DD Command Usage



* Example use of dd command to create an ISO disk image from a CD-ROM:
dd if=/dev/cdrom of=/home/sam/myCD.iso bs=2048 conv=sync

*Using dd to wipe an entire disk with random data:
dd if=/dev/urandom of=/dev/hda

*Using dd to clone a hard disk to another hard disk:
dd if=/dev/ad0 of=/dev/ad1 bs=1M conv=noerror

*Duplicate a disk partition as a disk image file on a remote machine over a secure ssh connection:
dd if=/dev/sdb2 | ssh user@host “dd of=/home/user/partition.image”

*Overwrite the first 512 bytes of a file with null bytes:
dd if=/dev/zero of=path/to/file bs=512 count=1 conv=notrunc

*To duplicate a disk partition as a disk image file on a different partition:
dd if=/dev/sdb2 of=/home/sam/partition.image bs=4096 conv=noerror

*Create a 1 GiB file containing only zeros (bs=blocksize, count=number of blocks):
dd if=/dev/zero of=file1G.tmp bs=1M count=1024

*To zero out a drive:
dd if=/dev/zero of=/dev/sda

*To make sure that the drive is really zeroed out:
dd if=/dev/sda | hexdump -C | head

*To duplicate the first 2 sectors of the floppy:
dd if=/dev/fd0 of=/home/sam/MBRboot.image bs=512 count=2

*To create an image of the entire master boot record (including the partition table):
dd if=/dev/sda of=/home/sam/MBR.image bs=512 count=1

*To create an image of only the boot code of the master boot record (without the partition table):
dd if=/dev/sda of=/home/sam/MBR_boot.image bs=446 count=1

*To make drive benchmark test and analyze read and write performance:
dd if=/dev/zero bs=1024 count=1000000 of=/home/sam/1Gb.file
dd if=/home/sam/1Gb.file bs=64k | dd of=/dev/null

*To make a file of 100 random bytes:
dd if=/dev/urandom of=/home/sam/myrandom bs=100 count=1

*To convert a file to uppercase:
dd if=filename of=filename conv=ucase

*To search the system memory:
dd if=/dev/mem | hexdump -C | grep ‘some-string-of-words-in-the-file-you-forgot-to-save-before-you-hit-the-close-button’

*Image a partition to another machine:
On source machine: dd if=/dev/hda bs=16065b | netcat 1234
On target machine: netcat -l -p 1234 | dd of=/dev/hdc bs=16065b

*Create a 1 GiB sparse file or resize an existing file to 1 GiB without overwriting:
dd if=/dev/zero of=mytestfile.out bs=1 count=0 seek=1G

*To copy MBR 
MBRTotal Size
446 + 64 + 2 = 512
*Where
446 bytes – Bootstrap.
64 bytes – Partition table.
2 bytes – Signature(magic no)
*Type dd command as follows:
dd if=/dev/sda of=/dev/sdb bs=512 count=1

*dd command for two discs with different size partitions
# dd if=/dev/sda of=/tmp/mbrsda.bak bs=512 count=1

*Now to restore the image to any sdb:
# dd if=/tmp/mbrsda.bak of=/dev/sdb bs=446 count=1

*Linux sfdisk Command Example
Linux sfdisk command can make a backup of the primary and extended partition table as follows.
It creates a file that can be read in a text editor, or this file can be used by sfdisk to restore the primary/extended partition table.
To back up the partition table /dev/sda, enter:
# sfdisk -d /dev/sda > /tmp/sda.bak

*To restore, enter:
# sfdisk /dev/sda /tmp/backup-sda.sfdisk

*Task: Restore MBR and Extended Partitions Schema
To restore the MBR and the extended partitions copy backup files from backup media and enter:
# dd if=backup-sda.mbr of=/dev/sda
# sfdisk /dev/sda < backup-sda.sfdisk

*Example 1. Backup Entire Harddisk
To backup an entire copy of a hard disk to another hard disk connected to the same system, execute the dd command as shown below.
In this dd command example, the UNIX device name of the source hard disk is /dev/hda, and device name of the target hard disk is /dev/hdb.
# dd if=/dev/sda of=/dev/sdb
“if” represents inputfile, and “of” represents output file. So the exact copy of /dev/sda will be available in /dev/sdb.
If there are any errors, the above command will fail. If you give the parameter “conv=noerror” then it will continue to copy if there are read errors.
Input file and output file should be mentioned very carefully, if you mention source device in the target and vice versa, you might loss all your data.
In the copy of hard drive to hard drive using dd command given below, sync option allows you to copy everything using synchronized I/O.
# dd if=/dev/sda of=/dev/sdb conv=noerror,sync

*Example 2. Create an Image of a Hard Disk
Instead of taking a backup of the hard disk, you can create an image file of the hard disk and save it in other storage devices.
There are many advantages to backing up your data to a disk image, one being the ease of use.
This method is typically faster than other types of backups, enabling you to quickly restore data following an unexpected catastrophe.
# dd if=/dev/hda of=~/hdadisk.img
The above creates the image of a harddisk /dev/hda. Refer our earlier article How to view initrd.image for more details.

*Example 3. Restore using Hard Disk Image
To restore a hard disk with the image file of an another hard disk, use the following dd command example.
# dd if=hdadisk.img of=/dev/hdb
The image file hdadisk.img file, is the image of a /dev/hda, so the above command will restore the image of /dev/hda to /dev/hdb.

*Example 4. Creating a Floppy Image
Using dd command, you can create a copy of the floppy image very quickly. In input file, give the floppy device location, and in the output file, give the name of your floppy image file as shown below.
# dd if=/dev/fd0 of=myfloppy.img
Example 5. Backup a Partition
You can use the device name of a partition in the input file, and in the output either you can specify your target path or image file as shown in the dd command example below.
# dd if=/dev/hda1 of=~/partition1.img

*Example 6. CDROM Backup
dd command allows you to create an iso file from a source file. So we can insert the CD and enter dd command to create an iso file of a CD content.
# dd if=/dev/cdrom of=tgsservice.iso bs=2048
dd command reads one block of input and process it and writes it into an output file. You can specify the block size for input and output file. In the above dd command example, the parameter “bs” specifies the block size for the both the input and output file. So dd uses 2048bytes as a block size in the above command.
Note: If CD is auto mounted, before creating an iso image using dd command, its always good if you unmount the CD device to avoid any unnecessary access to the CD ROM.

Installing and Configuring LAMP Server on RHEL6 for Production Environment


     Many people know from their own experience that it's not easy to install an Apache web server and it gets harder if you want to add MySQL, PHP and Perl.XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl. XAMPP is really very easy to install and to use - just download, extract and start.The philosophy behind XAMPP is to build an easy to install distribution for developers to get into the world of Apache. To make it convenient for developers XAMPP is configured with all features turned on. The default configuration is not good from a security point of view and it's not secure enough for a production environment - please don't use XAMPP in such environment.

Here are few steps to install and configure LAMP(Linux Apache MySQL PHP) server on RHEL6 for a production environment.

Apache

Install Apache

Apache is the most popular Web HTTP server for a Linux servers.

#yum install httpd httpd-devel

We might need the httpd-devel libraries to compile and install other modules from the sources, just to be on the safer side. /etc/httpd/conf/httpd.conf is the Apache configuration file location

Start Apache

#service httpd start
#chkconfig httpd on

MySQL

Install MySQL Database Server

MySQL is a widely used open source database server on most Linux servers and can very well integrate to PHP and Apache server on CentOS/RHEL.

#yum install mysql mysql-server mysql-devel

If you attempt to type mysql in command prompt, you will be getting this nasty error.

ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’

This is because you are not running the mysqld daemon before launching the mysql client. The file /var/lib/mysql/mysql.sock will be automatically created upon running the first instance of mysql.

To fix:

First start the mysql daemon, then type mysql:

#service mysqld start
#chkconfig mysqld on
#mysql
mysql>

Changing MySQL Root Password

By default the root password is empty for the mysql database. It is a good idea to change the mysql root password to a new one from a security point of view.

mysql> USE mysql;
mysql> UPDATE user SET Password=PASSWORD('newpassword') WHERE user='root';
mysql> FLUSH PRIVILEGES;

Once done, check by logging in:

#mysql -u root -p
Enter Password: <your new password>

To Create A New MySQL User

To create a new mysql user 'guest' with 'all privileges' on the database 'demo':

mysql > create database demo
mysql >GRANT ALL PRIVILEGES ON demo.* TO 'guest'@'localhost' IDENTIFIED BY 'guest' WITH GRANT OPTION;
mysql> UPDATE user SET Password=PASSWORD('guest') WHERE user='guest';

That's it! MySQL is ready! Don't forget to remember the root password as we might be using it with phpmyadmin.

To improve the MySQL security (Optional)

Use the following command
#/usr/bin/mysql_secure_installation

This will help you to change MySQL default security settings in an interactive manner.

PHP

Install PHP5 Scripting Language

Installing PHP5 with the necessary modules is so easy and can be configured for both the Apache and mysql environment.

#yum install php php-mysql php-common php-mbstring php-mcrypt php-devel php-xml

 Note: If we plan to run captcha scripts on our server which are dependent on mysql and other functions don't forget to install php-gd (gd library).

Restart Apache to load php.

#service httpd restart


To Test If PHP Is Working Or Not:

Create a file named /var/www/html/test.php with the following phpinfo() function inside php quotes.

#vim /var/www/html/test.php

// test.php
  <?php
  phpinfo();
  ?>

Then point your browser to http://ip.address/test.php.

That's it! You should see a php configuration file displaying all kind of paths and installed modules.

Closely observe the installed configuration on your server.

* PHP Paths (php.ini path)
* Apache paths and Loaded Modules (mod_security, mod_evasive if installed_)
* PHP GD Library
* MySQL paths and other information

Install phpMyAdmin


phpMyAdmin is a free web based MySQL database Administration Tool. Without phpMyAdmin it is almost impossible to mysql db operations in the command line. phpMyAdmin has become so convenient and it is absolutely sought by most webmasters to be present along with the mysql server.

#yum install phpmyadmin

Point your browser to: http://ip.address/phpmyadmin.

Common Errors

You might encounter the following errors while configuring phpmyadmin.

Error:1
Forbidden 
You don't have permission to access /phpmyadmin/ on this server.
To fix:
Edit the /etc/httpd/conf.d/phpmyadmin.conf and uncomment the line deny from all.

#vim /etc/httpd/conf.d/phpmyadmin.conf
<Directory "/usr/share/phpmyadmin">

  Order Deny,Allow
  # Deny from all
  Allow from 127.0.0.1
  </Directory>

Error:2
The configuration file now needs a secret passphrase (blowfish_secret)
To fix:
#vim /usr/share/phpmyadmin/config.inc.php
Look for a line and enter any password. Just dont leave it empty!
$cfg['blowfish_secret'] = 'mydemopass'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */


Error:3
Cannot load mcrypt extension. Please check your PHP configuration.
To fix:
# vim /etc/php.d/mcrypt.ini
Look for a line and enter replace module.so with mcrypt.so
extension=mcrypt.so

Restart the httpd service gracefully
#service httpd graceful



It worked for me using the above methods!
Log into the phpmyadmin with the mysql root password we changed while installing the mysql database

Install & Configure DNS service in RHEL6

         DNS (Domain Name System) is one of the most dependable service in a network. All of us know that the DNS service resolves hostname into ip address and vice versa.  The DNS server translates the domain name into its corresponding ip address. So it makes us easy to remember the domain names instead of its ip address.

DNS Server Installation in RHEL6

         In this article we will see how to install and configure Primary and Scondary DNS server. The steps provided here are tested in RHEL6 64 bit edition.

Scenario

Domain Name : avr.com

Primary(Master) DNS Server Details:

Hostname             : server01.avr.com
IP Address           : 192.168.22.2
Subnetmask          : 255.255.255.0

Secondary(Slave) DNS Server Details:

Hostname             : server02.avr.com
IP Address           : 192.168.22.3
Subnetmask          : 255.255.255.0

Setup Primary(Master) DNS Server

1. Install DNS server
# yum install bind* -y

2. Configure DNS Server
#vim /etc/named.conf

options {
        listen-on port 53 { 192.168.22.2; };
//      listen-on-v6 port 53 { ::1; };    
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 192.168.22.0/24; };
        allow-recursion { 192.168.22.0/24; };
        allow-transfer  { 192.168.22.3; };
        recursion yes;
        forwarders { 192.168.10.1; };   // DNS provided by ISP
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
include "/etc/named.rfc1912.zones";

3. Create forward and reverse lookup zones
# vim /etc/named.rfc1912.zones

zone "avr.com" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};
zone "localhost" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};
zone "22.168.192.in-addr.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};
zone "0.in-addr.arpa" IN {
        type master;
        file "named.empty";
        allow-update { none; };
};


4. Edit the zone records file
Forward lookup zone file
# vim /var/named/named.localhost

$TTL 1D
@       IN SOA  server01.avr.com. root.server01.avr.com. (
                                        2       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                NS      server01.avr.com.
                NS      server02.avr.com.
server01        A       192.168.22.2
server02        A       192.168.22.3
windesk01       A       192.168.22.12

Reverse lookup zone file
# vim /var/named/named.loopback

$TTL 1D
@       IN SOA  server01.avr.com. root.server01.avr.com. (
                                        2       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
        NS      server01.avr.com.
        NS      server02.avr.com.
2       PTR     server01.avr.com
3       PTR     server02.avr.com
12      PTR     windesk01.avr.com


5. Check the named configuration
# named-checkconf /etc/named.conf
# echo $?
0

# named-checkconf /etc/named.rfc1912.zones
# echo $?
0

6.Check zone configuration
Forward lookup zone configuration
# named-checkzone flz /var/named/named.localhost
zone flz/IN: loaded serial 2
OK

Reverse lookup zone configuration
# named-checkzone rlz /var/named/named.loopback
zone rlz/IN: loaded serial 2
OK

7. Add the following exception rules to firewall to accept DNS requests from the network 192.168.22.0/24
#iptables -t filter -A INPUT -p tcp -m state --state NEW --dport 53  -j ACCEPT
#iptables -t filter -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT
#service iptables save
#service iptables restart

8. Make your server as DNS client itself.
#vim /etc/resolv.conf
search avr.com
nameserver 192.168.22.2
nameserver 192.168.10.1

9. Enable IP Forwarding
#vim /etc/sysctl.conf
      --> Modify the following line set ( 0 to 1)
net.ipv4.ip_forward = 1
#sysctl -p

10. Finally start the service
#service named start
#chkconfig named on


Setup Secondery(Slave) DNS Server

1. Install DNS server
# yum install bind* -y

2. Configure DNS Server
#vim /etc/named.conf

options {
        listen-on port 53 { 192.168.22.3; };
//      listen-on-v6 port 53 { ::1; };    
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { 192.168.22.0/24; };
        allow-recursion { 192.168.22.0/24; };
        allow-transfer  { none; };
        recursion yes;
        forwarders { 192.168.10.1; };   // DNS provided by ISP
        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
include "/etc/named.rfc1912.zones";

3. Create forward and reverse lookup zones
# vim /etc/named.rfc1912.zones

zone "avr.com" IN {
        type slave;
        file "slaves/named.localhost";
        masters { 192.168.22.2; };
};
zone "localhost" IN {
        type master;
        file "named.localhost";
        allow-update { none; };
};
zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.loopback";
        allow-update { none; };
};
zone "22.168.192.in-addr.arpa" IN {
        type slave;
        file "slaves/named.loopback";
        masters { 192.168.22.2; };
};
zone "0.in-addr.arpa" IN {
        type master;
        file "named.empty";
        allow-update { none; };
};

4. This step is not required for slave DNS, because the zone records will het updated automatically form master DNS (i.e 192.168.22.2)


5. Check the named configuration
# named-checkconf /etc/named.conf
# echo $?
0

# named-checkconf /etc/named.rfc1912.zones
# echo $?
0

6.Similar to step no.4 this step is not required for slave DNS, because the zone records will het updated automatically form master DNS (i.e 192.168.22.2). Note that the zone record files will be downloaded to the location "/var/named/slaves/ " on slave DNS as we configured it so in Step:3.

7. Add the following exception rules to firewall to accept DNS requests from the network 192.168.22.0/24

#iptables -t filter -A INPUT -p tcp -m state --state NEW --dport 53  -j ACCEPT
#iptables -t filter -A INPUT -p udp -m state --state NEW --dport 53 -j ACCEPT

#service iptables save
#service iptables restart

8. Make your server as DNS client itself.
#vim /etc/resolv.conf
search avr.com
nameserver 192.168.22.3
nameserver 192.168.22.2

9. Enable IP Forwarding
#vim /etc/sysctl.conf
      --> Modify the following line set ( 0 to 1)
net.ipv4.ip_forward = 1
#sysctl -p

10. Finally start the service
#service named start
#chkconfig named on

Integrating RHEL6 with Active Directory

         Hi guys...! In every IT shop you will find two groups so called Windows Team and Linux Team which don't mix just like that. Actually, they don't compete each other, at the same time they don't collaborate either. But as a System Admin our job is to provide a cost-effective IT service to the organization. It is obvious to say that majority of organizations have settled on Windows Active Directory to provide authentication services. It is not a good idea to have a separate authentication infrastructure for Linux Environment in the same organization. By this time you might have got an idea to integrate Linux  Systems with existing Active Directory Service. This technique is well implemented in IT industry with the help of some third party software from companies like Centrify, Likewise Software, Quest Software and so on which again includes certain implementation cost.
         Redhat itself provided a very good documentation which really helpful to integrate RHEL6 with a pre-configured Active Directory Service in Windows 2008 Server. Good thing about this is you do not require any third-party tools. It explains different implementation methods(configurations) for different working environment. In this document you will get good explanation how the each module (pam, kerberos, samba, ntp, dns etc..) works and the relationship between them. All that you need to do is install the service role "Identity Management for Unix" on Windows Active Directory Server. This you can do it form Server Manager. Once you done with it head to configure your Linux box.
        I found this book is very handy to do the job simply, off-course I have done it successfully. Here is the link. All the best..!

Integrating Red Hat Enterprise Linux 6 with Active Directory  <-- Click Here

 

Important: Apart form the instructions given in the above document you may have make the following additional configurations.

1. To speed-up the winbind process
     #vim /etc/sysconfig/samba
          Modify the line
         WINBINDOPTIONS=""          ---->   WINBINDOPTIONS="-D"

2. To avoid the the interference of named cache daemon during name resolution This setting is optional. Some times the dns cache may contain outdated information this may cause possible delay in communication to avoid this we make the following settings.
  
   #vim /etc/nscd.conf
   Modify the following three lines 
   enable-cache   passwd   yes   ----->      enable-cache   passwd     no
   enable-cache   group     yes   ----->      enable-cache   group      no
   enable-cache   hosts      yes   ----->       enable-cache  host       no

   Now restart the network service
   #service network restart

3. To tell the pam.d to load oddjobd libraries
  #vim /etc/pam.d/system-auth
  Add the following line just before the last line
  session  optional   pam_oddjob_mkhomedir.so     skel=/etc/skel      umask=0644


Enjoy IT..!

I/O Redirection in Linux

Three types of I/O redirections in Linux

1. stdin         <
2. stdout       >
3. stderr       2>

Examples: 

1. # date > file1.txt
    Redirects the output of date command to the file file1.txt .

2. #cal >> file1.txt
    Redirects the output of cal command to file1.txt. Note that the out put of cal command will append to file    file1.txt.   > simply replaces the content where >> will append the content.

3. #tr [a-z] [A-Z] file1.txt  < file1.txt 
    Translates the all lowercase letter to uppercase letter in file1.txt. Here we are giving the file1.txt as input to the command using < .

4. $find / -name linux 2> out_error.txt
    Here a normal user is trying to find the file/folder with name "linux" under root file system ( / ).A normal user doesn't have permissions to every location under root file system ( / ). So the above command will give the output as well as some errors. 
    We can redirect the error messages to a file out_error.txt so that it can display only the found results.
We can use > out_results.txt to capture only the found resuts in out.txt file and leave the errors to display on stdout.

5. $find /-name linux > out_all.txt 2>&1
     The constructor "2>1" will redirect the stderr messages as stdout (but not file). The constructor "2>&1" also do the same but & indicates the output will be stored in a file. So both found results and error messages will store in the file out_all.txt