status.

Note that getsebool command accepts multiple Boolean names as arguments.


c. You can also view Booleans in the /selinux/booleans directory. Use the cat
command to view the status of both use_nfs_home_dirs and abrt_anon_write
Booleans.
A value of 1 indicates that the Boolean is on, while 0 indicates off.
The first number indicates the current value of the Boolean.
The second number represents the pending value of the Boolean.
16. Use the echo command to change the pending value of the abrt_anon_write Boolean
to on.
17. The /selinux/commit_pending_bools file is the interface for committing the pending
values of all Booleans as the current values. Commit pending values by writing a 1 to this
file. Use the echo command to commit all pending values for all Booleans.
18. View the /selinux/booleans/abrt_anon_write file and use the getsebool
command to view the abrt_anon_write Boolean to confirm the commit.
19. Use the setsebool command to change the value of the abrt_anon_write Boolean.
Confirm the change.

The setsebool P command causes the change to persist across a reboot.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 4

Oracle Internal & Oracle Academy Use Only

Notice that the Boolean name is listed in the first column, the current setting (on/off)
is given in the second column, and the long description is listed in the third column.
15. Use the getsebool command to view Booleans and their status.
a. Use the -a option to display all Booleans and their status.

Solution 20-1: Exploring SELinux


1.

Use the cat command to view the /etc/selinux/config file.

2.

# cat /etc/selinux/config
...
SELINUX=enforcing
...
SELINUX=targeted
Notice that SELinux security policy is enforced.
Notice that the targeted policy is in use, meaning that only targeted network daemons
are protected.
Run the sestatus command.

3.

# sestatus
SELINUX status:
enabled
...
Current mode:
enforcing
...
Policy from config file: targeted
Notice that this output confirms the settings in the /etc/selinux/config file.
Run the getenforce command.

4.

# getenforce
Enforcing
Notice that this output also confirms the settings in the /etc/selinux/config file.
Use the rpm command to list the installed selinux packages.
# rpm qa |grep selinux
selinux-policy-...
libselinux-python-...
libselinux-utils-...
selinux-policy-targeted...
libselinux-...

5.

Some SELinux tools are provided by other packages. Use the rpm command to list the
policycore packages.

# rpm qa |grep policycore


policycoreutils-python-...
policycoreutils-...
Notice that the policycoreutils-gui package, which provides the SELinux
Administration GUI, is not installed by default.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 5

Oracle Internal & Oracle Academy Use Only

Tasks

6.

Use the yum command to install the policycoreutils-gui package.


# yum install policycoreutils-gui
...
Start the SELinux Administration GUI by using the system-config-selinux command.

8.

# system-config-selinux
The GUI appears.

Notice that policy type is targeted and policy is enforced.


Display the System Default Enforcing Mode options by clicking the drop-down list, as
shown.

Notice that the three options:


Disabled: No security policy is loaded in the kernel.
Permissive: A diagnostic state. Security policy rules are not enforced but messages
are logged.
Enforcing: Access is denied to users and programs unless permitted by SELinux
security policy rules.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 6

Oracle Internal & Oracle Academy Use Only

7.

9.

Display the System Default Policy Type options by clicking the drop-down list, as shown.

Notice that targeted is the only option.


The other possible policy type option is MLS (Multi-Level Security).

Booleans allow parts of SELinux policy to be changed.


The Active check box indicates whether the Boolean is on or off.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 7

Oracle Internal & Oracle Academy Use Only

MLS requires the selinux-policy-mls package be installed (it is not installed by


default).
10. Select Boolean in the left pane of the GUI, as shown.

Notice that each item contains ftp in the long description.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 8

Oracle Internal & Oracle Academy Use Only

11. Enter ftp as a filter and press Enter to display the following screen.

Notice that each Boolean is referenced by a short name.


The short name can be used as an argument to several SELinux commands.
13. Close the SELinux Administration GUI by selecting File > Quit from the menu bar.
14. Use the semanage command to list the Booleans. If the semanage command is not found,
use yum to install the policycoreutils-python package.
# semanage boolean l
SELINUX Boolean
Description
ftp_home_dir
-> off
Allow ftp to read and write...
smartmon_3ware
-> off
Enable additional permission...
...
Notice that the Boolean name is listed in the first column, the current setting (on/off)
is given in the second column, and the long description is listed in the third column.
15. Use the getsebool command to view Booleans and their status.
a.

Use the -a option to display all Booleans and their status.


# getsebool a
abrt_anon_write --> off
abrt_handle_event --> off
allow_console_login --> on
...
Notice that this command does not include the long description.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 9

Oracle Internal & Oracle Academy Use Only

12. Scroll to the right to display the Boolean name as shown.

Include a Boolean name (for example, use_nfs_home_dirs) as an argument to


display a specific Boolean status.
# getsebool use_nfs_home_dirs
use_nfs_home_dirs --> on
Note: The getsebool command accepts multiple Boolean names as arguments.
c. You can also view Booleans in the /selinux/booleans directory. Use the cat
command to view the status of both use_nfs_home_dirs and abrt_anon_write
Booleans.
#
1
#
0

cat /selinux/booleans/use_nfs_home_dirs
1
cat /selinux/booleans/abrt_anon_write
0
A value of 1 indicates that the Boolean is on, while 0 indicates off.

The first number indicates the current value of the Boolean.


The second number represents the pending value of the Boolean.
16. Use the echo command to change the pending value of the abrt_anon_write Boolean
to on.
# echo 1 > /selinux/booleans/abrt_anon_write
# cat /selinux/booleans/abrt_anon_write
0 1
17. The /selinux/commit_pending_bools file is the interface for committing the pending
values of all Booleans as the current values. Commit pending values by writing a 1 to this
file. Use the echo command to commit all pending values for all Booleans.
# echo 1 > /selinux/commit_pending_bools
18. Use the cat command to view the /selinux/booleans/abrt_anon_write file and
use the getsebool command to view the abrt_anon_write Boolean to confirm the
commit.
# cat /selinux/booleans/abrt_anon_write
1 1
# getsebool abrt_anon_write
abrt_anon_write --> on
19. Use the setsebool command to change the value of the abrt_anon_write Boolean.
Confirm the change.
# setsebool abrt_anon_write off
# getsebool abrt_anon_write
abrt_anon_write --> off
# cat /selinux/booleans/abrt_anon_write
0 0

The setsebool P command causes the change to persist across a reboot.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 10

Oracle Internal & Oracle Academy Use Only

b.

Practice 20-2: Configuring an SELinux Boolean


Overview
In this practice, you change the value of an SELinux Boolean to disable and enable the use of
NFS home directories.

You completed all Practices for Lesson 18 (Authentication and Directory Services).
This practice is performed primarily on host01 VM.
One command is executed on dom0 and one command is executed on host03.

Open a terminal window on each system.


Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 or dom0 to
indicate which system to enter the command from.

Tasks
1.
2.

From host03, stop the iptables service.


From host03, display the exported NFS file systems.

3.
4.

Notice that the nis_user home directory is exported.


On host01, start the autofs service.
Log out as root.

5.
6.

On host01, log in as nis_user user. Password is password.


Display the current directory.

7.

Notice that the current directory is the nis_user home directory.


Display the mounted file systems.

8.
9.

Notice that the nis_user home directory, /home/nis_user, is an exported NFS file
system from host03, host03:/home/nis_user.

Log out as nis_user.


On host01, log in as root user. Password is 0racle.

10. Use the getsebool command to get the current status of the use_nfs_home_dirs
Boolean.
Notice that the current status is on, meaning that NFS home directories are permitted.
11. Use the setsebool command to turn the use_nfs_home_dirs Boolean off.
12. Get the current status of the use_nfs_home_dirs Boolean.

Notice that the current status is now off, meaning that NFS home directories are not
permitted.
13. Log out as root.
14. On host01, log in as nis_user. Password is password.
Notice that you are able to log in, but the NFS home directory could not be used.
15. Configure host01 to the original settings.
a. Log out as nis_user.
b.

Log in as root user. Password is 0racle.


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 11

Oracle Internal & Oracle Academy Use Only

Assumptions

c.
d.

Set the use_nfs_home_dirs Boolean to on.


Get the current status of the use_nfs_home_dirs Boolean to confirm that the status
is on.

With the use_nfs_home_dirs Boolean on, NFS home directories are permitted.

16. Log out as root.

Oracle Internal & Oracle Academy Use Only

17. On host01, log in as nis_user. Password is password.


18. Confirm the use of the NFS home directory.
19. Log out as nis_user.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 12

Solution 20-2: Configuring an SELinux Boolean


Tasks
1.

From host03, use the service command to stop the iptables service.

2.

From host03, use the showmount command to display the exported NFS file systems.

3.

[host03]# showmount e
/home/nis_user *
/Dev
*
Notice that the nis_user home directory is exported.
Use the service command to start the autofs service.
[root@host01 ~]# service autofs start
Starting automount:

4.

OK

Use the logout command to log out as root.


[root@host01 ~]# logout

5.

On host01, log in as nis_user user. Password is password.


host01 login: nis_user
Password: password
Last login: ...
[nis_user@host01 ~]$

6.

Use the pwd command to display the current directory.

7.

[nis_user@host01 ~]$ pwd


/home/nis_user
Notice that the current directory is the nis_user home directory.
Use the df command to display the mounted file systems.

8.

[nis_user@host01 ~]$ df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
host03:/home/nis_user
2.0G
42M
1.8G
3% /home/nis_user
Notice that the nis_user home directory, /home/nis_user, is an exported NFS file
system from host03, host03:/home/nis_user.

Use the logout command to log out as nis_user.


[nis_user@host01 ~]$ logout

9.

On host01, log in as root user. Password is 0racle.


host01 login: root
Password: 0racle
Last login: ...
[root@host01 ~]#
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 13

Oracle Internal & Oracle Academy Use Only

[host03]# service iptables stop


...

10. Use the getsebool command to get the current status of the use_nfs_home_dirs
Boolean.
# getsebool use_nfs_home_dirs
use_nfs_home_dirs --> on
Notice that the current status is on, meaning that NFS home directories are permitted.
11. Use the setsebool command to turn the use_nfs_home_dirs Boolean off.
# setsebool use_nfs_home_dirs off

# getsebool use_nfs_home_dirs
use_nfs_home_dirs --> off
Notice that the current status is now off, meaning that NFS home directories are not
permitted.
13. Use the logout command to log out as root.
# logout
14. On host01, log in as nis_user. Password is password.
host01 login: nis_user
Password: password
No directory /home/nis_user!
Logging in with home = /.
[host01]$ whoami
nis_user
[host01]$ pwd
/
Notice that you are able to log in, but the NFS home directory could not be used.
15. Configure host01 to the original settings.
a. Use the logout command to log out as nis_user.
[nis_user@host01 ~]$ logout
b.

Log in as root user. Password is 0racle.


host01 login: root
Password: 0racle
Last login: ...
[root@host01 ~]#

c.

Use the setsebool command to set the use_nfs_home_dirs Boolean to on.


# setsebool use_nfs_home_dirs on

d.

Use the getsebool command to confirm that the current status of the
use_nfs_home_dirs Boolean is on.
# getsebool use_nfs_home_dirs
use_nfs_home_dirs --> on
With the use_nfs_home_dirs Boolean on, NFS home directories are permitted.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 14

Oracle Internal & Oracle Academy Use Only

12. Use the getsebool command to get the current status of the use_nfs_home_dirs
Boolean.

16. Use the logout command to log out as root.


# logout
17. On host01, log in as nis_user. Password is password.
host01 login: nis_user
Password: password
Last login:...
[nis_user@host01 ~]$
18. Use the pwd command to confirm the use of the NFS home directory.
[nis_user@host01 ~]$ pwd
/home/nis_user
[nis_user@host01 ~]$ logout

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 15

Oracle Internal & Oracle Academy Use Only

19. Use the logout command to log out as nis_user.

Practice 20-3: Configuring a chroot Jail


Overview
In this practice, you configure a chroot jail and copy all files required to run the /bin/bash shell
in the chroot jail.

Assumptions

You are the oracle user on host03 VM.

1.
2.
3.

Confirm that you are logged in as the oracle user.


Change to your home directory.
Make a jail directory in your home directory.

4.
5.

Become the root user. Password is 0racle.


Display the value of the SHELL variable.

6.

In this example, SHELL=/bin/bash.


As the root user, use the chroot command to create a chroot jail in the
/home/oracle/jail directory.

7.
8.

Notice that if you do not specify a command as an argument, chroot attempts to run
the value of the SHELL variable, /bin/bash, in the chroot jail directory,
/home/oracle/jail.

The command failed because /bin/bash was not found in /home/oracle/jail.


Log off as root and return to oracle user login.
As the oracle user, create a new root directory structure and copy all necessary files into
the new root directory.
a. Within the jail directory in your home directory, make a bin directory.
b.

Copy /bin/bash into ~/jail/bin.

c.

Use the ldd command to determine which shared libraries are required by
/bin/bash.

9.

In this example, there are four shared library files in /lib64 used by /bin/bash.
d. Within the jail directory in your home directory, make a lib64 directory.
e. Copy the four shared library files required for /bin/bash from /lib64 to
~/jail/lib64.
Become the root user. Password is 0racle.

10. As the root user, use the chroot command to create a chroot jail in the
/home/oracle/jail directory.

Notice that the chroot command was successfulno errors occurred and the
/bin/bash program executed.
11. Display the current directory.
Notice that the output indicates that the current directory is the root-level directory even
though the actual directory is /home/oracle/jail.
12. Use the exit command to exit the chroot jail.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 16

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 20-3: Configuring a chroot Jail


Tasks
1.

Use the whoami command to confirm that you are logged in as the oracle user.
$ whoami
oracle

2.

Use the cd command to change to your home directory.


$ cd
$ pwd
/home/oracle
Use the mkdir command to make a jail directory in your home directory.
$ mkdir jail

4.

Use the su command to become the root user. Password is 0racle.


$ su
Password: 0racle

5.

6.

Use the echo command to display the value of the SHELL variable.
# echo $SHELL
/bin/bash
In this example, SHELL=/bin/bash.
As the root user, use the chroot command to create a chroot jail in the
/home/oracle/jail directory.

7.

# chroot /home/oracle/jail
chroot: failed to run command /bin/bash: No such file or
directory
Notice that if you do not specify a command as an argument, chroot attempts to run
the value of the SHELL variable, /bin/bash, in the chroot jail directory,
/home/oracle/jail.
The command failed because /bin/bash was not found in /home/oracle/jail.

Use the exit command to log off as root and return to oracle user login.
# exit
logout
$ whoami
oracle

8.

As the oracle user, create a new root directory structure and copy all necessary files into
the new root directory.
a. Within the jail directory in your home directory, use the mkdir command to make a
bin directory.
$ cd ~/jail
$ mkdir bin
b.

Use the cp command to copy /bin/bash into ~/jail/bin.


$ cp /bin/bash ~/jail/bin
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 17

Oracle Internal & Oracle Academy Use Only

3.

c.

Use the ldd command to determine which shared libraries are required by
/bin/bash.

$ cd ~/jail
$ mkdir lib64
e.

Use the cp command to copy the four shared library files required for /bin/bash from
/lib64 to ~/jail/lib64.
$
$
$
$

9.

cp
cp
cp
cp

/lib64/libtinfo.so.5 ~/jail/lib64
/lib64/libdl.so.2 ~/jail/lib64
/lib64/libc.so.6 ~/jail/lib64
/lib64/ld-linux-x86-64.so.2 ~/jail/lib64

Use the su command to become the root user. Password is 0racle.


$ su
Password: 0racle

10. As the root user, use the chroot command to create a chroot jail in the
/home/oracle/jail directory.
# chroot /home/oracle/jail
Notice that the chroot command was successfulno errors occurred and the
/bin/bash program executed.
11. Use the pwd command to display the current directory.

# pwd
/
Notice that the output indicates that the current directory is the root-level directory even
though the actual directory is /home/oracle/jail.

12. Use the exit command to exit the chroot jail.


# exit

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 18

Oracle Internal & Oracle Academy Use Only

$ ldd /bin/bash
linux-vdso.so.1 => (0x0000...)
libtinfo.so.5 => /lib64/libtinfo.so.5 (0x0000...)
libdl.so.2 => /lib64/libdl.so.2 (0x0000...)
libc.so.6 => /lib64/libc.so.6 (0x0000...)
/lib64/ld-linux-x86-64.so.2 (0x0000...)
In this example, there are four shared library files in /lib64 used by /bin/bash.
d. Within the jail directory in your home directory, use the mkdir command to make a
lib64 directory.

Practice 20-4: Configuring a chroot Jail for ftp Users


Overview
In this practice, you confirm that anonymous users are placed in a chroot jail on a vsftpd
server by default, you configure an SELinux Boolean to allow local ftp users, and you
configure local users to be placed in a chroot jail.

You completed Practice 16-3 (Configuring an FTP Server).


You completed Practice 16-4 (Downloading a File from an FTP Server).
This practice is performed on host01 and host03 VMs.

Open a terminal window on each system.


Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

From host03, list the contents of the /var/ftp directory.

2.

Notice that /var/ftp contains a single directory, pub.


From host03, list the contents of /var/ftp/pub.

4.

Notice that /var/ftp/pub contains a single file, test_file.


From host01, ftp to host03 as anonymous user. Press Enter when prompted for a
password.
List the contents of the current directory.

5.

Notice that the current directory contains a single directory, pub.


List the contents of the pub directory.

3.

Notice that the pub directory contains a single file, test_file.

6.

This confirms that the current location of the anonymous FTP user is /var/ftp on
host03.
Display the current directory.
Notice that the output indicates that the current directory is the root-level directory even
though the actual directory is /var/ftp.

7.

This confirms that anonymous users are placed in a chroot jail by default.
Exit ftp.

8.

From host01, ftp to host03 as oracle user. Password is oracle.

9.

Notice that login failed for oracle user.


Exit ftp.

10. On host03, use the setenforce command to change SELinux to permissive mode. Use
the getenforce command before and after to confirm the change.
11. From host01, ftp to host03 as oracle user. Password is oracle.

Notice that login was successful this time.


Setting SELinux to permissive mode allows oracle user to connect to FTP server.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 19

Oracle Internal & Oracle Academy Use Only

Assumptions

12. Exit ftp.


13. From host03, determine which SELinux Boolean(s) denied oracle user connection to FTP
server.
a. Use the semanage boolean l | grep ftp command to list FTP-related
Booleans.

Notice that the ftp_home_dir Boolean is set to off.

b.
c.

This Boolean seems to be the cause of the oracle user connection denial.
Change SELinux to enforcing mode. Confirm the change.
Set the ftp_home_dir Boolean to on.

d.

Confirm that the current status of the ftp_home_dir Boolean is on.

Notice that login was successful this time.


Setting the ftp_home_dir SELinux Boolean on allows oracle user to connect to
FTP server when SELinux policy is enforced.
15. Display the current directory. Move up one level in the directory structure and display the
current directory again.
The output indicates that the oracle user was placed in its home directory.

This is the case for all local users that access a vsftpd server; they are placed in their
home directory by default, and not in a chroot jail.

16. Exit ftp.


17. On host03, enable options in the /etc/vsftp/vsftpd.conf file to put local users in a
chroot jail.
a. Use the vi editor to set the chroot_local_user directive to YES.
chroot_local_user=YES
b. Ensure that the following chroot directives are commented out (proceeded with a #
sign, as shown).
#chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list
c. Restart the vsftpd service.
18. From host01, ftp to host03 as oracle user. Password is oracle.
19. Display the current directory. List the contents of the current directory.
The output indicates that the current directory is the root-level directory even though
the actual directory is /home/oracle on the vsftpd server, host03.
20. Exit ftp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 20

Oracle Internal & Oracle Academy Use Only

14. From host01, ftp to host03 as oracle user. Password is oracle.

Solution 20-4: Configuring a chroot Jail for ftp Users


Overview
Tasks
From host03, use the ls command to list the contents of the /var/ftp directory.

2.

3.

[host03]# ls l /var/ftp
drwxr-xr-x... pub
Notice that /var/ftp contains a single directory, pub.

From host03, use the ls command to list the contents of /var/ftp/pub.


[host03]# ls /var/ftp/pub
test_file
Notice that /var/ftp/pub contains a single file, test_file.
From host01, ftp to host03 as anonymous user. Press Enter when prompted for a
password.
[host01]$ ftp host03
Connected to host03: (192.0.2.103).
220 (vsFTPd 2.2.2)
Name...: anonymous
331 Please specify the password.
Password: ENTER
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>

4.

Use the ls command to list the contents of the current directory.

5.

ftp> ls
...
drwxr-xr-x ... pub
226 Directory send OK.
ftp>
Notice that the current directory contains a single directory, pub.
Use the ls command to list the contents of the pub directory.

ftp> ls pub
...
-rw-r--r-- ... test_file
226 Directory send OK.
ftp>
Notice that the pub directory contains a single file, test_file.
This confirms that the current location of the anonymous FTP user is /var/ftp on
host03.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 21

Oracle Internal & Oracle Academy Use Only

1.

6.

Use the pwd command to display the current directory.

7.

ftp> pwd
257 /
ftp>
Notice that the output indicates that the current directory is the root-level directory even
though the actual directory is /var/ftp.

This confirms that anonymous users are placed in a chroot jail by default.
Use the quit command to exit ftp.

8.

From host01, ftp to host03 as oracle user. Password is oracle.

9.

[host01]$ ftp host03


Connected to host03: (192.0.2.103).
220 (vsFTPd 2.2.2)
Name...: oracle
331 Please specify the password.
Password: oracle
500 OOPS: cannot change directory:/home/oracle
Login failed.
ftp>
Notice that login failed for oracle user.
Use the quit command to exit ftp.
ftp> quit
221 Goodbye.

10. On host03, use the setenforce command to change SELinux to permissive mode. Use
the getenforce command before and after to confirm the change.
[host03]# getenforce
Enforcing
[host03]# setenforce 0
[host03]# getenforce
Permissive
11. From host01, ftp to host03 as oracle user. Password is oracle.
[host01]$ ftp host03
Connected to host03: (192.0.2.103).
220 (vsFTPd 2.2.2)
Name...: oracle
331 Please specify the password.
Password: oracle
230 Login successful.
...
ftp>
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 22

Oracle Internal & Oracle Academy Use Only

ftp> quit
221 Goodbye.

Notice that login was successful this time.


Setting SELinux to permissive mode allows oracle user to connect to FTP server.

12. Use the quit command to exit ftp.


ftp> quit
221 Goodbye.

# semanage boolean l | grep ftp


ftp_home_dir
-> off
Allow ftp to read and write
files in the user home directories
...
Notice that the ftp_home_dir Boolean is set to off.

b.

This Boolean seems to be the cause of the oracle user connection denial.
Use the setenforce command to change SELinux to enforcing mode. Use the
getenforce command to confirm the change.
# setenforce 1
# getenforce
Enforcing

c.

Use the setsebool command to set the ftp_home_dir Boolean to on.


# setsebool ftp_home_dir on

d.

Use the getsebool command to confirm that the current status of the
ftp_home_dir Boolean is on.
# getsebool ftp_home_dir
ftp_home_dir --> on

14. From host01, ftp to host03 as oracle user. Password is oracle.

[host01]$ ftp host03


Connected to host03: (192.0.2.103).
220 (vsFTPd 2.2.2)
Name...: oracle
331 Please specify the password.
Password: oracle
230 Login successful.
...
ftp>
Notice that login was successful this time.
Setting the ftp_home_dir SELinux Boolean on allows oracle user to connect to
FTP server when SELinux policy is enforced.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 23

Oracle Internal & Oracle Academy Use Only

13. From host03, determine which SELinux Boolean(s) denied oracle user connection to FTP
server.
a. Use the semanage command to list FTP-related Booleans.

15. Use the pwd command to display the current directory. Use the cd command to move up
one level in the directory structure.
ftp> pwd
257 /home/oracle
ftp> cd ..
250 Directory successfully changed.
ftp> pwd
257 /home
ftp>
The output indicates that the oracle user was placed in its home directory.
This is the case for all local users that access a vsftpd server; they are placed in their
home directory by default, and not in a chroot jail.
16. Use the quit command to exit ftp.
ftp> quit
221 Goodbye.
17. On host03, enable options in the /etc/vsftp/vsftpd.conf file to put local users in a
chroot jail.
a. Use the vi editor to set the chroot_local_user directive to YES.
chroot_local_user=YES
b.

Ensure that the following chroot directives are commented out (preceded with a #
sign, as shown).
#chroot_list_enable=YES
#chroot_list_file=/etc/vsftpd/chroot_list

c.

Use the service command to restart the vsftpd service.


# service vsftpd restart
Shutting down vsftpd:
Starting vsftpd for vsftpd:

[
[

OK
OK

]
]

18. From host01, ftp to host03 as oracle user. Password is oracle.


[host01]$ ftp host03
Connected to host03: (192.0.2.103).
220 (vsFTPd 2.2.2)
Name...: oracle
331 Please specify the password.
Password: oracle
230 Login successful.
...
ftp>
19. Use the pwd command to display the current directory. Use the ls command to list the
contents of the current directory.
ftp> pwd
257 /
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 24

Oracle Internal & Oracle Academy Use Only

ftp> ls
...
drwxr-xr-x ... Desktop
drwxr-xr-x ... Documents
drwxr-xr-x ... Downloads
drwxr-xr-x ... Music
...
The output indicates that the current directory is the root-level directory even though
the actual directory is /home/oracle on the vsftpd server, host03.
20. Use the quit command to exit ftp.

Oracle Internal & Oracle Academy Use Only

ftp> quit
221 Goodbye.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 25

Practice 20-5: Configuring iptables


Overview
In this practice, you use the Firewall Configuration GUI as well as the iptables command to
allow a client system to mount an NFS file system.

You completed Practice 12-2 (Partitioning a Storage Device).


You completed Practice 12-3 (Creating ext File systems).
You completed Practice 16-1 (Configuring an NFS Server and an NFS Client).
You completed all Practices for Lesson 18 (Authentication and Directory Services).
This practice is performed on host01 and host03 VMs.

Open a terminal window on each system.


Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.

From host01, un-mount NFS file systems.


a. Un-mount /remote_dev.
b.
c.

2.

Un-mount /home/nis_user.
Display the mounted file systems.
Notice that no NFS mounted file systems are currently mounted.
From host03, view the status of the iptables service.

In this example, iptables is not running.

3.

You were prompted to disable the firewall in Practice 16-1 in order to mount an NFS
file system. However, if you rebooted host03 since then, the service restarted.
From host03, use the system-config-firewall command to display the Firewall
Configuration GUI.
Click Close if the Firewall Configuration Startup message appears.

4.

5.

Notice that the GUI shows the firewall is disabled. The firewall on your system may be
enabled.
Enable the firewall.
a. If the Disable button is active, click Disable.
b. Click the Enable button.
c. Click the Apply button.
d. Click Yes to override any existing firewall configuration.
The firewall is now enabled.
e. Select File > Quit to close the GUI.
From host03, view the status of the iptables service.

The iptables service is now running.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 26

Oracle Internal & Oracle Academy Use Only

Assumptions

6.
7.

From host03, list the NFS exported file systems.


In this example, two NFS file systems are exported.
From host01, attempt to mount an NFS file system
a. Mount the exported /Dev NFS file system from host03 with rw and nosuid options on
the local mountpoint, /remote_dev.

8.

With the firewall enabled, the mount command hangs.

Press Ctrl + C to abort the mount command.


From host03, run the iptables L command.

There are currently no rules containing the string nfs.


10. Use the system-config-firewall command to start the Firewall Configuration GUI.
The GUI appears.
11. From the GUI, select the check box next to the NFS4 service.
This allows the NFS services to be trusted, and not blocked by the firewall.
12. Save the changes made from the GUI.
a. Click the Apply button.
b. Click Yes to override any existing firewall configuration.

The change is now active.


c. Select File > Quit to close the GUI.
13. From host01, attempt to mount host03:/Dev on /remote_dev.
The mount command is successful this time.
14. From host01, display the mounted file systems.

Notice that the host03:/Dev file system is mounted on local file system
/remote_dev.
15. From host03, run the iptables L command, pipe the output to grep, and search for
nfs.
Now there is an nfs rule, which states to accept all incoming TCP traffic from
anywhere when the destination service is nfs.
This rule was created by checking NFS4 in the Firewall Configuration GUI.
16. Run iptables h to display all options.

From the help, notice that the --line-numbers option displays line numbers.

Also notice that the D option deletes a rule.

17. Run the iptables command to list only those rules in the INPUT chain and include line
numbers.

Notice that the rule to accept nfs traffic is line number 4.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 27

Oracle Internal & Oracle Academy Use Only

9.

Notice that the output is similar to output from the service iptables status
command.
Run the iptables L command again, but this time pipe the output to grep and search
for nfs.

18. Use the iptables command to delete line number 4 from the INPUT chain. Run the
previous command to confirm that the rule is deleted.
Notice that the nfs rule in line number 4 has been deleted.
Any rules below line number 4 have been renumbered.
19. Use the service command to save the iptables rules.

After making any rule changes, restart the iptables service.


21. From host01, un-mount and attempt to re-mount the NFS file system.
a. Un-mount /remote_dev.
b. Display the mounted file systems.
Notice that no NFS mounted file systems are currently mounted.
c. Use the mount command to mount host03:/Dev on /remote_dev.
The mount command hangs on host01, press Ctrl + C to abort.
22. From host03, use the iptables command to insert the nfs rule after line 4 with the
following characteristics from the command line:
Chain = INPUT

Protocol = tcp

State = NEW

Destination port = nfs

Target = ACCEPT

This rule accepts incoming tcp traffic for nfs.


23. Save the iptables rules.
24. View the /etc/sysconfig/iptables file.
Notice that the new rule has the actual port number, 2049, for nfs.
25. Search for 2049 in the /etc/services file.
26. Restart the iptables service.
27. From host01, attempt to mount the NFS file system.
a. Mount host03:/Dev on /remote_dev.

b.

The mount command is successful this time.


Display the mounted file systems.
Notice that the host03:/Dev file system is mounted on local file system
/remote_dev.

28. From host03, stop the iptables service.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 28

Oracle Internal & Oracle Academy Use Only

Always save after making any rule changes.


20. Use the service command to restart the iptables service.

Solution 20-5: Configuring iptables


Tasks
1.

From host01, un-mount NFS file systems.


a. Use the umount command to un-mount /remote_dev.
[host01]# umount /remote_dev
b.

Use the umount command to un-mount /home/nis_user.


[host01]# umount /home/nis_user

2.

Use the df command to display the mounted file systems.

[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
Notice that no NFS mounted file systems are currently mounted.
From host03, use the service command view the status of the iptables service.

# service iptables status


iptables: Firewall is not running.
In this example, iptables is not running.

3.

You were prompted to disable the firewall in Practice 16-1 in order to mount an NFS
file system. However, if you rebooted host03 since then, the service restarted.
From host03, use the system-config-firewall command to display the Firewall
Configuration GUI.
# system-config-firewall
Click Close if the Firewall Configuration Startup message appears. The GUI appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 29

Oracle Internal & Oracle Academy Use Only

c.

4.

5.

Notice that the GUI shows the firewall is disabled. The firewall on your system may be
enabled.
Enable the firewall.
a. If the Disable button is active, click Disable.
b. Click the Enable button.
c. Click the Apply button.
d. Click Yes to override any existing firewall configuration.
The firewall is now enabled.
e. Select File > Quit to close the GUI.
From host03, use the service command view the status of the iptables service.
# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target
prot opt source
1
ACCEPT
all
-0.0.0.0/0
...
Chain FORWARD (policy ACCEPT)
num target
prot opt source
1
REJECT
all
-0.0.0.0/0
...
Chain OUTPUT (policy ACCEPT)
num target
prot opt source

destination
0.0.0.0/0

state ...

destination
0.0.0.0/0

reject...

destination

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 30

Oracle Internal & Oracle Academy Use Only

6.

7.

The iptables service is now running.


From host03, use the showmount command to list the NFS exported file systems.
[host03]# showmount e
/home/nis_user *
/Dev
*
In this example, two NFS file systems are exported.
From host01, attempt to mount an NFS file system.
a. Use the mount command to mount the exported /Dev NFS file system from host03
with rw and nosuid options on the local mountpoint, /remote_dev.

8.

Press Ctrl + C to abort the mount command.

From host03, run the iptables L command.

[host03]# iptables L
Chain INPUT (policy ACCEPT)
target
prot opt source
destination
ACCEPT
all
-0.0.0.0/0 0.0.0.0/0
state RELATED...
...
Notice that the output is similar to output from the service iptables status
command.
9. Run the iptables L command again, but this time pipe the output to grep and search
for nfs.
[host03]# iptables L | grep nfs
There are currently no rules containing the string nfs.
10. Use the system-config-firewall command to start the Firewall Configuration GUI.

# system-config-firewall
The GUI appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 31

Oracle Internal & Oracle Academy Use Only

[host01]# mount t nfs o rw,nosuid host03:/Dev /remote_dev


With the firewall enabled, the mount command hangs.

This allows the NFS services to be trusted, and not blocked by the firewall.
12. Save the changes made from the GUI.
a. Click the Apply button.
b. Click Yes to override any existing firewall configuration.
The change is now active.
c. Select File > Quit to close the GUI.
13. From host01, use the mount command to mount host03:/Dev on /remote_dev.
[host01]# mount t nfs o rw,nosuid host03:/Dev /remote_dev
The mount command is successful this time.
14. From host01, use the df command to display the mounted file systems.

[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
host03:/Dev 1008M
62M
896M
7% /remote_dev
Notice that the host03:/Dev file system is mounted on local file system
/remote_dev.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 32

Oracle Internal & Oracle Academy Use Only

11. From the GUI, select the check box next to the NFS4 service, as shown.

15. From host03, run the iptables L command, pipe the output to grep, and search for
nfs.
[host03]# iptables L | grep nfs
ACCEPT
tcp -- anywhere anywhere state NEW tcp dpt:nfs
Now there is an nfs rule, which states to accept all incoming TCP traffic from
anywhere when the destination service is nfs.

[host03]# iptables h
iptables v1.4.7
Usage: iptables [AD] chain rule-specification [options]
iptables I chain [rulenum] rule-specification ...
...
From the help, notice that the --line-numbers option displays line numbers.

Also notice that the D option deletes a rule.

17. Run the iptables command to list only those rules in the INPUT chain and include line
numbers.
[host03]# iptables L INPUT --line-numbers
Chain INPUT (policy ACCEPT)
num target
prot opt source
destination
1
ACCEPT
all
-0.0.0.0/0 0.0.0.0/0
state ...
...
4
ACCEPT
tcp
-0.0.0.0/0 0.0.0.0/0
state ...nfs
...
Notice that the rule to accept nfs traffic is line number 4.
18. Use the iptables command to delete line number 4 from the INPUT chain. Run the
previous command to confirm that the rule is deleted.
[host03]# iptables D INPUT 4
[host03]# iptables L INPUT --line-numbers
Chain INPUT (policy ACCEPT)
num target
prot opt source
destination
1
ACCEPT
all
-0.0.0.0/0 0.0.0.0/0
state ...
...
Notice that the nfs rule in line number 4 has been deleted.
Any rules below line number 4 have been renumbered.
19. Use the service command to save the iptables rules.

[host03]# service iptables save


iptables: Saving firewall rules to /etc/sysconfig/iptables...
Always save after making any rule changes.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 33

Oracle Internal & Oracle Academy Use Only

This rule was created by checking NFS4 in the Firewall Configuration GUI.
16. Run iptables h to display all options.

20. Use the service command to restart the iptables service.


[host03]# service iptables restart
iptables: Flushing firewall rules:
iptables: Setting chains to policy ACCEPT: filter
iptables: Unloading modules:
iptables: Applying firewall rules:
After making any rule changes, restart the iptables service.
21. From host01, un-mount and attempt to re-mount the NFS file system.
a. Use the umount command to un-mount /remote_dev.

[
[
[
[

OK
OK
OK
OK

]
]
]
]

[host01]# umount /remote_dev


Use the df command to display the mounted file systems.

[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
Notice that no NFS mounted file systems are currently mounted.
c. Use the mount command to mount host03:/Dev on /remote_dev.
[host01]# mount t nfs o rw,nosuid host03:/Dev /remote_dev
The mount command hangs on host01, press Ctrl + C to abort.
22. From host03, use the iptables command to insert the nfs rule after line 4 with the
following characteristics from the command line:
Chain = INPUT

Protocol = tcp

State = NEW

Destination port = nfs

Target = ACCEPT

[host03]# iptables I INPUT 4 p tcp m state -state NEW dport nfs j ACCEPT
This rule accepts incoming tcp traffic for nfs.

23. Use the service command to save the iptables rules.


[host03]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables...
24. Use the cat command to view the /etc/sysconfig/iptables file.

[host03]# cat /etc/sysconfig/iptables


...
-A INPUT p tcp m state --state NEW -m tcp -dport 2049 j
ACCEPT
...
Notice that the new rule has the actual port number, 2049, for nfs.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 34

Oracle Internal & Oracle Academy Use Only

b.

25. Use the grep command to search for 2049 in the /etc/services file.
[host03]# grep 2049 /etc/services
nfs 2049/tcp ...
26. Use the service command to restart the iptables service.
[host03]#
iptables:
iptables:
iptables:
iptables:

service iptables restart


Flushing firewall rules:
Setting chains to policy ACCEPT: filter
Unloading modules:
Applying firewall rules:

[
[
[
[

OK
OK
OK
OK

]
]
]
]

[host01]# mount t nfs o rw,nosuid host03:/Dev /remote_dev

b.

The mount command is successful this time.


From host01, use the df command to display the mounted file systems.

[host01]# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 1.8G
3.8G
32% /
...
host03:/Dev 1008M
62M
896M
7% /remote_dev
Notice that the host03:/Dev file system is mounted on local file system
/remote_dev.
28. From host03, use the service command to stop the iptables service.
[host03]#
iptables:
iptables:
iptables:

service iptables stop


Flushing firewall rules
Setting chains to policy ACCEPT: filter
Unloading modules

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 35

[
[
[

OK
OK
OK

]
]
]

Oracle Internal & Oracle Academy Use Only

27. From host01, attempt to mount the NFS file system.


a. Use the mount command to mount host03:/Dev on /remote_dev.

Practice 20-6: Configuring a TCP Wrapper


Overview
In this practice, you configure a TCP wrapper to deny one system from using OpenSSH utilities
to connect to another system. You also create a custom log file to capture connection attempts
that are denied.

This practice is performed on host01 and host03 VMs.


Open a terminal window on each system.

Log in as the root user on each system.

The prompts in the solution section include either host01 or host03 to indicate which
system to enter the command from.

Tasks
1.
2.

From host01, confirm that you can use the ssh command to connect to host03. Password
is 0racle. Use the logout command to log off after confirming that you can connect.
On host03, use the vi editor to edit /etc/hosts.deny and add the following entry:
sshd : 192.0.2.101

3.

This entry denies host01 (192.0.2.101) from using the OpenSSH utilities to connect
to host03.
From host01, attempt to use the ssh command to connect to host03.

4.

This time you are denied connecting using ssh.

5.

On host03, use the vi editor to edit /etc/hosts.deny and modify the entry as follows:
sshd : 192.0.2.101 : spawn /bin/echo %c tried to connect to %d
and was blocked. >> /var/log/tcpwrappers.log
From host01, attempt to use the ssh command to connect to host03.

6.

You are still denied connecting and a message was written to a log file.
On host03, view the /var/log/tcpwrappers.log file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 36

Oracle Internal & Oracle Academy Use Only

Assumptions

Solution 20-6: Configuring a TCP Wrapper


Tasks
1.

From host01, confirm that you can use the ssh command to connect to host03. Password
is 0racle. Use the logout command to log off after confirming that you can connect.

2.

On host03, use the vi editor to edit /etc/hosts.deny and add the following entry:
sshd : 192.0.2.101

3.

4.

5.

This entry denies host01 (192.0.2.101) from using the OpenSSH utilities to connect
to host03.
From host01, attempt to use the ssh command to connect to host03.

[host01] # ssh host03


Ssh_exchange_identification: Connection closed by remote host
[host01] #
This time you are denied connecting using ssh.
On host03, use the vi editor to edit /etc/hosts.deny and modify the entry as follows:
sshd : 192.0.2.101 : spawn /bin/echo %c tried to connect to %d
and was blocked. >> /var/log/tcpwrappers.log
From host01, attempt to use the ssh command to connect to host03.

[host01] # ssh host03


Ssh_exchange_identification: Connection closed by remote host
[host01] #
You are still denied connecting and a message was written to a log file.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 37

Oracle Internal & Oracle Academy Use Only

[host01] # ssh host03


Root@host03s password: 0racle
Last login: ...
[root@host03 ~]# logout
Connection to host03 closed.
[host01] #

6.

On host03, use the cat command to view the /var/log/tcpwrappers.log file.

Oracle Internal & Oracle Academy Use Only

[host03] # cat /var/log/tcpwrappers.log


192.0.2.101 tried to connect to sshd and was blocked.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 20: Security Administration


Chapter 20 - Page 38

Chapter 21

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 21: Web


and Email Services

Practices for Lesson 21


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you configure the Apache web server.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 2

Practice 21-1: Configuring Apache Web Server


Overview
In this practice, you:

Verify that the httpd package is installed, start the service, and ensure that the
service starts at boot time

Create a test page to verify that Apache is working correctly


Configure two virtual hosts, each serving different web content

You perform this lab exclusively on host03 VM.

You log in as the root user on host03.

Tasks
1.

On host03, verify that the httpd package is installed.

In this example, the httpd package is installed.

2.
3.
4.

5.

6.

7.

The httpd-tools package is also installed. This package contains tools that can
be used with the Apache HTTP server.
Ensure the httpd service is started.
Enable the httpd service to start at boot time.
Confirm that Apache is working, by pointing a browser on host03 to http://localhost.
a. On the GNOME menu bar, click the icon to the right of the System menu option to start
the Firefox web browser.
The browser appears.
b. Enter http://localhost in the browser and press Enter.
The Apache Test Page appears.
The Test Page confirms that Apache is working correctly.
Exclude virtual host server names from HTTP Proxy.
a. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
b. Click the Advanced menu option, and then select the Network tab.
c. Click the Settings tab and append the following to the No Proxy for list (separate
entries with a comma):
1) www.example1.com
2) www.example2.com
d. Click OK to save your changes.
e. Click Close to close the Firefox Preferences window.
f. Close the Firefox web browser by selecting File > Quit from the menu bar.
Create a test webpage by using the vi editor to create the /var/www/html/index.html
file and add the following entry:
<html><body><p>This is my test page.</p></body></html>
Restart the Firefox browser and point to http://localhost.

The test webpage appears.


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 3

Oracle Internal & Oracle Academy Use Only

Assumptions

Close the Firefox web browser by selecting File > Quit from the menu bar.
Create a virtual host on the Apache web server; name it www.example1.com.
a. Use the vi editor to edit the /etc/httpd/conf/httpd.conf file to add the
following entries to the end of the file:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example1.com
DocumentRoot /var/www/example1
ErrorLog /var/log/httpd/example1.error_log
<Directory /var/www/example1>
Order deny,allow
Deny from all
Allow from 192.0.2
</Directory>
</VirtualHost>
b. Use the vi editor to edit the /etc/hosts file and append www.example1.com to the
192.0.2.103 entry as follows:
192.0.2.103 host03.example.com host03 www.example1.com
c. Create a /var/www/example1 directory.
d.
e.

Copy the /var/www/html/index.html file to the /var/www/example1 directory.


Use the vi editor to edit the /var/www/example1/index.html file as follows:
<html><body><p>This is my test page for
www.example1.com.</p></body></html>

f. Restart the httpd service.


10. Restart the Firefox browser and point to http://www.example1.com.
The test webpage appears.
11. Close the Firefox web browser by selecting File > Quit from the menu bar.
12. Create a second virtual host on the Apache web server named www.example2.com.
a. Use the vi editor to edit the /etc/httpd/conf/httpd.conf file to add the
following entries to the end of the file:
<VirtualHost *:80>
ServerName www.example2.com
DocumentRoot /var/www/example2
ErrorLog /var/log/httpd/example2.error_log
<Directory /var/www/example2>
Order deny,allow
Deny from all
Allow from 192.0.2
</Directory>
</VirtualHost>

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 4

Oracle Internal & Oracle Academy Use Only

8.
9.

b.

c.

Use the vi editor to edit the /etc/hosts file to append www.example2.com to the
192.0.2.103 entry as follows:
192.0.2.103 host03... www.example1.com www.example2.com
Make the /var/www/example2 directory.

Copy the /var/www/example1/index.html file to the /var/www/example2


directory.
e. Use the vi editor to edit the /var/www/example2/index.html file as follows:
<html><body><p>This is my test page for
www.example2.com.</p></body></html>
f. Restart the httpd service.
13. Restart the Firefox browser and point to http://www.example2.com.
The example2 test webpage appears.
14. Close the Firefox web browser by selecting File > Quit from the menu bar.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 5

Oracle Internal & Oracle Academy Use Only

d.

Solution 21-1: Configuring Apache Web Server


Tasks
1.

On host03, use the rpm command to verify that the httpd package is installed.
# rpm qa | grep httpd
httpd-tools-...
httpd-...
In this example, the httpd package is installed.

# service httpd start


...
3.

Use the chkconfig command to enable the httpd service to start at boot time.
# chkconfig httpd on
# chkconfig httpd --list

4.

Confirm that Apache is working, by pointing a browser on host03 to http://localhost.


a. On the GNOME menu bar, click the icon to the right of the System menu option to start
the Firefox web browser.

The browser appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 6

Oracle Internal & Oracle Academy Use Only

2.

The httpd-tools package is also installed. This package contains tools that can
be used with the Apache HTTP server.
Use the service command to start the httpd service.

Enter http://localhost in the browser and press ENTER.

5.

The Apache Test Page appears.

The Test Page confirms that Apache is working correctly.


Exclude virtual host server names from HTTP Proxy.
a. From the browser menu bar, select Edit > Preferences to display the Firefox
Preferences window.
b. Click the Advanced menu option, and then select the Network tab.
c. Click the Settings tab and append the following to the No Proxy for list (separate
entries with a comma):
1) www.example1.com
2) www.example2.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 7

Oracle Internal & Oracle Academy Use Only

b.

6.

This Connection Settings window should look like the following:

d. Click OK to save your changes.


e. Click Close to close the Firefox Preferences window.
f. Close the Firefox web browser by selecting File > Quit from the menu bar.
Create a test webpage by using the vi editor to create the /var/www/html/index.html
file and add the following entry.
<html><body><p>This is my test page.</p></body></html>

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 8

Oracle Internal & Oracle Academy Use Only

Restart the Firefox browser and point to http://localhost.

8.
9.

The test webpage appears.

Close the Firefox web browser by selecting File > Quit from the menu bar.
Create a virtual host on the Apache web server; name it www.example1.com.
a. Use the vi editor to edit the /etc/httpd/conf/httpd.conf file to add the
following entries to the end of the file:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example1.com
DocumentRoot /var/www/example1
ErrorLog /var/log/httpd/example1.error_log
<Directory /var/www/example1>
Order deny,allow
Deny from all
Allow from 192.0.2
</Directory>
</VirtualHost>
b.

Use the vi editor to edit the /etc/hosts file and append www.example1.com to the
192.0.2.103 entry as follows:
192.0.2.103 host03.example.com host03 www.example1.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 9

Oracle Internal & Oracle Academy Use Only

7.

c.

Use the mkdir command to make the /var/www/example1 directory.


# mkdir /var/www/example1

d.

Use the cp command to copy the /var/www/html/index.html file to the


/var/www/example1 directory.

e.

Use the vi editor to edit the /var/www/example1/index.html file as follows:


<html><body><p>This is my test page for
www.example1.com.</p></body></html>

f.

Use the service command to restart the httpd service.


# service httpd restart
Stopping httpd
Starting httpd:

[
[

OK
OK

]
]

10. Restart the Firefox browser and point to http://www.example1.com.

The test webpage appears.

11. Close the Firefox web browser by selecting File > Quit from the menu bar.
12. Create a second virtual host on the Apache web server named www.example2.com.
a. Use the vi editor to edit the /etc/httpd/conf/httpd.conf file to add the
following entries to the end of the file:
<VirtualHost *:80>
ServerName www.example2.com
DocumentRoot /var/www/example2
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 10

Oracle Internal & Oracle Academy Use Only

# cp /var/www/html/index.html /var/www/example1

ErrorLog /var/log/httpd/example2.error_log
<Directory /var/www/example2>
Order deny,allow
Deny from all
Allow from 192.0.2
</Directory>
</VirtualHost>
b.

Use the vi editor to edit the /etc/hosts file to append www.example2.com to the
192.0.2.103 entry as follows:
192.0.2.103 host03... www.example1.com www.example2.com

c.

Use the mkdir command and make the /var/www/example2 directory.

d.

Use the cp command to copy the /var/www/example1/index.html file to the


/var/www/example2 directory.
# cp /var/www/example1/index.html /var/www/example2

e.

f.

Use the vi editor to edit the /var/www/example2/index.html file as follows:


<html><body><p>This is my test page for
www.example2.com.</p></body></html>
Use the service command to restart the httpd service.
# service httpd restart
Stopping httpd
Starting httpd:

[
[

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 11

OK
OK

]
]

Oracle Internal & Oracle Academy Use Only

# mkdir /var/www/example2

13. Restart the Firefox browser and point to http://www.example2.com.


The example2 test webpage appears as shown.

14. Close the Firefox web browser by selecting File > Quit from the menu bar.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 21: Web and Email Services


Chapter 21 - Page 12

Oracle Internal & Oracle Academy Use Only

Chapter 22

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 22:


System Monitoring and
Troubleshooting

Practices for Lesson 22


Practices Overview
In these practices, you:
Use the sosreport utility to collect system information

Configure kdump

Install and use OSWatcher

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 2

Practice 22-1: Using sosreport to Collect System Information


Overview
In this practice, you:

Use the sosreport utility to collect system information

Extract the compressed TAR file and view the collected information
View the status of the sosreport plug-ins

Assumptions

You are the root user on host03 VM.

1.
2.

3.
4.

5.
6.

Verify that the sos packing is installed.


In this example, the package is installed.
Run the sosreport command.
a. Press Enter when prompted to continue.
b. Provide your first initial and last name when prompted.
c. Enter number 1 as the case number for which you are generating the report.
Change to the /tmp directory.
Display a long listing of the /tmp directory.

Notice the two sosreport files, one with .xz extension and one with .md5 extension.

The .xz file is the compressed data file.

Note the size of the .xz file.

Use the xz d command to uncompress the .xz file.


Display a long listing of the /tmp directory.

7.

Notice that the sosreport file with the .tar.xz extension now has a .tar
extension.
Note the size of the .tar fileit is considerably larger than the compressed (.xz) file.
Use the tar command to extract the .tar file.

8.
9.

Notice that the tar file is extracted in a host03-... directory.

Change to the host03-... directory.


Display a long listing of the host03-... directory.

Notice that a number of directories that contain data collected from the system exist.
Notice that a number of symbolic links that contain the output of several status-related
commands exist.
10. Use the sosreport l command to list the plug-ins.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 22-1: Using sosreport to Collect System Information


1.

Use the rpm command to verify that the sos packing is installed.

2.

[host03]# rpm qa sos


sos-...
In this example, the package is installed.
Run the sosreport command.
a. Press Enter when prompted to continue.
b. Provide your first initial and last name when prompted.
c. Enter number 1 as the case number for which you are generating the report.
[host03]# sosreport
sosreport (version 2.2)
This utility will collect some detailed information about...
Press ENTER to continue, or CTRL-C to quit. ENTER
Please enter your first initial and last name [host03]: cmac
Please enter the case number that your are generating... 1
Running plugins. Please wait ...
Completed...
...
Your sosreport has been generated and saved in:
/tmp/sosreport-...
...

3.

Use the cd command to change to the /tmp directory.


[host03]# cd /tmp

4.

5.

Use the ls command to display a long listing of the /tmp directory.

[host03]# ls l
...
-rw------- sosreport-...tar.xz
-rw------- sosreport-...tar.xz.md5
...
Notice the two sosreport files, one with .xz extension and one with .md5 extension.

The .xz file is the compressed data file.

Note the size of the .xz file.

Use the xz d command to uncompress the .xz file.


[host03]# xz d sosreport-...tar.xz

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 4

Oracle Internal & Oracle Academy Use Only

Tasks

Use the ls command to display a long listing of the /tmp directory.

[host03]# ls l
...
-rw------- sosreport-...tar
-rw------- sosreport-...tar.xz.md5
...
Notice that the sosreport file with the .tar.xz extension now has a .tar
extension.
Note the size of the .tar fileit is considerably larger than the compressed (.xz) file.

7.

Use the tar command to extract the .tar file.

8.

[host03]# tar xvf sosreport-...tar


host03-.../
host03-.../lsmod
host03-.../boot/
host03-.../boot/grub
host03-.../boot/grub/grub.conf
...
host03-.../root/install.log.syslog
host03-.../root/anaconda-ks.cfg
Notice that the tar file is extracted in a host03-... directory.
Use the cd command to change to the host03-... directory.
[host03]# cd host03-*

9.

Use the ls command to display a long listing of the host03-... directory.

[host03]# ls l
...
drwxr-xr-x
boot
lrwxrwxrwx
chkconfig -> sos_commands/startup/...
lrwxrwxrwx
date -> sos_commands/startup/...
...
drwxr-xr-x
etc
lrwxrwxrwx
free -> sos_commands/startup/...
lrwxrwxrwx
hostname -> sos_commands/startup/...
...
drwxr-xr-x
lib
...
Notice that a number of directories that contain data collected from the system exist.
Notice that a number of symbolic links that contain the output of several status-related
commands exist.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 5

Oracle Internal & Oracle Academy Use Only

6.

[host03]# sosreport l
sosreport (version 2.2)
The following plugins are currently enabled:
acpid
acpid related information
anaconda
Anaconda / Installation information
...
The following plugins are currently disabled:
amd
Amd automounter information
cluster
cluster suite and GFS related information
...
The following plugin options are available:
apache.log
off gathers all apache logs
...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 6

Oracle Internal & Oracle Academy Use Only

10. Use the sosreport l command to list the plug-ins.

Practice 22-2: Configuring kdump


Overview
In this practice, you:

Configure kdump by using the Kernel Dump Configuration GUI

View the kdump configuration file, which is updated as you apply changes in the GUI

You are the root user on host03 VM.

The kdump mechanism is not supported on Xen domU guest systems.

However, you proceed with the lab as if kdump is supported.

Tasks
1.
2.

3.

Verify that the kexec-tools package is installed.


In this example, the package is installed.
Use the system-config-kdump command to display the Kernel Dump Configuration
GUI.
In this example, the kernel crash dump mechanism is disabled.
Click the Enable button to start the kdump daemon at boot time.

Notice that the amount of memory reserved for kdump is 128 MB.

This amount of memory is represented by the crashkernel option and is appended


to the kernel line in the GRUB configuration file, /boot/grub/grub.conf as follows:
kernel /vmlinuz-2.6.39-100.5.1.el6uek ... crashkernel=128M

4.

You must reboot if the amount of memory reserved for kdump is changed or if kdump
is enabled from a disabled state.
Click the Target settings tab in the GUI.

This page is used to specify the target location for the vmcore dump.

5.
6.

Notice that the default target location is the /var/crash directory on the local file
system.
This setting is represented as follows in the /etc/kdump.conf configuration file:
path /var/crash
Click the Partition drop-down list to display the partition selections.
Notice that the UUIDs for the available devices on the local system are displayed.
Select any UUID and set the Path at /var/crash.

7.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
ext4 UUID=<your selection>

Click the Network and NFS buttons and enter host02.example.com for Server name.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
net host02.example.com
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 7

Oracle Internal & Oracle Academy Use Only

Assumptions

8.

Click the Network and SSH buttons and enter root as the User name.

9.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
net root@host02.example.com
Click the Filtering settings tab in the GUI.

These default settings are represented as follows in the /etc/kdump.conf


configuration file:
core_collector makedumpfile -d 17 c
10. Check all Filtering level options.
These settings are represented as follows in the /etc/kdump.conf configuration file:
core_collector makedumpfile -d 31 c
11. Click the Expert settings tab in the GUI.
12. Scroll down and click the Default action drop-down menu to display the actions that the
system can take when the kernel crash is captured.
13. Click the halt option.

This selection is represented as follows in the /etc/kdump.conf configuration file:


default halt
14. Click Apply.

A warning message appears indicating that the kdump mechanism is not supported on
Xen domU guest systems.
15. Click OK.

A need reboot message appears if you change memory settings if you enable kdump
from a disabled state.

Again, this message does not apply, because kdump is not supported on the VM
guests.
16. Click OK.
A configuration saved message appears.
The configuration is saved, but the service does not start on VM guests.
17. Click OK, and then select File > Quit from the Kernel Dump Configuration menu bar.
18. From the command line, display the status of the kdump daemon.

A message indicating kdump is unsupported is displayed.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 8

Oracle Internal & Oracle Academy Use Only

Solution 22-2: Configuring kdump


1.

Use the rpm command to verify that the kexec-tools package is installed.

2.

# rpm qa | grep kexec


kexec-tools-...
In this example, the package is installed.
Use the system-config-kdump command to display the Kernel Dump Configuration
GUI.
# system-config-kdump
The GUI appears.

In this example, the kernel crash dump mechanism is disabled.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 9

Oracle Internal & Oracle Academy Use Only

Tasks

Click the Enable button to start the kdump daemon at boot time.

Notice that the amount of memory reserved for kdump is 128 MB.

This amount of memory is represented by the crashkernel option and is appended


to the kernel line in the GRUB configuration file, /boot/grub/grub.conf as follows:
kernel /vmlinuz-2.6.39-100.5.1.el6uek ... crashkernel=128M

You must reboot if the amount of memory reserved for kdump is changed or if kdump
is enabled from a disabled state.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 10

Oracle Internal & Oracle Academy Use Only

3.

Click the Target settings tab in the GUI.

This page is used to specify the target location for the vmcore dump.

5.

Notice that the default target location is the /var/crash directory on the local file
system.
This setting is represented as follows in the /etc/kdump.conf configuration file:
path /var/crash
Click the Partition drop-down list to display the partition selections.

6.

Notice that the UUIDs for the available devices on the local system are displayed
(sample display only).
Select any UUID and set the Path at /var/crash.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
ext4 UUID=<your selection>

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 11

Oracle Internal & Oracle Academy Use Only

4.

Click the Network and NFS buttons and enter host02.example.com for Server name as
shown.

8.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
net host02.example.com

Click the Network and SSH buttons and enter root as the User name as shown.

These settings are represented as follows in the /etc/kdump.conf configuration file:


path /var/crash
net root@host02.example.com

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 12

Oracle Internal & Oracle Academy Use Only

7.

Click the Filtering settings tab in the GUI.

These default settings are represented as follows in the /etc/kdump.conf


configuration file:
core_collector makedumpfile -d 17 c
10. Check all Filtering level options as shown.

These settings are represented as follows in the /etc/kdump.conf configuration file:


core_collector makedumpfile -d 31 c

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 13

Oracle Internal & Oracle Academy Use Only

9.

12. Scroll down and click the Default action drop-down menu to display the actions that the
system can take when the kernel crash is captured, as shown.

13. Click the halt option.

This selection is represented as follows in the /etc/kdump.conf configuration file:


default halt

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 14

Oracle Internal & Oracle Academy Use Only

11. Click the Expert settings tab in the GUI.

The kdump mechanism is not supported on Xen domU guest systems.


15. Click OK.

The following message appears if you change memory settings if you enable kdump
from a disabled state.

Again, this message does not apply, because kdump is not supported on the VM
guests.
16. Click OK. The following message appears:

The configuration is saved, but the service does not start on VM guests.
17. Click OK, and then select File > Quit from the Kernel Dump Configuration menu bar.
18. From the command line, use the service command to view the status of the kdump
daemon.
# service kdump status
Kdump is unsupported on this kernel

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 15

Oracle Internal & Oracle Academy Use Only

14. Click Apply.


The following message appears:

Practice 22-3: Installing and Using OSWatcher


Overview
In this practice, you install and run the OSWatcher Black Box (OSWbb) product and view the
collected data. Reference Doc ID 580513.1 for How To Start OSWatcher Black Box Every
System Boot.

Assumptions

You are the root user on host03 VM.

You are the root user on dom0.

1.

Use sftp to transfer the oswbb403.tar file from dom0 to host03.


a.

From host03, verify that sshd is running. Start the service if necessary.

In this example, the service is running.


b. From dom0, change to the /OVS/seed_pool/sfws directory.
c. View the directory for the OSWbb TAR file.
d. Use the sftp command to connect to host03 as root. Password is 0racle.
e. Use the put command to copy the OSWbb TAR file to host03.
f. Exit sftp.
Perform all remaining steps in this lab from host03.
2. From host03, install, start, and stop OSWbb.
a. Change to the root users home directory.
b. Use the tar command to extract the oswbb403.tar file.
c.

Change to the oswbb directory, and then view the contents of the directory.

d.

Notice the startOSWbb.sh file, which is the script used to start OSWbb.
Use the startOSWbb.sh command to start OSWbb.

e.

The error message implies the startOSWbb.sh script is a ksh (Korn shell) script
and that /usr/bin/ksh is not found.
View the first few lines of startOSWbb.sh.

The first line in startOSWbb.sh confirms that the file is a Korn shell script.
Verify that the ksh package is installed.

g.

In this example, the package is not installed.


Use the yum command to install the ksh package.

h.

Use the startOSWbb.sh command to start OSWbb.

f.

i.

Determine the location of the ksh utility.

j.

The error message indicates that /usr/bin/ksh still cannot be found.


Notice that the location of ksh is /bin, but the startOSWbb.sh script expects ksh
to be in /usr/bin.
Create a symbolic link, /usr/bin/ksh, which points to /bin/ksh.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 16

Oracle Internal & Oracle Academy Use Only

Tasks

k.

Use the startOSWbb.sh command to start OSWbb.

OSWbb started successfully, the discovery process completed and data collection
begins.

4.

The directory contains nine subdirectories, one for each data collector.
View the oswiostat directory.
a.
b.

5.

6.

The archive directory is created when OSWbb is started for the first time.

Change to the oswiostat directory, and then view the contents of the directory.
View the file.

Notice that this file contains the output of the iostat command.

The iostat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
View the oswmpstat directory.
a. Change to the oswmpstat directory, and then view the contents of the directory.
b. View the file.

Notice that this file contains the output of the mpstat command.

The mpstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
View the oswprvtnet directory.
a.

Change to the oswprvtnet directory, and then view the contents of the directory.

Notice that this directory is empty.


This directory contains status of RAC private networks.

7.

You need to manually create the private.net file to run traceroute


commands.
View the oswslabinfo directory.
a. Change to the oswslabinfo directory, and then view the contents of the directory.
b. View the file.

Notice that this file contains the contents of the /proc/slabinfo file.

The /proc/slabinfo file is read at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 17

Oracle Internal & Oracle Academy Use Only

3.

The default intervals (snapshotInterval = 30 and archiveInterval = 48)


are used.
l. After a few data collection events (oswbb heartbeat) have completed, use the
stopOSWbb.sh command to stop OSWbb.
View the data collection directories.
a. Change to the archive directory, and then view the contents of the directory.

View the oswvmstat directory.


a. Change to the oswvmstat directory, and then view the contents of the directory.
b.

View the file.


Notice that this file contains the output of the vmstat command.

9.

The vmstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
View the oswmeminfo directory.
a.
b.

Change to the oswmeminfo directory, and then view the contents of the directory.
View the file.

Notice that this file contains the contents of the /proc/meminfo file.

The /proc/meminfo file is read at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
10. View the oswnetstat directory.
a. Change to the oswnetstat directory, and then view the contents of the directory.
b. View the file.
Notice that this file contains the output of the netstat command.

The netstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
11. View the oswps directory.
a.
b.

Change to the oswps directory, and then view the contents of the directory.
View the file.
Notice that this file contains the output of the ps command.

The ps command ran at 30-second intervals (the value of snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
12. View the ostop directory.
a.
b.

Change to the ostop directory, and then view the contents of the directory.
View the file.
Notice that this file contains the output of the top command.

The command ran at 30-second intervals (the value of snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 18

Oracle Internal & Oracle Academy Use Only

8.

Solution 22-3: Installing and Using OSWatcher


Tasks
1.

Use the sftp to copy the oswbb403.tar file from dom0 to host03.
a.

From host03, use the service command to verify that sshd is running. Start the
service if necessary.

c.

Use the ls command to view the directory for the OSWbb TAR file
[dom0]# ls *tar
oswbb403.tar

d.

Use the sftp command to connect to host03 as root. Password is 0racle.


[dom0]# sftp root@host03
root@host03s password: 0racle
sftp>

e.

Use the put command to copy the OSWbb TAR file to host03.
sftp> put oswbb403.tar
Uploading oswbb403.tar to /root/oswbb403.tar
oswbb403.tar ...

f.

Use the quit command to exit sftp.


sftp> quit

Perform all remaining steps in this practice from host03.


2. From host03, install, start, and stop OSWbb.
a. Use the cd command to change to the root users home directory.
# cd
b.

Use the tar command to extract the oswbb403.tar file.


# tar xvf oswbb403.tar
oswbb/
...

c.

Use the cd command to change to the oswbb directory, and then use ls to view the
contents of the directory.
# cd oswbb
# ls
analysis/
locks/
oswlnxio.sh
src
vmsub.sh
docs/
mpsub.sh
oswnet.sh
startOSWbb.sh xtop.sh
Exampleprivate.net ...
...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 19

Oracle Internal & Oracle Academy Use Only

[host03]# service sshd status


opensh-daemon (pid ...) is running...
In this example, the service is running.
b. From dom0, use the cd command to change to the /OVS/seed_pool/sfws
directory.
[dom0]# cd /OVS/seed_pool/sfws


d.

Notice the startOSWbb.sh file, which is the script used to start OSWbb.
Use the startOSWbb.sh command to start OSWbb.

# ./startOSWbb.sh
-bash: ./startOSWbb.sh: /usr/bin/ksh: bad interpreter: No such
file or directory
The error message implies the startOSWbb.sh script is a ksh (Korn shell) script
and that /usr/bin/ksh is not found.
Use the head command to view the first few lines of startOSWbb.sh.
# head startOSWbb.sh
#!/usr/bin/ksh
...
The first line in startOSWbb.sh confirms that the file is a Korn shell script.
f.

Use the rpm command to verify that the ksh package is installed.

# rpm qa ksh
In this example, the package is not installed.
g. Use the yum command to install the ksh package.
# yum install ksh
...
Complete!
h.

Use the startOSWbb.sh command to start OSWbb.

# ./startOSWbb.sh
-bash: ./startOSWbb.sh: /usr/bin/ksh: bad interpreter: No such
file or directory
The error message indicates that /usr/bin/ksh still cannot be found.
i. Use the which command to determine the location of the ksh utility.
# which ksh
/bin/ksh
Notice that the location of ksh is /bin, but the startOSWbb.sh script expects ksh
to be in /usr/bin.
j. Use the ln command to create a symbolic link, /usr/bin/ksh, which points to
/bin/ksh.
# ln s /bin/ksh /usr/bin/ksh
k.

Use the startOSWbb.sh command to start OSWbb.


# ./startOSWbb.sh
Info...You did not enter a value for snapshotInterval.
Info...Using default value = 30
Info...You did not enter a value for archiveInterval.
Info...Using default value = 48
Testing for discover of OS Utilities
VMSTAT found on your system
IOSTAT found on your system
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 20

Oracle Internal & Oracle Academy Use Only

e.

# ./stopOSWbb.sh
3.

View the data collection directories.


a. Use the cd command to change to the archive directory, and then use ls to view the
contents of the directory.
# cd archive
# ls
oswiostat/
oswmpstat/
oswprvtnet/
oswslabinfo/
oswvmstat/
oswmeminfo/ oswnetstat/
oswps/
oswtop/
The archive directory is created when OSWbb is started for the first time.

4.

The directory contains nine subdirectories, one for each data collector.
View the oswiostat directory.
a.

Use the cd command to change to the oswiostat directory, and then use ls to view
the contents of the directory.
# cd oswiostat
# ls
host03.example.com_iostat...

b.

Use the less command to view the file.


# less host03...
Linux OSW v4.0.3
zzz ***...
...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 21

Oracle Internal & Oracle Academy Use Only

MPSTAT found on your system


NETSTAT found on your system
TOP found on your system
Testing for discover of OS CPU COUNT
...
CPU COUNT = 1
Discovery completed.
Starting OSWatcher Black Box v4.0.3 ...
With SnapshotInterval = 30
With ArchiveInterval = 48
...
Starting Data Collection...
oswbb heartbeat:...
oswbb heartbeat:...
oswbb heartbeat:...
...
OSWbb started successfully, the discovery process completed and data collection
begins.
The default intervals (snapshotInterval = 30 and archiveInterval = 48)
are used.
l. After a few data collection events (oswbb heartbeat) have completed, use the
stopOSWbb.sh command to stop OSWbb.

Notice that this file contains the output of the iostat command.

The iostat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

View the oswmpstat directory.


a. Use the cd command to change to the oswmpstat directory, and then use ls to view
the contents of the directory.
# cd ../oswmpstat
# pwd
/root/oswbb/archive/oswmpstat
# ls
host03.example.com_mpstat...
b.

Use the less command to view the file.


# less host03...
Linux OSW v4.0.3
zzz ***...
...
Notice that this file contains the output of the mpstat command.

6.

The mpstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

View the oswprvtnet directory.


a. Use the cd command to change to the oswprvtnet directory, and then use ls to
view the contents of the directory.
# cd ../oswprvtnet
# pwd
/root/oswbb/archive/oswprvtnet
# ls
Notice that this directory is empty.
This directory contains status of RAC private networks.

7.

You need to manually create the private.net file to run traceroute


commands.
View the oswslabinfo directory.
a.

Use the cd command to change to the oswslabinfo directory, and then use ls to
view the contents of the directory.
# cd ../oswslabinfo
# pwd
/root/oswbb/archive/oswslabinfo
# ls
host03.example.com_slabinfo...

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 22

Oracle Internal & Oracle Academy Use Only

5.

b.

Use the less command to view the file.

8.

The /proc/slabinfo file is read at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

View the oswvmstat directory.


a. Use the cd command to change to the oswvmstat directory, and then use ls to view
the contents of the directory.
# cd ../oswvmstat
# pwd
/root/oswbb/archive/oswvmstat
# ls
host03.example.com_vmstat...
b.

Use the less command to view the file.


# less host03...
Linux OSW v4.0.3
SNAP_INTERVAL 30
CPU_COUNT 1
zzz ***...
...
Notice that this file contains the output of the vmstat command.

9.

The vmstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.
View the oswmeminfo directory.
a.

Use the cd command to change to the oswmeminfo directory, and then use ls to
view the contents of the directory.
# cd ../oswmeminfo
# pwd
/root/oswbb/archive/oswmeminfo
# ls
host03.example.com_meminfo...

b.

Use the less command to view the file.


# less host03...
zzz ***...
MemTotal: ...
MemFree: ...
...
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 23

Oracle Internal & Oracle Academy Use Only

# less host03...
zzz ***...
slabinfo version: 2.1
...
Notice that this file contains the contents of the /proc/slabinfo file.

Notice that this file contains the contents of the /proc/meminfo file.

The /proc/meminfo file is read at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

10. View the oswnetstat directory.


a. Use the cd command to change to the oswnetstat directory, and then use ls to
view the contents of the directory.
# cd ../oswnetstat
# pwd
/root/oswbb/archive/oswnetstat
# ls
host03.example.com_netstat...
b.

Use the less command to view the file.


# less host03...
Linux OSW v4.0.3
zzz ***...
...
Notice that this file contains the output of the netstat command.

The netstat command ran at 30-second intervals (the value of


snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

11. View the oswps directory.


a. Use the cd command to change to the oswps directory, and then use ls to view the
contents of the directory.
# cd ../oswps
# pwd
/root/oswbb/archive/oswps
# ls
host03.example.com_ps...
b.

Use the less command to view the file.


# less host03...
Linux OSW v4.0.3
zzz ***...
...
Notice that this file contains the output of the ps command.

The ps command ran at 30-second intervals (the value of snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 24

Oracle Internal & Oracle Academy Use Only

12. View the ostop directory.


a. Use the cd command to change to the ostop directory, and then use ls to view the
contents of the directory.
# cd ../oswtop
# pwd
/root/oswbb/archive/oswtop
# ls
host03.example.com_top...
Use the less command to view the file.
# less host03...
Linux OSW v4.0.3
zzz ***...
...
Notice that this file contains the output of the top command.

The top command ran at 30-second intervals (the value of snapshotInterval).

Each interval begins with zzz *** characters followed by a time stamp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 25

Oracle Internal & Oracle Academy Use Only

b.

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 22: System Monitoring and Troubleshooting


Chapter 22 - Page 26

Chapter 23

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 1

Oracle Internal & Oracle Academy Use Only

Practices for Lesson 23:


Oracle on Oracle

Practices for Lesson 23


Practices Overview

Oracle Internal & Oracle Academy Use Only

In these practices, you install and run Oracle RDBMS Pre-Install RPM for Oracle Linux 6, and
install and configure ASMLib.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 2

Practice 23-1: Using sftp to Upload oracle* Packages


Overview
In this practice, you use sftp to upload oracleasmlib and oracle-rdbms-server11gR2-preinstall packages from dom0 to host03 VM. Normally, you obtain these
packages from ULN.

Assumptions

You are the root user on host03 VM.

You are the root user on dom0.

1.

Use the sftp to transfer the oracleasmlib package and the oracle-rdbms-server11gR2-preinstall packages from dom0 to host03.
a. From dom0, change to the /OVS/seed_pool/sfws directory.
b.
c.
d.
e.

List the directory for the oracle* packages.


Use the sftp command to connect to host03 as root. Password is 0racle.
Use the mput command to copy the oracle* packages to host03.
Use the quit command to exit sftp.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 3

Oracle Internal & Oracle Academy Use Only

Tasks

Solution 23-1: Using sftp to Upload oracle* Packages


Tasks
Use the sftp to transfer the oracleasmlib package and the oracle-rdbms-server11gR2-preinstall packages from dom0 to host03.
a.

From dom0, use the cd command to change to the /OVS/seed_pool/sfws


directory.
[dom0]# cd /OVS/seed_pool/sfws

b.

Use the ls command to view the directory for the oracle* packages.
[dom0]# ls oracle*
oracleasmlib-2.0.4-1.el6.x86_64.rpm
oracle-rdbms-server-11gR2-preinstall-1.0-6.el6.x86_64.rpm

c.

Use the sftp command to connect to host03 as root. Password is 0racle.


[dom0]# sftp root@host03
root@host03s password: 0racle
sftp>

d.

Use the mput command to copy the oracle* packages to host03.


sftp> mput oracle*
Uploading oracle-rdbms-server-11gR2-preinstall-1.06.el6.x86_64.rpm to /root/...
...
Uploading oracleasmlib-2.0.4-1.el6.x86_64.rpm to /root/...
...

e.

Use the quit command to exit sftp.


sftp> quit

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 4

Oracle Internal & Oracle Academy Use Only

1.

Practice 23-2: Installing and Running Oracle RDBMS Pre-Install


Overview
In this practice, you install the oracle-rdbms-server-11gR2-preinstall package, run
the verify program, and view the results.

Assumptions

You are the root user on host03 VM.

All commands are issued from host03 VM.

Tasks
Change to the root users home directory, and then use the yum command to install the
oracle-rdbms-server-11gR2-preinstall package.

2.

In this example, seven dependency RPMs are needed. Your system may be different.
Use the find command to locate all oracle-rdbms* files.

3.

Use the file command to display the file type of the /usr/bin/oracle-rdbms* file.

4.
5.

6.
7.

Notice that this file is a symbolic link to a file in the /etc/sysconfig/oraclerdbms* directory.
Change to the /etc/sysconfig/oracle-rdbms* directory and view the contents of the
directory.
View each of the files in the /etc/sysconfig/oracle-rdbms* directory.

Notice that the *.param file is the main configuration file.

Notice that the *verify file is the script that modifies settings

Run the Oracle RDBMS Pre-Install program, oracle-rdbms-server-11gR2preinstall-verify.


View the Oracle RDBMS Pre-Install log file, /var/log/oracle-rdbms-server-11gR2preinstall/results/orakernel.log.

8.

Notice that kernel parameters are set and /etc/sysctl.conf is backed up


beforehand.
Notice that oracle user OS limits are set and /etc/security/limits.conf is
backed up beforehand.
Notice that kernel boot parameters are set and /boot/grub.grub.conf is backed
up beforehand.
Use the find command to list the files backed up before settings were changed,
*orabackup.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 5

Oracle Internal & Oracle Academy Use Only

1.

Solution 23-2: Installing and Running Oracle RDBMS Pre-Install


Overview
Tasks
Use the cd command to change to the root users home directory, and then use the yum
command to install the oracle-rdbms-server-11gR2-preinstall package.
# cd
# yum install oracle-rdbms-server-11gR2-preinstall-1.06.el6.x86_64.rpm
...
Setting up Install Process
...
Resolving Dependencies
...
Transaction Summary
=========================================================
Install
15 Package(s)
Total size: 25 M
Total download size: 25 M
Installed size: 61 M
Is this ok [y/N] y
Downloading Packages:
...
Installed:
oracle-rdbms-server-11gR2-preinstall.x86_64 0:1.0-6.el6
Dependency Installed:
...
Complete!
2.

Use the find command to locate all oracle-rdbms* files.


# find / -name *oracle-rdbms*
/usr/bin/oracle-rdbms-server-11gR2-preinstall-verify
/var/log/oracle-rdbms-server-11gR2-preinstall
/etc/rc.d/init.d/oracle-rdbms-server-11gR2-preinstall-firstboot
/etc/sysconfig/oracle-rdbms-server-11gR2-preinstall
...

3.

Use the file command to display the file type of the /usr/bin/oracle-rdbms* file.

# file /usr/bin/oracle-rdbms*
...
Notice that this file is a symbolic link to a file in the /etc/sysconfig/oraclerdbms* directory.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 6

Oracle Internal & Oracle Academy Use Only

1.

Change to the /etc/sysconfig/oracle-rdbms* directory and view the contents of the


directory.
# cd /etc/sysconfig/oracle-rdbms*
# ls
oracle-rdbms-server-11gR2-preinstall.conf
oracle-rdbms-server-11gR2-preinstall.param
oracle-rdbms-server-11gR2-preinstall-verify

5.

Use the less command to view each of the files in the /etc/sysconfig/oraclerdbms* directory.

6.

# less oracle-rdbms-server-11gR2-preinstall.conf
...
# less oracle-rdbms-server-11gR2-preinstall.param
...
# less oracle-rdbms-server-11gR2-preinstall-verify
...
Notice that the *.param file is the main configuration file.

Notice that the *verify file is the script that modifies settings
Run the Oracle RDBMS Pre-Install program, oracle-rdbms-server-11gR2preinstall-verify.
# oracle-rdbms-server-11gR2-preinstall-verify

7.

Use the less command to view the Oracle RDBMS Pre-Install log file,
/var/log/oracle-rdbms-server-11gR2-preinstall/results/orakernel.log
(sample output shown).
# cd /var/log/oracle-rdbms-server-11gR2-preinstall/results
# less orakernel.log
Adding group oinstall with gid 54323
groupadd: group oinstall already exists
Adding group dba
groupadd: group dba already exists
User oracle is already present
uid=500(oracle) gid=500(oracle) ...
Creating oracle user passed
Verifying kernel parameters as per Oracle recommendations...
fs.file-max
6815744
kernel.sem
250 32000 100 128
kernel.shmmni
4096
...
Setting kernel parameters as per oracle recommendations...
Altered file /etc/sysctl.conf
Original file backed up at /etc/sysctl.conf.orabackup
Verifying & setting of kernel parameters passed
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 7

Oracle Internal & Oracle Academy Use Only

4.

Verifying kernel boot parameters as per Oracle


recommendations...
...
Altered file /boot/grub/grub.conf
Original file backed up at /boot/grub/grub.conf.orabackup
...
Notice that required user and groups are created if necessary.

Notice that kernel parameters are set and /etc/sysctl.conf is backed up


beforehand.

Notice that oracle user OS limits are set and /etc/security/limits.conf is


backed up beforehand.

8.

Notice that kernel boot parameters are set and /boot/grub.grub.conf is backed
up beforehand.
Use the find command to list the files backed up before settings were changed,
*orabackup.
# find / -name *orabackup
/etc/sysctl.conf.orabackup
/etc/security/limits.conf.orabackup
/boot/grub/grub.conf.orabackup

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 8

Oracle Internal & Oracle Academy Use Only

Verifying oracle user OS limits as per Oracle recommendations...


oracle soft nofile 1024
oracle hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
...
Setting oracle user OS limits as per oracle recommendations...
Altered file /etc/security/limits.conf
Original file backed up at /etc/security/limits.conf.orabackup
Verifying & setting of user limits passed

Practice 23-3: Preparing Disks for ASM Use


Overview
In this practice, you:
Remove all NFS file systems

Un-mount all file systems on /dev/xvdb and /dev/xvdb

Delete all existing partitions to use the disks for ASM

Create one partition using the entire disk on /dev/xvdb

Create one partition using the entire disk on /dev/xvdd

Assumptions
You are the root user on host03 VM.

Tasks
1.
2.

Delete all entries from /etc/exports.


Restart the nfs service.

3.

Use the showmount command to confirm that there are no exported file systems.

4.

No NFS file systems are being exported.


Un-mount all file systems on /dev/xvdb and /dev/xvdd.
a. List the mounted partitions.
In this example, the following partitions need to be un-mounted (your system may
be different).
/dev/xvdb1 mounted on /Dev
/dev/xvdd1 mounted on /Test
/dev/xvdb2 mounted on /Btrfs
b.

5.

6.

7.

Un-mount the file systems on /dev/xvdb and /dev/xvdd.

Delete all partitions on /dev/xvdb and /dev/xvdd.


a. Use the fdisk command to display the partition table on /dev/xvdb, and then delete
all the partitions.
In this example, three partitions are deleted (your system may be different).
b. Use the fdisk command to display the partition table on /dev/xvdd, and then delete
all the partitions.
In this example, two partitions are deleted (your system may be different).
Delete entries pertaining to file systems on /dev/xvdb and /dev/xvdd from the
/etc/fstab file.
In this example, delete the three entries (your system may be different).
In preparation for the ASMLib lab, you must disable SELinux completely and reboot.
ASMlib is not supported with SElinux enabled (it is a known issue)
a. Edit /etc/selinux/config as follows:
SELINUX=disabled

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 9

Oracle Internal & Oracle Academy Use Only

Reboot your system and log back on.


After you reboot your system, your vnc session closes.
a. Connect to host03 using VNC.
1) Run the vncviewer& command.

b.
c.
d.
9.

The VNC Viewer: Connection Details dialog box is displayed.


2) Enter the command, localhost:<port_number>, substituting the correct port
number for the host03 guest.
Select Oracle Student from the GNOME login window, password is oracle.
Right-click the GNOME desktop and select Open in Terminal from the pop-up menu.
In the terminal window, become the root user by entering the su - command
followed by the root password, 0racle (leading zero).

Create a partition on /dev/xvdb.

a. Use the fdisk command to partition /dev/xvdb.


b. Add a new primary partition, giving the partition number 1.
c. Continue adding the new partition, using the entire disk.
d. Save the new partition table.
10. Create a partition on /dev/xvdd.
a. Use the fdisk command to partition /dev/xvdd.
b. Add a new primary partition, giving the partition number 1.
c. Continue adding the new partition, using the entire disk.
d. Save the new partition table.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 10

Oracle Internal & Oracle Academy Use Only

8.

Solution 23-3: Preparing Disks for ASM Use


Tasks
1.

Use the vi editor to delete all entries from /etc/exports.


# vi /etc/exports
Delete all entries and save the file

2.

Use the service command to restart the nfs service.

3.

Use the showmount command to confirm that there are no exported file systems.

4.

# showmount e
Export list for host03.example.com
No NFS file systems are being exported.
Un-mount all file systems on /dev/xvdb and /dev/xvdd.
a.

Use the df command to list the mounted partitions.


# df h
Filesystem
Size Used Avail Use% Mounted on
/dev/xvda2
5.8G 4.4G
1.2G
80% /
...
In this example, the following partitions need to be un-mounted (your system may
be different).
/dev/xvdb1 mounted on /Dev

b.

/dev/xvdd1 mounted on /Test

/dev/xvdb2 mounted on /Btrfs

Use the umount command to un-mount file systems on /dev/xvdb and /dev/xvdd.
# umount /Dev
# umount /Test
# umount /Btrfs

5.

Delete all partitions on /dev/xvdb and /dev/xvdd.


a.

Use the fdisk command to display the partition table on /dev/xvdb, and then delete
all the partitions.
# fdisk /dev/xvdb
...
Command (m for help) p
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot
Start
End
Blocks
/dev/xvdb1
...
/dev/xvdb2
...
/dev/xvdb3
...
Command (m for help) d
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 11

Id

System

Oracle Internal & Oracle Academy Use Only

# service nfs restart


...

# vi /etc/fstab
...
LABEL=Dev
/Dev
... (delete this entry)
LABEL=Test /Test ... (delete this entry)
/dev/xvdb2 /Btrfs ... (delete this entry)
...
In this example, delete the three entries shown (your system may be different).

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 12

Oracle Internal & Oracle Academy Use Only

6.

Partition number (1-4): 1


Command (m for help) d
Partition number (1-4): 2
Command (m for help) d
Partition number (1-4): 3
Command (m for help) p
Device Boot
Start
End
Blocks
Id
System
Command (m for help) w
...
In this example, three partitions are deleted (your system may be different).
b. Use the fdisk command to display the partition table on /dev/xvdd, and then delete
all the partitions.
# fdisk /dev/xvdd
...
Command (m for help) p
Disk /dev/xvdb: 5368 MB, 5368709120 bytes
...
Device Boot
Start
End
Blocks
Id
System
/dev/xvdd1
...
/dev/xvdd2
...
Command (m for help) d
Partition number (1-4): 1
Command (m for help) d
Partition number (1-4): 2
Command (m for help) p
Device Boot
Start
End
Blocks
Id
System
Command (m for help) w
...
In this example, two partitions are deleted (your system may be different).
Use the vi editor to delete entries pertaining to file systems on /dev/xvdb and
/dev/xvdd from the /etc/fstab file.

7.

In preparation for the ASMLib lab, you must disable SELinux completely and reboot.
ASMlib is not supported with SElinux enabled (it is a known issue)
a. Use the vi editor to edit /etc/selinux/config as follows:
# vi /etc/selinux/config
SELINUX=enforcing (old value)
SELINUX=disabled (new value)
Reboot your system and log back in.
# reboot
...
After you reboot your system, your vnc session closes.
a. Connect to host03 using VNC.
1) Run the vncviewer& command.

2)

b.
c.
d.

# vncviewer&
The VNC Viewer: Connection Details dialog box is displayed.
Enter the command, localhost:<port_number>, substituting the correct port
number for the host03 guest. For example, if the port number is 5903, enter the
following and click OK:
localhost:5903

Select Oracle Student from the GNOME login window, password is oracle.
Right-click the GNOME desktop and select Open in Terminal from the pop-up menu.
In the terminal window, become the root user by entering the su - command
followed by the root password, 0racle (leading zero).
$ su
Password: 0racle

9.

Create a partition on /dev/xvdb.


a.

Use the fdisk command to partition /dev/xvdb.


# fdisk /dev/xvdb
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help):

b.

Add a new primary partition, giving the partition number 1.


Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
p
Partition number (1-4): 1

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 13

Oracle Internal & Oracle Academy Use Only

8.

c.

Continue adding the new partition, using the entire disk as given below.
First cylinder (1-652, default 1): ENTER
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-652, default 652):
ENTER

d.

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

a.

Use the fdisk command to partition /dev/xvdd.


# fdisk /dev/xvdd
WARNING: DOS-compatible mode is deprecated. Its strongly
recommended to switch off the mode (command c) and change
display units to sectors (command u).
Command (m for help):

b.

Add a new primary partition, giving the partition number 1.


Command (m for help): n
Command action
e
extended
p
primary partition (1-4)
p
Partition number (1-4): 1

c.

Continue adding the new partition, using the entire disk as given below.
First cylinder (1-652, default 1): ENTER
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-652, default 652):
ENTER

d.

Save the new partition table.


Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 14

Oracle Internal & Oracle Academy Use Only

10. Create a partition on /dev/xvdd.

Practice 23-4: Installing and Configuring ASMLib


Overview
In this practice, you:

Install the oracleasmlib package

Configure ASMLib
Load and initialize the ASMLib driver
Mark disk partitions for ASM use
View information about the ASM disk partitions

Assumptions
You are the root user on host03 VM.

Tasks
1.
2.

3.
4.
5.

6.
7.
8.
9.

Change to the root users home directory, and then use the rpm command to install the
oracleasmlib package.
Use the oracleasm configure i command to configure ASMLib as follows:
Default user to own the driver interface []: oracle
Default user to own the driver interface []: dba
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: ENTER
Use the oracleasm init command to load and initialize the ASMLib driver.
Use the oracleasm configure command without the -i option.
Mark disk partitions for ASM use.
a. Use the oracleasm createdisk command to mark /dev/xvdb1 as VOL1 for ASM
use.
b. Use the oracleasm createdisk command to mark /dev/xvdd1 as VOL2 for ASM
use.
Display a long list of /dev/oracleasm/disks directory.
Use the oracleasm listdisks command to list the disk names of marked ASMLib
disks.
Use the oracleasm scandisks command to enable cluster nodes to identify which
shared disks have been marked as ASMLib disks on another node.
Use the oracleasm querydisk command to determine whether a disk name or disk
device is being used by ASMLib.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 15

Oracle Internal & Oracle Academy Use Only

Solution 23-4: Installing and Configuring ASMLib


Tasks
1.

Use the cd command to change to the root users home directory, and then use the rpm
command to install the oracleasmlib package.
# cd
# rpm Uvh oracleasmlib-2.0.4-1.el6.x86_64.rpm
...

2.

Use the oracleasm configure i command to configure ASMLib.

This will configure the on-boot properties of the Oracle ASM


library driver. The following questions will determine whether
the driver is loaded on boot and what permissions it will have.
The current values will be shown in brackets ([]). Hitting
<ENTER> without typing an answer will keep that current value.
Ctrl-C will abort.
Default user to own the driver interface []: oracle
Default user to own the driver interface []: dba
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: ENTER
Writing Oracle ASM library driver configuration: done
3.

Use the oracleasm init command to load and initialize the ASMLib driver.
# oracleasm init
Creating /dev/oracleasm mount point: /dev/oracleasm
Loading module oracleasm: oracleasm
Mounting ASMlib driver filesystem: /dev/oracleasm

4.

Use the oracleasm configure command without the -i option.


# oracleasm configure
ORACLEASM_ENABLED=true
ORACLEASM_UID=oracle
ORACLEASM_GID=dba
ORACLEASM_SCANBOOT=true
ORACLEASM_SCANORDER=
ORACLEASM_SCANEXCLUDE=

5.

Mark disk partitions for ASM use.


a. Use the oracleasm createdisk command to mark /dev/xvdb1 for ASM use.
# oracleasm createdisk VOL1 /dev/xvdb1
Writing disk header: done
Instantiating disk: done
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 16

Oracle Internal & Oracle Academy Use Only

# oracleasm configure i
Configuring the Oracle ASM library driver.

b.

Use the oracleasm createdisk command to mark /dev/xvdd1 for ASM use.
# oracleasm createdisk VOL2 /dev/xvdd1
Writing disk header: done
Instantiating disk: done

6.

Use the ls command to display a long list of /dev/oracleasm/disks directory.

7.

Use the oracleasm listdisks command to list the disk names of marked ASMLib
disks.
# oracleasm listdisks
VOL1
VOL2

8.

Use the oracleasm scandisks command to enable cluster nodes to identify which
shared disks have been marked as ASMLib disks on another node.
# oracleasm scandisks
Reloading disk partitions: done
Cleaning any stale ASM disks...
Scanning system for ASM disks...

9.

Use the oracleasm querydisk command to determine whether a disk name or disk
device is being used by ASMLib.
# oracleasm querydisk VOL1
Disk VOL1 is a valid ASM disk
# oracleasm querydisk /dev/xvdd1
Device /dev/xvdd1 is marked an ASM disk with the label VOL2

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 17

Oracle Internal & Oracle Academy Use Only

# ls l /dev/oracleasm/disks
brw-rw----. 1 oracle dba ... VOL1
brw-rw----. 1 oracle dba ... VOL2

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Practices for Lesson 23: Oracle on Oracle


Chapter 23 - Page 18

Chapter 24

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 1

Oracle Internal & Oracle Academy Use Only

Appendixes: Remote Access


Options

Oracle Internal & Oracle Academy Use Only


Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 2

Appendix
Appendixes Overview
The three appendixes show various options for accessing your student PC remotely:
Appendix A: Using an NX Client to Connect to dom0
Appendix B: Using an NX Player to Connect to dom0
Appendix C: Using VNC (TightVNC) to Connect Directly to VM Guests

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 3

Appendix A: Using an NX Client to Connect to dom0


Overview
This appendix discusses accessing your student PC (dom0) remotely by using NX Client. The
NX Client in this appendix is NX Client for Windows, Version 3.5.0-9.

Steps
Install NX Client (if necessary) from http://www.nomachine.com/download.php.
Run NX Client (for example, select NX Client for Windows from the Windows Start
menu).
An NX Connection Wizard steps you through creating the initial session.
The following Welcome window appears.

a.

Oracle Internal & Oracle Academy Use Only

1.
2.

Click Next.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 4

b.
c.
d.
e.

The following Session window appears.

Enter anything you like for Session (for example, OracleLinux).


Enter the IP address (provided by your instructor) for Host.
Accept the remaining defaults and click Next.
The Desktop window appears. Change KDE to GNOME by selecting from the dropdown list.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 5

Oracle Internal & Oracle Academy Use Only

f.

g.

Your window should look like the following:

Accept all other defaults and click Next.


The following Configuration completed window appears.

Click Finish.
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 6

Oracle Internal & Oracle Academy Use Only

h.

The NX Login window appears.

For Login, enter vncuser.

i.
j.

For Password, enter vnctech.


Your Session defaults to the session that you just created. In this example, the
Session is OracleLinux. Your session name may be different.
k. Click Login.
The dom0 GNOME virtual desktop window appears.
Future connections will bypass the configuration wizard and only bring up the NX
Login window.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 7

Oracle Internal & Oracle Academy Use Only

Appendix B: Using an NX Player to Connect to dom0


Overview
This appendix discusses accessing your student PC (dom0) remotely using NX Player. The NX
Player in this appendix is NX Player for Windows, Preview 5, version 4.0.132.

Steps
1.
2.

Install NX Player (if necessary) from http://www.nomachine.com/download.php.


Run NX Player (for example, select NX Player for Windows from the Windows Start
menu).
a. Ensure that the Favorites tab is selected.
The Connect window appears.

Oracle Internal & Oracle Academy Use Only

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 8

Click New connection to display the following window.

c.
d.

Enter the IP address (provided by your instructor) for Host.


Accept the defaults:
1) Port 22
2) Use the SSH service
3) Use the NX login
Note the connection name. In this example it is Unnamed connection 2. Yours is
most likely Unnamed connect 1.

e.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 9

Oracle Internal & Oracle Academy Use Only

b.

g.

Press Enter. The following window appears.

Click the connection that you just created (Unnamed connection 1, for example).
The Login window appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 10

Oracle Internal & Oracle Academy Use Only

f.

Log in.
The window shown in the following screenshot appears, prompting for login
authentication.

a.
b.
c.
d.

Ensure that Login as a named user is selected.


For Username, enter vncuser.
For Password, enter vnctech.
Click Ok.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 11

Oracle Internal & Oracle Academy Use Only

3.

Create a new session.


The window shown in the following screenshot appears.

a.

Oracle Internal & Oracle Academy Use Only

4.

Click Create a new session.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 12

Create a new GNOME virtual desktop.


The window shown in the following screenshot appears.

a.
b.

Click Create a new GNOME virtual desktop.


Click the X in the Information message box to close the box.

The dom0 GNOME virtual desktop window appears.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 13

Oracle Internal & Oracle Academy Use Only

5.

Appendix C: Using VNC (TightVNC) to Connect Directly to VM Guests


Overview
This appendix discusses accessing the VM guest systems that directly uses VNC (TightVNC). It
is not recommended to connect to dom0 or to the host03 VM by using VNC. Both dom0 and
host03 have the GNOME user interface, which causes various problems when connecting
using VNC.

1.
2.

Install tightvnc (if necessary) from http://www.tightvnc.com/.


Run TightVNC Viewer (for example, select TightVNC Viewer from the Windows Start
menu).
The following New TightVNC Connection window appears.

3.

Connect directly to your host01 virtual machine.


The following assumptions are made:
The host01 VM was created first (has a port number of 5900).

The host02 VM was created next (has a port number of 5902).

The host03 VM was created last (has a port number of 5903).


The output of the following commands (from dom0 as root) indicates that this
assumption is true.
# xm list l host01
(location
# xm list l host02
(location
# xm list l host03
(location

| grep location
0.0.0.0:5900)
| grep location
0.0.0.0:5902)
| grep location
0.0.0.0:5903)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 14

Oracle Internal & Oracle Academy Use Only

Steps

Enter the IP address (provided by your instructor), followed by the port number to
connect directly a VM guest.
To connect directly to the host01 VM, enter the following.

In this example, the IP address of your student PC is 10.150.30.68. Your IP address


is different.

1)

Click Connect.

2)

A terminal window appears.

Log in as root password with 0racle (leading zero, not letter O).
Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 15

Oracle Internal & Oracle Academy Use Only

a.

3)

Enter the hostname command to confirm that you are logged in to host01.

# hostname
host01.example.com
Log off by entering the exit command.
Close the VNC window by clicking the X in the top-right corner of the window.

Oracle Internal & Oracle Academy Use Only

4)
5)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Appendixes: Remote Access Options


Chapter 24 - Page 16