Ø System configuration files, user information are store in etc directory.
Ø /etc/password – User’s information in plaintext.
Ø /etc/shadow – User’s information + password in Encrypted format.
Run level
I. init 0 – Shutdown
II. init 1 – Single user mode (close all consol except current working consol.
We can enter single user mode without root using password.)
III. init 2 – Multi user mode without NFS (Network file system)
IV. init 3 – Full Multi user mode (text mode).
V. init 4 – Unused.
VI. init 5 – X window (Graphical mode)
VII. init 6 – Reboot
1. [#] runlevel – Display init level. It will display
N 3 à N = none, 3 = current init level.
1 S à 1 = Current init level, S = single user mode.
2. [#] vi /etc/inittab – Change run (init) level
id: 3: initdefault – i – change 3 (full multi user mode) to 1 (single user mode)
– Esc – : x!
3. Create virtual terminal (consol)
[#] vi /etc/inittab – go to 50 number line (by 50 gg)
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
…………………………………………
6:2345:respawn:/sbin/mingetty tty3
8:2345:respawn:/sbin/mingetty tty8
!
[#] reboot – Reboot the machine to work added F8 console
[#] init q – Reload the inittab file. (It is better than reboot the machine)
4. Datives the Alt+Ctrl+Del command to reboot a machine and display a message.
[#] vi test
#!/bin/bash
echo “This feature is disable by the system admin”
!
[#] chmod +x test
[#] cp test /usr/bin/test
[#] vi /etc/inittab
#Trap CTRL-ALT-DELETE
#Ca: : ctrlaltdel:/sbin/shoutdown -t3 -r now – comment out the line.
Ca: : ctrlaltdel:usr/bin/test – add the line
!
[#] init q – Reload the inittab file.
There are two type Boot Loader
Ø Grub – grand Unified Boot Loader.
Ø LiLo – Linux Loader (old version)
5. Set password to enter kernel boot loader.
[#] vi /etc/grub.conf
title fedora core 0
title others 1
default =1 – default booting OS
timeout = 5 – 5 second wait for choosing booting OS
passwd=123
hidemenue – give password of editing kernel by e during booting session
passwd=123
6. [#] vi /etc/passwd
root: x: 0:0: root: /root/bin/bash
mahmud: x: 500:500: Mahmudul Hasan/home/bin/bash
Here ……
root – User name.
x – User password in shadow file.
0 – User id (always root user id and password is 0:0, system created user id is
form 0 to 499 and Normal created user id is start form 500.
0 – Group id
root – User’s full name and other information (address, phone number etc.)
/root – Home directory of root.
/bin/bash – Shell. If here /bin/no login or /bin/false display then the user can
not login
7. [#] vi /etc/shadow à information are shown in encrypted format
root: lkdfhalkfj94u8392kldfna: 0:0: root: /root/bin/bash
8. [#] vi /etc/passwd
root:! x: 0:0: root: /root/bin/bash à The user is locked.
root: x: 0:0: root: /root/bin/bash à The user is unlocked.
We can also lock the user by command: –
[#] passwd –l mahmud à Lock the user named mahmud.
[#] passwd –u mahmud à Unlock the user named mahmud.
9. [#] vi/etc/motd à [motd – message of the day]. When login the message is
displayed in the screen.
Welcome to linux pathshala
!
10. [#] vi /etc/issue à Give message before login.
hello this is me
!
11. [#] vi /etc/rc.local à Run the file during start the machine.
reboot à Reboot the server when start the machine every time.
!
12. Deny services to the hosts
[#] vi /etc/hosts.deny
ALL:ALL or all:all – Deny all service to all hosts [1st ALL is service name &
2nd ALL is host name].
sshd:ALL or sshd : ALL – Deny sshd service to all hosts.
sshd,telnet:ALL – Deny sshd and telnet service to all hosts.
sshd:sum,mum – Deny sshd service to host sum and mum
sshd:192.168.1.1 192.168.1.2 – Deny sshd service to the IP
sshd:192.168.1.1,192.168.1.2 – Deny sshd service to the IP
sshd:ALL EXCEPT 192.168.1.1 – Deny sshd service to all host except the IP.
!
13. Allow services to the hosts
[#] vi /etc/hosts.allow
ALL:ALL or all:all – Allow all service to all hosts [1st ALL is service name &
2nd ALL is host name].
sshd:192.168.1.2 – Allow sshd service to IP 192.168.1.2
sshd:linux2 – Allow sshd service to host linux2
sshd:192.168.1. – Allow sshd service to IP 192.168.1. all networks.
sshd:192.168.1.0/24 – Allow sshd service to IP 192.168.1.2/24 all networks.
snmpd: 221.120.96. – Allow snmpd to this block.
!
[#] cat /etc/service – Display the port number of different protocol.
