Increase/Extend Disk Space of Linux VM without using LVM without losing data

Scenario: We have Linux VM in which administrator have created physical partition as below  

root@localhost ~]# fdisk -l

Disk /dev/sda: 21.5 GB, 21474836480 bytes

255 heads, 63 sectors/track, 2610 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk identifier: 0x000273b1

  Device Boot      Start         End      Blocks   Id  System

/dev/sda1   *           1          64      512000   83  Linux

Partition 1 does not end on cylinder boundary.

/dev/sda2              64        1306     9972736   83  Linux

/dev/sda3            1306        1958     5241875   83  Linux

[root@localhost ~]# df -h

Filesystem      Size  Used Avail Use% Mounted on

/dev/sda2       9.3G  3.7G  5.2G  42% /

tmpfs           931M     0  931M   0% /dev/shm

/dev/sda1       477M   25M  427M   6% /boot

/dev/sda3       5.0G  4.2G  545M  89% /PROD

Now the /PROD(/dev/sda3) is being utlized upto 89% and the users need more space in this partition.

Solution:

Step 1 : Shutdown Linux VM

Step 2 : Take a snapshot of Linux VM

Step 3 : Increase/Extend the required diskspace of linux VM thru Vmware vCenter Portal.

Step 4 : Unmount the /PROD(/dev/sda3) partition  

umount /dev/sda3

  

verify the Partition has been unmounted or not

df -h

Then run

fsck -n /dev/sda3

[root@localhost ~]# fsck -n /dev/sda3

fsck from util-linux-ng 2.17.2

e2fsck 1.41.12 (17-May-2010)

/dev/sda3: clean, 16/327680 files, 1105539/1310468 blocks

[root@localhost ~]#

Next we remove the journaling from /dev/sda3 so turning it into ext2.

[root@localhost ~]# tune2fs -O ^has_journal /dev/sda3

tune2fs 1.41.12 (17-May-2010)

[root@localhost ~]#

  

Now we use fdisk to delete our current /dev/sda3 partition and create a bigger one (don't be afraid, no data will be lost):

fdisk /dev/sda

(Yes, it's /dev/sda, not /dev/sda3.)

The number of cylinders for this disk is set to 1305.

There is nothing wrong with that, but this is larger than 1024,

and could in certain setups cause problems with:

1) software that runs at boot time (e.g., old versions of LILO)

2) booting and partitioning software from other OSs

  (e.g., DOS FDISK, OS/2 FDISK)

Type m to get a list of all commands:

Command (m for help): m

Command action

  a   toggle a bootable flag

  b   edit bsd disklabel

  c   toggle the dos compatibility flag

  d   delete a partition

  l   list known partition types

  m   print this menu

  n   add a new partition

  o   create a new empty DOS partition table

  p   print the partition table

  q   quit without saving changes

  s   create a new empty Sun disklabel

  t   change a partition's system id

  u   change display/entry units

  v   verify the partition table

  w   write table to disk and exit

  x   extra functionality (experts only)

Let's print out the partition table:

Command (m for help): p

Disk /dev/sda: 21.5 GB, 21474836480 bytes

255 heads, 63 sectors/track, 2610 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk identifier: 0x000273b1

  Device Boot      Start         End      Blocks   Id  System

/dev/sda1   *           1          64      512000   83  Linux

Partition 1 does not end on cylinder boundary.

/dev/sda2              64        1306     9972736   83  Linux

/dev/sda3            1306        1958     5241875   83  Linux

Now we delete partition no. 3 (/dev/sda3):

Command (m for help): d

Partition number (1-4): 3

Next we create a new /dev/sda3 partition. It was a primary partition before, so we choose p again, and again it is our partition no. 3:

Command (m for help): n

Command action

  l   logical (5 or over)

  p   primary partition (1-4)

p

Partition number (1-4): 3

Now we must specify the first and the last cylinder of our new /dev/sda3 partition. We know the first cylinder, can take it from the fdisk -l output before:

First cylinder (1-1305, default 1): 1

Now fdisk tells us the highest possible cylinder of our new partition (1247 in this example), so we simply enter this number:

Last cylinder or +size or +sizeM or +sizeK (1-1247, default 1247): 1247

Let's print out our new partition table:

Command (m for help): p

Disk /dev/sda: 10.7 GB, 10737418240 bytes

255 heads, 63 sectors/track, 1305 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

  Device Boot      Start         End      Blocks   Id  System

/dev/sda1               1        1247    10016496   83  Linux

/dev/sda2            1248        1305      465885    5  Extended

/dev/sda5            1248        1305      465853+  82  Linux swap / Solaris

Our original /dev/sda1 had the bootable flag (see the fdisk -l output from the beginning of this chapter), so we must add it to our new /dev/sda1 again:

Command (m for help): a

Partition number (1-5): 1

Now let's write our new partition table and exit fdisk:

Command (m for help): w

The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.

The kernel still uses the old table.

The new table will be used at the next reboot.

Syncing disks.

Now reread the partition table with partprob command

[root@localhost ~]# partprobe /dev/sda

Then run

e2fsck -f /dev/sda3

Now we must resize the file system in our /dev/sda3 partition. If we don't specify a size for the resize2fs command, it will assume the biggest possible size so we don't have to calculate. So we run

resize2fs /dev/sda3

The output looks like this:

resize2fs 1.38 (30-Jun-2005)

Resizing the filesystem on /dev/sda3 to 2504124 (4k) blocks.

The filesystem on /dev/sda3 is now 2504124 blocks long.

Next we run

fsck -n /dev/sda3

fsck 1.38 (30-Jun-2005)

e2fsck 1.38 (30-Jun-2005)

/dev/sda1: clean, 159036/1254176 files, 1062544/2504124 blocks

and create the journal on /dev/sda3, thus turning it into an ext3 partition again:

tune2fs -j /dev/sda3

tune2fs 1.38 (30-Jun-2005)

Creating journal inode: done

This filesystem will be automatically checked every 30 mounts or

0 days, whichever comes first. Use tune2fs -c or -i to override.

Now we are done.

Step 5. Verification

mount the partition and Verify the partition with below commands

mount /dev/sda3 /PROD or mount -a

[root@localhost ~]# df -h

Filesystem      Size  Used Avail Use% Mounted on

/dev/sda2       9.3G  616M  8.2G   7% /

tmpfs           931M     0  931M   0% /dev/shm

/dev/sda1       477M   25M  427M   6% /boot

/dev/sda3       9.9G  7.2G  2.2G  77% /PROD

Authenticate Linux Clients with Active Directory

Project Linux Access Thru AD Authentication
--------------------------------------------------------

AD OS                      : Windows 2008 R2
Linux CLIENT OS    : CentOS release 6.5
DOMAIN                 : autobots.com
AD HOSTNAME     : ad1.autobots.com
LBOX HOSTNAME: lbox1.autobots.com
--------------------------------------------------------

Step 1. Configure proper Networking so that you can reach you AD Server.

Step 2. Configure DNS on LBOX, so it can resolve AD server with domain name.
Make entries in /etc/resolve.conf
[root@lbox1 Desktop]# cat /etc/resolv.conf
# Generated by NetworkManager
search autobots.com
nameserver 10.0.0.10
nameserver 10.0.0.11

Also make entry of Linux Box in DNS Server forward as well as reverse

check with below commands
#dig ad1.autobots.com
#dig lbox1.autobots.com

Step 3. Configure NTP on LBOX, so its time matches with AD Server..
Note: Time Difference should not be more than 5 min

Step 4. Install and configure SAMBA and KERBEROS
#yum -y install samba samba-client samba-common samba-winbind \
samba-winbind-clients krb5* pam_krb5-2.3.11-9.el6.x86_64 oddjob-mkhomedir-0.30-5.el6.x86_64


...output abbreviated...
Installed:
samba.x86_64 0:3.5.10-114.el6_0.2
samba-client.x86_64 0:3.5.10-114.el6_0.2
samba-common.x86_64 0:3.5.10-114.el6_0.2
samba-winbind.x86_64 0:3.5.10-114.el6_0.2
samba-winbind-clients.x86_64 0:3.5.10-114.el6_0.2

...output abbreviated...

Step 5. Now, edit and add below lines to /etc/samba/smb.conf

[global]
workgroup = AUTOBOTS
password server = AD1.AUTOBOTS.COM
realm = AUTOBOTS.COM
security = ads
idmap uid = 10000-19999
idmap gid = 10000-19999
idmap config AUTOBOTS:backend = rid
idmap config AUTOBOTS:range = 10000000-19999999
winbind enum users = no
winbind enum groups = no
winbind separator = +
winbind use default domain = yes
template homedir = /home/%D/%U
template shell = /bin/bash

Restart the samba and winbind services

#/etc/init.d/smb restart
#/etc/init.d/winbind restart
#chkconfig on smb
#chkconfig on winbind

Step 6. Now configure KERBEROS Client..
Edit /etc/krb5.conf

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = AUTOBOTS.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true

[realms]
AUTOBOTS.COM = {
 kdc = ad1.autobots.com
 admin_server = ad1.autobots.com
}

[domain_realm]
.autobots.com = AUTOBOTS.COM
autobots.com = AUTOBOTS.COM

Step 7. Test the config KERBEROS Config...
#kinit user1@AUTOBOTS.COM
where user1 is AD user and AUTOBOTS.COM is the Default Realm value in krb5.conf. KRB is case sensitive..so be carefull..
enter the password of Ad user USer1.. if evrything is okay then you will get the prompt.

#klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: user1@AUTOBOTS.COM

Valid starting     Expires            Service principal
08/19/14 16:16:20  08/20/14 02:16:24  krbtgt/AUTOBOTS.COM@AUTOBOTS.COM
renew until 08/26/14 16:16:20

Step 8. now test winbind
# net join -­S ad1 -­U administrator
Enter Administrator's password:
Using short domain name ­­AUTOBOTS
Joined 'AUTOBOTS' to realm 'AUTOBOTS.COM'
# net ads testjoin
Join is OK
# net ads info

# wbinfo ­­domain­users
administrator
guest
krbtgt
ad­user11
ad­user12
ad­user21
ad­user22
ad­user31
ad­user32
ad­user41
ad­user42

# wbinfo ­­domain­groups
domain computers
domain controllers
schema admins
enterprise admins

Step 9. To Allow SSH and GUI login on lbox, configure PAM as follow
make sure you have a backup of /etc/pam.d directory:
root# cp -a /etc/pam.d /etc/pam.d.bak
These are the relevant lines for the various pam controlled methods: account, auth, password, and session.
Just place these lines into the pam.d file of any service for which you'd like to control authorization by ADS.
For SSH, /etc/pam.d/sshd
For GUI, /etc/pam.d/gdm

auth sufficient pam_winbind.so
account sufficient pam_winbind.so
password sufficient pam_winbind.so use_authtok

And this goes into /etc/pam.d/system-auth:

session required pam_mkhomedir.so skel=/etc/skel umask=0022

Now. All of that sets up your linux box to allow Active Directory Domain users to log in, with a bash shell, into a homedir in /home/DOMAIN/user. It will even create the home directories for any user that doesn't already have one, provided the session portion of the file contains the call to system-auth.
Now. let's say you want to be able to limit access to the server to only users from certain groups. well, it actually turned out to be kind of simple to do. As we know, all users and groups from active directory are mapped to unix uids and gids. Well, we can make that work for us.

by replacing the account entries in /etc/pam.d/sshd or gmd with:
account sufficient pam_succeed_if.so gid = 10003

Krb errors
http://research.imb.uq.edu.au/~l.rathbone/ldap/kerberos.shtml

PAM Entries
https://blogs.oracle.com/tkblog/entry/integrating_linux_with_active_directory

CIFS UNMOUNT - This utility only unmounts cifs filesystems

Today, I faced the issue while unmounting the windows share from linux box and,
I got below Errrooooorr...

This utility only unmounts cifs filesystems

Here is the list of steps that is followed....

1. Remove the entry from /etc/mtab file. (This file is referred by the df command.)
2. And correct the entry in /etc/fstab.
3. Then use
# mount –a
4. Verify the mount.
# mount
# df –h
# cat /proc/mounts <-- Verify that the old entry is not listed in this file.

Linux File system

What is a UNIX/Linux File system?
A UNIX file system is a collection of files and directories stored. Each file system is stored in a separate whole disk partition. The following are a few of the file system:

• / - Special file system that incorporates the files under several directories including /dev, /sbin, /tmp etc
• /usr - Stores application programs
• /var - Stores log files, mails and other data
• /tmp - Stores temporary files

Exploring Linux File System Hierarchy

A typical Linux system has the following directories:

• / : This is the root directory.
• /bin : This directory contains executable programs which are needed in single user mode and to bring the system up or repair it.
• /boot : Contains static files for the boot loader. This directory only holds the files which are needed during the boot process.
• /dev : Special or device files, which refer to physical devices such as hard disk, keyboard, monitor, mouse and modem etc
• /etc : Contains configuration files which are local to the machine. Some larger software packages, like Apache, can have their own subdirectories below /etc i.e. /etc/httpd. Some important subdirectories in /etc:
• /home : Your sweet home to store data and other files. However in large installation yhe structure of /home directory depends on local administration decisions.
• /lib : This directory should hold those shared libraries that are necessary to boot the system and to run the commands in the root filesystem.
• /lib64 : 64 bit shared libraries that are necessary to boot the system and to run the commands in the root filesystem.
• /mnt : This directory contains mount points for temporarily mounted filesystems
• /opt : This directory should contain add-on packages such as install download firefox or static files
• /proc : This is a mount point for the proc filesystem, which provides information about running processes and the kernel.
• /root : This directory is usually the home directory for the root user.
• /sbin : Like /bin, this directory holds commands needed to boot the system, but which are usually not executed by normal users, root/admin user specific commands goes here.
• /tmp : This directory contains temporary files which may be deleted with no notice, such as by a regular job or at system boot up.
• /usr : This directory is usually mounted from a separate partition. It should hold only sharable, read-only data, so that it can be mounted by various machines run ning Linux (useful for diskless client or multiuser Linux network such as university network). Programs, libraries, documentation etc. for all user-related programs.
• /var : This directory contains files which may change in size, such as spool and log files.
• /lost+found : Every partition has a lost+found in its upper directory. Files that were saved during failures are here, for e.g ext2/ext3 fsck recovery.
• /etc/skel : When a new user account is created, files from this directory are usually copied into the user’s home directory.
• /etc/X11 : Configuration files for the X11 window system.
• /etc/sysconfig : Important configuration file used by SysV script stored in /etc/init.d and /etc.rcX directories
• /etc/cron.* : cron daemon configuration files which is used to execute scheduled commands

Common Linux log files name and usage
* /var/log/message: General message and system related stuff
* /var/log/auth.log: Authenication logs
* /var/log/kern.log: Kernel logs
* /var/log/cron.log: Crond logs (cron job)
* /var/log/maillog: Mail server logs
* /var/log/qmail/ : Qmail log directory (more files inside this directory)
* /var/log/httpd/: Apache access and error logs directory
* /var/log/lighttpd: Lighttpd access and error logs directory
* /var/log/boot.log : System boot log
* /var/log/mysqld.log: MySQL database server log file
* /var/log/secure: Authentication log
* /var/log/utmp or /var/log/wtmp : Login records file
* /var/log/yum.log: Yum log files

Go to /var/logs directory:#
$cd /var/logsView common log file /var/log/messages using any one of the following command:
$ tail -f /var/log/messages
$ less /var/log/messages
$ more -f /var/log/messages
$ vi /var/log/messagesOutput:

File Type field: The first character in the ls -l command field indicates a file type of one of the following:
* d = directory.
* l = symbolic link.
* s = socket – sockets are special files offering a type of network interface.
* p = named pipe – handling other programme other than kernel driver.
* - = regular file.
* c= character (unbuffered) device file special.
* b=block (buffered) device file special.
* D=door A door is a special file for inter-process communication between a client and server.

Linux File Permissions

File permissions are assigned to:
1. the owner of a file
2. the members of the group the file is assigned to
3. all other users
4. Permissions under Linux are configured for each file and directory.

There are three levels of permissions:
1. The permissions that apply to the owner of the file. The owner of a file is by default the user that created the file1.
2. The permissions that apply to all members of the group that is
associated with the file.
3. The permissions that apply to all other users on the system.
4. Permissions can only be changed by the owner, and root of course.

For a file, these permissions mean the following:

• read allow the user to read the contents of the file, for instance with cat or less.
• write allow the user to modify the contents of the file,for instance with vi.
• execute allow the user to execute the file as a program, provided that the file is indeed an executable program (such as a shell script).

For a directory, these permissions have a slightly different meaning:

• read allow the user to view the contents of the directory, for instance with ls.
• write allow the user to modify the contents of the directory. In other words: allow the user to create and delete files, and to modify the names of the files. Note: Having write permissions on a directory thus allows you to delete files, even if you have no write permissions on that file!
• execute allow the user to use this directory as its current working directory. In other words: allow the user to cd into it.

r - read
w - write
x – execute
• u for the owner (user) of the file
• g for the group assigned to the file
• o for all other users
• a for all (owner+group+others)

<operator> can be:
• + to add permissions
• - to delete permissions
• = to clear all permissions and set to the permissions specified

Symbolic way
$ useradd sachin
$ passwd sachin
$ useradd dhoni
$ passwd dhoni
$ groupadd market;usermod –G market dhoni
$ useradd shewag
$ passwd shewag
$ groupadd market;usermod –G market shewag
$ mkdir /opt/perm/;touch /opt/perm/file{1..6}
$ mkdir /opt/perm/{data1,data2}
$ cd /opt/perm
$ ll –d data1
drwxr-xr-x 2 root root 4096 Jul 29 20:15 data1
$ chown sachin data1
$ ll –d data1
$ chgrp market data1
$ ll –d data1
$ chmod u-w data1
$ ll –d data1
$ chmod g+w data1
$ ll –d data1
$ chmod o+w,o-rx data1
$ ll –d data1
$ ll –d data2
drwxr-xr-x 2 root root 4096 Jul 29 20:15 data2
$ chown –Rv sachin.market data2
$ ll –d data2
$ chmod u-rwx data2
$ ll –d data2
$ chmod g+w,g-x data2
$ ll –d data2
$ chmod –Rv o+w,o-r data2
$ ll –d data2
Octal way
$ ll file1
-rw-r--r—- 1 root root 0 Jul 29 20:15 file1
$ chmod 777 file1
$ ll file1
$ chmod 666 file2
$ ll file1
$ chmod 467 file3
$ ll file1
$ chmod 541 file4
$ ll file1
$ chmod 724 file5
$ ll file1
$ chmod 000 file6
$ chmod 0 file6

This table shows what numeric values mean:
Octal
Digit Text Binary            Meaning
-----------------------------------------------------

  0   ---  000    All types of access are denied
  1   --x  001    Execute access is allowed only
  2   -w-  010    Write access is allowed only
  3   -wx  011    Write and execute access are allowed
  4   r--  100    Read access is allowed only
  5   r-x  101    Read and execute access are allowed
  6   rw-  110    Read and write access are allowed
  7   rwx  111    Everything is allowed 

-------------------------X0X--------------------------
Read more- UMASK