RHEL secondary Name Server

Open /etc/named.conf // // named.conf for Red Hat caching-nameserver // options { directory “/var/named”; dump-file “/var/named/data/cache_dump.db”; statistics-file “/var/named/data/named_stats.txt”; // query-source address * port 53; (only needed when there is a FW between master an slave) allow-transfer {192.168.1.104/24;}; (slaveip) }; // // a caching only nameserver config // controls { inet 127.0.0.1 allow { localhost; }… Read More »RHEL secondary Name Server

RHEL6 as LDAP client with ldap authentication

Edit the file /etc/openldap/ldap.conf URI ldap://$FQDN_OF_SERVER/ (has to be the same fqdn as in the certificate) BASE dc=mydomain,dc=com TLS_CACERTDIR /etc/openldap/cacerts now edit the /etc/nsswitch.conf file to tell linux where to get the login information from: passwd:     files sss ldap shadow:     files sss ldap group:      files sss ldap After that run the command authconfig-gtk Select: User… Read More »RHEL6 as LDAP client with ldap authentication

rhelv6

So rhel6 dropped xen and uses KVM now. Setup is quite easy. Just install the @kvm in kickstart or the “Virtualization” group with yum. The only tricky thing is, if you want to use virt-manager after a fresh install you need to also to install the package xorg-x11-auth 🙂

RHEL6 Caching Name Server

The package caching-nameserver is integrated in the bind package! So these two packages have to be installed: # yum install bind bind-chroot Than set named_write_master_zones 1 # setsebool -P named_write_master_zones 1 Allow queries on port 53 for DNS requests # iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 53 -j ACCEPT… Read More »RHEL6 Caching Name Server

Install KVM on redhat

Installing KVM on RHEL6 is quite a simple process when having a yum repository. The main package is the kvm package (hypervisor). # yum install kvm To manage the vm’s you’ll need a tool called virt. # yum install  virt-manager libvirt libvirt-python python-virtinst libvirt-client xorg-x11-xauth  

RHEL6 Virtualization virsh commands

List all virtual systems: #virsh list Start/Stop virtual os: #virsh start virtosname #virsh shutdown virtosname #virsh destroy virtosname (like a power off) Access a virtual console: # virsh console virtosname Autostart virsh server: # virsh autostart virtosname

Expand luks encrypted filesystems

umount /crypto fsck.ext4 -C 0 -f /dev/mapper/crypto cryptsetup luksClose crypto lvextend -L +100M /dev/cryptovg/crypto cryptsetup luksOpen /dev/cryptovg/crypto crypto cryptsetup -v resize crypto fsck.ext4 -f /dev/mapper/crypto resize4fs /dev/mapper/crypto (you’ll need to install e4fsprogs to use resize4fs) fsck.ext4 -f /dev/mapper/crypto mount /dev/mapper/crypto /crypto

create luks lvm partition

lvcreate -L 500M -n crypto cryptovg Fill your partition with random data: dd if=/dev/urandom of=/dev/ cryptovg /crypto initialize your partition: cryptsetup –verbose –verify-passphrase luksFormat /dev/ cryptovg / crypto open the newly encrypted device: cryptsetup luksOpen /dev/ cryptovg / crypto cryptosec check it’s there: ls -l /dev/mapper | grep cryptosec create a filesystem: mkfs.ext4 /dev/mapper/cryptosec mount… Read More »create luks lvm partition