book

CentOS System Administration Essentials

by Andrew Mallett

November 2014

Beginner

174 pages

3h 50m

English

Packt Publishing

Read now

Unlock full access

Support files, eBooks, discount offers, and moreWhy subscribe?Free access for Packt account holders
What this book covers

Downloading the color images of this bookErrataPiracyQuestions
CLI trickery – shortcuts that you will love
The GRUB and MBR
Editing stanzas in GRUBAdding a root entry to a stanzaAdding a kernel entry to a stanzaAdding an initrd entry to a stanza
Applying different themes
A magician's secretHard linksSymbolic links
The SUID bitThe SGID bitThe sticky bit
The last access timeThe last modified timeThe last changed time
What BTRFS has to offerInstalling BTRFSCreating a BTRFS filesystemExpanding a BTRFS filesystemVolume management with BTRFSBalancing the filesystemAdding an entry to /etc/fstabCreating an RAID1 mirror
Managing software installation with RPM files
Creating the Plymouth themetup.plymouthtup.scriptCreating the theme RPMUsing YUMYUM plugins
/etc/yum.repos.d/
Managing services with Upstart
Using the pgrep commandUsing the pstree commandUsing the pkill commandUsing the pmap command
Managing public and private groupsLinux groupsAdding users to groupsEvaluating private group usage
Setting quotas
LDAP concepts
Configuring DNS or hostname recordsSetting TCP keepalivesSetting file descriptorsCreating the directory server user and groupThe EPEL repositoryInstalling and configuring 389-dsTesting the installation
Adding users using the GUI consoleAdding users from the command line
Installing and configuring NginxInstalling NginxConfiguring NginxConfiguring a 404 Document Not Found Error page
Installing the Puppet masterConfiguring the firewallDNSNetwork Time ProtocolThe Puppet lab repository
ClassesResource definitionPuppet factsUsing includeCreating and testing manifestsEnrolling remote puppet agents
Understanding PAM configuration filesTypeControlThe module pathModule arguments
DomainTypeItem
Reading the current SELinux modeSetting the SELinux modePreventing mode changes from the command lineUnderstanding SELinux contextsTroubleshooting SELinux
Password auditingPreparing a password fileCracking passwordsWeakening the algorithmHardening the password
Securing remote access to your systemThe SSH public keyAnalyzing the risks of default settingsPopulating the keystorePublic key authenticationRoot loginsConclusion
LocaleTime and date informationManaging servicesAdditional ways to repair your machine than just using the single user modeRemote managementSystemd and nonstandard subcommandsThe Samba 4.1 packageFilesystem changesPassword policies

Content preview from CentOS System Administration Essentials

Protecting the GRUB menu with passwords

Now I can imagine that all of this talk to gain root access from the physical server can be quite alarming; the truth is that it really shouldn't be, as securing physical access to the server is normally not difficult or onerous. However, where there is a desire or need to take the security further, it can easily be implemented through GRUB passwords. Any password settings will normally be added to the global section that precedes any stanza. Firstly, let's review some of the GRUB global options before setting some passwords.

On visiting the /boot/grub/menu.lst file on CentOS, we will see that the first lines are commented out and generated by the installer anaconda, and that the file is named as grub.conf ...