in Linux, rhce

RHCE6 Preperation (4) – user/group, kernel install, printer, crontab

1, create group, add user belong to the group, and create password,

create the group ‘admin’

groupadd admin

add user to the group,

useradd -G admin mary
useradd -G admin alice
useradd -s /sbin/nologin bobby

user bobby added, but does not belong to group admin,  and dose not have access to an interactive shell on the system.

change the password for all the three users,

echo password | passwd --stdin mary
echo password | passwd --stdin alice
echo password | passwd --stdin bobby

Create a user aclan, uid as 3895, password as nimsdreg,

useradd -u 3895 aclan
passwd aclan

2,  Create a collaborative directory /common/admin with the following characteristics:
— Group ownership of /common/admin is admin
— The directory should be readable,writable,and accessible to members of admin, but not to any other users.(It is understood that root has access to all files and directories on the system)
— Files created in /common/admin automatically have group ownership set to the admin group

under the /common folder create the admin folder,

mkdir admin

change the group to admin

chgrp admin /common/admin

change the access condition for creating files with the automatically have the group ownership.

chmod 2770 /common/admin

The following command will achieve the same results and more understandable,

add the w right to the group user,

chmod g+w /common/admin

delete the rx right from others,

chmod o-rx /common/admin

file created under the /common/admin automatically have the group ownership set to the admin group

chmod g+s /common/admin
stat /common/admin

The result as below,
[root@server1 common]# stat admin
File: `admin’
Size: 1024 Blocks: 2 IO Block: 1024 directory
Device: fd03h/64771d Inode: 13 Links: 2
Access: (2770/drwxrws—) Uid: ( 0/ root) Gid: ( 1003/ admin)
Access: 2016-03-26 23:05:25.000000000 -0400
Modify: 2016-03-26 22:51:09.000000000 -0400
Change: 2016-03-26 22:55:48.000000000 -0400

3, Install the appropriate kernel update from ftp://instructor/pub/updates.
The following criteria must also be met:
— The updated kernel is the default kernel when the system is rebooted
— The original kernel remains available and bootable on the system

check the current kernel version,

uname -r

lftp access the server to get the kernel, if lftp was not installed, install the lftp,

yum install lftp

get the kernel files to local, there are two files,

cd pub/updates
get kernel-*

Here I encountered “get: Access failed: 550 Failed to open file. (kernel*)”, have to get the kernel file one by one, as below pic shows,
import the key files,

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

install the kernel,

yum localinstall -y kernel-firmware*
yum localinstall -y kernel-2.6*

or you can install the kernel by the rpm command,

rpm -ivh kernel-*

after installation, needs to reboot to make the new kernel take effect, and the VBoxGuestAdditions_4.3.12 is not working anymore, needs to install again, and it will ask you to install ‘kernel-devel-2.6.32-358.6.1.el6.x86_64.rpm’ before install the VBoxGuestAdditions_4.3.12.

to check the new kernel installed successful, after reboot,  can check the grub.conf, or can use the uname command,

uname -r
vim /boot/grub/grub.conf

4, enable the IP forwarding in your system,

modify the /etc/sysctl.conf

change the parameters of net.ipv4.ip_forward = 0 to 1

confirm the change is successful,

sysctl -p

change the current mode and take effect immediately,

echo 1 > /proc/sys/net/ipv4/ip_forward

5, Set up default loacl print queue to forward jobs to the IPP(CUPS) print

in the command system-config-printer, and add new printer, select the IPP, and input the IP address, and at last select ‘Generic-text-only’.

in my real system, I use the find network printer option to search the printer and using the socket to add the printer at last.

6, add a crontab task in the system for user mary

su - mary
crontab -e
23 14 * * * /bin/echo “Hello World.”

to verify:

crontab -l -u mary

configure the cron access, make mary not allowed to use cron service,

vim /etc/cron.deny

add ‘mary’ in this file,

to verify the result,

su - mary
crontab -e

it will display the user mary cannot use the cron service.


Write a Comment