RHEL6 – Managing Swap Space

54af9-6a00e551c39e1c8834017ee46a8c54970d-piSwap space on a Linux box is an area on disk that is used to hold inactive memory pages. This occurs when the system needs more memory then is currently available, so it swaps these inactive memory pages to disk.

To create additional swap space on the fly you are either going to need a spare disk or free partition on a disk that you can use.

First, using fdisk,  you will need to make sure that the partition type for the disk (or partition) is set to 82.

Then setup the swap area using mkswap. In this example I am using /dev/sdb2, but your setup is bound to be different.

>mkswap /dev/sdb2

Then determine the UUID of the new swap space.

>blkid /dev/sdb2

Then add an entry to the /etc/fstab, so that the swap space is mounted at boottime. The show in the example below is the output of the blkid command above.

>UUID=7b05f0a9-18d5-42e5-b259-78ba3a8cc1b7 swap                    swap    defaults        0 0

Then activate your new swap space

>swapon -a

Then check to make sure everything worked by checkign for your new swap partition in the output of the command below.

>swapon -s

/dev/sdb2                             partition       4193276 7480    0

RHEL6 – Network Mounting User Home Directories

Cartoon-house-008Seriously, who does not hate users and their home directories? However if it wasn’t for them, then nothing would ever break and the life of a sysadmin would be a very boring one. Anyway back to the subject at hand.

First off, in order to mount a users home directory automatically upon login you need to make sure that you have autofs installed and configured to start at boot.

Note that for this example lets assume that our home directories are shared via nfs on the server, nfsserver.example.com, on the exported volume /nfs/home/

So first, on your local system, install autofs via yum if its not already installed.

$ sudo yum install autofs

Then extend the configurations of your automounter to mount the /nfs/home directory by adding the following line to the bottom of /etc/auto.master. The auto.master is a master map for the automounter, and it is referenced each time autofs is involked.

/nfs/home   /etc/auto.guests

In the example above, all accesses to /nfs/home will be directed to the map in /etc/auto.guests

Now obviously we are going to need to  create a file called /etc/auto.guests.  Here you will add the line below.

*    nfsserver.example.com:/nfs/home/&

Here we are using the metacharacter “&” to elimiate the need to list out each and every username. By doing so each users home directory is mapped by default.

Then start the automounter

#service autofs start

RHEL 6 – New Network Bonding Configuration

RhelDue to the fact that /etc/modprobe.conf has been deprecated in RHEL 6, the process of bonding network interfaces has changed a bit.

Now instead of defining your bond in your /etc/modprobe.conf, you define it in /etc/modprobe.d/bonding.conf. No changes in syntax.

alias bond0 bonding

Then in your ifconfig-bond0 file, you define your bonding mode. Note the quotes, and the fact that I explicitly typed out the bonding mode.

BONDING_OPTS=”miimon=100 mode=active-backup”

RHEL – How to Encrypt a Partition using Cryptsetup and LUKS

EUTScglkIUlpZsV Cryptsetup uses dm-crypt to encrypt a disk at the partition level.  In RHEL, cryptsetup is used with Linux Unified Key Setup (LUKS), a disk encryption specification. Mounting a LUKS encrypted partiton requires a passphrase, which can either be passed in a file or via the command line. Read more about dm-crypt here.

Anyway to use crypsetup, you first must have a free partiton on a disk. In this instance I am using /dev/sdc1, which is a freeagent external usb drive.

First initialize the LUKS partition. My target is /dev/sdc1

#cryptsetup luksFormat /dev/sdc1

Then open the LUKS partition setup the dev mapper device. The command below creates /dev/mapper/freeagent

#cryptsetup luksOpen /dev/sdc1 freeagent

Create a passkey file if you want the device to be able to automount at boot. 

#touch /root/freeagent_passkey && chmod 600 /root/freeagent_passkey

Make cryptsetup aware of the key

#cryptsetup luksAddKey /dev/sdc1 /root/freeagent_passkey

#echo "mypasskey" > /root/freeagent_passkey

Dont forget to make a filesystem

#mkfs -t ext4 /dev/mapper/freeagent

Then add the following to /etc/fstab…

/dev/mapper/freeagent   /freeagent              ext4    _netdev         1 1

And add the following to /etc/crypttab. Note that the first entry is the name of the /dev/mapper device

freeagent       /dev/sdc1       /freeagent

To get a status on a device and to see the mappings between /dev/mapper and /dev/sdc1

#cryptsetup status

/dev/mapper//dev/mapper/freeagent is active:
  cipher:  aes-cbc-essiv:sha256
  keysize: 128 bits
  device:  /dev/sdc1
  offset:  1032 sectors
  size:    2930270970 sectors
  mode:    read/write

Make sure you keep track of when to use /dev/mapper/freeagent vs /dev/sdc1 in the commands above.