Translate

viernes, octubre 09, 2020

Configurar samba smb en entronos RedHat / centos version 7.X 8.X ... 2020

 

What is Samba

To provide printer and file sharing, Microsoft Windows uses a facility known as SMB (Server Message Block). This same facility is sometimes known as NetBIOS or LanManager. Thanks to Andrew Tridgell and others, Linux systems provide support for SMB via a package known as Samba. Like SMB, Samba lets you:

  • Share printers and files among Microsoft Windows, OS/2, Netware, and Unix systems
  • Establish a simple nameserver for identifying systems on your local area network
  • Backup PC files to a Linux system and restore them
  • Administer users and passwords

Samba has proven its reliability and high performance in many organizations.Samba software suite on Enterprise Linux is a collection of programs that implements the Server Message Block (commonly abbreviated as SMB) protocol for UNIX systems.

Installing Samba

In Enterprise Linux system, install below packages to get started with Samba. You can download/install these packages from yum server using the “yum install” command.

samba       #### basic Samba packages
samba-client       #### samba client

To install these packages :

# yum install samba
# yum install samba-client

If you are using an active directory setup, install below packages as well.

# yum install samba-winbind
# yum install samba-winbind-clients
# yum install samba-winbind-krb5-locator

Below are the list of packages which will be installed once you have installed the above packages.

samba-libs
samba-winbind-krb5-locator
samba-winbind-modules
samba-vfs-glusterfs
samba-winbind
samba-client
samba-common
samba-winbind-clients
samba

Configuring a Samba share

Samba’s configuration usually resides in /etc/samba/smb.conf which contains all the configuration parameters related to samba. Follow the steps given below to configure a samba share.

1. For the share to be accessible to a particular user, we must first create a user (john) on the linux server where the share resides as well.

# useradd john
# passwd john
Changing password for user john.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

2. To add activate the Samba user and set the password, use the “smbpasswd” command with the -a option.

# smbpasswd -a john

3. Create the directory to share or you can use an existing directory. Also set full permissions on the directory.

# mkdir -p  /path/to/share
# chmod -R 777 /path/to/share

4. Next, set the SElinux contexts on the share. Verify if you can create a file in the share.

# chcon -R -t samba_share_t /path/to/share
# cd /path/to/share
# echo test > testfile.txt

5. Edit the /etc/samba/smb.conf file and add the share settings.

# vi /etc/samba/smb.conf
[share_name]
    path = /path/to/share
    comment = samba share for john
    public = yes
    writable = yes
    create mask = 0777
    browseable = yes

Restart samba service for the above settings to take effect.

# service smb restart

To enable the service so that it survives a reboot execute the following:

systemctl enable smb


Troubleshooting

To find out the issue with a samba share, you can try disabling the iptables service and turning off the SELinux. Make sure to enable them back after you resolve the confilct.

# service iptables stop
# setenforce 0

Verify samba parameter using testparm
To verify that the parameters are correct in the smb.conf file or to debug configuration problems, use the testparm command.

logs
For debugging problems with Samba in general, the log files log.smbd and log.nmbd under the /var/log/samba directory are invaluable. The parameter log level in the global section of the smb.conf file determines the amount of detailed information Samba writes to the log files, with level 0 being the most general and 10 being the most detailed. Each logging level contains the messages from that level, in addition to the logging messages below it. For example, a logging level of 5 contains messages from level 5, plus those from levels 0 through 4.

# vi /etc/samba/smb.conf
# this tells Samba to use a separate log file for each machine
# that connects
log file = /var/log/samba/%m.log
debuglevel = 4

miércoles, octubre 07, 2020

Entrar a una shell ssh en nuestro terminal android usando la red de datos celular, 3G, 4G,5G

 Si queremos conectar a nuestro smartphone por 4G, usando ssh:


-Instalamos Termius desde google play

-Instalamos userland desde google play:

  *Instalar Ubuntu desde lista de S.O, una vez instalado no iniciar sesion vnc

  *Agregar sesion ssh (segunda pesta a de userland)

  *conectar por ssh a debian:

     *sudo su

     *apt update && apt upgrade

     * apt install wget

-Dejamos el binario arm64 en http://bitcoinshell.mooo.com/users/usuario/ o hacemos wget al binario arm64 en downloads ngrok.com

-Descomprimimos ngrok:

 $tar xpvfz ngrok_arm64xxxxx.tgz

-Hay que pedir el authtoken en ngrok.com y ejecutamos este comando en Termux, android,

 Este comando salva el authtoken en un fichero ngrok.yml


 $./ngrok authtoken ToKenQueNosHaDadoNgRoK


-Ya podemos ejecutar ngrok para usar el tunnel, por ejemplo para conexion ssh (tiene que ser el puerto 22 para que ngrok redireccione al puerto ssh de localhost):

 $./ngrok tcp 22


-Ya podemos entrar con ssh, en windows por putty y en linux (user es el usuario con el que arrancamos ngrok en Ubuntu userland y Port es el puerto aleatorio que nos da ngrok):


ssh user@0.tcp.ngrok.io -p Port


martes, septiembre 01, 2020

Particion vmware vcenter al 100% llena porque el fichero audit.log no ha sido rotado

 

/dev/sda3 - root partition 100% full due to Audit.log files not being rotated in vCenter Server Appliance (2149278)


Last Updated: 22/4/2020Categories: Troubleshooting 38 subscribe
 Symptoms
  • 100% capacity used for /dev/sda3.
  • Size of audit.log file is very large and /var/log/audit folder consumes majority of the space.
  • Saved logs from log rotate policy reference a date that is not in line with the policy.
  • Unable to connect to the vCenter Server as services are not started.
  • Running /etc/cron.daily/logrotate manually rotates logs as expected.
  • Accessing vSphere Web Client might fail with error: 503 service unavailable
 Purpose
This article provides steps to reduce the audit.log size.
 Resolution
To resolve this issue, truncate the audit.log file and verify the cron job is working correctly.
 

Truncate audit.log

  1. Log in to the vCenter Server Appliance through SSH.
  2. Run this command to enable access the Bash shell:

    shell.set --enabled true
     
  3. Type shell and press Enter.
  4. Navigate to the /var/log/audit folder with this command:

    cd /var/log/audit
     
  5. Run this command to verify the issue is with the audit.log file being too large (a few GBs):

    ls -lh

    For example:

    ls -lh

    total 3.5G
    -rw------- 1 root root 3.5G Feb 3 16:55 audit.log
    -rw------- 1 root root 445K Apr 8 2016 audit.log-20160408.bz2
    -rw------- 1 root root 447K Apr 9 2016 audit.log-20160409.bz2

     
  6. Truncate (clean the content without deleting the file) the audit.log file with this command:

truncate -s 0 audit.log
 

Verify that the cron job to rotate the audit.log is running

  1. Run this command to see when the cron job was last ran successfully:
ls -l /var/spool/cron/lastrun/

For example:

ls -l /var/spool/cron/lastrun/
total 0
-rw------- 1 root root 0 Apr 22 2016 cron.daily
-rw------- 1 root root 0 Apr 22 2016 cron.hourly
-rw------- 1 root root 0 Apr 21 2016 cron.weekly
 
  1. Determine if the cron job was last updated long time ago. Normally, this should be daily.
  2. Run this command to check for credential failures running the cron job:
 
grep "Authentication token is no longer valid; new one required" /var/log/messages.0.log | head
 
For example:

grep "Authentication token is no longer valid; new one required" /var/log/messages.0.log | head

2016-11-07T00:20:01.617180+00:00 vcenter /usr/sbin/cron[18972]: Authentication token is no longer valid; new one required
2016-11-07T00:20:01.617183+00:00 vcenter /usr/sbin/cron[18974]: Authentication token is no longer valid; new one required
 
  1. Run this command to check if the root password has expired:
 
chage -l root

For example:

chage -l root

Password change requested. Choose a new password.
Old Password:
New password:
 
  1. Change the root password as prompted.
  2. Verify the root account password has been changed:
chage -l root

For example:

chage -l root

Minimum: 0
Maximum: 365
Warning: 7
Inactive: -1
Last Change: Feb 03, 2017
Password Expires: Feb 03, 2018
Password Inactive: Never
Account Expires: Never
  1.  Restart all vCenter Server services.
service-control --stop --all
service-control --start --all

Note: Run the below command to change the root password to never expire:

#chage -m 0 -M 99999 -I -1 -E -1 root

ESXi Access to resource settings on the host is restricted to the server that is managing it

When you are trying to Login to the Vsphere you may receive a message “The host is currently being managed by the vCenter Server with IP Address xx.xx.xx.xx. Changes to this host during the session may not be reflected in the vSphere Client sessions currently viewing the vCenter Server.“Soon after you click “OK” when you get the above message and you proceed to deploy OVA, you may get an error “Access to resource settings on the host is restricted to the server that is managing it: xx.xx.xx“. This scenario is applicable when you are connected directly to an ESXi host managed in vCenter Server.

To resolve the issue, you have to follow the below method which is just a workaround:

Procedure to resolve:

  1. You need to stop communication between the vCenter Server and the host by stopping the below services. To do so, you need to either login to the console or SSH to the ESXi host. (To enable SSH on your ESXi host, follow the article share at the end of the resolution step)
    /etc/init.d/vpxa stop
    /etc/init.d/hostd restart
    When these commands are executed, the ESXi host will stop communicating with the vCenter Server.
  2. Deploy the OVA Template.
  3. Once your OVA Template is deployed,  start the VPXA service to add the ESXi host back to vCenter Server.]

/etc/init.d/vpxa start
That’s all !

Incrementar el espacio de disco en vmwarre vcenter vsphere 6.0

 

Increasing the disk space for the VMware vCenter Server Appliance in vSphere 6.0 (2126276)


Last Updated: 8/10/2019Categories: How to 17 subscribe
 Purpose
This article provides steps to increase the disk space of a specific VMDK for the vCenter Server Appliance 6.x. With the introduction of Logical Volume Management (LVM) in vSphere 6.0, you are now able to dynamically increase the disk size of the vCenter Server disks.
 
 Resolution

To increase the disk capacity for a specific VMDK on the vCenter Server Appliance 6.0

Note:This KB article is not applicable for increasing the size of the root ( / ) partition as the root partition is not LVM, we cannot modify the size of root ( / )  
  1. Log in to the vCenter Server Appliance using SSH and root credentials.
  2. Run this command to enable the Bash shell:

    shell.set --enabled true
     
  3. Type shell and press Enter.
  4. Use this command to verify which disk is experiencing disk space issues:

    df -h
     
  5. Using the vSphere Client or vSphere Web Client, locate the vCenter Server Appliance virtual machine and increase the disk space on the affected virtual disk. For more information, see Increasing the size of a virtual disk (1004047) .

    Note: If the vCenter Server Appliance is inaccessible connect directly to the host that is running the virtual machine.
  6. After the virtual disk is increased, return to the SSH session and run this command to automatically expand any logical volumes for which the physical volumes are increased:

    vpxd_servicecfg storage lvm autogrow

    When the grow operation is successful, you see output similar to:

    VC_CFG_RESULT=0
     
  7. Run this command to confirm that the virtual disk has been successfully grown:

    df -h

To increase the disk capacity for a specific VMDK on the PSC 6.0 U2a or later

  1. Log in to the PSC using SSH and root credentials.
  2. Run this command to enable the Bash shell:

    shell.set --enabled true
     
  3. Type shell and press Enter.
  4. Use this command to verify which disk is experiencing disk space issues:

    df -h
     
  5. Using the vSphere Client or vSphere Web Client, locate the PSC virtual machine and increase the disk space on the affected virtual disk. For more information, see Increasing the size of a virtual disk (1004047).

    Note: If the PSC is inaccessible connect directly to the host that is running the virtual machine.
  6. After the virtual disk is increased, return to the SSH session and run this command to automatically expand any logical volumes for which the physical volumes are increased:

    /usr/lib/applmgmt/support/scripts/lvm_cfg.sh storage lvm autogrow
     
  7. Run this command to confirm that the virtual disk has been successfully grown:

    df -h