How to grant privileged access to specific users?
You can grant specific users full access to all privileged commands, with this sudoers entry. (add it to the file: /etc/sudoers).
kranti ALL=(ALL) ALL
It is not recommend because this allows user kranti to use the su command to get permanent root privileges thereby bypassing the command logging features of sudo.
How to disable/enable firewall in Linux (Fedora)?
Disable -
# service iptables stop
Enable -
# service iptables start
Disable at boot time
# chkconfig iptables off
Enable at boot time
# chkconfig iptables on
Configuring Static IP address on Linux from the Command Line (Fedora)
1. Assign static IP Address
vi /etc/sysconfig/network-scripts/ifcfg-em1
DEVICE="em1"
ONBOOT=yes
NM_CONTROLLED="yes"
TYPE=Ethernet
BOOTPROTO=none
IPADDR0=172.19.3.1
PREFIX0=24
GATEWAY0=172.19.3.254
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System em1"
UUID=1dad842d-1912-ef5a-a43a-bc238fb267e7
HWADDR=00:C0:9F:BA:C5:32
2. Restart the NIC
service network restart
3. Add the Default Route:
Default Route:
route add default gw ip_address_of_your_default_gateway em1
route add default gw 172.16.3.1 em1
To make gw/route permanent:
vi /etc/sysconfig/network
change to look like this:
NETWORKING=yes
HOSTNAME= localhost.localdomain
GATEWAY=172.19.3.254
Add default route through an interface (Fedora)
-> route add -net 172.0.0.0 netmask 255.0.0.0 dev em1
-> route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 em1
4. Add Permanent Route
Set up static routes for certain network interface (for example eth1) by editing file 
/etc/sysconfig/network-scripts/route-eth1.
For example, if you have to save static route added by the following command:
route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.100.1 dev eth1
To do it, just add the following line to /etc/sysconfig/network-scripts/route-eth1:
ADDRESS0=192.168.0.0
NETMASK0=255.255.255.0
GATEWAY0=192.168.100.1
Configure DHCP Server
To start, stop, restart and check status of dhcpd:
- service dhcpd start
- service dhcpd stop
- service dhcpd restart
- service dhcpd status
To ensure dhcpd starts automatically on your next reboot:
- chkconfig dhcpd on
DHCP server config file:
- Find sample config file @ /usr/share/doc/dhcp*/dhcpd.conf.sample
- The actual config file @ /etc/dhcp/dhcpd.conf
Test config file for errors:
- /usr/sbin/dhcpd –f
To check log messages:
- cat /var/log/messages
To check the assigned leases:
- cat /var/lib/dhcpd/dhcpd.leases
To configure to listen on an interface:
- vi /etc/sysconfig/dhcpd
DHCPDARGS="em1"
- If not configured the following error will be thrown in the error log
Not configured to listen on any interfaces!
Other errors:
1. No subnet declaration for em1 (172.19.3.1).
** Ignoring requests on em1. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface em1 is attached. **
- Add subnet declaration for 172.19.3.0 in /etc/dhcp/dhcpd.conf file
2. "DHCPDISCOVER from 00:00:aa:aa:aa:aa via 172.19.5.1: unknown network segment"
- Mostly because the subnet definition is missing for the particular subnet that the DHCP request is coming from (Most of the time because of DHCP helpers on switches). Add subnet declaration to your dhcpd.conf file for this subnet
To Change the MTU of an interface on Linux:
- sudo ifconfig eth0 mtu 2000
