Showing posts with label Red Hat Linux. Show all posts
Showing posts with label Red Hat Linux. Show all posts

Friday, 4 February 2022

How to add mount option nodev for /var/lib/nfs/rpc_pipefs partition on RHEL 7

Recently latest vulnerability found on Red Hat Enterprise Linux 7 system during audit by security team. According to audit team, 'nodev' need to be an added mount for /var/lib/nfs/rpc_pipefs partition. 

To resolve this vulnerability please perform the below steps as suggested by Red Hat.

1. We need to create Drop-In directory for var-lib-nfs-rpc_pipefs.mount

[root@redhat001:~]# mkdir -p /etc/systemd/system/var-lib-nfs-rpc_pipefs.mount.d/

2. Now we need to create configuration file adding this mount point

[root@redhat001:~]# printf '[Mount]\nOptions=nodev\n' > /etc/systemd/system/var-lib-nfs-rpc_pipefs.mount.d/99-nodev.conf

3. Please take a reload of daemon service

[root@redhat001:~]# systemctl daemon-reload

now please take a restart of mount services.

[root@redhat001:~]# systemctl restart var-lib-nfs-rpc_pipefs.mount

Using above steps we can add mount option nodev for /var/lib/nfs/rpc_pipefs parition on rhel7. To verify the mount point you can run the below command

[root@redhat001:~]#grep rpc /proc/self/mounts

sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw,nodev,relatime 0 0

If you see above output, nodev option has been successfully mount. This is straight steps need to follow to resolve such vulnerability. 


Saturday, 22 January 2022

Can not remove Logical Volume, message "Logical volume contains a filesystem in use"

In my local machine, I have multiple logical volume. When I try to remove below logical volume, getting below error.

[root@redhat001:~]# lvremove /dev/mapper/system-lv_redhat

Logical volume /dev/mapper/system-lv_redhat contains a filesystem in use.

To remove this logical volume in redhat linux system, please follow the below methods. 


1. Please check if any logical volume mounted on your system. To check this you can simply use "mount" command with grep option.

[root@redhat001:~]# mount | grep /dev/mapper/system-lv_redhat

Above command will provide you information if logical system is mount or not.  If you found, file system is mount, then please umount it first, remove entry from /etc/fstab then try to remove logical volume.


2. In case no logical volume mounted but still you are not able to remove logical volume then you need to check this method if any file is open or any active process using by this logical volume. To check this please run the below command. 

[root@redhat001:~]# lsof | grep /dev/mapper/system-lv_redhat

or 

[root@redhat001:~]#ps -ef | grep /dev/mapper/system-lv_redhat

Using first command you can find if any file is open at system end and it is use by this logical volume, so please check this and close files.

Second command use when you get any process using by this logical volume. please kill the particular process. If process use by root file system, I would suggest instead of killing the process, please stop any application if running and reboot the server, so it would automatically kill your process.

3. You can deactivate logical volume and remove it

[root@redhat001:~]# lvchange -an /dev/mapper/system-lv_redhat

[root@redhat001:~]#lvs

[root@redhat001:~]#lvremove -f  /dev/mapper/system-lv_redhat

Please deactivate logical volume using lvchange command and run lvs to verify that logical volume deactivate or not. 

Hope using above three methods you can resolve this error. In case of any query, please drop a comment on this article. 

Sunday, 7 February 2021

How to fix Host key verification failed error on linux servers

When you connect to a server for the first time, the server prompts you to confirm that you are connected to the correct system. 

The following example uses the ssh command to connect to a remote host named redhat007:

[root@redhat001:~]# ssh user02@redhat007

The authenticity of host 'redhat007 (192.168.1.24)' can’t be

established. ECDSA key fingerprint is ...

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'redhat007,192.168.1.24' (ECDSA) to the list of known hosts.

The command checks to make sure that you are connecting to the host that you think you are connecting to. 

When you enter yes, the client appends the server’s public host key to the user’s ~/.ssh/known_hosts file and creating the ~/.ssh directory if necessary.

Next time when you connect to the remote server, the client compares this key to the one the server supplies. If the keys match, you are not asked if you want to continue connecting.

If someone tries to trick you into logging in to their machine so that they can sniff your SSH session, you will receive a warning similar to the following:


@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that the RSA host key has just been changed.

The fingerprint for the RSA key sent by the remote host is

22:cf:23:31:7a:5d:93:13:1s:99:23:c2:5k:19:2a:1c.

Please contact your system administrator.

Add correct host key in /home/readhat001/.ssh/known_hosts to get rid of this message.

Offending key in /home/redhat001/.ssh/known_hosts:7

RSA host key for redhat007 has changed and you have requested strict checking.

Host key verification failed.


To resolve above error, we have two different method.

1. Remove old key manually:

Normally key is stored ~/.ssh/known_hosts file

If root wants to ssh to the server, just removing entry in the /root/.ssh/known_hosts file is all right.

If user01 wants to ssh to the server, then remove the entry in the file /home/user01/.ssh/known_hosts.

I will remove the the key  for the destination server redhat007 from the file /home/user02/.ssh/known_hosts.

# vi /home/user02/.ssh/known_hosts

redhat003 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLrY91bQOihgFZQ2Ay9KiBG0rg51/YxJAK7dvAIopRaWzFEEis3fQJiYZNLzLgQtlz6pIe2tj9m/Za33W6WirN8=

redhat005 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCrY/m16MdFt/Ym51Cc7kxZW3R2pcHV1jlOclv6sXix1UhMuPdtoboj+b7+NLlTcjfrUccL+1bkg8EblYucymeU=

redhat007 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCrY/m16MdFt/Ym51Cc7kxZW3R2pcHV1jlOclv6sXix1UhMuPdtoboj+b7+NLlTcjfrUccL+1bkg8EblYucymeU=


2. Removing old key using the ssh-keygen command

[root@redhat001:~]# ssh-keygen -R [hostname|IP address]

[root@redhat001:~]# ssh-keygen -R redhat007

Now once you remove the entry, please login again

[root@redhat001:~]# ssh user02@redhat007

[root@redhat001:~]# ssh user02@redhat007

The authenticity of host 'redhat007 (redhat007)' can't be established.

ECDSA key fingerprint is SHA256:V+iGp3gwSlnpbtYv4Niq6tcMMSZivSnYWQIaJnUvHb4.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'redhat007' (ECDSA) to the list of known hosts.


Saturday, 22 August 2020

SSH or SFTP Authentication issue in linux

We normally getting a below error while accessing the destination server via SSH or SFTP protocols.

Error:

root@localhost> sftp  root@XYZ.com

warning: Authentication failed.

FATAL: ssh2 client failed to authenticate. (or you have too old ssh2 installed, check with ssh2 "-V")

To resolve this error first we need to understand what is an issue. In such type of above error, issue is mostly from destination server end which you want to connect from your system. 

In /etc/ssh/sshd_config file, a parameter "MaxAuth Tries" value is very less due to this when we are attempting to access the destination server using SSH or SFTP protocol then we will get such issue if your account will not authenticate in first two attempts. 

So to resolve such issue , you need to increase the value of "MaxAuth Tries" from default value.

edit the /etc/ssh/sshd_config file

search this parameter

increase the value "MaxAuth Tries" to "5" and take a restart of ssh service

systemctl restart sshd

login on source server again and try to access the server, if you are facing this issue again then increase the value again and set to 20.


Saturday, 29 February 2020

How to reset HP iLO password from command line in Linux

If you have lost or forgotten the iLO password than please find the below steps to reset ilo password from command line.

To reset / set the password of the iLO from within the linux operating system on an HP server, the hponcfg utility needs to be installed

Here is some information about hponcfg

The hponcfg utility is an online configuration tool used to set up and reconfigure the local iLO without requiring a reboot of the server operating system. It can be used to retrieve and change the iLO configuration of the local server from the linux command line.

Please login on the linux machine and create a new xml file

[root@localhost]#vim ilo_password.xml

<RIBCL VERSION="2.0">
  <LOGIN USER_LOGIN="x" PASSWORD="x">
  <USER_INFO MODE="write">
    <MOD_USER USER_LOGIN="Administrator">
      <PASSWORD value="XXXXXXXX*"/>
    </MOD_USER>
  </USER_INFO>
  </LOGIN>
</RIBCL>

save the ilo_password.xml file

In above xml file, you just need to set PASSWORD value - XXXXXXX. Please put your new ILO password here. 

To load this xml file in ILO, please use hponcfg command 

[root@localhost]# hponcfg -w ilo_password.xml

Your iLO password will be reset, now please login in HPE iLO via new password XXXXXXX.

Please let me know in case of any query about this post. Thanks. 

Failed to start lsb bring up/down networking in rhel 7

Such type of error we have received after operating system upgradation from redhat linux operating system from version 7.x to version 7.y.

The root cause for error is network manager upgradation during operating system patching.

To troubleshoot this error, please restart the network service and check the status 

[root@localhost network-scripts]# systemctl restart network

Job for network.service failed because the control process exited with error code. See "systemctl status network.service" and "journalctl -xe" for details.

[root@localhost network-scripts]# systemctl status network

You can see " Failed to start lsb bring up/down networking" error message

Solution: To resolve such type of network issue, please perform the below steps.

Go to /etc/sysconfig/network-scripts/ directory and list the files.

[root@localhost]# cd /etc/sysconfig/network-scripts/

You can see the ifcfg-lo filename file which you need to removed it.

after remove this file please take a restart of service. Your network service will restart properly without any issue. Also if you have any other duplicate or backup ifcfg file please remove it.

[root@localhost network-scripts]# rm -rf ifcfg-lo

[root@localhost network-scripts]# systemctl restart network

Now try to access the redhat machine via ssh. Please post your comment if you have any query regarding this post. 

Sunday, 20 May 2018

NFS Stale File Handle error and solution

In linux machine we have NFS mounted directories sometimes contain stale file handles. If you run command such as ls or vi you will see an error

# ls
.: Stale File Handle

Before moving to fix this issue first we need to understand the concept of Stale File Handle.

A filehandle becomes stale whenever the file or directory referenced by the handle is removed by another host.

while your client still holds an active reference to the object. A typical example occurs when the current directory of a process, running on your client, is removed on the server (either by a process running on the server or on another client).

So this can occur if the directory is modified on the NFS server, but the directories modification time is not updated.

To fixed this issue, the best solution is to remount directory from the NFS client using mount command.

# umount -f /test
# mount -t nfs nfsserver:/path/to/share /test

Tuesday, 8 May 2018

How can I mount a read-only filesystem as read-write in redhat linux

This post is related to the below issue which you have faced in Red Hat Linux 5/6 operating system.

Issue :
 
➤ One of my partition has been mounted as read-only. How can I make it read-write without rebooting?

➤ How can I remount the root filesystem as read-write after it goes read-only?

➤ My filesystem went read-only, can I remount without rebooting? / filesystem suddenly became read only, unable to write to files.

➤ Also if you are trying to create any file or directory inside the file system you would get the message- "Read only file system"

 [root@localhost]# touch test
touch: cannot touch `test': Read-only file system

 [root@localhost]# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / ext3 ro,data=ordered 0 0

Solution:

Mount an already mounted file system in read-write option, Please run the below command.

 [root@localhost]# mount -o remount,rw <filesystem_path>

Remounting as read-write may work, however, if the file system remounts as read-only again, a filesystem check and reboot of the system will be required.

Thursday, 3 May 2018

How to configure Network Bonding on RHEL 7

Step by Step method to configure the network bonding on RHEL 7:
 
➤ Please log on to linux server and run the "ip a" command to check the available interfaces.

    [root@localhost]# ip a
    lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever

    eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:50:56:bd:c7:f9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.2 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever

➤ Load the bonding driver called “bonding” in the kernel with the modprobe command if it is not already loaded, and verify with the modinfo command:

[root@localhost]# modprobe bonding
[root@localhost]# modinfo bonding
 
➤ In this step you need to generate UUIDs for interfaces using the below command.

[root@localhost]# uuidgen <interface-name>
 
➤ Now create a file called ifcfg-bond0 in the /etc/sysconfig/network-scripts directory for bond0 with the following settings. Please use vi editor to edit this file.

[root@localhost]# cd /etc/sysconfig/network-scripts
[root@localhost]# vi ifcfg-bond0

DEVICE=bond0
Name=bond0
TYPE=bond0
BONDING_MASTER=yes
BONDING_OPTS="mode=balance-rr"
ONBOOT=yes
IPADDR=192.168.1.23
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
 
➤ Now create ifcfg-eth2 and ifcfg-eth3 files in the /etc/sysconfig/network-scripts directory for eth2 and eth3 interfaces with the following settings. Set the MASTER directive to bond0. Both interfaces will act as slaves with no IP addresses assigned to them.

[root@localhost]# vi ifcfg-eth1

DEVICE=eth1
TYPE=Ethernet
NAME=eth1
UUID=23a32d65-343d-48a2-8rf7-d2jh2388f666
ONBOOT=yes
MASTER=bond0
SLAVE=yes

[root@localhost]# vi ifcfg-eth2

DEVICE=eth2
TYPE=Ethernet
NAME=eth2
UUID=22a32d65-443d-48d2-8rf7-d2jh222f666
ONBOOT=yes
MASTER=bond0
SLAVE=yes
 
➤ Now deactivate and reactivate bond0 with the ifdown and ifup commands:

[root@localhost]# ifdown bond0; ifup bond0
 
➤ Check the status of bond0 and the slaves with the ip command. It should also show the assigned IP.

[root@localhost]# ip addr
 
➤ Restart the system to ensure the configuration survives system reboots
[root@localhost]# reboot

Sunday, 29 April 2018

How to install and configure samba server in RHEL 7 or redhat linux 7

Login on Samaba server
Check samba rpm installed or not, if not installed please install it,

[root@localhost ~]# rpm -qa | grep samba
[root@localhost ~]# yum install samba*

Create a directory in root file system which is shared with client.

[root@localhost ~]#mkdir -p /home/testuser/test

Add a new group or can use existing group

To provide access on shared directory,Here we are adding new group called samba

[root@localhost ~]#groupadd samba

Change the group and permission of sharing folder

[root@localhost ~]#chgrp -R samba /home/testuser/test
[root@localhost ~]#chmod -R 777 /home/testuser/test

create user, add into group and set samba password

[root@localhost ~]#useradd testuser
[root@localhost ~]#usermod -G samba testuser
[root@localhost ~]#smbpasswd -a testuser

Now Edit /etc/samba/smb.conf file

Note: Please take a backup of origianl file.

[root@localhost ~]#cd /etc/samba/
[root@localhost ~]#cp -p smb.conf smb.conf.orig

And add the below given contents in last line of /etc/samba/smb.conf file.

vi /etc/samba/smb.conf

[test]
comment = shared-directory
path = /home/testuser/test
public = no
valid users = testuser, @samba
writable = yes
browseable = yes
create mask = 0774
directory mask = 4774

##Edit these lines in /etc/samba/smb.conf . To allow network to reach samba server

interfaces = lo ens32 192.168.1.0/24
hosts allow = 127. 192.168.1.

security = user
passdb backend = tdbsam
netbios name = localhost
server string = Samba Server localhost
workgroup = MYGROUP
log file = /var/log/samba/samba.log
max log size = 50
security = server

Add services in /etc/services files

vi /etc/services
 
netbios-ns    137/tcp    # netbios name service
netbios-ns    137/udp    # netbios name service
netbios-dgm    138/tcp    # netbios datagram service
netbios-dgm    138/udp    # netbios datagram service
netbios-ssn    139/tcp    # netbios session service
netbios-ssn    139/udp    # netbios session service

Note: Please check these above ports are open from this samba server to client machine

Now start the smb and nmb services.

systemctl start smb.service
systemctl start nmb.service

Enable smb and nmb service at booting of system

systemctl enable smb.service
systemctl enable nmb.service

Note 1: firewalld service not enable on this server so no need to add any rule.
Note 2: selinux is in permissive state so no need to change the selinux security context.

Now login on window machine

and mount this samba share on the server.

\\localhost.redhat.com\test

Thursday, 26 April 2018

Job for smb.service failed because the control process exited with error code. Redhat 7 or RHEL 7

Job for smb.service failed because the control process exited with error code.

I just recently installed the samba server on my Red Hat Linux 7 / RHEL 7 operating system server. After configuration when I have taken restart of samba service, I have got the above error. Due to this samba service not running on my linux machine.

[root@localhost~]# systemctl restart smb.service

I will reveive below error

Job for smb.service failed because the control process exited with error code.
See "systemctl status smb.service" and "journalctl -xe" for details.

So in such case, first I have checked the my samba configuration is ok or not, to do this, please run the below command.

#smbstatus

the above command gives me the below output.

"WARNING: Ignoring invalid value 'share' for parameter 'security'
Can't load /etc/samba/smb.conf - run testparm to debug it"

That's means something wrong in my samba configuration.

So open the /etc/samba/smb.conf file and commented the below line which starts with security.

#security = server

now again run the smbstatus command which gives the new output.

[root@localhost~]# smbstatus

Samba version 4.2.10
PID     Username      Group         Machine            Protocol Version
------------------------------------------------------------------------------

Service      pid     machine       Connected at
-------------------------------------------------------

If you are getting such output that means now your configuration is ok, now please restart the samba service again.

[root@localhost~]# systemctl restart smb.service

[root@localhost~]# systemctl status smb.service
● smb.service - Samba SMB Daemon
   Loaded: loaded (/usr/lib/systemd/system/smb.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2018-04-26 16:19:34 BST; 12h ago
 Main PID: 4719 (smbd)
   Status: "smbd: ready to serve connections..."
   CGroup: /system.slice/smb.service
           ├─4719 /usr/sbin/smbd
           ├─4720 /usr/sbin/smbd
           ├─4721 /usr/sbin/smbd
           └─4722 /usr/sbin/smbd

Apr 26 16:19:33 localhost.redhat.com systemd[1]: Starting Samba SMB Daemon...
Apr 26 16:19:33 localhost.redhat.com systemd[1]: smb.service: Supervising process 4719 which is not our child. We'll most likely not notice when it exits.
Apr 26 16:19:34 localhost.redhat.com smbd[4719]: [2018/04/26 16:19:34.173413,  0] ../lib/util/become_daemon.c:124(daemon_ready)
Apr 26 16:19:34 localhost.redhat.com systemd[1]: Started Samba SMB Daemon.
Apr 26 16:19:34 localhost.redhat.com smbd[4719]:   STATUS=daemon 'smbd' finished starting up and ready to serve connections

Job for nfs-server.service failed because the control process exited with error code. See "systemctl status nfs-server.service" and "journalctl -xe" for details. Resolution

On Red Hat Linux 7 operating system, some time you will get below NFS service failed error message.

"Job for nfs-server.service failed because the control process exited with error code. See "systemctl status nfs-server.service" and "journalctl -xe" for details."

The above error occur when you are taking restart of nfs service.

# systemctl restart nfs.service
Job for nfs-server.service failed because the control process exited with error code. See "systemctl status nfs-server.service" and "journalctl -xe" for details.
Resolution

# systemctl status nfs-server.service
nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2018-04-27 09:56:08 IST; 8s ago
  Process: 21370 ExecStopPost=/usr/sbin/exportfs -f (code=exited, status=0/SUCCESS)
  Process: 21366 ExecStopPost=/usr/sbin/exportfs -au (code=exited, status=0/SUCCESS)
  Process: 21362 ExecStop=/usr/sbin/rpc.nfsd 0 (code=exited, status=0/SUCCESS)
  Process: 21273 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
  Process: 2714 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=1/FAILURE)
 Main PID: 21273 (code=exited, status=0/SUCCESS)

Apr 27 09:56:07 localhost.redhat.com systemd[1]: Starting NFS server and services...
Apr 27 09:56:08 localhost.redhat.com exportfs[2714]: exportfs: Failed to resolve foobar.com <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Apr 27 09:56:08 localhost.redhat.com exportfs[2714]: exportfs: Failed to resolve foobar.com <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Apr 27 09:56:08 localhost.redhat.com systemd[1]: nfs-server.service: control process exited, code=exited status=1
Apr 27 09:56:08 localhost.redhat.com systemd[1]: Failed to start NFS server and services.
Apr 27 09:56:08 localhost.redhat.com systemd[1]: Unit nfs-server.service entered failed state.
Apr 27 09:56:08 localhost.redhat.com systemd[1]: nfs-server.service failed.

To resolve such issue you need to follow the below process.

You need to check which NFS version rpm is installed on the server.

#rpm -qa | grep nfs

the above command show you the installed nfs version.

Normally the above error occur due to lower version on nfs, so to resolve the issue you need to upgrade the nfs version.

installed the latest nfs rpm nfs-utils-1.3.0-0.33.el7 or later

#yum install nfs

The above command upgrade the nfs rpm, or you can download the manually rpm file and installed it through rpm -uvh command.

After that restart the nfs service again.

# systemctl restart nfs.service

it is started successfully, you can check the status via below command.

# systemctl status nfs.service

[root@localhost ~]# systemctl status nfs.service
● nfs-server.service - NFS server and services
   Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
  Drop-In: /run/systemd/generator/nfs-server.service.d
           └─order-with-mounts.conf
   Active: active (exited) since Thu 2018-04-27 03:47:57 IST; 18h ago
  Process: 32477 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
  Process: 32472 ExecStartPre=/bin/sh -c /bin/kill -HUP `cat /run/gssproxy.pid` (code=exited, status=0/SUCCESS)
  Process: 32469 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
 Main PID: 32477 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/nfs-server.service

Apr 26 03:47:57 localhost systemd[1]: Starting NFS server and services...
Apr 26 03:47:57 localhost systemd[1]: Started NFS server and services.

How to update and upgrade ESXi host

Please find the below steps and command to update and upgrade the ESX host.

You need to understand first, the update and upgrade both are different thing in case of ESX.

Update means you have update the VMware release build.

Upgrade means you have upgrade the VMware version like 5.0 to 6.0 

Please find the below command to update the VMware release build:

# esxcli software vib update -d /vmfs/volumes/updates/VMware-ESXi-5.1.0-Update3-2323236-HPE-510.9.5.0.30-Apr2016-depot.zip

It is asking for reboot please press true and reboot the esx host gracefully, once the host reboot successfully check the new release build. 

Please find the below steps to upgrade the ESX host:

Now we need to upgrade the ESX host from 5.1.0 to 5.5.0 , to perform this task please follow the below steps

Take a remote console of this ESX host from ILO.

Copy the VMware-ESXi-5.5U1-Rollup_2ISO.iso

attached the iso with remote console

boot the ESX host with attached iso VMware-ESXi-5.5U1-Rollup_2ISO.iso

When esx boot this iso during upgrade process it is asking for you 3 option, please select the below option.

Upgrade the ESX host with keeping existing datastore.

Once the upgrade will be successfully, please login on the esx host and check the latest version and all service will working fine.

Please let me know if you have any question regarding this upgrade issue.

Tuesday, 24 April 2018

How to add linux host in Active Directory (AD) domain

Before performed such work, please collect the below information:-

Host: Server name which need to be add in AD
DA account: .da account which used to add server to domain
Domain name

Please find the below process step by step to add a server in to AD:-

[root@localhost ~]# hostname localhost.redhat.com

[root@localhost ~]# adinfo

Not joined to any domain
Licensed Features: Enabled

[root@localhost ~]#  adjoin -u xyz.da --name localhost -a localhost.redhat.com -w redhat.com

xyz.da@REDHAT.COM's password:
Using domain controller: redhat01.redhat.com writable=true
Join to domain:redhat.com, zone:Auto Zone successful
Centrify DirectControl started.
Loading domains and trusts information
........................

Note: .da account required to add server in domain

How to install or upgrade VMware Tools on linux server

You need to login on the server where you need to install or upgrade the vmware tool.

Check the status of vmtools from vcenter GUI & Servers.

/etc/vmware-tools/services.sh status

Please follow the below steps to install or upgrade the VMware Tools:-

1.    From vsphere select the virtual machine on which vmtools need to be installed and then Choose VM > Install VMware Tools.

2. As root mount the VMware Tools virtual CD-ROM image to /mnt

mount /dev/cdrom /mnt

3. go to /tmp and untar the installation file.

cd /tmp
tar zxf /mnt/VMwareTools-x.0.0-<xxxx>.tar.gz

4. Run the VMware Tools installer:

cd /tmp/vmware-tools-distrib

./vmware-install.pl -d
 
Unmount of the VMware Tools virtual CD-ROM image is done automatically.

Login to server as root and run below command to start the services:

/etc/vmware-tools/services.sh start


Run below command to check the status of vmtools:

/etc/vmware-tools/services.sh status

Uninstall the vmtools by running below command:

/usr/bin/vmware-uninstall-tools.pl

Monday, 5 February 2018

How to start/stop and enable/disable Firewall on Redhat 7 Linux system

In RHEL7, to stop/start and enable/disable the firewall is quite different from RHEL6. In Red hat 7 "firewalld" named service we used for local firewall. Please find the below example step by step to check the firewall status.

How to check status of RHEL7 firewall:

[root@localhost ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Thu 2018-02-05 12:37:47 IST; 0 months 1 days ago
Main PID: 332 (firewalld)
CGroup: /system.slice/firewalld.service
           └─332 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Feb 05 12:37:47 localhost systemd[1]: Starting firewalld - dynamic firewall daemon...
Feb 05 12:37:49 localhost systemd[1]: Started firewalld - dynamic firewall daemon.

In the above status firewall is by default enable on the linux system. It is enable automatically when system restart or on.

How to Stop and Start RHEL7 firewall:
 
Please use the below commands to start stop the firewall on redhat linux 7 operating system. 

[root@localhost ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service
Stopped firewall will start again after system's reboot.

[root@localhost ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

How to Disable and Enable RHEL7 firewall:

If you want to disable permanently firewall so that after reboot it is not enable again, please use the below command.

[root@localhost ~]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'

If you want to enable the firewall again run please use the below command.

[root@localhost ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.se

Tuesday, 16 January 2018

How to Flush Memory Cache and Buffer Cache on Linux Server

When you run the "free -m" command and get the below output, then you observe free memory section will be low value but comparatively buffers+cache value would be higher.

Now this is not a bad thing actually since your OS has reserved this memory to speed up your most used process by keeping them in the cache. But in case any new process is executed and your system is low on memory then these cache would be automatically released to make space for memory reservation of new processes.

[root@localhost]# free -m
             total       used       free     shared    buffers     cached
Mem:          2345       1234        1145          0         24        400
-/+ buffers/cache:        664        345
Swap:         4032          0       4032

if you want to clear or free cache/buffer memory then you need to run the below command.

[root@localhost]# echo 3 > /proc/sys/vm/drop_caches

These are the different values which you can use with the above command

echo 1 is clearing only page cache

[root@localhost]# echo 1 > /proc/sys/vm/drop_caches

echo 2 is to clear free dentries and inodes

[root@localhost]# echo 2 > /proc/sys/vm/drop_caches

echo 3 is clearing page cache, dentries and inodes

[root@localhost]# echo 3 > /proc/sys/vm/drop_caches

Thursday, 11 January 2018

SSH login without password in linux

If you want to connect one Linux host to other Linux host through SSH with password-less connection then you need to perform below steps.

Lets suppose you need password-less login from host "server01" / user "redhat" to host "server02" / user "centos".

1. First login in on "server01"as user "redhat" and generate a pair of authentication keys.

[redhat@server01]# ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/redhat/.ssh/id_rsa):
Created directory '/home/redhat/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/redhat/.ssh/id_rsa.
Your public key has been saved in /home/redhat/.ssh/id_rsa.pub.
The key fingerprint is:
1e:4f:05:79:3a:9f:96:7c:2b:ad:e9:58:37:sc:37:e4 redhat@server01

Note: Do not enter a passphrase.

2. Now you use ssh to create a directory ~/.ssh as user "centos" on server02.

Note: If directory already exist, you do not create it again.

[redhat@server01]# ssh centos@server02 mkdir -p .ssh

centos@server02's password:

Finally append redhat's new public key to centos@server02:.ssh/authorized_keys and enter centos's password one last time:

3. Now copy the rsa key to server 02 ssh authorized_keys file

[redhat@server01]# cat .ssh/id_rsa.pub | ssh centos@server02 'cat >> .ssh/authorized_keys'

centos@server02's password:

Now you can log into server02 as "centos" from server01 as "redhat"a without password.

4. Now you can test the password less connection.

[redhat@server01]# ssh centos@server02

You are successfully login on the server02 without any password.

Note:  In case of any permission issue you need to set "700" permission on .ssh folder on server02.

Thursday, 21 December 2017

Multipath command with an examples

In linux operating system device mapping through multipath is widely used. Here, we can give you some example how we will use the multipath commands in Linux server

➤ Normally multipath device has a Word Wide Identifier (WWID), which is globally unique and unchanging.

➤ When new devices are brought under the control of DM-Multipath, the new devices may be seen in three different places under the /dev directory: /dev/mapper/mpathn, /dev/mpath/mpathn, and /dev/dm-n

➤ The devices in /dev/mapper are created early in the boot process. Use these devices to access the multipathed devices, for example when creating logical volumes.
The devices in /dev/mpath are provided as a convenience so that all multipathed devices can be seen in one directory. These devices are created by the udev device manager and may not be available on startup when the system needs to access them.

Note: Do not use these devices for creating logical volumes or filesystems

➤ Any devices of the form /dev/dm-n are for internal use only and should never be used.

Please find the multipath syntax which we used in the Linux operating system.


l    -> Display the current multipath configuration gathered from sysfs and the device mapper.
ll  -> Display the current multipath configuration gathered from sysfs, the device mapper, and all other available components on the system.
f    -> Remove the named multipath device.
F   -> Remove all unused multipath devices.
v   ->  Verbosity level
          . 0 no output
          . 1 print created devmap names only
          . 2 default verbosity
          . 3 print debug information
d   -> Dry run, do not create or update devmaps
r    -> Force devmap reload

⧪ How to display the current multipath configuration with all information.

[root@localhost~]# multipath -ll
Dec 21 11:27:17 | multipath.conf line 35, invalid keyword: selector
mpathf (3600c0ff00019e9e9dc94c25801000000) dm-6 HP,MSA 2040 SAN
size=466G features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=70 status=active
  |- 1:0:0:4 sdg 8:96 active ready running
  |- 2:0:0:4 sdj 8:144 active ready running
  |- 1:0:1:4 sdq 65:0 active ready running
  `- 2:0:1:4 sdt 65:48 active ready running

⧪ How to remove multipath devices with multipath Command

[root@localhost~]# multipath -f mpathf

Note: if we use -F option then it is remove all unused devices.

⧪ How to Force reload device map with multipath Command

[root@localhost~]# multipath -r

Sunday, 10 December 2017

How to check number of CPU and processor in linux operating system

In this post, we will find all the command using which we can find that how many CPU and processor are used in Linux operating system.

⇾ This command are applicable in both RedHat & CentOS operating machine.

➤ How to check number of processor on operating system.

      cat /proc/cpuinfo | grep "physical id" | sort -u | wc -l

   Using above command it show you the number of processor which are currently used on server.

➤ How to check number of cores on Linux operating system.

     cat /proc/cpuinfo | grep "core id" | sort -u | wc -l

➤ You can used other command as well like "lscpu" to check number of processor and core per socket.

➤ Please find the other command which are also used to check the number of processor and cores in  Linux operating system.

    cat /proc/cpuinfo | grep 'model name' | uniq
   cat /proc/cpuinfo | grep "physical id" | sort -u | wc -l
   cat /proc/cpuinfo | grep "core id" | sort -u | wc -l