Anda di halaman 1dari 7

Check virtualization packages are already installed:

#rpm -qa | egrep 'virt|kvm'


libvirt-client-0.10.2-29.el6.x86_64
libvirt-python-0.10.2-29.el6.x86_64
python-virtinst-0.600.0-18.el6.noarch
virt-who-0.8-9.el6.noarch
virt-viewer-0.5.6-8.el6.x86_64
qemu-kvm-0.12.1.2-2.415.el6.x86_64
virt-what-1.11-1.2.el6.x86_64
virt-top-1.0.4-3.15.el6.x86_64
libvirt-0.10.2-29.el6.x86_64
virt-manager-0.9.0-19.el6.x86_64
If pkg not installed: Check if they are available
#yum grouplist | grep -i virtualization
nstallation required

System i

[root@butxapache ~]# yum grouplist | grep -i virtualization


This system is not registered to Red Hat Subscription Management. You ca
n use subscription-manager to register.
Error: No group data available for configured repositories
If pkg group available in yum repository install them:
# yum -y groupinstall virtualization "virtualization client" "virtualiza
tion platform" "virtualization tools"
=================Configuring Network Installation servers:
----Configuring an FTP installation server
Configure FTP installation server on physical server(butxapache)
Install necessary packages
copy file from DVD to /var/ftp/pub/rhel6.5
set proper SELinux context
enable port21 to allow the traffic to pass through
Start ftp services
open browser and test
===============================================

1.

Install the vsftpd software


# yum install vsftpd -y

regestration required

[root@butxapache /]# cd media


[root@butxapache media]# ls -l
total 8
dr-xr-xr-x. 12 root root 8192 Nov 11 2013 RHEL_6.5 x86_64 Disc 1
[root@butxapache media]#

2.

create directory /var/ftp/pub/rhel6.5


# mkdir -p /var/ftp/pub/rhel6.5

3.
Load the installation DVD, Automatically mounted on /media/"RHEL_6.5 x86
_64 Disc 1"
Unmount the dvd and re-mount it to /mnt
#umount /dev/cdrom
#mount /dev/cdrom /mnt
4.

cd to /mnt and cp entire directory structure to /var/ftp/pub/rhel6.5


# cd /mnt && find . | cpio -pmd /var/ftp/pub/rhel6.5

5.

unmount and eject the DVD


#umount /mnt
#eject

6.
l6.5

Copy the SELinux context set on the /var/ftp/pub to the /var/ftp/pub/rhe


#chcon -Rv --reference=/var/ftp/pub /var/ftp/pub/rhel6.5

7.
Issue the semanage command and modify the contexts on the directory to e
nsure that the new context survive a SELinux relabeling:
#semanage fcontext -a -s system_u -t public_content_t /var/ftp/pub/rhel6
.5
[root@butxapache /]# semanage fcontext -a -s system_u -t public_content_
t /var/ftp/pub/rhel6.5
-bash: semanage: command not found
[root@butxapache /]# which semanage
/usr/bin/which: no semanage in (/usr/lib64/qt-3.3/bin:/usr/local/sbin:/u
sr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)

You need to use the yum command to find out which package provides file
called /usr/sbin/semanage. Type the following command:
# yum provides /usr/sbin/semanage
OR
# yum whatprovides /usr/sbin/semanage
[root@butxapache /]# yum provides /usr/sbin/semanage
Type the following command to install the same, enter:
# yum -y install policycoreutils-python

8.
Configure host-based access by allowing vsFTP traffic on port 21 to pass
through the firewall:
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 21 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACC
EPT
9.
Save the rule in the /etc/sysconfig/iptables file and restart the firewa
ll to activate the new rule:
# service iptables save; service iptables restart
10.

Restart vsFTP service and check the running status


#service vsftpd start
#service vsftpd status

11.

Set the vsFTP service to autostart at each system reboot and validate
#chkconfig vsftpd on
#chkconfig --list vsftpd

12.

Open up a browser window and type the following command to test access:
# ftp://192.168.1.20/pub/rhel6.5

----------------------------------troubleshooting
delete other iptable entry if there is one for port 21
cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bk
vi /etc/sysconfig/iptables
Now edit the /etc/vsftpd/vsftpd.conf file. Uncomment and edit the lines in the v
sftpd.conf file which are shown in bold.
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# ASCII mangling is a horrible feature of the protocol.
ascii_upload_enable=YES
ascii_download_enable=YES
#
# You may fully customise the login banner string:
ftpd_banner=Welcome to OSTECHNIX FTP service.
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES

tcp_wrappers=YES
use_localtime=YES

Now let us restart the vsftpd service and try to connect to ftp server.
[root@mainserver ~]# service vsftpd restart
Shutting down vsftpd:
Starting vsftpd for vsftpd:

[ OK ]
[ OK ]

----------------------Error 500 Oops Cannot Change Directory /home/ftpuser in vsftpd


sestatus
chcon -t public_content_rw_t /home/nukhan
/etc/vsftpd/user_list
So as I have understood, you want to login to the ftp server using khem id and w
ant to get into the home directory of that user.
Right?
1. Is SELinux set to enforcing mode? to check this try the below command:
Code:
getenforce
If it's in enforcing mode, you need to check if ftp_home_dir boolean is set to o
n:
Code:
getsebool -a | grep ftp_home_dir
If that's off, turn it on to allow ftp user's to get into their home directory:
Code:
setsebool -P ftp_home_dir=1
2. By default, whatever user names you put in /etc/vsftpd/user_list file, it get
s denied from logging into the ftp server.
So either you remove the user khem from that file or you add "userlist_deny=NO"
line at the end of /etc/vsftpd/vsftpd.conf file.
Then, restart the vsftpd server.

-------530 Permission denied.

vi /etc/vsftpd/vsftpd.conf

===============================================Cofiguring an HTTP installation s


erver
Task
Install necessary packages associated with apache
copy file freom DVD to /var/www/html/rhel6.5
set proper SELinux context
enable port 80
start HTTP service
open browser and test
Steps.
1.

install the http software


# yum install httpd -y

2.

create directory /var/www/html/rhel6.5


mkdir -p /var/www/html/rhel6.5

3.
Load the installation DVD, Automatically mounted on /media/"RHEL_6.5 x86
_64 Disc 1"
Unmount the dvd and re-mount it to /mnt
# umount /dev/cdrom
# mount /dev/cdrom /mnt
4.

cd to /mnt and cp entire directory structure to /var/ftp/pub/rhel6.5


# cd /mnt && find . | cpio -pmd /var/www/html/rhel6.5

5.

unmount and eject the DVD


#umount /mnt
#eject

6.
Copy the SELinux context on the /var/www/html to the /var/www/html/rhel6
.5 directory
#chcon -Rv --reference=/var/www/html /var/www/html/rhel6.5
7.
Issue the semanage command and modify the contexts on the directory to e
nsure that the new context survive a SELinux relabeling:
#semanage fcontext -a -s system_u -t httpd_sys_content_t /var/www/html/r
hel6.5
8.
Configure host-based access by allowing http traffic on port 80 to pass
through the firewall:
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 80 -j ACCEPT

# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACC


EPT
9.
Save the rule in the /etc/sysconfig/iptables file and restart the firewa
ll to activate the new rule:
# service iptables save; service iptables restart
10.

Restart vsFTP service and check the running status


#service httpd start
#service httpd status

11.

Set the vsFTP service to autostart at each system reboot and validate
#chkconfig httpd on
#chkconfig --list httpd

12.

Open up a browser window and type the following command to test access:
# http://192.168.1.20/rhel6.5

-----------------troubleshooting

The virtual machine manager


Interacting with virtual manager
Start the VM bysing virt-manager
Steps
1.
start xwindows like mobaxterm
if you do not have download and
install
2.
collect your descktop/laptop ipaddress
Your DISPLAY is set to 192.168.1.53:0.0
3.

Follow the following steps


# DISPLAY=192.168.1.53:0.0
You have new mail in /var/spool/mail/root
# export DISPLAY
# virt-manager

4.

vm WILL START

OR FROM CDE Application->Stsrem Tools->Virtual Machine Manager


The frost time VMM need to connet to KVM's QEMU(Quick emulator) hypervisor "loca
lhost(QEMU)-not connected
right click and select Connect to connect to the hypervisor.

If still unable restart daemon:


Restart libvirtd daemon
# service libvirtd restart
Ensure the KVM module is loaded in the memory
# lsmod | grep kvm
If the module still not loaded in the memory, issue the modprobe to load it
# modprobe kvm

Create VM
http://192.168.1.20/rhel6.5/images/install.img