Posts tagged: linux

Checks the Linux supported release

3.1.1.005-GEN000100.bash

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

 
#!/bin/bash
# Copyright (C) 2011 simonalsa
# http://www.simonalsa.com
# Author Simon Alonso Sanchez <simonalsa@simonalsa.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; version 2
# of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 
# Security Technical Implementation Guide (STIG)
# Security Readiness Review (SRR)
# Tested in GNU/Linux Debian distribution
 
# STIG|SRR definition
NUMBER="3.1.1.005"
LABEL="GEN000100"
 
# Section:
SECTION="Linux overview and site information"
 
# Process:
PROCESS="Operating system"
 
# Description:
DESCRIPTION="Checks the Linux supported release"
 
# Include global preferences
if [ -e $PWD/preferences.cfg ]; then
        source $PWD/preferences.cfg
else
        echo -e "Can not include the global preferences at $PWD/preferences.cfg \r"
        exit
fi
 
# Include local preferences
if [ -e $PWD/$NUMBER-$LABEL.prefs ]; then
        source $PWD/$NUMBER-$LABEL.prefs
else
        echo -e "Can not include the local preferences at $PWD/$NUMBER-$LABEL.prefs \r"
        exit
fi
 
# Section.Description
echo -e "STIG|SRR definition \r"
echo -e "\t Number: $NUMBER \r"
echo -e "\t Label: $LABEL \r"
echo -e "\t Section: $SECTION \r"
echo -e "\t Process: $PROCESS \r"
echo -e "\t Description: $DESCRIPTION \r"
echo -e "\r"
 
# Perform
 
if [ -x $CMD_LSB_RELEASE ]; then
 
        CMD=$($CMD_LSB_RELEASE -d -s)
        if [ $? -eq 0 ]; then
                echo -e "Linux LSB release: \r"
                echo -e "\t $CMD \r"
        else
                echo -e "Can not locate the Linux LSB release \r"
        fi
else
        echo -e "Can not locate the $CMD_LSB_RELEASE in the filesystem \r"
        exit
fi
 
 
if [ -x $CMD_UNAME ]; then
        CMD=$($CMD_UNAME)
        if [ $? -eq 0 ]; then
                KERNEL_NAME=$($CMD_UNAME --kernel-name)
                KERNEL_RELEASE=$($CMD_UNAME --kernel-release)
                KERNEL_VERSION=$($CMD_UNAME --kernel-version)
                KERNEL_MACHINE=$($CMD_UNAME --machine)
                KERNEL_PROCESSOR=$($CMD_UNAME --processor)
                KERNEL_HARDWARE=$($CMD_UNAME --hardware-platform)
                KERNEL_OS=$($CMD_UNAME --operating-system)
 
                echo -e "Kernel release: \r"
                echo -e "\t Name: $KERNEL_NAME \r"
                echo -e "\t Release: $KERNEL_RELEASE \r"
                echo -e "\t Version: $KERNEL_VERSION \r"
                echo -e "\t Machine: $KERNEL_MACHINE \r"
                echo -e "\t Processor: $KERNEL_PROCESSOR \r"
                echo -e "\t Hardware: $KERNEL_HARDWARE \r"
                echo -e "\t Operating system: $KERNEL_OS \r"
 
        else
                echo -e "Can not locate the Linux Kernel release \r"
        fi
else
        echo -e "Can not locate the $CMD_UNAME in the filesystem \r"
        exit
fi
 
echo -e "\r"

3.1.1.005-GEN000100.bash

 

1

# Nothing

 

Sample output

simonalsa@Desktop-01:~/$ bash 3.1.1.005-GEN000100.bash
STIG|SRR definition
         Number: 3.1.1.005
         Label: GEN000100
         Section: Linux overview and site information
         Process: Operating system
         Description: Checks the Linux supported release

Linux LSB release:
         Debian GNU/Linux 6.0.3 (squeeze)
Kernel release:
         Name: Linux
         Release: 2.6.32-5-amd64
         Version: #1 SMP Thu Nov 3 03:41:26 UTC 2011
         Machine: x86_64
         Processor: unknown
         Hardware: unknown
         Operating system: GNU/Linux
 

Tags: , , , , ,

categories Debian, Linux, Programación, Scripting, Scripts, Security, Shell, SRR, STIG | | datetime January 26, 2012 9:24 pm | comments Comments (0)

Basic bind nameserver master/slave configuration

DNS Master server

shell@master> cat /etc/bind/named.conf.local
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "thor.loc" {
        type master;
        file "/etc/bind/db.thor.loc";
        notify yes;
        also-notify { 192.168.1.132; };
        allow-transfer { 192.168.1.132; };
};

zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.1.168.192";
        notify yes;
        also-notify { 192.168.1.132; };
        allow-transfer { 192.168.1.132; };
};
 

 

shell@master> cat /etc/bind/db.thor.loc
$TTL 24h
@                       IN      SOA     thor.loc. root.thor.loc. (
                                2               ; Serial
                                3h              ; Refresh
                                30m             ; Retry
                                7d              ; Expire
                                3h)             ; Minimum TTL

; Nameservers
@                       IN      NS      thor.loc.
@                       IN      A       192.168.1.131

@                       IN      NS      thor.loc.
@                       IN      A       192.168.1.132

; Hosts
Xen.thor.loc.           IN      A       192.168.1.6

; Web-Servers Pool
Web-01.thor.loc.        IN      A       192.168.1.101
larete.thor.loc.        IN      A       192.168.1.101

; Sql-Servers Pool
Sql-01.thor.loc.        IN      A       192.168.1.111

; File-Servers Pool
File-01.thor.loc.       IN      A       192.168.1.121

; DNS-Servers Pool
DNS-01.thor.loc.        IN      A       192.168.1.131
DNS-02.thor.loc.        IN      A       192.168.1.132

; Mail-Servers Pool
Mail-01.thor.loc.       IN      A       192.168.1.141

; LDAP-Servers Pool
LDAP-01.thor.loc.       IN      A       192.168.1.151
LDAP-02.thor.loc.       IN      A       192.168.1.152

; Log-Servers Pool
Log-01.thor.loc.        IN      A       192.168.1.161

; Desktop Pool
Debian-01.thor.loc.     IN      A       192.168.1.201

; Subdomains
 

 

shell@master> cat /etc/bind/db.1.168.192.0
$TTL    24h

1.168.192.in-addr.arpa.   IN  SOA   DNS-01.thor.loc.   root.thor.loc (
        1          ; serial number
        3h         ; refresh time
        30m        ; retry time
        7d         ; expire time
        3h         ; negative caching ttl
)

; Nameservers
1.168.192.in-addr.arpa.         IN      NS      192.168.1.131.

; Hosts / PTR
6.1.168.192.in-addr.arpa.       IN      PTR     Xen.thor.loc.

; Web-Servers Pool
101.1.168.192.in-addr.arpa.     IN      PTR     Web-01.thor.loc.
101.1.168.192.in-addr.arpa.     IN      PTR     larete.thor.loc.

; Sql-Servers Pool
111.1.168.192.in-addr.arpa.     IN      PTR     Sql-01.thor.loc.

; File-Servers Pool
121.1.168.192.in-addr.arpa.     IN      PTR     File-01.thor.loc.

; DNS-Servers Pool
131.1.168.192.in-addr.arpa.     IN      PTR     DNS-01.thor.loc.
132.1.168.192.in-addr.arpa.     IN      PTR     DNS-02.thor.loc.

; Mail-Servers Pool
141.1.168.192.in-addr.arpa.     IN      PTR     Mail-01.thor.loc.

; LDAP-Servers Pool
151.1.168.192.in-addr.arpa.     IN      PTR     LDAP-01.thor.loc.
152.1.168.192.in-addr.arpa.     IN      PTR     LDAP-02.thor.loc.

; Log-Servers Pool
161.1.168.192.in-addr.arpa.     IN      PTR     Log-01.thor.loc.

; Desktop Pool
201.1.168.192.in-addr.arpa.     IN      PTR     Debian-01.thor.loc.
 

DNS Slave server

shell@slave> cat /etc/bind/named.conf.local

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "thor.loc" {
        type slave;
        file "/var/lib/bind/db.thor.loc";
        masters { 192.168.1.131; };
        allow-transfer { none; };
};

zone "1.168.192.in-addr.arpa" {
        type slave;
        file "/var/lib/bind/db.1.168.192";
        masters { 192.168.1.131; };
        allow-transfer { none; };

};
 

Tags: , , , , ,

categories DNS, Linux | | datetime November 6, 2011 12:22 pm | comments Comments (0)

Howto compile a custom Linux Kernel from Kernel.org sources

Preliminary Linux kernel version

shell>uname -rp

2.6.37.6-0.7-desktop x86_64

Get the Kernel sources from www.kernel.org. I downloaded the Linux Kernel 2.6.37.6. x64 bits architecture

I have followed this procedure to compile, deploy and install a new kernel version into my box.

Get root privileges

shell> su -

Copy the downloaded linux kernel sources .tar.gz to /usr/src

shell> cp /home/simonalsa/Download/Kernel/linux-2.6.37.6.tar.gz /usr/src

Enter in /usr/src path

shell> cd /usr/src

Untar and unpack the linux kernel sources .tar.gz

shell> tar -xvvzf linux-2.6.37.6.tar.gz

Make a symbolic link to the new linux kernel sources.

shell> ln -s /usr/src/linux-2.6.37.6 /usr/src/linux

Enter in new directory / symbolic directory link

shell> cd /usr/src/linux

Clean trash from before compilations. Not necessary in the first compilation.

shell> make clean

Clean config files. Not necessary in the first compilation.

shell> make mrproper

I have used the .config file that came from with the compiled linux kernel package located in the /boot directory.

shell> cp /boot/config-2.6.37.6-0.7-default .config.0

Import the configured .config file and make some others changes in the kernel configuration.

shell> make menuconfig

Make the dependencies. Not necessary in the first compilation.

shell> make dep

Make the bzImage. Compile the linux kernel sources.

shell> make bzImage

Make the modules. Compile the modules.

shell> make modules

Install the modules. Deploy the new modules in /lib/modules

shell> make modules_install

Check the new compiled Kernel

shell> ls -la /usr/src/linux/arch/x86/boot/bzImage

Deploy the Kernel in the /boot

shell> cp /usr/src/linux/arch/x86/boot/bzImage /boot/bzImage-2.6.37.6-custom

Deploy the System.map in the /boot

shell> cp /usr/src/linux/System.map /boot/System.map-2.6.37.6-custom

Generate a new initrd file and deploy it in the /boot

shell> makeinitrd -k /boot/bzImage-2.6.37.6-custom -i /boot/initrd-2.6.37.6-custom

Backup the linux kernel sources from /usr/src/linux to /usr/src/linux-2.6.37.6-custom. Not necessary. As you like and want.

shell> cp -a linux-2.6.37.6-0.7 linux.2.6.37-custom

Edit the boot looader. Grub. Add the new kernel to the /boot/grub/menu.lst

### custom kernel

title custom kernel — opensuse 11.4 – 2.6.37.6

root(hd0,1)

kernel /boot/bzImage-2.6.37.6-custon root=/dev/disk/by-id/ata-WDC_WD15EARS-00Z5B1_WD-WMAVU3168940-part2 resume=/dev/disk/by-id/ata-WDC_WD15EARS-00Z5B1_WD-WMAVU3168940-part1 splash=silent quiet showopts vga=0x31a

initrd /boot/initrd-2.6.37.6-custom

Reboot the box

shell> reboot

Check the new kernel

shell> uname -rp

2.6.37.6-custom x86_64

The new kernel works well after the reboot now its time for tuning and custom it.

 

Tags: , , , , , ,

categories Kernel, Linux, Uncategorized | | datetime September 4, 2011 5:39 pm | comments Comments (3)

Grub reinstall from debian installation

Open a console and next from the command line

chroot /target

cd /usr/bin
loadkeys es

apt-get install grub

mkdir /boot/grub

vim /boot/grub/menu.lst

IOF>>

color light-gray/blue black/light-gray
timeout 10
title Boot Linux system (wait 10 seconds)
root (hd0,0)
kernel /vmlinuz root=/dev/i2o/hda1 rw vga=normal
initrd /initrd.img
<<EOF

grub-install /dev/i2o/hda

Tags: , , ,

categories Linux | | datetime January 18, 2011 7:08 pm | comments Comments (0)

WordPress Themes