Difference between revisions of "CentOS8 CheatSheet fuer System Administratoren"

From Bitbull Wiki
Jump to navigation Jump to search
 
(23 intermediate revisions by the same user not shown)
Line 24: Line 24:
 
  dnf -y install ncdu
 
  dnf -y install ncdu
 
  ncdu -x /  #replace / with needed mountpoint
 
  ncdu -x /  #replace / with needed mountpoint
 
 
 
 
  
 
==Memory==
 
==Memory==
Line 41: Line 37:
 
  vmstat 1
 
  vmstat 1
  
[[Category:Linux]]
+
==Processes==
[[Category:ReferenceCards]]
+
* tui process manager
[[Category:Training]]
+
top
  
==Processes==
 
 
* show processes with tree
 
* show processes with tree
 
  ps -f fax
 
  ps -f fax
 
  
 
* detailed process information
 
* detailed process information
 
  ps  -faxo ruser,ppid,pid,rss,vsz,pcpu,tty,args
 
  ps  -faxo ruser,ppid,pid,rss,vsz,pcpu,tty,args
 +
 +
==Network==
 +
* show ip config
 +
ip a
 +
* show wan ip
 +
curl ifconfig.me
 +
* confgure network settings
 +
nmtui
 +
* activate changed network settings
 +
nmcli connection reload
 +
nmcli device reapply <nic name>
 +
# or just reboot the host
 +
 +
===SUDO: User als admin erstellen===
 +
useradd admin
 +
passwd admin
 +
id admin
 +
usermod -a -G wheel admin
 +
id admin
 +
su - admin
 +
# jetzt bist du als admin eingeloggt
 +
sudo service chronyd restart
 +
# das geht nur als root user (sudo rechte erteilt)
  
 
[[Category:Linux]]
 
[[Category:Linux]]
Line 75: Line 92:
 
* check if service is enabled to autostart after reboot
 
* check if service is enabled to autostart after reboot
 
  systemctl is-enabled <svc-name>
 
  systemctl is-enabled <svc-name>
 +
 +
=SELinux=
 +
* show SELinux status
 +
getenforce
 +
* disable SELinux (not persistent)
 +
setenforce 0
 +
* change SELinux mode (reboot needed)
 +
vi /etc/sysconfig/selinux
 +
* show selinux alerts and recomendations
 +
sealert -a /var/log/audit/audit.log
 +
 +
=Firewalling=
 +
* show firewalling status
 +
systemctl list-units --runtime | egrep 'firewall|tables'
 +
* show active iptables rules
 +
iptables-save
 +
* show loaded nftables rules
 +
nft list ruleset
 +
 +
==disable firewalling for testing==
 +
* check which kind of firewall is running on the system
 +
systemctl list-units --runtime | egrep 'firewall|tables'
 +
 +
* temporary disable ALL firewall rules (will reaper after reboot)
 +
systemctl stop firewalld nftables iptables
 +
 +
* test now if it works
 +
 +
* restart all services that where running before testing (or just reboot)
 +
systemctl start <svc-name>
  
 
[[Category:Linux]]
 
[[Category:Linux]]
 
[[Category:ReferenceCards]]
 
[[Category:ReferenceCards]]
 
[[Category:Training]]
 
[[Category:Training]]
 +
 +
=Scheduling=
 +
 +
==cron (user/system)==
 +
* cron overview
 +
tail -n +1 /etc/crontab /etc/cron.*/* /var/spool/cron/*
 +
* edit crontab of user
 +
crontab -e -u root
 +
* show crontab of user
 +
crontab -l -u bob
 +
 +
=at (one time)=
 +
* create job
 +
at 22:00 30.12.13
 +
* list jobs
 +
atq
 +
* remove job
 +
atrm <id>
 +
 +
=systemd (user/system)=
 +
* list timers
 +
systemctl list-units --type timer
 +
* show configuration of timer
 +
systemctl show <name>
 +
* get timer status
 +
systemctl status <name>
 +
 +
 +
 +
  
 
=Events=
 
=Events=
Line 116: Line 193:
  
  
=This and That=
+
=Software=
 +
install package and deps
 +
dnf install httpd
 +
 
 +
remove package and deps
 +
dnf remove php-mysql
 +
 
 +
update entire system and deps
 +
dnf upgrade
 +
 
 +
update one package without question
 +
dnf -y update httpd
 +
 
 +
clean package cache
 +
dnf clean all
 +
 
 +
search for name in package-name and description
 +
dnf search gstream
 +
 
 +
search for name in package-name
 +
dnf list '*http*'
 +
 
 +
search for package which provides this comand
 +
dnf provides '*fortune'
 +
 
 +
list all package groups
 +
dnf grouplist
 +
 
 +
install package group
 +
dnf groupinstall XFCE
 +
 
 +
remove package group
 +
dnf remove "PostgreSQL Database"
 +
 
 +
downgrade package
 +
dnf --showduplicates list samba-common
 +
dnf downgrade package1 package2
 +
 
 +
=Debugging=
 +
==repeat comand==
 +
watch df -hP
 +
 
 +
==network bandwith monitoring==
 +
dnf -y install epel-release
 +
dnf -y install iftop
 +
iftop
 +
 
 +
[[Category:Linux]]
 +
[[Category:ReferenceCards]]
 +
[[Category:Training]]
 +
 
 +
==Dstat performance monitoring==
 +
dnf -y install pcp-system-tools
 +
dstat -af
 +
dstat -cdngy
 +
dstat -f -M time,cpu,net,disk,sys,swap,page,load,proc,topcpu --output $(date '+%Y.%m.%d-%H.%M')-dstat.csv
 +
dstat -cdngymsp --lock --tcp --output $(date '+%Y.%m.%d-%H.%M')-dstat.csv
 +
 
 +
==Enter debug shell (reset root password)==
 +
* Reboot the machine
 +
* When grub kernel selection is showing up, press e
 +
 
 +
* At the end of the line with beginning linux remove the "rhgb quiet" (on the end)
 +
* At the end of the line with beginning linux add init=/bin/bash
 +
* At the line beginning linux replace the ro with rw
 +
 
 +
* Press CTRL + x to boot into this settings
 +
* Now system boots into single shell process instead of full linux env
 +
* Now you can reset the password or debug the system
 +
* '''hints:'''
 +
su - # load full bash config
 +
* change keyboard layout
 +
loadkeys sg #swiss german
 +
loadkeys us #forbidden :-)
 +
* network config files
 +
ls /etc/sysconfig/network-scripts/ifcfg-*
 +
* selinux config (disable/enable)
 +
vi /etc/sysconfig/selinux
 +
* reset all selinux tags on next boot (relabel)
 +
touch /.autorelabel
 +
* force filesystem check on next boot
 +
touch /.forcefsck
 +
* force manual reboot
 +
sync
 +
reboot -f
 +
 
 +
 
 +
 
 +
 
 +
 
 +
==strace examples (process tracing)==
 +
strace -ff -e trace=write -e write=1,2 -p SOME_PID
 +
strace -e open ls
 +
strace -e trace=open,read ls /home
 +
strace -o output.txt ls
 +
strace -f -p 1725 -o firefox_trace.txt # f: follow process
 +
strace -t -e open ls /home #timestamp
 +
strace -c ls /home # statistics
 +
strace -f -t -e trace=file systemctl restart SuSEfirewall2 2>&1 | grep open | cut -d'"' -f2
 +
 
 
==SOS Report (Log Bundle)==
 
==SOS Report (Log Bundle)==
 
This collects a log bundle which can be used for later debugging and analyzing. <br>
 
This collects a log bundle which can be used for later debugging and analyzing. <br>
Line 123: Line 299:
 
  sosreport
 
  sosreport
 
  cp -av /var/tmp/sosreport* /root/
 
  cp -av /var/tmp/sosreport* /root/
 
==CentOS 8 Stream migration==
 
CentOS8 will be discontinued by the Red Hat team. All the effort will go into CentOS Stream operating System which is a rolling release of CentOS.<br>
 
You can directly migrate a CentOS8 into a CentOS8 Stream in place:
 
dnf install centos-release-stream
 
dnf distro-sync
 
cat /etc/centos-release
 
reboot
 
  
 
[[Category:Linux]]
 
[[Category:Linux]]
 
[[Category:ReferenceCards]]
 
[[Category:ReferenceCards]]
 
[[Category:Training]]
 
[[Category:Training]]

Latest revision as of 15:22, 17 December 2020

1 System

1.1 Hardware

  • Show hardware details
lshw
  • show bios hardware details
dmidecode

1.2 Disk/Filesystem

  • Show block uage of mounted disks
df -hP
  • Show inode uage of mounted disks
df -hiP
  • show how blockdevices are configured in system
lsblk
  • get 10 biggest files in current dir
du -sm * .[^\.]* | sort -n | tail
  • use ncdu to find large files
dnf -y install epel-release
dnf config-manager --enable epel
dnf -y install ncdu
ncdu -x /  #replace / with needed mountpoint

1.3 Memory

  • Show memory statistics
free -th
  • Top provides memory information as well
top

1.4 CPU

  • show system load (1m, 5m, 15m)
w
  • detailed realtime statictics of procs, memory, swap, io, system, cpu
vmstat 1

1.5 Processes

  • tui process manager
top
  • show processes with tree
ps -f fax
  • detailed process information
ps  -faxo ruser,ppid,pid,rss,vsz,pcpu,tty,args

1.6 Network

  • show ip config
ip a
  • show wan ip
curl ifconfig.me
  • confgure network settings
nmtui
  • activate changed network settings
nmcli connection reload
nmcli device reapply <nic name>
# or just reboot the host

1.6.1 SUDO: User als admin erstellen

useradd admin
passwd admin
id admin
usermod -a -G wheel admin
id admin
su - admin
# jetzt bist du als admin eingeloggt
sudo service chronyd restart
# das geht nur als root user (sudo rechte erteilt)

2 Services

  • list all services
systemctl list-units --type service
  • List failed services on boot
systemctl --failed
  • show all running services
systemctl --all --state=running
  • show detailed service status
systemctl status <svc-name>
  • most common service handling
 systemctl [start|stop|restart|status|enable|disable|mask] <svc-name>
  • check if service is enabled to autostart after reboot
systemctl is-enabled <svc-name>

3 SELinux

  • show SELinux status
getenforce
  • disable SELinux (not persistent)
setenforce 0
  • change SELinux mode (reboot needed)
vi /etc/sysconfig/selinux
  • show selinux alerts and recomendations
sealert -a /var/log/audit/audit.log

4 Firewalling

  • show firewalling status
systemctl list-units --runtime | egrep 'firewall|tables'
  • show active iptables rules
iptables-save
  • show loaded nftables rules
nft list ruleset

4.1 disable firewalling for testing

  • check which kind of firewall is running on the system
systemctl list-units --runtime | egrep 'firewall|tables'
  • temporary disable ALL firewall rules (will reaper after reboot)
systemctl stop firewalld nftables iptables
  • test now if it works
  • restart all services that where running before testing (or just reboot)
systemctl start <svc-name>

5 Scheduling

5.1 cron (user/system)

  • cron overview
tail -n +1 /etc/crontab /etc/cron.*/* /var/spool/cron/*
  • edit crontab of user
crontab -e -u root
  • show crontab of user
crontab -l -u bob

6 at (one time)

  • create job
at 22:00 30.12.13
  • list jobs
atq
  • remove job
atrm <id>

7 systemd (user/system)

  • list timers
systemctl list-units --type timer
  • show configuration of timer
systemctl show <name>
  • get timer status
systemctl status <name>



8 Events

8.1 Show last boots

journalctl --list-boots
last reboot

8.2 Journal

  • Show log since last boot
journalctl -b
  • Kernel messages (like dmesg)
journalctl -k
  • Show latest log and wait for changes
journalctl -f
  • Reverse output (newest first)
journalctl -r
  • Show only errors and worse
journalctl -b -p err
  • Filter on time (example)
journalctl --since=2014-06-00 --until="2014-06-07 12:00:00"
  • Since yesterday
journalctl --since=yesterday
  • Show only log of SERVICE
journalctl -u SERVICE
  • Match executable, e.g. dhclient
journalctl /usr/sbin/dhclient
  • Match device node, e.g. /dev/sda
journalctl /dev/sda

8.3 Log Files

  • tail all currently open text files
lsof -F | sed '/^n\//!d;s/^n//;s/ .*//' | sort -u | xargs file | grep ' text$' | cut -d: -f1 | xargs tail -fn0
  • tail all files under /var/log
tail -f -n0 /var/log/* /var/log/*/*


9 Software

install package and deps 

dnf install httpd

remove package and deps 

dnf remove php-mysql

update entire system and deps 

dnf upgrade

update one package without question 

dnf -y update httpd

clean package cache 

dnf clean all

search for name in package-name and description 

dnf search gstream

search for name in package-name 

dnf list '*http*'

search for package which provides this comand 

dnf provides '*fortune'

list all package groups 

dnf grouplist

install package group 

dnf groupinstall XFCE

remove package group 

dnf remove "PostgreSQL Database"

downgrade package 

dnf --showduplicates list samba-common
dnf downgrade package1 package2

10 Debugging

10.1 repeat comand

watch df -hP

10.2 network bandwith monitoring

dnf -y install epel-release
dnf -y install iftop
iftop

10.3 Dstat performance monitoring

dnf -y install pcp-system-tools
dstat -af
dstat -cdngy
dstat -f -M time,cpu,net,disk,sys,swap,page,load,proc,topcpu --output $(date '+%Y.%m.%d-%H.%M')-dstat.csv
dstat -cdngymsp --lock --tcp --output $(date '+%Y.%m.%d-%H.%M')-dstat.csv

10.4 Enter debug shell (reset root password)

  • Reboot the machine
  • When grub kernel selection is showing up, press e
  • At the end of the line with beginning linux remove the "rhgb quiet" (on the end)
  • At the end of the line with beginning linux add init=/bin/bash
  • At the line beginning linux replace the ro with rw
  • Press CTRL + x to boot into this settings
  • Now system boots into single shell process instead of full linux env
  • Now you can reset the password or debug the system
  • hints:
su - # load full bash config
  • change keyboard layout
loadkeys sg #swiss german
loadkeys us #forbidden :-)
  • network config files
ls /etc/sysconfig/network-scripts/ifcfg-*
  • selinux config (disable/enable)
vi /etc/sysconfig/selinux
  • reset all selinux tags on next boot (relabel)
touch /.autorelabel
  • force filesystem check on next boot
touch /.forcefsck
  • force manual reboot
sync
reboot -f



10.5 strace examples (process tracing)

strace -ff -e trace=write -e write=1,2 -p SOME_PID
strace -e open ls
strace -e trace=open,read ls /home
strace -o output.txt ls 
strace -f -p 1725 -o firefox_trace.txt # f: follow process
strace -t -e open ls /home #timestamp
strace -c ls /home # statistics
strace -f -t -e trace=file systemctl restart SuSEfirewall2 2>&1 | grep open | cut -d'"' -f2

10.6 SOS Report (Log Bundle)

This collects a log bundle which can be used for later debugging and analyzing.
Start this BEFORE you try to repair or change something, as well do not forget to snapshot/backup System/Application before debugging. 

dnf -y install sos
sosreport
cp -av /var/tmp/sosreport* /root/
Retrieved from "http://www.bitbull.ch/wiki/index.php?title=CentOS8_CheatSheet_fuer_System_Administratoren&oldid=5143"