sudo apt install man
man --locale=fr
: Changer la langueNon formaté pour l'instant
sudo apt install mdadm
fdisk /dev/sdb
o
n
p
+5400M
w
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb1 /dev/sdb2 --spare-devices=1 /dev/sdb3
y
mdadm --monitor --daemonise /dev/md0
mkfs.ext4 /dev/md0
mkdir /mnt/raid
blkid | tail -n 1 >> /etc/fstab
diff /tmp/fstab /etc/fstab
mount -a
mount
mdadm --detail /dev/mdX
: Afficher les détails de l'arrayMême config que le RAID
Formaté lors du RAID.
sudo apt install lvm2
pvcreate /dev/md127
vgcreate VG127 /dev/md127
lvcreate -n LVM -L175m VG127
mkfs.ext4 /dev/VG127/LVM
pvcreate
This command creates a header on each device so it can be used for LVM. As defined in #LVM building blocks, DEVICE can be any block device, e.g. a disk /dev/sda, a partition /dev/sda2 or a loop back device.
Initialiser la partition LVM
vgcreate
La commande vgcreate permet de créer un groupe de volumes avec l'une des partitions
lvcreate
définir des volumes logiques pour ce groupe. Cela se fait avec la commande lvcreate, en précisant la talle désirée et le nom du volume, et le groupe dans lequel il apparaîtra
Même config que le RAID
Formaté lors du RAID.
sudo apt install quota
/etc/fstab
.nano /etc/fstab
/dev/VG127/LVM /mnt/home ext4 noexec,defaults,grpquota,usrquota 0 2
mount -o remount /mnt/home
quotacheck -ugm /mnt/home
quotaon -v /mnt/home
edquota -u emilien
quota -vs emilien
repquota -s /mnt/home
fallocate -l 250M /home/test
quotacheck
: Créer les fichiers aquotasudo apt install isc-dhcp-server
sudo nano /etc/default/isc-dhcp-server
INTERFACESv4="enp0s3"
nano /etc/dhcp/dhcpd.conf
diff /tmp/dhcpd.conf /etc/dhcp/dhcpd.conf
:mettre en place le site dans le directory d'un user
domaine : example.com
sudo apt install apache2 curl
useradd -m webserver
mkdir /home/webserver/www
echo "hello" > /home/webserver/www/index.html
usermod -G webserver www-data
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf
diff /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf
a2ensite example.com.conf
systemctl restart apache2
sudo apt install php
echo "<?php echo("hello world!") ?>" > /home/webserver/www/index.php
sudo nano /etc/php/7.*/apache2/php.ini
upload_max_filesize
sudo systemctl restart apache2
cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/example.com-ssl.conf
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ssl-cert-example.com.key -out /etc/ssl/certs/ssl-cert-example.com.pem
diff default-ssl.conf example.com-ssl.conf
a2ensite example.com-ssl.conf
a2enmod ssl
systemctl restart apache2
curl http://example.com
curl -k https://example.com
Domaine: example.com
Hostname SRV : srv.example.com
sudo apt install bind9 dnsutils resolvconf
sudo systemctl enable resolvconf
/etc/hosts
:
nano /etc/resolvconf/resolv.conf.d/head
cat /etc/resolvconf/resolv.conf.d/head
systemctl restart resolvconf
diff /tmp/named.conf.local named.conf.local
cp /etc/bind/db.empty /etc/bind/example.com
cp /etc/bind/db.127 /etc/bind/db.example.com.ptr
diff /etc/bind/db.example.com
diff db.127 db.example.com.ptr
named-checkconf -z
nslookup example.com
nslookup 192.168.56.10
apt install openssh-server
diff /tmp/common-account /etc/pam.d/common-account
nano /etc/pam.d/sshd
nano /etc/security/time.conf
Fields are separated by a semicolon (;) character. The fields are:
- The service name to be controller, here sshd is used.
- The tty terminal which is being controlled. This field allows us to limit the restriction to a certain terminal, for example. The “*” wildcard means apply the restriction regardless of the terminal used for the login attempt.
- A list of the users to whom this limitation applies. Our example restriction applies only to the john user.
- A list of times to which the restriction applies. Each time range is an optional exclamation mark (!) to negate the time range, followed by one or more two-letter day names, followed by a time range using a 24-hour clock. The name Wk means any weekday; the name Wd means a week-end day; and Al means any day. Our example grants permission between 13:00 and 14:00, any day of the week.
/etc/skel
- skel is derived from the skeleton because it contains basic structure of home directory
- The /etc/skel directory contains files and directories that are automatically copied over to a new user’s when it is created from useradd command.
- This will ensure that all the users gets same intial settings and environment.
apt install vsftpd ftp
nano /etc/vsftpd.chroot_list
mkdir /var/www
systemctl restart vsftpd
nano /etc/passwd
/bin/bash
en /bin/false
ftp 127.0.0.1
su alice
apt install at
at 10:00
halt
atq
: tâches planifiéesatrm <number>
: retirer une tâchecat /var/spool/cron/atjobs/<numero>
: voir les détails de la tâcheapt install samba
nano /etc/samba/smb.conf
diff /tmp/smb.conf /etc/samba/smb.conf
systemctl restart smbd
smbtree
: Visualisation des partages SAMBAapt install nfs-common nfs-kernel-server
mkdir /home/exports
mkdir /home/exports/home
diff /tmp/exports /etc/exports
Notes: 192.168.56.10
= client autorisé
3. systemctl restart nfs-server
4. mkdir /ahome
5. 192.168.56.10:/media/nfs /ahome nfs4 defaults,user,exec 0 0
6. mount -a
7. adduser --home /ahome/emilienfs emilienfs
mount
ou df -h
sudo apt install ntp
nano /etc/ntp.conf
ntpq
nano /etc/ntp.conf
ntpq –p
: Vérifier que tout est bonrestrict default nomodify nopeer noquery
This restricts everyone from modifying anything and prevents everyone from querying the status of your time server: nomodify prevents reconfiguring ntpd (with ntpq or ntpdc), and noquery is important to prevent dumping status data from ntpd (also with ntpq or ntpdc).
sudo apt install openssh-server
nano /etc/ssh/sshd_config
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
nano ~/.ssh/authorized_keys
ssh-copy-id user@hostname.example.com
PasswordAuthentification no