Difference: HowtoInformatique (122 vs. 123)

Revision 1232015-06-01 - EtiennePallier

Line: 1 to 1
 

HOWTO INFORMATIQUE

Deleted:
<
<
  "rwxr-xr-x"
>
>		chmod 755 /projects/raman/ftp/files/ --> "rwxr-xr-x"
  Les autoriser en les ajoutant dans dans /etc/vsftpd/user_list
Line: 4462 to 4152
 Outil de visualisation graphique des logs : gnome-system-log

Common Linux log files name and usage :

Changed:
<
<
    /var/log/message: General message and system related stuff
>
>		 
    /var/log/message: General message and system related stuff
  /var/log/auth.log: Authenication logs /var/log/kern.log: Kernel logs /var/log/cron.log: Crond logs (cron job)
Line: 4491 to 4180
  sudo logrotate -f /etc/logrotate.conf
Changed:
<
<		==> new file "messages", "messages" devient "messages1", "messages1" devient "messages2"...
>
>		==> new file "messages", "messages" devient "messages1", "messages1" devient "messages2"...
 
logwatch
Line: 4524 to 4213
 Exemple de config sur planetoweb (aug 2010) :

Création d'une config locale /etc/logwatch/conf/logwatch.conf :

Changed:
<
<
Range = All
>
>		 
Range = All
 Detail = High Archives = Yes Output = html
Line: 4539 to 4228
 http://www.linux-mag.com/id/7807

yum install swatch

Changed:
<
<		 
[root@planetoweb planetoweb]# rpm -ql swatch
>
>
[root@planetoweb planetoweb]# rpm -ql swatch
 /usr/bin/swatch /usr/lib/perl5/vendor_perl/5.8.8/Swatch /usr/lib/perl5/vendor_perl/5.8.8/Swatch/Actions.pm
Line: 4570 to 4257
 /usr/share/doc/swatch

Créer un startup script : vi /etc/init.d/swatch

Changed:
<
<
#!/bin/sh
>
>		 
#!/bin/sh
 # Simple Log Watcher Program

case "$1" in

Line: 4592 to 4279
 chmod 755 /etc/init.d/swatch

Make sure swatch starts automatically at my runlevels :

Changed:
<
<
# ln -s /etc/init.d/swatch /etc/rc2.d/S99swatch
>
>		 
# ln -s /etc/init.d/swatch /etc/rc2.d/S99swatch
 # ln -s /etc/init.d/swatch /etc/rc3.d/S99swatch # ln -s /etc/init.d/swatch /etc/rc5.d/S99swatch

Créer un fichier de conf /etc/swatch.conf :

Changed:
<
<
watchfor /invalid|repeated|incomplete/
>
>		 
watchfor /invalid|repeated|incomplete/
  echo write khess mail addresses=khess@localhost, subject=Authentication Problems
Changed:
<
<		/etc/init.d/swatch start ==> créer un pid dans /var/run/swatch.pid et un fichier /root/.swatch_script.xxxx (avec xxxx = pid - 2)
>
>		/etc/init.d/swatch start ==> créer un pid dans /var/run/swatch.pid et un fichier /root/.swatch_script.xxxx (avec xxxx = pid - 2)
 

SSH, config plus stricte

Line: 4617 to 4302
 http://www.ibm.com/developerworks/aix/library/au-ssh_restrict/

vi /etc/ssh/sshd_config :

Changed:
<
<
PermitRootLogin yes
>
>		 
PermitRootLogin yes
 AllowUsers moi@MONPC moi@MONPC.domain root@MONPC root@MONPC.domain moi@PASSERELLE
Line: 4631 to 4316
 Si j'essaye une connexion (moi ou root) depuis un AUTREPC, je suis rejeté

On voit le refus de connexion dans /var/log/secure :

Changed:
<
<
User root from AUTREPC not allowed because not listed in AllowUsers
>
>		 
User root from AUTREPC not allowed because not listed in AllowUsers
 Jul 16 14:57:06 planetoweb sshd[28008]: input_userauth_request: invalid user root Jul 16 14:57:11 planetoweb sshd[28007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=AUTREPC user=root Jul 16 14:57:13 planetoweb sshd[28007]: Failed password for invalid user root from AUTREPC_IP port 60246 ssh2
Line: 4641 to 4326
 2) Encore plus strict, AUCUN accès ssh direct en root autorisé

http://www.howtogeek.com/howto/linux/security-tip-disable-root-ssh-login-on-linux/

Changed:
<
<		 
vi /etc/ssh/sshd_config
>
>
vi /etc/ssh/sshd_config
  (Port 22 : on pourrait mettre ici un autre port, genre 2010, histoire de brouiller les pirates...)
Line: 4679 to 4362
 

Tester les disques durs

Occupation disques : df -h

Changed:
<
<
[root@hyperion home]# df -h
>
>		 
[root@hyperion home]# df -h
 Sys. de fich. Tail. Occ. Disp. %Occ. Monté sur /dev/sda3 178G 63G 106G 38% / /dev/sdb1 2,7T 1,4T 1,3T 52% /data
Line: 4715 to 4397
  Keep in mind that you will no longer be informed that there updates available and as such you will need to check periodically with yum check-update
Changed:
<
<		Quels sont les packages commençant par "mesa-" installés + à installer ? --> yum list mesa-*
>
>		Quels sont les packages commençant par "mesa-" installés + à installer ? --> yum list mesa-*
 

Samba

Line: 4752 to 4430
 clic droit sur Poste de Travail / Créer un lecteur réseau / "\\nom_du_serveur\mon_nom"

Cas particulier des clients Windows 8 :

Changed:
<
<
Try making the following adjustments on the Windows 8 machine that needs to connect to the Samba share.
>
>		 
Try making the following adjustments on the Windows 8 machine that needs to connect to the Samba share.
  This type of problem usually requires that you change the lanman server parameters in order to get Windows 8 working with older servers.
Line: 4792 to 4465
  Open A terminal window paste in the following line followed by the return key(should be all on one line):
Changed:
<
<		 
echo "[default]" >> ~/Library/Preferences/nsmb.conf; 
echo "smb_neg=smb1_only" >> ~/Library/Preferences/nsmb.conf
>
>
echo "[default]" >> ~/Library/Preferences/nsmb.conf; 
echo "smb_neg=smb1_only" >> ~/Library/Preferences/nsmb.conf
 
Added:
>
>
 Reboot

This command adds directives to force SMB connections to use the SMB1 protocol. This is slower but stable.

Line: 5059 to 4697
  3178-1.gif
Changed:
<
<		donc pas de jumper = sata2 , le jumper est mis = sata1
>
>		donc pas de jumper = sata2 , le jumper est mis = sata1
  Comme il est mis la il est en sata 1 donc bridé à 150Mo/sec Si on l'enlève on passe en sata2 donc 375Mo/sec
View topic | History: r153 < r152 < r151 < r150 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding PlanetoWiki? Send feedback