Book Image

Troubleshooting CentOS

By : Jonathan Hobson
Book Image

Troubleshooting CentOS

By: Jonathan Hobson

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Troubleshooting CentOS
Jonathan Hobson
Jun, 2015 | 190 pages
No titles found
Table of Contents (17 chapters)
Troubleshooting CentOS
Troubleshooting CentOS
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Basics of Troubleshooting CentOS
Basics of Troubleshooting CentOS
Installing some basic tools
Gathering hardware information
Understanding dmesg
Understanding log files
Reading log files and affecting the output
Using tail to monitor log files
Using cat, less, and more
Using grep
Using diff
Using truncation
Summary
References
2
Troubleshooting Active Processes
Troubleshooting Active Processes
Tuning server performance with memory management and swap
Managing memory with vmstat
Checking the system load with the top command
Monitoring disk I/O with iotop
Checking processes with the ps command
Checking performance with iostat and lsof
Calculating the system load
Discovering process IDs with pgrep and systemctl
More about systemd
Issuing the kill signal
Dealing with an orphaned process
Summary
References
3
Troubleshooting the Network Environment
Troubleshooting the Network Environment
Using ping, dig, host, traceroute, and mtr
Monitoring network connections with the ss command
Packet analysis with tcpdump
Summary
References
4
Troubleshooting Package Management and System Upgrades
Troubleshooting Package Management and System Upgrades
Gathering software information
Using Yum plugins
Fixing Yum operations
Installing additional Yum repositories
Downloading an RPM package with Yum
Diagnosing a corrupt RPM database
Minor release upgrades
Summary
References
5
Troubleshooting Users, Directories, and Files
Troubleshooting Users, Directories, and Files
Users
Monitoring user activity with utmpdump
Resetting the root password and enhancing logging
Recovering lost or deleted files with Scalpel
Restoring file and directory permissions
Working with and extending the XFS filesystem
Running repairs on XFS
Investigating fragmentation on XFS
Auditing directories and files
Visualizing directories and files
Summary
References
6
Troubleshooting Shared Resources
Troubleshooting Shared Resources
Providing NFS shares on a CentOS 7 server
About NFS exports
Mounting NFS shares on a CentOS client
Mounting an external drive with CIFS
Using autofs to mount an external drive
Summary
References
7
Troubleshooting Security Issues
Troubleshooting Security Issues
Auditing SELinux with aureport and setroubleshoot
SSH banners
Tuning SSH
Intrusion detection with Tripwire
Firewalld – zone, service, and port management
Removing Firewalld and returning to iptables
Summary
References
8
Troubleshooting Database Services
Troubleshooting Database Services
Getting up-and-running with MariaDB
Resetting and recovering a root password with MariaDB
Tuning MariaDB and MySQL
Obtaining metrics from MariaDB and MySQL
Returning to MySQL
Installing and configuring PostgreSQL 9
Summary
References
9
Troubleshooting Web Services
Troubleshooting Web Services
Auditing the server with cURL
Debugging Akamai headers with cURL
Adding Varnish to Apache
Testing Varnish with cURL
Using cURL to access an FTP directory
Enabling mod_status in Apache
Summary
References
10
Troubleshooting DNS Services
Troubleshooting DNS Services
Changing the hostname and managing the FQDN
Performing system sanity checks with BIND
Monitoring bandwidth with iftop
Flushing the cache
Summary
References
Index
Index

Firewalld – zone, service, and port management

The purpose of Firewalld is to replace the need for iptables and improve the management of security by enabling configuration changes without stopping the current connections. Firewalld runs as a daemon that allows for rules to be added and changed instantly and it uses network zones to define a level of trust for any and all associated network connections. For the troubleshooter, this does provide a range of flexible options but, more importantly, it is necessary to understand that, while a connection can only be a part of a single zone, a zone can be used across many network connections.

To know whether Firewalld is currently running, you can type:

# firewall-cmd --state

To list the predefined zones, you can use:

# firewall-cmd --get-zones

Note

These zones can be defined as:

  • drop: In this zone, incoming network packets are dropped (with no reply), and only outgoing network connections are possible

  • block: In this zone, only network connections...

Previous Section
End of Section 6
Next Section