feedburner
Enter your email address:

Delivered by FeedBurner

feedburner count

How To Setup FTP server on centos 7 ( VSFTP )

From : http://www.krizna.com/centos/setup-ftp-server-centos-7-vsftp/
FTP server is used to exchange files between computers over network . This guide helps you to setup ftp server on centos 7 . This guide contains configuration steps for both FTP and SFTP as well as user creation . Here i've used VSFTP package which is secure and less vulnerable .
1. FTP Server
2. SFTP Server
3. User creation

Setup FTP server on centos 7

Step 1 » Update your repository and install VSFTPD package .
[root@krizna ~]# yum check-update
[root@krizna ~]# yum -y install vsftpd

Step 2 » After installation you can find /etc/vsftpd/vsftpd.conf file which is the main configuration file for VSFTP.
Take a backup copy before making changes .
[root@krizna ~]# mv /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.orgNow open the file and make changes as below
[root@krizna ~]# nano /etc/vsftpd/vsftpd.confFind this line anonymous_enable=YES ( Line no : 12 ) and change value to NO to disable anonymous FTP access.
anonymous_enable=NOUncomment the below line ( Line no : 100 ) to restrict users to their home directory.
chroot_local_user=YESand add the below lines at the end of the file to enable passive mode and allow chroot writable.
allow_writeable_chroot=YES
pasv_enable=Yes
pasv_min_port=40000
pasv_max_port=40100

Step 3 » Now restart vsftpd service and make it start automatically after reboot.
[root@krizna ~]# systemctl restart vsftpd.service
[root@krizna ~]# systemctl enable vsftpd.service

Step 4 » Add FTP service in firewall to allow ftp ports .
[root@krizna ~]# firewall-cmd --permanent --add-service=ftp
[root@krizna ~]# firewall-cmd --reload

Step 5 » Setup SEinux to allow ftp access to the users home directories .
[root@krizna ~]# setsebool -P ftp_home_dir on
Step 6 » Now create an User for ftp access. Here /sbin/nologin shell is used to prevent shell access to the server .
[root@krizna ~]# useradd -m dave -s /sbin/nologin
[root@krizna ~]# passwd dave
Now user dave can able to login ftp on port 21 .
You can filezilla or winscp client for accessing files.
Setup ftp server centos 7

SFTP server

SFTP ( Secure File Transfer Protocol ) is used to encrypt connections between clients and the FTP server. It is highly recommended to use SFTP because data is transferred over encrypted connection using SSH-tunnel on port 22 .
Basically we need openssh-server package to enable SFTP .
Install openssh-server package, if its not already installed.
[root@krizna ~]# yum -y install openssh-server
Step 7 » Create a separate group for FTP access.
[root@krizna ~]# groupadd ftpaccess
Step 8 » Now open /etc/ssh/sshd_config file and make changes as below.
Find and comment the below line ( Line no : 147 ).
#Subsystem sftp /usr/libexec/openssh/sftp-serverand add these lines below.
Subsystem sftp internal-sftp
Match group ftpaccess
ChrootDirectory %h
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Step 9 » Now restart sshd service.
[root@krizna ~]# systemctl restart sshdNow your SFTP server is configured and ready .

User creation

Step 10 » Create user jack with /sbin/nologin shell and ftpaccess group
[root@krizna ~]# useradd -m jack -s /sbin/nologin -g ftpaccess
[root@krizna ~]# passwd jack
Now assign root ownership for the home directory for chroot access and modify permission.
[root@krizna ~]# chown root /home/jack
[root@krizna ~]# chmod 750 /home/jack
Create a directory www inside home directory for writing and modify ownership .
[root@krizna ~]# mkdir /home/jack/www
[root@krizna ~]# chown jack:ftpaccess /home/jack/www

Now jack can use both ftp and sftp services . He can upload files in www directory .
Setup ftp server centos 7
If you are going to use FTP and SFTP together in the same server, you should follow above steps while creating users . For existing users add them to ftpaccess and make below changes.
[root@krizna ~]# usermod dave -g ftpaccess
[root@krizna ~]# chown root /home/dave
[root@krizna ~]# chmod 750 /home/dave
[root@krizna ~]# mkdir /home/dave/www
[root@krizna ~]# chown dave:ftpaccess /home/dave/www

Read More.. Digg ThisAdd To Del.icio.us Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This



How to secure /tmp and /var/tmp

Secure /tmp

  1. Edit /etc/fstab by typing the command nano -w /etc/fstab
  2. Paste the following at the bottom of /etc/stab that you just opened: none /tmp tmpfs nodev,nosuid,noexec 0 0
  3. Press ctrl + x to close the file, press y to save it.
  4. Remount /tmp by typing the following then press enter: mount -o remount /tmp
  5. You can verify that /tmp is correctly mounted by typing df -h and you should see something similar to the following: none 3.9G   0  3.9MG   0% /tmp.


Secure /var/tmp

  1. Backup /var/tmp by typing the following: mv /var/tmp /var/tmpbackup
  2. Make a symbolic link that makes /var/tmp point to /tmp by typing the following: ln -s /tmp /var/tmp
  3. Copy back the old data using the command: cp /var/tmpbackup/* /tmp/
  4. Remove the un-needed backup you created: rm -rf /var/tmpbackup

You should now reboot your VPS. This means /tmp and /var/tmp are now secured.

Read More.. Digg ThisAdd To Del.icio.us Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This



25 Most Frequently Used Linux IPTables Rules Examples


 

In the below examples we are using ETH0 as network interface, however your interface name might also be called VENET0:0

Please run:

ifconfig

to determine the correct name.

 1. Delete Existing Rules

Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this.

iptables -F  (or)  iptables --flush

2. Set Default Chain Policies

The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below.

iptables -P INPUT DROP  iptables -P FORWARD DROP  iptables -P OUTPUT DROP

When you make both INPUT, and OUTPUT chain's default policy as DROP, for every firewall rule requirement you have, you should define two rules. i.e one for incoming and one for outgoing.

In all our examples below, we have two rules for each scenario, as we've set DROP as default policy for both INPUT and OUTPUT chain.

If you trust your internal users, you can omit the last line above. i.e Do not DROP all outgoing packets by default. In that case, for every firewall rule requirement you have, you just have to define only one rule. i.e define rule only for incoming, as the outgoing is ACCEPT for all packets.

3. Block a Specific ip-address

Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the "x.x.x.x" in the following example to the specific ip-address that you like to block.

BLOCK_THIS_IP="x.x.x.x"  iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP

This is helpful when you find some strange activities from a specific ip-address in your log files, and you want to temporarily block that ip-address while you do further research.

You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address.

iptables -A INPUT -i eth0 -s "$BLOCK_THIS_IP" -j DROP  iptables -A INPUT -i eth0 -p tcp -s "$BLOCK_THIS_IP" -j DROP

4. Allow ALL Incoming SSH

The following rules allow ALL incoming ssh connections on eth0 interface.

iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

5. Allow Incoming SSH only from a Sepcific Network

The following rules allow incoming ssh connections only from 192.168.100.X network.

iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

In the above example, instead of /24, you can also use the full subnet mask. i.e "192.168.100.0/255.255.255.0″.

6. Allow Incoming HTTP and HTTPS

The following rules allow all incoming web traffic. i.e HTTP traffic to port 80.

iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.

iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT

7. Combine Multiple Rules Together using MultiPorts

When you are allowing incoming connections from outside world to multiple ports, instead of writing individual rules for each and every port, you can combine them together using the multiport extension as shown below.

The following example allows all incoming SSH, HTTP and HTTPS traffic.

iptables -A INPUT -i eth0 -p tcp -m multiport --dports 22,80,443 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 22,80,443 -m state --state ESTABLISHED -j ACCEPT

8. Allow Outgoing SSH

The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server.

iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

Please note that this is slightly different than the incoming rule. i.e We allow both the NEW and ESTABLISHED state on the OUTPUT chain, and only ESTABLISHED state on the INPUT chain. For the incoming rule, it is vice versa.

9. Allow Outgoing SSH only to a Specific Network

The following rules allow outgoing ssh connection only to a specific network. i.e You an ssh only to 192.168.100.0/24 network from the inside.

iptables -A OUTPUT -o eth0 -p tcp -d 192.168.100.0/24 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

10. Allow Outgoing HTTPS

The following rules allow outgoing secure web traffic. This is helpful when you want to allow internet traffic for your users. On servers, these rules are also helpful when you want to use wget to download some files from outside.

iptables -A OUTPUT -o eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A INPUT -i eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT

Note: For outgoing HTTP web traffic, add two additional rules like the above, and change 443 to 80.

11. Load Balance Incoming Web Traffic

You can also load balance your incoming web traffic using iptables firewall rules.

This uses the iptables nth extension. The following example load balances the HTTPS traffic to three different ip-address. For every 3th packet, it is load balanced to the appropriate server (using the counter 0).

iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 0 -j DNAT --to-destination 192.168.1.101:443  iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 1 -j DNAT --to-destination 192.168.1.102:443  iptables -A PREROUTING -i eth0 -p tcp --dport 443 -m state --state NEW -m nth --counter 0 --every 3 --packet 2 -j DNAT --to-destination 192.168.1.103:443

12. Allow Ping from Outside to Inside

The following rules allow outside users to be able to ping your servers.

iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT  iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

13. Allow Ping from Inside to Outside

The following rules allow you to ping from inside to any of the outside servers.

iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT  iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT

14. Allow Loopback Access

You should allow full loopback access on your servers. i.e access using 127.0.0.1

iptables -A INPUT -i lo -j ACCEPT  iptables -A OUTPUT -o lo -j ACCEPT

15. Allow Internal Network to External network.

On the firewall server where one ethernet card is connected to the external, and another ethernet card connected to the internal servers, use the following rules to allow internal network talk to external network.

In this example, eth1 is connected to external network (internet), and eth0 is connected to internal network (For example: 192.168.1.x).

iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT

16. Allow outbound DNS

The following rules allow outgoing DNS connections.

iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT  iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT

17. Allow NIS Connections

If you are running NIS to manage your user accounts, you should allow the NIS connections. Even when the SSH connection is allowed, if you don't allow the NIS related ypbind connections, users will not be able to login.

The NIS ports are dynamic. i.e When the ypbind starts it allocates the ports.

First do a rpcinfo -p as shown below and get the port numbers. In this example, it was using port 853 and 850.

rpcinfo -p | grep ypbind

Now allow incoming connection to the port 111, and the ports that were used by ypbind.

iptables -A INPUT -p tcp --dport 111 -j ACCEPT  iptables -A INPUT -p udp --dport 111 -j ACCEPT  iptables -A INPUT -p tcp --dport 853 -j ACCEPT  iptables -A INPUT -p udp --dport 853 -j ACCEPT  iptables -A INPUT -p tcp --dport 850 -j ACCEPT  iptables -A INPUT -p udp --dport 850 -j ACCEPT

The above will not work when you restart the ypbind, as it will have different port numbers that time.

There are two solutions to this: 1) Use static ip-address for your NIS, or 2) Use some clever shell scripting techniques to automatically grab the dynamic port number from the "rpcinfo -p" command output, and use those in the above iptables rules.

18. Allow Rsync From a Specific Network

The following rules allows rsync only from a specific network.

iptables -A INPUT -i eth0 -p tcp -s 192.168.101.0/24 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 873 -m state --state ESTABLISHED -j ACCEPT

19. Allow MySQL connection only from a specific network

If you are running MySQL, typically you don't want to allow direct connection from outside. In most cases, you might have web server running on the same server where the MySQL database runs.

However DBA and developers might need to login directly to the MySQL from their laptop and desktop using MySQL client. In those case, you might want to allow your internal network to talk to the MySQL directly as shown below.

iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT

20. Allow Sendmail or Postfix Traffic

The following rules allow mail traffic. It may be sendmail or postfix.

iptables -A INPUT -i eth0 -p tcp --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT

21. Allow IMAP and IMAPS

The following rules allow IMAP/IMAP2 traffic.

iptables -A INPUT -i eth0 -p tcp --dport 143 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 143 -m state --state ESTABLISHED -j ACCEPT

The following rules allow IMAPS traffic.

iptables -A INPUT -i eth0 -p tcp --dport 993 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 993 -m state --state ESTABLISHED -j ACCEPT

22. Allow POP3 and POP3S

The following rules allow POP3 access.

iptables -A INPUT -i eth0 -p tcp --dport 110 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 110 -m state --state ESTABLISHED -j ACCEPT

The following rules allow POP3S access.

iptables -A INPUT -i eth0 -p tcp --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 995 -m state --state ESTABLISHED -j ACCEPT

23. Prevent DoS Attack

The following iptables rule will help you prevent the Denial of Service (DoS) attack on your webserver.

iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT

In the above example:

  • -m limit: This uses the limit iptables extension
  • –limit 25/minute: This limits only maximum of 25 connection per minute. Change this value based on your specific requirement
  • –limit-burst 100: This value indicates that the limit/minute will be enforced only after the total number of connection have reached the limit-burst level.

24. Port Forwarding

The following example routes all traffic that comes to the port 442 to 22. This means that the incoming ssh connection can come from both port 22 and 422.

iptables -t nat -A PREROUTING -p tcp -d 192.168.102.37 --dport 422 -j DNAT --to 192.168.102.37:22

If you do the above, you also need to explicitly allow incoming connection on the port 422.

iptables -A INPUT -i eth0 -p tcp --dport 422 -m state --state NEW,ESTABLISHED -j ACCEPT  iptables -A OUTPUT -o eth0 -p tcp --sport 422 -m state --state ESTABLISHED -j ACCEPT

25. Log Dropped Packets

You might also want to log all the dropped packets. These rules should be at the bottom.

First, create a new chain called LOGGING.

iptables -N LOGGING

Next, make sure all the remaining incoming connections jump to the LOGGING chain as shown below.

iptables -A INPUT -j LOGGING

Next, log these packets by specifying a custom "log-prefix".

iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7

Finally, drop these packets.

iptables -A LOGGING -j DROP
Read More.. Digg ThisAdd To Del.icio.us Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This



How To Setting up Apache Virtual Hosts in Ubuntu 14.04

Setting up Apache Virtual Hosts in Ubuntu 14.04 is a little complicated. First, you have to make directory for you web. 

mkdir /home/UserA/htdocs

sudo chown -R UserA:UserA /home/UserA/htdocs

sudo chmod -R 755 /home/UserA/htdocs

Next we'll create a test page for our virtual host.

echo 'Test Site' > /home/UserA/htdocs/index.html

Now we are going to start with a sane configuration for our new virtual host.

cd /etc/apache2/sites-available

sudo cp 000-default.conf 001-UserA.conf

We need to edit our base configuration for our purposes.

sudo nano 001-UserA.conf

In the file that opens change the ServerAdmin to your own email address DocumentRoot to our document root and add ServerName and set that to the name of the website

ServerAdmin admin@UserA.com

DocumentRoot /home/UserA/htdocs

ServerName UserA

We also want to set the different log files for our hosts so change the ErrorLog and CustomLog to read something like this:

ErrorLog ${APACHE_LOG_DIR}/UserA.error.log
CustomLog ${APACHE_LOG_DIR}/UserA.access.log combined

Lastly we want give Apache permission to access our folder. If you forget to add these lines you will receive a 403 Forbidden error when you try to access your website. Add these lines right after the log configurations:

<Directory /home/UserA/htdocs
Require all granted
</Directory>

Save and exit the file (Ctrl+X). Now in enable the virtual host

sudo a2ensite 001-UserA.conf

Check if there are any errors in the newly added configuration files

apachectl configtest

If you see a Syntax OK message then we have configured Apache correctly and are ready to reload the configuration

sudo service apache2 reload

Optionally you may want to edit your /etc/hosts file and add the new hostname there

sudo nano /etc/hosts

Add the following lines at the bottom of the file

127.0.0.1 UserA.com

 Now open your a browser and visit your virtual host site .


Read More.. Digg ThisAdd To Del.icio.us Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This

How To Adding Additional Disk Drives to CentOS 5/6

Labels:

Adding a new drive to CentOS or RedHat systems.

Making use of a second drive for extra space? Here's a quick run-down:

1) Make sure you know which disk is being formatted. First, second, and third drives will be /dev/sda, /dev/sdb, and /dev/sdc respectively. Check this with fdisk -l

[03:50:04] [root@virt ~]# fdisk -l    Disk /dev/sda: 34.3 GB, 34359738368 bytes  255 heads, 63 sectors/track, 4177 cylinders  Units = cylinders of 16065 * 512 = 8225280 bytes       Device Boot      Start         End      Blocks   Id  System  /dev/sda1   *           1          13      104391   83  Linux  /dev/sda2              14        4177    33447330   8e  Linux LVM    Disk /dev/sdb: 8589 MB, 8589934592 bytes  255 heads, 63 sectors/track, 1044 cylinders  Units = cylinders of 16065 * 512 = 8225280 bytes    Disk /dev/sdb doesn't contain a valid partition table

2) You can see that /dev/sdb (our second hard drive) does not have any partitions. We will need to create a partition(s) on the drive and then make a file system on it, then mount it. Let's write partitions to the drive using fdisk /dev/sdb:

[03:53:01] [root@virt ~]# fdisk /dev/sdb  Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel  Building a new DOS disklabel. Changes will remain in memory only,  until you decide to write them. After that, of course, the previous  content won't be recoverable.    Command (m for help): m  Command action     a   toggle a bootable flag     b   edit bsd disklabel     c   toggle the dos compatibility flag     d   delete a partition     l   list known partition types     m   print this menu     n   add a new partition     o   create a new empty DOS partition table     p   print the partition table     q   quit without saving changes     s   create a new empty Sun disklabel     t   change a partition's system id     u   change display/entry units     v   verify the partition table     w   write table to disk and exit     x   extra functionality (experts only)    Command (m for help):

3) As you can see from the help menu (by using the command "m") we want to add a new partition. Using the defaults will use the entire disk. After it's created, you will want to use the command "w" to "write table to disk and exit".

Command (m for help): n  Command action     e   extended     p   primary partition (1-4)  p  Partition number (1-4): 1  First cylinder (1-1044, default 1): 1  Last cylinder or +size or +sizeM or +sizeK (1-1044, default 1044):   Using default value 1044    Command (m for help): w  The partition table has been altered!    Calling ioctl() to re-read partition table.  Syncing disks.  [03:54:58] [root@virt ~]# 

4) Now you will notice that the output of fdisk -l /dev/sdb shows a partition as /dev/sdb1:

[03:57:08] [root@virt ~]# fdisk -l /dev/sdb    Disk /dev/sdb: 8589 MB, 8589934592 bytes  255 heads, 63 sectors/track, 1044 cylinders  Units = cylinders of 16065 * 512 = 8225280 bytes       Device Boot      Start         End      Blocks   Id  System  /dev/sdb1               1        1044     8385898+  83  Linux

5) Now we need to create a file system on it. I've always used ext3 for general use/purposes. You'll want to use the commandmkfs -t ext3 /dev/sdb1 as shown here:

[03:58:38] [root@virt ~]# mkfs -t ext3 /dev/sdb1  mke2fs 1.39 (29-May-2006)  Filesystem label=  OS type: Linux  Block size=4096 (log=2)  Fragment size=4096 (log=2)  1048576 inodes, 2096474 blocks  104823 blocks (5.00%) reserved for the super user  First data block=0  Maximum filesystem blocks=2147483648  64 block groups  32768 blocks per group, 32768 fragments per group  16384 inodes per group  Superblock backups stored on blocks:   	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632    Writing inode tables: done                              Creating journal (32768 blocks): done  Writing superblocks and filesystem accounting information: done    This filesystem will be automatically checked every 38 mounts or  180 days, whichever comes first.  Use tune2fs -c or -i to override.

6) Great, now we have a single partitioned secondary drive using ext3 file system. Now you want to create a directory to mount it in; lets just use "/drive2". You'll need to use the command mount -t [filesystem] [source] [mount directory] to mount it.

[03:59:50] [root@virt ~]# mount -t ext3 /dev/sdb1 /drive2/

7) Now you'll notice, via df, that the drive is mounted:

[03:59:57] [root@virt ~]# df -h  Filesystem            Size  Used Avail Use% Mounted on  /dev/mapper/VolGroup00-LogVol00                         28G  1.4G   25G   6% /  /dev/sda1              99M   19M   76M  20% /boot  tmpfs                1014M     0 1014M   0% /dev/shm  /dev/sdb1             7.9G  147M  7.4G   2% /drive2  

8) Last step - you want to make sure the drive automatically mounts itself when the server boots/reboots. You'll need to add the following line to your /etc/fstab file:

/dev/sdb1  /drive2  ext3  defaults 0 0

That's all

source : http://dbiers.me/

Read More.. Digg ThisAdd To Del.icio.us Add To Reddit Fav This With Technorati Add To Yahoo MyWeb Add To Newsvine Add To Google Bookmarks Add To Bloglines Add To Ask Add To Windows Live Add To Slashdot Stumble This