神刀安全网

RHCSA module 2 – Log management, disk partition and LVM management

Log management, disk partition and LVM management  for RHCSA-An introduction

Log management, disk partition and LVM management are important aspect from RHCSA point of view.This is the second tutorial of module-2 of RHCSA curriculum. We have discussed process management, software management, job scheduling and virtualisation tutorial in part-1 of Module-2 of RHCSA.

You can access following link to have a look on previous part of RHCSA module-2 published in this RHCSA series:

1. Log  management with rsyslogd and journald in Red Hat Linux 7

Logs are created by various Linux process during various operations, there are multiple methods used in Red Hat Linux which are used in Red Hat Linux to mange logs. Logs can be generate by the running process itself somewhere on to the system. Another method is that systemctl start a process and keep track of that running process and store all of the logs related to the service in journald. Another classical method of storing logs is via using rsyslogd and all of the logs are written in /etc/log/ directory.

RHCSA module 2 – Log management, disk partition and LVM management

In RHEL 7 systemd is responsible for starting a process and if something goes wrong logs are stored in journald, rsyslog take care of processes when they are running in current.  

Use journalctl to get a view fo logs from very begening of booting time

# journalctl

RHCSA module 2 – Log management, disk partition and LVM management

Get boot information with -b option

# journalctl -b

Use anotger filer to get a log view since yesterday

# journalctl –since=yesterday

Journald gets its information from systemctl, let us get inofrmation of sshd service

# journalctl -u sshd --since=yesterday

Sample output

RHCSA module 2 – Log management, disk partition and LVM management

You can see recent sshd activity is logged

To get more detailed infomration use versbose option

# journalctl -u sshd --since=yesterday -o verbose

RHCSA module 2 – Log management, disk partition and LVM management

We can even use systemctl to get detailed information about an service

# systemctl status sshd -l

RHCSA module 2 – Log management, disk partition and LVM management

An important thing to keep in mind is that what if all of the logs keep getting stored on to the system, logs get generated every moment and you can get out of storage soon, therefore it is imortant to make sure after a specific time period old logs must got vanished and new logs file needs to created.

To manage that ageing of logs we configure logrotate.

Attempt ssh login with user with a wrong password, and have a look in log files

# vim /etc/logrotate.conf

RHCSA module 2 – Log management, disk partition and LVM management

A pre-configured life span of logs will be one week, you can compress logs, or copy of old file cab be kept, you can configure your settings in this configuration file.

Logrotate run as cornjob, have a look

# cd /etc/cron.daily/ && ls

RHCSA module 2 – Log management, disk partition and LVM management

2. Managing disk partitions in Red Hat Linux 7

We have added a new virtual disk to describe disk partitioning in Linux, current disk status of system can be found in /proc/partition file, have a look

# cat /proc/partition

Sample output

major minor #blocks name

11 0 1048575 sr0 8 0 52428800 sda 8 1 512000 sda1 8 2 51915776 sda2 253 0 48721920 dm-0 253 1 3145728 dm-1 8 16 8388608 sdb

Newly created disk is listed as sdb, there is not any current partition with sdb.

Create a new partition on sdb with fdisk

# fdisk /dev/sdb

Sample output

Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0x0ff4deb1. Command (m for help):

You can see that there is no partition on sdb,  type m for help

Command (m for help): m Command action a toggle a bootable flag b edit bsd disklabel c toggle the dos compatibility flag d delete a partition g create a new empty GPT partition table G create an IRIX (SGI) partition table l list known partition types m print this menu n add a new partition o create a new empty DOS partition table p print the partition table q quit without saving changes s create a new empty Sun disklabel t change a partition's system id u change display/entry units v verify the partition table w write table to disk and exit x extra functionality (experts only)

Type p to get current status of disk

Disk /dev/sdb: 8589 MB, 8589934592 bytes, 16777216 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0x0ff4deb1 Device Boot Start End Blocks Id System

Press n to create a new partition

Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p):

Select primary partition, which is default, press p

Select (default p): p Partition number (1-4, default 1):

Press 1 to create first primary partition

First sector (2048-16777215, default 2048):  Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-16777215, default 16777215):

Create a last sector of suppose 1 GB, if you will press enter the entire disk will be selected which is not an good idea, let us create new partition.

Last sector, +sectors or +size{K,M,G} (2048-16777215, default 16777215): +1G Partition 1 of type Linux and of size 1 GiB is set Command (m for help):

Press p again and new disk has one partition

RHCSA module 2 – Log management, disk partition and LVM management

Press w to write the partition on disk and quit.

Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks.

Disk partition is created, let us create some file system to that newly created disk partition, use mkfs to create a partition.

# mkfs
mkfs mkfs.cramfs mkfs.ext3 mkfs.fat mkfs.minix mkfs.vfat mkfs.btrfs mkfs.ext2 mkfs.ext4 mkfs.gfs2 mkfs.msdos mkfs.xfs

There are may file system options are available.

# mkfs.xfs /dev/sdb1

Sample output

meta-data=/dev/sdb1 isize=256 agcount=4, agsize=65536 blks = sectsz=512 attr=2, projid32bit=1 = crc=0 finobt=0 data = bsize=4096 blocks=262144, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=0 log =internal log bsize=4096 blocks=2560, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0

If you needs to create windows compatible disk partition, use mkfs.vfat option.

Mount partition in /etc/fstab in Red Hat Linux 7

Open /etc/fstab file and have a look:

RHCSA module 2 – Log management, disk partition and LVM management

Every partition have their unique id, which can be listed with blkid

# blkid

RHCSA module 2 – Log management, disk partition and LVM management Create a new directory

# mkdir /mount

Let us mount created /dev/sdb1 partition to /mount

open /etc/fstab file

# vim /etc/ftab

Mount /deb/sdb1 to /mount with file system type xfs that we have created, keep rest of the things as default.

RHCSA module 2 – Log management, disk partition and LVM management

Save and exit and mount all partitions to activate that newly mounted file system.

# mount -a

Mount file system with UUID instead of partition name i.e. /dev/sdb1, use blkid to gerb your UUID, it is never going to be change so it is more secure and stable method to mount with UUID, copy that UUID.

Mount partition with UUID in /etc/fstab

# vim /etc/fstab

RHCSA module 2 – Log management, disk partition and LVM management

Use mount -a to remount this new UUID based partition and use df command to list partition, our newly created partition is listed there:

# df

RHCSA module 2 – Log management, disk partition and LVM management

Created encrypted partition is Red Hat Linux 7

Let us create another disk partition so create a new encrypted partition

RHCSA module 2 – Log management, disk partition and LVM management

Create encrypted partition using cryptsetup.

# cryptsetup luksFormat /dev/sdb2

Type ‘YES’ in uppercase, use minimum 8 character  complicated password.

RHCSA module 2 – Log management, disk partition and LVM management

Create a new mount point

# mkdir /secured

Open that encrypted partition and give a name to that partition e.g. secured

# cryptsetup luksOpen /dev/sdb2 secured

This partition will be stored in /dev/mapper/, have a look

# cd /dev/mapper && ls

RHCSA module 2 – Log management, disk partition and LVM management

Path of that partition will be /dev/mapper/secured,  let us create a file system for that encrypted partition.

# mkfs.xfs /dev/mapper/secured

RHCSA module 2 – Log management, disk partition and LVM management

Mount partition to /secured directory

# mount /dev/mapper/secured /secured/

Access this mounted encrypted partition.

# cd /secured && touch 1.txt

Close that secured device

Umount partition

# umount /secured

Close that device

# cryptsetup luksClose /dev/mapper/secured

Have a look in /dev/mapper again

# cd /dev/mapper && ls

That secured partion will not be visible anymore, as it is secured and not one will be able to access that encrypted partition.

To mount that partition, open file under /etc/ named as crypttab

# vim /etc/crypttab

Put entries as follows, secured is the name that we give to that secure partition i.e. /deb/sdb2

secured /dev/sdb2 none

Edit /etc/inittab as well

# vim /etc/inittab

Sample outlook

# # /etc/fstab # Created by anaconda on Thu Jun 9 18:25:50 2016 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # /dev/mapper/centos-root / xfs defaults 0 0 UUID=b731dea0-2d9b-4a4e-afff-74fdc829f5b6 /boot xfs defaults 0 0 /dev/mapper/centos-swap swap swap defaults 0 0 UUID=0ccbc872-a2fe-496f-afec-db80e77689df /mount xfs defaults 1 2 /dev/mapper/secured /secured xfs defaults 0 0

Mount all partitions

# mount -a

Save and reboot the system, you will be asked for password

RHCSA module 2 – Log management, disk partition and LVM management

Give password which you have defined for secured device, only then you will be able to proceed.

So it could be an intresting way to even put an extra layer of security along with the root and grub security.

configure and managing LVM in Red Hat Linux 7

Create a LVM in Red Hat Linux 7

Logical volumes are more precised method to manage disk partitions, we can add more then one hard disk to logical volumes, we can easily resize them and they are easy to backup.

To create a new disk partition, create new partition using fdisk, change partition type, use l to get LVM code and create a new LVM type disk partition.

Create a physical volume with this new partition

# pvcreate /dev/sdb3

Verify that newly created physical volume

# pvs

RHCSA module 2 – Log management, disk partition and LVM management

Now create a volume group and let us give it a name umvg

# vgcreate umvg /dev/sdb3

Create a logical volume from this volume group of size of 512 MB and give a name to volume group

# lvcreate -n umlv -L 512M  umvg

Create a file system on that newly created logical volume

# mkfs.xfs /dev/umvg/umlv

Resize a LVM in Red Hat Linux 7

Create a new partition using fdisk, assume we have now /dev/sdb4

# vgextend umvg /dev/sdb4

Extend logical volume group as well, -r option will create file system automatically, +100%FREE will consume available free disk space, you can see in output that size of logical volume will be extended.

# lvextend -l +100%FREE -r /dev/umvg/umlv

RHCSA module 2 – Log management, disk partition and LVM management

Resize LVM size in Red Hat Linux 7

As we have extended volume size with LVM, let us reduce size as well.

Check file system first

# e2fsck /dev/umvg/umlv

Now reduce size of logical volume to 512 MB

# lvreduce -L 512M /dev/umvg/umlv

Sample output

WARNING: Reducing active logical volume to 512.00 MiB THIS MAY DESTROY YOUR DATA (filesystem etc.) Do you really want to reduce umlv? [y/n]: y  Size of logical volume umvg/umlv changed from 1020.00 MiB (255 extents) to 512.00 MiB (128 extents). Logical volume umlv successfully resized

Remount file systems

# mount -a

Have a look on latest status of lvm

# lvs

RHCSA module 2 – Log management, disk partition and LVM management

This was all about Disk management and logs management in Red Hat Linux 7.

Conclusion

The second module is over with this chapter, with next chapter we will begin with module-3 of RHCSA curriculum which will include Advanced System Administrations tasks. Stay tuned.

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » RHCSA module 2 – Log management, disk partition and LVM management

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址