Vjezba 1OS1nmtui-napraviti bond adapter-dodati dva adaptera u bond s

1. Vjezba 1
2.  
3. OS1
4.  
5. nmtui
6. -napraviti bond adapter
7. -dodati dva adaptera u bond sa ispravnim nazivom
8. -podesiti da su aktivni
9. sysctl -w net.ipv4.ip_forward=1 -radi forward paketa
10. cat /proc/sys/net/ipv4/ip_forward -provjera, mora biti 1
11. iptables -t nat -A POSTROUTING -o ens192 -j MASQUERADE
12.  
13. OS2
14.  
15. nmtui
16. -napraviti bond adapter
17. -dodati dva adaptera u bond sa ispravnim nazivom
18. -podesiti da su aktivni
19. -podesiti GW (OS1) i DNS(8.8.8.8)
20. ifdown ens192
21. ip route add 0.0.0.0/32 via 192.168.1.2 dev nm-bond
22. vi /etc/resolv.conf
23. -dodati liniju "nameserver 8.8.8.8"
24. nslookup 1.1.1.1
25.  
26. Vježba 2.
27.  
28. hostnamectl set-hostname rhelserver
29. vi /etc/hosts - dodati zapise za server i client
30. Na serveru
31. yum -y install openldap compat-openldap openldap-clients openldap-servers
32. openldap-servers-sql openldap-devel
33. systemctl start slapd.service
34. systemctl enable slapd.service
35. slappasswd -spremiti hash od nove lozinke
36. vi db.ldif
37. dn: olcDatabase={2}hdb,cn=config
38. changetype: modify
39. replace: olcSuffix
40. olcSuffix: dc=example,dc=com
41.  
42. dn: olcDatabase={2}hdb,cn=config
43. changetype: modify
44. replace: olcRootDN
45. olcRootDN: cn=ldapadm,dc=example,dc=com
46.  
47. dn: olcDatabase={2}hdb,cn=config
48. changetype: modify
49. replace: olcRootPW
50. olcRootPW: {SSHA}------UMETNI PASSWORD --------
51.  
52. ldapmodify -Y EXTERNAL -H ldapi:/// -f db.ldif
53.  
54. vi monitor.ldif
55. dn: olcDatabase={1}monitor,cn=config
56. changetype: modify
57. replace: olcAccess
58. olcAccess: {0}to * by
59. dn.base="gidNumber=0+uidNumber=0,cn=peercred,cn=external, cn=auth" read by
60. dn.base="cn=ldapadm,dc=example,dc=com" read by * none
61.  
62. ldapmodify -Y EXTERNAL -H ldapi:/// -f monitor.ldif
63.  
64. openssl req -new -x509 -nodes -out /etc/openldap/certs/exampleldapcert.pem -
65. keyout /etc/openldap/certs/exampleldapkey.pem -days 365
66.  
67. chown -R ldap:ldap /etc/openldap/certs/*.pem
68. ldapmodify -Y EXTERNAL -H ldapi:/// -f certs.ldif
69. slaptest –u
70. cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG
71. chown ldap:ldap /var/lib/ldap/*
72. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/cosine.ldif
73. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/nis.ldif
74. ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
75.  
76. vi test.ldif
77. dn: uid=test,ou=People,dc=example,dc=com
78. objectClass: top
79. objectClass: account
80. objectClass: posixAccount
81. objectClass: shadowAccount
82. cn: test
83. uid: test
84. uidNumber: 9999
85. gidNumber: 100
86. homeDirectory: /home/test
87. loginShell: /bin/bash
88. gecos: Test [Test (at) Example]
89. userPassword: {crypt}x
90. shadowLastChange: 17058
91. shadowMin: 0
92. shadowMax: 99999
93. shadowWarning: 7
94.  
95. ldapadd -x -W -D "cn=ldapadm,dc=example,dc=com" –f test.ldif
96. ldappasswd -s test123 -W -D "cn=ldapadm,dc=example,dc=com" -x "uid=test,ou=People,dc=example,dc=com"
97. ldapsearch -x cn=test -b dc=example,dc=com
98.  
99. Klijent
100. yum install -y openldap-clients nss-pam-ldapd
101. authconfig --enableldap --enableldapauth --ldapserver=10.10.49.181 --ldapbasedn="dc=example,dc=com" --enablemkhomedir -–update
102. systemctl restart nslcd
103. Getent passwd test
104.  
105.  
106.  
107. Vježba 3.
108.  
109. yum -y install dhcp
110. vi /etc/sysconfig/dhcpd
111. DHCPDARGS=ens224
112. vi /etc/sysconfig/network-scripts/ifcfg-ens224
113. DEVICE=ens224
114. BOOTPROTO=none
115. ONBOOT=yes
116. PREFIX=24
117. IPADDR=192.168.1.1
118. systemctl restart network
119. cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
120. vi /etc/dhcp/dhcpd.conf
121. option domain-name "tecmint.lan";
122. option domain-name-servers ns1.tecmint.lan, ns2.tecmint.lan;
123. default-lease-time 3600;
124. max-lease-time 7200;
125. authoritative;
126.  
127. subnet 192.168.56.0 netmask 255.255.255.0 {
128. option routers 192.168.1.1;
129. option subnet-mask 255.255.255.0;
130. option domain-search "tecmint.lan";
131. option domain-name-servers 192.168.1.1;
132. range 192.168.56.10 192.168.56.100;
133. }
134. yum install bind bind-utlis -y
135. vi /etc/named.conf
136. listen-on port 53 { 127.0.0.1; 192.168.1.101;}; ### Master DNS IP ###
137. allow-query { localhost; 192.168.1.0/24;}; ### IP Range ###
138. zone "domena1.local" IN {
139. type master;
140. file "forward.domena1";
141. allow-update { none; };
142. };
143. zone "1.168.192.in-addr.arpa" IN {
144. type master;
145. file "reverse.domena1";
146. allow-update { none; };
147. };
148.  
149. vi /var/named/forward.unixmen
150. $TTL 86400
151. @ IN SOA racunalo.domena.local. root.domena.local. (
152. 2011071001 ; Serial
153. 3600 ; Refresh
154. 1800 ; Retry
155. 604800 ; Expire
156. 86400 ; Minimum TTL
157. )
158. @ IN NS racunalo.domena.local.
159. @ IN A 192.168.1.1
160. @ IN A 192.168.1.100
161. racunalo IN A 192.168.1.1
162. localhost IN A 192.168.1.100
163.  
164. vi /var/named/reverse.unixmen
165. $TTL 86400
166. @ IN SOA racunalo.domena.local. root.domena.local. (
167. 2011071001 ; Serial
168. 3600 ; Refresh
169. 1800 ; Retry
170. 604800 ; Expire
171. 86400 ; Minimum TTL
172. )
173. @ IN NS racunalo.domena.local.
174. racunalo IN A 192.168.1.1
175. localhost IN A 192.168.1.100
176. 1 IN PTR racunalo.domena.local.
177. 100 IN PTR localhost.domena.local
178.  
179. systemctl enable named
180. systemctl start named
181. chgrp named -R /var/named
182. chown -v root:named /etc/named.conf
183. restorecon -rv /var/named
184. restorecon /etc/named.conf
185. named-checkconf /etc/named.conf
186. named-checkzone domena.local /var/named/forward.local
187. named-checkzone domena.local /var/named/reverse.local
188.  
189. Postfix
190.  
191. yum -y install postfix*
192. vi /etc/postfix/main.cf
193. 76 myhostname=rhelserver111.domena1.local
194. 83 mydomain = domena1.local
195. 99 myorigin=$mydomain
196. 113 inet_interfaces= all
197. 165 mydestination=...
198. 264 mynetworks = 192.168.1.0/24, 127.0.0.0/8
199. 419 home_mailbox = Maildir/
200. :x
201. mail -s "test" root@rehlserver111 < /etc/hosts
202. yum -y install dovecot*
203. yum -y install telnet
204. telnet rhelserver111 25
205. ehlo rhelserver111.domena1.local
206. mail from: mailtest
207. rcpt to: mailtest
208. data
209. tekst
210. .
211. quit
212. vi /etc/dovecot/dovecot.conf
213. 24 protocols=imap pop3 lmtp
214. vi /etc/dovecot/conf.d/10-auth.conf
215. 10 disable_plaintext_auth = yes
216. 100 auth_mechanisms = plain login
217. vi /etc/dovecot/conf.d/10-mail.conf
218. 24 mail_location = maildir...
219. vi /etc/dovecot/conf.d/10-master.conf
220. 91 user = postfix
221. 92 group = postfix
222. systemctl start dovocet; systemctl restart postfix
223. chkconfig dovecot
224. telnet localhost 993
225. netstat -an | more
226. telnet rhelserver111 110
227. user mailtest
228. pass Pa$$w0rd
229. stat
230. retr 1
231.  
232.  
233. Apache
234.  
235. yum -y install httpd
236. systemctl start httpd; systemctl enable httpd
237. touch /var/www/html/index.html
238. vi /var/www/html/index.html
239. <html>
240. Moja stranica
241. </html>
242. otvoriti Mozillu i upisati localhost/index.thml
243.  
244. Virtualni hostovi
245. cd /var/www/html
246. mkdir prvi
247. mkdir drugi
248. mkdir treci
249. chown apache:apache -R prvi
250. chown apache:apache -R drugi
251. chown apache:apache -R treci
252. touch prvi/index.html
253. vi prvi/index.html
254. prvi site
255. touch drugi/index.html
256. vi drugi/index.html
257. drugi site
258. touch treci/index.html
259. vi treci/index.html
260. treci site
261. cd /etc/httpd
262. mkdir sites-available
263. mkdir sites-enabled
264. ls
265. vi conf/httpd.conf
266. IncludeOptional sites-enabled/*.conf
267. cd sites-available
268. vi prvi.com.conf
269. <VirtualHost *:80>
270.  
271. ServerName www.prvi.com
272. ServerAlias prvi.com
273. DocumentRoot /var/www/html/prvi/
274. ErrorLog /var/www/html/prvi/error.log
275. CustomLog /var/www/html/prvi/requests.log combined
276. </VirtualHost>
277. cp prvi.com.conf drugi.com.conf
278. vi drugi.com.conf
279. <VirtualHost *:80>
280.  
281. ServerName www.drugi.com
282. ServerAlias drugi.com
283. DocumentRoot /var/www/html/drugi/
284. ErrorLog /var/www/html/drugi/error.log
285. CustomLog /var/www/html/drugi/requests.log combined
286. </VirtualHost>
287. cp prvi.com.conf treci.com.conf
288. vi treci.com.conf
289. <VirtualHost *:80>
290.  
291. ServerName www.treci.com
292. ServerAlias treci.com
293. DocumentRoot /var/www/html/treci/
294. ErrorLog /var/www/html/treci/error.log
295. CustomLog /var/www/html/treci/requests.log combined
296. </VirtualHost>
297. ln -s /etc/httpd/sites-available/prvi.com.conf /etc/httpd/sites-enabled/prvi.com.conf
298. ln -s /etc/httpd/sites-available/drugi.com.conf /etc/httpd/sites-enabled/drugi.com.conf
299. ln -s /etc/httpd/sites-available/treci.com.conf /etc/httpd/sites-enabled/treci.com.conf
300. cd /etc/httpd/sites-enabled
301. ls
302. setenforce 0
303. systemctl restart httpd
304. vi /etc/hosts
305. 192.168.1.1 prvi.com
306. 192.168.1.1 drugi.com
307. 192.168.1.1 treci.com