Thursday, November 7, 2013

RPM command cheat sheet for RH Linux

rpm is a powerful Package Manager for Red Hat, Suse and Fedora Linux. It can be used to build, install, query, verify, update, and remove/erase individual software packages. A Package consists of an archive of files, and package information, including name, version, and description:

Syntax Description Example(s)
rpm -ivh {rpm-file} Install the package rpm -ivh mozilla-mail-1.7.5-17.i586.rpm
rpm -ivh --test mozilla-mail-1.7.5-17.i586.rpm
rpm -Uvh {rpm-file} Upgrade package rpm -Uvh mozilla-mail-1.7.6-12.i586.rpm
rpm -Uvh --test mozilla-mail-1.7.6-12.i586.rpm
rpm -ev {package} Erase/remove/ an installed package rpm -ev mozilla-mail
rpm -ev --nodeps {package} Erase/remove/ an installed package without checking for dependencies rpm -ev --nodeps mozilla-mail
rpm -qa Display list all installed packages rpm -qa
rpm -qa | less
rpm -qi {package} Display installed information along with package version and short description rpm -qi mozilla-mail
rpm -qf {/path/to/file} Find out what package a file belongs to i.e. find what package owns the file rpm -qf /etc/passwd
rpm -qf /bin/bash
rpm -qc {pacakge-name} Display list of configuration file(s) for a package rpm -qc httpd
rpm -qcf {/path/to/file} Display list of configuration files for a command rpm -qcf /usr/X11R6/bin/xeyes
rpm -qa --last Display list of all recently installed RPMs rpm -qa --last
rpm -qa --last | less
rpm -qpR {.rpm-file}
rpm -qR {package}		 Find out what dependencies a rpm file has rpm -qpR mediawiki-1.4rc1-4.i586.rpm
rpm -qR bash
{package} - Replace with actual package name 


RPM is nothing but a a package management system. To install an rpm file, open a terminal and then type the following command:
 
rpm -ivh .rpm.file-name
 
Please note that you need to log in as root, or use the su command to change to the root user to install the software using rpm command:
$ su -

Install RPM File

To install an rpm file called awstats.i386.rpm, enter:
# rpm -ivh awstats.i386.rpm

Note: you can download the package in rpm format from the official project web pages or public ftp servers.

 Upgrade RPM File

Type the following command:
# rpm -Uvh awstats.i386.rpm

If you are upgrading from an earlier version of the software package, use upgrade mode command as described above.


Erase (Delete) RPM File (package)

Type the following command:
# rpm -ev packagename
To find list of all install packages, enter:
# rpm -qa
# rpm -qa | less
# rpm -qa | grep something
Sample outputs:
comps-extras-11.1-1.1
libattr-2.4.32-1.1
libidn-0.6.5-1.1
grep-2.5.1-55.el5
libxslt-1.1.17-2.el5_2.2
perl-Digest-SHA1-2.11-1.2.1
time-1.7-27.2.2
libdaemon-0.10-5.el5
....
.....
..
mysql-server-5.0.77-4.el5_5.5
mysql-devel-5.0.77-4.el5_5.5
samba-client-3.0.33-3.29.el5_6.2
pcre-6.6-6.el5_6.1
yum-rhn-plugin-0.5.4-17.el5_6.1
libtiff-3.8.2-7.el5_6.7
nash-5.1.19.6-68.el5_6.1
quota-3.13-5.el5
xorg-x11-server-Xorg-1.1.1-48.76.el5_6.4
xorg-x11-server-Xnest-1.1.1-48.76.el5_6.4

To remove samba-client-3.0.33-3.29.el5_6.2, enter:
# rpm -ev samba-client-3.0.33-3.29.el5_6.2


 
Posted by at No comments:

Tuesday, October 22, 2013

CHMOD Linux Commands

Purpose

Changes file modes.

Syntax

To Change File Modes Symbolically

chmod [ -R ] [ -h ] [ -f ] [ [ u ] [ g ] [ o ] | [ a ] ] { { - | + | = } [ r ] [ w ] [ x ] [ X ] [ s ] [ t ] } { File ... | Directory ... }

To Change File Modes Numerically

chmod [ -R ] [ -h ] [ -f ] PermissionCode { File ... | Directory ... }

Description

The chmod command modifies the mode bits and the extended access control lists (ACLs) of the specified files or directories. The mode can be defined symbolically or numerically (absolute mode).
When a symbolic link is encountered and you have not specified the -h flag, the chmod command changes the mode of the file or directory pointed to by the link and not the mode of the link itself. If you specify the -h flag, the chmod command prevents this mode change.
If you specify both the -h flag and the -R flag, the chmod command descends the specified directories recursively, and when a symbolic link is encountered, the mode of the file or directory pointed to by the link is not changed.

Flags

-f Suppresses all error reporting except invalid permissions and usage statements.
-h Suppresses a mode change for the file or directory pointed to by the encountered symbolic link.
Note: This behavior is slightly different from the behavior of the -h flag on the chgrp and chown commands because mode bits cannot be set on symbolic links.
-R Descends only directories recursively, as specified by the pattern File...|Directory.... The -R flag changes the file mode bits of each directory and of all files matching the specified pattern. See Example 6.
When a symbolic link is encountered and the link points to a directory, the file mode bits of that directory are changed but the directory is not further traversed.

Symbolic Mode

To specify a mode in symbolic form, you must specify three sets of flags.
Note: Do not separate flags with spaces.
The first set of flags specifies who is granted or denied the specified permissions, as follows:
u File owner.
g Group and extended ACL entries pertaining to the file's group.
o All others.
a User, group, and all others. The a flag has the same effect as specifying the ugo flags together. If none of these flags are specified, the default is the a flag and the file creation mask (umask) is applied.
The second set of flags specifies whether the permissions are to be removed, applied, or set:
- Removes specified permissions.
+ Applies specified permissions.
= Clears the selected permission field and sets it to the permission specified. If you do not specify a permission following =, the chmod command removes all permissions from the selected field.
The third set of flags specifies the permissions that are to be removed, applied, or set:
r Read permission.
w Write permission.
x Execute permission for files; search permission for directories.
X Execute permission for files if the current (unmodified) mode bits have at least one of the user, group, or other execute bits set. The X flag is ignored if the File parameter is specified and none of the execute bits are set in the current mode bits.
Search permission for directories.
s Set-user-ID-on-execution permission if the u flag is specified or implied. Set-group-ID-on-execution permission if the g flag is specified or implied.
t For directories, indicates that only file owners can link or unlink files in the specified directory. For files, sets the save-text attribute.

Numeric or Absolute Mode

The chmod command also permits you to use octal notation for the mode. The numeric mode is the sum of one or more of the following values:
4000 Sets user ID on execution.
2000 Sets group ID on execution.
1000 Sets the link permission to directories or sets the save-text attribute for files.
0400 Permits read by owner.
0200 Permits write by owner.
0100 Permits execute or search by owner.
0040 Permits read by group.
0020 Permits write by group.
0010 Permits execute or search by group.
0004 Permits read by others.
0002 Permits write by others.
0001 Permits execute or search by others.
Notes:
  1. Specifying the mode numerically disables any extended ACLs. Refer to "Access control Lists" in Operating system and device management for more information.
  2. Changing group access permissions symbolically also affects the AIXC ACL entries. The group entries in the ACL that are equal to the owning group of the file are denied any permission that is removed from the mode. Refer to "Access control Lists" in Operating system and device management for more information.
  3. You can specify multiple symbolic modes separated with commas. Operations are performed in the order they appear from left to right.
  4. You must specify the mode symbolically or use an explicit 4-character octal with a leading zero (for example, 0755) when removing the set-group-ID-on-execution permission from directories.
  5. For a non-AIXC ACL associated file system object, any request (either symbolically or numerically) that results in a operation to change the base permissions bits (rwxrwxrwx) in mode bits results in replacement of the existing ACL with just the mode bits.

Security

Access Control: This program should be installed as a normal user program in the Trusted Computing Base.
Only the owner of the file or the root user can change the mode of a file.

Exit Status

This command returns the following exit values:
0 The command executed successfully and all requested changes were made.
>0 An error occurred.

Examples

  1. To add a type of permission to several files: 
    chmod  g+w  chap1  chap2
    This adds write permission for group members to the files chap1 and chap2.

  2. To make several permission changes at once: 
     
    chmod  go-w+x  mydir

    This denies group members and others the permission to create or delete files in mydir (go-w) and allows group members and others to search mydir or use it in a path name (go+x). This is equivalent to the command sequence: 
    chmod  g-w  mydir
chmod  o-w  mydir
chmod  g+x  mydir
chmod  o+x  mydir
     
  3. To permit only the owner to use a shell procedure as a command: 
     
    chmod  u=rwx,go= cmd

    This gives read, write, and execute permission to the user who owns the file (u=rwx). It also denies the group and others the permission to access cmd in any way (go=).
    If you have permission to execute the cmd shell command file, then you can run it by entering:
    cmd
    Note: Depending on the PATH shell variable, you may need to specify the full path to the cmd file.
  4. To use Set-ID Modes: 
    chmod  ug+s  cmd

    When the cmd command is executed, the effective user and group IDs are set to those that own the cmd file. Only the effective IDs associated with the child process that runs the cmd command are changed. The effective IDs of the shell session remain unchanged.
    This feature allows you to permit access to restricted files. Suppose that the cmd program has the Set-User-ID Mode enabled and is owned by a user called dbms. The user dbms is not actually a person, but might be associated with a database management system. The user betty does not have permission to access any of dbms's data files. However, she does have permission to execute the cmd command. When she does so, her effective user ID is temporarily changed to dbms, so that the cmd program can access the data files owned by the user dbms.
    This way the user betty can use the cmd command to access the data files, but she cannot accidentally damage them with the standard shell commands.

  5. To use the absolute mode form of the chmod command: 
     
    chmod  644  text

    This sets read and write permission for the owner, and it sets read-only mode for the group and others. This also removes all extended ACLs that might be associated with the file.

  6. To recursively descend directories and change file and directory permissions given the tree structure:
    ./dir1/dir2/file1
    ./dir1/dir2/file2
    ./dir1/file1

    enter this command sequence:
    chmod -R 777 f*
    which will change permissions on ./dir1/file1.

    But given the tree structure of:
    ./dir1/fdir2/file1
    ./dir1/fdir2/file2
    ./dir1/file3

    the command sequence:
    chmod -R 777 f*

    will change permissions on:
    ./dir1/fdir2
    ./dir1/fdir2/file1
    ./dir1/fdir2/file2
    ./dir1/file3
Posted by at No comments:

CHOWN Linux Command

Purpose

Changes the owner or group associated with a file.

Syntax

chown-f ] [ -h ] [  -R ] Owner :Group ] { File ... Directory ... }
chown -R -f ] [ -H | -L | -P ] Owner :Group ] { File ... Directory ... }

Description

The chown command changes the owner of the file or directory specified by the File or Directory parameter to the user specified by the Owner parameter. The value of the Owner parameter can be a user name from the user database or a numeric user ID. Optionally, a group can also be specified. The value of the Group parameter can be a group name from the group database or a numeric group ID.
Only the root user can change the owner of a file. You can change the group of a file only if you are a root user or if you own the file. If you own the file but are not a root user, you can change the group only to a group of which you are a member.
Although the -H, -L and -P flags are mutually exclusive, specifying more than one is not considered an error. The last flag specified determines the behavior that the command will exhibit.
When a symbolic link is encountered and you have not specified the -h flag, the chown command changes the ownership of the file or directory pointed to by the link and not the ownership of the link itself.
If you specify the -h flag, the chown command has the opposite effect and changes the ownership of the link itself and not that of the file or directory pointed to by the link.
If you specify the -R flag, the chown command recursively descends the specified directories.
If you specify both the -h flag and the -R flag, the chown command descends the specified directories recursively, and when a symbolic link is encountered, the ownership of the link itself is changed and not that of the file or directory pointed to by the link.

Flags

-f Suppresses all error messages except usage messages.
-h Changes the ownership of an encountered symbolic link and not that of the file or directory pointed to by the symbolic link.
-H If the -R option is specified and a symbolic link referencing a file of type directory is specified on the command line, the chown command shall change the user ID (and group ID, if specified) of the directory referenced by the symbolic link and all files in the file hierarchy below it.
-L If the -R option is specified and a symbolic link referencing a file of type directory is specified on the command line or encountered during the traversal of a file hierarchy, the chown command shall change the user ID (and group ID, if specified) of the directory referenced by the symbolic link and all files in the file hierarchy below it.
-P If the -R option is specified and a symbolic link is specified on the command line or encountered during the traversal of a file hierarchy, the chown command shall change the owner ID (and group ID, if specified) of the symbolic link if the system supports this operation. The chown command shall not follow the symbolic link to any other part of the file hierarchy.
-R Descends directories recursively, changing the ownership for each file. When a symbolic link is encountered and the link points to a directory, the ownership of that directory is changed but the directory is not further transversed. If the -h, -H, -L or -P flags are not also specified, when a symbolic link is encountered and the link points to a directory, the group ownership of that directory is changed but the directory is not traversed further.

Security

Access Control: This program should be installed as a normal user program in the Trusted Computing Base.

Exit Status

This command returns the following exit values:
0 The command executed successfully and all requested changes were made.
>0 An error occurred.

Examples

  1. To change the owner of the file program.c: 
    chown jim program.c
    The user access permissions for program.c now apply to jim. As the owner, jim can use the chmod command to permit or deny other users access to program.c.
  2. To change the owner and group of all files in the directory /tmp/src to owner john and group build: 
    chown -R john:build /tmp/src
Posted by at No comments:

CHGRP Linux Command

chgrp Command


Purpose

Changes the group ownership of a file or directory.

Syntax

chgrp-f ] [ -h ] [-R ] GroupFile ... Directory ... }
chgrp -R -f ] [ -H | -L | -P ] Group { File... | Directory... }

Description

The chgrp command changes the group of the file or directory specified by the File or Directory parameter to the group specified by the Group parameter. The value of the Group parameter can be a group name from the group database or a numeric group ID. When a symbolic link is encountered and you have not specified the -h or -P flags, the chgrp command changes the group ownership of the file or directory pointed to by the link and not the group ownership of the link itself.
Although the -H, -L and -P flags are mutually exclusive, specifying more than one is not considered an error. The last flag specified determines the behavior that the command will exhibit.
If you specify the -h flag, the chgrp command has the opposite effect and changes the group ownership of the link itself and not that of the file or directory pointed to by the link.
If you specify both the -h flag and the -R flag, the chgrp command descends the specified directories recursively, and when a symbolic link is encountered, the group ownership of the link itself is changed and not that of the file or directory pointed to by the link.

Flags

-f Suppresses all error messages except usage messages.
-h Changes the group ownership of an encountered symbolic link and not that of the file or directory pointed to by the symbolic link.
-H If the -R option is specified and a symbolic link referencing a file of type directory is specified on the command line, chgrp shall change the group of the directory referenced by the symbolic link and all files in the file hierarchy below it.
-L If the -R option is specified and a symbolic link referencing a file of type directory is specified on the command line or encountered during the traversal of a file hierarchy, chgrp shall change the group of the directory referenced by the symbolic link and all files in the file hierarchy below it.
-P If the -R option is specified and a symbolic link is specified on the command line or encountered during the traversal of a file hierarchy, chgrp shall change the group ID of the symbolic link if the system supports this operation. The chgrp utility shall not follow the symbolic link to any other part of the file hierarchy.
-R Descends directories recursively, setting the specified group ID for each file. When a symbolic link is encountered and the link points to a directory, the group ownership of that directory is changed but the directory is not further traversed. If the -h, -H, -L or -P flags are not also specified, when a symbolic link is encountered and the link points to a directory, the group ownership of that directory is changed but the directory is not traversed further.

Exit Status

This command returns the following exit values:
0 Successful completion.
>0 An error occurred.

Examples

  1. To change the group ownership of the file or directory named proposals to staff: 
    chgrp staff proposals
    The group access permissions for proposals now apply to the staff group.
  2. To change the group ownership of the directory named proposals, and of all the files and subdirectories under it, to staff: 
    chgrp -R staff proposals
    The group access permissions for proposals and for all the files and subdirectories under it now apply to the staff group.
Posted by at No comments:

Monday, March 18, 2013

Recreating user SSH keys

Login as root then "su -" as the user in question.

[root@wrk01~]# su - john.smith

cd to the user ".ssh" hidden directory
[john.smith@wrk01~]$ cd .ssh

delete any previous "id" files and "Authorized_keys" file.
[john.smith@wrk01 .ssh]$ rm id_rsa
[john.smith@wrk01 .ssh]$ rm id_rsa.pub
[john.smith@wrk01 .ssh]$ rm authorized_keys

Now generate the new "id_rsa" key files.
[john.smith@wrk01 .ssh]$ ssh-keygen -t rsa

Now copy the "id_rsa.pub" to the "Authorized_keys" file.
[john.smith@wrk01 .ssh]$ cp id_rsa.pub authorized_keys

List all new files and their proper permissions.
[john.smith@wrk01 .ssh]$ ls -al
-rw------- id_rsa
-rw-r----- id_rsa.pub
-rw-r----- authorized_keys
-rw-r----- known_hosts
Posted by at No comments:
Subscribe to: Posts (Atom)