SUSE Linux Enterprise Server 10 Administration Workbook: Novell Training Services

SUSE Linux Enterprise Server 10
Administration
Workbook
Novell Training Services w w w. n o v e l l . c o m
COU RSE 3072
AUTHORIZED COURSEWA RE
Novell, Inc. Copyright 2007-NO PRINTING OR DISTRIBUTION ALLOWED
Part # 100-005099-001
Version 2
Proprietary Statement Trademarks
Copyright © 2007 Novell, Inc. All rights reserved. Novell, Inc. has attempted to supply trademark information about
No part of this publication may be reproduced, photocopied, stored company names, products, and services mentioned in this manual.
on a retrieval system, or transmitted without the express prior The following list of trademarks was derived from various sources.
consent of the publisher. This manual, and any portion thereof, may
not be copied without the express written permission of Novell, Inc. Novell, Inc. Trademarks
Novell, the Novell logo, NetWare, BorderManager, ConsoleOne,
Novell, Inc.
DirXML, GroupWise, iChain, ManageWise, NDPS, NDS, NetMail,
1800 South Novell Place
Novell Directory Services, Novell iFolder, Novell SecretStore,
Provo, UT 84606-2399
Ximian, Ximian Evolution and ZENworks are registered
trademarks; CDE, Certified Directory Engineer and CNE are
Disclaimer registered service marks; eDirectory, Evolution, exteNd, exteNd
Novell, Inc. makes no representations or warranties with respect to Composer, exteNd Directory, exteNd Workbench, Mono, NIMS,
the contents or use of this manual, and specifically disclaims any NLM, NMAS, Novell Certificate Server, Novell Client, Novell
express or implied warranties of merchantability or fitness for any Cluster Services, Novell Distributed Print Services, Novell Internet
particular purpose. Messaging System, Novell Storage Services, Nsure, Nsure
Further, Novell, Inc. reserves the right to revise this publication and Resources, Nterprise, Nterprise Branch Office, Red Carpet and Red
to make changes in its content at any time, without obligation to Carpet Enterprise are trademarks; and Certified Novell
notify any person or entity of such revisions or changes. Administrator, CNA, Certified Novell Engineer, Certified Novell
Further, Novell, Inc. makes no representations or warranties with Instructor, CNI, Master CNE, Master CNI, MCNE, MCNI, Novell
respect to any NetWare software, and specifically disclaims any Education Academic Partner, NEAP, Ngage, Novell Online
express or implied warranties of merchantability or fitness for any Training Provider, NOTP and Novell Technical Services are service
particular purpose. marks of Novell, Inc. in the United States and other countries. SUSE
Further, Novell, Inc. reserves the right to make changes to any and is a registered trademark of SUSE LINUX AG, a Novell company.
all parts of NetWare software at any time, without obligation to For more information on Novell trademarks, please visit
notify any person or entity of such changes. http://www.novell.com/company/legal/trademarks/tmlist.html.
This Novell Training Manual is published solely to instruct students
Other Trademarks
in the use of Novell networking software. Although third-party
Adaptec is a registered trademark of Adaptec, Inc. AMD is a
application software packages are used in Novell training courses,
trademark of Advanced Micro Devices. AppleShare and AppleTalk
this is for demonstration purposes only and shall not constitute an
are registered trademarks of Apple Computer, Inc. ARCserv is a
endorsement of any of these software applications.
registered trademark of Cheyenne Software, Inc. Btrieve is a
Further, Novell, Inc. does not represent itself as having any registered trademark of Pervasive Software, Inc. EtherTalk is a
particular expertise in these application software packages and any registered trademark of Apple Computer, Inc. Java is a trademark or
use by students of the same shall be done at the students’ own risk. registered trademark of Sun Microsystems, Inc. in the United States
and other countries. Linux is a registered trademark of Linus
Software Piracy Torvalds. LocalTalk is a registered trademark of Apple Computer,
Throughout the world, unauthorized duplication of software is Inc. Lotus Notes is a registered trademark of Lotus Development
subject to both criminal and civil penalties. Corporation. Macintosh is a registered trademark of Apple
Computer, Inc. Netscape Communicator is a trademark of Netscape
If you know of illegal copying of software, contact your local
Communications Corporation. Netscape Navigator is a registered
Software Antipiracy Hotline.
trademark of Netscape Communications Corporation. Pentium is a
For the Hotline number for your area, access Novell’s World Wide
registered trademark of Intel Corporation. Solaris is a registered
Web page at http://www.novell.com and look for the piracy page
trademark of Sun Microsystems, Inc. The Norton AntiVirus is a
under “Programs.”
trademark of Symantec Corporation. TokenTalk is a registered
Or, contact Novell’s anti-piracy headquarters in the U.S. at 800- trademark of Apple Computer, Inc. Tru64 is a trademark of Digital
PIRATES (747-2837) or 801-861-7101. Equipment Corp. UnitedLinux is a registered trademark of
UnitedLinux. UNIX is a registered trademark of the Open Group.
WebSphere is a trademark of International Business Machines
Corporation. Windows and Windows NT are registered trademarks
of Microsoft Corporation.
All other third-party trademarks are the property of their respective

owners.
Contents
Contents
Introduction
Course Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-2
Exercise Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro-3
SECTION 1 Install SUSE Linux Enterprise Server 10
Exercise 1-1 Install SUSE Linux Enterprise Server 10. . . . . . . 1-2
SECTION 2 Administer the Linux File System
Exercise 2-1 Configure Partitions on your Hard Drive. . . . . . . 2-2

Exercise 2-2 Manage File Systems from the Command Line. 2-10
Exercise 2-3 Create Logical Volumes. . . . . . . . . . . . . . . . . . . 2-15
Exercise 2-4 Set up and Configure Disk Quotas. . . . . . . . . . . 2-19
SECTION 3 Administer User Access and Security
Exercise 3-1 Configure PAM Authentication . . . . . . . . . . . . . . 3-2

Exercise 3-2 Configure the Password Security Settings . . . . . . 3-5
Exercise 3-3 Use ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
SECTION 4 Configure the Network Manually
Exercise 4-1 Configure the Network Connection Manually. . . 4-2
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB TOC-1
To report suspected copying, please call 1-800-PIRATES.
SUSE Linux Enterprise Server 10 Administration / Workbook
SECTION 5 Administer Linux Processes and Services
Exercise 5-1 Manage Linux Processes . . . . . . . . . . . . . . . . . . . 5-2

Exercise 5-2 Schedule Jobs with cron and at . . . . . . . . . . . . . . 5-7
SECTION 6 Monitor SUSE Linux Enterprise Server 10
Exercise 6-1 Gather Information on your SUSE Linux Enterprise

Server 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2
Exercise 6-2 Manage System Logging . . . . . . . . . . . . . . . . . . . 6-4
SECTION 7 Manage System Initialization
Exercise 7-1 Manage the Boot Loader . . . . . . . . . . . . . . . . . . . 7-2

Exercise 7-2 Manage Runlevels . . . . . . . . . . . . . . . . . . . . . . . . 7-5
SECTION 8 Manage Software for SUSE Linux Enterprise Server
Exercise 8-1 Manage Software with RPM . . . . . . . . . . . . . . . . 8-2

Exercise 8-2 Manage Shared Libraries . . . . . . . . . . . . . . . . . . . 8-5
SECTION 9 Manage Backup and Recovery
Exercise 9-1 Back up Files with YaST . . . . . . . . . . . . . . . . . . . 9-2

Exercise 9-2 Create Backup Files with tar . . . . . . . . . . . . . . . . 9-3
Exercise 9-3 Create Drive Images with dd . . . . . . . . . . . . . . . . 9-5
Exercise 9-4 Create a Backup of a Home Directory with rsync 9-7
Exercise 9-5 Configure a cron Job for Data Backups . . . . . . . . 9-9
SECTION 10 Manage Printing
Exercise 10-1 Change Your Printer Configuration. . . . . . . . . 10-2

Exercise 10-2 Manage Printers from the Command Line. . . . 10-6
WB TOC-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Contents
Exercise 10-3 Restrict Access. . . . . . . . . . . . . . . . . . . . . . . . . 10-8

Exercise 10-4 Use the Web Interface to Manage a CUPS
Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10
SECTION 11 Configure Remote Access
Exercise 11-1 Practice Using OpenSSH . . . . . . . . . . . . . . . . . 11-2

Exercise 11-2 Perform Public Key Authentication. . . . . . . . . 11-4
Exercise 11-3 Use Remote Administration. . . . . . . . . . . . . . . 11-7
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB TOC-3
WB TOC-4 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Introduction
Introduction
This workbook is designed to help you practice the skills associated

with SUSE Linux Enterprise Server 10 Administration (Course
3072) objectives.
These skills, along with those taught in SUSE Linux Enterprise

Server 10 Fundamentals (Course 3071) and SUSE Linux Enterprise
Server 10 Advanced Administration (Course 3073), prepare you to
take the Novell Certified Linux Professional 10 (Novell CLP 10)
certification practicum test.
x Instructions for setting up a self-study environment are in the directory setup

on the Student DVD.
Before starting the exercises in this workbook, you need review the
following:
■ Course Scenario
■ Exercise Conventions
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB Intro-1
Course Scenario
The IT department of Digital Airlines is rolling out more and more
SUSE Linux Enterprise Server 10 installations. Your task is to
familiarize yourself with SLES 10 to be able to take on more and
more system administrator tasks on this platform.
You need additional experience in the following areas:

■ Installation and configuration of SLES 10
■ File system maintenance
■ Specialized aspects of User Management, like POSIX ACLs
■ Manual network configuration and fundamental network
services
■ Software management
■ Printing
■ Management of services and processes
■ Remote administration
You decide to set up test servers in the lab to enhance your skills in
these areas.
WB Intro-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Introduction
Exercise Conventions
When working through an exercise, you will see conventions that
indicate information you need to enter that is specific to your server.
The following describes the most common conventions:

■ italicized/bolded text. This is a reference to your unique
situation, such as the host name of your server.
For example, if the host name of your server is DA50, and you
see the following,
hostname.digitalairlines.com
you would enter
DA50.digitalairlines.com
■ 10.0.0.xx. This is the IP address that is assigned to your SUSE
Linux Enterprise Server 10 server.
For example, if your IP address is 10.0.0.50, and you see the
following
10.0.0.xx
you would enter
10.0.0.50
■ Select. The word select is used in exercise steps to indicate a
variety of actions including clicking a button on the interface
and selecting a menu item.
■ Enter and Type. The words enter and type have distinct
meanings.
The word enter means to type text in a field or at a command
line and press the Enter key when necessary. The word type
means to type text without pressing the Enter key.
If you are directed to type a value, make sure you do not press
the Enter key or you might activate a process that you are not
ready to start.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB Intro-3
WB Intro-4 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Install SUSE Linux Enterprise Server 10
SECTION 1 Install SUSE Linux Enterprise Server

10
In this section of the workbook, you learn how to do the following:

■ “Install SUSE Linux Enterprise Server 10” on 1-2
In this exercise, you install SUSE Linux Enterprise Server 10.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. WB 1-1
Exercise 1-1 Install SUSE Linux Enterprise Server 10
In this exercise, you install SUSE Linux Enterprise Server 10. Use
the following specifications as a guideline:
■ One partition with 1 GB for swap.
■ One partition with 6 GB for / (there should be space left on the
hard disk to add partitions in later exercises).
■ Use default software patterns; add the C/C++ Compiler and
Tools pattern.
■ root password: novell
(As novell is, of course, not adequate as a root password in
production, you could use a different one; however, the
exercises in this manual refers to novell as the root password.)
■ Use a fixed IP address; the instructor will let you know which
one to use:
❑ IP address:
❑ Network mask: 255.255.255.0
❑ Host name:
❑ Domain name: digitalairlines.com
❑ Name server: 10.0.0.254
❑ Default gateway: 10.0.0.254
(If you are doing this exercise in self-study with no other
students in the network, use 10.0.0.10 as IP address and da10 as
hostname.)
■ Use local authentication; create a user account geeko with a
password of novell.
■ Skip the online update.
WB 1-2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
Detailed Steps to Complete this Exercise:
■ Part I: Boot from the Installation Media

■ Part II: Configure the Partitions for your Hard Drive
■ Part III: Configure the Installed Server
Part I: Boot from the Installation Media
To boot from the installatin media, do the following:

1. Turn on the computer.
2. Insert SUSE Linux Enterprise Server 10 Product DVD into the
DVD drive.
3. (Conditional) If your computer does not boot from the DVD
drive, reboot the computer by selecting the Reset button or by
pressing Ctrl+Alt+Del.
Adjust the BIOS settings so that the DVD drive is the first boot
device and reboot the computer.
4. When the GRUB installation screen appears, select Installation
with the arrow keys and press Enter.
5. From the language selection dialog, select your language; then
select Next.
x Although you can select any available language, the exercises in this
manual are written for English US.
6. When YaST displays the Novell Software License Agreement,

select Yes, I Agree to the License Agreement; then select Next.
7. When the Installation Mode dialog appears, select New
Installation; then select Next.
8. In the Clock and Time Zone dialog, select your time zone.
9. Select UTC and adjust the time to your current time, if needed.
When done, select Next. An Installation Settings proposal
dialog appears.
10. Select Keyboard Layout; Select your keyboard layout; then
select Accept.
You are returned to the Installation Proposal dialog.
Part II: Configure the Partitions for your Hard Drive
1. Change the partitioning settings by selecting Partitioning.

2. Select Create Custom Partition Setup; then select Next.
3. Select Custom Partitioning - for Experts; then select Next.
4. Delete existing partitions:
a. From the Expert Partitioner dialog, check for any existing
partitions in the partition list.
b. If there are partitions, select the hard disk entry of the
corresponding partitions (such as hda or hdc).
c. Delete all existing partitions on the selected hard disk by
selecting Delete.
d. When you are asked to confirm the deletion, select Yes.
e. (Conditional) If you have more than one hard disk containing
partitions in the system, repeat steps b, c, and d until only the
hard disk entries are left in the list.
5. Create a swap partition:
a. From the partition list, select the hard drive entry; then
select Create.
If you have more than one hard disk, select the larger disk.
b. Select Primary Partition; then select OK.
c. In the End field of the size settings, enter +1GB.
d. From the File system drop-down list, select Swap.
e. Add the swap partition by selecting OK.
6. Create the root partition:
a. Select the same hard disk you used for the swap partition;
then select Create.
b. Select Primary Partition; then select OK.
c. In the End field of the size settings, enter +6GB.
d. Make sure that the following options are set:
❑ Reiser should be selected from the File system
drop-down list.
❑ / should be selected from the Mount Point
drop-down list.
e. Add the root partition by selecting OK.
7. Confirm the partitioning setup and return to the installation
proposal by selecting Finish.
8. From the Installation Settings Overview, select Software.
9. Select C/C++ Compiler and Tools in the list of patterns to the
left; then select Accept.
10. From the Installation Settings Overview, select Accept.
11. From the confirmation dialog, select Install.
12. (Conditional) If you are usinge the CD set instead of the DVD,
YaST asks you to change CDs during the installation process and
the server might reboot when the software from the first CD is
installed.
Insert the requested CDs and select OK.
Part III: Configure the Installed Server
1. When presented with the Hostname and Domain Name dialog,

enter the hostname in the Hostname field and
digitalairlines.com in the Domain Name field.
2. Remove the selection in front of Change Hostname via DHCP;
then select Next.
3. You are presented with the Password for the System
Administrator “root” dialog. Enter novell in the Password for
root User and the Confirm Password fields.
4. Select Next.
You are warned that the password is too simple.
5. Select Yes.
You are warned that you are using only lowercase letters.
6. Select Yes.
7. In the Network Configuration proposal, under Firewall, select
enabled. The entry will change to Firewall is Disabled.
8. From the Network Configuration proposal, select Network
Interfaces.
9. Select the first detected network card and select Edit.
10. Select Static Address Setup.
11. In the IP Address field, enter your IP address.
12. In the Subnet Mask field, enter 255.255.255.0.
13. Configure the host name and name server:

a. Select Hostname and Name Server.
b. You host name and domain name should already be filled in
correctly; if not, enter your hostname and the domain name
digitalairlines.com.
c. In case Update Name Servers and Search List via DHCP
is selected, remove the selection by clicking on it.
d. In the Name Server 1 field, enter 10.0.0.254.
e. Return to the Network setup dialog by selecting OK.
14. Configure routing:
a. Select Routing.
b. In the Default Gateway field, enter 10.0.0.254.
c. Return to the Network setup dialog by selecting OK.
15. Return to the Network Configuration dialog by selecting Next.
16. Continue with the installation by selecting Next; then select Next
once more.
17. From the Test Internet Connection dialog, select No, Skip This
Test; then select Next.
18. From the Service Configuration dialog, accept the default
settings by selecting Next.
19. For the User Authentication Method, select Local (/etc/passwd);
then select Next.
20. Add a user:
a. User’s Full Name: Geeko Novell
b. User Login: geeko
c. Password: novell
d. Confirm password: novell
e. Create the user by selecting Next; confirm the password
warnings by selecting Yes.
21. From the Release Notes dialog, select Next.
22. In the Hardware Configuration dialog, review the settings

suggested under Graphics Cards. If a setting is incorrect, select
the respective entry and correct the setting in the dialog that
appears.
23. Once the settings are correct, in the Hardware configuration
dialog, select Next.
24. Complete the installation process by selecting Finish.
(End of Exercise)
Administer the Linux File System
SECTION 2 Administer the Linux File System

■ “Configure Partitions on your Hard Drive” on 2-2
In this exercise, you practice creating partitions and file systems
with YaST and fdisk. You also use command line tools to create
file systems.
■ “Manage File Systems from the Command Line” on 2-10
In this exercise, you practice managing file systems from the
command line.
■ “Create Logical Volumes” on 2-15
In this exercise, you learn how to administer LVM with YaST.
■ “Set up and Configure Disk Quotas” on 2-19
In this exercise, you learn how to administer quotas.
Exercise 2-1 Configure Partitions on your Hard Drive
In this exercise, you practice creating partitions and file systems on

them using YaST and fdisk. You also use command line tools to
create file systems.
In the first part of this exercise, use YaST to create the following
partitions and file systems:
■ An extended partition using the remaining disk space.
■ One logical partition with a size of 500 MB, an ext2 file
system, and a mount point of /apps.
■ One logical partition with a size of 1 GB, a Reiser file system,
and a mount point of /srv.
In the second part of this exercise, use fdisk to create the following
partitions:
■ One partition of the partition type Win95/FAT32 with a size of
500 MB
■ Two partitions with the partition type Linux and a size of 1 GB
and 2 GB, respectively
x After this exercise, there should still be space left on the hard disk to create
additional partitions. If disk space is limited, use smaller values for the
partitions than those given here to make sure there is empty space for later
exercises.
In the third part, create file systems on the partitions you created in
Part II using the applicable options for mkfs:
■ Create a FAT32 file system on /dev/hda7 (or /dev/sda7,
depending on your hardware).
■ Create an ext2 file system on /dev/hda8 (or /dev/sda8,
depending on your hardware).
■ Create a Reiser file system with a file system size of 625 MB
on /dev/hda9 (or /dev/sda9, depending on your hardware).
■ Part I: Create Partitions and File Systems with YaST

■ Part II: Partition Manually with fdisk
Part I: Create Partitions and File Systems with YaST
To create partitions and file systems with YaST, do the following:

1. Open a terminal window, su - to root (password novell), and
enter yast2 disk
A warning message appears.
2. Select Yes.
After a few moments, the Expert Partitioner dialog appears.
3. If there is no extended partition yet, create an extended partition
with YaST:
a. Create a new partition by selecting Create.
b. Make sure Extended Partition is selected; then select OK.
A Create an Extended Partition dialog appears.
c. Make sure that the values in the fields for first and last
cylinder of the extended partition comprise the whole
remaining disk space. Then select OK.
You are returned to the Expert Partitioner dialog, with the
new partition listed as a new entry for your hard disk.
4. Create a new ext2 partition with YaST:
a. Create a new partition by selecting Create.
b. Configure a new logical partition by entering or selecting the
following:
❑ File system: Ext2
❑ End (cylinder): +500M
❑ Mount Point: /apps
c. When you finish, confirm the partition definition by
selecting OK.
You are returned to the Expert Partitioner dialog where the
new partition is added to the list.
The asterisk (*) after the mount point signifies that the file
system is not mounted right now (see explanation in the
help text to the left).
5. Create a partition for the directory /srv:
a. Select the same hard disk as before; then select Create.
b. Configure a new logical partition by entering or selecting the
following:
❑ File system: Reiser
❑ End (cylinder): +1G
❑ Mount Point: /srv
c. Add the /srv partition by selecting OK.
You are returned to the Expert Partitioner dialog where the
new partition is added to the list.
6. Add the new partitions to the hard drive by selecting Apply.
A dialog appears asking if you really want to execute the
changes.
Select Finish.
This executes the changes and closes the Expert Partitioner
dialog. If you select Apply instead of Finish, the changes are
executed and you are returned to the Expert Partitioner dialog.
7. Verify creation of the new partition for /apps:
a. In the terminal window where you are logged in as root,
verify that the new partition is mounted by entering mount.
You should see the following line:
/dev/hda5 on /apps type ext2 (rw)
b. Verify that the appropriate entry was added to the /etc/fstab
for the new partition by entering the following:
cat /etc/fstab
You should see the following:
/dev/hda5 /apps ext2 acl,user_xattr 1 2
This entry makes sure that when the system boots, the new
file system is mounted.
8. The current content of the directory /srv is no longer visible, as it
is used as mount point for the partition /dev/hda6 (or /dev/sda6,
depending on your hardware). To copy the content to the new
partition, do the following:
a. Unmount /dev/hda6 (or /dev/sda6, depending on your
hardware) by entering
umount /srv
b. Mount the partition /dev/hda6 (or /dev/sda6, depending on
your hardware) under /mnt by entering
mount /dev/hda6 /mnt
c. Move the content of /srv to /mnt :
mv /srv/* /mnt
d. Umount /mnt and mount /dev/hda6 (or /dev/sda6, depending
on your hardware) again, using the entries in /etc/fstab:
umount /mnt
mount -a
e. Verify that the files you moved are available again under /srv
by entering
ls /srv/
Part II: Partition Manually with fdisk
To partition manually with fdisk, do the following:

1. From the command line, start the utility fdisk on the first IDE
hard disk on your server by entering
fdisk /dev/hda
x If your computer uses SATA or SCSI disks, enter fdisk /dev/sda.
Depending on the number of cylinders on your disk, a message

is displayed that the number of cylinders is above 1024, which
might cause problems under certain circumstances.
2. View the current partition table in fdisk by entering p.
Notice that there are 5 partitions (hda1, hda2, hda3, hda5 and
hda6).
3. Create a new 500MB Win95 FAT32 logical partition as the next
partition in the extended partition by doing the following:
a. Create a new partition by entering n.
b. Enter l (lower case L) for logical.
c. Accept the default first cylinder by pressing Enter.
d. Indicate the partition size by entering +500M.
e. Change the partition type to Win95 FAT32 by entering t (for
type); enter the highest partition number from the range
offered; enter b (for Win95/FAT32.
f. Verify the new partition configuration by entering p.
Notice that a new hda7 partition has been added to the
table.
4. Create 2 more logical partitions with the partition type of Linux
(the default) by doing the following:
a. Create a new partition by entering n; enter l (lower case L);
then accept the default first cylinder by pressing Enter.
b. Indicate the partition size by entering +1G.
c. Create a new partition by entering n; enter l (lower case L);
then accept the default first cylinder by pressing Enter.
d. Indicate the partition size by entering +2G.
e. Verify the new partition configuration by entering p.
Notice that 2 new partitions have been added to the
partition table.
5. Write the new partition table to your hard drive and exit fdisk by
entering w.
6. View the current partition table used by the kernel by entering
cat /proc/partitions
7. To be able to access the new partitions, the kernel has to update
its partition table stored in memory. Do one of the following:
❑ Reboot the system by entering reboot.
❑ Have the kernel update its partition table by entering
partprobe.
8. View again the partition table used by the kernel by entering
cat /proc/partitions
Part III: Manage File Systems from the Command Line
To manage file systems from the command line, do the following:

1. From the GNOME desktop, open a terminal window; then su - to
root (password novell).
2. Create the following file systems (depending on your hardware
use sda instead of hda in the following steps):
a. Create a new FAT32 file system on /dev/hda7 and give it the
label data1 by entering the following (make sure you do not
have a typo when specifying the device in the command;
there will not be a warning message, the command is
executed immediately):
mkfs.msdos -n data1 /dev/hda7
A message such as
mkfs.msdos 2.11 (12 Mar 2005)
confirms the file system creation.
b. Create a new ext2 file system on /dev/hda8 with verbose
output by entering the following (make sure you do not have
a typo when specifying the device in the command; there
will not be a warning message, the command is executed
immediately):
mkfs -t ext2 -v /dev/hda8
Notice that by adding the option -v, you received extensive
information about the new file system.
c. Create a new Reiser file system on /dev/hda9 that is only
625 MB by entering the following:
mkreiserfs /dev/hda9 160000
A warning message appears indicating that all data will be
lost on /dev/hda9.
d. Continue by entering y.
3. Create the directories data1, data2, and data3 under /export/ by
entering
mkdir -p /export/data{1,2,3}
4. Verify that the directories were created by entering
ls -l /export
5. As root, using an editor of your choice, for instance vi in a
terminal window, add entries to the file /etc/fstab for the new file
systems:
a. Open the file /etc/fstab in an editor.
b. At the end of the file fstab, add the following entries:
/dev/hda7 /export/data1 vfat defaults 1 2
/dev/hda8 /export/data2 ext2 defaults 1 2
/dev/hda9 /export/data3 reiserfs defaults 1 2
You must include an empty line at the end of the file,
otherwise the mount command cannot read the file.
These entries make sure that the hda7, hda8, and hda9
partitions are mounted when starting or rebooting the
system.
c. When you finish, save /etc/fstab (when using vi, press Esc,
then enter :wq).
6. From the terminal window, mount all of the new file systems and
re-read the /etc/fstab file by entering
mount -a
7. View the information on the mounted file systems by entering the
following two commands:
mount
cat /proc/mounts
(End of Exercise)
Exercise 2-2 Manage File Systems from the Command Line
In this exercise, you practice managing file systems from the

command line.
In the previous exercise, you created various partitions and file

systems. If you used /dev/sda previously, replace /dev/hdax by
/dev/sdax in this exercise as well.
In the first part of this exercise, run e2fsck on the ext2 file system
you created on /dev/hda5, which is mounted on /apps.
In the second part of the exercise, convert the partition /dev/hda8 to

an ext3 file system by adding a journal; also add the label
/export/data2 to it.
Then, resize the Reiser file system on /dev/hda9 to use the entire
partition and not just 625 MB.
■ Part I: Run e2fsck

■ Part II: Customize the File Systems
Part I: Run e2fsck
To run e2fsck, do the following:

1. Unmount the file system on /dev/hda5 (or /dev/sda5, depending
on your hardware) by entering
umount /apps
2. Verify that the file system is no longer mounted by entering
mount
The /dev/hda5 partition is not displayed.
3. Start a file system check on hda5 running in verbose mode with
an automatic response of yes to prompts by entering
e2fsck -f -y -v /dev/hda5
4. Mount the /apps file system again by entering
mount /apps
5. Verify that the file system is mounted by entering
mount
Part II: Customize the File Systems
To customize the file systems, do the following:

1. Modify the partition /dev/hda8:
a. From the terminal window, umount /dev/hda8 and view
details about the ext2 file system on /dev/hda8 by entering
umount /dev/hda8 ; dumpe2fs /dev/hda8 | more
Notice the block size and the file system state.
b. Give the ext2 file system the volume name /export/data2
while the file system is unmounted by entering
tune2fs -L /export/data2 /dev/hda8
Naming a file system can be useful in system rescue
situations when the /etc/fstab is not available. It is common
practice to use this naming convention.
c. Verify that the file system now has a volume name by
entering
dumpe 2fs /dev/hda8 | less
d. Add a journal to the file system (making it an ext3 file
system) by entering
tune2fs -j /dev/hda8
e. Verify that the file system now contains a journal by entering
dumpe2fs /dev/hda8 | less
f. Mount /dev/hda8 again by entering
mount /dev/hda8
g. View information on the mounted file systems by entering
mount
Notice that the file system is still mounted as an ext2 file
system.
h. Unmount the partition /dev/hda8 again by entering
umount /dev/hda8
i. Verify that the file system state is clean by entering
dumpe2fs /dev/hda8 | less
j. Edit the file /etc/fstab to change the file system type from
ext2 to ext3, as in the following:
/dev/hda8 /export/data2 ext3 defaults 1 2
Save the file.
k. From the command line, re-read /etc/fstab and mount the
partition as an ext3 file system by entering
mount -a
l. Verify the change by entering
mount
m. Unmount the partition /dev/hda8 again by entering
umount /export/data2
n. Mount the partition as an ext2 file system manually by
entering
mount -t ext2 /dev/hda8 /export/data2
o. Verify that the file system is mounted without a journal (as
an ext2 file system) by entering
mount
As you can see, ext3 is backward compatible with ext2.
p. Remount /dev/hda8 as an ext3 file system and verify the
change by entering the following three commands:
mount -a
mount
2. Modify the partition /dev/hda9:
a. View the size of the partition /dev/hda9 by entering
df -h
b. Unmount dev/hda9 by entering
c. While the partition is unmounted, add a label to the file
system of /export/ data3 by entering
reiserfstune -l /export/data3 /dev/hda9
d. Resize the partition to consume the entire partition by
entering
resize_reiserfs /dev/hda9
When no size is specified, the file system is resized to use
all available space on the partition. Increasing the size of
the ReiserFS is also possible when the file system is
mounted.
e. Remount the partition by entering
mount -a
f. View the size of the partition by entering
df -h
The size is no longer 625 MB, but should be 1 GB or more
depending on the size of your partition.
g. Unmount the partition to run a file system check on it by
entering
h. Run a check on the file system on /dev/hda9 by entering
reiserfsck -y /dev/hda9
i. Remount all file systems by entering
mount -a
(End of Exercise)
Exercise 2-3 Create Logical Volumes
In this exercise, you learn how to administer LVM with YaST.
In the first part of this exercise, use YaST to create two physical
volumes (PV) with a size of 1 GB each. Add them to a volume
group (VG) named projects. Within the volume group, add two
logical volumes named pilot (750MB) and production (750MB), to
be mounted under /projects/pilot and /projects/production,
respectively.
In the second part of the exercise, increase the size of the logical
volume production to the maximum space available within the
volume group.
■ Part I: Create LVM Physical Volumes, a Volume Group, and

Logical Volumes
■ Part II: Resize an LVM Volume
Part I: Create LVM Physical Volumes, a Volume Group, and

Logical Volumes
To create LVM Physical Volumes, a Volume Group, and Logical

Volumes, do the following:
1. Start YaST, enter the root password (novell), and select System
> Partitioner.
Acknowledge the warning message by selecting Yes.
The Expert Partitioner dialog appears.
2. Create a new LVM partition by doing the following:
a. Select Create.
b. Select Do not Format; then select or enter the following:
❑ File system ID: 0x8E Linux LVM
❑ End (cylinder): +1GB
c. Save the partition definition by selecting OK.
3. Create another 1GB LVM partition by repeating step 2.
You should now have two 1GB LVM partitions.
4. Select LVM and enter the following in the Create a Volume
Group dialog:
❑ Volume Group Name: projects
❑ Physical Extent Size: 4M
5. Continue by selecting OK.
6. Add each Linux LVM physical volume to the volume group
projects by selecting each physical volume (such as /dev/hda10)
and then selecting Add Volume. Then select Next.
The Logical Volume Manager: Logical Volumes dialog appears.
7. Add a logical volume pilot within the projects volume group:
a. Select Add.
A Create Logical Volume dialog appears.
b. Enter or select the following:
❑ Format (file system): Reiser
❑ Logical volume name: pilot
❑ Size: 750 MB
❑ Mount Point: /projects/pilot
c. Save the logical volume definition by selecting OK.
8. Add a logical volume production within the projects volume
group:
a. Select Add.
A Create Logical Volume dialog appears.
b. Enter or select the following:
❑ Format (File system): Reiser
❑ Logical volume name: production
❑ Size: 750 MB
❑ Mount Point: /projects/production
c. Save the logical volume definition by selecting OK.
9. Save the changes by selecting Next.
You are returned to the Expert Partitioner.
10. In the Expert Partitioner, select Apply.
A message appears; accept the changes by selecting Finish.

11. From a terminal window, su - to root (password novell).
12. View the new LVM file systems by entering
df -h
Notice the size of these new file systems.
13. View the device names and mount locations by entering
cat /etc/fstab
Part II: Resize an LVM Volume
To resize a LVM Volume, do the following:

1. From the YaST Control Center, select System > LVM.
The LVM dialog appears.
2. From the Logical Volumes, list select /dev/projects/production;
then select Edit.
The Edit Logical Volume dialog appears.
Notice the volume size.
3. Select the max button.
Notice that the size changes to the maximum space available.
5. Save the changes by selecting Finish; then confirm the
notification by selecting OK.
6. From the terminal window, view the new size of production by
entering
df -h
7. Close all open windows.
(End of Exercise)
Exercise 2-4 Set up and Configure Disk Quotas
In this exercise, you learn how to administer quotas. Install the

quota package, and configure quotas for /dev/hda8 which is
mounted under /export/data2 (created in Exercise 2-1, “Configure
Partitions on your Hard Drive” on 2-2).
1. From a terminal window, switch to root (su -) with a password of

novell.
2. Install the quota package by entering yast -i quota. Insert the
DVD when prompted.
3. View the disk quota configuration for user geeko by entering
quota -vu geeko
The lack of any output signifies that there are no quotas
currently configured for geeko.
4. Add quota mount options to the partition /dev/hda8 by doing the
following:
a. Open the /etc/fstab file in the vi editor by entering
vi /etc/fstab
b. Edit the /dev/hda8 entry to reflect the following:
/dev/hda8 /export/data2 ext3
defaults,usrquota,grpquota 1 2
c. When you finish, save the file and exit by entering :wq.
5. Remount the file system so it that the changes in the file /etc/fstab
are read by the system by entering
mount -o remount /dev/hda8
x If you receive the error message “/export/data2 mounted already, or bad

option”, check the contents of the /etc/fstab file. You might have
misspelled the usrquota or grpquota option.
6. Run quotacheck to initialize the quota database by entering
quotacheck -mavug
You receive several status messages about old quota files.
These indicate that this is a new quota database with no
previous quota database files on the system.
7. Verify that the files aquota.user and aquota.groups exist in the
directory /export/data2 by entering
ls -l /export/data2
8. Turn quotas on for all file systems that are mounted with these
options by entering
quotaon -av
9. Make the quota system persistent after reboot by entering
insserv boot.quota
10. Set a quota for geeko with a soft limit of 20 MB and a hard limit
of 30 MB on /dev/hda8 by entering
edquota -u geeko
The quota editor appears (the vi editor).
11. Enter the required soft limit and hard limit under the Soft and
Hard columns for /dev/hda8 (press Insert twice to replace text).
The unit used is 1k. To create a limit of, for instance, 20 MB,
you would have to enter 20000.
12. When you finish, press Esc; then enter :wq.
13. Run repquota to view the quota information about all configured
users by entering
repquota -av
14. (Optional) If you finish early then set a quota for the users group
of 100 MB for the soft limit, and 150 MB for the hard limit.
15. Test if the quotas are enforced by doing the following:
a. As root, create a directory /export/data2/geeko and change
the owner to geeko by entering in a terminal window:
mkdir /export/data2/geeko
chown geeko.users /export/data2/geeko
b. Change to the user account geeko, and as geeko create a file
by entering
su - geeko
dd if=/dev/zero of=/export/data2/geeko/bigfile
After a short time, you should see a message:
Disk quota exceeded.
(End of Exercise)
Administer User Access and Security
SECTION 3 Administer User Access and Security

■ “Configure PAM Authentication” on 3-2
In this exercise, you practice configuring PAM authentication.
■ “Configure the Password Security Settings” on 3-5
In this exercise, you practice changing different security
settings.
■ “Use ACLs” on 3-7
In this exercise, you practice using ACLs.
Exercise 3-1 Configure PAM Authentication
In this exercise, you practice configuring PAM authentication.

Create the file /etc/nologin to prevent all normal users (such as
geeko) from logging in. Try to login as geeko on a text console. As
root, modify /etc/pam.d/login by putting a # in front of the line
with pam_nologin.so. Again try to login as geeko on a text console.
Undo your changes in /etc/pam.d/login and remove the file
/etc/nologin.
1. From the graphical desktop, switch to virtual console 3

(Ctrl+Alt+F3); then log in as root (password novell).
2. Create the file /etc/nologin by entering
echo No login possible > /etc/nologin
3. Switch to virtual console 4 (Alt+F4).
4. Attempt to log in as geeko (password novell).
“No login possible“ plus a “Login incorrect” message are
displayed, indicating that you cannot log in to the system.
5. Switch back to virtual console 3 (Alt+F3).
6. View the last lines of the file /var/log/messages by entering
tail /var/log/messages
Look for the FAILED LOGIN message for geeko that indicates
the failed login attempt.
7. Edit the file /etc/pam.d/login:
a. Enter vi /etc/pam.d/login.
b. Switch to the text insert mode by pressing Insert.
c. Add a # sign to the beginning of the following line, as in the
following:
#auth required pam_nologin.so
This PAM module is required to be successful during
system authentication. It checks to see if the file
/etc/nologin exists, and if it does, this PAM module does
not allow regular users to log in by returning a failed status.
Now that this line is commented out, PAM will not check
for the file. This means that all users can log in, even if the
file exists.
d. Return to the command mode by pressing Esc; save the file
by entering :w.
8. Test the modified PAM configuration file:
a. Switch to virtual console 4 (Alt+F4).
b. Attempt to log in as geeko (password novell).
You are able to log in because PAM no longer checks for
the file /etc/nologin.
c. Logout as geeko by entering exit.
9. Edit the file /etc/pam.d/login to uncomment the pam_nologin.so
line:
a. Switch to virtual console 3 (Alt+F3).
b. Uncomment the pam_nologin.so line (by removing the #
sign you entered before) so it looks like the following:
auth required pam_nologin.so
c. Return to the command mode by pressing Esc; save the file
and exit vi by entering :wq.
10. On virtual console 4, try logging in as geeko.
Again, you will receive a “Login incorrect” message.

11. As root on virtual console 3 delete the file /etc/nologin by
entering
rm /etc/nologin
12. On virtual console 4, try again to log in as geeko.
As the file /etc/nologin does not exist, login for normal users is
enabled again.
13. Log out as geeko by entering exit.
14. Switch to virtual console 3 and log out as root by entering exit.
15. Return to the desktop by pressing Alt+F7.
(End of Exercise)
Exercise 3-2 Configure the Password Security Settings
In this exercise, you practice changing different security settings.

Change the default behavior when the keys Ctrl+Alt+Del are
pressed to halting the machine. Also change the encryption from
blowfish to MD5. To do this, use the YaST Local Security module.
1. Open a terminal window.

2. Check the setting for the Ctrl+Alt+Del keystroke in the file
/etc/inittab by entering
grep ctrlaltdel /etc/inittab
Note the current setting:
3. Start the YaST Control Center; then select Security and Users >
Local Security.
The Local Security Configuration dialog appears.
4. Make sure Custom Settings is selected; then select Next.
The Password Settings dialog appears.
5. From the Password Encryption Method drop-down list, select
MD5.
6. Continue by selecting Next.
The Boot Settings dialog appears.
7. From the Interpretation of Ctrl + Alt + Del drop-down list, select
Halt.
8. Continue by selecting Next.
The Login Settings dialog appears.
9. Accept the default settings by selecting Next.
The Adding User dialog appears.
The Miscellaneous Settings dialog appears.

11. Accept the default settings and configure the system for the new
settings by selecting Finish.
12. To test the change, you must first activate the new configuration
by rebooting the system or by entering (as root) init q (reload the
/etc/inittab file) in a terminal window.
a. From the terminal window, su - to root (password novell).
b. Reload the file /etc/inittab by entering init q.
13. Verify that the Ctrl+Alt+Del setting has changed by entering
grep ctrlaltdel /etc/inittab

Notice that the setting is now shutdown -h instead of what you
noted in Step 2.
14. Test this setting by pressing Ctrl+Alt+F2; then press
Ctrl+Alt+Del.
The system shuts down instead of restarting.
15. Turn on your computer and log in to the Gnome desktop as
geeko.
16. (Optional) Use the YaST Security settings module to change the
default for Ctrl+Alt+Del back to restart.
(End of Exercise)
Exercise 3-3 Use ACLs
In this exercise, you practice using ACLs.
In the first part, as root, create a directory acl_test in /tmp and set
the rights rwx for the owner only. As geeko, try to change into that
directory.Use ACLs to allow geeko to change into that directory.
In the second part, as root, create a file in the directory

/tmp/acl_test using touch. Then, as root, change the default ACLs
for the directory /tmp/acl_test to give geeko read and write access
to files and directories. Use touch to create another file in the same
directory and compare the output of getfacl for both files you
created in this part of the exercise.
In the third part of the exercise, remove the ACL for geeko from the
second file you created in the second part of this exercise. View the
output from ls -l and getfacl for this file, then remove all ACLs and
repeat ls -l and getfacl for the file.
■ Part I: Configure the ACL of a Directory

■ Part II: Configure a Default ACL for a Directory
■ Part III: Delete an ACL
Part I: Configure the ACL of a Directory
To configure the ACL of a directory, do the following:

1. Open a terminal window and su - to root (password novell).
2. Change to the directory /tmp by entering
cd /tmp
3. Create a test directory by entering
mkdir acl_test
4. Limit the file system permissions for the directory by entering
chmod 700 acl_test
5. Open a second terminal window as the user geeko.
6. Try changing to the test directory by entering
cd /tmp/acl_test/
The command fails, because geeko (who is not the owner of the
directory) has no permission to read and change into the
directory.
7. Switch to the root terminal.
8. Display the minimum ACL of the directory by entering
getfacl acl_test
9. Add an extended ACL by entering
setfacl -m u:geeko:rwx acl_test/
10. Switch to the geeko terminal and try to access the directory again
by entering
cd /tmp/acl_test
Because of the extended ACL, you can now change into the
directory.
11. Switch to the root terminal and display the extended ACL of the
directory by entering
getfacl /tmp/acl_test/
Part II: Configure a Default ACL for a Directory
To configure a default ACL for a directory, do the following:

1. From the root terminal window, change to the directory acl_test
by entering
cd /tmp/acl_test
2. Create a file by entering
touch without_default_acl
3. Display the ACL of the new file by entering
getfacl without_default_acl
As there is no default ACL for the parent directory, the new file
does not have an extended ACL either.
4. Set a default ACL for the directory acl_test by entering
setfacl -d -m u:geeko:rw /tmp/acl_test/
5. Create another test file by entering
touch with_default_acl
6. Display the ACL of the new file by entering
getfacl with_default_acl
As this file was created after the default ACL of the parent
directory was set, the new file inherited the ACL.
Part III: Delete an ACL
To delete ACL, do the following:

1. From the root terminal window, remove the ACL by entering
setfacl -x u:geeko with_default_acl
2. Display the ACL again by entering
As you can see, the ACL for the user geeko has been removed.
If there were ACLs for other users, they would remain
unaffected.
3. View the file attributes of with_default_acl by entering
ls -l with_default_acl
There are still extended attributes (such as the mask “+”) in the
output.
4. Remove all ACLs by entering
setfacl -b with_default_acl
5. Display the ACL again by entering the following commands:
ls -l with_default_acl
Notice that the ACL has been removed.
6. Close all terminal windows.
(End of Exercise)
Configure the Network Manually
SECTION 4 Configure the Network Manually

■ “Configure the Network Connection Manually” on 4-2
In this exercise, you learn how to configure the network
manually.
Exercise 4-1 Configure the Network Connection Manually
The purpose of this exercise is to familiarize you with manually

configuring the network.
In the first part, use the ip command to find out the current settings
for IP address, routes, mac address, and the file used to store the
hardware configuration of the network card in
/etc/sysconfig/hardware/ and the configuration options in that file.
In the second part, use YaST to delete the current network

configuration.
In the third part, use the ip command to set up the network

manually. As only the ip command is used, this configuration is not
permanent.
In the fourth part, recreate the file in /etc/sysconfig/hardware/ noted

in Part I using an editor, as well as the files
/etc/sysconfig/network/ifcfg-eth-id-MAC-address and
/etc/sysconfig/network/routes. Reboot the computer and test the
network to see if the network is set up correctly after a reboot.
■ Part I: Note the Current Network Configuration

■ Part II: Delete the Current Network Setup with YaST
■ Part III: Configure the Network Manually
■ Part IV: Save the Network Connection to Interface and
Hardware Configuration Files
Part I: Note the Current Network Configuration
To note the current network configuration, do the following:

1. On the graphical desktop, open a terminal window and su - to
root (password novell).
2. Enter ip address show eth0 (depending on the setup you might
have to use eth1 instead of eth0).
3. Find the line starting with inet, and record the IP address with
the subnet mask displayed in that line:
❑ IP address:
❑ Subnet mask:
4. Enter ip route show.
5. Find the line starting with default and record the gateway IP
address of the gateway:
❑ Gateway IP address:
6. Enter ip link show eth0.
7. Find the line starting with link/ether and record the MAC
address of the network card:
❑ MAC address:
8. Change to the /etc/sysconfig/hardware directory by entering
cd /etc/sysconfig/hardware
9. Enter ls -al; then look for one of the following files (depending
on your hardware configuration):
❑ hwcfg-id-PCI_address
or
❑ hwcfg-bus-pci-PCI_address
10. Record the name of the file:
x If there are several files with the above pattern, enter lspci in a terminal
window. The output shows the PCI addresses of PCI hardware
components in your computer.
11. Display the contents of the file by entering one of the following:
❑ cat hwcfg-id-PCI_address
or
❑ cat hwcfg-bus-pci-PCI_address
12. Record the following parameters:
❑ MODULE=
❑ MODULE_OPTIONS=
❑ STARTMODE=
You use these parameters and the hwcfg filename in Part IV to
manually create the file.
Part II: Delete the Current Network Setup with YaST
To delete the current network setup with YaST, do the following:

1. Start the YaST Control Center; then select Network Devices >
Network Card.
2. Select Traditional Method with ifup.
3. Select the network card; then select Delete.
4. Select Next.
5. From the terminal window (as root), enter
rm /etc/sysconfig/network/routes
6. Verify that the network connection is not working any more by
entering
ping 10.0.0.254
7. Enter ip address show.
Note that the device eth0 is not up anymore or no longer listed.
Part III: Configure the Network Manually
To configure the network manually, do the following:

1. To initialize the device eth0 again, enter in the terminal window:
hwup bus-pci-PCI_address
You noted the PCI address in Part I, Step 10. The command
should look similar to the following:
hwup bus-pci-000:02:00.0
2. Enter the following command:
ip address add your_IP_address/24 brd + dev eth0
3. To activate the network device, enter
ip link set eth0 up
4. To set the default route enter
ip route add default via gateway_IP_address
5. Verify that the network connection is working again by entering
ping www.novell.com
Part IV: Save the Network Connection to Interface and
Hardware Configuration Files
To save the network connection to interface and hardware

configuration files, do the following:
1. From the terminal window, change to the directory by entering
cd /etc/sysconfig/network
2. Make a copy of the network configuration template by entering
cp ifcfg.template ifcfg-eth-id-MAC_address
3. Open the copied file (ifcfg-eth-id-MAC_address) with the vi
editor.
4. Find the following options and enter the indicated values:
❑ STARTMODE='auto'
❑ BOOTPROTO='static'
❑ IPADDR='your_IP_address/24'
❑ NETMASK=’255.255.255.0’
❑ BROADCAST=’10.0.0.255’
❑ Change BRIDGE=’yes’ to BRIDGE=’no’
5. Save the file and exit vi (:wq).
6. Change to the directory /etc/sysconfig/hardware.
7. Create one of the following files with vi:
❑ hwcfg-id-PCI_address
or
❑ hwcfg-bus-pci-PCI_address
8. Enter the parameters you recorded in the last step of Part I of this
exercise.
9. When you finish, save the file and exit the editor.
10. Change to the directory /etc/sysconfig/network.
11. Create a new file with vi called routes.
12. Add the following line to the file:
default default_gateway_IP_address - -
13. Save the file and exit vi.
14. Reboot your system (init 6) and log in as geeko with a password
of novell.
15. From a terminal window (as root), verify that the network
configuration is loaded correctly by entering the following
commands:
ip address show eth0
ip route show
16. Verify that the network connection is working properly by
entering
ping 10.0.0.254
x If the network configuration fails to work properly, and your configuration

files are created correctly, use the YaST Network Card module to delete the
currently configured network card. Then restart the Network Card module
and reconfigure the network card with the proper settings.
(End of Exercise)
Administer Linux Processes and Services
SECTION 5 Administer Linux Processes and

Services

■ “Manage Linux Processes” on 5-2
In this exercise, you start and stop processes and change their
priorities.
■ “Schedule Jobs with cron and at” on 5-7
In this exercise, you practice scheduling jobs with cron and at.
Exercise 5-1 Manage Linux Processes
In this exercise, you start and stop processes and change their
priorities.
In the first part of the exercise, start and suspend xosview, move it
to the background and foreground, and stop it.
In the second part, start xosview and set the priority of the running
program to a nice value of -5. Start xeyes with a nice value of 10.
■ Part I: Move Processes to the Background

■ Part II: Modify Process Priorities
Part I: Move Processes to the Background
To move processes to the background, do the following:

1. Make sure you are logged in to the GNOME desktop as geeko.
Install the package xosview by entering
yast -i xosview
Insert the appropriate CD when prompted; leave the root shell
by entering exit.
3. From the command line, display the processes that are currently
owned by geeko by entering
ps -lU geeko (lower case L)
4. Display the processes that are currently owned by root by
entering
ps -lU root (lower case L)
5. Start the xosview program by entering
xosview
Notice that the terminal is not available to receive new
commands (no command is line displayed), because the
xosview program is running in the foreground.
6. Arrange the xosview window and the terminal window so that
you can see them both; then select the terminal window to
activate it.
7. Suspend the Xosview program by pressing Ctl+z.
Notice that the data is no longer being updated in Xosview.
8. View the job in the background by entering
jobs
9. View the sosview process running from the current terminal by
entering
ps -l (lower case L)
The process shows a status of T, which means that it is being
traced or stopped.
10. Resume the xosview program running in the background by
entering
bg 1
The xosview program is running again (notice the data being
updated).
As it is running in the background, you can use the terminal
window to enter other commands.
11. Verify that the job status is running by entering
jobs
12. View the xosview branch in the process tree by entering
pstree -p | grep xosview

xosview is listed as part of the tree.
13. Bring the xosview process into the foreground by entering
fg 1
14. Close the terminal window.
Notice that the xosview program ends as well.

15. Open a new terminal window.
16. Start xosview in the background so that it runs when the terminal
window closes by entering
nohup xosview&
The xosview program is still running.

18. Open a new terminal window.
19. Start the top program by entering
top
20. View only the processes started by geeko by typing u; then enter
geeko.
21. Check for the xosview program (xosview) listed in top.
22. (Conditional) If you cannot find the xosview program, try

maximizing the terminal window, or enter F and choose PID as
sort column. If needed, reverse the sort order by pressing R.
23. Record the PID of the xosview process:
24. Exit top by typing q.
25. View information about the Xosview process by entering
ps PID_of_xosview_process
26. Stop the xosview program and check the status by entering the
following commands:
kill PID_of_xosview_process
ps aux | grep xosview
27. Start the xeyes program in the background by entering
xeyes&
28. Kill the xeyes program by entering
killall xeyes
Part II: Modify Process Priorities
To modify process priorities, do the following:

1. Start the xosview program in the background by entering
xosview&
2. Record the PID for xosview (displayed in the terminal window):
3. View the process running by entering

ps lf
Notice that the nice value (NI) is currently at 0.
4. Increase the priority of the process to a nice value of -5 by
entering
renice -5 -p PID_of_xosview_process
Notice that a regular user cannot change the nice value below 0,
only 0-20.
5. Su to root (su -) with a password of novell.
6. Try setting the nice value to -5 again by entering
7. Check that the setting is effective by entering
ps lf (lower case L)
Notice that the process is not displayed, because ps lf only
displays processes started by the current user. The xosview
program was started by geeko (not root).
8. View all processes by entering
ps alf
The xosview process is now displayed.
9. Change the nice value for the xosview process to a higher priority
by entering
10. Verify that the xosview process nice value is set to -10 by
entering
ps alf (lower case L)
11. Exit the shell running as root by entering
exit
You should now be user geeko again.
12. Start the xeyes program in the background with the nice value of
+10 by entering
nice xeyes&
13. Verify that the xeyes process nice value is set to +10 by entering
ps lf (lower case L)
14. Kill the xosview and xeyes processes by entering the following
commands:
kill PID_of_xosview_process
killall xeyes
(End of Exercise)
Exercise 5-2 Schedule Jobs with cron and at
In this exercise, you practice scheduling jobs with at and cron.
In the first part of the exercise, redirect the output of finger to

/var/log/messages three minutes from the current time. Then,
schedule the same job for tomorrow at noon. Finally, schedule a
program to run tomorrow at 2 pm and afterwards remove the job.
In the second part of the exercise, create a cron job as a normal user
that logs the output of finger to ~/users.log every minute and
another cron job as root that backs up /etc/ to /export/data2/etc.tgz
using tar and the options czvf every Tuesday at 2 am.
■ Part I: Schedule Jobs with at

■ Part II: Schedule Jobs with cron
Part I: Schedule Jobs with at
To schedule jobs with at, do the following:

1. From a terminal window on your Gnome desktop, su - to root
(password novell).
2. Verify that the service at is running by entering
rcatd status
3. (Conditional) If the at service is not running, start the service by
entering
rcatd start
4. Display the current date and time by entering
date
5. Three minutes from now, log to /var/log/messages who is logged
in by entering the following commands:
at hh:mm
finger >> /var/log/messages
Note: Make sure you enter two > characters in the above
command; if you have only one > character, existing entries in
/var/log/messages will be removed.
6. Exit the at editor by pressing Ctrl+d.
7. View the scheduled at jobs by entering atq (or at -l).
Notice the job number listed.
8. Wait for the 3 minutes to pass; then check the /var/log/messages
file for the finger information by entering
tail /var/log/messages
Login information for geeko is listed at the end of the file.
9. Schedule the same job to run tomorrow at noon by entering the
following commands:
at noon tomorrow
finger >> /var/log/messages
Ctl+d
10. Schedule the date to be logged tomorrow at 2:00 P.M. to the
/var/log/messages file by entering the following:
at 14:00 tomorrow
date >> /var/log/messages
Ctl+d
Notice that the 2 jobs are listed, each with an individual job
number.
12. Remove the job scheduled for tomorrow at 2:00 P.M. by entering
atrm job_number
Only the job scheduled for 12:00 P.M. is still listed.
Part II: Schedule Jobs with cron
To schedule jobs with cron, do the following:

2. Schedule a cron job as geeko:
a. Enter crontab -e.
The vi editor is displayed for a cron table file (such as
/tmp/crontab.11743). Press i to enter insert mode.
b. Schedule a job to run every minute, using finger to record
who is logged in currently. Have finger write its output to the
~/users.log file by entering the following:
* * * * * finger >> ~/users.log
c. Press Esc.
d. Save the file and exit the vi editor by entering :wq.
e. Watch the users.log file for a few minutes. To validate that it
is being updated, enter
tail -F ~/users.log
(The option -F is a shortcut for -f --retry and keeps trying
to open a file even if it is inaccessible when tail starts.)
f. When you finish watching the file update, press Ctrl+c.
3. Remove geeko’s crontab file by entering
crontab -r
4. Verify that the crontab file no longer exists by entering
crontab -l
5. Verify that the cron job you defined in Step 2 is no longer active
by entering
tail -f ~/users.log
Notice that entries to users.log are no longer being added.
6. Press Ctrl+c.
7. Schedule a cron job as root:
a. su - to root (password novell).
b. Enter crontab -e.
c. Press Insert.
d. Add a job that runs at 2:00 A.M. every Tuesday and creates
a tarball of /etc that is saved in /export/data2/backup by
entering the following:
0 2 * * 2 tar czvf /export/data2/etc.tgz /etc
e. Press Esc.
f. Save the file and exit the vi editor by entering :wq.
g. Verify that the job is in the crontab file for root by entering
crontab -l
8. Remove root’s crontab file by entering
crontab -r
9. Verify that the crontab file no longer exists by entering
crontab -l
(End of Exercise)
Monitor SUSE Linux Enterprise Server 10
SECTION 6 Monitor SUSE Linux Enterprise

Server 10

■ “Gather Information on your SUSE Linux Enterprise Server
10” on 6-2
In this exercise, you learn how to get information on the
computer you are using.
■ “Manage System Logging” on 6-4
In this exercise, you practice configuring syslog-ng and
logrotate.
Exercise 6-1 Gather Information on your SUSE Linux Enterprise Server
10
In this exercise, you learn how to get information on the computer

you are using.
Use several of the administration tools covered to gather the

following information on your SUSE Linux Enterprise Server 10
server. For each system parameter in the left column, write down its
value in the right column:
Table 6-1 System Parameter Value
OS
Hardware Architecture
Processor Type
Hostname
Kernel Release
Kernel Version (include date

and time)
System Up Time
Load Averages
SLES 10 Version
System Date and Time
Model Name of Processor
Free Memory
You can usually use more than one command to get the desired
information.
1. Log in to the GNOME desktop as geeko and open a terminal

window.
2. View the kernel release of the SUSE Linux Enterprise Server 10
distribution you are running by entering
uname -r
3. View the computer (machine) hardware architecture by entering
uname -m
4. View the processor type for this Linux build by entering
uname -p
5. View all information, including host name, kernel release, and
kernel version, by entering
uname -a
6. View the system uptime and the load averages by entering
uptime
7. View the version of the SUSE Linux Enterprise Server 10
distribution by entering
cat /etc/SuSE-release
8. View the system date and time by entering
date
9. View information on the processor by entering
cat /proc/cpuinfo
10. View the current memory statistics by entering
cat /proc/meminfo
(End of Exercise)
Exercise 6-2 Manage System Logging
In this exercise, you practice configuring syslog-ng and logrotate.
First, configure syslog-ng to log messages of the local4 facility. One

file (/var/log/local4) is used for messages of the local4 facility no
matter the priority, a second file (/var/log/local4.debug) logs only
messages with the debug priority, and a third file
(/var/log/local4.info) logs only messages with the info priority.
Then, configure logrotate to manage these log files. Create a

/etc/logrotate.d/local4 file that does the following with these three
files:
■ Compresses the old logs
■ Saves the old logs with a date extension
■ Limits the oldest log to one day
■ Limits the rotated logs saved to 5
■ Limits the maximum size of the file to 20 bytes
■ Proceeds without error if a log file is missing
■ Logs the date in the local4.info file each time a new log file is
generated
x The above values (one day, 5 logs, 20 bytes) are used for demonstration
purposes only. In a production environment, these values are usually much
higher.
■ Part I: Modify the syslog-ng Configuration

■ Part II: Configure logrotate
Part I: Modify the syslog-ng Configuration
To modify the syslog-ng configuration, do the following:

1. As root, edit the /etc/syslog-ng/syslog-ng.conf.in file, using an
editor of your choice. Add the following lines at the bottom of the
file to to create filters for the messages you want to log:
filter f_local4debug { level(debug) and facility(local4); };
filter f_local4info { level(info) and facility(local4); };
filter f_local4 { facility(local4); };
2. Specify the destinations and log paths by adding the following
lines:
destination local4debug { file("/var/log/local4.debug"); };
log { source(src); filter(f_local4debug);
destination(local4debug); };
destination local4info { file("/var/log/local4.info"); };

log { source(src); filter(f_local4info);
destination(local4info); };
destination local4 { file("/var/log/local4"); };

log { source(src); filter(f_local4); destination(local4); };
Save the changes but don’t close the editor
3. From a terminal window, su to root (su -) with a password of
novell.
4. Have SuSEconfig write the changes to
/etc/syslog-ng/syslog-ng.conf by entering
SuSEconfig --module syslog-ng
Because SuSEconfig also causes syslog-ng to reload its
configuration, you do not need to reload it in a separate step.
5. Check the configuration by logging an entry to the info level in
the local4 facility:
a. Enter the following to monitor the activity of the log file:
tail -f --retry /var/log/local4.info
(You will see a warning regarding the option --retry, but
entries will appear when you complete the next step.)
b. Open another terminal window and log an entry to the info
level in the local4 facility by entering
logger -p local4.info "Info message 1"
c. Check the results in the second terminal window.
The message is logged in the /var/log/local4.info file.
The message should also be logged in the /var/log/local4
file and, because of other entries in
/etc/syslog-ng/syslog-ng.conf, in /var/log/localmessages
d. In the terminal window where the log activity is being
monitored with tail -f, stop the monitoring by pressing
Ctrl+c.
6. Repeat step 5 for the log level debug. Replace the command in
step a by the command
tail -f --retry /var/log/local4.debug
and the command in step b by the command
logger -p local4.debug “Info message 2”
x Only those level4 log files with entries will be compressed in Part II of
the exercise during log rotation.
7. (Conditional). If no messages appear, there might be something
wrong with your syslog configuration, for instance a typo or a
missing “;”.
To find out what is wrong, enter rcsyslog restart and see if
syslog starts properly. If there is an issue with the configuration,
an error message will say so. As the line numbers in
/etc/syslog-ng/syslog-ng.conf and
/etc/syslog-ng/syslog-ng.conf.in differ, the line number in the
output is not accurate for the file you were editing. Look near
the line number shown in the output for the error, correct it, and
restart syslog.
Part II: Configure logrotate
To configure logrotate, do the following:

1. As root, using an editor of your choice, create a file with the
following content:
/var/log/local4.debug /var/log/local4.info /var/log/local4
{
compress
dateext
maxage 1
rotate 5
size 20
postrotate
date >> /var/log/local4.info
endscript
}
Make sure the directories are separated with spaces.
2. Save the file as /etc/logrotate.d/local4 and close the editor
3. Switch to virtual terminal 1 by pressing Ctrl+Alt+F1.
4. Log in as root with a password of novell.
5. Rotate the logs manually by entering
logrotate /etc/logrotate.conf
6. Check the directory /var/log for the zipped local4 log files by
entering
ls -l /var/log | less
You see files such as the following:
❑ local4.debug-current_date.bz2
❑ local4.info-current_date.bz2
For example, if the current date is July 15, 2006, then the
zipped file for local4.info will be local4.info-20060715.bz2.
The extension is .bz2, as the command to compress files is set
to bzip2 in /etc/logrotate.conf.
x Only those log files with entries are zipped.
7. Exit the list by typing q.

8. Check the contents of the local4.info zipped archive by entering
less /var/log/local4.info-current_date.bz2
9. Log out as root by entering
exit
10. Return to the GNOME desktop by pressing Ctrl+Alt+F7.
(End of Exercise)
Manage System Initialization
SECTION 7 Manage System Initialization

■ “Manage the Boot Loader” on 7-2
In this exercise, you practice booting into a shell and modifying
/boot/grub/menu.lst.
■ “Manage Runlevels” on 7-5
In this exercise, you practice configuring runlevels.
Exercise 7-1 Manage the Boot Loader
In this exercise, you practice booting into a shell and modifying

/boot/grub/menu.lst.
Enter init=/bin/bash at the boot prompt, modify

/boot/grub/menu.lst to require a password before kernel
parameters can be modified. Test the new GRUB configuration.
x This exercise will not work with a USB keyboard, because the USB drivers
are usually loaded at a later stage of the init process. If your machine is
equipped with a USB keyboard, you would have to add the modules to the
initial RAM disk for this exercise to work.
To be able to do this exercise with a USB keyboard, take the following steps
first:
Find out which USB modules are loaded by entering lsmod in a terminal
window. Then start the YaST Control Center, select System > /etc/sysconfig
Editor; expand the System > Kernel subsection; in INITRD_MODULES,
add the modules used like usbhid uhdi_hcd ehci_hcd. Close the dialogs. In
a terminal window (as root), enter mkinitrd.
1. From the terminal window, su to root (su -) with a password of

novell.
2. Reboot by entering
init 6
3. When the boot menu is displayed, press Spacebar to stop the
timer.
4. In the Boot Options field, type init=/bin/bash; then press Enter.
5. When the bash prompt appears, remount the root partition
read-writable by entering
mount -o remount,rw, sync /
6. Using vi, edit /boot/grub/menu.lst.
Put a comment sign (#) in front of the line starting with
gfxmenu.
Add the following line beneath it:
password secret
7. (Optional) To avoid having the password in cleartext in the
configuration file, you can use an MD5-Hash instead. You can
create and include it in the file with the following command
within vi:
1. Press Esc
2. Type :r! echo -e “secret\nsecret” | grub-md5-crypt
3. Press Enter
Some lines of output from grub-md5-crypt will be included in
the file, including the MD5-hash of your password.
Delete the lines from the output of grub-md5-crypt except the
line with the hash. If you still have the line with the secret
password in the file, delete it, too.
At the beginning of the line with the hash, write
password --md5 so that the line looks like the following:
password --md5 $1$t9kdK1$juAcBOwF18QFVf3Cl7b.v0
x Your hash value will be different than that given here.
Save the file by pressing Esc and :wq.

8. Mount the root file system as read-only again by entering
mount -o remount,ro /
If the file system is mounted read-writable when you reset the
computer in the next step, a file system check would need to be
done when the computer starts up again.
9. Reset the computer.
You will notice that the start screen looks different now,
because you turned off the graphical menu, .
10. If you want to edit the kernel command line, press p and then
enter the password used in Step 6 or 7. A short help text informs
you about the available options.
11. Press b to boot the computer.
12. Undo the changes in /boot/grub/menu.lst:

a. Log in as geeko, open a terminal window, su - to root
(password novell)
b. Open /boot/grub/menu.lst with vi, put a comment sign at the
beginning of the line starting with password, and remove the
comment sign in front of the line starting with gfxmenu.
Save the file and close vi by pressing Esc and entering :wq.
(End of Exercise)
Exercise 7-2 Manage Runlevels
In this exercise, you practice configuring runlevels. This exercise

has four parts.
In the first part, use the runlevel command to find out the current
runlevel and the init command to change to runlevel 3 and then
back to 5.
In the second part, activate the at service atd. The at service allows
commands to be scheduled at a future point in time.
In the third part, reboot your computer and boot into runlevel 3
instead of the default runlevel 5. Login and switch to runlevel 5.
In the fourth part, activate the rsync daemon using the YaST
runlevel editor.
■ Part I: View and Change the Current Runlevel

■ Part II: Activate the at Service atd
■ Part III: Set a Runlevel at Boot Time
■ Part IV: Enable rsyncd with YaST
Part I: View and Change the Current Runlevel
To view and change the current runlevel, do the following:

2. Check the previous and current runlevels by entering
runlevel
List the runlevels:
Table 7-1 Previous Current
Notice that the previous runlevel is listed as N, which means

that there was no previous runlevel set.
3. Change to runlevel 3 by entering init 3 in the terminal window.
The graphical environment is terminated and you are left at a
terminal login prompt.
4. Log in as root with a password of novell.
5. Check the previous and current runlevel by entering
runlevel
List the runlevels:
Table 7-2 Previous Current
6. Switch to runlevel 5 by entering init 5.

The GUI login screen appears.
7. Log in as geeko with a password of novell.
Part II: Activate the at Service atd
To activate the at service atd, do the following:

novell.
2. View the current runlevel configuration for atd by entering
chkconfig atd -l
Notice that configuration is off for all runlevels.
3. Install the service to its predefined runlevels by entering
insserv -d atd
4. Check the modified runlevel configuration for at by entering
chkconfig atd -l.
Notice that the default configuration for at sets runlevels 2, 3,
and 5 to on.
5. Change to the /etc/rc.d/rc3.d directory by entering
cd /etc/rc.d/rc3.d
6. List the atd files in the directory by entering
ls -l *atd
Notice that there are two atd links—one is used to start and one
is used to kill the service atd.
7. Start the service at by entering
rcatd start
8. Verify that the service is running by entering
rcatd status
9. Switch to virtual terminal 1 by pressing Ctrl+Alt+F1; then log
in as root with a password of novell.
10. Switch to runlevel 1 by entering
init 1
11. Enter a root password of novell.
12. Determine if the at service is running by entering
rcatd status
The service is listed as unused because it is not configured to
start at runlevel 1.
13. Switch back to your previous runlevel (5) by entering
init 5
The GUI login screen appears.
16. Now use chkconfig instead of insserv to configure system

services. From the command line, remove the service at from
system startup runlevels by entering
chkconfig atd off
17. View the current runlevel configuration for at by entering
chkconfig atd -l
Notice that the service is off for all runlevels.
18. Re-enable the service to start at the default runlevels by entering
chkconfig atd on
Part III: Set a Runlevel at Boot Time
To set a runlevel at boot time, do the following:

novell.
2. Reboot by entering
init 6
3. When the boot menu is displayed, press Spacebar to stop the
timer.
4. In the Boot Options field type 3; then press Enter to boot the
Linux system to runlevel 3.
5. When the login prompt appears, log in as root with a password
of novell.
6. Display the current runlevel by entering
runlevel
7. Switch to runlevel 5 by entering
init 5
8. Switch back to the virtual terminal by pressing Ctrl+Alt+F1.
9. Log out as root by entering exit.
10. Switch back to the graphical user interface by pressing
Ctrl+Alt+F7.
Part IV: Enable rsyncd with YaST
To enable rsyncd with YaST, do the following:

1. From the graphical desktop, start YaST.
The YaST Control Center appears.
2. Select System > System Services (Runlevel).
The Runlevel Editor: Services dialog appears.
3. Switch to a more detailed view (with additional options) by
selecting Expert Mode.
4. Scroll down the Services list and select rsyncd.
5. Below the list, configure this service to start at runlevels 3 and 5
by selecting 3 and 5.
6. From the Set/Reset drop-down list, select Enable the Service.
7. Start the rsyncd service from the Start/Stop/Refresh drop-down
list by selecting Start Now.
A status message appears indicating that the service started
successfully.
8. Close the status message by selecting OK.
9. Stop the rsyncd service from the Start/Stop/Refresh drop-down
list by selecting Stop Now.
A status message appears indicating that the service stopped
successfully.
10. Close the status message by selecting OK.
11. Save the changes by selecting Finish; then select Yes.
12. Close the YaST Control Center and the terminal window.
(End of Exercise)
Manage Software for SUSE Linux Enterprise Server
SECTION 8 Manage Software for SUSE Linux

Enterprise Server

■ “Manage Software with RPM” on 8-2
In this exercise, you practice gathering information on installed
software and installing software packages.
■ “Manage Shared Libraries” on 8-5
In this exercise, you use some common utilities to manage the
shared libraries on your SUSE Linux Enterprise Server 10.
Exercise 8-1 Manage Software with RPM
In this exercise, you practice gathering information on installed

software and installing software packages. The exercise has two
parts.
In the first part, you learn how to get information on RPMs by

looking for information on the file /usr/bin/wget. Find out what
package contains the file /usr/bin/wget, get information on that
package, list the files contained in that package, and verify the
integrity of the files. List the files in that package containing
documentation.
In the second part, install the package gcal from the DVD or CD 4,
run the program gcal, and uninstall gcal again.
■ Part I: Get Information on a Software Package

■ Part II: Install and Remove Software with RPM
Part I: Get Information on a Software Package
To get information on a software package, do the following:

1. Use RPM to find out information on the package wget:
a. From a terminal window, determine which package installed
the /usr/bin/wget file by entering
rpm -qf /usr/bin/wget
Notice that the package wget installed the wget file.
b. Find out information on the wget package by entering
rpm -qi wget
Notice that the information includes the install date and a
description.
c. Show all the files installed by the wget package by entering
rpm -ql wget
Where can you find information on the wget package?
(Notice the location of the README files.)
2. Using an editor, modify some comment in the /etc/wgetrc file.
See what has changed in the files on your hard drive since the
wget RPM was originally installed by entering
rpm -V wget
Interpret the change information for each file listed by using
Table 8-2 in the manual.
3. View the documentation files for the at command by entering
rpm -qd wget
Notice that some of the files are still compressed (*.gz).
Part II: Install and Remove Software with RPM
To install and remove software with RPM, do the following:

1. From a terminal window, switch to root (su - ; password novell).
2. Insert SUSE Linux Enterprise Server 10 DVD or CD 4 in your
CD-ROM drive.
3. List all files included in the not yet installed gcal package by
entering
rpm -qpl /media/cdlabel/suse/i586/gcal-3*.i586.rpm
4. Install the gcal package by entering
rpm -ihv /media/cdlabel/suse/i586/gcal-3*.i586.rpm
5. Remove the DVD or CD from your drive.
6. (Conditional) If the DVD or CD drive does not open, enter
eject; then try again.
7. Test the installation of the software package by entering
gcal
8. List all files included in the installed gcal package by entering
rpm -ql gcal
9. Remove the gcal package by entering
rpm -e gcal
10. Verify that the package is no longer installed by entering
rpm -ql gcal

11. Log out as root by entering
exit
(End of Exercise)
Exercise 8-2 Manage Shared Libraries
In this exercise, you use some common utilities to manage the

shared libraries on your SUSE Linux Enterprise Server 10.
View the shared libraries needed by slpd (Service Location Protocol

Daemon), using ldd. Change the name of one of the libraries used
/lib/libnsl.so.1 and view again the shared libraries needed by slpd.
View the content of the library cache.
View the content of and rebuild the library cache.
1. From a terminal or terminal window, su - to root (password

novell).
2. View the shared libraries by doing the following:
a. View all of the libraries linked to the SLP daemon (slpd) by
entering :
ldd /usr/sbin/slpd.
There are several libraries listed, including the
/lib/libnsl.so.1 file.
b. Rename the /lib/libnsl.so.1 file to /lib/libnsl.so.1.bak by
entering
mv /lib/libnsl.so.1 /lib/libnsl.so.1.bak
c. Enter ldd /usr/sbin/slpd again.
Notice that the output indicates that the libnsl.so.1 library is
not found.
d. Rename the /lib/libnsl.so.1.bak file back to /lib/libnsl.so.1 by
entering
mv /lib/libnsl.so.1.bak /lib/libnsl.so.1
e. Verify that the file can be found again by entering
ldd /usr/sbin/slpd
3. Rebuild the library cache by doing the following:
a. View the library cache by entering
ldconfig -p
b. Rebuild the system library cache by entering
ldconfig -v
4. View the contents of the /etc/ld.so.conf file by entering
cat /etc/ld.so.conf
(End of Exercise)
Manage Backup and Recovery
SECTION 9 Manage Backup and Recovery

■ “Back up Files with YaST” on 9-2
In this exercise, you learn how to perform a system backup with
YaST.
■ “Create Backup Files with tar” on 9-3
In this exercise, you learn how to use tar.
■ “Create Drive Images with dd” on 9-5
In this exercise, you use dd to create a drive image.
■ “Create a Backup of a Home Directory with rsync” on 9-7
In this exercise, you learn how to use rsync.
■ “Configure a cron Job for Data Backups” on 9-9
In this exercise, you use cron for data backup.
Exercise 9-1 Back up Files with YaST
In this exercise, perform a system backup with YaST.
1. Open the YaST Control Center; then select System > System
Backup.
2. Select Profile Management > Add.
3. Enter Course3072; then select OK.
4. In the Filename field, enter /tmp/course3072.tar.
5. Select Next.
6. Select Next one more time. A list of directories and file systems
which are not going to be included in the backup is displayed.
7. Select Add > Directory.
8. Enter /home; then select OK.
We assume, that the home directories are backed up in a
different way.
9. Select OK.
10. In the profile overview, make sure the profile Course3072 is
highlighted; then select Create Backup.
11. Wait till the backup has been completed (this may take some
time).
12. Have a look at the structure of the tar archive in
/tmp/course3072.tar. This can for example be done with the
command:
tar -tf /tmp/course3072.tar
(End of Exercise)
Exercise 9-2 Create Backup Files with tar
In this exercise, use tar to create a full backup and an incremental

backup.
■ Part I: Create a Full Backup

■ Part II: Create an Incremental Backup
x In this exercise, you copy backup files to the directory /tmp. This is only done
to demonstrate using backup methods. You should never make an actual
backup to the directory /tmp.
Part I: Create a Full Backup
To create a full backup, do the following:

1. Open a terminal window and su - to root.
2. Change to the /srv/www directory by entering
cd /srv/www/
3. Create a tar archive of the htdocs directory by entering
tar czf /tmp/htdocs.tar.gz htdocs
4. Delete the htdocs directory by entering
rm -r htdocs
5. Copy the backup archive to the /srv/www directory by entering
cp /tmp/htdocs.tar.gz /srv/www
6. Restore the htdocs directory by entering
tar xzf htdocs.tar.gz
7. View the content of the restored directory by entering
ls htdocs
Part II: Create an Incremental Backup
To create an incremental backup, do the following:

1. From the root terminal window, change to the /srv/www
directory by entering
cd /srv/www
2. Create a full backup by entering the following command (in one
line):
tar czv -g /tmp/snapshot_file -f /tmp/htdocs_full.tar.gz
htdocs
3. Create a new file in the htdocs directory by entering
touch htdocs/incremental.html
4. Perform an incremental backup by entering the following
command (in one line):
tar czv -g /tmp/snapshot_file -f
/tmp/htdocs_incremental.tar.gz htdocs
Note that tar backs up the file incrementally.
5. View the content of the incremented backup file by entering
tar -tzf /tmp/htdocs_incremental.tar.gz
6. Remove the htdocs directory by entering
rm -r htdocs
7. Start restoring the directory by unpacking the backup by entering
tar xzf /tmp/htdocs_full.tar.gz
8. Unpack the incremental backup by entering
tar xzf /tmp/htdocs_incremental.tar.gz
(End of Exercise)
Exercise 9-3 Create Drive Images with dd
In this exercise, use dd to create a drive image.
x To perform this exercise, you need a data CD. You could also use a DVD, but
the copying process takes much longer and you need more free space on your
hard disk to store the disk image.
1. Insert any data CD in the CD or DVD drive.

2. Close the file manager window that automatically opens up.
3. Within a root terminal window, enter
mount
In the output, look for an entry
/dev/hdc /media/...
and note the corresponding device name (listed in the first
column of the output):
4. Copy an image of the CD to the hard disk by entering

dd if=/dev/device_name of=/tmp/course_cd.iso
5. When the copy process is complete, mount the image file by
entering
mount -o loop /tmp/course_cd.iso /mnt/
6. Change to the /mnt/ directory by entering
cd /mnt
7. Display the content of the image file by entering
ls
8. Change to the /media/device_name directory and enter ls.
Note that the content of the image file is identical to the original
media.
9. Change to your home directory and unmount the image file by
entering the following commands:
cd
umount /mnt
10. Delete the image file by entering
rm /tmp/course_cd.iso
(End of Exercise)
Exercise 9-4 Create a Backup of a Home Directory with rsync
In this exercise, use rsync to perform local backup and remote

backup.
■ Part I: Perform a Local Backup with rsync

■ Part II: Perform a Remote Backup with rsync
Part I: Perform a Local Backup with rsync
To perform a local backup with rsync, do the following:

1. Open a terminal window and su - to root.
2. Create a test backup directory by entering
mkdir /tmp/rsync_test
3. Copy geeko's home directory to the backup directory by entering
rsync -av /home/geeko /tmp/rsync_test
4. As user geeko, open another terminal window.
5. Create a new file by entering
touch new_file
6. Switch to the root terminal window and enter the same rsync
command again:
rsync -av /home/geeko /tmp/rsync_test
Notice that rsync transfers only the new file and the
corresponding directory.
Part II: Perform a Remote Backup with rsync
Wait until a partner has completed the previous steps in the exercise;
then do the following:
1. From the root terminal window, perform a remote backup of your
partner's geeko home directory by entering (in one line):
rsync -ave ssh root@partner_ip_address:/home/geeko
/tmp/rsync_test
2. When a connection message appears, continue by entering yes;
then enter a password of novell.
3. Ask your partner to create a new file in the geeko home directory
by entering
touch new_file2
4. Enter the rsync command again (in one line):
rsync -ave ssh root@partner_ip_address:/home/geeko
/tmp/rsync_test
Notice that only the new file is copied by rsync.
5. Clean up the backup directory by entering
rm -r /tmp/rsync_test/*
6. Close all terminal windows.
(End of Exercise)
Exercise 9-5 Configure a cron Job for Data Backups
In this exercise, use cron for data backup.
1. Open a terminal window and switch to user root (su -; password

novell).
2. Change to the /usr/local/bin/ directory by entering
cd /usr/local/bin
3. Create the file home_backup.sh in the directory and enter the
following commands in the file:
#!/bin/bash
rsync -a /home/geeko /tmp/rsync_test
4. Save the file and close the editor.
5. Make the file executable by entering
chmod 744 home_backup.sh
6. To edit root’s crontab, start the crontab editor by entering
crontab -e
7. Add the following at the end of the file:
30 15 * * * /usr/local/bin/home_backup.sh
8. Check after 3:30 pm (or tomorrow) to see if the backup has been
completed by entering
ls /tmp/rsync_test
9. (Optional) Try changing the time of the backup job.
(End of Exercise)
Manage Printing
SECTION 10 Manage Printing

■ “Change Your Printer Configuration” on 10-2
In this exercise, you add a local printer and print to a remote
queue.
■ “Manage Printers from the Command Line” on 10-6
In this exercise, you practice managing printer queues from the
command line.
■ “Restrict Access” on 10-8
In this exercise, you learn how to administer access to your
CUPS server.
■ “Use the Web Interface to Manage a CUPS Server” on 10-10
In this exercise, you add a second printer via the web frontend
of CUPS.
Exercise 10-1 Change Your Printer Configuration
In this exercise, you add a local printer and print to a remote queue.
The exercise has two parts.
In the first part, use YaST to add a printer to your printer

configuration. Configure a parallel printer model HP Laserjet 4 with
hplj4 as the name of the print queue. For the purpose of this exercise
it is not necessary for a printer to be connected to your computer.
Configure the printer to print two pages on one sheet of paper, and
change the default paper size from A4 to US Letter.
In the second part, configure a queue on your computer that uses the
printer that is available on the host da1. If this printer does not exist,
for the purpose of this part of the exercise, you can use the CUPS
server running on your own machine.
■ Part I: Add a Printer

■ Part II: Print to a Remote CUPS Printer
Part I: Add a Printer
To add a printer, do the following:

1. Start the YaST Control Center and select Hardware > Printer.
The Printer Configuration dialog appears.
2. Add a new queue for a printer by selecting Add.
3. For the printer type, make sure Directly Connected Printers is
selected; then select Next.
4. For the printer type, make sure Parallel Printer is selected; then
select Next.
5. Accept First Parallel Port (/dev/lp0) as the printer device by
selecting Next.
Manage Printing
6. Enter the following:
❑ Name for printing: hplj4
❑ Description of Printer: LaserJet 4 on daxx (where xx is
your host number)
❑ Location of Printer: daxx computer
Make sure that Do Local Filtering is selected; select Next.
A Printer Model dialog appears, with a list of manufacturers
and a list of models.
7. From the manufacturer list, select HP; from the model list, select
LaserJet 4.
8. When you finish, select Next, then Edit.
A Configuration dialog appears.
9. Change the settings of the printing filter by selecting Filter
Settings; then select Edit.
A list of options appears at the top of the screen with a list of
values for each option at the bottom of the screen.
a. Change the number of pages that should be printed on one
sheet of paper by selecting Pages per Sheet.
b. In the Values list, select 2.
c. Scroll through the list of options and select Page Size.
Notice the setting of the page size.
d. If the setting is not Letter, change the page size to US Letter
by selecting Letter.
10. When you finish, select Next.
11. Return to the main Printer Configuration dialog by selecting OK.
12. Finish the configuration by selecting Finish; then close the YaST
Control Center.
Part II: Print to a Remote CUPS Printer
To print to a remote CUPS printer, do the following:

1. From the YaST Control Center ,select Hardware > Printer.
The Printer Configuration dialog appears.
2. Add a new CUPS printer by selecting Add.
3. Select Network Printers; then select Next.
4. Select Print via CUPS Network Server; then select Next.
5. Select Remote IPP Queue; then select Next.
6. Next to the Hostname of Print Server field, select Lookup; then
select Scan for IPP Servers.
7. From the drop-down list, select da1.digitalairlines.com.
8. (Conditional) If DA1.digitalairlines.com does not appear in the
drop-down list, enter da1.digitalairlines.com in the field.
9. Next to the Remote Queue Name field, select Lookup to select
the default queue configured on da1.
10. To test the connectivity to the printer server, select Test Remote
IPP Access.
11. When a success message appears, select OK.
12. Select Next.
A Queue name dialog appears.

Notice that Do Local Filtering is not selected, because filtering
is being done on the remote CUPS printer server.
Manage Printing
13. From the Name for Printing field, record the name of the printer
queue on the instructor’s server:
15. Save the configuration changes by selecting Next.
16. Close all windows.
(End of Exercise)
Exercise 10-2 Manage Printers from the Command Line
In this exercise, you practice managing printer queues from the

command line.
Use the lpr and lp commands to print the /etc/hosts file to the queue
hplj4. View the jobs using lpq and lpstat. Delete the first job using
lprm.

2. Send a print job to the HP LaserJet 4 printer using the Berkeley
printer commands:
a. Send the /etc/hosts file to be printed by entering
lpr -P hplj4 /etc/hosts
b. View the print queue for hplj4 by entering the following
Berkeley command:
lpq -P hplj4
3. Send a print job to the HP LaserJet 4 printer using the System V
printer commands:
a. Send the /etc/hosts file to the printer by entering
lp -d hplj4 /etc/hosts
b. View the print queue for hplj4 by entering the following
Berkeley command:
lpstat hplj4
4. From the terminal window, cancel the first print job by entering
the following Berkeley command (use the jobnumber displayed
in Step 2b above):
lprm -P hplj4 jobnumber
Manage Printing
5. Enter lpstat hplj4.
The first print job has been deleted.
6. Check the status of the printer by entering
lpc status
(End of Exercise)
Exercise 10-3 Restrict Access
In this exercise, you learn how to administer access to your CUPS

server. It has two parts.
To be able to use the administration resources via the web interface,

it is necessary to create an administration account that belongs to
the group sys. In part one of this exercise, create this account with
the lppasswd tool, using a password of n0vell.
In the second part, restrict access to the / (root) resource of the

CUPS server based on the IP address of the client sending print
jobs. Allow access to your machine, while denying access to others
within the local network.
■ Part I: Perform User Authentication

■ Part II: Restrict Access to the CUPS Server
Part I: Perform User Authentication
To perform user authentication, do the following:

1. In a terminal window, switch to user root (su -; password novell).
2. To generate the user root, enter
lppasswd -a root -g sys
3. Enter n0vell (with the number zero) as the password.
4. Confirm your password by entering n0vell (with the number
zero) a second time.
5. Start a web browser on your server.
Manage Printing
6. Enter http://localhost:631/ as URL in your browser window.
7. Select Do Administration Tasks.
8. Enter root as the user name and n0vell (with the number zero) as
the password in the authentication dialog.
Part II: Restrict Access to the CUPS Server
To restrict access to the CUPS server, do the following:

1. Select Hardware > Printer in YaST.
2. Select CUPS Expert Settings in the Other drop-down menu.
3. Select CUPS Server Settings; then select Next.
4. Make sure that / (root) in the Access Settings area is selected;
then select Change Permissions.
5. Make sure that Deny,Allow is selected.
6. To deny access from the local network, select the entry Allow
From @LOCAL; then select Delete.
7. To allow access for your IP address, select Add.
8. Make sure that Allow From in the pop-up window is selected.
9. Under Enter IP Address, enter the IP address of your server, like
10.0.0.10 for da10; then select OK.
10. Select Ok, then Next, and then Finish.
11. Using the Firefox browser on the client, access the CUPS server
using the URL http://ip_address:631/. You should get access.
12. Have another student try to access your CUPS server on port 631
using Firefox. The access should be denied. To verify, as root,
enter the following in a terminal window on your server:
tail /var/log/cups/access_log
(End of Exercise)
Exercise 10-4 Use the Web Interface to Manage a CUPS Server
In this exercise, add a second printer via the web frontend of CUPS,
even though a second printer is not available at your workstation.
Assume the printer is connected to an USB port, the model is HP

Color LaserJet 8550 Postscript, and its name is Fictive.
1. Start a web browser on your workstation.

2. Enter http://localhost:631/ as URL in your browser window.
3. Select Manage Printers.
4. To add a (nonexistent) printer, select Add Printer.
5. In the authentication dialog, enter root as the user name and
n0vell (with the number zero) as the password.
6. Select OK.
7. Under Name, enter Fictive.
8. Under Location, enter Nowhere.
9. Under Description, enter This printer does not exist.
10. Select Continue.
If there is a warning message from the browser about sending

information over an unencrypted connection, select Continue.
11. From the Device pull-down menu, select USB Printer #1; then
select Continue.
12. From the Make pull-down menu, select HP; then select
Continue.
Manage Printing
13. From the Model list, select HP Color LaserJet 8550 Postscript
(recommended) (en); then select Continue.
14. You should get the message
Printer Fictive has been added successfully.

15. Select Printers to see the new printer in the list.
(End of Exercise)
Configure Remote Access
SECTION 11 Configure Remote Access

■ “Practice Using OpenSSH” on 11-2
In this exercise, you learn how to use OpenSSH.
■ “Perform Public Key Authentication” on 11-4
In this exercise, you practice using SSH with public key
authentication.
■ “Use Remote Administration” on 11-7
In this exercise, you configure remote administration.
Exercise 11-1 Practice Using OpenSSH
In this exercise, you need to work with a partner to practice using

the SSH suite of utilities.
Perform the following tasks:

■ Log in to your partner’s server as root.
■ Execute the ps aux command on your partner’s computer
without logging in to his computer.
■ Copy the /etc/hosts file from your partner’s computer to your
/tmp directory.
■ Copy the /etc/hosts file from your computer to the home
directory of geeko on your partner’s computer.
■ Using sftp, copy the /bin/date file from your partner’s
computer to /home/geeko on your computer.
Note: If no partner is available, as in a self-study environment,

replace the partner’s computer with localhost in the following steps.
1. From the terminal window, log in to your partner’s computer as

geeko. Do the following:
a. From the command line, enter
ssh -l geeko partner_server_IP_address
b. (Conditional) If you receive a warning about the authenticity
of the remote host, continue by entering
yes
c. Enter the password novell.
You are now logged in to your partner’s server as geeko.
d. Log out by entering
exit
2. Using the password novell, check the processes running on your
partner’s system by entering the following:
ssh -l geeko partner_server_IP_address ps aux
A list of all processes currently running on your partner’s server
is displayed.
3. Using the password novell, copy your partner’s /etc/hosts file to
your /tmp directory by entering the following:
scp geeko@partner_server_IP_address:/etc/hosts /tmp/
4. Using the password novell, copy your /etc/hosts file to geeko’s
home directory on your partner’s server by entering the
following:
scp /etc/hosts geeko@partner_server_IP_address:
5. Use sftp to connect to your partner’s computer as geeko by
entering
sftp geeko@partner_server_IP_address
6. Copy the /bin/date program to geeko’s directory on your won
computer by entering
get /bin/date /home/geeko/
7. Quit sftp by entering
exit
(End of Exercise)
Exercise 11-2 Perform Public Key Authentication
In this exercise, you practice using SSH with public key

authentication. You need to work with a partner in this exercise.
Create an ssh-key pair, add the public key to the file

~geeko/.ssh/authorized_keys on your partner’s computer and note
the difference between logging in with and without a public key.
Use the ssh-agent to cache the private key and log in again to your
partner’s machine as geeko.
As root, change the server configuration to allow only public key

authentication. Restart sshd. And, as root, try ssh geeko@localhost.
1. As user geeko, open a terminal window.

2. Generate an RSA key pair:
a. From the terminal window, enter
ssh-keygen -t rsa
b. Accept the default location for the key
(/home/geeko/.ssh/id_rsa) by pressing Enter.
c. Enter a passphrase of novell.
Information about your key pair, such as the location of
your identification and the public key, is displayed.
3. Add the RSA public key to your partner’s
~geeko/.ssh/authorized_keys file:
a. Using the password novell, copy the file to your partner’s
home directory of geeko by entering the following:
scp .ssh/id_rsa.pub geeko@partner_server_IP_address:
b. Using ssh, log in as geeko to your partner’s computer by
entering
c. Enter ls -al.
Look for an .ssh directory.
d. (Conditional) If a .ssh directory does not exist then create it
by entering
mkdir .ssh
e. Copy the public key to the ~/.ssh/authorized_keys file by
entering
cat id_rsa.pub >> .ssh/authorized_keys
4. Log out from the partner’s server by entering
exit
5. Using ssh, log in as geeko to your partner’s computer by entering
You are prompted for a passphrase, not a password.
6. Log in by entering novell; then log out by entering exit.
7. To track authentication, start the ssh-agent by entering
ssh-agent bash
8. Add your private key to the agent for authentication by entering
ssh-add .ssh/id_rsa
Then enter a passphrase of novell.
9. Using ssh, log in as geeko to your partner’s server by entering
This time you are not prompted for a password or a passphrase.
10. Switch to user root (su -; password novell)
11. Open the /etc/ssh/sshd_config file in an editor of your choice and
to the following:
a. Find the line containing PasswordAuthentication and
make sure it is set to no.
b. Find the line containing UsePAM and change its setting
from yes to no.
c. Save the file and close the editor.
12. Restart sshd by entering
rcsshd restart
13. Enter ssh geeko@localhost. You should see an error message,
and no prompt for a password.
14. Using an editor, undo the changes made in Step 11; restart sshd.
15. Log out as root by entering exit.
(End of Exercise)
Exercise 11-3 Use Remote Administration
In this exercise, you configure remote administration.
This exercise has four parts. You work with a partner. (If there is no
one available with whom to do the exercise, use localhost instead of
the partner’s computer.)
In the first part, access the text-based version of YaST by entering
ssh your_partner_IP_address
In the second part, access the graphical version of YaST by entering
ssh -X your_partner_IP_address
In the third part, configure remote access to your computer with the
YaST Remote Administration module.
In the fourth part, access your partner’s computer via VNC once
your partner has finished Part 3.
■ Part I: Remotely Access a Text-Based Version of YaST

■ Part II: Remotely Access the GUI Version of YaST
■ Part III: Configure Remote Administration with YaST
■ Part IV: Access Your Partner’s Server Remotely
Part I: Remotely Access a Text-Based Version of YaST
Both you and a partner do the following:

1. From a terminal window, enter
ssh root@your_partner_IP_address
2. (Conditional) If you are prompted to accept your partner’s ssh
key, enter yes.
3. When prompted for the password, enter novell.
4. Launch the ncurses-based version of YaST by entering yast2.
x Despite the fact that you entered yast2, the text-based version of the
YaST Control Center appears. The reason for this is that X11 forwarding
is not active in the default configuration of ssh.
Do not change any configurations on your partner’s server.

5. Exit the YaST Control Center by pressing Alt+q.
6. Close the SSH session by entering exit.
Part II: Remotely Access the GUI Version of YaST
Both you and a partner do the following:

1. From the terminal window, enter
ssh -X root@your_partner_IP_address
2. When prompted for the password, enter novell.
3. Launch the GUI-based version of YaST by entering yast2.
As the option -X activated X11 forwarding, the GUI-based
version of the YaST Control Center appears.
Do not change any configurations on your partner’s server.
4. Close the YaST Control Center.
5. Close the SSH session by entering exit.
Part III: Configure Remote Administration with YaST
Both you and your partner do the following:

1. Enter yast2; then enter the root password and select OK.
The YaST Control Center appears.
2. Install a Java browser plugin:
a. Select Software Management
b. In the search field, enter java-1, and select Search.
c. In the frame displaying the search results, select
java-1_4_2-sun-plugin.
d. Select Accept, accept the automatic changes by selecting
Continue.
e. Select No in the Install or remove more software dialog.
3. In the main window of YaST, select Network Services >
Remote Administration.
The Remote Administration dialog appears.
4. Select Allow Remote Administration; select Open Port in
Firewall; then select Finish.
5. A dialog appears for restarting the display manager. Close the
dialog by selecting OK.
6. Close any open applications; then display a console by pressing
Ctrl+Alt+F2. Log in as root (password novell).
7. Restart the display manager by entering rcxdm restart. (You
could also switch to a text console, log in as root and enter init 3
and then init 5.)
After a few moments, a graphical login is displayed.
Your SUSE Linux Enterprise Server 10 is ready to be accessed
remotely for administration.
Part IV: Access Your Partner’s Server Remotely
To access the server from a web browser, you and your partner do
the following:
1. From the GNOME desktop, open the Firefox web browser.
2. In the Location field, enter
http://your_partner_IP_address:5801
A VNC Authentication dialog appears.
Although a password is requested, it is not required.
4. Log in to the remote server’s desktop as geeko (password
novell).
The desktop for your partner’s geeko user appears.
5. When you finish testing the desktop, close the VNC session by
selecting Disconnect (top of the screen).
(End of Exercise)

SUSE Linux Enterprise Server 10 Administration Workbook: Novell Training Services

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SUSE Linux Enterprise Server 10 Administration Workbook: Novell Training Services

Uploaded by

Copyright:

Available Formats

SUSE Linux Enterprise Server 10

Novell, Inc. Copyright 2007-NO PRINTING OR DISTRIBUTION ALLOWED

All other third-party trademarks are the property of their respective

SECTION 1 Install SUSE Linux Enterprise Server 10

Exercise 1-1 Install SUSE Linux Enterprise Server 10. . . . . . . 1-2

SECTION 2 Administer the Linux File System

Exercise 2-1 Configure Partitions on your Hard Drive. . . . . . . 2-2

SECTION 3 Administer User Access and Security

Exercise 3-1 Configure PAM Authentication . . . . . . . . . . . . . . 3-2

SECTION 4 Configure the Network Manually

Exercise 4-1 Configure the Network Connection Manually. . . 4-2

SECTION 5 Administer Linux Processes and Services

Exercise 5-1 Manage Linux Processes . . . . . . . . . . . . . . . . . . . 5-2

SECTION 6 Monitor SUSE Linux Enterprise Server 10

Exercise 6-1 Gather Information on your SUSE Linux Enterprise

SECTION 7 Manage System Initialization

Exercise 7-1 Manage the Boot Loader . . . . . . . . . . . . . . . . . . . 7-2

SECTION 8 Manage Software for SUSE Linux Enterprise Server

Exercise 8-1 Manage Software with RPM . . . . . . . . . . . . . . . . 8-2

SECTION 9 Manage Backup and Recovery

Exercise 9-1 Back up Files with YaST . . . . . . . . . . . . . . . . . . . 9-2

SECTION 10 Manage Printing

Exercise 10-1 Change Your Printer Configuration. . . . . . . . . 10-2

Exercise 10-3 Restrict Access. . . . . . . . . . . . . . . . . . . . . . . . . 10-8

SECTION 11 Configure Remote Access

Exercise 11-1 Practice Using OpenSSH . . . . . . . . . . . . . . . . . 11-2

This workbook is designed to help you practice the skills associated

These skills, along with those taught in SUSE Linux Enterprise

x Instructions for setting up a self-study environment are in the directory setup

You need additional experience in the following areas:

The following describes the most common conventions:

SECTION 1 Install SUSE Linux Enterprise Server

In this section of the workbook, you learn how to do the following:

■ Part I: Boot from the Installation Media

Part I: Boot from the Installation Media

To boot from the installatin media, do the following:

6. When YaST displays the Novell Software License Agreement,

Part II: Configure the Partitions for your Hard Drive

1. Change the partitioning settings by selecting Partitioning.

11. From the confirmation dialog, select Install.

1. When presented with the Hostname and Domain Name dialog,

11. In the IP Address field, enter your IP address.

12. In the Subnet Mask field, enter 255.255.255.0.

13. Configure the host name and name server:

22. In the Hardware Configuration dialog, review the settings

SECTION 2 Administer the Linux File System

In this section of the workbook, you learn how to do the following:

In this exercise, you practice creating partitions and file systems on

■ Part I: Create Partitions and File Systems with YaST

Part I: Create Partitions and File Systems with YaST

To create partitions and file systems with YaST, do the following:

To partition manually with fdisk, do the following:

x If your computer uses SATA or SCSI disks, enter fdisk /dev/sda.

Depending on the number of cylinders on your disk, a message

To manage file systems from the command line, do the following:

In this exercise, you practice managing file systems from the

In the previous exercise, you created various partitions and file

In the second part of the exercise, convert the partition /dev/hda8 to

Detailed Steps to Complete this Exercise:

■ Part I: Run e2fsck

Part I: Run e2fsck

To run e2fsck, do the following:

Part II: Customize the File Systems