Creating Backup using ‘tar’ command in Linux

tar‘ command is used for archiving and compressing files and transferring data across a network. Using ‘tar’, users can gather larger sets of files into a single archive file. The archive can be compressed using gzip, bzip2 and xz

To operate, ‘tar’ command, one of three following actions is required:

  • c     (create an archive)
  • t     (list the contents of an archive)
  • x    (Extract an archive)
  • v    (Verbose)
  • f     (File)
  • p    (to preserve file permissions while archiving and compressing  
# cd /opt/
# mkdir backup
# cd backup
# tar cvf home.tar /home
# ll
-rw-r--r--. 1 root root 122337280 Jan 16 19:54 home.tar


To extract contents of a tar archive:

[root@localhost]# tar  /opt/backup/etc.tar    /tmp/backup/


By default, when files get extracted from an archive, the umask is subtracted from the permissions of archive content. The option p option is to be used when extracting an archive.

[root@localhost]# tar xpf  /opt/backup/etc.tar /tmp/backup/


After archiving folders into files, we can compress using above mentioned tools and their file extension is as follows,


  • z for gzip compression (filename.tar.gz)
  • j for bzip2 compression (filename.tar.bz2)
  • J for xz compression (filename.tar.xz)

Now compress the archived files using gzip, bzip2 and xz commands

# pwd
# gzip home.tar
# bzip2 var.tar
# xz etc.tar
# ls
. home.tar.gz, var.tar.bz2 and etc.tar.xz

Note: gzip command will replace compressed file with original archived file

Alternatively, we can archive and compress using a single command.

# tar cvzf home.tar.gz /home
# tar cvjf var.tar.bz2 /var
# tar cvJf var.tar.xz /etc


To List contents of a tar archive:

[root@localhost]# tar tf /opt/backup/etc.tar


To extract a copressed tar archive

gzip archive   ….. [root@localhost]# tar xzf /opt/backup/etc.tar.gz

biz2 archive    ….. [root@localhost]# tar xjf /opt/backup/etc.tar.bz2

xz archive       ….. [root@localhost]# tar xJf /opt/backup/etc.tar.xz




How to create vsFTP in RHEL7.

vsftpd (Very Secure File Transfer Protocol Daemon) is lightweight, fast and default FTP server daemon for Redhat Based Linux Operating systems (CentOS/RHEL/Fedora).

  1. Install vsftpd package in server and enable the service
# yum install -y vsftpd*
# systemctl enable vsftpd.service
# systemctl start vsftpd.service

2.  Create a ftpuser with customised home directory and nologin shell

# mkdir - p /ftp/ftpuser
# useradd -g 1107 -d /ft/ftpuser -s /sbin/nologin
# passwd ftpuser
  -- changing the password of ftpuser

3.  Get the details of  user – ftpuser and verify the home directory and login is defined properly

 # getent passwd ftpuser

4.  change the permissions of the home directory of ftpuser and verify

# chown -R ftpuser:ftpusers /ftp/ftpuser
# ls -l /ftp/
drwxr-xr-x. 4 ftpuser ftpusers 85 Jan 15 20:23 ftpuser

5.  After package installed, allow port and ftp service in firewall

# firewall-cmd --permanent --add-port=21/tcp
# firewall-cmd --permanent --add-service=ftp
# firewall-cmd --reload

6. Edit the vsFTP configuration file located in /etc/vsftpd/vsftpd.conf and make the changes in following lines

 # vim /etc/vsftpd/vsftpd.conf  
 -- anonymous_enable=NO
 -- chroot_local_user=YES
 -- chroot_list_file=/etc/vsftpd/chroot_list

7. Create one empty file ‘ chroot_list’ in following location /etc/vsftd/

  # touch /etc/vsftpd/chroot_list

8. Add the FTP User Name to the file and restart the ftp service

# echo "ftpuser" >> /etc/vsftpd/chroot_list
# systemctl restart vsftpd.service

9. Check the SELinux status

# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28

10.  Start using FTP service, if you unable to upload files or creating directories inside the site, check the entries in log

# journalctl | grep vsftpd

Jan 15 20:24:09 localhost.localdomain python[15220]: SELinux is preventing /usr/sbin/vsftpd from read access on the directory ftp.
If you want to allow vsftpd to have read access on the ftp directory
If you believe that vsftpd should be allowed read access on the ftp directory by default.
# grep vsftpd /var/log/audit/audit.log | audit2allow -M mypol
Jan 15 20:24:11 localhost.localdomain setroubleshoot[15220]: SELinux is preventing /usr/sbin/vsftpd from getattr access on the directory /mnt. For complete SELinux messages. run sealert -l 017f19d4-0f2a-475b-ac4e-79ffc410d8ce
Jan 15 20:24:11 localhost.localdomain python[15220]: SELinux is preventing /usr/sbin/vsftpd from getattr access on the directory /mnt.
If you believe that vsftpd should be allowed getattr access on the mnt directory by default.
# grep vsftpd /var/log/audit/audit.log | audit2allow -M mypol
Jan 15 20:32:36 localhost.localdomain setroubleshoot[16041]: SELinux is preventing /usr/sbin/vsftpd from read access on the directory ftp. For complete SELinux messages. run sealert -l 6dc55eb6-291b-4eab-8320-69ccf82556c7

10. Now we will use semanage command to set SELinux rule to allow FTP to read/write user’s home directory.

semanage boolean -m ftpd_full_access --on

11.  Restart the service and start using ftp site.


How to create Firewall rules using firewall-config in RHEL7

There are two ways to create rich rules in RHEL7 using firewall-config:

GUI Mode:  Using firewall configuration GUI – User Interface

Terminal Mode: You can add easily firewall rules using the command line.

Souce IP — { through port } — Destination IP

Foremost, we need to check status of the firewalld

#systemctl status firewalld.service





Click on Ports tab


Enter the port to whitelist / to allow to communicate


After adding port 8080, restart the firewalld – daemon


Error (d3dcompiler_47.dll is missing)

If you find the error,  d3dcompiler_47.dll is missing while installing any packages / applications in Windows Server 2008 R2, here is the following solution…


  • Download  .. Update for Windows Server 2008 R2 x64 Edition (KB4019990) and install
  • Issues resolved and you can install applications and other packages.

How to modify privileges of normal user as ‘root’

ROOT is an administrative account without the restrictions that are present on normal users. Users can execute commands with “super-user” or “root” privileges in a number of different ways. There are few commands to switch user to “privileged-as-root” account.

$sudo useradd ramesh

[sudo] password for sadmin: xxxxxxxxxx

sudo – is a command configured through a file in /etc/sudoers

$sudo visudo

[sudo] password for sadmin: xxxxxxxxxx

#Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
–if we want to provide full root privileges to specific user, we can specify as below

sadmin ALL=(ALL:ALL) ALL

(2) SUDO is a group, having full administrative privileges, if we add any user to this group, it will get full administrative powers

$sudo usermod -aG sudo
#example., $sudo usermod -aG sudo sadmin

(3) Alternatively, we can also use below command

$sudo gpasswd -a sadmin sudo

On CentOS, we can add users to wheel group, which is having super privileges

$sudo gpasswd -a sadmin wheel



Shell commands in Linux

$echo $HISTSIZE                                     (  — To find out history size, by default it will be 1000)


$echo $USER                                           ( — To find out user logged in)


$echo $BASH                                          (– To find full path name of BASH cmd)


$echo $HISTFILE                                   (– To find file location of history of current user)


$echo $HISTCMD                                (– To find number of history contents of current user)


$echo $MAIL                                         (– To find out location of mail-folder of current user)




How to configure DNS Server in Ubuntu 14.04 LTS

To configure DNS server in Ubuntu 14.04

After installing ubuntu 14.04 LTS and check the hostname, while installing itself, we can give preferred hostname or else post installaton also, we can change as follows,

$ sudo cat /etc/hostname


change the system  by following executing following commands

$ sudo vi /etc/hostname

$ sudo vi /etc/hosts

$ sudo apt-get update

(system will update it’s repositories through terminal)

$ sudo apt-get install bind9 bind9utils bind9-doc

(We need to install bind9, bind9utils, bind9-doc packages)

$ sudo vi /etc/default/bind9

(We need to set IPV4 mode to  bind and to do the same , edit following bind9 file using vi editor , change in following line)

OPTIONS=”-4 -u bind”

SAVE and EXIT file

Now, bind has been installed and need to configure Primary DNS Server

$ sudo vi /etc/bind/named.conf.options

(Insert following lines in named.conf.options file at the end of the file – creating access list “trusted”)


acl “trusted” {; # ns1 – can be set to localhost; # ns2


options {
directory “/var/cache/bind”;

recursion yes;                                # enables resursive queries
allow-recursion { trusted; };    # allows recursive queries from “trusted” clients
listen-on {; };     # ns1 private IP address – listen on private network only
allow-transfer { none; };           # disable zone transfers by default

forwarders {;;


Locate following file /etc/bind/named.config.local

$ sudo vi /etc/bind/named.conf.local

zone “” {
type master;
file “/etc/bind/zones/”; # zone file path
allow-transfer {; }; # ns2 private IP address – secondary

zone “” {
type master;
file “/etc/bind/zones/db.5.100”; # subnet
allow-transfer {; }; # ns2 private IP address – secondary

$ sudo mkdir /etc/bind/zones

(Create folder named ‘zones’ inside /etc/bind directory)

$ sudo vi /etc/bind/zones/
$TTL 604800
@ IN SOA (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; name servers – NS records
; name servers – A records IN A IN A
sudo vi /etc/bind/zones/db.5.100
$TTL 604800
@ IN SOA (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; name servers
; PTR Records
5.100 IN PTR ;
5.101 IN PTR ;
$ sudo named-checkconf


$ sudo service bind9 restart

Restart the bind – service

In (Ubuntu) client systems

$ sudo vi /etc/resolvconf/resolv.conf.d/head


$ nslookup ns1