- •About the Author
- •Credits
- •How This Book Is Organized
- •Part I: Linux Basics
- •Part II: Installation
- •Part III: Configuration
- •Part IV: Administration
- •Part V: Maintaining the Linux System
- •How Each Chapter Is Structured
- •How to Use This Book
- •Conventions Used in This Book
- •What is Linux?
- •The origin of UNIX
- •Who started Linux?
- •Understanding Open Source
- •Understanding Closed Source
- •Understanding Artistic License
- •Is Freeware really free?
- •Is Shareware never free?
- •A comparison and contrast of licensing methods
- •The Growth of Linux
- •Linux on a Personal Computer
- •Graphical installation
- •Hardware detection
- •Graphical user interface
- •Linux limitations on the PC
- •Linux succeeds on the PC
- •Linux on workstations
- •Linux on servers
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux Kernel
- •Kernel versions
- •Kernel availability
- •Linux Distributions
- •Beehive
- •BlueCat
- •Caldera OpenLinux
- •Debian
- •Corel
- •DragonLinux
- •Elfstone
- •Gentoo
- •Hard Hat Linux
- •KRUD
- •LinuxPPC
- •Mandrake
- •Phat Linux
- •Slackware
- •StormLinux
- •SuSE
- •TurboLinux
- •Yellow Dog Linux
- •Mini and Specialty Distributions
- •Astaro
- •KYZO
- •FlightLinux
- •NetMAX
- •Packages and Packaging Solutions
- •Red Hat Package Manager
- •Debian Package Management System
- •Tarball
- •Linux Resources
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux In the Real World
- •Word Processing
- •Spreadsheets and databases
- •Web browsing
- •File transfer
- •More, more, and more applications
- •The Server and DNS
- •A Linux Web server
- •Linux e-mail server
- •File servers
- •Proxy, news, and search servers
- •FTP servers
- •Firewalls
- •Determining Linux Roles and Services
- •Comparing Linux with other operating systems
- •Hardware compatibility
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Installing Linux
- •Final Preparations for Installation
- •Verification
- •Package selection
- •Final hardware verification
- •Pre-installation partitioning planning
- •Installing Linux
- •Text or GUI installation
- •Basic setup of Linux
- •Selecting the machine type
- •Partitioning the hard disk drive
- •Installing a boot manager
- •Creating the Boot Diskette
- •Networking
- •Additional installation information
- •Accounts and passwords
- •Additional packages to install
- •GUI installation
- •Obtaining video card information
- •Configuring the X windows system
- •Selecting the windows manager or desktop environment
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Answers to Assessment Questions
- •Scenarios
- •Alternative to the GUI Installation
- •Command Line installation
- •Install the Linux system
- •Network installations of Linux
- •Review of a Linux Installation
- •Installation media
- •Initial selections
- •Installation type or class
- •Disk partitioning and formatting
- •Installing LILO
- •Network configuration
- •User accounts
- •Authentication methods
- •Package selection and installation
- •A Dual-Boot Installation of Linux
- •Linux with Microsoft Windows
- •Linux with Microsoft Windows NT and 2000
- •Linux and Solaris
- •Linux and other operating systems
- •Installing Additional Software with gzip and tar
- •Installing Additional Software with RPM
- •Removing software with RPM
- •Upgrading software with RPM
- •Query the RPM software
- •Verify the RPM software
- •Verify the package files
- •Upgrading the Kernel
- •Upgrading a Linux Kernel
- •System Log Files
- •The Final Test of the Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What is the X Window System?
- •The X Window System
- •X Client and Server communications
- •X Window Manager
- •Configuring X Window Systems
- •Custom X Window System Programs
- •Manual Configuration of the X Window System
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic Network Services
- •TCP/IP Protocol Suite
- •Connection protocols needed
- •Other network protocols
- •Configuring Basic Network Services
- •Host name
- •IP addressing
- •DHCP
- •Netmask
- •Hardware resources
- •Routing and gateways
- •PPP, SLIP and PLIP connections
- •Server Tasks with
- •IP aliases for virtual hosts
- •Apache Web Server
- •Samba File Server
- •Home directories
- •Disk shares
- •Configuring Client Services
- •SMB/CIFS
- •NIS client configuration
- •NFS client configuration
- •Configuring Internet Services
- •Web browser
- •POP and SMTP
- •TFTP
- •SNMP
- •Remote Access
- •Rlogin
- •Telnet
- •OpenSSH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Adding Hardware
- •Memory
- •Swap
- •Adding a hard drive
- •Video and monitor
- •Printers
- •Configuration files
- •Setting environment variables
- •BASH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic User and Group Administration
- •What are users and groups?
- •Creating users
- •Change user information
- •Deleting users
- •Creating groups
- •Getting Around Linux
- •Navigating Linux
- •Common file and directory commands
- •Setting File and Directory Permissions
- •Mounting and Managing File Systems
- •Mount
- •Umount
- •Mounted file systems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Multi-User Environment
- •The creation of Virtual Consoles
- •The Linux Terminal Server Project
- •Configurations for remote systems
- •Monitoring remote connections
- •Common Shell Commands
- •Basic shell scripts
- •Caution using root access
- •Navigating the GUI interface
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Runlevels
- •init
- •Shutting down Linux
- •Managing Linux Services
- •Configuring Linux Printing
- •lpd daemon
- •/etc/printcap
- •Printing management
- •Using the vi Editor
- •vi operation modes
- •Editing text files
- •Using the
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disk and File System Management
- •Repairing Partitions
- •System Automation and Scheduling
- •cron
- •Core Dumps
- •Analyzing core dumps
- •GNU Debugger
- •Managing Networking Interfaces
- •Installing System Packages and Patches
- •Compressed archive
- •Debian Package Installer
- •Slackware Package Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Processes
- •Core services versus non-critical services
- •Process administration
- •Process control
- •Monitoring Log Files
- •Maintaining Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Security
- •Securing the Environment
- •Location
- •Environment
- •System Security
- •System/user files
- •Permissions
- •Log auditing
- •Backups
- •Linux Security Best Practices
- •Network security
- •Firewall
- •System security
- •Securing a Web server
- •Securing an FTP server
- •FTP program version
- •FTP configuration files
- •Process security
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disaster Recovery Planning
- •Types of data
- •Frequency and Scheduling
- •Storage and media types
- •Recovering data
- •Offsite storage
- •Linux Backup Tools and Commands
- •Third party tools
- •Tape devices
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Identifying the Problem
- •Methodology and Best Practices
- •Troubleshooting Resources
- •Documentation resources
- •Internet resources
- •System Log Files
- •Tools for Log Files
- •Output to another file
- •Locating files
- •Process Configuration and Management
- •Stopping, Starting, and Restarting Processes
- •Configuration Files
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Examining the Startup Process
- •Boot process steps
- •Analyzing Boot Process Errors
- •Common Boot Problems
- •Using System Status Tools
- •File System Check
- •System Resource Commands
- •Using the System Boot Disk
- •Types of boot disks
- •Creating a boot disk
- •Creating a rescue/utility disk
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Common User Problems
- •Login problems
- •File and directory permissions
- •Printing problems
- •Mail problems
- •Software Package Problems
- •Package dependencies
- •Software and version conflicts
- •Backup and Restore Errors
- •Backup hardware
- •Backup software
- •File restore errors
- •Application Failures
- •Log files
- •Process and daemon errors
- •Web server errors
- •Telnet
- •Mail services
- •Basic Networking Troubleshooting
- •Networking connectivity
- •Network hardware problems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Mainboard Components
- •BIOS
- •System memory
- •System Resources
- •I/O addresses
- •Direct memory access
- •Laptop Considerations
- •PCMCIA
- •Linux Peripheral Configuration
- •Installing and Configuring SCSI Devices
- •SCSI definitions
- •SCSI technologies
- •SCSI cabling and termination
- •SCSI device configuration
- •Linux SCSI devices
- •ATA/IDE Devices
- •IDE drive configuration
- •Linux ATA/IDE Drive configuration
- •Linux Support for Other Devices
- •IEEE 1394 (Firewire)
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What’s on the CD-ROM
- •System Requirements
- •Using the CD with Microsoft Windows
- •Using the CD with Linux
- •Microsoft Windows applications
- •Linux applications
- •Troubleshooting
- •Sample Exam
- •Exam Questions
- •Exam Answers
- •Taking a CompTIA Exam
- •How to register for an exam
- •What to expect at the testing center
- •Your exam results
- •If you don’t receive a passing score
- •About the Linux + Exam
- •Preparing for the Linux+ Exam
- •For More Information
- •Preamble
- •No Warranty
- •Glossary
- •Index
220 Part III Configuration
From this menu, you can configure the modem in more detail, including the following:
You can turn off many normal standards, such as hardware flow control, which is useful when connecting two machines directly with the serial port.
You can enable escape control characters that are normally automatically negotiated during connection creation.
You can choose to attempt to stay connected if known errors occur. This option is usually left “on,” so that you can troubleshoot the connection.
You can choose to allow any user to connect or disconnect the configured connection. You may consider this option if you don’t want users to know the root user password in order to establish the newly created connection.
You can select the line speed. For troubleshooting connections that don’t connect completely or disconnect often, this is very useful. By choosing a lower connect speed, you can see if the system will react better with less errors than at a higher speed.
Server Tasks with linuxconf
The linuxconf program can configure some basic server functions for the Linux system.
NFS
You can use the linuxconf program to configure the NFS (Network File System) clients, thus allowing other UNIX and UNIX-like systems to share resources. The menu, which is shown in Figure 7-12, allows you to configure shared resources, comments, client names, and privileges.
Sun Microsystems developed NFS, which has been designated as a file server standard. NFS uses the SUN Remote Procedure Call, which is a protocol that one program can use to request a service from a program (located on another computer in a network) without requiring an understanding of the network details. It normally uses the NIS for naming resolution. NFS is portable to other UNIX-like systems, such as Linux, and even Microsoft clients with the use of the Sun Solstice Network Client.
Sun Microsystems has extended NFS to WebNFS, which extends the use of NFS to the Internet. WebNFS offers several advantages over HTTP and FTP: It doesn’t require the opening and closing of connections for each requested file, and large file downloads are supported and can be downloaded in sections to ease recovery. Netscape, Oracle, IBM, Apple, and Novell have announced support for WebNFS. Sun hopes that the World Wide Web Consortium will adopt it as a standard for the Internet.
Chapter 7 Configuring Networking 221
Figure 7-12: Configuring a NFS Share
IP aliases for virtual hosts
IP aliases allow the system to create virtual servers, and are used to create virtual systems on one interface. Figure 7-13 demonstrates this by showing the screen that follows the initial selection of the interface that will have virtual hosts.
Most Linux users with only six months of experience probably haven’t used Virtual Hosts; however, you should be aware of their existence and the basics of how to create them.
To create a range of virtual hosts, follow these steps:
1.At the virtual host configuration screen, enter a range of IP addresses. For example, use a range of 192.168.0.200-250 for a system on a 192.168.0.0 network.
2.In the “Configure domain name server” menu, select the “IP allocation space” entry, enter the range, and type in “Virtual domains” as a short description.
3.Go into the DNS and add a host for the domain with a FQDN. Then hit ctrl-X to prompt Linuxconf to compute the first unused IP address in the IP aliases range. Use this IP address.
4.Use the httpd configuration and add a section for the new FQDN. Repeat this as often as necessary for additional virtual hosts.
222 Part III Configuration
Figure 7-13: Creating Virtual Hosts for an Ethernet Connection
Virtual hosts work very well for service providers to enable many personal Web sites or commercial sites on one physical server.
Apache Web Server
The Apache Web server is currently the most popular Web server. Apache exists to provide commercial-grade software that is capable of providing for the Hypertext Transfer Protocol (HTTP). HTTP is a standard for creating documents to be viewed over the Internet. The standardization of HTTP was started within the IETF (Internet Engineering Task Force) in late 1994 and has evolved into the standard method of displaying Web pages. The linuxconf program can perform a basic configuration on the Apache server. To do this,
1.Choose Networking Server Tasks Apache Web Server.
2.When you select the Apache Web server, a menu appears that allows configuration of the Web server.
3.Select the defaults option to allow the input of information for the default configuration.
Basic section
This section includes the entry of the Web administrator or Web master’s e-mail address. The domain IP address allows several virtual domains to share a single IP address, which should also be entered in this configuration. The server name is used if DNS or the host’s file name resolution is not working correctly, or if the server has a name different than the FQDN. The document root is the file system
Chapter 7 Configuring Networking 223
location of the files used for the Web service. Figure 7-14 shows that the location is the default of /var/www/html.
The next option to configure is for script aliases, which provide the location of script files, such as CGI (Common Gateway Interface), to be run with the Web site. Next you must configure a user ID and group ID, which are used to control access to the Web server. Usually this ID is a created account, called “Apache” for example, that has only read capabilities and perhaps writes to a temporary directory for executables. Don’t allow too much access to users accessing the system because they can make unwanted changes to the system.
Figure 7-14: Default Configuration of the Apache Web Server
Logs section
The next section in the Apache configuration is for log files.
Error logs: Review this log on a Web server because it can indicate problems with the Web server and be used to correct the errors. A common location for this file is /var/log/httpd/error_log. Look for this log on a system using the Apache server.
Transfer logs: Are used to track all traffic or access to the Web server and are filed in the Common Log File format. This file may grow quite large for very busy Web servers, so spend some time planning your file locations.
Agent logs: Tracks Web page access.
Referrer logs: If access to the server was generated by a link from another page, the access is logged here.
224 Part III Configuration
Tuning section
The tuning section allows the custom configuration of some of the performance settings of the Apache server. The following list details the configuration options:
Private Web sites: When a user requests a Web page by typing www.linux.org, the browser assumes that — unless otherwise instructed — it will use the default port for HTTP, which is 80, which is used for all public web sites. If you wish to hide your private web sites on a different access port, you can set it to something like 8080. This way, clients will have to specify the web page on that port to get a connection.
PID (process identifier) file location: This is seldom changed because it holds the PID of the main process.
Timeout: This is used to disconnect clients who connect to the Web server but don’t make a request of the system.
Host name lookup: This allows the system to log not only the IP address of the connecting client but also the name of the client. Unfortunately, this option has two major drawbacks:
•It creates much more network traffic when looking up every client host name.
•The Web page won’t be displayed until the task is completed, therefore slowing the display of the Web page to the client.
This is an excellent tool for very small Web sites to track users. The action that this tool accomplishes, however, can be completed in more efficient ways — especially for large Web sites.
Features
The Features section controls the ability to activate advanced items such as scripting. The features include the following:
Server side includes option. Can be used with the extension shtml. The server-side include command simply expands to the contents of a given file and allows bits of HTML or text to be shared between pages for ease of updating.
NOEXEC option. Activates the Server side includes option, but uses SSI tags to disable CGI scripts.
Indexes option. Allows a list of available files in the Web directory to be displayed if the default index.html file is not present. If this option is turned off, then Error 404, “file not found,” is returned as an error message.
May follow symlinks option. Must be turned on if symbolic linked folders or files are to be followed when accessed on an Apache server.
Follow symlinks if owner matches option. Continues the May follow symlinks option with the added verification that the owner of the file is accessing the symbolically linked file or directory and that all others are denied access.