Configure Samba to use domain accounts for authentication

last updated in Categories , , , , ,

Q. How can I configure Samba to use domain accounts for authentication, so that user will be authenticated?

A. Samba server provides an options that allows authentication against a domain controller. Edit your smb.conf file using vi text editor:
Type the following command as root user

# vi /etc/samba/smb.conf
OR
$ sudo /etc/samba/smb.conf

Make sure parameters are set as follows [global] section of smb.conf file:

workgroup = YOUR-DOMAIN-CONTROLLER
netbios name = YOUR-SAMBA-SERVER-NAME
password server = IP-ADDRESS-OF-YOUR-DOMAIN-CONTROLLER
encrypt passwords = Yes
preferred master = No
domain master = No

Where,

  • Workgroup: This controls what workgroup your server will appear to be in when queried by clients.
  • netbios name : This sets the NetBIOS name by which a Samba server is known.
  • encrypt passwords : This boolean controls (YES or NO value) whether encrypted passwords will be used with the client. Note that Windows NT 4.0 SP3 and above and also Windows 98 will by default expect encrypted passwords unless a registry entry is changed. This is what you need to use for Window XP/2000/2003 systems.

Restart samba serve:
# /etc/init.d/samba restart

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

Explain Virtual File System

last updated in Categories , , , , , , , , , ,

Virtual file system (VFS) or Virtual filesystem switch is an abstraction layer on top of a more concrete file system. The purpose of a VFS is to allow for client applications to access different types of concrete file systems in a uniform way. A VFS can for example be used to access local and network storage devices transparently without the client application noticing the difference. Or it can be used to bridge the differences in Windows, Mac OS and Unix filesystems, so that applications could access files on local file systems of those types without having to know what type of file system they’re accessing.

More info about VFS:

Under Linux you can create a Virtual File System as follows
Use dd command to create a VFS disk image (5 MB):
$ dd if=/dev/zero of=/tmp/vfs-disk count=10240
Format your disk image with mkfs.ext3 command:
$ mkfs.ext3 /tmp/vfs-disk
When prompted for confirmation type ‘y’ to format VFS disk image.

Mounting VFS with a loopback device:
# mkdir -p /mnt/vfs0
# mount -o loop=/dev/loop0 /tmp/vfs-disk /mnt/vfs0

It will act as a normal file system. You can take this image to other computer and mount it.

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

Linux burn ISO images to Cds and CD-RWs howto

last updated in Categories , , , , , , , ,

Linux comes with various GUI and command line application to burn ISO images to CDs/CD-RWs. Cdrecord is command line based application used to record data or audio Compact Discs on an Orange Book CD-Recorder or to write DVD media on a DVD-Recorder i.e. it can brun ISO images.

Find out your CDR/W SCSI address/device name

Scan all SCSI devices on all SCSI busses and print the inquiry strings with –scanbus option. This option may be used to find SCSI address of the CD/DVD-Recorder on a system:
# cdrecord -scanbus
Output:

Cdrecord-Clone 2.01a34 (i686-pc-linux-gnu)
Copyright (C) 1995-2004 Jrg Schilling
scsidev: 'ATA:'
devname: 'ATA'
scsibus: -1 target: -1 lun: -1
Warning: Using badly designed ATAPI via /dev/hd*
interface.
Linux sg driver version: 3.5.27
Using libscg version 'schily-0.8'.
scsibus1:
1,0,0 100) 'SONY' 'CD-Writer' '1.0g'
1,1,0 101) *
1,2,0 102) *
1,3,0 103) *
1,4,0 104) *
1,5,0 105) *
1,6,0 106) *
1.7.0 107) *

In above example, my device name is 1,0,0. Now again use the cdrecord command to burn ISO image:
# cdrecord -v -dao dev=1,0,0 file.iso
You can also specify burning speed:
# cdrecord -v -dao dev=1,0,0 speed=8 file.iso

See also:

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

How do I rotate log files?

last updated in Categories , , , ,

Q. How do I rotate log files under Linux operating system?

A. You need use tool called logrotate, which is designed to ease administration of systems that generate large numbers of log files. It allows automatic rotation, compression, removal, and mailing of log files.

Each log file may be handled daily, weekly, monthly, or when it grows too large. With this tool you keep logs longer with less disk space.

Default configuration file

The default configuration file is /etc/logrotate.conf:
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
Service or server specific configurations stored in /etc/logrotate.d directory, for example here is sample apache logrotate configuration file:# cat /etc/logrotate.d/httpdOutput:

/var/log/httpd/*.log {
 weekly
 rotate 52
 compress
  missingok
  notifempty
  sharedscripts
  postrotate
      /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true    endscript
}

Where,

  • weekly : Log files are rotated if the current weekday is less then the weekday of the last rotation or if more then a week has passed since the last rotation.
  • rotate 52 : Log files are rotated 52 times before being removed or mailed to the address specified in a mail directive. If count is 0, old versions are removed rather then rotated.
  • compress : Old versions of log files are compressed with gzip to save disk space.
  • missingok : If the log file is missing, go on to the next one without issuing an error message.
  • notifempty : Do not rotate the log if it is empty
  • sharedscripts : Normally, prerotate and postrotate scripts are run for each log which is rotated, meaning that a single script may be run multiple times for log file entries which match multiple files. If sharedscript is specified, the scripts are only run once, no matter how many logs match the wildcarded pattern. However, if none of the logs in the pattern require rotating, the scripts will not be run at all.
  • postrotate
    /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true
    endscript : The lines between postrotate and endscript (both of which must appear on lines by themselves) are executed after the log file is rotated. These directives may only appear inside a log file definition.

See complete working example: How to rotating logs with logrotate for Lighttpd web server.

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org