completed linux

Author: imShakil

linux/03.md

@@ -0,0 +1,38 @@
+# Set Permission On Crontab for Users
+
+In alignment with security compliance standards, the Nautilus project team has opted to impose restrictions on crontab access. Specifically, only designated users will be permitted to create or update cron jobs.
+
+Configure crontab access on App Server 2 as follows: Allow crontab access to kareem user while denying access to the ryan user.
+
+## Steps
+
+1. Create allow file:
+
+    ```sh
+    sudo vi /etc/cron.allow
+    ```
+
+    > Add allowed users in this file:
+
+    ```txt
+    root
+    kareem
+    ```
+
+2. Create deny file:
+
+    ```sh
+    sudo vi /etc/cron.deny
+    ```
+
+    > Add denied users in this file
+
+    ```txt
+    ryan
+    ```
+
+3. Restart crond service:
+
+    ```sh
+    sudo systemctl restart crond
+    ```

linux/04.md

@@ -0,0 +1,17 @@
+# Setup Run Level (Default GUI Boot Configure)
+
+With the installation of new tools on the app servers within the Stratos Datacenter, certain functionalities now necessitate graphical user interface (GUI) access.
+
+Adjust the `default runlevel` on all App servers in Stratos Datacenter to enable GUI booting by default. It's imperative not to initiate a server reboot after completing this task.
+
+## Steps
+
+Run the following commands on all app servers:
+
+```sh
+sudo systemctl get-default
+sudo systemctl set-default graphical.target
+sudo systemctl start graphical.target
+sudo systemctl status graphical.target
+sudo systemctl get-default
+```

linux/05.md

@@ -0,0 +1,15 @@
+# Timezone Adjustment
+
+In the daily standup, it was noted that the timezone settings across the Nautilus Application Servers in the Stratos Datacenter are inconsistent with the local datacenter's timezone, currently set to Africa/Dakar.
+
+> Synchronize the timezone settings to match the local datacenter's timezone (Africa/Dakar).
+
+## Steps
+
+Login into each app server and run the following commands:
+
+```sh
+sudo timedatectl list-timezones
+sudo timedatectl set-timezone Africa/Dakar
+sudo timedatectl
+```

linux/06.md

@@ -0,0 +1,14 @@
+# Firewall-cmd 
+
+The Nautilus system admins team has rolled out a web UI application for their backup utility on the Nautilus backup server within the Stratos Datacenter. This application operates on port 5004, and firewalld is active on the server. To meet operational needs, the following requirements have been identified:
+
+> Allow all incoming connections on port 5004/tcp. Ensure the zone is set to public.
+
+## Steps
+
+Login into backup server and run the following commands:
+
+```sh
+sudo firewall-cmd --zone=public --add-port=5004/tcp --permanent
+sudo firewall-cmd --reload
+```

linux/07.md

@@ -0,0 +1,22 @@
+# Process Limits
+
+In the Stratos Datacenter, our Storage server is encountering performance degradation due to excessive processes held by the `nfsuser` user. To mitigate this issue, we need to enforce limitations on its maximum processes. Please set the maximum process limits as specified below:
+
+- Set the soft limit to `1024`
+- Set the hard limit to `2024`
+
+## Steps
+
+Login into storage server and run the following commands
+
+```sh
+sudo cp /etc/security/limits.conf /etc/security/limits.conf.bak
+sudo vi /etc/security/limits.conf
+```
+
+> Add these two lines at the end of file:
+
+```conf
+nfsuser soft nproc 1024
+nfsuser hard nproc 2024
+```

linux/08.md

@@ -0,0 +1,12 @@
+# Selinux Configuration
+
+Following a security audit, the xFusionCorp Industries security team has opted to enhance application and server security with SELinux. To initiate testing, the following requirements have been established for App server 1 in the Stratos Datacenter:
+
+- Install the required SELinux packages.
+- Permanently disable SELinux for the time being; it will be re-enabled after necessary configuration changes.
+- No need to reboot the server, as a scheduled maintenance reboot is already planned for tonight.
+- Disregard the current status of SELinux via the command line; the final status after the reboot should be disabled.
+
+## Steps
+
+Follow this: [https://github.com/imShakil/100DaysDevOps-KodeKloud/blob/main/days/005.md](https://github.com/imShakil/100DaysDevOps-KodeKloud/blob/main/days/005.md)