5

REDHATEN
NTERPRISELLINUX TR
RAININ
NG
Trainer
T
r: Mr.KaoSereyrath
h

MSc.ITT(SMU,India),BSc.IT(NU)
ICTMaanager,Sam
micMicrofinaance
PartTimeComputterlecturer,NortonUniversity

UpdatedYeear2010

HISTORYOFREDHATENTERPRISELINUX

Starting in2001, RedHat,Inc.beganoffering RedHat EnterpriseLinuxinadditionto theiroriginal

consumeroperatingsystem,Red HatLinux.In 2003,Red Hatstartedthe Fedora Projecttorelease
theFedoraCoreoperatingsysteminsteadofRedHatLinux.
The Fedora Project progresses at a rapid rate, releasing a new version of Fedora every four to six
months.Thisallowsnewtechnologiestobetestedbymillionsofusers,whichinturndecreasesthe
amount of time it takes for these technologies to stabilize into production ready software. Each
releaseofRedHatEnterpriseLinuxisbasedonaFedoraoperatingsystemrelease.Thekernelandall
of the other software in Red Hat Enterprise Linux are specifically configured and tested for
enterpriselevelusage.
BothRedHatEnterpriseLinuxandFedoraarebasedonopensourcesoftwaredevelopedbytheopen
source community, some of whom are members of the Red Hat engineering team. The term open
sourcemeansthattheprogrammingcodeisfreelyavailabletoanyoneandthatanyonecansubmit
code to an existing open source project as long as the code stays open source. New projects or
programs can be created based on a different open source project or program. Open source
developersliveallovertheworld,andtheycollaborateonprojectseverydaytogether.

INSTALLINGRED
DHATENTTERPRISEELINUX
Inthisbook,,wewouldgguideyouon
nhowtoinstallRedHatEnterpriseLLinux5throu
ugh:
1. VMw
wareWorksttation6.0
2. BoottableRedHatEnterprise5DVD

InstallRedHaatEnterpriseLinuxwith
hVMwarew
workstation6
aa. SupposeyouinstalledVMware6
6completelyy.
b
b. ClickFilemenu>New
w>VirtualM
MachineorpressCtrl+N
cc. ClickNexxtbuttonandselectCusstom
d
d. InHardw
warecompatibilitybox,sselectWorksstation6
ee. Selectasbelowdialo
og:

ff. Namingyyourvirtualmachinefileeandselecttthepathofyyourvirtualmachinefilee

gg. In Numb
ber of Proceessor dialog,, select Two
o if your computer is having
h
2 pro
ocessors
suchasD
DualCoreorCore2DuoProcessor.
h
h. In Memo
ory dialog, type
t
the am
mount of Meemory to allocate in th
his Virtual machine.
m
Lookatb
belowsample:

i.. InNetwo
orkconnectio
ondialog,seelectUsebriidgeNetworrking
j. InSCSIAd
dapters,seleectLSILogicc
kk. Andthen
nselectCreaateanewvirrtualdisk
l.. InVirtualDisktyped
dialog,selecttSCSI
m
m. InDiskcaapacitydialo
og,typethe sizeofvirtu
ualharddiskkyouwantttoset.Forexxample,
20GBand
dselectAllo
ocatedisksp
pacenowandclickNextandFinish
n
n. In the Device panell, double cliick on CDR
ROM and seee sample below
b
to select the
usedincaseyouprefer tosetuptheeRedhatenterprise
location ofyourISO file(thisisu
manISOfilee):
linuxfrom

II

InstallfromBootableRe
edHatEnterp
priseLinux5
5DVD
1
1. Youneed
dtohaveab
bootableDVD
2
2. MakesurreyourBIOSSsettingisco
onfiguredto
obootoffCD
DROMdevice
e
3
3. PressEnttertoinstallinGraphicm
modeortyp
pelinuxtextandEnterto
oinstalltexttmode

4
4. PressOK
KtotestyourrDVDbeforeeinstallation
n,orPressSSkip

5
5. InWelcomeMessageedialog,clicckNextbutto
on
6
6. SelectEn
nglish(Englissh)language

7
7. SelectUSSInternation
nalasyourkkeyboardsettting

his, you wo
8
8. Click Skip
p entering installation Number. If you skip th
ont be ablee to get
supporto
oronlineupdatefromth
heRedHatIn
nc.

9
9. Click Yess to erase all data in th
he disk. You
u will see th
his messagee when yourr disk is
unallocatted.

1
10. SelectRe
emoveallpaartitionsonselecteddrivesandcreaatedefaultlayoutifyou
uwant
thesetup
ptodeleteaallpartitionsandcreatethestandard
dpartitionsforRedHat
enterprisselinux.
SelectRe
emovelinuxpartitionso
onselectedd
drivesandccreatedefau
ultlayoutwilllet
thesetup
ptoremoveonlyalllinuxpartitionsandcreatesstandardpartitions.

SelectUssefreespaceeonselecte
eddrivesand
dcreatedeffaultlayoutmeansallow
wsetup
tomanaggethefree/u
unallocatedpartitionsto
ocreatestan
ndardslinuxpartitions.
SelectCreatecustom
mlayoutmeaanstomanaagepartition
nbyyourow
wn.
difypartitioninglayouttoeditthed
defaultpartiitionsthatare
TickReviewandmod
byLinux.
createdb

1
11. In Linux, only 3 bassic partitions are required during installation. Those are / (root
dswap.Wheerethesizeo
ofswapparttitionequalsstosizeofm
memory
partition),/bootand
M,orLogicalVolumeM
Manager,isaastoragemaanagementssolutionthatallows
2.LVM
administratorstodivvideharddrrivespacein
ntophysical volumes(P
PV),whichcanthen
bined into lo
ogical volum
me groups (VG), which
h are then divided
d
into
o logical
be comb
volumes(LV)onwhichthefilesyystemandm
mountpointaarecreated.

1
12. A boot lo
oader must be installed
d to boot in
nto the operating system. The GRU
UB boot
loaderis installedbyydefault.Op
ptionssuchaasenabling abootloadeerpassword
dcanbe
selected..

1
13. Below dialog allowss you to deefine your servers name and configuring DNS and
GatewayIPaddress.

1
14. ClickEdittbuttontosspecifystaticcIPaddress.

1
15. SelectAssia/Phnom_Penhasyou
urregion.

1
16. Specifyth
herootpasssword.

1
17. Selectde
efaultsoftwaareinstallationtoinstallthetypicaalsoftwareo
orselectCusstomize
Nowtoin
nstallandch
hoosemorepackages.

1
18. Selectmo
oresoftwareepackagestthatyoupreffertoinstalll.

1
19. ClickNexxttobeginyourinstallattion.

UNDERSTANDINGLINUXCONCEPT
FILESYSTEMHIERARCHY
The location of the files and directories in a Red Hat Enterprise Linux system are based on the
FilesystemHierarchySystem(FHS)guidelines.ThepurposeoftheFHSistoprovideguidelinesforfile
anddirectorylocationsforUNIXbasedoperatingsystemssuchasLinux.
Insteadofanadministratorsearchingtheentirefilesystemforaparticulartypeoffile,hecanknow
thatitwillbeinoneofafewestablishedlocations.Forexample,mostconfigurationfilesareinthe
/etc/directory,andlogfilesareinthe/var/log/directory.
Because the FHS defines the /var/log/ directory as the location for log files, it is easy for an
administratortofindthelogfilessheislookingforbecausetheyareallinonecommondirectory.

Somecommondirectory
Directory

FHSPurpose

/bin/

Essentialcommandsforadminsandusers

/usr/bin/

Commoncommandsforadminsandusers

/sbin/

Essentialcommandsforadmins

/usr/sbin/

Commoncommandsforadmins

/tmp/

Temporaryfilesforallusers

/usr/local/

Locationforlocallyinstalledsoftwareindependentofoperating

systemupdates

/usr/share/man/

Manualpages

/usr/src/

Sourcecode

/var/

Variabledatafilessuchasspoolfilesandlogfiles

/var/log/

Logfiles,canincludesubdirectories

/etc/

Configurationfiles,canincludesubdirectories

/proc/

Kernelvirtualfilesystem

/dev/

Devicefiles

12

SHELLBASIC
S
C
Even though
h Red Hat Enterprise
E
L
Linux
providees a graphiccal desktop and graphical applications for
mostadministrationtassks,itiswiseetoknowth
hebasicsofthecomman
ndline,alsoknownastheshell
w how to use the shell prompt if you
y are acceessing a
prompt. For example, you will neeed to know
systemremo
s
otelywithou
utXforward
ding,workinggwithasysttemthatdoeesnothavea
agraphicaldesktop
installed, tryying to diag
gnose a pro
oblem with the X Wind
dow System,, or bootingg into rescue mode
withoutagr
w
raphicaldeskktop.
There
T
are tw
wo ways to
o start a she
ell prompt. If the X Wiindow Systeem is not installed, the system
defaultstoaablackscreeenwithalogginprompt.A
Afteryouloggin,youareeatashellp
prompt.
Ifyouhave agraphical desktopinstalled,login
ntothesysteematthegraphicalloginscreen,andthen
startashellpromptby clickingonttheApplicationsmenuo
onthetopp
panelandselectingAcceessories,
Terminal.A
T
ownbelow.
terminalwindowassho

So,comman
S
ndscanbeeexecutedto navigatearroundthefillesystem,reeadfiles,startapplicatio
ons,and
performadm
ministrativetasks.

Bydefault,tthepromptlooksliketh
hefollowingg:
[root@redhatserver~]##

Theffirstwordbe
eforethe@symbolisth
heusername
eoftheperssoncurrentlyloggedin.

Thew
wordaftertthe@symbo
olisthehosttnameofthesystem.

The ~ symbol means

m
that the
t current working dirrectory is th
he home dirrectory of th
he user.
directoryisyyourhomed
directory.
Wheenyoustartaaterminal,tthedefaultd

Somebasiccommandyoushouldknow:

Tochangetoadifferentdirectory,usethecd<directory>command.

cd../httpdtakesyouuponedirectoryandthendownintothehttpddirectory.

Tocreateadirectory,usethemkdir<directory>command.Thedirectory willbecreatedin
currentdirectory.Ifyouwanttocreateproject1directoryin/home/rathyoucantypemkdir
/home/rath/project1

Toremoveanemptydirectory,invokethermdir<directory>command.

Toforcetheremovalofadirectorywithallthefilesandsubdirectorieswithinthatdirectory,
usethermrf<directory>command.

Toremoveafile,usetherm<file>command.

Usethels<directory>commandtoviewthecontentsof<directory>.

TolistalltheOpenOffice.orgtextdocuments,usethels*.odtcommand,orthelsstatus*to
find all files whose filename begins with status. Multiple wildcards can be used such as ls
*status*tolistallfilesthathavestatussomewhereintheirname.

To copy a file from one location to another, use the cp <from> <to>. For example: cp
status.txtdir1/.

Themv<from><to>commandissimilartothecpcommand.Theonlydifferenceisthatthe
original<from>filewillnolongerexistafterthemoveoperation.

Insteadoftypingtheentirecommand,youcantypethefirstfewcharactersofitandpressthe
Tabkey,thenitwillshowthepossibilitiesmessageasbelow:

Displayall112possibilities?(yorn)
PresstheYkeytodisplayalltheresults,orpresstheNkeytogobacktothepromptand
typeafewmorecharacterstothedesiredcommand.

If you have ever forgotten a recently used command or forgotten which command line
argumentsyouusedforaparticularcommand,youcanusehistorycommand.Orifyouwant
tofiltersomepartofcommandyoucanuse:history|greppartofthecommand

Thecommandcleartoclearthescreenandplacethepromptatthetopofthescreen.

locate .odt to find all OpenOffice.org text files or locate compare to find all filenames that
containthewordcompare.Theonlycatchtothiscommandisthatitreliesonthegeneration
of a database file so it can quickly display results. The locate command is provided by the
mlocate package, which also provides the cron script /etc/cron.daily/mlocate.cron to
automaticallygeneratethisdatabasedaily.

14

The find command is a bit more complicated to use and takes longer to produce results
because it does not rely on a database to produce results. Because it takes longer, it is
possibletospecifyaspecificdirectorytolookin.Thebasicsyntaxisasfollows:
find <directory> name <filename>. To search in the current directory and below, replace
<directory>withadot(.)charactersuchasfind.nameguidelines.txt

Ifyouknowacommandexistsonthesystembutkeepgettingtheerrormessagecommand
notfound,checktomakesureyouaretypingthecommandcorrectly.Otherwise,itmightnot
beinyourPATHenvironmentvariable.ToviewthevalueofyourPATH,executethecommand
echo$PATHfromthecommandline.Asyoucansee,yourPATHisalistofdirectories.When
youexecutea command withoutproviding itsfullpath, itmustbeinoneofthedirectories
listedinyourPATH.
Youcanprovidethefullpathtothecommandifyouknowit,suchas/sbin/lspcitoexecute
thecommandtolistthePCIdevices.
Toaddthe/usr/sbin/and/sbin/directoriestoyourPATH,addthefollowingline:

exportPATH=:$PATH:/usr/sbin:/sbin

To verify which command you are executing, type the command which <command>. If a
match to the command is found in the directories from your PATH, the full path to the
commandisdisplayed.

To read a text file such as a configuration file without having to open a text editor. This is
possiblewiththeless,more,andcatcommandlineutilities.

Youcantypelessoutput.txt,more/var/log/messages,orcat/etc/sysconfig/network.

Withthelesscommand,thePageUpandPageDownkeyscanbeusedtoscrollupanddown
thecontentsofthefile.Themorecommandonlyallowsyoutoscrolldownthefileusingthe
spacebartoadvance.Thecatcommandoutputsthecontentsofthefiletothecommandline
andthenexits,soifthefileislongerthanthenumberoflinesinyourterminal,youwillonly
seethelastpartofthefile.

For example, to view only the kernel messages in the system log file, use the following
command:
cat/var/log/messages|grepkernel

15

Insteead, you can

n temporarily start a teerminal session as root. From a she
ell prompt, execute
theffollowingcommandtotemporarilyb
becometherootuser:
su
oreturn
Wheenyounolongerneedttoberoot,typetheexittcommand andthenprressEnterto
toyo
ourusershell.

Toreeadtheman
nualpageforracommand
d,executem
man<command>fromaashellprompt.

To o
open a file in Vi, type vi
v <file> at tthe shell prrompt. If thee file does not exist, it will be
creattedwiththe
efilenameyyouprovided
dthefirsttimeyousavedit.Touseeit,youmu
usthave
thevvimminimalRPMpackaageinstalled
d.

o the file or start typingg content intto a new fille, change to insert
To sttart making changes to
mode by pressing the i keey. You will notice thatt the status at the botttom of thee screen
ngestoINSSERT.Nextt,starttypin
ng.
chan

ngthecontentsofthefille,presstheeEsckeytoeexitinsertm
mode.To
Wheenyouarefinishedtypin
saveafile,exitin
nsertmode,type:w(theewisforwrrite),andpreessEnter.

CommonV
ViCommands

FILEPERMISSION
Everyfileonyoursystemhasanaccompanyingsetofpermissionsbasedonownership.
Youcanexaminethedefaultpermissionsforafileyoucreateby:

$touchfile
$lslfile
rwrr1rootroot02009040123:46file

The first character of the field is the type of file created: A dash is for a plain file, d is for
directory, c for character device (such as aserial communications Ex: /dev/ttys0) and b for
blockdevice(adevicethattransfersandcachesdatainblockEx:blocks/dev/hda).

PermissionsRead,Write,andeXecutepermissionfortheowner,group,andotheruserson
thesystem.

Number of links to the fileThe number one (1) designates that there is only one file,
whereasanyothernumberindicatesthattheremightbeoneormorelinkedfiles.Linksare
createdwiththelncommand.

The ownerThe account that created or owns the file; you can change this designation by
usingthechowncommand.

ThegroupThegroupofusersallowedtoaccessthefile;youcanchangethisdesignationby
usingthechgrpcommand.

Filesizeandcreation/modificationdateThelasttwoelementsindicatethesizeofthefilein
bytesandthedatethefilewascreatedorlastmodified.

AssigningPermissions
Under Linux, permissions are grouped by owner, group, and others, with read, write, and execute
permissionassignedtoeach,likeso:

Owner

Group

Others

rwx

rwx

rwx

4+2+1=7

4+2+1=7

4+2+1=7

r=openandreadfile=4
w=openandwritefile=2
x=executethefileorreaddirectory=1

17

Usingchmodcommandtomodifypermission
$chmodawreadme.txt
$lslreadme.txt
rrr1andrewandrew12Jan216:48readme.txt

Someoptionyoucouldusewithchmodcommand:
uAddsorremovesuser(owner)permission
gAddsorremovesgrouppermission
oAddsorremovesforothersnotinafilesgroup
aAddsorremovesforallusers
rAddsorremovesreadpermission
wAddsorremoveswritepermission
xAddsorremovesexecutionpermission

Ex:
$chmodu+rwreadme.txt
$lslreadme.txt
rw1andrewandrew02007102319:08readme.txt
Or
$chmod600readme.txt

INITIALIZATIONSCRIPT
NetworkservicessuchastheApacheHTTPServerandDHCPalongwithotherprogramssuchascron
and syslog require a daemon to be running at all times. The daemon performs actions such as
listening for connections to a service on specific ports, making sure commands are executed at
specific times, and capturing data such as log messages when they are sent out by other
programs.Programs that require a daemon to be started have an initialization script in the
/etc/rc.d/init.d/directory.
Thisprogramfirstexecutesthe/etc/rc.d/rc.sysinitscripttoperformactionssuchasloadingkernel
modules for hardware support, loading the default keymap, and setting the hostname. The

18

/etc/inittabscriptisrunnext,whichthentellsinitwhichrunleveltostart.Therunleveldefineswhich
servicestostartatboottime,orwhichinitializationscriptstoexecute.
Lastly, the /etc/rc.d/rc.local script is executed. Commands can be added to this file for custom
initialization.

The initialization scripts can also be used to start, stop, and restart services after the system has
booted.Theseactionsareperformedwiththeservicecommandastherootuser.
Toperformanaction,usethefollowingsyntax:

service<service><action>

Forexample,thefollowingstartstheOpenSSHservice:
servicesshdstart

RUNLEVELS
How does the system know which initialization scripts to run so that only the desired services are
started at boot time? Linux uses the concept of runlevels to define which services to start at boot
time.
Thereare7runlevels,witheachhavingitsowngeneralpurpose:
0

Haltthesystem

Singleusermodeorrescuemode

Notused

Multiusermodewithtextlogin

Notused

Multiusermodewithgraphicallogin

Reboot

EachrunlevelhasitsowndirectorynamedrcX.din/etc/rc.d/,whereXistherunlevelnumber.Each
ofthesedirectoriescontainssymboliclinkstotheactualinitializationscriptsin/etc/rc.d/init.d/.Each
symbolic link start with the letter S or K followed by a number. The S stands for start, and the K
standsforkill,whichmeanstostopaprocess.Whenarunlevelisinitialized,alltheservicesstarting
withKarestoppedfirst,andthenalltheservicesstartingwithSarestarted.

19

ChangingtheDefaultRunlevel
By default, Red Hat Enterprise Linux boots into runlevel 5 with a graphical login screen and a
graphicaldesktoponcetheusersuccessfullyauthenticates.Runlevel3isessentiallythesameexcept
thetextloginisused.

Thedefaultrunlevelisconfiguredonthefollowinglinefromthe/etc/inittabfile:
id:5:initdefault:

Tochangetoadifferentrunlevelwithoutrebootingthesystem,pleasetypethecommand:
init<runlevel>

Configuringrunlevel
To configuring which services are started for a runlevel, use one of three programs: chkconfig
(commandlineonly),ntsysv(simpletextbasedapplicationthatdoesntrequireagraphicaldesktop),
ortheServiceConfigurationTool(graphicalapplication).
The chkconfig command can be used to configure runlevels and list the current runlevel
configuration.Itmustberunasrootifmodifyingarunlevel.

Tolistthestatusofallservices,executethechkconfiglistcommand.
httpd

0:off

1:off

2:off

3:off

4:off

5:off

6:off

Tolistthestatusforjustoneservice,providethenameoftheservice:
chkconfiglist

<service>

Tomodifywhethertheserviceisturnedonorofffortherunlevel,specifytheservicenameandthen
on,off,orreset.Setittoontohavetheservicestartedatboottime.Setittoofftohavetheservice
stopped at boot time. Setting it to reset resets the values of all runlevels to the defaults from the
initializationscript.Thesyntaxisasfollows:
chkconfig<service>[on|off|reset]
OR
chkconfiglevel<levels><service>[on|off|reset]

20

WORKINGW
W
WITHRPMSSOFTWARE
A
A large partt of a system
m administrators job iss to maintain the software on a co
ompanys servers as
wellasthe
w
softwareon
ntheusers desktops.R
RedHatNettworkisbasedonasofttwaremainttenance
dRPM(RedHatPackage
eManager).
utilitycalled

AproperRP
A
PMfileshouldfollowasp
pecificnamingconvention:
<packagena
<
ame><versio
on><releasse>.<arch>.rpm

Forexamplee,pciutils2..2.11.2.i386
6.rpmistheeRPMfilenaameforthe 1.2release ofversion 2.2.1of
thePCIutilit
t
tiessoftwareepackagebu
uiltforthei3
386architeccture.

Whythepa
W
ckageneedsstohavediffferentarchitecture?
essorsmustu
usedifferentsoftwareliibraries,havvedifferentssystemcalls,,and
Becausediffferentproce
utilize different optimizations, sofftware mustt be built with
w
the prroper versio
on of the compiler
compatiblewiththearcchitecture.
System
S
Arch
hitectures Us
sed by RPM

Installing So
oftware

Installingan
nRPMpackaagecanbed
doneviatheecommand lineoragraaphicalprogram.Becaussesome
systemssucchasserverssdonotalw
wayshavea graphicaldeesktopinstaalled,itisim
mportantto learnat
least the basics of how to use the comman
ndline version of RPM
M. The command is sim
mple to
mcommand.
remember:Itistherpm

Before instaalling any so

oftware, con
nfirm that it was packagged by a tru
usted sourcee and has no
ot been
alteredsincethetrusteedsourcebu
uiltit.Thisp
processisdo
onebychecckingtheGP
PGsignatureeofthe
package.
mporttheGPGsignatureeofthetrusstedpartywiththe
First,astherootuser,im
where<keyffile>isthefilecontainingthekey.
rpmimporrt<keyfile>command,w

Key files fo
or software distributed
d by Red Hat
H can be found in th
he root directory of the first
installationCD:

To
T verify that the key was
w importeed properly,, execute th
he rpm qa ggpgpubkeyy* command
d. If you
GKEYredhattreleaseke
ey,theoutpu
utwillbesim
milartotheffollowing:
importedtheRPMGPG
gpgpubkey
g
y370171864
45761324

Toviewthe
T
detailsofth
hekey,execu
utetherpmqigpgpub
bkey370171
1864576132
24command
d.
After
A
imporrting the keyy, the signature on thee package caan be verifieed with thee rpm K <rrpmfile>
command.
nceitwassigned,theou
utputwillincludetheph
hrasemd5gpgOK.
Ifthepackaggewasnotccorruptedsin
Ifthepackaggeisnotsign
ned,theouttputwillincludeoutputsuchas:NO
OTOK.
Ifyouhaven
ntimportedthecorresp
pondingpublickey,theffollowingmeessageisgiven:MISSING
GKEYS.

Afterverifyi
A
ngthatthepackageistrrustworthy,installitwitththiscomm
mand:
rpmUvh<rrpmfile>
TheUvharg
T
gumentstelltherpmco
ommandtoiinstallthepaackage(U),displayverb
boseinformation
aboutthein
a
nstallation(vv),anddispllaytheproggressoftheiinstallation (h)withhasshmarks(#)).

Forexamplee:ToinstallssomepackaggesinRedHaatLinuxEnteerpriseDVD.
1. Youneedtochangetothep
packagedirectoryintheDVDby:
media/RHELL5i386Discc/Server
cd/m
2. Soifyouwantto
oinstalltftppackages:

Sometimesa
S
apackagere
equiresadditionalRPMpackagestobeinstalled
dorupdated
d.

To
T solve thiis problem, Download the
t addition
nal package as well and install all the packagess at the
sametime:
rpmUvh<rrpmfile1><rrpmfile2>

Ifthepackaageisalread
dyinstalledaandyouonllywantto upgradethe
u
package, usethe F arrgument
instead:
packagenam
me><version
n_number>.<arch>.rpm
rpmFvh<p

OptionalrpmArgumentsWhenInstallingorUpdating

Argument

Description

nodeps

Install or upgrade the package without checking for dependencies.

The software will most likely not function properly without the
softwaredependenciesinstalled.IfyoucontactRedHatsupportwith
problems,theywillmostlikelyaskyoutoreproducetheproblemon
asystemwhereallpackagedependencieshavebeensatisfied.

excludedocs

Donotinstallpackagesmarkedasdocumentationfilessuchasman

pages.

oldpackage

Allowapackagetobereplacedwithanolderversion.

test

Check for potential conflicts such as package dependencies but do

notinstallthepackage.

Toremoveapackage,issuethefollowingcommand:
rpme<packagename>
Noticethatthistime,only <packagename>isused,notthefullname ofthefileused to installthe
software.
Ifmultipleversionsofapackageareinstalled,youcanuse:
rpme<packagename><version><release>

Ifthepackagethatdependsonthepackageyouaretryingtoremoveisstillneededonthesystem,
youshouldnottrytoremovethepackage.Ifthepackagethatdependsonthepackageyouaretrying
toremoveisalsonotneeded,bothmustberemovedatthesametimetoresolvethedependency:
rpme<packagename1><packagename1>

Ifaconfigurationfileispartofthepackagebeingremovedbutithasbeenmodified,thefilewillbe
renamedinsteadofremovedwiththe.rpmsaveextension,andamessagesimilartothefollowingis
displayed:
warning:/etc/sysconfig/sambasavedas/etc/sysconfig/samba.rpmsave

Whatifyouwanttoverifythatthefilesassociatedwithapackagehaventbeencorrupted?
ifyoususpectyoursystemhasbeenaccessedbyanonauthorizeduser,youcanverifythatthefiles
fromapackagehavenotbeenchangedwiththeRPMverifyfeature.

24

Iftheverifyfunctionisused,filepropertiessuchasfilesize,MD5sum,filepermissions,filetype,and
fileownershiparecomparedtotheoriginalvaluesstoredintheRPMdatabase.
Toverifythatthefilesareassociatedwithapackage,usethefollowingcommand:
rpmV<packagename>
Ifnooutputisreturned,thefilesfromthepackagehavenotbeenmodifiedsinceinstallation.Ifafile,
suchasaconfigurationfile,hasbeenmodified,theoutputissimilarto:
.M.....T/etc/httpd/conf/httpd.conf

RPMVerificationCodes
Code

Explanation

Filesizehaschanged

Modehaschanged,includingfilepermissionsandfiletype

MD5sumhaschanged

Devicemajororminornumberhaschanged

Thepathofthesymboliclinkhaschanged

Theownerofthefilehaschanged

Thegroupofthefilehaschanged

Thelastmodifiedtimehaschanged

Querying Package Files

How do you know which files are associated with which RPM packages? You can query the RPM
databaseandfindout:
rpmqf<filename>
The <filename> must be the full path to the file. If the file is associated with an RPM package
installed,thenameofthepackageandtheversioninstalledisdisplayed.

Toquerythepackageofthecommand,youcoulduse:
rpmqf`which<filename>`

Toretrievealistofconfigurationfilesfromapackageinstalled,usethefollowingcommand:
rpmqc<packagename>

Asimilarquerycanbeperformedtolistanydocumentationfilesinstalledwithapackage:
rpmqd<packagename>
Note:DocumentationfilesincludemanpagesandtextorHTMLformattedfilesin/usr/share/doc/
installedbythepackage.

25

SYSTEMADMINISTRATION
Managinguserandgroup
EachuseronaRedHatEnterpriseLinuxsystemisassignedauniqueuseridentificationnumber,also
knownasaUID.UIDsbelow500arereservedforsystemuserssuchastherootuser.
BydefaultinRedHatEnterpriseLinux,whenauserisadded,aprivateusergroupiscreated.
Bydefault,thedirectory/home/<username>/iscreatedastheusershomedirectory.

Adding/modifying/deletinguser
Thebasicsyntaxtocreatenewuserisuseradd<option><username>.

Someoptionsyoucanusealongwithuseraddcommand:
CommandLineoption

Description

c<fullname>

Fullnameoftheuser(oracommentabouttheuser).Ifmorethan
onewordisneeded,placequotationmarksaroundthevalue

d<directory>

Homedirectoryfortheuser.Thedefaultvalueis/home/
<username>/

e<date>

Dateonwhichtheuseraccountwillexpireandbedisabled.Use
theformatYYYYMMDD(default:neverexpireordisable).

g<group>

DefaultgroupfortheuserspecifiedasagroupnameorgroupID
number.

G<group>
p<password>
s<shell>
u<uid>

CommaseparatedlistofadditionalgroupnamesorGIDstowhich
theuserwillbeamember.
Specifyanencryptedpasswordfortheuser
Specifytheuserloginshellfortheuser.Thedefaultshellifnot
specifiedis/bin/bash.
IntegertousefortheuserID.Valueslessthan500arereservedfor
systemusers.

Tomodifytheuserusermod<options><username>.
Tocreateapasswordfortheuser,usethecommandpasswd<username>.
Todeleteuseruserdel<username>.Toremovetheusershomedirectoryandmailspool,usethe
userdelr<username>command.

26

ManagingGroup
A unique integer known as a GID is associated with each group. GIDs below 500 are reserved for
systemgroupsjustlikeUIDsbelow500arereservedforsystemusers.

Thebasicsyntaxtocreatenewuserisgroupadd<groupname>.
TospecifyaGID,usethegroupaddg<gid><groupname>command.
ThemodifythegroupsuchaschangingtheGIDofagroup,usethe
groupmodg<gid><groupname>command.

Tochangethenameofthegroup,usethegroupmodn<newname><groupname>command.
Todeleteanexistinggroup,usethegroupdel<groupname>command.

Wheretheystore?
Alistofalllocalusersisstoredinthe/etc/passwdfile.Thisfileisinplaintextformatandisreadable
byanyoneloggedintothesystem.

Eachuserislistedonaseparateline,withthefollowingformat:
username:password:uid:gid:real_name:/home/directory:shell

Field
Description
username
password
uid
gid
real_name
/home/directory
shell

Loginnamefortheuser.Cantcontainspacesortabs.
Thexcharacterthatdenotestheencryptedpasswordisstoredin
/etc/shadow.Ifshadowpasswordsarenotused,thisfieldcontains
theencrypteduserpassword.
Uniqueintegerusedastheuser ID.
UniqueintegerusedasthegroupID.
Fullnameoftheuser(notrequired).
Fullpathtothehomedirectoryoftheuser.
Loginshellfortheuser./bin/bashisthedefault.

Ifshadowpasswordsareused(thedefault),theencryptedpasswordsarestoredinthe/etc/shadow
file. All users groups are stored in the /etc/group file, readable by everyone but only writable by
root.Eachgroupislistedonaseparatelineinthefollowingformat:

groupname:password:gid:users

Thedefaultvaluesusedwhenaddingauserarestoredinthe/etc/default/useraddfile.
ifyoueditthefile/etc/default/useraddyouwillsee:
#useradddefaultsfile
GROUP=100
HOME=/home
INACTIVE=1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel

27

28