Suse Linux 10 Guide

Office Formats

The .rtf (Rich Text Format) format is often mentioned as an open text-based format for interchanging documents. This file format was developed by Microsoft. It is a plain text format with markup, and there is an openly published specification for it, unlike the binary .doc files. An RTF file is actually not so nice when you look inside it user bible > less afile.rtf rtf1 ansi deff0 adeflang1025 fonttbl f0 froman fprq2 fcharset0 Nimbus Roman No9 L * falt Times New Roman f1 froman fprq2...

Installing Additional Software with YaST

Unless you installed every available package when you installed your SUSE system, you'll eventually hear (or read about) some additional software package from the SUSE distribution CDs or DVD that you wish you'd installed. Chapter 12 explains how to install additional software packages from the command line, but if this software is on the SUSE distribution CDs or DVD, you'll have to figure out where to find it first. Luckily, SUSE's YaST tool makes it easy to both locate and install additional...

VMWare Workstation

VMWare Workstation is a proprietary product and licenses are expensive, even for the workstation version. However, VMWare does offer 30-day evaluation licenses, and you can download the full product together with a 30-day key from the company's web site at www.vmware.com. In this section, we discuss VMWare for Linux (the version that runs on Linux and enables you to install guest operating systems to run on top of Linux). You can also download a VMWare for Windows product. The current version...

YaST Modules

The YaST system is split into seven menu topics, each one opening up another list of menus for direct configuration of the chosen module. Tip If you want to load a YaST module without loading the main menu, you can enter yast2 modulename. For a list of modules available in your installed YaST envi' ronment, type yast2 -I. The available topics for YaST configuration are as follows (with the YaST module name in brackets to load directly with yast2 modulename) Control the installation and removal...

Listing 36 Creating an EXT2 Filesystem

Bible mkfs.ext2 dev hda5 mke2fs 1.34 (25-Jul-2003) Filesystem label OS type Linux Block size 1024 (log 0) Fragment size 1024 (log 0) 49152 inodes, 196024 blocks 9801 blocks (5.00 ) reserved for the super user First data block 1 24 block groups 8192 blocks per group, 8192 fragments per group Superblock backups stored on blocks Writing superblocks and filesystem accounting information done This filesystem will be automatically checked every 36 mounts or 180 days, whichever comes first. Use...

Suse Dhcp Server Packages

The SUSE Linux Professional distribution provides the following DHCP-related packages. Whether or not a specific package is installed on your system depends on the type of installation that you selected. dhcp Common files used by both the ISC DHCP server (dhcp-server) and client (dhcp-client ) packages. dhcp-client An alternative DHCP client from the ISC. This DHCP client uses the same configuration file as the standard dhcpcd client ( etc dhclient.conf) and also supports additional...

Configuring a Samba Client

Like most administrative tasks on a SUSE Linux system, configuring and starting a Samba client is most easily done through YaST. If you are running the X Window system KDE desktop (SUSE's default graphical environment), you can execute by selecting YaST from the Control Center menu, which is available by clicking the SUSE icon at the bottom-left corner of your KDE desktop. If you start YaST as the root user, the YaST dialog box is displayed, as shown in Figure 18-1. Note f y0U start YaST as any...

Other Window Managers

MWM (the Motif Window Manager) is minimalism in action (see Figure 8-5). If you are installing a server and you just need to have X available so that, for example, you can run the graphical Oracle installer later, you may choose the Minimal + X11 installation option, which uses the FVWM2 window manager by default but also installs MWM. Figure 8-5 shows the MWM window manager. A good site for additional information about the Motif Window Manager is www Blackbox is elegant minimalism of the less...

Common EXT2 and EXT3 Mount Options

As discussed earlier in the chapter, the EXT2 and EXT3 filesystems share the same basic data structures and differ largely only in terms of whether a journal is present (and the journaling option is enabled in the filesystem superblock). For this reason, they also share a large list of mount options that can be used with either. Of these shared mount options, the most significant is the sb option, which enables you to specify an alternate superblock to use when checking the consistency of the...

Listing 31 Output of the fdisk l Command

Disk dev hda 82.3 GB, 82348277760 bytes 255 heads, 63 sectors track, 10011 cylinders Units cylinders of 16065 * 512 8225280 bytes Device Boot Start End Blocks Id System dev Ma * 1 13 104391 83 Linux dev hda2 14 268 2048287+ 83 Linux dev hda3 269 395 1020127+ 82 Linux swap dev hda4 396 10011 77240520 f Win95 Ext'd (LBA) dev hda5 396 2945 20482843+ 83 Linux dev hda6 2946 4857 15358108+ 83 Linux dev hda7 4858 6132 10241406 83 Linux dev hda8 6133 10011 31158036 83 Linux The output of fdisk -l shows...

Text Editors

Plain text is our favorite file format. It is readable everywhere and depends only on the universally understood ASCII (and these days, possibly Unicode) format. You are not limited to a specific program to read or create plain text, or to view it. In the world of Windows, the naive user thinks (and this is what the application vendor wants him to think) that just to write a shopping list, he should use a proprietary word processing application. When he sends that shopping list to his friend by...

The exports File

The sharing of directories by NFS is controlled by the file etc exports, which contains a list of directories with details of the hosts they may be exported to and other options. A simple example such as etc exports might contain just the following line This will export the directory test to the host client. The option r w (read-write) is set. If you restart the NFS server, you see this Shutting ctwn kernel based NFS server done Starting kernel based NFS server exportfs etc exports 8 No 'sync'...

Using the Qlogic Driver

The most common QLA card in circulation at the moment is the QLA2300 chipset, which is fully supported by SUSE. It is very likely that YaST would have found your Qlogic card during installation and would have configured the driver to load at boot time. If you have installed the driver after installation, you may need to configure your SAN access manually from Linux 1. Manually load the driver and see if you can access your storage. While the driver loads, you may see your system lock up. This...

Configuring a Firewall with iptables

To configure a firewall on Linux, you need to get used to the iptables command, which is used to manipulate the kernel packet filtering settings from user space. (Refer to Chapter 6 for more information on TCP IP, because an understanding of TCP IP is needed.) The terms user space and kernel space are used a lot in the Unix community. When something runs in kernel space, it is under the control and the constraints of the kernel. Something running in kernel space could be a kernel module or the...

File Attributes

This is an additional layer of control over files above and beyond the standard Unix permissions system. File attributes are controlled by the chattr command. In general and in most situations, the attributes that this system allows are not widely used and not all of them are implemented on every filesystem, but most of the functionality of chattr is available on the common filesystems (ext2, ext3, and reiserfs ). The one attribute that is particularly interesting and that can be set with this...

Configuration Parameters

The Postfix configuration format is quite easy to follow if you have some background in Linux and the SMTP protocol, which is one of its strengths. The next sections provide a breakdown of the configuration file's options with a description of the parameter uses. When mail is received by Postfix, it is held in the mail queue for further processing until it is delivered to the user's mailbox. Each mail is stored in a separate file in the queue directory for Postfix to pick up when needed. This...

Setting Up a Samba Server

Like most administrative tasks on a SUSE Linux system, configuring and starting a Samba server is most easily done through YaST. You can start YaST in the same way as discussed earlier in the chapter in the section Configuring a Samba Client. To configure and start a Samba server, follow these steps 1. Click the Network Services icon in the left pane of the YaST Control Center and scroll down the right pane until you see the Samba Server icon, as shown in Figure 18-12. 2. Click the Samba Server...

Creating and Managing the Samba Password File

Many Samba servers that serve as a PDC or that use workgroup authentication use a Samba-specific password file to store Windows username and password information. On SUSE systems, this file is etc samba smbpasswd. Entries in this file are created and updated using a utility that is also named smpasswd. This file is used only by Samba servers Samba clients use the authentication mechanisms that are provided by the Samba or Windows servers that you are connecting to. If the smbpasswd file is the...

Mounting a Shared Windows Drive

There are many different ways to mount a shared Windows drive on your SUSE system, the easiest of which is to use the standard Linux mount command. For example, to mount an SMB share named wvh that is available on an SMB server named home, mount that share on the directory mnt smb, and access those files as the Windows user wvh, you would execute a command such as the following as the root user mount -t smbfs -o username wvh home wvh mnt smb The previous command line can be broken down as...

Getting Started with Squid on SUSE

The SUSE installation media contain the Squid installation package first, you need to install this in the usual way using YaST. Squid is included in the YaST installation selection Network Server. For this discussion, we assume that you are setting up Squid on a machine on your network that has adequate access to the outside world. Depending on which version of SUSE you are running, simply installing and starting Squid may not be enough. SLES 9 and older versions of SUSE Professional come with...

Configuring sendmail

Sendmail's primary configuration information is stored in the file etc sendmail f. Additional configuration information is stored in the directory etc mail. The file etc sendmail.cf is a text file that contains configuration information consisting of name value pairs on separate lines of the file. Most systems that run sendmail create the file etc sendmail.cf from another file, sendmail.mc, which is often stored in the etc mail Linux systems such as Red Hat or usr lib mail cf Solaris directory....

Webmin and YaST

Stated Preference Interview

The variety of modules that Webmin includes can be seen from the Networking tab and Servers tab (see Figure 14-10). These include items that have only recently become part of YaST (such as IPsec configuration and HTTP configuration) and others that are still not included in YaST (such as Point-to-Point Tunneling Protocol PPTP server and client, CVS server, MySQL server, and others). Webmin provides a convenient alternative to YaST that you can use from anywhere. In the longer term it would be...

Nonroutable IP Addresses

Every machine that is directly connected to the Internet must have a public IP address, commonly known as a routable address. A routable address is one that a connection can be made to from anywhere on the TCP IP network, in this case, the Internet. For example, any web site you visit that is on the Internet has a routable address. If it were non-routable, packets would not be able to be routed to it. Each IP address class has its own non-routable address (they cannot be routed on the...

Listing 78 Apache logrotate Entry for accesslog

var log apache2 access_log compress dateext maxage 3 6 5 rotate 99 size +4096k notifempty missingok etc init.d apache2 reload endscript As you can see in the listing, a given logrotate entry is made up of multiple directives. Each of these directives gives logrotate some instruction as to how to behave toward the log files covered by that particular logrotate entry. Table 7-3 details each of the directives in this file and the actions they inspire. No,e Each file that you would like to be...

Setting Up Printing with CUPS

In the early days of Linux, printing was difficult to set up and equally difficult to manage. The print system was known as LPD (line printer daemon). Just as with X configuration, in the early days, at least, grown men wept. I still have bitter memories from 1997 of trying to make sense of the Linux Printing HOWTO and then, when I thought I had cracked it, ending up with a huge stack of paper covered in apparent garbage (raw PostScript code). Fortunately, those days are gone. The standard now...

Setting Up a Locally Connected Printer

To begin setting up a printer using YaST, start YaST and from the Hardware menu, select Printer, or from the command line type You will see the window shown in Figure 19-1. Figure 19-1 YaST detecting the locally attached printer Figure 19-1 YaST detecting the locally attached printer YaST usually detects any directly attached local printers (such as parallel or USB printers) immediately. For example, in Figure 19-1 a Laserjet 4L was detected on the parallel port. If the printer has been...

Starting and Stopping the CUPS Server

On SUSE, CUPS is started and stopped by the commands rccups start and rccups stop. It is just another service controlled in the usual way. If you make changes to the CUPS configuration files, you will need to restart CUPS for the changes to take effect. You can check that CUPS is running with the command rccups status. By default, CUPS will be started in runlevels 2, 3, and 5. Figure 19-6 Setting up the remote CUPS server in YaST Figure 19-6 Setting up the remote CUPS server in YaST

Using the CUPS Web Interface

The CUPS web interface can be viewed from a browser using port 631 (see Figure 19-8). By default, SUSE's settings allow only administrative changes through the browser interface when connecting from the local machine. This can be changed in the cupsd.conf file, but for now we will look at administering the server from a browser running on itself. So from the local machine, you need to browse to http localhost 631. If you click the link Do Administrative Tasks or other links that require...

SUSE Linux Open Exchange Server and Netline Openxchange

Over the years SUSE has offered a series of mail server offerings based around the Cyrus IMAP server. The SUSE eMail Server 3 was the first of these to offer groupware capabilities. The SUSE Linux OpenExchange Server 4 was the first to provide a groupware offering that could integrate with the Microsoft Outlook client, providing mail and shared calendars in a way that was almost indistinguishable from the user's point of view to a connection to a Microsoft Exchange Server. SUSE Linux...

Configuring User Preferences

Linux stores most user preferences in so-called dot files in the user's home directory. If a filename starts with a dot, it will not be displayed by the ls command unless you use the -a option and is therefore regarded as a hidden file. Both dot files and dot directories are used to hold preferences for most of the programs you use. Many programs will write a new dot file in your home directory when you run them for the first time. Many of these dot files have names that include the letters rc...

Connecting over the Network

Traditionally the way to connect to a remote machine and work on it was Telnet. Telnet is inherently insecure because it sends passwords in plain text across the network SUSE systems do not have a Telnet server enabled by default. If you want to log in remotely, you should use ssh (secure shell). If you are logged in to the machine bible as user fred and you want to log in to the machine faraway as user guest, this is what you would do You will be prompted for the password, and you will be...

Browsing Available Windows Resources

SUSE Linux provides a number of different ways to browse Windows networks to identify and access available resources. The most common of these is to use the Konqueror browser, shown in Figure 18-5. SMB support in Konqueror is constantly being improved, so make sure that you have installed the latest version of the kdebase3 package using YaST's Online Update control (discussed in Chapter 9) if you encounter problems. Figure 18-5 Browsing SMB resources in Konqueror Figure 18-5 Browsing SMB...

Command Line Utilities for Samba

The Samba software suite includes a number of utilities that you may find useful when interacting with Windows networks from the Linux command line. The next few sections provide a brief introduction to some of the more useful ones. You can obtain a complete listing of all of the utilities on your SUSE system that are related to Samba by using the apropos command to identify any commands related to Samba or the SMB protocol, as in the following examples net (8) - Tool for administration of...

Kernel Configuration

To be able to build kernels, you obviously need the kernel source package (called kernel-source) installed. In addition, you need gcc, make, and a number of other packages. One of the SUSE installation package set options is Kernel development if you have installed that selection, you should have everything you need. If you want to base your kernel configuration on the currently running kernel, you have more than one way to begin. The configuration of the kernel that is actually running is...

Working with File Ownership and Permissions

The users and groups discussed in the previous section are useful only because each file on the system is owned by a certain user and group and because the system of file permissions can be used to restrict or control access to the files based on the user who is trying to access them. The section that follows is a crash course in file permissions we go into greater detail in Chapter 13. If you look at a variety of files and directories from across the system and list them with the ls -l...

Strings ghex2 khexedit and antiword

If you are confronted with a file that the file command doesn't give very useful information about (perhaps it just reports data ), it may be worth trying to view it with cat -v, with less, or with a text editor. If all you see is binary junk, you may still be able to find out something useful using the strings command, which searches inside a binary file for text strings and outputs them. The output may give some useful clues. The applications ghex2 or khexedit may also be useful. These are...

The Root Partition

After the swap space has been created, you need to configure the root ( ) partition (see Figure 1-13). The root ( ) partition is the most important data partition on any Linux or Unix system, and is the only non-swap filesystem partition that is required in order to boot a Unix or Linux system. The root partition takes its name from the fact that it is the partition mounted at the root of the Unix Linux filesystem, which is the directory known as . A filesystem must be mounted on this directory...

Manually Partitioning an Existing Windows System

If the SUSE installer cannot repartition an existing Windows partition automatically, you can always use the Linux parted (Partition Editor) utility to manually resize an existing partition, usually when your entire disk is occupied by a Windows partition. The parted utility is available from the SUSE install disk when you select the Rescue System option from the main menu of the SUSE install CD or DVD. For more information about booting the rescue system, see the section The SUSE Rescue System...

Configuring and Using DHCP Services

Today's networks are more complex than ever before. In addition to traditional requirements that each user's desk top system be connected to the network, many other devices such as printers, fax machines, laptop and notebook computers, and personal digital assistants (PDAs) now typically require network connections. Because today's networks typically use numerous IP addresses, system administrators must manage the set of IP addresses available to them more effectively within an enterprise and...

Creating Xen Virtual Machines Using YaST

SUSE's YaST provides a Virtual Machine Installation module that makes it easy to create and configure Xen virtual machines. In order to use this module, you must first be running a Xen-enabled kernel. You can then configure a Xen virtual machine by doing the following 1. Start the Control Center and select YaST2 Modules, or start YaST2 directly. Select the Software topic from the left pane and click the Virtual Machine Installation XEN icon. If you are not already running as the root user, you...

Creating Xen Virtual Machines Manually

While the YaST Virtual Machine Installation (Xen) module simplifies the task of creating Xen virtual machines, it isn't completely customizable. You may want to migrate existing Xen virtual machines or install them in a way that no one could anticipate. For this reason, it's also useful to understand how to create and configure Xen virtual machines. The following sections discuss the various aspects of a Xen virtual machine and how to perform each step manually. As mentioned previously, each...

Vsftpd as an Anonymous FTP Server

An FTP server is most commonly used as a server for anonymous downloads. We look at this setup first. An anonymous FTP server is a server that allows anyone to log in with the username ftp or anonymous and download files. If you use a browser to access an anonymous FTP site, the browser passes the login information to the site without the user having to think about it. User FTP, which we consider later, refers to an FTP server on which specified users have accounts that they can access with...

Adding or Editing Groups

To create or edit groups in your system, select Security and Users O Edit and create groups. Similar to the User section, you are presented with a list of groups currently on the system (see Figure 9-27). You can select a group from the list and click Edit to change settings for that group, or click Add to create a new group. Figure 9-27 List of groups installed in your system Figure 9-27 List of groups installed in your system If you click Add to create a new group, you are presented with the...

Burning CDs and DVDs Using k3b

The easiest way to create CDs and DVDs is by using k3b, which is a graphical tool included with all current versions of SUSE. Figure 14-7 shows a CD being burned in k3b. The k3b application makes it easy for you to burn audio CDs, data CDs, mixed-mode CDs, video CDs (VCDs), eMovix CDs, audio DVDs, data DVDs, video DVDs, and eMovix DVDs from a convenient graphical interface. To specify the type of project that you want to create, select the appropriate type of project from the File O New Project...

Using Fluxbox

After you have installed Fluxbox, you'll want to experiment with it. The easiest way to experiment with different window managers on your SUSE system is to create a file called .xinitrc (located in your home directory) that starts the X applications and window manager of your choice. If you are using a graphical display manager such as kdm (the default on SUSE systems), the specified applications and window manager will start automatically the next time you log in on your system. If you are...

Using the YaSt Dhcp Server Wizard

The first time that you configure a DHCP server in YaST, YaST provides an easy-to-use DHCP Server Wizard that walks you through the basic stages of DHCP server configuration. After you have set up a DHCP server, YaST provides a slightly different interface to the same configuration information, which is discussed in the following section. To set up and configure a DHCP server for the first time using YaST, do the following 1. Start YaST and select the Network Services item from the left pane,...

Setting Up an NIS Server Using YaST

As mentioned earlier, NIS is the most commonly used distributed authentication mechanism today, largely because it is shipped free with almost all Unix and Unixlike systems. Another reason for the prevalence of NIS is that it's incredibly easy to set up, as shown in this section, which walks you through the process of setting up an NIS server. The SUSE YaST administration tool further simplifies NIS set up and configuration. Configuring other systems so that they get their authentication...

Configuring an NIS Client using YaST

YaST makes NIS client configuration almost trivial, using a single dialog box to collect information about the NIS domain that you want your client to use. To configure a system as an NIS client using YaST, do the following 1. Start YaST's NIS client configuration module by executing the command yast2 nis as root or using sudo. This displays the dialog shown in Figure 22-7. 2. Click the Use NIS option button, and enter the name of the NIS domain that you want the client system to contact for...

Building the Kernel

Now, assuming the architecture is x86, you need to do the following root bible usr src linux-2.6.5-7.79 make bzImage Historically, the b stands for big, and the z indicates that it is a compressed image. On other architectures, the command you need is different. Details specific to SUSE are available at www.suse.de agruen kernel-doc . This is where the real work gets done. In the 2.6 kernels, by default you see slightly less output on the screen than before (see Listing 29-2). Listing 29-2...

Setting Up a Windows Client to Print to the CUPS Server

Recent versions of Windows support the IPP protocol, so you can set them up to print to a CUPS server. Note j0 use pp prjntjng on Windows 95 and 98 you need to download the file Printing from a Windows client using IPP is an alternative to using Samba as the print server on Linux. The printer does not appear as a Windows shared printer from the point of view of the Windows client, and unfortunately this means that you can't just browse for it as you would for a Windows shared printer or Samba...

Listing 152 Output of route n with No Default Route

Bible route -n Kernel IP routing table Destination Gateway Gtemask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo As you can see, this example uses the -n option to suppress the use of name resolution. When you suppress name resolution, it speeds up the execution of the command because it will not try to resolve an IP address to a name using your name resolver, which could at best be your local host's file or at worst be your...

Setting Up an NIS Server Manually

This section explains how to set up an NIS server from the command line. YaST removes the need to do this manually, and you don't need to follow the instructions in this section if you've set up an NIS server using YaST. However, it's still convenient to know exactly what changes need be made under the hood in order to set up an NIS server. An NIS server that is configured using the instructions in this section exports the default password, group, host, and so on maps (files) found on the NIS...

Loading Kernel Modules

In the 2.6 kernel, kernel modules have filenames ending with .ko (rather than o as in 2.4). To check what modules are loaded Dependencies between modules are indicated in the last column of the output. To load a module manually, you use the following root bible modprobe tulip To unload a module, use the following The automatic loading of modules is now (in 2.6 kernels) controlled by the file etc modprobe.conf, which has replaced the etc modules.conf file. The file lib modules -default...

Troubleshooting DHCP Clients

Most of the problems that you may see in DHCP environments are related to DHCP clients that somehow retrieve erroneous information from a DHCP server. This is almost always the result of people starting DHCP servers on other systems that either serve the same range of IP addresses as your DHCP server or serve an entirely different set of IP addresses. If a DHCP client on your system retrieves an IP address that is in the same range as those delivered by your DHCP server but any other aspect of...

Logging with syslog

The standard Linux logging facility is syslog. The syslog daemon intercepts messages logged to the system logging facility and then processes those messages based on the configuration specified in etc syslog.conf. The other side of syslog is the klogd process, the kernel logging process that processes kernel-specific messages such as kernel crashes or a failure in a component of the kernel for example, a kernel module . No,e Not all processes use the syslog method of logging. You will see in...

Listing 255 Output of ldapsearch for the Entire LDAP Database

Bible etc openldap schema ldapsearch -x -b o Acme,c UK base < o Acme,c UK> with scope sub objectClass top objectClass organization dn ou Sales,o Acme,c UK ou Sales objectClass top objectClass organizationalUnit dn ou Marketing,o Acme,c UK ou Marketing objectClass top objectClass organizationalUnit objectClass top objectClass organizationalUnit objectClass top objectClass organizationalUnit dn ou Services,o Acme,c UK ou Services objectClass top objectClass organizationalUnit dn ou...

Listing 1522 Checking Connectivity with l2ping

Thinkpad - l2ping 00 0E 07 24 7E D5 Ping 00 0E 07 24 7E D5 from 00 20 E0 73 EF 7F (data size 20) 0 bytes from 00 0E 07 24 7E D5 id 200 time 46.77ms 0 bytes from 00 0E 07 24 7E D5 id 201 time 50.29ms 0 bytes from 00 0E 07 24 7E D5 id 202 time 30.28ms 0 bytes from 00 0E 07 24 7E D5 id 203 time 43.26ms 4 sent, 4 received, 0 loss As with the TCP IP-based ping command, the Bluetooth stack sends an echo request to the Bluetooth ID specified and displays the time it takes to receive a ping response...

Customizing emacs

If you've ever gone to the desk of any emacs aficionado and used emacs there, you've probably noticed that it doesn't seem to work the same way for them as it does on your system. The reason for this is that emacs is the most configurable editor in existence. Not only does emacs provide a rich configuration language for changing the commands that different keys are associated with (known as key bindings), but it also includes a complete implementation of the Lisp programming language that makes...

Running Microsoft Windows Applications Using Wine

Even the most rabid Linux fanatic has to recognize that there are times when you must run Microsoft Windows applications for compatibility reasons with other applications or your co-workers. As discussed elsewhere in this chapter, one solution is to run software such as VMWare that emulates an entire Windows system. Within the context of this virtual machine, you can then install and execute the Windows applications that you need to run because the virtual machine looks like an actual Windows...

Listing 205 Using tcpdump

tcpdump -lenx -s 1500 dhcpdump Error in paCkEt . TIME 01 27 46.168382 IP 192.168.6.200.1024 00 30 65 3c 7e 22 gt 255.255.255.255.514 ff ff ff ff ff ff n OP 60 Boot file size HTYPE 49 null HLEN 52 HOPS 50 XID 3E303537 SECS 14112 FLAGS 33fc CIADDR 48.32.68.72 YIADDR 67.80.32.83 SIADDR 69.82.86.69 GIADDR 82.32.79.102 CHADDR SNAME Offering 192.168.6.243 To 00112F8D94B8 By 192.168.6.200. FNAME . Error in packet TIME 01 28 15.044104 IP 192.168.6.246.2190 00 06 25 07 f7 0e gt 192.168.6.255.2190 ff ff...

The showmount Command

The command showmount provides information about mounts on an NFS server. This command lists the exports list for the server bible. Typically this will be the contents of etc exports, but if changes have been made without using exportfs as described in the previous section, these will be reflected in the output. root bible exportfs -i -o rw,sync client home user client showmount -e bible test * home client In the preceding example, you can see home, which you just configured, and test, which...

User Authentication

A common requirement is to add user authentication so that only known users within the network can get web access via Squid. The simplest way to do this is to make use of whatever authentication methods are available on the machine where Squid is running, using PAM Pluggable Authentication Modules . To do this, you need something like the following in etc squid squid.conf auth_param basic program usr sbin pam_auth This says that you should use PAM for authentication Whatever authentication...

Using SuSEfirewall2

SUSE includes its own sysconfig-based firewall script called SuSEfirewall2. The SuSEfirewall script has come a long way since its conception many years ago and provides a robust feature set that can be configured through YaST. For new users who need to set up a quick firewall, this is the perfect option. We would have suggested in years gone by that you should write your own firewall script, but if you do not feel the need to be able to control your rules explicitly, SuSEfirewall produces a...

Using Squid as a Transparent Proxy

One of the difficulties in running a web proxy is that each client browser has to be configured to use it. A much neater solution is to force all attempts to access a web site to go through the proxy. This can be achieved quite simply by using iptables firewall rules on the machine where Squid runs. What you want to do is to intercept all outbound packets to external hosts on port 80 (and certain others perhaps) and redirect them to port 3128 on the server. Squid will then do the proxying. So...

Creating a ReiserFS Filesystem

In most cases, you will create ReiserFS partitions when you first install your system. However, if you subsequently add a new disk drive to your system, you will need to partition it and create filesystems on those partitions. The ReiserFS filesystem is an excellent choice for most Linux filesystems, especially user filesystems and mail or web server partitions where you will be creating and deleting large numbers of small files. As discussed earlier, the design of the ReiserFS makes it a fast...

Listing 39 Creating a Reiser Filesystem

Bible mkfs.reiserfs dev hda5 mkfs.reiserfs 3.6.13 (2003 www.namesys.com) BigStorage(www.bigstorage.com) contributes to our general fund every month, and has done so for quite a long time. Alexander Lyamin keeps our hardware running, and was very generous to our project in many little ways. Guessing about desired format Kernel 2.6.4-52-default is running. Format 3.6 with standard journal Count of blocks on the device 48992 Number of blocks consumed by mkreiserfs formatting process 8213 Blocksize...

Listing 710 logcheck Example Mail

From root bible.suse.com Thu May 27 23 23 41 2004 Date Thu, 27 May 2004 23 23 39 +0100 Subject bible 05 27 04 23.23 system check User-Agent nail 10.6 11 15 03 MIME-Version 1.0 Cbntent-Type text plain charset us-ascii Cbntent-Transfer-Encoding 7bit From root bible.suse.com (root) May 27 23 23 35 bible sshd 5019 error PAM Authentication failure May 27 23 23 35 bible sshd 5019 error PAM Authentication failure May 27 23 23 35 bible sshd 5019 error PAM Authentication failure May 27 23 23 35 bible...

Configuring Your Hardware

When you have read the release notes, click Next and you will be asked to configure your hardware (see Figure 1-30). The YaST installer and the YaST system configuration manager runs the same modules to configure hardware. For now you will configure the video card so that you can use X KDE GNOME. YaST in SUSE 10 has changed the way it detects your graphics capabilities. YaST will automatically sense what your current configuration is and will then allow you to change those individual settings....

Listing 161 Defining a virtual host

VirtualHost for the subdomain apache.suse.com ServerName apache.suse.com DocumentRoot srv www apache.suse.com html ErrorLog logs apache.suse.com-error_log CustomLog logs apache.suse.com access_log combined This virtual host, which is a web site running under the subdomain apache for suse.com, is binding itself to the IP address 192.168.2.34. Since no port is specified for this virtual host, the default port, 80, which would be specified in the Main Server section, is inherited as the default...

Special Features of NLD

NLD has some special features that were not traditionally part of SUSE Linux. The Novell iFolder is a system that enables users to back up and store files on a server. The iFolder server stores the files in an encrypted form and makes them available both through the desktop iFolder client and through a web page. There are clients available for both Linux and Windows. Anywhere that you have set up an iFolder client to access your files on the iFolder server, you will see exactly the same files...

About the Authors

Justin Davies has been a user of Linux since the age of 15, after getting frustrated at the (lack of) features of DOS. After University, he joined SUSE Linux as a Technical Consultant where he became very interested with Linux on non-Intel architecture. After a stint as a Unix Administrator post-SUSE, he joined the world of the value-added reseller and now works for SCC as an Enterprise Solutions Architect, helping organizations realize that Linux is a viable business solution. After working as...

The YaST Autoinstallation Module

The purpose of this module is to help you create the AutoYaST XML control file. You can start the module with or by selecting the icon in the YaST Misc screen (the one with the wonderful pineapple icon). When you start the module you will see a screen like Figure 9-38. Figure 9-38 YaST's AutoYaST module main screen Figure 9-38 YaST's AutoYaST module main screen The module enables you to create a configuration by going through any or all of the possible steps that would be taken during a real...

Types of Partitions

Felder Kartte

There are three types of partition definitions, and each provides different functionality for different situations Primary partitions These are the standard physical partitions you would use if you did not need to segment your disk too much. Linux supports a total of four primary partitions on a disk, which is usually a limitation for people with large disks who would like to have some segmentation in the way they organize their data or critical files. Extended partition An extended partition...

Configuring Your Network Access

Suse Business Card

If any network interface cards have been detected in the system, you will be asked to configure them for network access (see Figure 1-22). By default, YaST sets the first Ethernet card it finds as your system's primary Ethernet interface and assigns it an address that is configured via the Dynamic Host Configuration Protocol (DHCP). You can find discussions about DHCP servers in Chapter 20. Figure 1-21 Setting the root password Figure 1-21 Setting the root password Figure 1-22 Configuring...

Creating a Shared Folder

Creating Shared Service

A shared folder is a part of IMAP that proves very useful. Instead of setting a mail alias for multiple users, you can deliver mail directly to a folder that those users can access. This cuts down the amount of mail that is sent through the system and also saves space in the user's quota. To create a new shared folder, follow these steps 1. Select the Create Shared Folder subsection (see Figure 30-23). Figure 30-23 Creating a shared folder Figure 30-23 Creating a shared folder 2. You will be...

Searching Files with grep

The grep (global regular expression print) command is a very useful tool for finding stuff in files. It can do much more than even the examples that follow this paragraph indicate. Beyond simply searching for text, it can search for regular expressions. It's a regular expression parser, and regular expressions are a subject for a book in themselves. When using or administering a system, you often need to look for lines in a file that contain a certain string. In the first example that follows,...

Configuring a DNS Server

We have talked about a few backbone services of the Internet in this book, but one of the most important ones is the role of the nameserver. Imagine life without names going to your favorite search engine e.g., www.google.com would involve your having to type http 66.l02.ll.l04. Not so bad, but if you had ten favorite sites, you would have to remember all of those addresses. As TCP IP needs to use IP addresses to make a connection to another machine, the Domain Name System DNS is important to...

Reading Your Mail

To view your mail through the web interface, select the eMail icon from the list of icons across the top of the Portal screen. You will be presented with an easy-to-use email client that you should be familiar with if you have ever used any of the popular webmail services (see Figure 30-27). On the left side of the screen is a list of the folders that you have through IMAP. If you created an IMAP account on your desktop email client, these are visible as any normal email folder on the right....

Installing and Running QEMU

To use QEMU without the accelerator module, all you need to do is to install the package on the SUSE media. If you want to try a version that is newer than the one currently offered by SUSE, you can download a binary distribution from the QEMU web site, which can be installed simply by copying it to the root directory and unpacking it You can also build QEMU from source, although there is normally no real need to do so unless you want to apply some obscure options at compile time. If you want...

The bochs PC Emulator

The bochs project goes back a long way. It is a free (licensed under the GNU LGPL) PC hardware emulator that provides a complete emulation of PC hardware in software. As is the case with QEMU and VMWare (see later in the chapter), you can install an operating system into bochs. However, bochs does not offer virtualization of the underlying hardware to the guest. This means that it can be built and run on any Unix-like platform on any hardware architecture, but it also means that it is slow. For...

The Squid

The main Squid log is by default at var log squid access.log. Exactly what is logged here depends on the options chosen in the configuration file. The options are explained as comments in the standard configuration file shipped with the SUSE package. In particular, if you set in etc squid squid.conf, the format of the log file will change to look more like Apache's access log. The difference can be seen in these two sample entries 1089560809.055 159 192.168.2.111 TCP_MISS 200 768 GET - DIRECT...

NFS Security Considerations

Just as with SMB shares, you certainly should not make it available beyond the private network. The lists of allowed client IPs or host names in the exports file are no defense against someone who is able to alter a machine's IP address (which with physical access in practice means anyone). The point made in the previous section about UIDs means that a user may have the wrong permissions on another user's files on the server, but if a user has root access on...

The NFS Server

Two NFS server implementations are available on SUSE. One is the kernel-based NFS server the other is an implementation that runs in user space and is included in the package nfs-server. If you use the kernel-based NFS server, you need the package nfs-utils. If you install the user space nfs-server package, you need to uninstall nfs-utils because the packages conflict. The description that follows does not depend on which implementation is being used. The default kernel-based NFS server can be...

The SOA Record

The brackets around the rest of the data dictate that everything else up to the closing bracket is part of the SOA record. All time settings are in seconds. The first entry is the serial number for the zone. This is one of the most important parts of the SOA because it must be changed any time you edit the zone file. It is the serial number that tells other DNS servers that are querying your DNS server that data has changed. If you do not change the serial number, your changes will not get...

Listing 211 Using dig to Test a DNS Server

Warning ID mismatch expected ID 23997, got 50172 Warning ID mismatch expected ID 23997, got 50172 lt lt gt gt DiG 9.2.3 lt lt gt gt www.palmcoder.net global options printcnri Got answer - gt gt HEADER lt lt - opcode QUERY, status NOERROR, id 23997 flags qr rd ra QUERY 1, ANSWER 2, AUTHORITY 1, ADDITIONAL 0 QUESTION SECTION www.palm oder.net. IN A www.palmcoder.net. 38396 IN CNAME zen.palncoder.net. zen.palncoder.net. 38400 IN A 212.13.208.115 palmcoder.net. 38400 IN NS zen.palmcoder.net. Query...

The Samba Configuration File

Samba is configured through settings that are stored in a text-format configuration file, which is located in the file etc samba smb.conf on your SUSE system. The huge number of settings available in this file provides an interesting demonstration of the flexibility and power of the Samba software suite. The Samba software suite provides excellent documentation about configuring and using every aspect of Samba. In addition, a number of excellent books are available on Samba and Samba 3 at your...

Creating a Shared Mailbox

If you want to create a mailbox that is shared between certain users, use the c m command to create the mailbox and also set the access control list (ACL) for users on the mailbox. For example, if you have three users, justin, roger, and aimee, on the system, and you want them to be able to store and view messages in this folder, but not to be able to delete any, you can look up the access control codes in Table 17-1 and set the ACL on that folder using the sam command (set ACL on folder). No,e...

Listing 174 Testing the POP3 Server with Telnet

Bible telnet localhost 110 Trying 127.0.0.1 Connected to localhost. Escape character is OK ready lt 2282.1088970620 bible gt user justin OK Password required for justin. pass password OK justin has 1 visible message 0 hidden in 544 octets. As you can see, the user justin has one unread mail that is 544 octets in length. You can pass other parameters to Qpopper to extend its functionality. For example, if you want to allow your users to enter their usernames in uppercase or mixed case format,...

Listing 1515 Using ping to Test Network Connectivity

PING zen.palmcoder.net (212.13.208.115) 56(84) bytes of data. 64 bytes from icmp_seq 1 ttl 55 time 64 bytes from icmp_seq 2 ttl 55 time 28.4 ms 64 bytes from icmp_seq 3 ttl 55 time 30.0 ms zen.palmccder.net ping statistics 3 packets transmitted, 3 received, 0 packet less, time 2001ms rtt min avg max mdev 27.015 28.482 30.028 1.231 ms Here, you can see the machine thinkpad sending an Internet Control Message Protocol (ICMP) echo request to the machine zen. When zen receives this ICMP echo...

Squid Log Reader Scripting Example

The Squid web proxy produces a log file that is not very readable. There are plenty of tools out there that turn the output of the Squid log into other formats including nice web output, but we wanted something simpler just to be able to quickly look at the sites visited (and the dates and times) by a particular client on the network (192.168.2.4). The Squid log contains entries like these 1058269843.343 54782 192.168.2.4 TCP_MISS 000 0 POST http journeyplanner. tfl.gov.uk user...

Shell Variables

As a shell script is essentially just a string of shell commands, it understands the current environment variables. For example echo Your current directory is PWD Here USER and PWD are the environment variables that are already accessible to the shell representing the current user and the working directory, respectively. If you save this in a file scrl.sh, you have a simple shell script. The first line tells the system that it is to interpret the script using bin bash. This line applies if you...

Querying RPM Packages

To find out information about an RPM package, you must query the RPM database or the RPM package directly. You do this with the -q command-line option. If you are querying an installed RPM, you just need to use the -q parameter with the query type you want to use. If you need to query an RPM package file directly, you have to add the -p (package) directive. Querying RPMs is a very important part of administrating an RPM-based system because you may need to see what version of the software is...

Starting emacs

If you start emacs from the command line (by typing emacs), then if emacs-xll is installed and X is running, you will see something like Figure 11-8. If you want to start emacs in an xterm or konsole window, type The - nw option (think no window) prevents it from starting in its own window and forces it to run in text mode inside the xterm or konsole window. You will see something like Figure 11-9. Session Edit View Bookmarks Settings Help Session Edit View Bookmarks Settings Help j' tcoiie to...

Dos2unix and unix2dos

DOS and Windows have a different convention for newline characters from Unix and Linux. In DOS, the newline character is a carriage return and a line feed, whereas in Unix it is just a linefeed. What this means is that there can be problems when dealing with files from one system on the other. The programs dos2unix and unix2dos will convert (by default in place) a file from one system of newlines to the other. This will silently overwrite the original file with its Unix-style line endings with...

Boot Loader Configuration

We talked in Chapter 4 about configuring the boot loader of the system using the boot loader configuration files directly. Here we will quickly use YaST to install a new boot option into the GRUB boot loader for the installation of a new Linux kernel. We hope that as you move through this chapter you will see there is more than one way to do things in Linux the easy, the interesting, and the downright hard way. We have concentrated on the easy and the interesting ways throughout the book and...

Using NTP Time Services

Network Time Protocol (NTP) synchronizes your machine time with a centralized time server of your choosing. Time servers available on the Internet are usually a secondary source to a machine that acts as a central time server. Central (or primary) time servers are usually linked into an extremely accurate clock mechanism. To specify an NTP time source, select the Network Service icon in the left pane after starting YaST, and then select the NTP Client option from the right pane. Selecting the...

Remote Graphical Connection from Windows

There are ssh clients for Windows, the best known of which is PuTTY. If you want to view your Linux desktop from a remote Windows machine, one easy way is to use PuTTY together with Virtual Network Computing (VNC). You will need to have the tightvnc package installed on Linux, and you will need to have PuTTY and a VNC viewer available on Windows. These applications are provided in the dosutils directory on your SUSE distribution media, but you can always get the latest and greatest versions...

Copy and Paste in X

Windows users are used to using Ctrl+C and Ctrl+V for copying and pasting between applications. Almost all X applications follow the principle that selecting with the left mouse button copies and clicking with the middle button pastes. This is one reason why you should really make sure that you have a genuine three-button mouse when you run Linux. However, many applications, including KDE applications, also use the Ctrl+C Ctrl+V system. KDE has a clipboard application (klipper) that maintains a...

Linux Documentation Project Guides

The Linux Documentation Project provides a large number of freely distributed books on Linux. Some of these are included in the SUSE package named books (see the next section in this chapter). The index of available guides at the LDP site is located at www.tldp.org guides.html. The listing for each available guide includes the date that it was last updated and a list of the formats and languages in which each guide is available. The following are some or our favorite current guides Advanced...

Working with Man Pages Graphically

If you are working graphically, you may prefer to use Konqueror as your viewer for man pages. If you type the location man into Konqueror's location bar, Konqueror displays a top-level index of manual pages on the system, showing clearly the hierarchy (see Figure 5-1). Figure 5-1 Konqueror displaying the top-level man pages index Figure 5-1 Konqueror displaying the top-level man pages index If you use Konqueror as your man page viewer, you can browse all the pages in a particular section simply...