Notes on LPIC ADM2 Training (11/2013)
= LPIC ADM2 =
<toc>
== # rsyslogd ==
=== # links ===
* http://blog.gerhards.net/2012/10/rate-limiting-in-rsyslog-732.html
* http://www.rsyslog.com/doc/manual.html
* http://www.rsyslog.com/using-the-syslog-receiver-module/
* http://www.rsyslog.com/using-the-text-file-input-module/
* http://www.rsyslog.com/tls-secured-syslog-via-relp/
* http://www.rsyslog.com/actions-with-directives/
* http://www.rsyslog.com/writing-specific-messages-to-a-file-and-discarding-them/
* http://www.rsyslog.com/discarding-unwanted-messages/
* http://www.rsyslog.com/how-to-write-to-a-local-socket/
* http://www.rsyslog.com/storing-and-forwarding-remote-messages/
* http://www.rsyslog.com/sending-messages-to-a-remote-syslog-server/
* http://www.rsyslog.com/storing-messages-from-a-remote-system-into-a-specific-file/
* http://www.rsyslog.com/receiving-messages-from-a-remote-system/
* http://www.rsyslog.com/faq/
* http://wiki.rsyslog.com/index.php/Configuration_Samples
=== # rsyslog.conf ===
Debian Pakete: rsyslog, rsyslog-doc
<pre>
### /etc/rsyslog.conf
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
# $ModLoad immark # provides --MARK-- message capability
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$WorkDirectory /var/spool/rsyslog
$IncludeConfig /etc/rsyslog.d/*.conf
## REMOTE LOGGING
## ... via tcp
*.* @@172.16.11.155:514
## ... via udp
# *.* @other-server.example.net:10514
## LOG REMOTE MESSAGES
## ... using Template
# $template PerHostLog,"/var/log/%HOSTNAME%.log"
$template PerHostLog,"/var/log/%fromhost-ip%.log"
## ... but log all local5.* to /var/log/messages
# local5.* /var/log/messages
## ... and all remote to ?PerHostLog
if $fromhost-ip startswith '172.16.11.' then -?PerHostLog
& ~
*.*;auth;cron.*;daemon.*;\
kern.*;user.*;\
authpriv.*;authpriv.none -/var/log/messages
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/messages
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
*.emerg :omusrmsg:*
</pre>
== # dmesg ==
<pre>
dmesg -T, --ctime show human readable timestamp
dmesgt -l [3-6]
root@dell-990-318:/home/sts/download# dmesg -l 3 -T
[Di Nov 5 08:27:46 2013] pnp 00:0a: can't evaluate _CRS: 12311
[Di Nov 5 08:27:51 2013] Error: Driver 'pcspkr' is already registered, aborting...
[Di Nov 5 08:27:51 2013] [drm:radeon_pci_probe] *ERROR* radeon kernel modesetting for R600 or later requires firmware-linux-nonfree.
</pre>
== # ssh ==
...
== # tcp/ip ==
s. Fastlane Handbuch 2.3
* aufbau ip pakete
* protokolle (udp, tcp)
=== # Ergänzung zu adm2/0300-netconfig.html#%2812%29 ===
To enable temporary addresses and make them preferred for outgoing connections:
sysctl net.ipv6.conf.all.use_tempaddr=2
To enable temporary address generation, but keep the old (Autoconf) address as preferred:
sysctl net.ipv6.conf.all.use_tempaddr=1
The all part can be replaced with a specific interface name; e.g. net.ipv6.conf.eth0.use_tempaddr.
I used ip link set eth0 down && ip link set eth0 up to force an address assignment, but you can
just wait a minute for the next periodic Router Advertisement.
siehe auch http://netaddict.de/howtos:ipv6
== # xinetd mit vsftpd ==
<pre>
useradd ftpsecure -g users
mkdir /srv/ftp/data
mkdir /srv/ftp/data/alle
mkdir /srv/ftp/data/sta
chown -R :users /srv/ftp/data/alle
chmod g+w /srv/ftp/data/alle
chown -R sts:users /srv/ftp/data/sts
/srv/ftp
└── [drwxr-xr-x root users ] /srv/ftp/data
├── [drwxr-xr-x sts users ] /srv/ftp/data/sts
└── [drwxrwxr-x root users ] /srv/ftp/data/alle
### /etc/xinetd.d/ftp
service ftp
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
log_on_success += HOST DURATION
log_on_failure += HOST
disable = no
}
### /etc/vsftpd.conf
listen=NO
listen_ipv6=NO
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
idle_session_timeout=600
data_connection_timeout=120
chroot_local_user=YES
ls_recurse_enable=YES
local_root=/srv/ftp/data
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/private/vsftpd.pem
</pre>