RH7/Centos7 – umask – setuid – setguid

UMASK
By default the OS wants to create files with a permission of 666 and directories with permission of 777.
The umask configuration of a US determines the final default permissions given to a file and directory upon creation.

The umask numerical value of lets say 002 stands for 0=u 0=g 2=o

So if you want to find the default permission given to the creation of a file then you will need to subtract 666-002=664 and for a directory 777-002=775

SETUID and SETGUID
To give elevated temporary privileges to a file you can use the SETUID by issuing the chmod command in the following way.

 
[gmastrokostas@desktop ~]$ chmod 4755 index.html 
[gmastrokostas@desktop ~]$ ll index.html 
-rwsr-xr-x. 1 gmastrokostas gmastrokostas 53310 Oct 11 02:51 index.html
[gmastrokostas@desktop ~]$ chmod 2755 index.html 
[gmastrokostas@desktop ~]$ ll index.html 
-rwxr-sr-x. 1 gmastrokostas gmastrokostas 53310 Oct 11 02:51 index.html
Share Button

virt-install examples

Create VM using a local ISO – No kickstart file

virt-install \
--name=centos7test \ 
--ram=1024 \
--disk path=/var/lib/libvirt/images/centos7.qcow2,size=8 \
--vcpus=1 \
--os-type=linux \
--os-variant=rhl7 \
--network bridge=virbr0 \
--console pty,target_type=serial \
--nographics \
--location /root/isos/CentOS-7-x86_64-Everything-1708.iso \
--extra-args=console=ttyS0; 

Create VM using a kickstart file via HTTPD

 virt-install \
--name=centos7test \
--ram=1024 \ 
--disk path=/var/lib/libvirt/images/centos7.qcow2,size=8 \
--vcpus=1 \
--os-type=linux \
--os-variant=rhl7 \
--network bridge=virbr0 \ 
--console pty,target_type=serial  \
--nographics \
--location /root/isos/CentOS-7-x86_64-Everything-1708.iso \
--extra-args="console=ttyS0, ks=http://192.168.0.2/test.cfg"; 

Important note for the Kistarst file via HTTPD
Provided you speficy the http location of the kickstart file in the virt-install command, in the kickstart file as source installation you should use the following entry.

#Install source
cdrom
Share Button

GRUB2 – RH/Centos7

Interrupt Boot process to gain access to a system to change password

  1. When Grub appears press E
  2. At the end of the image entry enter “rd.break
  3. Press Ctrl-x
  4. You will now boot into init RAM FS.
  5. Mount the sysroot directory  “mount -oremount,rw /sysroot/
  6. Change root into sysroot “chroot /sysroot/
  7. Change root password “passwd” 
  8. If SELInux is enabled you will need to re-label all files by creating file in the / directory of sysroot called .autorelabel
  9. Exit.

How to boot to a different targets
During boot when Grub2 appears press e and at the end of the image enter one of the following:
systemd.unit=multi-user.target” or “systemd.unit=emergency.target

General Settings of GRUB2

The file you are interested in is /etc/default/grub. You can edit this file but you will have to run the following command in order for the changes to take affect.

grub2-mkconfig -o /boot/grub2/grub.cfg

To get the list of the kernels displayed at boot time, type:

grep ^menuentry /boot/grub2/grub.cfg

To permanently define the kernel to execute at boot time

grub2-set-default 0
Share Button

virsh – Manage VMs

List all VMs

virst list --all

[root@desktop ~]# virsh list --all
Id Name State
----------------------------------------------------
- centos7.0 shut off
- centos7.0-2 shut off

Create a snapshot

virsh snapshot-create-as --domain centos7.0-2 \
> -- name "Testing"\
> -- description "Testing stuff"\
> -- live

List any snapshots of a VM

virsh snapshot-list --domain centos7.0-2
Name Creation Time State
------------------------------------------------------------
testing--description 2017-10-22 15:35:40 -0400 shutoff

Revert to a snapshot

virsh snapshot-revert centos7.0-2  testing--description

Power up/off a VM

virsh start/shutdown centos7.0-2 

Find IP of VM By using the MAC address

[root@desktop ~]# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.0.1              ether   28:56:5a:e9:3a:0b   C                     enp5s0
192.168.0.8              ether   74:2f:68:f7:32:0e   C                     enp5s0
192.168.124.148          ether   52:54:00:27:86:b6   C                     virbr0
192.168.0.5              ether   70:85:c2:29:cf:a3   C                     enp5s0
192.168.0.4              ether   d0:50:99:09:38:63   C                     enp5s0

[root@desktop ~]# virsh domiflist centos7.0-2
Interface  Type       Source     Model       MAC
-------------------------------------------------------
vnet0      network    default    virtio      52:54:00:27:86:b6

Enable/Disable Auto Start of guest upon boot

[root@desktop ~]# virsh autostart centos7.0-2 
Domain centos7.0-2 marked as autostarted

[root@desktop ~]# virsh autostart centos7.0-2  --disable
Domain centos7.0-2 unmarked as autostarted


Share Button