Contents

About the Author xxiii

About the Technical Reviewer xxv

Acknowledgments xxvii

Introduction xxix

SUSE Linux Enterprise Server chapter 1 Installing SUSE Linux Enterprise Server 3

Meeting the Installation Requirements 3

Starting the Installation 3

Preparing the Installation 6

Selecting What to Install 10

Configuring the Server 14

Summary 28

chapter 2 Exploring SUSE Linux Enterprise Server 29

Logging In 29

Exploring the Linux User Accounts 29

Working with Virtual Consoles 30

Getting Administrative Access 31

Finding Your Way in the File System 32

Exploring the Default Directories 32

Performing Essential Tasks in the File System 38

Working with the GNOME Interface 40

Using the GNOME Menu 40

Working with More Applications 42

Modifying the GNOME Desktop 45

Adding Items to the Desktop 45

Changing the Menu 46

Modifying Other Desktop Items 46

Summary 47

chapter 3 Managing SUSE Linux Enterprise Server with YaST 49

Exploring YaST Options 49

The Software Menu 50

The Hardware Menu 51

The System Menu 57

Network Devices 62

Network Services 62

Novell AppArmor 66

Security and Users 66

Miscellaneous Options 70

Working with YaST and Its Configuration Files 70

Working with YaST Modules 71

Summary 72

chapter 4 Finding Your Way on the Command Line 73

Working with the Bash Shell 73

Making the Most of Bash 73

Knowing the Important Key Sequences 74

Working with the Bash History 74

Performing Basic File System Management Tasks 76

Working with Directories 76

Working with Files 76

Viewing the Content of Text Files 78

Creating Empty Files 78

Using Piping and Redirection 79

Using Piping 79

Using Redirection 79

Finding Files 81

Working with an Editor 82

Exploring the vi modes 82

Saving and Quitting 82

Cutting, Copying, and Pasting 83

Deleting Text 83

Getting Help 83

Using man to Get Help 84

Using the --help Option 86

Learning More About Installed Packages 86

Summary 87

PART 2 ■■■ Administering SUSE Linux Enterprise Server chapter 5 Managing Users and Groups 91

Managing Users 91

Using Commands for User Management 91

Assigning Users to Groups 92

Managing the UID 93

Setting a Default Shell 93

Managing Passwords 94

Modifying and Deleting User Accounts 95

Going Behind the Commands: Configuration Files 96

/etc/passwd 96

/etc/shadow 98

/etc/login.defs 98

/etc/default/passwd 99

Managing Users with YaST 99

Managing Groups 100

Using Commands for Group Management 101

Going Behind the Commands: /etc/group 101

Managing Authentication: PAM 102

Creating a Default Policy for Security 103

Discovering PAM Modules 104

Managing the User's Shell Environment 107

Creating Shell Login Scripts 107

Displaying Messages to Users Logging In 108

Summary 108

chapter 6 Managing Linux Permissions 109

Granting Read, Write, and Execute: The Three Basic Linux Permissions 109

Understanding Permissions and the Concept of Ownership 110

Changing File Ownership 111

Understanding Group Ownership 111

Working with Advanced Linux Permissions 112

Setting Permissions 114

Using chmod to Change Permissions 114

Using umask to Set Default Permissions 116

Working with Access Control Lists 117

Using ACLs to Grant Permissions to More Than One Object 118

Working with ACL Masks 119

Using Default ACLs 119

Understanding ACL Limitations 120

Applying File Attributes 120

Apply Quota to Allow a Maximum Amount of Files 121

Installing the Quota Software 122

Preparing the File System for the Quota 122

Initializing the Quota 123

Setting the Quota for Users and Groups 123

Starting the Quota Service 124

Summary 124

chapter 7 Performing Daily File System Management Tasks 125

Mounting Devices 125

Using the Mount Command 125

Unmounting Devices 128

Automating Mounts with /etc/fstab 128

Checking File System Integrity 130

Working with Links 130

Understanding Why You Want to Use Links 131

Working with Symbolic Links 131

Working with Hard Links 132

Creating Backups 132

Using tar to Create and Restore Backups 132

Working with Magnetic Tapes 135

Using dd to Make a Backup 135

Using rsync to Synchronize Files 136

Automating Backups with cron 136

Summary 138

chapter 8 Configuring Storage 139

Comparing File Systems 139

Using ext2 139

Using ext3 142

Using ReiserFS 143

Using XFS 144

Creating File Systems 146

Designing a Partition Layout 146

Creating Traditional Partitions 147

Working with Logical Volumes 151

Setting Up a Software RAID 159

Understanding Your RAID Options 160

Setting Up RAID 0 from the Command Line 160

Creating a RAID 5 Array Using YaST 161

Managing the RAID Array 163

Summary 164

chapter 9 Managing Software 165

Installing Software with YaST 165

Installing from the Installation Media 165

Selecting the Installation Source 168

Installing Nondefault Software with YaST 170

Updating Software 170

Compiling Software from Source 174

Working with RPM 175

Following the RPM Naming Convention 176

Rebuilding the RPM Database 176

Working with the rpm Command 176

Managing Libraries 177

Summary 178

chapter 10 Managing the Boot Procedure 179

Using GRUB and Its Configuration 179

Working with the GRUB Configuration File 180

Installing GRUB 183

Working with the GRUB Boot Menu 189

Understanding the Kernel and Its initrd 189

Using Init and /etc/inittab 189

Working with the Boot Scripts 194

Manually Tuning the Initial Boot Phase 194

Using YaST to Tune the Initial Boot Procedure 196

Including Your Own Services in boot.local 197

Managing Services Start-Up 197

Understanding the Concept of Runlevels 197

Adding Services to a Runlevel Manually 198

Using YaST to Add Services to a Runlevel 201

Summary 202

chapter 11 Managing Processes 203

Understanding the Different Kinds of Processes 203

Running in the Foreground and Background 204

Performing Day-to-Day Process Management 205

Tuning Process Activity 205

Using Other Tools to Monitor System Activity 208

Terminating Processes 210

Setting Process Priority 211

Scheduling Processes 212

Configuring the cron Service 212

Executing Once with at 214

Summary 214

chapter 12 Using System Logging 215

Reading the Boot Messages 215

Getting Hardware Information 217

Browsing the /proc File System 217

Using YaST Hardware Information 219

Using the syslog-ng Service 220

Introducing syslog-ng 220

Understanding syslog-ng.conf 221

Monitoring Log Files 223

Rotating Log Files 224

Summary 227

PART 3 ■ ■■Networking SUSE Linux Enterprise Server chapter 13 Connecting to the Network 231

Configuring the Network Interface with YaST 231

Adding a Network Card Manually 234

Configuring the Network Interface from the Command Line 240

Working with the network Script 240

Using ifup, ifdown, and Related Tools 241

Using ifconfig 242

Using the ip Tool 244

Managing IPv6 247

IPv6 Addressing 247

Address Types 248

The Neighbor Discovery Protocol 248

Assigning IPv6 Addresses in SUSE Linux Enterprise Server 248

Managing Routes 249

Setting the Default Route with route 249

Using the ip Tool to Specify the Default Gateway 251

Storing Routing Information 251

Configuring the DNS Resolver 251

The Role of nsswitch.conf 252

Using /etc/hosts 252

Tuning and Troubleshooting 253

Testing Connectivity 253

Testing Routability 254

Testing Availability of Services 255

Monitoring the Network Interface 259

Monitoring Network Traffic 261

Using the GNOME Network Tools 264

Summary 265

chapter 14 Configuring a CUPS Print Server 267

Installing a CUPS Printer 267

Understanding CUPS 270

Managing CUPS 271

Managing CUPS with YaST 271

Using the Web Interface for CUPS Management 277

Tuning the CUPS Environment from the Command Line 279

Configuring CUPS Clients 282

Installing a Linux CUPS Client 282

Installing Windows As a Client for CUPS 283

Summary 284

chapter 15 Sharing Files with SUSE Linux Enterprise Server 285

Sharing Files with NFS 285

Using the NFS Server 285

Configuring an NFS Server 287

Configuring an NFS Client 291

Tuning and Monitoring the NFS Server 294

Sharing Files with Samba 294

Recognizing Samba Server Possibilities and Impossibilities 294

Configuring the Samba Server 295

Integrating CUPS with Samba 300

Setting Up Samba As a Domain Controller 302

Configuring Samba with YaST 304

Implementing Client Access to the Samba Server 312

Offering Files with FTP 314

Configuring the pure-ftpd Server 314

Starting the pure-ftpd Server 315

Summary 316

chapter 16 Configuring a Mail Server 317

Understanding How a Mail Solution Works 317

Configuring the Postfix MTA 318

Handling Inbound and Outbound Mail 318

Managing Postfix Components 322

Configuring the Master Daemon 323

Configuring Global Settings 324

Tuning Postfix with Lookup Tables 328

Using Postfix Management Tools 332

Receiving E-mail Using IMAP or POP3 333

Fetching E-mail Using Cyrus IMAPd 333

Filtering Incoming E-mail with Procmail 335

Getting E-mail with POP3 Using Qpopper 336

Using YaST to Set Up an MTA 337

Summary 340

chapter 17 Working with OpenLDAP 341

Centralizing Vital Information 341

Structure of an LDAP Directory 342

The LDAP Hierarchy 342

OpenLDAP Files and Directories 343

Installing an OpenLDAP Directory with YaST 344

Configuring the OpenLDAP Server During Installation 344

Configuring OpenLDAP on an Operational Server 347

Setting Up the SUSE Linux Enterprise Server LDAP Client 354

Tuning LDAP Configuration Files 359

Configuring the OpenLDAP Server 359

Configuring the LDAP Client 363

Adding, Querying, and Modifying Entries in the Directory 364

Creating LDIF Files 364

Adding Entries with ldapadd 366

Modifying Entries with ldapmodify 366

Deleting Entries with ldapdelete 366

Using ldapsearch to Query the Directory 366

Summary 367

chapter 18 Enabling Remote Access 369

Understanding How Secure Shell Works 369

Working with Public/Private Key Pairs 370

Working with Secure Shell 370

Configuring SSH 372

Using Key-Based Authentication 374

Introducing Cryptography 374

Using Public/Private Key-Based Authentication in an

SSH Environment 375

Setting Up SSH for Key-Based Authentication 375

Caching Keys with ssh-agent 376

Tunneling Traffic with SSH 377

Using X-Forwarding 377

Using Generic TCP Port Forwarding 378

Using Other Methods for Remote Access 379

Using VNC for Remote Access to Graphical Screens 379

Enabling VNC via xinetd 381

Securing VNC Remote Access with SSH 381

Using screen to Synchronize Remote Sessions 382

Summary 382

chapter 19 Configuring xinetd 383

Configuring xinetd with YaST 383

Tuning xinetd by Hand 386

Managing the xinetd Daemon 386

Setting Default Behavior 386

Tuning the Individual Services 389

Tuning Access to Services with TCP Wrapper 390

Working with /etc/hosts.allow and /etc/hosts.deny 390

Why You Shouldn't Use TCP Wrapper 392

Summary 392

chapter 20 Configuring SUSE Linux Enterprise Server

As an NTP Time Server 393

Understanding NTP Fundamentals 393

Configuring a Stand-Alone NTP Time Server 395

Configuring ntp.conf 395

Pulling or Pushing the Time 396

Tuning Your NTP Server 396

Using the NTP Drift File 396

Using the NTP Log File 397

Securing Your NTP Server 397

Configuring an NTP Client 398

Checking NTP Synchronization Status 398

Summary 400

chapter 21 Managing Cryptography 401

Introducing SSL 401

Public and Private Keys 402

The Need for a Certificate Authority 402

Managing Certificates 403

Creating Certificates and a Certificate Authority with YaST 403

Other YaST Certificate Authority Management Options 413

The Common Server Certificate Interface 414

Managing Certificates from the Command Line 414

Summary 417

chapter 22 Configuring the Apache Web Server 419

Understanding How a Web Server Works 419

Installing Apache on SUSE Linux Enterprise Server 420

Installing the Right Packages 420

Starting, Stopping, and Testing the Apache Web Server 421

Exploring the Configuration Files 423

Understanding the Structure of the Apache Configuration Files 423

Checking the Configuration 424

Configuring Apache with YaST 424

Working with Virtual Hosts 429

Managing Access to the Web Server 431

Configuring Host-Based Access Restrictions 431

Configuring User-Based Access Restrictions 432

Using OpenSSL for Encrypted Connections 434

Performance Tuning Your Web Server 436

Summary 436

chapter 23 Configuring DNS 437

introducing DNS 437

Methods of Name Resolving 437

Organization of the DNS Hierarchy 439

Master and Slave Servers 440

Connecting the Name Servers in the Hierarchy 440

DNS and Reversed DNS 441

Configuring DNS 442

Configuring DNS with YaST 442

Configuring DNS from its Configuration Files 453

Securing Zone Transfers 457

Summary 459

chapter 24 Configuring a DHCP Server 461

Understanding How DHCP Works 461

Configuring a DHCP Server from YaST 462

Configuring the DHCP Service Manually 469

The DHCP Process 470

The Configuration File /var/lib/dhcp/etc/dhcpd.conf 470

The Start-up Configuration File /etc/sysconfig/dhcpd 472

Setting Advanced Configuration Options 473

integrating DHCP and DNS 473

The DHCP Relay Agent 475

Setting Up DHCP Failover 475

Summary 477

chapter 25 Configuring the Squid Web Proxy Cache 479

introducing Squid 479

installing Squid and Performing the initial Configuration 480

Network Tags 481

Defining Cache Settings 481

Specifying Log Files and Cache Directories 482

Optimizing Squid Performance 483

Timeout Settings 484

Generic Settings 485

Securing the Proxy with ACLs 485

Configuring User Authentication 487

Squid and URL Filtering 489

Configuring Squid for SSL Traffic 489

Configuring Clients for Squid Usage 490

Using Squid As a Transparent Proxy 490

Summary 491

chapter 26 Understanding the Kernel 493

Understanding Kernel Modules 493

Tuning initrd 494

Loading Modules on Boot 494

Loading Modules Manually 494

Loading Modules Automatically 495

Using udev to Load Kernel Modules 496

Tuning the Kernel Source Files (or Not) 499

Understanding SUSE Kernel Backgrounds 499

Configuring the Kernel 500

Patching the Kernel 501

Summary 502

chapter 27 Introducing Shell Scripting 503

Getting Started 503

To Script or Not to Script? 503

What Shell? 504

Basic Elements of a Shell Script 504

Making It Executable 505

Making a Script Interactive 507

Working with Arguments 508

Regular Expressions 509

Working with Variables 510

Command Substitution 510

Changing Variables 511

Substitution Operators 511

Pattern-Matching Operators 513

Performing Calculations in Scripts 514

Using Flow Control 517

case 520

while 522

until 522

for 523

Using a Stream Editor 523

Working with Functions 524

Summary 525

chapter 28 Tuning and Optimizing SUSE Linux 527

Managing Memory 527

Optimizing Usage of Swap Space 528

Monitoring Swap Activity 529

Adding Swap Space on the Fly 529

Using ulimit to Set Resource Limits 530

Tuning the Kernel 531

Understanding the /proc File System 531

Using procinfo 533

Tuning the Kernel 534

Using the Powertweak Utility 537

Crashes and Core Dumps 538

Summary 540

Enterprise Server Configuration chapter 29 Configuring SUSE Linux Enterprise Server 10

for High-Availability Clustering 543

Introducing Linux Clustering 543

Designing an HA Cluster Solution 544

Using Shared Storage 545

Using Heartbeat for High Availability 558

Editing the Sample Configuration Files 559

Using Authentication Keys to Ensure Secure Communications 559

Tuning the Main Configuration File ha.cf on Both Nodes 559

Creating Shared Resources by Editing the haresources File 561

Managing the Shared Resource 563

Avoiding Split Brain 564

Configuring a Heartbeat 2-Style Cluster with YaST 565

Creating the Cluster 565

Creating Resources 568

Migrating Resources 572

Summary 572

chapter 30 Managing Access with the SUSE Firewall 573

Before Configuring the Firewall 573

Configuring the SUSE Firewall with YaST 577

Tuning Netfilter with iptables 584

Making Proper Preparations 584

Netfilter Building Blocks 585

Using iptables to Create a Firewall 586

Summary 591

chapter 31 Using Xen to Create a Virtual Environment 593

Working with Xen Virtualization 593

Virtualization Methods 594

Xen Architecture 594

Installing Xen 595

Preparing for Xen Installation 595

Installing the Xen Domain-0 595

Installing the First Virtual Machine 597

Managing Xen Domains 602

Managing Xen from the Command Line 602

Managing Virtual Machines from YaST 605

Managing Xen Networking 606

Migrating Virtual Machines 607

Summary 608

chapter 32 Using AppArmor to Secure Applications 609

Exploring the AppArmor Components 609

Managing AppArmor Profiles with YaST 611

Creating a New Profile 611

Updating a Profile 616

Deleting a Profile 617

Managing AppArmor Profiles from the Command Line 618

Creating a Profile with genprof 618

Monitoring AppArmor's Status 618

Summary 620

chapter 33 Configuring Service Location Protocol 621

Understanding How SLP Works 621

Configuring an SLP Server 622

Configuring OpenSLP from YaST 622

Tweaking /etc/slp.conf 624

Registering Services 626

Browsing Available Services 628

Summary 629

chapter 34 Troubleshooting SUSE Linux Enterprise Server 631

Analyzing the Problem 631

Analyzing the Network 631

Checking Application Availability 634

Checking Logging 635

Troubleshooting from the GRUB Boot Prompt 636

Booting a Rescue System 638

Using the Repair an Installed System Option 640

Summary 645

chapter 35 Creating an Installation Server 647

Creating an Installation Server 648

Configuring TFTP for PXE Boot 653

Installing a Server Automatically with AutoYaST 655

Performing Remote Installations Using SSH or VNC 659

Performing a Remote Installation with SSH 659

Combining SSH with VNC 660

Summary 661

INDEX 663

Was this article helpful?

0 0

Post a comment