Rescue Mode in Linux

Rescue mode allows you to boot a small Linux environment entirely from a diskette, CD- ROM, or use another method.

However, there may be times when you cannot get Linux running completely enough to access files on the hard drive of your system. Rescue mode, you can access files stored on the hard drive of your machine's files, even if you cannot run Linux from that hard drive.

In general, you have to go into rescue mode for one of two reasons:

     You are unable to boot Linux.

     You encounter hardware or software problems, and want to recover some important files off the hard drive of your system.

Linux Rescue and Single User Troubleshooting

# if you find kernel panic error due to an incorrect configuration, follow the steps below.

If any configuration error occurs on the grub.conf file then boot in single user mode.

How to start a single user mode

Press "E" for editing in the first GRUB screen after POST.

Changes to the boot line

Put "single" in spite of "RO"

Press "B" to boot the system that will move you in the Root shell, update the configuration file with the appropriate options and reboot the machine or start another init.

If the error in /etc/fstab error will be

Type Control+d to continue...

To resolve this error using the linux rescue boot CD first

After booting and initiating rescue command we need to mount hdd in any test directory.

# chroot /mnt/sysimage

Knowing the label mount

#e2lable /dev/hda2  (of hda of root partition. Let say it is 2.

#mkdir test

#mount /dev/hda2 test

then edit the file which ever you require in default state.

# vi test/etc/fstab

# vi test/etc/passwd  Extra first put directory name before path.

How to know in which run level you are:

#run level

#tty  (To find out in which terminal you are)

Password Breaking and Grub Password

In this tutorial we'll talk about password breaking and grub password. Sometimes you do not remember the root password. On Linux, recovering root password can be done by booting Linux in a specific mode: single user mode.

This tutorial will show you how to boot Linux in single-user mode when using GRUB and finally how to change the root password.

In normal use, a Linux OS runs under runlevels between 2 and 5 corresponding to various multi-user modes. Booting Linux under runlevel 1 will allow one to enter a single-user mode, the mode of a specific user. At some level, you get a root prompt directly. From there, change the root password is a piece of cake.

Entering runlevel 1

Some Linux distributions, such as Ubuntu, for example, offers a specific entry in the start menu where it says “Recovery Mode“ or "single user mode". If this is the case, this menu, you can start the machine in single-user mode, you can continue with the next section. If you can read this part.

With GRUB, you can manually change the input of the proposed startup menu at boot time. To do this, when the GRUB menu list (you may have to press the ESC key first), follow these instructions:

   * use the arrows keys to select the boot entry you want to edit.
   * press e to edit the entry
   * use the arrows to go to the kernel line
   * press e to edit this entry
   * the end of the line to add a word    single
   * press Esc to return to the main menu
   * press b to boot the kernel

Start the kernel must as always (except for the graphical display can be used), and finally get a root system (sh #).

Here we have access to the root file system, we finally change the password.

Change the root password

As root, while change the password does not require the old password, then run the command:

[root@linuxguide ]# passwd

you are prompted to enter your new password and ask you to confirm to ensure there are no typo.

Well, now you can reboot your box and gain root access again.


There is another way to break the GRUB boot password, follow these steps:

Step-1 Boot the system using the first CD of Linux. At the prompt, type: linux rescue to enter rescue mode. In rescue mode you will be asked whether to respect the similar measures to be followed in the installation. Once appeared the # prompt, type the following command:

[root@linuxguide ]# chroot /mnt/sysimage

Step-2 Edit the grub.conf file and remove the line in the passwd file. Save the file and exit.

Step-3 Once your machine restarts, you will be able to start your Linux operating system with standard.

Software Installation with RPM & YUM

Installation with RPM:

RPM stands for Red Hat Package Manager. Red Hat introduced RPM in 1995. RPM is now the package management system used for packaging in the Linux Standard Base (LSB). The rpm command options are grouped into three subgroups for:

    Querying and verifying packages
    Installing, upgrading, and removing packages
    Performing miscellaneous functions

RPM command is used for installing, uninstalling, upgrading, querying, listing, and checking RPM packages on your Linux system. With root privilege, you can use the rpm command with appropriate options to manage the RPM software packages.

Installing a RPM package Using rpm -ivh

RPM filename has packagename, version, release and architecture name.

For example, In the MySQL-client-3.23.57-1.i386.rpm file:

    MySQL-client – Package Name
    3.23.57 – Version
    1 – Release
    i386 – Architecture

When you install a RPM, it checks whether your system is suitable for the software the RPM package contains, figures out where to install the files located inside the rpm package, installs them on your system, and adds that piece of software into its database of installed RPM packages.

The following rpm command installs Mysql client package.

[root@linuxguide ]# rpm -ivh  MySQL-client-3.23.57-1.i386.rpm
    Preparing...                ########################################### [100%]
   1:MySQL-client           ########################################### [100%]

rpm command and options

    -i : install a package
    -v : verbose
    -h : print hash marks as the package archive is unpacked.

Query a Particular RPM Package using rpm -q

The above example lists all currently installed package. After installation of a package to check the installation, you can query a particular package and verify as shown below.

[root@linuxguide ]# rpm -q MySQL-client
MySQL-client-3.23.57-1

[root@linuxguide ]# rpm -q MySQL
package MySQL is not installed

Note: To query a package, you should specify the exact package name. If the package name is incorrect, then rpm command will report that the package is not installed.

Upgrading a RPM Package using rpm -Uvh

Upgrading a package is similar to installing one, but RPM automatically un-installs existing versions of the package before installing the new one. If an old version of the package is not found, the upgrade option will still install it.

[root@linuxguide ]# rpm -Uvh MySQL-client-3.23.57-1.i386.rpm
Preparing...             ########################################### [100%]
1:MySQL-client          ###########################################

Uninstalling a RPM Package using rpm -e

To remove an installed rpm package using -e as shown below. After uninstallation, you can query using rpm -qa and verify the uninstallation.

[root@linuxguide ]# rpm -ev MySQL-client

Information about Installed RPM Package using rpm -qi

rpm command provides a lot of information about an installed pacakge using rpm -qi

If you have an RPM file that you would like to install, but want to know more information about it before installing, you can do the following:

[root@linuxguide ]# rpm -qip MySQL-client-3.23.57-1.i386.rpm

Name        : MySQL-client                 Relocations: (not relocatable)
Version     : 3.23.57                           Vendor: MySQL AB
Release     : 1                                     Build Date: Mon 09 Jun 2003 11:08:28 PM CEST
Install Date: (not installed)                Build Host: build.mysql.com
Group       : Applications/Databases        Source RPM: MySQL-3.23.57-1.src.rpm
Size        : 5305109                          License: GPL / LGPL
Signature   : (none)
Packager    : Lenz Grimmer
URL         : http://www.mysql.com/
Summary     : MySQL - Client
Description : This package contains the standard MySQL clients.

    -i : view information about an rpm
    -p : specify a package name


Installation with YUM:

The yum command requires a repository as the source of the packages. If you are connected to the internet, you may choose to use the repository provided by your Linux distribution.

Installing, removing, and updating packages is a typical activity on Linux. Most of the Linux distributions provides some kind of package manager utility. For example, apt-get, dpkg, rpm, yum, etc.

yum is the default package manager on some Linux distributions.

Install a package using yum install

To install a package, do ‘yum install packagename’. This will also identify the dependencies automatically and install them.

The following example installs postgresql package.

[root@linuxguide ]# yum install postgresql.x86_64
Resolving Dependencies
Install       2 Package(s)
Is this ok [y/N]: y

Package(s) data still to download: 3.0 M
(1/2): postgresql-9.0.4-5.fc15.x86_64.rpm          | 2.8 MB     00:11
(2/2): postgresql-libs-9.0.4-5.fc15.x86_64.rpm    | 203 kB     00:00
------------------------------------------------------------------
Total                                        241 kB/s | 3.0 MB     00:12    

Running Transaction
Installing : postgresql-libs-9.0.4-5.fc15.x86_64             1/2
Installing : postgresql-9.0.4-5.fc15.x86_64                   2/2

Complete!

By default ‘yum install’, will prompt you to accept or decline before installing the packages. If you want yum to install automatically without prompting, use -y option as shown below.

[root@linuxguide ]# yum -y install postgresql.x86_64

Uninstall a package using yum remove

To remove a package (along with all its dependencies), use ‘yum remove package’ as shown below.

[root@linuxguide ]# yum remove  postgresql.x86_64
Resolving Dependencies
---> Package postgresql.x86_64 0:9.0.4-5.fc15 will be erased

Is this ok [y/N]: y

Running Transaction
  Erasing    : postgresql-9.0.4-5.fc15.x86_64       1/1

Removed:
  postgresql.x86_64 0:9.0.4-5.fc15

Complete!

Upgrade an existing package using yum update

If you have a older version of a package, use ‘yum update package’ to upgrade it to the latest current version. This will also identify and install all required dependencies.

[root@linuxguide ]# yum update postgresql.x86_64

Install a specific software group using yum groupinstall

To install specific software group, use groupinstall option as shown below. In the following example, ‘DNS Name Server’ group contains bind and bind-chroot.

[root@linuxguide ]# yum groupinstall 'DNS Name Server'

Dependencies Resolved
Install       2 Package(s)
Is this ok [y/N]: y

Package(s) data still to download: 3.6 M
(1/2): bind-9.8.0-9.P4.fc15.x86_64.rpm             | 3.6 MB     00:15
(2/2): bind-chroot-9.8.0-9.P4.fc15.x86_64.rpm   |  69 kB     00:00
-----------------------------------------------------------------
Total               235 kB/s | 3.6 MB     00:15

Installed:
  bind-chroot.x86_64 32:9.8.0-9.P4.fc15

Dependency Installed:
  bind.x86_64 32:9.8.0-9.P4.fc15

Complete!

Upgrade an existing software group using groupupdate

If you’ve already installed a software group using yum groupinstall, and would like to upgrade it to the latest version, use ‘yum groupupdate’ as shown below.

[root@linuxguide ]# yum groupupdate 'Graphical Internet'

Dependencies Resolved
Upgrade       5 Package(s)
Is this ok [y/N]: y  

Running Transaction
  Updating   : evolution-data-server-3.0.2-1.fc15.x86_64     1/10
  Updating   : evolution-3.0.2-3.fc15.x86_64                 2/10
  Updating   : evolution-NetworkManager-3.0.2-3.fc15.x86_64  3/10
  Updating   : evolution-help-3.0.2-3.fc15.noarch            4/10
  Updating   : empathy-3.0.2-3.fc15.x86_64                   5/10
  Cleanup    : evolution-NetworkManager-3.0.1-1.fc15.x86_64  6/10
  Cleanup    : evolution-help-3.0.1-1.fc15.noarch            7/10
  Cleanup    : evolution-3.0.1-1.fc15.x86_64                 8/10
  Cleanup    : empathy-3.0.1-3.fc15.x86_64                   9/10
  Cleanup    : evolution-data-server-3.0.1-1.fc15.x86_64     10/10

Complete!

Uninstall a software group using yum groupremove

To delete an existing software group use ‘yum groupremove’ as shown below.

[root@linuxguide ]# yum groupremove 'DNS Name Server'
Dependencies Resolved
Remove        2 Package(s)
Is this ok [y/N]: y

Running Transaction
  Erasing    : 32:bind-chroot-9.8.0-9.P4.fc15.x86_64  1/2
  Erasing    : 32:bind-9.8.0-9.P4.fc15.x86_64            2/2

Complete!

Install from a disabled repositories using yum --enablerepo

By default yum installs only from the enabled repositories. For some reason if you like to install a package from a disabled repositories, use --enablerepo option in the ‘yum install’ as shown below.

[root@linuxguide ]# yum --enablerepo=fedora-source install vim-X11.x86_64
Dependencies Resolved
Install       1 Package(s)
Is this ok [y/N]: y

Running Transaction
  Installing : 2:vim-X11-7.3.138-1.fc15.x86_64   1/1

Complete!

After that, you will be able to install softwares using rpm and yum.

Linux Sticky Bit

Introduction:

Sticky Bit is mainly used on folders in order to avoid deletion of a folder and its content by other users though they having write permissions on the folder contents. If Sticky bit is enabled on a folder, the folder contents are deleted by only owner who created them and the root user. No one else can delete other users data in this folder(Where sticky bit is set). This is a security measure to avoid deletion of critical folders and their content(sub-folders and files), though other users have full permissions.

For example: Create a project where people will try to dump files for sharing, but they should not delete the files created by other users.

How can I setup Sticky Bit for a Folder?

Sticky Bit can be set in two ways

    Symbolic way (t, represents sticky bit)
    Numerical/octal way (1, Sticky Bit bit as value 1)

Use chmod command to set Sticky Bit on Folder: /opt/dump/

Symbolic way:

[root@linuxguide ]$ chmod o+t /opt/dump/
or
[root@linuxguide ]$ chmod +t /opt/dump/

Let me explain above command, We are setting Sticky Bit(+t) to folder /opt/dump by using chmod command.

Numerical way:

[root@linuxguide ]$ chmod 1757 /opt/dump/

Here in 1757, 1 indicates Sticky Bit set, 7 for full permissions for owner, 5 for read and execute permissions for group, and full permissions for others.

Checking if a folder is set with Sticky Bit or not?

Use ls –l to check if the x in others permissions field is replaced by t or T

For example: /opt/dump/ listing before and after Sticky Bit set

Before Sticky Bit set:

[root@linuxguide ]$ ls -l
total 8
-rwxr-xrwx 1 abc abcgroup 148 Oct 22 06:16 /opt/dump/

After Sticky Bit set:

[root@linuxguide ]$ ls -l
total 8
-rwxr-xrwt 1 abc abcgroup 148 Feb 22 04:26 /opt/dump/

Sticky Bit FAQs:

Now sticky bit is set, lets check if user “temp” can delete this folder which is created xyz user.

[root@linuxguide ]$ rm -rf /opt/dump

rm: cannot remove '/opt/dump': Operation not permitted

[root@linuxguide ]$ ls -l /opt
total 8
drwxrwxrwt 4 abc abcgroup 4096 2011-01-01 18:31 dump

if you observe other user is unable to delete the folder /opt/dump. And now content in this folder such as files and folders can be deleted by their respective owners who created them. No one can delete other users data in this folder though they have full permissions.

I am seeing “T” ie Capital s in the file permissions, what’s that?

After setting Sticky Bit to a file/folder, if you see ‘T’ in the file permission area that indicates the file/folder does not have executable permissions for all users on that particular file/folder.

Sticky bit without Executable permissions:

so if you want executable permissions, Apply executable permissions to the file.
chmod o+x /opt/dump/

ls -l command output:
-rwxr-xrwt 1 abc abcgroup 0 Mar 6 12:24 /opt/dump/

Sticky bit with Executable permissions:

you should see a smaller ‘t’ in the executable permission position.

How can I find all the Sticky Bit set files in Linux/Unix.

find / -perm +1000

The above find command will check all the files which is set with Sticky Bit bit(1000).

Can I set Sticky Bit for files?

Yes, but most of the time it’s not required.

How can I remove Sticky Bit bit on a file/folder?

chmod o-t /opt/dump/

Linux File and Folder Permissions

Introduction

File and folder security is an important element of any OS and Linux operating system is no exception!

These permits allow you to choose exactly who can access the files and folders that provides a comprehensive security system improved. Now consider a directory on your Linux server lab, to help us understand the information provided. While a simple 'ls' will give you the file and the list of directories in a given directory, add the '-l' reveals a number of new areas.

So what does all this output mean ? Especially all those 'rwx' lines?!

Let's start from scratch, the analysis of the information contained in the following command. From right to left, we have the file and the directory name. Then we will find the time and date of creation. The next column contains the file size in bytes - nothing special here. Next column shows the permissions. Each file in Linux is "owned" by a particular user, usually the user (owner) who created the file, but you can always give the property to another person. The owner could belong to a particular group, in this case, the file is also associated with the user group. The system identifies files by their inode number, which is the unique identification system for the file. Now, for the last column, the first left that contains the '-rw-r--r--' characters. These are the effective permissions set for the file or directory that are studied in particular.

[root@linuxguide work]# ls -l
total 0
-rw-r--r-- 1 root root 0 Jan  2 16:22 file1
-rw-r--r-- 1 root root 0 Jan  2 16:22 file2
-rw-r--r-- 1 root root 0 Jan  2 16:22 file3
-rw-r--r-- 1 root root 0 Jan  2 16:22 file4
-rw-r--r-- 1 root root 0 Jan  2 16:22 file5
-rw-r--r-- 1 root root 0 Jan  2 16:22 file6
-rw-r--r-- 1 root root 0 Jan  2 16:22 file7
-rw-r--r-- 1 root root 0 Jan  2 16:22 file8
-rw-r--r-- 1 root root 0 Jan  2 16:22 file9

To make things easier, we've split the permissions section into a further 4 columns as shown above. The first column indicates whether we are talking about a directory (d), file (-) or link (l).

Column 2 refers to the user rights. This is the owner of the file, directory or link and these three characters determine what the owner can do with it.

The 3 characters on column 2 are the permissions for the owner (user) of the file or directory. The next 3 are permissions for the group that the file is owned by and the final 3 characters define the access permissions for the others group, that is, everyone else not part of the group.

So, there are 3 possible attributes that make up file access permissions:

r - Read permission. Whether the file may be read. In the case of a directory, this would mean the ability to list the contents of the directory.
w - Write permission. Whether the file may be written to or modified. For a directory, this defines whether you can make any changes to the contents of the directory. If write permission is not set then you will not be able to delete, rename or create a file.
x - Execute permission. Whether the file may be executed. In the case of a directory, this attribute decides whether you have permission to enter, run a search through that directory or execute some program from that directory.

Here are some more examples focusing on the permissions:

-r--r--r-- :This means that owner, group and everyone else has only read permissions to the file (remember, if there's no 'd' or 'l', then we are talking about a file).
-rw-rw-rw- : This means that the owner, group and everyone else has read and write permissions.
-rwxrwxrwx : Here, the owner, group and everyone else has full permissions, so they can all read, write and execute the file (-).

Modifying Ownership & Permissions

So how do you change permissions or change the owner of a file?

Changing the owner or group owner of a file is very simple, you just type 'chown user:group filename.ext', where 'user' and 'group' are those to whom you want to give ownership of the file. The 'group' parameter is optional, so if you type 'chown asifark file.txt', you will give ownership of file.txt to the user named asifark.

In the case of a directory, nothing much changes as the same command is used. However, because directories usually contain files that also need to be assigned to the new user or group, we use the '-R' flag, which stands for 'recursive' - in other words all subdirectories and their files: 'chown -R user:group dirname'.

To change permissions you use the 'chmod' command. The possible options here are 'u' for the user, 'g' for the group, 'o' for other, and 'a' for all three. If you don't specify one of these letters it will change to all by default. After this you specify the permissions to add or remove using '+' or '-' . Let's take a look at an example to make it easier to understand:

If we wanted to add read, write and execute to the user of a particular file, we would type the following 'chmod u+rwx file.txt'. If on the other hand you typed 'chmod g-rw file.txt' you will take away read and write permissions of that file for the group .

While it's not terribly difficult to modify the permissions of a file or directory, remembering all the flags can be hard. Thankfully there's another way, which is less complicated and much faster. By replacing the permissions with numbers, we are able to calculate the required permissions and simply enter the correct sum of various numbers instead of the actual rights.

The way this works is simple. We are aware of three different permissions, Read (r), Write (w) and Execute (x). Each of these permissions is assigned a number as follows:

r (read) - 4
w (write) - 2
x (execute) - 1

Now, to correctly assign a permission, all you need to do is add up the level you want, so if you want someone to have read and write, you get 4+2=6, if you want someone to have just execute, it's just 1.. zero means no permissions. You work out the number for each of the three sections (owner, group and everyone else).

If you want to give read write and execute to the owner and nothing to everyone else, you'd get the number 700. Starting from the left, the first digit (7) presents the permissions for the owner of the file, the second digit (0) is the permissions for the group, and the last (0) is the permissions for everyone else. You get the 7 by adding read, write and execute permissions according to the numbers assigned to each right as shown in the previous paragraphs: 4+2+1 = 7.

If on the other hand you decide not to give anyone any permission, you would use '000' (now nobody can access the file, not even you!). However, you can always change the permissions to give yourself read access, by entering 'chmod 400 file.txt'.

For more details on the 'chmod' command, please take a look at the man pages.

As we will see soon, the correct combination of user and group permissions will allow us to perform our work while keeping our data safe from the rest of the world.

The world of Linux permissions is pretty user friendly as long as you see from the right perspective. Practice and reviewing the theory will certainly help you remember the most important information so you can perform your work without much trouble.

If you happen to forget something, you can always re-visit us, we will welcome you any time of the day :)