Linux Administration – Introducttion

Page 1 of 167

1. Linux Introduction
Linux is a modern, flexible, and mature operating system. Although it started life on the Intel platform, it has since been ported to many other platforms such as Amiga, DEC Alpha, Apple Power PC, Sun workstations, and others. Linux boasts many other features: Multitasking - Linux is a true preemptive multitasking operating system. All processes run independently of each other and leave processor management to the kernel. Networking - Linux supports a multitude of networking protocols. Interoperability - Linux can interoperate with Windows 9x/NT/NT 2000, Novell, Mac, and most other versions of UNIX. Multi-user - Linux can handle multiple users simultaneously logged on to one machine. Advanced memory management Traditional UNIX systems used swapping to manage memory, where the entire memory structure of a program was written to disk when the system began running low on memory. Linux uses paging, a method that intelligently allocates memory, when system memory is running low, by prioritizing memory tasks. Linux currently supports up to 64GB of RAM. POSIX support POSIX defines a minimum interface for UNIX-type operating systems. Linux currently supports POSIX 1003.1. This ensures that POSIX-compliant UNIX programs will port easily to Linux. Multiple file systems Linux must be installed on Extended 2 Linux-formatted partitions, but if certain other OS file systems already exist on the same host, Linux will support several of these file system formats as well, including DOS/Windows, OS/2, and Novell. This is just another interoperability feature provided by Linux.

1.1. Open Source and Free Software
All Linux distributions are based on the same idea: Take the Linux kernel and surround it with freely available software to create a usable operating system. Red Hat Linux 7.0 used Linux kernel 2.2, while version 9 uses kernel 2.4. Red Hat Software continuously evolves their distribution by using the most current, stable kernel as well as the latest available software for each of its distributions.

1.1.1. History
Although Linux came into being in 1991, it can trace its lineage back much further. In 1969, a Bell Labs programmer named Ken Thompson invented the UNIX operating system. Around the same time, another programmer, Dennis Ritchie, was working on a new computer language called C. By 1974, the two had rewritten UNIX in the C language, and ported it to several different machines. It is this combination of UNIX and C that Linux owes much of its heritage to. UNIX and C are at the heart of Linux and the Open Source movement. While languages such as Purl, Python, Java, and others make the headlines today, far more lines of open source code have been written than any other single language. Though many of these programs have been ported to other operating systems, such as Windows NT, UNIX and UNIX-like operating systems have benefited from Open Source software the most. Linux In 1991, a student at Helsinki University in Finland posted this message to the Usenet group comp.os.minix: From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds) Newsgroups: comp.os.minix Subject: Gcc-1.40 and a posix-question Message-ID: <1991Jul3.100050.9886@klaava.Helsinki.FI> Date: 3 Jul 91 10:00:50 GMT Hello netlanders, Due to a project I'm working on (in minix), I'm interested in the posix standard definition. Could somebody please point me to a (preferably) machine-readable format of the latest posix rules? Ftp-sites would be nice. It was followed up a few months later with this post:
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Introducttion

Page 2 of 167

From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds) Newsgroups: comp.os.minix Subject: What would you like to see most in minix? Summary: small poll for my new operating system Message-ID: <1991Aug25.205708.9541@klaava.Helsinki.FI> Date: 25 Aug 91 20:57:08 GMT Organization: University of Helsinki The student, of course, was Linus Torvalds. Linus had just purchased a (then) state-of-the-art 386 PC, and wanted, among other things, to learn how it worked. The MS-DOS operating system was too limiting, and immediately discounted. At the time, he had been using another UNIX-like operating system called Minix, a microkernel-based teaching operating system. Minix had many limitations, however, so Linus set about writing a new operating system that did not suffer the limitations of MS-DOS and Minix. Linus was by no means the first person to come up with the idea of a free UNIX-like operating system. Several years earlier The Free Software Foundation, headed by Richard M. Stallman, announced a kernel called The HURD. Unfortunately, efforts on this new kernel faltered, and it wasn't until 1996 that a stable version of The HURD was available. William and Lynne Jolitz in 1991 were also busy porting Berkeley UNIX, BSD, to the Intel platform. But Linux was quickly propelled to the front of the pack by the large army of programmers from all across the world, who all pitched in their expertise for the Linux kernel. Instead of the project becoming chaotic and unmanageable, Linux actually benefited from the large number of coders and testers, and nearly instant feedback every time a new kernel was released, which was often? At times, several versions of Linux were released in a single day. A few years after development had begun on Linux, it was a full-featured, stable operating system. Today, the Linux kernel is developed the same as it was in the beginning. Programmers across the globe collaborate on discussion groups and e-mail lists to work on the Linux kernel. Most are not paid for their efforts, doing it instead from a sense of community that binds Linux developers.

1.2. GPL and Open Source Licenses
The terms “Free” and “Open Source” software are commonly used to mean the same thing. While the differences are subtle, they are very important. Free Software Free software is the term typically used to refer to software that has been released under the GNU Public License, or GPL. The GPL (also called Copyleft) was designed with the philosophy that all software should be free. Not free as in zero prices, but free as in open. As the Free Software Foundation's Richard Stallman puts it in his essay “The GNU Operating System and the Free Software Movement.” The term "Free software" is sometimes misunderstood-it has nothing to do with price. It is about freedom. To clear up some of the confusion, the following is the definition of Free software. A program is Free software for users if: You have the freedom to run the program, for any purpose. You have the freedom to modify the program to suit your needs. (To make this freedom effective in practice, you must have access to the source code, since making changes in a program without having the source code is exceedingly difficult.) You have the freedom to redistribute copies, either gratis or for a fee. You have the freedom to distribute modified versions of the program, so the community can benefit from your improvements. Since "free" refers to freedom, not to price, there is no contradiction between selling copies and Free software. In fact, the freedom to sell copies is crucial: collections of Free software sold on CD-ROMs are important for the community, and selling them is an important way to raise funds for Free software development. Therefore, a program that people are not free to include on these collections is not Free software

1.3. About Linux
You hear people talking about Linux all the time. But you also probably hear about the "Red Hat" Linux distribution, and names like SuSE, Caldera, Debian, Slackware, and others. Are they all Linux?

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Introducttion

Page 3 of 167

Recall that Linux is the operating system kernel. That is, Linux is the very heart of the operating system. However, like all operating systems, to be useful, Linux has to have utilities and programs to do the actual work. This is where distributions come in. All of the Linux distributions run the Linux kernel. But after that, the distributions vary from each other to some degree. For example, the Slackware distribution looks and feels much like Berkeley UNIX, whereas the SuSE distribution is much more System V'ish. Red Hat Linux tends to fall somewhere in between but is leaning toward System V more and more with each new release.

1.4. Current Support for Networking Services
Linux was built from the start to be a network operating system. This may seem obvious now, but consider that in 1991 nobody knew how important networking and the Internet would be to modern-day computing. This gives Linux a big edge in terms of network stability and integration. Today, Linux supports the networking protocols Protocol TCP/IP IP Version 6 AppleTalk CCITT X.25 Packet Layer Acorn Econet/AUN IPX Description This is the protocol used by the Internet, and on most local networks This is the protocol that will eventually replace IP version 4 on the Internet. The protocol used for Apple computers to communicate with each other. The X.25 networking protocol. An older protocol, used by Acorn computers to access file and print servers. The Novell networking protocol, used to access Novell file and print servers.

1.5. Flexibility of Open Source Software
Much ado has been made about Free and Open Source software, but what do you really get that you can't get from closed operating systems such as Microsoft Windows? StabilityWhen a version of an open source program is released on the Internet, there is a large peer review of the source code. With so many people looking at the code, there's a much better chance somebody will see a bug, and even offer a correction. This type of peer review just isn't possible in the closed source world. ModificationsIn a closed source environment, you're at the mercy of the vendor. If you want or need a feature, you can submit a request for features, and only hope the vendor will agree with you. If not, you're stuck. With open source, you have the source code, and you can add the features yourself, if need be. Or, you can hire a programmer to make the changes for you. Many times, you can post a message to the appropriate Usenet newsgroup saying "Gee, it sure would be nice if program Foo could do this." Sometimes somebody will have a patch written within a couple days that does just what you want. SupportThere are literally thousands of open source advocates out there on newsgroups and e-mail lists who can answer your questions when you need help. Best of all, it's free. Contrast this with the big money you throw to the closed source vendors, who may or may not be able to help you. And if you really feel the need to pay for support, there are several companies out there now providing 24/7 technical support for Linux.

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

Many mission-critical servers around the world run Red Hat Linux. This type of prudent management. Sold in a family of four products that span client systems to the largest servers. This is where distributions come in.1 Red Hat Linux For many. but because of this. once a new beta version is announced. A vast range of support services is available through the company and. The result is a well-tested and stable distribution. it is quite difficult to build a coherent system that will run on personal computers. One other reason for Red Hat's success is the variety of popular services the company offers. organizations and businesses jointly develop the software. has only recently started showing signs of profitability. With this style of development. such as building and testing the software. providing technical support and to provide security updates and bug fixes. Mandrake Linux.com info@wilshiresfot.2 RedHat Enterprise Linux Red Hat Enterprise Linux creates a reliable. you are virtually assured of an excellent support by highly skilled support personnel. Corporate greed. Linux has a community based development model where many people. The Redhat distribution was first released in October 1994 and has progressed to one of the most popular Linux Distributions available today. the package versions are frozen.1. the name Red Hat www.redhat. We will cover the most popular intermediate Linux distributions available today.the RHCE (Red Hat Certified Engineer) training and examination are now available in most parts of the world.1999. a free repository of software and valuable information. 2. Intermediate distributions give the user plenty of control and choice over their system. except for security updates. All these factors have contributed to the fact that Red Hat is now a recognized brand name in the IT industry. 2. Slackware Linux and Caldera OpenLinux. yet provide easy to use tools to administer and maintain their system. Each one has its own strengths and weaknesses which will vary from person to person.Distribution Comparision Page 4 of 167 2. high-performance platform designed for today’s commercial environments—with capabilities that match or surpass those of proprietary operating systems. etc. secure. Red Hat Linux is a first choice for many professionals and is likely to be a major player for a long time. www.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The software packages are easy to update via Red Hat Network. They wisely resisted any rapid expansion plans during the dot-com boom times in 1998 . concentrating on their core business. while not always cheap. Red Hat Enterprise Linux delivers a consistent application. management. from ones that are very user friendly to advanced ones that allow you to build your system from the source code. The packages are not the most up-todate. 2. There is no one distribution that will perfectly fit into everyone’s needs. insane legal licensing and constant Windows vulnerabilities are starting to take its toll on the general computing population. Inc. The Linux Distribution Comparison Linux is started taking the world of computers by storm.com epitomises Linux. if continued. and many are looking for an alternative. RedHat Enterprise Linux.Linux Administration .1 Fedora Linux Fedora Linux was started by Redhat Linux in September 2003 as a community based open development Operating System based on the Redhat Linux distribution. Yet. RedHat Linux Fedora Linux. The company has even developed a certification program to further popularize its distribution .wilshiresoft. What is so special about Red Hat Linux? It is a curious mix of conservative and leading-edge packages put together on top of many knowledge-intensive utilities developed in-house. Red Hat. the beta program and a bug reporting facility are open to public and there is a great spirit on the public mailing lists.1. due to services rather than the distribution itself. For some Linux is the answer. Founded in 1994. The Linux Operating System is very different than proprietary Operating Systems. There are all types of distributions available. there is no one entity that controls everything. Debian GNU/Linux. and user environment. Distributions take care of all of the rudimentary tasks of building the system. is likely to guarantee stability and dependability. This article covers all the major advantages (and disadvantages) each of these distributions have to offer and hopefully give you enough information to help you correctly choose which Linux Distribution is right for your computer. as it is probably the best-known Linux company in the world. Distributions are complete Linux Systems that are built by companies or organizations to aid in the support and installation of the Linux Operating System. Suse Linux.

Following is a figure describes RedHat’s Network: Figure: RedHat Network Server Solutions: Red Hat Enterprise Linux AS (Advanced Server): Red Hat Enterprise Linux AS is the top-of-the-line server operating system solution. and the freedom of open source technology. already at work running some of the world’s largest commercial. For any deployment—from the desktop to the datacenter— Red Hat Enterprise Linux delivers unmatched performance and cost savings. Client Solutions: Red Hat Enterprise Linux WS (Work Station) and Desktop: Red Hat Enterprise Linux WS is the desktop/client partner for Enterprise Linux AS and Enterprise Linux ES. there are some differences between family members in terms of their server package sets. including office productivity applications. and targeted ISV client applications. When configured as a headless workstation. government.Distribution Comparision Page 5 of 167 Red Hat Enterprise Linux is the corporate Linux standard. and academic institutions.Linux Administration . and also share the same major package sets.wilshiresoft. Recommended www. because Red Hat Enterprise Linux WS and Red Hat Desktop are not designed for use in server environments. However. Red Hat Enterprise Linux ES (Enterprise Server): Red Hat Enterprise Linux ES is the perfect server operating system solution for the majority of today's business computing needs – suitable for systems ranging from the edge-of-network to medium-scale departmental deployments. S/W development environments. Red Hat Enterprise Linux WS is ideal for all desktop deployments. and utilities. Red Hat Enterprise Linux products are based on the same core kernel.com info@wilshiresfot.com Red Hat Enterprise Red Hat Enterprise Red Hat Enterprise Red Hat Desktop Rev Dt: 15-Oct-08 Ver: 1 Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 . it is the ultimate solution for large departmental and datacenter server deployments. Supporting the largest servers. libraries. Enterprise Linux WS is also ideally suited for use as a compute node in a High Performance Computing (HPC) environment.

CRM.3 Red Hat Enterprise Linux system configuration limits The following table lists some Red Hat Enterprise Linux 3 supported system and software limits. instant messaging.com info@wilshiresfot. and AMD64 systems Supports Itanium systems Supports IBM zSeries. file. software development Yes Yes Includes desktop applications Supported by leading ISV applications Certified on leading OEM hardware Includes dedicated server packages Web and phonebased comprehensive support 24x7 .1 year Red Hat Network Supports X86 systems (Intel Pentium Pro. Red Hat Enterprise Linux WS and ES support up to 2 physical CPUs (4 Hyperthreaded) CPUs per system Rev Dt: 15-Oct-08 Ver: 1 www. AMD K6 (i586) is not supported. document processing. Red Hat Enterprise Linux ES supports up to 8GB 16 physical CPUs or 8 Hyperthreaded CPUs. These minimum and maximum system configuration limits identify the technical capabilities of the Red Hat Enterprise Linux technology. power user Personal productivity: mail. Note: Following chart doesn’t apply to Red Hat Enterprise Linux WS and Desktop Minimum X86 Memory: CPUs: 256MB 1 (300MHz. POWER series. AMD Athlon.1. ERP. and S/390 series systems Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes No No Yes No No Yes Yes Yes Yes Yes Yes Yes No Yes No No No 2. i686) Maximum 64GB 16 Comments Maximum varies with chosen kernel. virtualization.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 .wilshiresoft. and print configurations Linux WS Technical. trading. applications Linux ES Small-medium web. This table will be updated as additional qualification and testing is completed. Intel EM64T.Linux Administration . or compatible). browsing.Distribution Comparision Page 6 of 167 product: Common usages Linux AS Databases.

org is a completely non-commercial project. Linux Journal has recently awarded SuSE Linux 7. Sparse files can be up to 4TB File system size 2. In January of 2004. Mandrake saw this as an opportunity to integrate the best graphical desktop environments and contribute its own graphical configuration utilities and quickly became famous for setting the standard in ease-of-use and functionality.4 Debian GNU/Linux Debian GNU/Linux www. distribute. is a publicly traded company in France. The documentation. modify and improve the system as long as the results of these modifications are returned to the community. especially in Germany and other European countries. The distribution has achieved a dominant market share in German speaking and some Eastern European countries. Thousands of new users are discovering Linux each and every day and finding it a complete replacement for their previous operating system. perhaps the purest form of the ideals that started the free software movement. thorough and usable by far. relying on packaged software for the vast majority of their user base. having been forced to close down their offices in the USA and reduce staff . Linux was already well-known as a powerful and stable operating system that demanded strong technical knowledge and extensive use of the "command line". Suse Linux Professional 9.com info@wilshiresfot. This license provides everyone the right to copy. 2. SuSE has been suffering from lack of profitability. Novell acquired Suse.Linux Administration . and was the first "real" commercial Linux vendor to appear. called Yast. has repeatedly been labeled as the most complete. The GPL license (General Public License) governs the development and redistribution of Mandrake Linux. SuSE's development takes place completely behind closed doors and no public betas are provided for testing. SuSE www. Linux as a server or workstation has no reason to be jealous of any other more established operating systems. More recently Mandrakesoft has just gotten out of bankruptcy and looks to continue to be a very strong Linux Distribution contender Mandrake Linux was created with the goal of making Linux easier to use for everyone. It is this development model that allows Mandrakelinux Linux to collect the best ideas from developers & users from across the globe to result in a rich variety of techniques and solutions. The company that releases Mandrake Linux.3 SuSE Linux Suse Linux was started in 1992. Even so. The release cycle is more frequent (SuSE released three versions in 2001) and they have a policy of not making the software available for download long after the boxed versions are in stores.wilshiresoft. At that time.debian. which comes with the boxed product. SuSE does not provide ISO images of their distribution. However. and another Linux company.Distribution Comparision Page 7 of 167 Itanium2 * Memory: CPUs: 512MB 1 512MB 1 800MB 96GB 8 16GB 4 1TB 96Gb applies to HP Integrity systems. Hundreds of volunteer developers from all over the world contribute to the project. which was released in May 2004. Ximian. With this innovative approach. developed by SuSE's own developers.due to high cost of development in Germany.3 the "Product of the Year" title. The distribution has received positive reviews for its installer and configuration tools. assuring a quality distribution known as Debian. examine. Also. Maxmimum memory for Intel Tiger-based systems is 32GB Red Hat Enterprise Linux WS for Itanium supports up to 2 CPUs per system AMD64 Memory: CPUs: Red Hat Enterprise Linux WS for AMD64 supports up to 2 CPUs per system Quoted minimum is for a custom installation. Mandrake offers all the power and stability of Linux to both individuals and professional users in an easy-to-use and pleasant environment. Mandrake Linux Mandrake Linux was first started in 1998 as a custom built Redhat Linux distribution.suse.2.1.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . is the first release since Novell acquired Suse Linux. Mandrakesoft. 2. not very different from Mandrake in this respect. Suse is a very strong Linux Distributor. www. which is well managed and strict.com is another company with the desktop focus.

Note: Linux is actually only the kernel of a complete system. 2. branding the distribution as easy-to-install and very stable.Linux Administration .very suitable for server deployment.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Slackware has a magic appeal to many users. Releases are infrequent although up-to-date packages are always available for download after the official release. which means that some excellent GTK+ based applications.as soon as Debian is up and running.5 Slackware Linux Slackware www. suitable for deployment on servers. Nevertheless. which undergoes rigorous testing lasting many months. suitable for heavy development work. then later developed with the coordination of the Free Software Foundation. Many Debian users joke that their installer is so bad. The whole name idea is to get the point of freedom across when you discuss the operating system. If it passes. Perhaps the best characteristic of this distribution I have heard is this: If you need help with your Linux box. Where other distributions tried hard to develop easy-to-use front ends for many common utilities.com is one of the oldest distributions around and it is very popular among experienced Linux users. find a Slackware user. This branch is only declared stable after a very thorough testing. it is placed in the unstable branch for first testing.wilshiresoft.1 is still available for non-commercial use as a free download.com has been through bad times in the last few months. Top 6 Distributions This is difficult to determine. number of sites that link to each distribution's homepage).7. all future updates of any scale can be accomplished via the apt-get utility. "testing" and "unstable". the popular www. It is extremely stable and secure .com info@wilshiresfot. Slackware is not recommended to novice users. Debian's other main claim to fame is the reputation for being hard to install. The GNU stands for GNU's Not Unix (a recursive acronym) and is the system first started by Richard Stallman.. albeit not the most up-to-date. and using the 'link:' feature of Google. and lack of strict 'per-seat' licensing. 2.. Compensating this failing is "apt-get". surrounded in enormous controversy. Because of this.6 Caldera OpenLinux Caldera www. a convenient installer for Debian packages. Slackware is a fine distribution for those who are interested in deeper knowledge of Linux internals. Caldera OpenLinux 3. the package moves to the testing branch. They have released a version of OpenLinux in July 2001. However. It lacks the Gnome desktop environment and associated libraries. the distribution is possibly the most stable and reliable. with 'interest counts' (based on page requests for each of the distributions). there are three branches in the main directory tree . As a result of this. unless the user has intimate knowledge about the computer's hardware. determined the number of in-pointing links to each distribution's web site (i. This helped to validate the findings of Distrowatch."stable". because they only need it once . It offers no bells and whistles. Many contributors like to call a complete Linux system a GNU/Linux system. Take it from a person who has tried many distributions . requiring users to purchase a separate license for every workstation or server installed. 2. are not available. This unprecedented move drew lots of criticism and prompted many users to switch to another distribution. Slackware offers no hand-holding and everything is still done through configuration files. We also took the 20 most popular distributions according to Distrowatch. When a new version of a package appears. you will stare in absolute disbelief at the painless and convenient process of installing and upgrading your Debian packages.slackware.com site lists features of 90 major Linux distributions.Distribution Comparision Page 8 of 167 At any time during the development process.distrowatch. You might even think that you have just entered paradise. He is more likely to fix the problem than a user familiar with any other distribution. Experienced Linux administrators find that the distribution is less buggy as it uses most packages in their pristine forms and without too many in-house enhancement which have a potential to introduce new bugs. The results were as follows: www. suffering from severe drops in share prices and being forced to reduce staff. since Linux distributions are often unable to determine their own sales figures due to the multiple installation models. sticking with a text-based installer and no graphical configuration tools. The company has introduced "per-seat licensing" for business users.caldera.e. The reviews have been positive. the last of which is often referred to as "sid". such as Galeon or Gnumeric.once you have experienced the dependency headaches while installing software on any RPM-based distribution.

based in Germany.7. The feel of this process gives a good clue to what the distribution things of their target market. 2.wilshiresoft. Some suspicions in the community that Debian is becoming less popular. we merely list the qualities of each distribution.7. License fee. If parts are non-open source. varies widely. expenses paid by donations. what is the fee. a collection of developers. and how easy to do. No indications of any likely merger activity. Another non-commercial distribution. If a license fee is required or recommended for the distribution. Different distributions have widely differing target markets – the Linux world is extremely diverse. Whether this is free.Linux Administration . 'bad' rating. some require the skills of a system administrator. there will always be a migration path – if the company producing a excellent product goes under. Some changes in that they are merging some development to become part of UnitedLinux. could give The installation process is the first thing the end-user will normally see. Criterion Organization structure / description of company structure etc.com .1 Evaluation Criteria and Description Evaluation of these distributions according to the following categories. is it graphically based? Is the entire distribution itself open source? Reason Funding in the Open Source world is especially difficult following 'dot-com' collapse. Many mergers.com info@wilshiresfot. For totally open source distributions. some distributions and companies have closed. Some are graphical and need only a few mouse clicks. while possibly helping the market in the long-run. Any insistence of 'per seat' licensing? Target market of distribution Support for adding bug fixes and extra hardware support. and what are the benefits. few developers outside the company itself (if corporate) would be willing to fix / enhance. Per seat licensing means that the vendor of the distribution tries to insist on a payment for every seat using that distribution (similar to the current Microsoft licensing model). Users need the ability to upgrade for security fixes and new hardware. Any recent or intended major changes. We do not give a 'good'. Not a for-profit company. someone else will take up that product. based in France. Some minor reports of financial problems. reasonable levels of sales growth. Commercial company. centered around a few dedicated individuals.2 Organizational Structure Mandrake A large public company. Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 Redhat Debian SuSE Slackware www. Over $US100M in the bank. Mergers. Ease of installation process. most secure of all Linux distributions. A large US based limited company.Distribution Comparision Page 9 of 167 Distribution Mandrake Redhat Debian SuSE Slackware Caldera/SCO Rank from Distrowatch 1 2 3 4 5 6 Rank from Google 3 2 1 6 5 4 Combined Ranking =1 =1 =1 =4 =4 5 2. with a variety of other contributors.

Committed to keeping everything open source: Everything except 'YAST'. Now part of UnitedLinux : see Caldera.Distribution Comparision Page 10 of 167 Caldera/SCO Relatively large public US based company.7. Many in the industry believe Caldera treads a fine line on the edge of breaking the spirit of the GPL licensing agreement. 2.com info@wilshiresfot. Cost-free (donations suggested). a fact that is quite unpopular with the Linux community. Some open source community concerns that binaries under UnitedLinux binaries may not be freely distributable. said to have steep learning curve.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .5 Per Seat Licensing Distribution Mandrake Redhat Debian SuSE Comments Possible to get security updates. Same as Mandrake. Graphical installer. Slackware Caldera/SCO www.4 Commitment to Open Source Distribution Mandrake Redhat Debian SuSE Slackware Caldera/SCO Comments Yes. Easy to use.7.7. online support etc without per-seat license.3 Ease of Installation Process Distribution Mandrake Redhat Debian SuSE Slackware Caldera/SCO Comments Very well respected installer. they are committed to open source and donate time to popular applications. UnitedLinux keen to play down any concerns they are not fully open source. Text based installer. May 2003 update : Caldera/SCO now neither distribute nor support Linux 2. Text based. Per seat. but text based. easy to use. Everything is open source. No per seat licensing requirement. but SuSE keen to deny reports that their entire product could change to per-seat licensing now that they are part of UnitedLinux. involved in Linux as well as other nonLinux software. Maintenance utility requires a per seat license. only sources will be. easy to use. This has caused some controversy. questions are mainly non-technically worded. graphical. Graphical.wilshiresoft. the system setup tool. 2. lots of options. Cost-free. License just makes support faster.Linux Administration . Some changes in that they are merging some development to become part of UnitedLinux.

7 Software Upgrades / Support Distribution Mandrake Redhat Debian SuSE Slackware Caldera/SCO Comments Even non-registered users have access to security upgrades. check out some of the smaller distributions. The cheapest 'workstation' product targets software developers not 'normal' users. There are business models everywhere between ‘it’s all free. Automatic update facility (this is the non-GPL part of SuSE).Distribution Comparision Page 11 of 167 2. Cost-free (donations suggested).wilshiresoft. There are distributions made to look like Windows. 2. $US99 per user.6 Target Market Distribution Mandrake Redhat Debian SuSE Slackware Caldera/SCO Comments Said to be one of the easier to use Linux distributions for desktop users. default KDE (desktop) requires some relearning for previous Windows users.7. Same as Debian.com info@wilshiresfot. dedicated site. but installation method is text-only. Debian is said to be hard to learn.7. Conclusion The Linux world has surprising variety. however.distrowatch. more suited for experienced Linux users. Take a look at www.Linux Administration . www. Quite similar to Mandrake – easy. and everything in between. but now they are also promoting the desktop market. 2. $US40 or US$80 (some users say $US40 product does not have some commonly required features). distributions that only a system administrator could install.7. Traditionally Redhat concentrated on the server market. $ US 1499 (for Standard Edn) and $ US 2499 (Premium Edn) $ US 400 (for Standard Edn) and $ US 500 (Premium Edn) Cost-free (donations suggested).8 License Fee Distribution Mandrake Redhat Desktop and WS RH Enterprise: AS RH Enterprise: ES Debian SuSE Slackware Caldera/SCO Comments $US25 . and you'll find an even more diverse world. Software support is okay. No automated update. please donated' And that's just the top 6 distributions.com. $US40. Automatic update facility. Same comments about KDE as for Mandrake. users are expected to manually select their own updates from a website.if you want support. but not optimized to be like Windows.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Automatic update agent.

you need to know what the purpose of the machine will be.0GB to install all packages including the GNOME and KDE desktop environments.7GB of free space. including a graphical desktop environment. and at least 5. Linux Installation 3.com/hcl/ Before you begin a Red Hat Linux installation. at least 1.1 Hardware Requirements The following information represents the minimum hardware requirements necessary to successfully install Red Hat Linux 9: .com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . For more information about hardware compatibility. Memory: Minimum for text-mode: 64MB Minimum for graphical: 128MB Recommended for graphical: 192MB Note that the compatibility/availability of other hardware components (such as video and network cards) may be required for specific installation modes and/or post-installation usage. the computer has to be able to recognize the hardware it will be using.1GB of free space. You should know the make and model number for each of the following pieces of hardware. The installation process will ask you about your hardware.redhat.Recommended for text-mode: 200 MHz Pentium-class or better . Server A server installation requires 850MB for a minimal installation without X (the graphical environment).com info@wilshiresfot. Choosing both the GNOME and KDE desktop environments requires at least 1. 3. Will it be a development workstation? An FTP? A Web server? Or will it be a database server? Each of these examples requires a different configuration. including a graphical desktop environment and software development tools.0GB of free space if every package is selected. so have this data ready before you start.Linux Administration – Installation Page 12 of 167 3. if you have them: SCSI controllers Network interface cards (NIC) Video cards Sound cards Packages to Be Installed www. requires at least 1. requires at least 2. see the Red Hat Linux Hardware Compatibility List at http://hardware.2 Planning the Installation Before any software can be installed. Workstation A workstation installation.8GB of free disk space. Custom A Custom installation requires 475MB for a minimal installation and at least 5.5GB of free space if all package groups other than X are installed.Recommended for graphical: 400 MHz Pentium II or better Hard Disk Space (NOTE: Additional space will be required for user data): Personal Desktop A personal desktop installation.Minimum: Pentium-class . Choosing both the GNOME and KDE desktop environments requires at least 2.wilshiresoft.2GB of free disk space.

3.com info@wilshiresfot. Red Hat Linux runs two filesystems: a Linux native filesystem. Another advantage is that if a bad spot develops on the hard drive. Second. and /home as well as separate partitions for corporate data. there is no easy way to resize Linux partitions. Your boss might not appreciate the office network being used to serve personal Web pages from each employee's installation of an Apache Web server.wilshiresoft. For example. Therefore. and user files isolated from each other. For example. only 100MB might be used. then your filesystem could look something like the following: Filesystem /dev/sda1 /dev/sda5 /dev/sda6 /dev/sda7 /dev/sda8 Size (MB) 400 2000 300 60 1000 Mounted on / /var /usr Swap space /home Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 www. is improved.Linux Administration – Installation Page 13 of 167 Red Hat Linux comes conveniently bundled with an array of pre-configured software packages. or where disk space is scarce. Multiple partitions give you the ability to mount some filesystems as read-only. database services. You may even want to create a separate partition just to accommodate /var/spool/mail. Therefore. Stability and Security The Linux native filesystem is usually divided among many hard drive partitions. if you want to install Red Hat Linux and another operating system on the same computer. This is a good idea for various reasons. you will not need to install all of these packages.com . That makes 200MB of wasted disk space. Partitioning the Drive It is recommended that you make several partitions when preparing your hard drive to install Linux. As of RH 7. For single-user systems. and a Linux swap space. While there are many incentives to partitioning your disk space. These may add additional disk space requirements for /var. Example: File Server If the Linux system you are installing is to be a file server. both the web and ftp document roots have been added to /var. mounting that partition as read-only will help protect those files from being tampered with.x. If other packages are required later. /var. First. This aids in protecting the file space that the Linux kernel and the rest of your applications use. Also. Currently. Files cannot grow across partitions. Stability is improved. such as a newsgroup server. if there is no reason for any user (even root) to write to the /usr directory. every computer on your network doesn't need to run the innd network news service. will not be able to use up all of the disk space needed by the Linux kernel. a lot of careful consideration should be put into whether you want to partition your disk space. also. they can be installed easily enough with the rpm tool. application. and for security reasons (or office policy) it is a good idea not to. /tmp. if the /var directory is on its own partition of 300MB. For example. it will be easier to restore a single partition than the entire system. you will have to create separate partitions for each. Security. The recommended configuration is a separate partition for each of these directories: /. an application that uses huge amounts of disk space. Most likely. and how to do it. a simpler filesystem layout would be called for. /usr.3 How Much Space Is Required? You should size your Linux partitions according to your needs and the function of the computer. Limit the packages you install to only the ones you need. a mail server will require more space for the /var directory because the mail spool resides in /var/spool/mail. it might not be desirable for you. and even the Web and FTP sites if they are expected to be large. Partitioning the hard drive in this manner keeps system.

There is now a single boot diskette image file (bootdisk. the name is sda for the first disk on the first controller. To use this test. and so on.img . depending on how they were created. limits access to hard disks beyond their 1024 cylinder. This 4GB can be spread over a maximum of eight partitions. BIOS Limits Be aware that some computers. Under this rule./dev/hda16 for the second drive. swap space should be two to three times the amount of RAM. may have a BIOS (Basic Input/Output System) that. s is for SCSI). and so one For SCSI drives.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The second controller would have sdb{1-15} for the first disk.img) that is used to boot all systems requiring a boot diskette. /dev/hda3. do not place any bootable partitions after this barrier or the BIOS will not be able to access them and your Linux operating system will not be able to load. 2. the third letter is for the sequential disk controller starting with “a. In RH 7. and NFS ISO installation methods.x. type linux mediacheck at the boot: prompt. you will be asked to insert a driver diskette created from one of the following image files: . Red Hat recommends that you test all installation media before starting the installation process. The partitions are /dev/sda1.Linux Administration – Installation Page 14 of 167 /dev/sda9 3000 /home/shared Linux Swap Space Normally.com info@wilshiresfot. The first letter identifies the controller type (h is for IDE/EIDE. . /dev/hda2.4 Partitioning Naming Conventions UNIX is notorious for creating weird file names for hardware.. but you can make an estimate based on the typical UNIX rule of thumb. /dev/sda15 (only 15 maximum partitions with SCSI. A common effect of this problem is your computer's inability to see any partitions past the first 512MB of disk space at boot time. whereas IDE can have 16). DVD./dev/hda16 for the first IDE drive. then sdba{1-15} for the second disk on the second controller. built before 1998. you should be aware of the following change. the partitions would be /dev/hda1.img .. and no one standard has been used by all the UNIX versions. 3. There is no authoritative formula for deciding how much swap space should be made. they may not be sequential. then hdc and hdd.drvblock. Linux. then /dev/hdb1.. The second disk on the same SCSI controller would be sdaa {1. Red Hat Linux 9 uses a different boot diskette layout than previous releases of Red Hat Linux.. then a number. If this limitation affects your computer.5 Install Options The Red Hat Linux installation program has the ability to test the integrity of the installation media. The partitions are numbered starting from 1. 15}.For PCMCIA installations As with previous releases of Red Hat Linux. some hardware configurations require the use of a boot diskette.For network installations . meanwhile.For SCSI installations . If your hardware requires a boot diskette. Disk space is very cheap compared to RAM. and before reporting any installation-related bugs (many of the bugs reported are actually due to improperly-burned CDs). these image files can be found in the images directory on the first installation CD.img . The second letter is d for disk. the next would be hdb. It works with the CD. If you are performing anything other than an installation from an IDE or USB device.” This means the first IDE drive would be hda.. /dev/sda2. 3. Note that each swap partition is restricted to a maximum of 2GB.wilshiresoft. and so on. hard drive ISO. there are 2048 configured SCSI devices. The number of disks and partitions already configured depends on the version and distribution of Linux.drvnet. but due to the DOS world. at bootup (under DOS). While most present-day computers are able to start the installation process by booting directly from the first Red Hat Linux distribution CD. www.pcmciadd. Linux can use a maximum 4GB of swap space.. has been using a simple standard for disk drives: disk device names have three letters.

You will also have the option of performing a complete reinstallation of the system instead of upgrading.Linux Administration – Installation Page 15 of 167 Also in the images/ directory is the boot. your computer must be able to boot from its CD-ROM drive.2 that want to upgrade their system to Red Hat Linux 9 must first have all errata updates applied before starting the upgrade process. Kermit '95 works well.2 system that is not completely up-to-date will not upgrade successfully to Red Hat Linux 9. Non-UTF-8 capable terminals will work as long as only English is used during installation.iso file. Text mode installations using a serial terminal work best when the terminal supports UTF-8. Commands needed for SCSI tape support are also available. You must then burn boot.com info@wilshiresfot. your Red Hat Linux installation may not be found when attempting an upgrade to Red Hat Linux 9. Please test this environment and send us your feedback. and there is now support for activating network interfaces. You can relax some of the checks against this file by entering the following at the boot: prompt: boot: linux upgradeany Use the upgradeany option only if your existing Red Hat Linux installation was not detected. The Red Hat Linux installation program now detects existing Red Hat products on your system. These are stored in the following directory: /root/anaconda-screenshots/ The screenshots can be accessed once the newly-installed system is rebooted. For example: boot:linux console=ttyS0 utf8 www. and will prompt you to select the product you would like to upgrade.6. A Red Hat Linux 6.iso onto a recordable/rewriteable CD-ROM. This file is an ISO image that can be used to boot the Red Hat Linux installation program. Users of Red Hat Linux 6. isolinux is now used for booting the Red Hat Linux installation CD. The most straightforward way to accomplish this is to use Red Hat Network. you can write the images/bootdisk.iso. For Windows. It is a handy way to start network-based installations without having to use multiple diskettes. If the contents of your /etc/redhat-release file have been changed from the default.img image to a diskette During a graphical installation. and its BIOS settings must be configured to do so. Please report any problems you may experience with this new feature.wilshiresoft. Under UNIX and Linux. If you have problems booting from the CD. The parted disk partition manipulation program has been upgraded to version 1. you can now press SHIFT-Print Screen and a screenshot of the current installation screen will be taken. Numerous requested utilities have been added. To use boot. Kermit supports UTF-8. An enhanced serial display can be used by passing "utf8" as a boot-time option to the installation program. The rescue mode environment (accessed by booting with the "linux rescue" boot-time command) has been enhanced.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .

it loads it into memory and transfers control of the machine to that operating system.5 or Stage 2 boot loader. many non-x86 architectures have employed pre-OS environments that allow system booting www. Under this method. It also allows the user to pass arguments to the kernel. destroying any existing boot loader. There is no intermediary between the boot loader and the kernel. 4. GRUB and the x86 Boot Process This section discusses in more detail the specific role GRUB plays when booting an x86 system. pre-OS environment on x86 machines.Boot Loaders Page 16 of 167 4.Linux Administration . The Stage 1. it must be loaded into memory by a special program called a boot loader. Some hardware requires an intermediate step to get to the Stage 2 boot loader. If creating a dual-boot system.1 Features of GRUB GRUB contains a number of features that make it preferable to other boot loaders available for the x86 architecture. it is best to install the Microsoft operating system first. as well as various other proprietary operating systems. The boot process used by other operating systems may differ. For example. the Alpha architecture uses the aboot boot loader. the Microsoft's DOS and Windows installation program completely overwrites the MBR. For years.1 Boot Loaders and System Architecture Each architecture capable of running Red Hat Linux uses a different boot loader. There it finds the files necessary to actually boot that operating system. The Stage 1. such as available RAM.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . while the Itanium architecture uses the ELILO boot loader. The Stage 2 or secondary boot loader is read into memory.wilshiresoft. Microsoft's DOS and Windows operating systems.1. The secondary boot loader displays the GRUB menu and command environment. GRUB GNU Grand Unified Boot loader or GRUB is a program which enables the user to select which installed operating system or kernel to load at system boot time. GRUB loads itself into memory in the following stages: The Stage 1 or primary boot loader is read into memory by the BIOS from the MBR. The secondary boot loader reads the operating system or kernel and initrd into memory.5 boot loader is found either on the /boot partition or on a small part of the MBR and the /boot partition. Warning: During installation. are loaded using a chain loading boot method.5 boot loader is read into memory by the Stage 1 boot loader. This is sometimes true when the /boot partition is above the 1024 cylinder head of the hard drive or when using LBA mode. The boot method used to boot Red Hat Linux is called the direct loading method because the boot loader loads the operating system directly. pass arguments to the kernel. allowing it to boot almost any operating system. if necessary.com info@wilshiresfot. For example. For an look at the overall boot process. Below is a partial list of some of the more important features: GRUB provides a true command-based. The primary boot loader exists on less than 512 bytes of disk space within the MBR and is capable of loading either the Stage 1. This interface allows you to select which operating system or Linux kernel to boot. This affords the user maximum flexibility in loading operating systems with certain options or gathering information about the system. GRUB supports both direct and chainloading boot methods. or look at system parameters. A boot loader usually exists on the system's primary hard drive (or other media device) and has the sole responsibility of loading the Linux kernel with its required files or (in some cases) other operating systems into memory. Once GRUB determines which operating system to start. 4. Boot Loaders Before Red Hat Linux can run. the MBR points to the first sector of the partition holding the operating system.

every time the system boots. The first partition on that drive is called (hd0. GRUB is more feature rich. Most modern BIOS revisions support LBA mode. www. Like the <bios-device-number>. <partition-number>) The parentheses and comma are very important to the device naming conventions. and so on. the naming convention for file systems when using GRUB breaks down in this way: (<type-of-device><bios-device-number>. Once the GRUB package is installed. Before LBA. While some command features are available with LILO and other x86 boot loaders.wilshiresoft. The following command installs GRUB to the MBR of the master IDE device on the primary IDE bus: /sbin/grub-install /dev/had The next time the system boots. not 1. where the BIOS could not find a file after that cylinder head of the disk.conf. The <bios-device-number> is the number of the device according to the system's BIOS. boot loaders could encounter the 1024-cylinder BIOS limitation. Failing to make this distinction is one of the most common mistakes made by new GRUB users. The only time a user would need to reinstall GRUB on the MBR is if the physical location of the /boot partition is moved on the disk. The <partition-number> relates to the number of a specific partition on a disk device. open a root shell prompt and run the command /sbin/grubinstall location>. Once installed.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . it automatically becomes the default boot loader. starting with 0.0). they are signified by letters. see the chapter titled Package Management with RPM in the Red Hat Linux Customization Guide. GRUB can read ext2 partitions. In general. if a system uses BSD partitions. the GRUB graphical boot loader menu will appear before the kernel loads into memory.Boot Loaders Page 17 of 167 from a command line. LBA places the addressing conversion used to find files in the hard drive's firmware. while the secondary IDE hard drive is numbered 1. The <type-of-device> refers to whether a hard disk (hd) or floppy disk (fd) is being specified. All hard drives start with hd.com info@wilshiresfot. where the a in hda relates to 0. This information is particularly important when configuring GRUB to boot multiple operating systems. so long as the system BIOS supports LBA mode. For instructions on installing packages. LBA support allows GRUB to boot operating systems from partitions beyond the 1024-cylinder limit. < GRUB Terminology One of the most important things to understand before using GRUB is how the program refers to devices. Important: GRUB supports Logical Block Addressing (LBA) mode. Device Names Suppose a system has more than one hard drive. The primary IDE hard drive is numbered 0. Installing GRUB If GRUB was not installed during the Red Hat Linux installation process it can be installed afterward. the partition numbering starts at 0. Note: GRUB's numbering system for devices starts with 0. GRUB uses the following rules when naming devices and partitions: It does not matter if system hard drives are IDE or SCSI.4). such as a or c. eliminating the need for the user to write a new version of the first stage boot loader to MBR when configuration changes are made. While most partitions are specified by numbers. Before installing GRUB. The ordering is roughly equivalent to the way the Linux kernel arranges the devices by letters. the b in hdb relates to 1. such as hard drives and partitions. The first hard drive of the system is called (hd0) by GRUB. and the fifth partition on the second hard drive is called (hd1. /boot/grub/grub.Linux Administration . Floppy disks start with fd. and is used on many IDE and all SCSI hard devices. This functionality allows GRUB to access its configuration file. make sure to use the latest GRUB package available or use the GRUB package from the Red Hat Linux installation CD-ROMs. where < location> is the location that the GRUB Stage 1 boot loader should be installed.

99 through 124.1. GRUB uses this information to mount the device and load files from it. The GRUB root file system is the root partition for a particular device.1. (hd0) specifies the MBR on the first device and (hd3) specifies the MBR on the fourth device. The interfaces are as follows: Menu Interface www.<partition-number>) /path/to/file Most of the time. you must provide a blocklist.0)+1 The following shows the chainloader command with a similar blocklist designation at the GRUB command line after setting the correct device and partition as root: chainloader +1 4. A sample file specification to an absolute file name is organized as follows: (<type-of-device><bios-device-number>. Each of these interfaces allows users to boot the Linux kernel or other operating systems.100+25. Once the Linux kernel boots.3 GRUB's Root File System Some users are confused by the use of the term "root file system" with GRUB. The following is a sample blocklist: 0+50. but if there is a mix of devices. 4. It is important to remember that GRUB's root file system has nothing to do with the Linux root file system.2 File Names and Blocklists When typing commands to GRUB involving a file.wilshiresoft. To specify these files. With Red Hat Linux. GRUB Interfaces GRUB features three interfaces. If a system has multiple drive devices. The original GRUB root file system and its mounts are forgotten. they only existed to boot the kernel file. which provide different levels of functionality.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . plus the file name. it is necessary to include the file immediately after specifying the device and partition. such as a menu list to use when allowing the booting of multiple operating systems. It is also possible to specify files to GRUB that do not actually appear in the file system. As an example. leave off the comma and the partition number. and 199. which tells GRUB.200+1 This blocklist tells GRUB to use a file that starts at the first block on the partition and uses blocks 0 through 49. the kernel command can be executed with the location of the kernel file as an option. This is important when telling GRUB to configure the MBR for a particular disk. a user will specify files by the directory path on that partition.Linux Administration . the chain loading file in the first partition of the first hard drive would have the following name: (hd0. such as Microsoft Windows. Each file's section location is described by an offset number of blocks and then a number of blocks from that offset point. it can become confusing.Boot Loaders Page 18 of 167 To specify an entire device without respect to its partitions. This is rather simple to do if a system has only IDE or SCSI drives. block by block. where the file is located in the partition. Knowing how to write blocklists is useful when using GRUB to load operating systems that use chain loading. It is possible to leave off the offset number of blocks if starting at block 0. there is a specific way to write blocklists. it is very important to know the drive boot order set in the BIOS. such as a chain loader that appears in the first few blocks of a partition. since a file can be comprised of several different sets of blocks. For example. and the sections are put together in a comma-delimited order. it sets the root file system Linux users are familiar with. once GRUB has loaded its root partition (which equates to the /boot partition and contains the Linux kernel).com info@wilshiresfot.

Linux Administration - Boot Loaders

Page 19 of 167

If GRUB was automatically configured by the Red Hat Linux installation program, this is the interface shown by default. A menu of operating systems or kernels preconfigured with their own boot commands are displayed as a list, ordered by name. Use the arrow keys to select an option other than the default selection and press the [Enter] key to boot it. Alternatively, a timeout period is set, so that GRUB will start loading the default option. Press the [e] key to enter the entry editor interface or the [c] key to load a command line interface.

Menu Entry Editor Interface To access the menu entry editor, press the [e] key from the boot loader menu. The GRUB commands for that entry are displayed here, and users may alter these command lines before booting the operating system by adding a command line ([o] inserts a new line after the current line and [O] inserts a new line before it), editing one ([e]), or deleting one ([d]). After all changes are made, the [b] key executes the commands and boots the operating system. The [Esc] key discards any changes and reloads the standard menu interface. The [c] key loads the command line interface.

Command Line Interface The command line interface is the most basic of the GRUB interfaces, but it is also the one that grants the most control. The command line makes it possible to type any relevant GRUB commands followed by the [Enter] key to execute them. This interface features some advanced shell-like features, including [Tab] key completion, based on context, and [Ctrl] key combinations when typing commands, such as [Ctrl]-[a] to move to the beginning of a line, and [Ctrl]-[e] to move to the end of a line. In addition, the arrow, [Home], [End], and [Delete] keys work as they do in the bash shell.

Order of the Interfaces When GRUB loads its second stage boot loader, it first searches for its configuration file. Once found, it builds a menu list and displays the menu interface. If the configuration file cannot be found, or if the configuration file is unreadable, GRUB loads the command line interface, allowing the user to type commands to complete the boot process. If the configuration file is not valid, GRUB prints out the error and asks for input. This helps the user see precisely where the problem occurred. Pressing any key reloads the menu interface, where it is then possible to edit the menu option and correct the problem based on the error reported by GRUB. If the correction fails, GRUB reports an error and reloads the menu interface.

4.1.4 GRUB Commands
GRUB allows a number of useful commands in its command line interface. Some of the commands accept options after their name; these options should be separated from the command and other options on that line by space characters. The following is a list useful commands: boot - Boots the operating system or chain loader that has been previously specified and loaded. chainloader <file-name> - Loads the specified file as a chain loader. To grab the file at the first sector of the specified partition, use +1 as the file's name. displaymem - Displays the current use of memory, based on information from the BIOS. This is useful to determine how much RAM a system has prior to booting it. initrd <file-name> - Enables users to specify an initial RAM disk to use when booting. An initrd is necessary when the kernel needs certain modules in order to boot properly, such as when the root partition is formatted with the ext3 file system. install <stage-1> <install-disk> MBR. <stage-2> p <config-file> - Installs GRUB to the system

When using the install command the user must specify the following:

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

Linux Administration - Boot Loaders

Page 20 of 167

<stage-1> - Signifies a device, partition, and file where the first boot loader image can be found, such as (hd0,0)/grub/stage1. <install-disk> - Specifies the disk where the stage 1 boot loader should be installed, such as (hd0). <stage-2> -Passes to the stage 1 boot loader the location of the stage 2 boot loader is located, such as (hd0,0)/grub/stage2. p <config-file> - This option tells the install command to look for the menu configuration file specified by <config-file>. An example of a valid path to the configuration file is (hd0,0)/grub/grub.conf.

Warning: The install command will overwrite any other information in the MBR. If executed, any information (other than GRUB information) that is used to boot other operating systems, will be lost. kernel <kernel-file-name> <option-1> <option-N> - Specifies the kernel file to load from GRUB's root file system when using direct loading to boot the operating system. Options can follow the kernel command and will be passed to the kernel when it is loaded. For Red Hat Linux, an example kernel command looks like the following: kernel /vmlinuz root=/dev/hda5 This line specifies that the vmlinuz file is loaded from GRUB's root file system, such as (hd0,0). An option is also passed to the kernel specifying that when loading the root file system for the Linux kernel, it should be on hda5, the fifth partition on the first IDE hard drive. Multiple options may be placed after this option, if needed. root <device-and-partition> - Configures GRUB's root partition to be a specific device and partition, such as (hd0,0), and mounts the partition so that files can be read. rootnoverify <device-and-partition> - Performs the same functions as the root command but does not mount the partition. Commands other than these are available. Type info grub for a full list of commands.

4.1.5 GRUB Menu Configuration File
The configuration file (/boot/grub/grub.conf), which is used to create the list of operating systems to boot in GRUB's menu interface, essentially allows the user to select a pre-set group of commands to execute. Special Configuration File Commands The following commands can only be used in the GRUB menu configuration file: color <normal-color> <selected-color> - Allows specific colors to be used in the menu, where two colors are configured as the foreground and background. Use simple color names, such as red/black. For example: color red/black green/blue default <title-name> - The default entry title name that will be loaded if the menu interface times out. fallback <title-name> - If used, the entry title name to try if first attempt fails. hiddenmenu - If used, prevents the GRUB menu interface from being displayed, loading the default entry when the timeout period expires. The user can see the standard GRUB menu by pressing the [Esc] key. password <password> - If used, prevents a user who does not know the password from editing the entries for this menu option. Optionally, it is possible to specify an alternate menu configuration file after the password <password> command. In this case, GRUB will restart the second stage boot loader and use the specified alternate configuration file to build the menu. If an alternate menu configuration file is left out of the command, then a user who knows the password is allowed to edit the current configuration file. timeout - If used, sets the interval, in seconds, before GRUB loads the entry designated by the default command.
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration - Boot Loaders

Page 21 of 167

splashimage - Specifies the location of the splash screen image to be used when GRUB boots. title - Sets a title to be used with a particular group of commands used to load an operating system. The hash mark (#) character can be used at the beginning of a line to place comments in the menu configuration file.

4.1.6 Configuration File Structure
The GRUB menu interface configuration file is /boot/grub/grub.conf. The commands to set the global preferences for the menu interface are placed at the top of the file, followed by the different entries for each of the operating systems or kernels listed in the menu. The following is a very basic GRUB menu configuration file designed to boot either Red Hat Linux and Microsoft Windows 2000: default=0 timeout=10 splashimage=(hd0,0)/grub/splash.xpm.gz # section to load linux title Red Hat Linux (2.4.18-5.47) root (hd0,0) kernel /vmlinuz-2.4.18-5.47 ro root=/dev/sda2 initrd /initrd-2.4.18-5.47.img # section to load Windows 2000 title windows rootnoverify (hd0,0) chainloader +1

This file tells GRUB to build a menu with Red Hat Linux as the default operating system and sets it to autoboot after 10 seconds. Two sections are given, one for each operating system entry, with commands specific to the system disk partition table. Note: The default is specified as a number. This refers to the first title line GRUB comes across. If you want windows to be the default, change the default=0 to default=1.

4.2 LILO
LILO is an acronym for the LInux LOader and has been used to boot Linux on x86 systems for many years. Although GRUB is now the default boot loader, some users prefer to use LILO because it is more familiar to them and others use it out of necessity, since GRUB may have trouble booting some hardware.

4.2.1 LILO and the x86 Boot Process
This section discusses in detail the specific role LILO plays when booting an x86 system. For a detailed look at the overall boot process. LILO loads itself into memory almost identically to GRUB, except it is only a two stage loader. 1. The Stage 1 or primary boot loader is read into memory by the BIOS from the MBR2. The primary boot loader exists on less than 512 bytes of disk space within the MBR. It only loads the Stage 2 boot loader and passes disk geometry information to it. 2. The Stage 2 or secondary boot loader is read into memory. The secondary boot loader displays the Red Hat Linux initial screen. This screen allows you to select which operating system or Linux kernel to boot. 3. The Stage 2 boot loader reads the operating system or kernel and initrd into memory. Once LILO determines which operating system to start, it loads it into memory and hands control of the machine to that operating system. Once the Stage 2 boot loader is in memory, LILO displays the initial Red Hat Linux screen with the different operating systems or kernels it has been configured to boot. By default, if Red Hat Linux is the only operating system installed, linux will be the only available option. If the system has multiple processors there will be a linuxup option for the single processor kernel and a linux option for the multiple processor (SMP) kernel. If LILO is configured to boot other operating systems, those boot entries also appear on this screen.

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

2. In normal use.conf file looks like this: boot=/dev/hda map=/boot/map install=/boot/boot. it will default to its command line interface where the user can boot the system manually. if you do remove it. this should not be altered.6.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . map=/boot/map . The first point means the command prompt for LILO is not interactive and only allows one command with arguments. This is measured in tenths of a second.Linux Administration .2 LILO versus GRUB In general. The last two points mean that if you change LILO's configuration file or install a new kernel. www.0-0.6 label=linux initrd=/boot/initrd-2.43. you can still access a prompt by holding down the [Shift] key while your machine starts to boot. timeout=50 .Instructs LILO to show you whatever is referenced in the message line.com info@wilshiresfot.Locates the map file. with 50 as the default. The /sbin/lilo commands use this file to determine what information to write to the MBR.4. LILO will assume a default of /boot/boot. LILO works similarly to GRUB except for three major differences: It has no interactive command interface.conf. if the configuration file is erroneously configured. you must rewrite the Stage 1 LILO boot loader to the MBR by using the following command: /sbin/lilo -v -v This method is more risky than the method used by GRUB because a misconfigured MBR leaves the system unbootable. this should not be modified.wilshiresoft. press [Ctrl]-[X].43. If the install line is missing.b prompt timeout=50 message=/boot/message lba32 default=linux image=/boot/vmlinuz-2.Sets the amount of time that LILO will wait for user input before proceeding with booting the default line entry.Instructs LILO to install the specified file as the new boot sector. A sample /etc/lilo. Next is a more detailed look at the lines of this file: boot=/dev/had-Instructs LILO to install itself on the first hard disk of the first IDE controller.conf The LILO configuration file is /etc/lilo.4. In normal use. While it is not recommended that you remove the prompt line.b as the file to be used. To access a boot: prompt.Boot Loaders Page 22 of 167 The arrow keys allow a user to highlight the desired operating system and the [Enter] key begins the boot process. install=/boot/boot . It cannot read ext2 partitions.img read-only root=/dev/hda5 other=/dev/hda1 label=dos This example shows a system configured to boot two operating systems: Red Hat Linux and DOS. prompt . With GRUB.0-0. The /etc/lilo.conf file is used by the /sbin/lilo command to determine which operating system or kernel to load and where it should be installed. Options in /etc/lilo. It stores information about the location of the kernel or other operating system it is to load on the MBR. 4.

or any other device needed to load the kernel.6 .Linux Administration . The name linux refers to the label line below in each of the boot options. You should never try to share initial ram disks between machines. image=/boot/vmlinuz-2.com info@wilshiresfot.Names the operating system option in the LILO screen.0-0. you could put your system in an unbootable state.43. The initial ram disk is a collection of machine-specific drivers necessary to operate a SCSI card. lba32 .Refers to the default operating system for LILO to boot as seen in the options listed below this line.Refers to the initial ram disk image that is used at boot time to actually initialize and start the devices that makes booting the kernel possible.Specifies which Linux kernel to boot with this particular boot option. Another common entry here is linear.43. In this case. label=linux . www. it is also the name referred to by the default line.Specifies which disk partition to use as the root partition. other=/dev/hda1.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .0-0.Refers to the screen that LILO displays to let you select the operating system or kernel to boot.4. root=/dev/hda5 . initrd=/boot/initrd-2. You should not change this line unless you are very aware of what you are doing.4.Specifies that the root partition (see the root line below) is read-only and cannot be altered during the boot process.6. default=linux . Otherwise. hard drive. read-only .wilshiresoft.Specifies the partition containing DOS.Describes the hard disk geometry to LILO.img .Boot Loaders Page 23 of 167 message=/boot/message .

Hat Linux. 5. then. Users are free to configure many aspects of the boot process. the processor looks at the end of system memory for the Basic Input/Output System or BIOS program and runs it. Linux Boot Process An important and powerful aspect of Red Hat Linux is the open.1. the default boot process is identical across all architectures. A Detailed Look at the Boot Process The beginning of the boot process varies depending on the hardware platform being used. Understanding how the boot and shutdown processes work not only allows customization of Red also makes it easier to troubleshoot problems related to starting or shutting down the system. looks to the system's hard drives. 4. The /sbin/init program loads all services and user-space tools. Similarly. it yields control of the boot process to it. called a boot loader. 5.Linux Boot Process Page 24 of 167 5. permanent memory and is always available for use. Because configuration of the boot process is more common than the customization of the shutdown process. Usually. The BIOS controls not only the first step of the boot process. system shutdown gracefully terminates processes in an organized and configurable way. including specifying the programs launched at boot-time. Once the BIOS finds and loads the boot loader program into memory. once the kernel is found and loaded by the boot loader. The system BIOS checks the system and launches the first stage boot loader on the MBR of the primary hard disk. but 5. but also provides the lowest level interface to peripheral devices. 6. and mounts all partitions listed in /etc/fstab. the BIOS tests the system. The BIOS then loads into memory whatever program is residing in the first sector of this device. The kernel transfers control of the boot process to the /sbin/init program.wilshiresoft. 3. it checks any diskette drives and CD-ROM drives present for bootable media. The first stage boot loader loads itself into memory and launches the second stage boot loader from the /boot/ partition. The user is presented with a login prompt for the freshly booted Linux system.1 Linux Run levels Mode/Run Level www. The Boot Process Below are the basic stages of the boot process for an x86 system: 1. 2. For instance. For this reason it is written into read-only. 7.com Directory Run Level Description Rev Dt: 15-Oct-08 Ver: 1 Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 . while Alpha systems use the SRM console. and it looks on the master IDE device on the primary IDE bus.1 Init. although customization of this process is rarely required. and Shutdown order of the drives searched while booting is controlled with a setting in BIOS. The BIOS When an x86 computer is booted. Itanium-based computers use the Extensible Firmware Interface (EFI) Shell. looks for and checks peripherals. user-configurable method it uses for starting the operating system. The second stage boot loader loads the kernel into memory. However. along with the partition table.com info@wilshiresfot. The MBR is only 512 bytes in size and contains machine code instructions for booting the machine.Linux Administration . which in turn loads any necessary modules and mounts the root partition read-only. and then locates a valid device with which to boot the system. Other platforms use different programs to perform low-level tasks roughly equivalent to those of the BIOS on an x86 system. failing that. Once loaded. called the Master Boot Record or MBR.

and Red Hat Linux (kernel-version).wilshiresoft. which is for single processors. The boot loader then places the appropriate initial RAM disk image.d /etc/rc. This is particularly important if SCSI hard drives are present or if the systems use the ext3 file system. it immediately initializes and configures the computer's memory and configures the various hardware attached to the system. which is the SMP kernel.d/rc0.d/rc0. Next. I/O subsystems. Note: If Symmetric Multi-Processor (SMP) kernel support is installed. and frees any unused memory. called an initrd. The kernel then creates a root device.Once the kernel and the initrd image are loaded into memory.d /etc/rc. the kernel is loaded into memory and operational. try selecting the non-SMP kernel upon rebooting. it locates the corresponding kernel binary in the /boot/ directory. The kernel to load drivers necessary to boot the system uses the initrd. such as LVM or software RAID before unmounting the initrd disk image and freeing up all the memory the disk image once occupied. mounts the root partition read-only. the kernel executes the /sbin/init program. the Alpha architecture uses the aboot boot loader.com info@wilshiresfot.d Reboot Halt Single-user mode Not used (user-definable) Full multi-user mode (No GUI) Not used (user-definable) Full multi-user mode (With GUI) The Boot Loader Once the second stage boot loader is in memory.d/rc. decompresses it. which is for single processors. GRUB displays Red Hat Linux (kernelversion-smp).d/rc0. For example. and linux-up. since there are no user applications that allow meaningful input to the system. the same sequence of events occurs on every architecture. Here is a step-by-step rundown of the process that occurs when the script is run: www. If no key is pressed.d/rc0. and loads all necessary drivers. However. Once the second stage boot loader has determined which kernel to boot.d /etc/rc.d /etc/rc.Linux Boot Process Page 25 of 167 0 1 2 3 4 5 6 /etc/rc.sysinit This script does all of the major system setup and initialization. there will be more than one option present the first time the system is booted. Warning: Do not remove the /initrd/ directory from the file system for any reason. into memory. not much can be done with it.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . graphical screen showing the different operating systems or kernels it has been configured to boot. In order to set up the user environment. while the Itanium architecture uses the LILO boot loader. it presents the user with the Red Hat Linux initial.d /etc/rc. The kernel binary is named using the following format /boot/vmlinuz-kernel-version (where kernel-version corresponds to the kernel Version specified in the boot loader's settings). In this situation. Boot Loaders for Other Architectures Once the Red Hat Linux kernel loads and hands off the boot process to the init command. it initializes virtual devices related to the file system. At this point.Linux Administration . including all processors. which is the SMP kernel. On this screen a user can use the arrow keys to choose which operating system or kernel they wish to boot and press [Enter]. the boot loader hands control of the boot process to the kernel.2 System startup script /etc/rc.d/rc0. The Kernel When the kernel is loaded. It then looks for the compressed initrd image in a predetermined location in memory. Removing this directory will cause the system to fail with a kernel panic error message at boot time. mounts it. If any problems occur using the SMP kernel. LILO will display linux.d/rc0. the boot loader will load the default selection after a configurable period of time has passed. So the main difference between each architecture's boot processes is in the application used to find and load the kernel. 5. and storage devices.

This file sets up some basic functions that the rest of the scripts use.wilshiresoft. 21. 11.Linux Administration .” 2. 4. Checks for a /etc/sysconfig/network script. Sets the loglevel. Checks for a /etc/raidtab file and loads all raid devices. If you have specified a default keyman file in /etc/sysconfig/console/default. All modules will now be loaded.kmap it will use that. Initializes swap space.log /var/log/messages /var/log/dmesg System shutdown and rebooting The "init" command will allow you to change the current runlevel. Activates all swap partitions specified in the /etc/fstab file. 7. 20. Note that the sound and midi modules will be loaded if there is an alias listed as sound or midi in the /etc/modules. it turns networking off and sets your hostname to “localhost.Linux Boot Process Page 26 of 167 1. Sets up your hostname and your NIS domain name. 12. It will run /etc/sysconfig/clock if it exists. If it is there. Turns quota support on if /sbin/quotaon exists and is executable. If your system requires a different module. Runs fsck to check your filesystem if necessary.conf.com info@wilshiresfot. 9.d/init. Loads the system fonts. Reads the /etc/sysconfig/desktop file for a preferred X11 Display Manager and sets a link file as /etc/X11/prefdm. Finally it dumps the kernel ring buffer (Boot messages) to /var/log/dmesg. 5.) 3. otherwise it will use /etc/sysconfig/keyboard. (Example: The boot daemon failure/success messages. Halt / Shutdown The System [root@skynet tmp]# init 0 Reboot The System [root@skynet tmp]# init 6 www. 16. 19. 10. it will drop you to a shell and unmount the drives so you can work on repairing them. Sets the system clock.conf file. Sets up ISA Plug-and-Play devices.d/functions. 6.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Otherwise. Remounts the root files system as read-write. 14. the system runs it. Important Files: /var/log/boot. you may need to edit the /etc/modules. 18. Executes /etc/rc. 17. Loads SCSI tape module if a SCSI tape was detected. Initializes serial ports. 8. 15. 13. If fsck fails. Mounts the rest of the file systems listed in the fstab. Loads the keymap. Checks your file systems with fsck again. Checks quotas on the root partition.

Use this command to get a full listing of packages listed in /etc/init. tmp]# 0:off 0:off 0:off 0:off 0:off 0:off 0:off 0:off 0:off 0:off chkconfig --list 1:on 2:on 3:on 1:off 2:off 3:on 1:off 2:on 3:on 1:off 2:on 3:on 1:off 2:off 3:on 1:off 2:on 3:on 1:off 2:off 3:on 1:off 2:off 3:on 1:off 2:on 3:on 1:off 2:on 3:on 4:on 4:on 4:on 4:on 4:on 4:on 4:off 4:on 4:on 4:on 5:on 5:on 5:on 5:on 5:on 5:on 5:on 5:on 5:on 5:on 6:off 6:off 6:off 6:off 6:off 6:off 6:off 6:off 6:off 6:off Chkconfig Examples You can use chkconfig to change runlevels for particular packages.2.d/rc.Linux Administration .1 Controlling the boot time services using “chkconfig” Most RedHat packages place a startup script in the directory /etc/init.d and place symbolic links (pointers) to this script in the appropriate /etc/rc.2.Linux Boot Process Page 27 of 167 5. Let's change it so that Sendmail doesn't startup at boot. Here we see Sendmail will start with a regular startup at runlevel 3 or 5..2 The “service” command After when the system is up and running we can start/stop/restart and see the status of service using “service” command as follows: [root@skynet tmp]# service <name of the service> start/stop/restart/status www.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The typical home/SOHO user doesn't have to be a scripting / symbolic linking guru to make sure everything works right because RedHat / RedHat comes with a nifty utility called "chkconfig" to do it for you. Use Chkconfig To Get A Listing Of Sendmail's Current Startup Options [root@skynet tmp]# chkconfig --list | grep mail sendmail 0:off 1:off 2:off 3:on 4:off 5:on 6:off [root@skynet tmp]# Switch Off Sendmail Starting Up In Levels 3 and 5 [root@skynet tmp]# chkconfig --level 35 sendmail off Doublecheck That Sendmail Will Not Startup [root@skynet tmp]# chkconfig --list | grep mail sendmail 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@skynet tmp]# Turn it back on again [root@skynet tmp]# chkconfig --level 35 mail on [root@skynet tmp]# chkconfig --list | grep mail sendmail 0:off 1:off 2:off 3:on 4:off 5:on 6:off [root@skynet tmp]# Note: We can also use the command line tool “setup” to control the services at boot time and GUI tool redhatconfig-services.d and the runlevels at which they will be "on" or "off" [root@skynet keytable atd syslog gpm kudzu wlan sendmail netfs network random . 5.com info@wilshiresfot.wilshiresoft..X directory.

wilshiresoft.Linux Administration .com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Boot Process Page 28 of 167 Eg:To see the status of a service [root@skynet tmp]#service nfs status service nfs is running with pid 485…. To stop and start a service [root@skynet tmp]#service nfs restart Stoping service nfs [OK] Starting service nfs [OK] www.com info@wilshiresfot.

Linux Administration . or XFS. as Ext2. These two file systems are very closely related to each other.File System Page 29 of 167 6. Reliability and Performance Other journaling file systems follow the “metadata-only” journaling approach. which ensures both data and metadata integrity. the Extended File System. e2fsck analyzes the entire file system and not just the recently modified bits of metadata. Considering the number of existing Ext2 systems that await an upgrade to a journaling file system. But when the computer is rebooted or powered off without correctly shutting down. Ext3 does not follow a completely new design principle. data integrity). In contrast to all other “next-generation” file systems. Linux File System 6. but uses journaling only for metadata. Until recently (RedHat 7.1 and earlier). redundant enough to be reliably regenerated on error yet diskspace efficient. Ext2 www. This takes significantly longer than checking the log data of a journaling file system. Low fragmentation. the Ext2 filesystem has been the Linux default.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . consistency is achieved for metadata and data without sacrificing performance. Ext3 has three major advantages to offer: Easy and Highly Reliable Upgrades from Ext2 As Ext3 is based on the Ext2 code and shares its on-disk format as well as its metadata format. Its predecessor. which can be quite tedious (making backups of the entire file system and recreating it from scratch). Solidity Being quite an “old-timer”. Enabling Ext3 in the data=journal mode offers maximum security (i. A relatively new approach is to use the data=ordered mode. JFS. e2fsck starts to analyze the file system data. Ext2 underwent many improvements and was heavily tested.com info@wilshiresfot. Just perform a clean unmount of the Ext3 file system and remount it as an Ext2 file system. Depending on file system size. In summary. such as ReiserFS.. which allows data to be written into the main file system after its metadata has been committed to the journal. Ext2 became less important. This means your metadata will always be kept in a consistent state but the same cannot be automatically guaranteed for the file system data itself. Ext3 is run with the data=ordered default. however. was implemented in April 1992 and integrated in Linux 0. you can easily figure out why Ext3 might be of some importance to many system administrators. The Extended File System underwent a number of modifications and. Ext3 Ext3 was designed by Stephen Tweedie. a transition to Ext3 is a matter of minutes.1 Ex2 and Ext3 FIlesystem Ext2 The origins of Ext2 go back to the early days of Linux history. fast. as the recreation of an entire file system from scratch might not work flawlessly. In contrast to journaling file systems. The degree of “care” can be customized. upgrades from Ext2 to Ext3 are incredibly easy. This option is often considered the best in performance. This may be the reason why people often refer to it as rock-solid.96c. Downgrading from Ext3 to Ext2 is as easy as the upgrade. Ext2 is a technological miracle. With the creation of journaling file systems and their astonishingly short recovery times.wilshiresoft. It is based on Ext2. It can. Easy Upgradability The code for Ext2 is the strong foundation on which Ext3 could become a highly-acclaimed next-generation file system. An Ext3 file system can be easily built on top of an Ext2 file system. It is also very safe. became the most popular Linux file system for years. A third option to use is data=writeback. Therefore. As a result. Unless you specify something else. and adaptable. Ext3 is designed to take care of both metadata and data.e. The most important difference between Ext2 and Ext3 is that Ext3 supports journaling. The file system driver collects all data blocks that correspond to one metadata update. After a system outage when the file system could not be cleanly unmounted. it is sometimes faster than other file systems. Unlike transitions to other journaling file systems. this procedure can take half an hour or more. allow old data to reappear in files after crash and recovery while internal file system integrity is maintained. These blocks are grouped as a “transaction” and will be written to disk before the metadata is updated. Metadata is brought into a consistent state and pending files or data blocks are written to a designated directory (called lost+found). it is not desirable to choose Ext2 for any server that needs high availability. Yet. as Ext2 does not maintain a journal and uses significantly less memory. Its reliability and solidity were elegantly combined with the advantages of a journaling file system. but can slow down the system as both metadata and data are journaled.

Linux Administration .2. The Ext3 filesystem is an Ext2 filesystem with a journal file and some filesystem driver additions making the filesystem journalized. you are wasting precious disk space by leaving space between partitions. the user is confronted with some mildly confusing. Nevertheless. is safe to run even on writeable mounted partitions. messages and choices.com info@wilshiresfot. IDE drives will be given device names /dev/hda to /dev/hdd. There should not be any gap between adjacent partitions. 6.wilshiresoft. This will cause data corruption. A partition is a contiguous set of blocks on a drive that are treated as an independent disk. IDE controller naming convention drive name /dev/hda /dev/hdb /dev/hdc drive controller 1 1 2 drive number 1 2 1 www. When the computer comes back up. but I feel that is playing it safe. Partitions cannot be moved but they can be resized and copied using special software. tune2fs -j command.1 Device Naming Convention By convention. 9729 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hda1 * 1 13 104391 83 Linux /dev/hda2 14 144 1052257+ 83 Linux /dev/hda3 145 398 2040255 82 Linux /dev/hda3 145 398 2040255 82 Linux swap /dev/hda4 399 913 4136737+ 5 Extended /dev/hda5 399 844 3582463+ 83 Linux /dev/hda6 845 913 554211 83 Linux 6. which is the primary command for converting from Ext2 to Ext3. and very intimidating. While this is not harmful. when possible. It might be superstitious. Note: From RedHat Linux 7. 63 sectors/track. I run the command on writeable mounted partitions. when confronted with situations making unmounting difficult. Converting from Ext2 to Ext3 [root@skynet tmp]# tune2fs -j /dev/hda10 To list the partition information [root@skynet tmp]#fdisk -l Disk /dev/hdb: 80. Hard Drive A(/dev/hda) is the first drive and Hard Drive C /dev/hdc) is the third. However.File System Page 30 of 167 filesystems are placed in an error state.0 GB. A partition table is an index that relates sections of the hard drive to partitions. 80026361856 bytes 255 heads. I run the command on unmounted or read-only mounted partitions. Constraints Partitions must not overlap.2 onwards Ext3 is used as the default File system.2 Preparing Partitions on Disks What is a partition? Partitioning is a means to divide a single hard drive into many logical drives.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Journalized filesystems are made to eliminate such error messages.

each of which can have two drives connected to it. but this is larger than 1024.. issue the "p" command to print all the known partitions on the disk. Table 4. In our case we want to run fdisk on the /dev/hdb disk. 80026361856 bytes 255 heads. In this case there are none which is good. 63 sectors/track. There is nothing wrong with that.wilshiresoft. Command (m for help): p Disk /dev/hdb: 80. and could in certain setups cause problems with: 1) Software that runs at boot time (e. they are represented by 'sd' instead of 'hd'. DOS FDISK. 80026361856 bytes 255 heads. Command (m for help): n Command action e extended p primary partition (1-4) p Partition number (1-4): 1 First cylinder (1-9729. We'll add a new primary partition. OS/2 FDISK) 2.3 Adding a New Partition 1.g.2.com info@wilshiresfot. 63 sectors/track. Just to make sure we're on the correct device. For example. The print command will now show that you have successfully created the partition. In the table above.Linux Administration . /dev/hda is the first drive (master) on the first IDE controller and /dev/hdd is the second (slave) drive on the second controller (the fourth IDE drive in the computer).0 GB.File System Page 31 of 167 /dev/hdd 2 2 A typical PC has two IDE controllers. number "1" and use the defaults to make the partition occupy the entire disk. You will see that "n" is the command to add a new partition.. The fdisk "m" command will give you a print a small help manual of valid commands.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 9729 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System 3. 9729 cylinders www. SCSI drives follow a similar pattern. [root@skynet tmp]# fdisk /dev/hdb The number of cylinders for this disk is set to 9729.0 GB. SCSI Drives drive name /dev/sda1 /dev/sda2 /dev/sda3 drive controller 1 1 1 drive number 6 6 6 partition type primary primary primary partition number 1 2 3 6. the drive number is arbitraily chosen to be 6 to introduce the idea that SCSI ID numbers do not map onto device names under linux. old versions of LILO) 2) Booting and partitioning software from other OSs (e. The first Linux step in adding a new disk is to partition it in preparation of adding a filesystem to it. This is done with the fdisk command followed by the name of the disk. Command (m for help): p Disk /dev/hdb: 80. The first partition of the second SCSI drive would therefore be /dev/sdb1.g. default 9729): 4. default 1):<RETURN> Using default value 1 Last cylinder or +size or +sizeM or +sizeK (1-9729.

(/dev/zerois a special device in which read operations always return null bytes. Under Linux. For example. as described above. It's something like the inverse of/dev/null. you would use the command: mkswap -c /swap 8192 If the swap area is a partition. also in blocks. The virtual memory subsystem under Linux allows memory pages to be shared between running programs. Command (m for help): w Command (m for help): q 6. you'll need to open a file and write bytes to it equaling the amount of swap you wish to add. or save the changes.File System Page 32 of 167 Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks /dev/hdb1 1 9726 78148161 Id 83 System Linux 5. this value can differ on other architectures) are written out to disk when physical memory is low and read back into physical memory when needed. One easy way to do this is with the dd command. Changes won't be made to the disk's partition table until you use the "w" command to "write". swap space is used to implement paging. 6. it's a good idea to use the sync command to sync the filesystems in case of a system crash. For example. When finished.2 Verify the New Partition [root@skynet tmp]#fdisk -l /dev/hdb Now create the File system mke2fs [root@skynet tmp]#mke2fs /dev/hdb1 6. the "q" command will allow you to exit.) After creating a file of this size. Use the mkswap command to "format" the swap area. mkswap –c /dev/hda3 Enabling the Swap Space In order for the new swap space to be utilized. To create a swap file. a process whereby memory pages (a page is 4096 bytes on Intel systems. you would substitute the name of the partition (such as /dev/hda3) and the size of the partition.3.2. you must enable it with the swapon command.wilshiresoft. we could use the command: swapon /swap If you are using a new swap partition.1 Creating Swap Space The first step in adding additional swap is to create a file or partition to host the swap area. you can create the partition using the fdisk utility. to create an 8-MB swap file. you can use the command: dd if=/dev/zero of=/swap bs=1024 count=8192 This will write 8192 blocks (8 MB) of data from /dev/zero to the file/swap.com info@wilshiresfot. If you wish to create an additional swap partition. The process by which paging works is rather involved.3 Managing Swap Space Swap space is a generic term for disk storage used to increase the amount of apparent memory available on the system. but it is optimized for certain cases.Linux Administration .com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . for the swap file created in the previous example. you can enable it with a command such as: swapon /dev/hda3 www. For example. after creating the previous swap file and running mkswap and sync.

File System Page 33 of 167 Add the entirs /etc/fstab file so that swap gets enabled each time we booting the systemcontains the entries: # device /dev/hda3 /swap directory none swap type swap swap options sw defaults fsck options 0 0 0 0 Disabling Swap Space As is usually the case.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . To disable swap space.wilshiresoft. simply use the command: swapoff <device> swapoff /dev/hda3 (or) swapoff /swap To list swap details use: free or swapon -s www.com info@wilshiresfot. undoing a task is easier than doing it.Linux Administration .

but the two most important are compatibility with other compliant systems and the ability to mount a /usr/ partition as read-only because it contains common executables and should not be changed by users.com info@wilshiresfot. The /etc/ Directory The /etc/ directory is reserved for configuration files that are local to the machine. which are used to populate a home directory when a user is first created.skel/ The /etc/X11/ directory is for X11 configuration files such as XF86Config.X11/ |. Refer to the latest FHS document for the most complete information.Linux File System Hiierarchy (FHS) Page 34 of 167 7. a collaborative document that defines the names and locations of many files and directories. The /dev/ Directory The /dev/ directory contains file system entries which represent devices that are attached to the system. These files are essential for the system to function properly. This section is an overview of the standard and a description of the parts of the file system not covered by the standard. 7. The /etc/skel/ directory is for "skeleton" user files. The X11/ and skel/ directories are subdirectories of the /etc/ directory: /etc |. www. such as CD-ROMs and fioppy disks. static application software packages. The /lib/ Directory The /lib/ directory should contain only those libraries that are needed to execute the binaries in /bin/ and /sbin/. The FHS document is the authoritative reference to any FHS-compliant file system. This directory in turn holds files that otherwise would be scattered throughout the file system. Overview of Linux File System Hierarchy Standard (FHS) Red Hat is committed to the Filesystem Hierarchy Standard (FHS).wilshiresoft. Since the /usr/ directory is mounted read-only.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . then all of its files could be placed within directories inside the /opt/sample/ directory. No binaries are to be put in /etc/. giving the system administrator an easy way to determine the role of each file within a particular package. such as /opt/sample/bin/ for binaries and /opt/sample/man/ for manual pages. The /mnt/ Directory The /mnt/ directory is for temporarily mounted file systems. if sample is the name of a particular software package located within the /opt/ directory. Compliance with the standard means many things.Linux Administration . For example.1 FHS Organization The directories and files noted here are small subsets of those specified by the FHS document. it can be mounted from the CD-ROM or from another machine via a read-only NFS mount. These shared library images are particularly important for booting the system and executing commands within the root file system. A package placing files in the /opt/ directory creates a directory bearing the same name as the package. Any binaries that were once located in /etc/ should be placed into /sbin/ or possibly /bin/. but the standard leaves many areas undefined or extensible. The /opt/ Directory The /opt/ directory provides storage for large.

kerberos/ contains binaries and much more for Kerberos..dict/ |.kerberos/ |. reboot. The FHS says: "/sbin typically contains files essential for booting the system in addition to the binaries in /bin. include/ contains C header files. giving that large package a standardized way to organize itself. update The /usr/ Directory The /usr/ directory is for files that can be shared across a whole site. ifconfig. The /proc/ Directory The /proc/ directory contains special files that either extract information from or send information to the kernel. games is for games. each of which accomplish a particular task.wilshiresoft. The libexec/ directory contains small helper programs called by other programs.src/ |. At minimum.X11R6/ The bin/ directory contains executables. and it should be mountable read-only.include/ |. grub./var/tmp/ |. man/. the following directories should be subdirectories of /usr/: /usr |. each of which can have their own bin/. such as /opt/sample/tool1/ and /opt/sample/tool2/. In this way. mkswap.share/ |.*.tmp -> . and other similar directories.sbin/ |.Linux File System Hiierarchy (FHS) Page 35 of 167 Large packages that encompass many different sub-packages. share/ contains files that are not architecture specific.libexec/ |. and lib/ contains object files and libraries that are not designed to be directly utilized by users or shell scripts.com info@wilshiresfot. The executables in /sbin/ are only used to boot and mount /usr/ and perform system recovery operations.etc/ |. Due to the great variety of data available within /proc/ and the many ways this directory can be used to communicate with the kernel.*. the following programs should be in /sbin/: arp. The /usr/ directory usually has its own partition. swapon. Local-only system administration binaries should be placed into /usr/local/sbin. sbin/ is for system administration binaries (those that do not belong in the /sbin/ directory). fsck. etc/ contains system-wide configuration files. src/ is for source code. shutdown. dict/ contains non-FHS compliant documentation pages. mkfs. fdisk. and X11R6/ is for the X Window System (XFree86 on Red Hat Linux). www. The /sbin/ Directory The /sbin/ directory is for executables used only by the root user. getty. init. Anything executed after /usr is known to be mounted (when there are no problems) should be placed in /usr/sbin.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .bin/ |. clock.Linux Administration .games/ |. an entire chapter has been devoted to the subject.local/ |. swapoff. halt.lib/ |.doc/ |." At a minimum. also go within the /opt/ directory. our sample package may have different tools that each go in their own subdirectories. lilo. route.

src/ The /var/ Directory Since the FHS requires Linux to mount /usr/ read-only.nis/ |.anacron/ |." Below are some of the directories which should be subdirectories of the /var/ directory: /var |.opt/ |.tmp/ |. and transient and temporary files. This includes spool directories and files. administrative and logging data.cache/ |.share/ |. It may be used for programs and data that are shareable among a group of hosts.kerberos/ |.cron/ |.sbin/ |." The /usr/local/ directory is similar in structure to the /usr/ directory.mqueue/ |.mailman/ |.libexec/ |. The FHS states /var/ is for: ".games/ |.ftp/ |.named/ |.spool/ |.yp/ www.com info@wilshiresfot.lpd/ |.empty/ |.lib/ |..bin/ |.crash/ |.db/ |.Linux File System Hiierarchy (FHS) Page 36 of 167 The /usr/local/ Directory The FHS says: "The /usr/local hierarchy is for use by the system administrator when installing software locally.at/ |.mail -> spool/mail/ |.lock/ |. but not found in /usr.etc/ |.wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .account/ |.samba/ |.rwho/ |. It has the following subdirectories.preserve/ |.gdm/ |.log/ |.run/ |..doc/ |. It needs to be safe from being overwritten when the system software is updated.variable data files.squid/ |.arpwatch/ |.include/ |.Linux Administration .lib/ |.mail/ |.local/ |. any programs that write log files or need spool/ or lock/ directories should write them to the /var/ directory. which are similar in purpose to those in the /usr/ directory: /usr/local |.

The /var/spool/ directory has subdirectories for various systems that need to store data files. but is used as a critical mount point during the boot process. 7.com info@wilshiresfot. Here we will outline some of the files found in the /etc/sysconfig/ directory. Most files pertaining to the Red Hat Package Manager (RPM) are kept in the /var/lib/rpm/ directory. /usr/local/ in Red Hat Linux In Red Hat Linux. one more directory worth noting is the /initrd/ directory. Since system upgrades from under Red Hat Linux performed safely with the rpm command and graphical Package Management Tool application. as many of these files have a variety of options that are only used in very specific or rare circumstances. including RPM header information for the system.2. The information here is not intended to be complete. 7. Special File Locations Red Hat Linux extends the FHS structure slightly to accommodate special files.2.Linux File System Hiierarchy (FHS) Page 37 of 167 System log files such as messages/ and lastlog/ go in the /var/log/ directory. Many scripts that run at boot time use the files in this directory. usually in directories particular for the program using the file.3 Files in the /etc/sysconfig/ Directory The following files are normally found in the /etc/sysconfig/ directory: |||||||||||||||||||||amd apmd arpwatch authconfig cipe clock desktop dhcpd firstboot gpm harddisks hwconf i18n identd init ipchains iptables irda keyboard kudzu mouse Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 www. if the /usr/ directory is mounted as a read-only NFS share from a remote host.Linux Administration . The sysconfig Directory The /etc/sysconfig/ directory is where a variety of system configuration files for Red Hat Linux are stored. For instance.1.com . Finally. This location may also be used to temporarily store RPMs downloaded while updating the system. The /var/lib/rpm/ directory also contains the RPM system databases.wilshiresoft. The FHS says that /usr/local/ should be where software that is to remain safe from system software upgrades is stored. Lock files go in the /var/lock/ directory. 7. It is empty. the intended use for the /usr/local/ directory is slightly different from that specified by the FHS. This directory stores a variety of configuration information. the /usr/local/ directory is used for software that is local to the machine. it is not necessary to protect files by putting them in /usr/local/. Another location specific to Red Hat Linux is the /etc/sysconfig/ directory. The /var/spool/up2date/ directory contains files used by Red Hat Update Agent. Instead. it is still possible to install a package or program under the /usr/local/ directory.

com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft.com info@wilshiresfot. then the corresponding program may not be installed.Linux File System Hiierarchy (FHS) Page 38 of 167 |||||||||||||||||||- named netdump network ntpd pcmcia radvd rawdevices redhat-config-securitylevel redhat-config-users redhat-logviewer samba sendmail soundcard spamassassin squid tux ups vncservers xinetd Note: If some of the files listed are not present in the /etc/sysconfig/ directory. www.Linux Administration .

There are other Window managers available.4 series. Mandrake utilizes a very standard GNOME 2. www. Fedora's default GNOME Desktop Overall Fedora and RedHat’s implementation of GNOME seems relatively stable. but I guess that is what makes it "spatial" . but unless you run Linux on older hardware. Today. Maybe if it could be configured to use the same window I would like it. GNOME and KDE are by far the most popular desktop environments available.wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . One of the most common "desktop environments" is the explorer interface on Microsoft Windows.4 series to the 2. as well as system menu. One advantage you have with Linux is that you have a choice on what desktop environment you use. If you remember how GNOME 1. Within Linux each desktop environment has its own interface. It is reminiscent of the way older Microsoft Windows Explorers would always "open in new window" by default. desktop icons. The only real change is the inclusion of a new theme called Galaxy.Linux Administration . 8. The interface is "themed" away from the default GNOME look into a theme that is called BlueCurve.1 GNOME Fedora Linux is the only distribution here to include the latest 2. this is very similar. The biggest change from the 2. where you have a start menu.Desktop Environments Page 39 of 167 8.6 series is that nautilus uses a "spatial" interface instead of the standard browser type interface. login managers and developer tools. and a customized "start menu" to allow organized access to applications across the different Desktop Environments. The good news is that the "spatial" interface speeds up nautilus. etc.com info@wilshiresfot. Linux Desktop Enviornments A desktop environment (or window manager) is the graphic environment that you use to interface with your computer.x series looked. The desktop is also rearranged from the default GNOME look. The BlueCurve look is a nice looking theme that includes new Window Decorations. you no longer have the top panel. Colors and Icons. there are two major desktop environments that populate the majority of Linux desktop installations.4 series desktop. but not as stable as the 2.6 series of the GNOME Desktop. GNOME and KDE. and the bottom panel is overly large for GNOME.

which makes sense because Novell also acquired Ximian as well as Suse. most of the dialog boxes are tweaked a little allowing for a better user experience.4 series desktop. such as Ximian's Industrial theme being the default look.Desktop Environments Page 40 of 167 Mandrake's default GNOME Desktop Suse Linux also includes the GNOME 2. Unlike Mandrake though.wilshiresoft. www. it is somewhat customized. There are also small changes.Linux Administration .com info@wilshiresfot. The biggest change is the inclusion of Ximian's patches to GTK. Because of the this. Most of the customizations come from Ximian's work on the GNOME desktop. but in such a way that you don't notice it right away.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .

If you prefer the default KDE desktop from KDE. you must hit the home icon which will bring you to the home directory.2 KDE RedHat’s Linux's implementation of KDE strays drastically from the default KDE desktop from KDE. Fedora really needs a nice wizard on startup that would ask you which theme to use for KDE. Taskbar or Menus.org.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The desktop is themed in such a way to look exactly like Fedora's GNOME desktop. An example is there is no easy way to open a file manager on the Desktop. www. it is nearly impossible to get there with Fedora's implementation.Desktop Environments Page 41 of 167 Suse's default GNOME Desktop 8. The only way to open a file manager is to go through the menus and find the Konqueror web browser and once the program launches. Unfortunately in its default state. the Bluecurve (Fedora's) theme or the default KDE theme. I guess if you didn't know that Konqueror also doubles as a file manager you would be out of luck when it came to a file manager.Linux Administration .wilshiresoft. the desktop is extremely not user friendly.org.

wilshiresoft. It is also the desktop that is the most similar to a default KDE desktop from KDE. such as double-clicking to launch a file instead of a single click. but generic looking.Linux Administration .com info@wilshiresfot. Mandrake's changes mostly just include a customized "start menu". Mandrake's default KDE Desktop Suse's KDE desktop is the most polished of these three distributions.Desktop Environments Page 42 of 167 Fedora's default KDE Desktop Mandrake's KDE desktop is very clean.org.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . the Galaxy theme and various other settings that are changed from a default KDE installation. www.

www. as well as customized applets.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . such as applets for hardware control.wilshiresoft. the dialup Internet Connection and Power Management applets.com info@wilshiresfot.Linux Administration .Desktop Environments Page 43 of 167 Suse's default KDE Desktop Suse's changes includes a customized "start menu".

often the access to a resource is controlled by groups.Linux Administration – Account Management Page 44 of 167 9. Linux Accout Management 9. a password provides a means of proving the authenticity of a person's claim to be the user indicated by the username. The effectiveness of a password-based authentication scheme relies heavily on several aspects of the password: The secrecy of the password The resistance of the password to guessing The resistance of the password to a brute-force attack Weak Passwords Weak password fails one of these three tests: It is secret It is resistant to being guessed It is resistant to a brute-force attack Password Aging Password aging is a feature (available in many operating systems) that sets limits on the time that a given password is considered valid.1. www. the user is prompted to enter a new password. it would provide very little (if any) security enhancement. The key question regarding password aging that many system administrators face is that of the password lifetime. For example.1. A secondary (but still important) reason for user accounts is to permit the per-individual tailoring of resources and access privileges. which can then be used until. if an organization has multiple system administrators. The group can then be given permission to access key system resources.1 Managing User Accounts Managing user accounts and groups is an essential part of system administration within an organization. it too. a password lifetime of 99 years would present very little (if any) user inconvenience. expires. they can all be placed in one system administrator group. Controlling access to these resources is a large part of a system administrator's daily routine.2 Passwds In more formal terms. The primary reason for user accounts is to verify the identity of each individual using a computer system. groups can be a powerful tool for managing resources and access Who Is The Super User? The super user with unrestricted access to all system resources and files is the user named "root".wilshiresoft.3 Files Controlling User Accounts and Groups The following section documents the files in the /etc/ directory that store user and group information under Red Hat Linux. What should it be? There are two diametrically-opposed issues at work with respect to password lifetime: User convenience Security On one extreme. However. At the end of a password's lifetime. and devices. Groups are logical constructs that can be used to cluster user accounts together for a common purpose.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . You will need to log in as user root to add new users to your Linux box 9. a good system administrator must first understand what user accounts and groups are and how they work. directories. Resources can include files. But to do this effectively. 9. In this way.com info@wilshiresfot.

This information is used in conjunction with the password aging fields that follow. User ID (UID) — The numerical equivalent of the username which is referenced by the system and applications when determining access privileges. If it is set to a non-existent file. As in the /etc/passwd file. Group ID (GID) — The numerical equivalent of the primary group name which is referenced by the system and applications when determining access privileges. This allows the login application to retrieve the user's password (and related information). Multiple entries can be stored here in a comma delimited list. if the value is ! or *. 1970 (also called the epoch) that the password was last changed. Note: GECOS stands for General Electric Comprehensive Operating Supervisor Home directory — The absolute path to the user's home directory. Number of days before password can be changed — The minimum number of days that must pass before the password can be changed.Linux Administration – Account Management Page 45 of 167 /etc/passwd The /etc/passwd file is world-readable and contains a list of users. then the user will be unable to log into the system. not having set a password. On each line is a colon delimited list containing the following information: Username — The name the user types when logging into the system. each on a separate line. Number of days before the account is disabled — The number of days after a password expires before the account will be disabled. www. Under Red Hat Linux. This is usually a command interpreter (often called a shell). the account is locked and the user is not allowed to log in. The root user has /root/ as a home directory. such as /home/juan/. and uses /bin/bash for a shell.com info@wilshiresfot. Number of days before a password change is required — The number of days that must pass before the password must be changed. Date password last changed — The number of days since January 1. values other than a validly-formatted encrypted or hashed password are used to control user logins and to show the password status. Shell — The program automatically launched whenever a user logs in. Here is an example of a /etc/passwd entry: root:x:0:0:root:/root:/bin/bash This line shows that the root user has a shadow password. each user's information is on a separate line. If the value is !! a password has never been set before (and the user. Number of days warning before password change — The number of days before password expiration during which the user is warned of the impending expiration. The password is encrypted using either the crypt(3) library function or the md5 hash algorithm. For more information about /etc/passwd. Each of these lines is a colon delimited list including the following information: Username — The name the user types when logging into the system. Password — Contains the encrypted password (or an x if shadow passwords are being used — more on this later). see the passwd(5) man page /etc/shadow The /etc/shadow file is readable only by the root user and contains password (and optional password aging information) for each user. Encrypted password — The 13 to 24 character password. will not be able to log in). Utilities such as finger access this field to provide additional user information. In this field. For example. /bin/sh is used.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft. the default value is /bin/bash. the GECOS field is optional and is used to store extra information (such as the user's full name). GECOS — Named for historical reasons. If this field is left blank. as well as a UID and GID of 0.

It is used by the operating system and applications when determining access privileges. non-members of the group can join the group by typing the password for that group using the newgrp command. Group password — If set.QKDPc5E$SWlkjRWexrXYgc98F. each on a separate line. Used by various utility programs as a human-readable identifier for the group. Here is an example line from /etc/group: general:x:502:juan. it also indicates that a password has never been set before. 2005 There is no minimum amount of time required before the password can be changed The password must be changed every 90 days The user will get a warning five days before the password must be changed The account will be disabled 30 days after the password expires if no login attempt is made The account will expire on November 9. then shadow group passwords are being used. /etc/gshadow The /etc/gshadow file is readable only by the root user and contains an encrypted password for each group. Each line is a four field. Member list — A comma delimited list of the users belonging to the group. only group members can log into the group. If a lower case x is in this field. shelley.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Here is an example line from /etc/shadow: juan:$1$. Just as in the /etc/group file. If the value of this field is !. For more information on /etc/group.com info@wilshiresfot. Used by various utility programs as a human-readable identifier for the group. and bob are members.shelley. see the shadow (5) man page. then no user is allowed to access the group using the newgrp command. Group ID (GID) — The numerical equivalent of the group name.Linux Administration – Account Management Page 46 of 167 Date since the account has been disabled — The date (stored as the number of days since the epoch) since the user account has been disabled. and that juan. If the value is null. Each of these lines is a colon delimited list including the following information: Group name — The name of the group.bob This line shows that the general group is using shadow passwords. If set. as well as group membership and administrator information. each group's information is on a separate line. Here is an example line from /etc/gshadow: www.:12825:0:90:5:30:13096: This line shows the following information for user juan: The password was last changed February 11. A reserved field — A field that is ignored in Red Hat Linux. Encrypted password — The encrypted password for the group. Group members — Group members listed here (in a comma delimited list) are regular. see the group(5) man page.2005 For more information on the /etc/shadow file. A value of !! is treated the same as a value of ! — however. this allows users that are not part of the group to join the group by using the newgrp command and typing the password stored here. has a GID of 502. Group administrators — Group members listed here (in a comma delimited list) can add or remove group members using the gpasswd command. /etc/group The /etc/group file is world-readable and contains a list of groups. non-administrative members of the group.wilshiresoft. colon delimited list including the following information: Group name — The name of the group.

Checks the integrity of the /etc/group and /etc/gshadow files. 9. Sets passwords. It is also used to specify group administrators.bob This line shows that the general group has no password and does not allow non-members to join using the newgrp command. In addition. and juan and bob are regular. Application chgrp chmod chown Function Changes which group owns a given file. The passwd command can also be used for this purpose.2 User Management Commands The following table describes some of the more common command line tools used to create and manage user accounts and groups: Application /usr/sbin/useradd /usr/sbin/userdel /usr/sbin/usermod Function Adds user accounts. Changes the user's password aging policies. The useradd and usermod programs should be used to assign users to a given group. non-administrative members. Changes a file's ownership (and can also change group).com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The useradd and usermod programs should then be used to assign users to a given group. Changes the user's default shell Adds groups. Changes access permissions for a given file. Reads in a file consisting of username and password pairs. but does not change group membership. Although primarily used to change a user's password.com info@wilshiresfot. It is also capable of assigning special permissions. usermod is also used to specify primary and secondary group membership. Changes group membership and sets passwords to allow non-group members who know the group password to join the group.Linux Administration – Account Management Page 47 of 167 general:!!:shelley:juan. Changes the user's GECOS information. and updates each users' password accordingly. but does not assign users to those groups. This tool is also used to specify primary and secondary group membership. For more fine-grained control. it also controls all aspects of password aging. use the passwd command. Edits account attributes including some functions related to password aging. Modifies group names or GIDs. www. shelley is a group administrator. passwd /usr/sbin/chpasswd chage Chfn chsh /usr/sbin/groupadd /usr/sbin/groupdel /usr/sbin/groupmod gpasswd /usr/sbin/grpck File Permission Applications File permissions are an integral part of managing resources within an organization. The following table describes some of the more common command line tools used for this purpose. Deletes user accounts. Deletes groups.wilshiresoft.

Each user's personal directory will be placed in the /home directory.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . User "root" changing the password for user "paul" [root@skynet root]# passwd paul Changing password for user paul.com info@wilshiresfot. [root@skynet drwxr-xr-x drwx-----drwx-----drwx-----drwx-----drwx-----drwx-----tmp]# ll /home 2 root root 2 accounts accounts 2 alice production 2 derek production 2 jane marketing 2 paul marketing 2 sales accounts 12288 Jul 24 20:04 lost+found 1024 Jul 24 20:33 accounts 1024 Jul 24 20:33 alice 1024 Jul 24 20:33 derek 1024 Jul 24 20:33 jane 1024 Jul 24 20:33 paul 1024 Jul 24 20:33 sales Changing Passwords You'll need to create passwords for each account.wilshiresoft. New password: Retype new password: www. Marketing Production Accounts Paul Alice Accounts Jane Derek Sales Add the Linux groups to your server: [root@skynet tmp]# groupadd marketing [root@skynet tmp]# groupadd production [root@skynet tmp]# groupadd accounts Add the Linux users. When each new user first logs in. "production" and "accounts". home directory and password policy. This is done with the "passwd" command. they will be able to access the files in their home directory. The primary advantage of centralizing home directories on a network-attached server is that if a user logs into any machine on the network. Adding Users Adding users takes some planning. deploying centralized home directories can make a system administrator's life much easier. You will be prompted once for your old password and twice for the new one. The disadvantage is that if the network goes down. they will be prompted for their new permanent password. having centralized home directories may not be desirable. Note: The /etc/login.defs file contains useradd command defaults for user aging. But if it makes sense for your organization. RedHat / RedHat Linux will create a group with the same name as the user you just created. In some situations (such as organizations that make widespread use of laptops). read through the steps below before starting: Arrange your list of users into groups by function. assign them to their respective groups [root@skynet [root@skynet [root@skynet [root@skynet [root@skynet [root@skynet tmp]# tmp]# tmp]# tmp]# tmp]# tmp]# useradd useradd useradd useradd useradd useradd -g -g -g -g -g -g marketing paul marketing jane production derek production alice accounts accounts accounts sales If you don't specify the group with the "-g". The directory name will be the same as their user name.Linux Administration – Account Management Page 48 of 167 Home Directories Another issue facing system administrators is whether or not users should have centrally-stored home directories. In this example there are three groups "marketing". users across the entire organization will be unable to get to their files.

Linux Administration – Account Management

Page 49 of 167

passwd: all authentication tokens updated successfully. [root@skynet root]# Users may wish to change their passwords at a future date. Here is how unprivileged user "paul" would change his own password. [paul@skynet paul]$ passwd Changing password for paul Old password: your current password Enter the new password (minimum of 5, maximum of 8 characters) Please use a combination of upper and lower case letters and numbers. New password: your new password Re-enter new password: your new password Password changed.

Delete Users
The userdel command is used. The "-r" flag removes all the contents of the user's home directory [root@skynet tmp]# userdel -r paul How to Tell the groups to which a user belongs? Use the "groups" command with the username as the argument [root@skynet root]# groups paul paul : marketing [root@skynet root]#

Setup User Aging
[root@skynet root]#chage –l paul [root@skynet root]#chage –I 5 –m 10 –M 20 –W 15 –E 06/23/05 [root@skynet root]#chage –l paul Here in the above example: -I is number of days a user can remain inactive -m minimum no. of days before a user can change his password from the current day. -M Maximum no. of days a user can keep his password from the current day. -W will receive a warning to change his/her password from the current day -E password expiry date i.e June 23rd 2005 Important Files /etc/passwd, /etc/shadow /etc/login.defs /etc/skel, /etc/bashrc, /etc/profile

9.3 Setting Up Quotas
9.3.1 Understanding Disk Quotas
Quotas are used to limit a user's or a group of users' ability to consume disk space. This prevents a small group of users from monopolizing disk capacity and potentially interfering with other users or the entire system. Disk quotas are often used by ISPs, Web Hosting companies, on FTP sites, or on corporate file servers to ensure continued availability of their systems. Users can compromise availability by uploading files to the point of filling a file system (by default, there is nothing stopping this from happening). Once the file system is full, other users are effectively denied upload access to the disk (a denial of service). If the file system that fills is the root file system (/), this could also result in system instability or even a crash. There are two limitations you can set up to manage disk consumption. You can limit the number of inodes a user may have, and you can also limit the number of disk blocks a user's files may consume. Linux uses one inode for each file a user has on a file system. Setting a maximum on the number of inodes a user may consume prevents
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Account Management

Page 50 of 167

a user from creating an excessive number of files. By limiting the number of disk blocks a user may consume, you limit the total amount of storage a user may have regardless of how many files they may have (i.e., either a small number of large files, or a large number of small files). We can use the following commands and their associated man pages: quotaon /fs Enables quotas for the /fs file system. quotaoff Disables quota tracking. edquota name Edits the quota settings for user name. Can also be used to set defaults. quota Allows users to see their current resource consumption and limits. repquota Generates a report of disk consumption by all users for a quota-enabled file system. quotacheck Scans a file system

9.3.2 Settingup and configuring the Quotas
Enter Single User Mode As we'll need to remount the /home filesystem it's best to ensure that no other users or processes are using it. This is best achieved by entering single user mode from the console. This may be unnecessary if you are certain that you're the only user on the system. Entering single user mode will automatically log off all users and stop cron jobs. It is best to do this after hours in a business environment. Here is a quick procedure to do this: 1. Use the "who" command to see who's logged in. If there are any, besides yourself, send a message informing them that the system is about to shutdown with the "wall" command. [root@skynet tmp]# who root pts/0 Nov 6 14:46 (192-168-1-242.my-site.com) bob pts/0 Nov 6 12:01 (192-168-1-248.my-site.com) bunny pts/0 Nov 6 16:25 (192-168-1-250.my-site.com) [root@skynet tmp]# wall The system is shutting down now! Broadcast message from root (pts/0) (Sun Nov 7 15:04:27 2004): The system is shutting down now! 2. The next step is to log into the VGA console and enter single user mode. [root@skynet tmp]# init 1 Edit your /etc/fstab File The /etc/fstab file lists all the partitions that need to be auto-mounted when the system boots. You have to alert Linux that quotas are enabled on the filesystem by editing the /etc/fstab file and modifying the options for the /home directory. You'll need to add the usrquota option. In case you forget the name, the usrquota option is mentioned in the fstab man pages.

Old fstab LABEL=/home New fstab LABEL=/home /home ext3 defaults,usrquota 1 2 /home ext3 defaults 1 2

Remount The Filesystem Editing the /etc/fstab file isn't enough, Linux needs to reread the file to get its instructions for /home. This can be done using the mount command with the "-o remount" qualifier. [root@skynet tmp]# mount -o remount /home Get Out Of single user mode
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Account Management

Page 51 of 167

Return to your original run state by using either the "init 3" or "init 5" commands. Continue to the next step once the system is back to its normal state. Create The Partition Quota Configuration Files The topmost directory of the filesystem needs to have an aquota.user file (Defines quotas by user) and/or a aquota.group file (Defines quotas by group). The man page for "quota" lists them at the bottom. In this case we'll just enable "per user " quotas. [root@skynet tmp]# touch /home/aquota.user [root@skynet tmp]# chmod 600 /home/aquota.user

9.3.3 Initialize The Quota Table
Editing the /etc/fstab file and remounting the file system only alerted Linux to the fact that the filesystem has quota capabilities. You have to generate a quota table, separate from the aquota files, which lists all the current allocations for each user on the file system. This table will then be automatically and transparently updated each time a file is modified. Linux compares the values in this table with the quota limitations the systems administrator has placed in the aquota files and will use this to determine whether the user has rights to having increased disk usage. The table initialization is done using the quotacheck command. You'll get an error the first time you enter the command as Linux will realize that the aquota file wasn't created using one of the quota commands. [root@skynet tmp]# quotacheck -vagum quotacheck: WARNING - Quotafile /home/aquota.user was probably truncated. Can't save quota settings... quotacheck: Scanning /dev/hda3 [/home] done quotacheck: Checked 185 directories and 926 files Edit The User's Quota Information Now we need to edit the user's quota information. This is done with the edquota command which allows you to selectively edit a portion of the aquota.user file on a per user basis. [root@skynet tmp]# edquota -u mp3user The command will invoke the vi editor which will allow you to edit a number of fields. Disk quotas for user mp3user (uid 503): Filesystem blocks soft hard /dev/hda3 24 0 0 inodes 7 soft 0 hard 0

Blocks: The amount of space in 1K blocks the user is currently using. Inodes: The number of files the user is currently using. Soft Limit: The maximum blocks/inodes a quota user may have on a partition. The role of a soft limit changes if grace periods are used. When this occurs, the user is only warned that their soft limit has been exceeded. When the grace period expires, the user is barred from using additional disk space or files. When set to zero, limits are disabled. Hard Limit: The maximum blocks/inodes a quota user may have on a partition when a grace period is set. Users may exceed a soft limit, but they can never exceed their hard limit. In the example below we limit user mp3user to a maximum of 5 MB of data storage on /dev/hda3 (/home). Disk quotas for user mp3user (uid 503): Filesystem blocks soft hard /dev/hda3 24 5000 0 Testing Linux checks the total amount of disk space a user uses each time a file is accessed and compares it against the values in the quota file. If the values are exceeded, depending on the configuration, then Linux will prevent the creation of new files or the expansion of existing files to use more disk space.
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

inodes 7

soft 0

hard 0

.wilshiresoft. mp3user -24 0 0 7 0 0 9. minutes. Time units of seconds.1 What is SUDO? SUDO feature in RedHat Linux is similer to RBAC in Solaris. All commands run as sudo are logged in the log file /var/log/messages. You'll also need to make Linux scan its hard disks periodically to check for exceeded quotas. or seconds Filesystem /dev/hda3 Block grace period 7days Inode grace period 7days 9. When running the command with the sudo prefix. The privileged command you want to run must first begin with the word "sudo" followed by the command's regular syntax. You may run other privileged commands using sudo within a five minute period without being reprompted for a password. The repquota command lists quota usage limits of all users on the system. Getting Quota Reports. [root@skynet tmp]# repquota /home *** Report for user quotas on device /dev/hda3 Block grace time: 7days. days. The commands can be run as user "root" or as any other user defined in the /etc/sudoers configuration file.Linux Administration – Account Management Page 52 of 167 9.4. "7days" is correct and "7 days" is wrong.5 Using Sudo 9. hours. The grace period is a time limit before the soft limit is enforced for a quota enabled file system.1 Editing Group Quotas Editing quotas on a per group basis can be done similarly with the "edquota -g" command. hours.. Inode grace time: 7days Block limits File limits User used soft hard grace used soft hard grace ---------------------------------------------------------------------root -52696 0 0 1015 0 0 . The sudo utility allows users defined in the /etc/sudoers configuration file to have temporary access to run commands they would not normally be able to due to file permission restrictions.5. www.. This section describes the most common quota management activities you'll need to undertake.. it invokes the vi editor. you will be prompted for your regular password before it is executed. . This is what you'll see with the command "edquota -t": Note: There should be no spaces between the number and the unit of time measure. minutes.com info@wilshiresfot. Here is an example.4 Other Quota Topics Creating disk quotas frequently isn't enough you also have to manage the process by reviewing the quota needs of each user and adjusting them according to the policies of your company. Therefore in this example. weeks and months can be used. [root@skynet tmp]# edquota -t Grace period before enforcing soft limits for users: Time units may be: days.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Editing Grace Periods The "edquota -t" command sets the grace period for each filesystem. Like the edquota command.

the file is used by only one server and the keyword "ALL" will suffice for the server name. It is not recommended that you use any other editor to modify your sudo parameters as the sudoers file isn't located in the same directory on all versions of Linux. and therefore offers the option to specify the names of servers which will be using it in the "servername" position. /usr/local/bin/tcsh. Format Of The /etc/sudoers File: usernames/group servername = (usernames command can be run as) command Some guidelines when editing this file: Groups are the same as user groups and are differentiated from regular users by a % at the beginning. If you run out of space on a line.wilshiresoft. /usr/bin/csh. groups. The visudo command "visudo" is a text editor that mimics the "vi" editor that is used to edit the /etc/sudoers configuration file.Linux Administration – Account Management Page 53 of 167 9. The sudoers file allows users to be grouped according to function with the group then being assigned a nickname or "alias" which is used throughout the rest of the file. There are a number of guidelines that need to be followed when editing it with visudo. \ /usr/bin/ksh. All the command shell programs are then assigned to the command alias "SHELLS". The NOPASSWD keyword provides access without you being prompted for your password Simple /etc/sudoers Examples Here are some simple examples of how to do many commonly required tasks using the sudo utility. The keyword "ALL" can mean all usernames. Sudo assumes that the sudoers file will be used network wide. which is an action that normally requires privileged access. the command fails. "visudo" must run as user "root" and should have no arguments as seen below. users "peter". \ Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 www. "visudo" uses the same commands as the "vi" text editor. Users ADMINS are then denied the option of running any SHELLS commands and su. commands and servers. [root@aqua tmp]# visudo The /etc/sudoers File The /etc/sudoers file contains all the configuration and permission parameters needed for sudo to work. Spaces are considered part of the command. Using Aliases In The sudoers File Sometimes you'll need to assign random groupings of users from various departments very similar sets of privileges. user "bob" attempts to view the contents of the /etc/sudoers file.5. Cmnd_Alias SHELLS = /usr/bin/sh. In the example below. In most cases.com . "bob" and "bunny" and all the users in the "operator" group are made part of the user alias "ADMINS". Without sudo. You can have multiple usernames per line separated by commas Multiple commands can be separated by commas too. Groupings of commands can also be assigned aliases too.2 Example Using sudo In this example. [bob@skynet bob]$ more /etc/sudoers /etc/sudoers: Permission denied [bob@skynet bob]$ Bob tries again using sudo and his regular user password and is successful [bob@skynet bob]$ sudo more /etc/sudoers Password: The details of configuring and installing sudo will be covered in later sections. you can end it with a "###BOT_TEXT###quot; and continue on the next line. The Linux user group "users" would be represented by %users.com info@wilshiresfot.

bob. /usr/local/bin/zsh User_Alias ADMINS ADMINS = peter. Other Examples You can view a comprehensive list of /etc/sudoers file options by issuing the command "man sudoers".Linux Administration – Account Management Page 54 of 167 /usr/bin/rsh. %operator ALL = !/usr/bin/su.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . but the restrictions can only be enforced as part of the company's overall security policy. It doesn't prevent them from copying the files to other locations to be run.com info@wilshiresfot. www.wilshiresoft. bunny. The advantage of this is that it helps to create an audit trail. or enter command shells that bypass sudo's command logging. !SHELLS This attempts to ensure that users don't permanently "su" to become root.

the release. RPM also takes care of conflicts between packages.2 What Is a Package? In the generic sense. if package X. You may use these formats anywhere a filename is called for in RPM. For example. The RPM database makes adding. yet necessary. removing.4-9 e2fsprogs-1. The RPM also maintains an MD5 checksum of each file. Note that although this is the conventional method of naming RPM packages. rpm is the “driver” responsible for maintaining the RPM databases. Y.i386. if you know that the package foo. and <port> specifies a nonstandard port used on the remote machine.i386.1 Introduction One of the mundane.” a collection of the files that make up the software. and architecture information are read from the contents of the file by RPM.1 Listing Installed RPMs The rpm -qa command will list all the packages installed on your system [root@skynet tmp]# rpm -qa perl-Storable-1.com info@wilshiresfot. For example.com. the actual package name. and removing software applications. and where to put them. Of rpm's 10 modes of operation. 10.rpm.rpm indicates this is the (fictional) Penguin Utilities package. which comes in handy if you need to verify the integrity of one or more packages. and remove 10. version.2. The workhorse of the RPM system is the program rpm. RPM also makes sure you never lose configuration files by backing up existing ones before overwriting. its version. RPM also tracks which version of an application is currently installed on your system.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . upgrading. You could rename the file blag. RPM will manage this conflict by backing up your previous configuration file before the new file is written. Applications and patches come and go. you may install a new software package only to find it has overwritten a crucial file from a currently installed package.rpm. and documentation files in a software application. a package is a container. which has already been installed.rpm.rpm. because RPM knows which files to handle. and instructions for adding. and much more. and upgrading packages easy. configuration. This database tracks where each file in a package is located. software is managed in discrete “packages. release 26. A key feature of RPM is that filenames can be specified in Uniform Resource Locator (URL) format. where <username> and <password> are the username and password you need to log on to this system non-anonymously. but it would still install as penguin-3.rpmdownloads.RPM is smart enough to log on to the FTP server anonymously and pull down the file.27-9 libstdc++-3.3.4. in the /pub directory.com/pub/fee. and the architecture for which they were built. and you attempt to install a new package. i386 indicates it has been compiled for the Intel architecture. and what other applications it depends on. it's hard to tell just what's on a system. version 3. After months or years of adding. which wants to install the same file. we will cover the four most common: query. Red Hat Package Manager (RPMs) 10. and upgrading those files. install. what version a software package is. you can specify that filename as ftp://ftp. You can also use the format ftp://<username>:<password>@hostname:<port>/path/to/remote/package/file. and how the installation should be accomplished.Linux Administration – RedHat Package Management Page 55 of 167 10. A package also includes instructions on how to uninstall itself.26. For example. It includes the files needed to accomplish a certain task. With RPM. has a configuration file called /etc/someconfig. RPM packages are often identified by filenames that usually consist of the package name.2-7 www. duties a Systems Administrator faces is software management.14-15 smpeg-gtv-0. The Red Hat Package Manager (RPM) was designed to eliminate these problems. the version. removing.rpmdownloads.1 What Is RPM? At the heart of RPM is the RPM database. Worse.26. upgrade. Checksums are used to determine if a file has been modified.rpm is on the FTP server ftp. It also includes instructions on how and where these files should be installed. Outdated files often wind up laying around because nobody's quite sure what they belong to. 10. not the filename.0. the package penguin-3. such as the binaries.wilshiresoft.

It is therefore important to be able to determine the origin of certain files..2 [root@skynet tmp]# rpm -ql ntp /etc/ntp /etc/ntp. 10.1. If you are not sure of the package name and its capitalization. [root@skynet tmp]# /usr/share/doc/ntp-4..1.2-0.4p1-2 openssh-askpass-3.rc1. erase etc.. 10. upgrade. then the method above is probably more suitable. In this example we are looking for all packages containing the string "ssh" in the name. .1. ########################################### [100%] www.Linux Administration – RedHat Package Management Page 56 of 167 audiofile-0.2 Managing RPMs (install..2/tickadj. Sometimes the installation of an application fails on the new server due to the lack of a file that resides on the old one. In this example we test to make sure that the NTP package is installed using the"-q" qualifier.conf /etc/ntp/drift /etc/ntp/keys .4p1-2 openssh-3. -v is used for verbose output and -h shows the process of installation as # (hashes) [root@skynet tmp]# rpm -ivh package-name.2/refclock.com info@wilshiresfot..3.2 Listing Files Associated With RPMs Sometimes you'll find yourself installing software which terminates with an error requesting the presence of particular file. ########################################### [100%] Installing. re-install. then we use the "-ql" qualifier to get the file listing. In this case you need to know which RPM on the old server contains the file.2.htm /usr/share/doc/ntp-4.1..2/rdebug.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 ..htm /usr/share/doc/ntp-4.rpm Preparing. In many cases the installation program doesn't state the RPM package in which the file can be found.2/release.htm [root@skynet tmp]# 10.. [root@skynet tmp]# You can also pipe the output of this command through the grep command if you are interested in only a specific package.3.. .. [root@skynet tmp]# rpm -q ntp ntp-4. The package name given must match that listed in the rpm -qa command as the version of the package is important.3-3 .4 Listing Files For Already Installed RPMs This can be useful if you have to duplicate a working server that is already in a production environment. regardless of case ("-i" meaning ignore case) [root@skynet tmp]# rpm -qa | grep -i ssh openssh-server-3.4p1-2 openssh-clients-3.htm /usr/share/doc/ntp-4..4p1-2 openssh-askpass-gnome-3. by listing the contents for RPMs in which you suspect the files may reside.4p1-2 Note: You could use the "rpm -q package-name" command to find an installed package as it is much faster than using grep and the "-qa" switch.wilshiresoft. but you have to have an exact package match.) Installing RPMs The rpm -i command will install a package. You can use the "-ql" qualifier to list all the files associated with an installed RPM.1.

Linux Administration – RedHat Package Management Page 57 of 167 Installing RPM without checking for dependency [root@skynet tmp]# rpm -ivh --nodeps package-name.wilshiresoft.com info@wilshiresfot. [root@skynet tmp]# rpm -e package-name.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .rpm Re-installing RPM [root@skynet tmp]# rpm –ivh -–replacepkgs pkgname.rpm Upgrading RPMs The rpm -U command will upgrade a package.rpm www. The package name given must match that listed in the rpm -qa command as the version of the package is important. [root@skynet tmp]# rpm -Uvh package-name.rpm Uninstalling RPMs The rpm -e command will erase an installed package.

1.168.local file.0. you may just to play around with the server to test your skills. You can determine the IP address of this device with the "ifconfig" command.168. When Linux is installed.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:47379 errors:0 dropped:0 overruns:0 frame:0 TX packets:107900 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:4676853 (4.1.99 Bcast:192. this device is called "eth0".7 Kb) TX bytes:82644 (80.1 Configuring Your NIC's IP Address It is very important be very familiar with all the steps needed to configure IP addresses on a NIC card.Linux Administration – Networking Page 58 of 167 11. eth0 has no IP address as this box is using wireless interface wlan0 as its main NIC.2 Mb) Interrupt:11 Memory:c887a000-c887b000 wlan0:0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5 inet addr:192.255.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:787 errors:0 dropped:0 overruns:0 frame:0 TX packets:787 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:82644 (80. www. This section will show you how to do the most common server IP activities with the least amount of headaches.0.100 and a subnet mask of 255.1 Mask:255.168. Linux Networking 11.100 Bcast:192.255 Mask:255. Website shopping cart applications frequently need an additional IP address dedicated to them. 11.168.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .4 Mb) TX bytes:43209032 (41.255 Mask:255.0 b) TX bytes:0 (0.1.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:11 Memory:c887a000-c887b000 In this example.1.1.255.255. you may need to add a secondary NIC interface to your server to handle data backups and last but not least.d/rc.0. you may need to refer to the manual for the offending device to try to determine ways to either use another interrupt or memory I/O location.255.1.1 netmask 255.0.0 up The "up" at the end of the command activates the interface.2 Changing Your IP Address If you wanted.1.0 b) Interrupt:11 Base address:0x1820 lo Link encap:Local Loopback inet addr:127.255. To make this permanent each time you boot up you'll have to add this command in your /etc/rc.1 Determining Your IP Address Most modern PCs come with an ethernet port.0 If there are conflicts.0. Interface wlan0 has an IP address of 192. 11. [root@skynet tmp]# ifconfig eth0 10.0. [root@skynet tmp]# ifconfig -a eth0 Link encap:Ethernet HWaddr 00:08:C7:10:74:A8 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.com info@wilshiresfot.168.255.7 Kb) wlan0 Link encap:Ethernet HWaddr 00:06:25:09:6A:B5 inet addr:192. you could give this eth0 interface an IP address using the ifconfig command.255.wilshiresoft.

255.2 Multiple IP Addresses On A Single NIC In the previous "determining your IP address" section you may have noticed that there were two wireless interfaces.3 network-scripts File Formats : [root@skynet tmp]# cd /etc/sysconfig/network-scripts [root@skynet network-scripts]# less ifcfg-eth0 DEVICE=eth0 IPADDR=192.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .1.168. etc. Once you change the values in the configuration files for the NIC you'll have to deactivate and activate it for the modifications to take effect.0 The commands to activate and deactivate the alias interface would therefore be: www. You can place your IP address information in these files which are then used to auto-configure your NICs when Linux boots. a virtual sub-interface also known as an "IP alias".99 \ netmask 255. Create the virtual interface with the ifconfig command [root@skynet tmp]# ifconfig wlan0:0 192.255..1. This can be seen below: 1.You should also create a /etc/sysconfig/network-scripts/ifcfg-wlan0:0 file so that the aliases will all be managed automatically with the ifup and ifdown commands. First ensure the "parent" real interface exists 2.0 up 4.0 [root@skynet tmp]# cd /etc/sysconfig/network-scripts [root@skynet network-scripts]# less ifcfg-eth0 DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes As you can see eth0 will be activated on booting as the parameter ONBOOT has the value "yes" and not "no". where "X" is the sub-interface number of your choice. 11.com info@wilshiresfot.255. eth1 uses ifcfg-eth1 .0 BOOTPROTO=static ONBOOT=yes # # The following settings are optional # BROADCAST=192.255 NETWORK=192.100 NETMASK=255.Linux Administration – Networking Page 59 of 167 RedHat Linux also makes life a little easier with interface configuration files located in the /etc/sysconfig/network-scripts directory.255. In this we want to create interface wlan0:0 3.1. Interface eth0 has a file called ifcfg-eth0.99 NETMASK=255.255. Interface wlan0:0 is actually a "child" of interface wlan0. [root@skynet network-scripts]# ifdown eth0 [root@skynet network-scripts]# ifup eth0 11. The ifdown and ifup commands can be used to do this. One's named wlan0 and the other wlan0:0. The default RedHat/RedHat installation will include the "broadcast" and "network" options in the network-scripts file. Aliases have the name format "parent-interface-name:X".wilshiresoft. Verify that no other IP aliases with the same name exists with the name you plan to use.168. These are optional..168.168.1. Here is a sample configuration: DEVICE=wlan0:0 ONBOOT=yes BOOTPROTO=static IPADDR=192. IP aliasing is one of the most common ways of creating multiple IP addresses associated with a single NIC.1.168. The process for creating an IP alias is very similar to the steps outlined for the real interface in the previous "changing your IP address" section.1.255.

the default and one to 255.3 Convert Your Linux Server Into A Router Router / firewall appliances that provide basic Internet connectivity for a small office or home network are becoming more affordable every day.com info@wilshiresfot.0 192.0.ipv4.ipv4.255.Linux Administration – Networking Page 60 of 167 [root@skynet tmp]# ifup wlan0:0 [root@skynet tmp]#ifdown wlan0:0 Note: Shutting down the main interface also shuts down all its aliases too.0 255. but when budgets are tight you may seriously want to consider modifying an existing Linux server to do the job.255 UH 40 0 0 wlan0 192.0.0.0 0.0 255. there are multiple gateways handling traffic destined for different networks on different interfaces.255. The Linux kernel configuration parameter to activate this named net. Server skynet is a DHCP server in this case.168.0.255.0. you have to enable packet forwarding.ip_forward=1 This will only enable it when you reboot at which time Linux will create a file in one of the subdirectories of the special RAM memory based /proc filesystem.ip_forward = 1 net.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .255. 11.0 UG 40 0 0 wlan0 In this example.rp_filter = 1 kernel.wilshiresoft.1 Configuring IP Forwarding For your Linux server to become a router. Aliases can be shutdown independently of other interfaces. Here is an example for interface eth0: [root@skynet tmp]# ifdown eth0 [root@skynet tmp]# ifup eth0 11.1 0. Before # Disables packet forwarding net.0. Networks with a gateway of 0.0. Remove the "#" from the line related to packet forwarding.0.255. In simple terms packet forwarding lets packets flow through the Linux box from one network to another. Here is how it's done: [root@skynet tmp] sysctl -p sysctl -p net.0 U 40 0 0 lo 0.255 0.0.168.0.sysrq = 0 www.0. 11.255 which is usually added on DHCP servers.0.3.255.0 0.ipv4. To activate the feature immediately you have to force Linux to read the /etc/sysctl. As no gateway is needed to reach your own directly connected interface then an address of 0.0.0 255.0.0.1 Viewing Your Current Routing Table The netstat -nr command will provide the contents of the touting table.1. How To Activate / Shutdown Your NIC The ifup and ifdown commands can be used respectively to activate and deactivate a NIC interface.conf.0.0.ip_forward and can be found in the file /etc/sysctl. In this example there are two gateways.ipv4. You must have an ifcfg file in the /etc/sysconfig/network-scripts directory these commands to work.ipv4.conf.default.255. [root@skynet tmp]# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 255.0 seems appropriate.0.255.conf file with the sysctl command using the "-p" switch.0 are usually directly connected to the interface.1.2.ip_forward=0 After # Enables packet forwarding net.0 U 40 0 0 wlan0 127.

Linux Administration – Networking

Page 61 of 167

kernel.core_uses_pid = 1 Configuring Your /etc/hosts File The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically check this file before referencing DNS, if the name is found with a corresponding IP address then DNS won't be queried at all. Unfortunately, if the IP address for that host changes, you'll have to also update the file. This may not be much of a concern for a single server, but can become laborious if it has to be done companywide. For ease of management, it is often easiest to limit entries in this file to just the loopback interface, and also the server's own host name, and use a centralized DNS server handle most of the rest. Sometimes you may not be the one managing the DNS server and in such cases it may be easier to add a quick /etc/hosts file entry till the centralized change can be made. 192.168.1.101 sys1

In the example above server "sys1" has an IP address of 192.168.1.101. You can access 192.168.1.101 using the "ping", "telnet" or any other network aware program by referring to it as "sys1" Here is an example using the "ping" to see if "sys1" is alive and well on the network. [root@skynet tmp]# ping sys1 PING zero (192.168.1.101) 56(84) bytes of data. 64 bytes from sys1 (192.168.1.101): icmp_seq=0 ttl=64 time=0.197 ms 64 bytes from sys1 (192.168.1.101): icmp_seq=1 ttl=64 time=0.047 ms --- sys1 ping statistics --2 packets transmitted, 2 received, 0% packet loss, time 2017ms rtt min/avg/max/mdev = 0.034/0.092/0.197/0.074 ms, pipe 2 You can also add "aliases" to the end of the line which will allow you to refer to the server using other names. Here we have set it up so that "sys1" can also be accessed using the names "tiny" and "sun20". 192.168.1.101 sys1 tiny sun20

You should never have an IP address more than once in this file as Linux will only use the values in the first entry it finds. 192.168.1.101 192.168.1.101 192.168.1.101 sys1 tiny sun20 # (Wrong) # (Wrong) # (Wrong)

11.4 Setting Up A Telnet Server
Telnet server RPM's filename usually starts with the word "telnet-server" followed by a version number like this: telnet-server-0.17-28.i386.rpm. this packages located in 3rd cd. o Telnet is installed disabled RedHat Linux. If you want to enable Telnet then edit the file /etc/xinetd.d/telnet and set the disable parameter to "no". # default: on # description: The telnet server serves telnet sessions; it uses \ # unencrypted username/password pairs for authentication. service telnet { flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID disable = no } o You’ll then have to restart xinetd for the new settings to take effect. [root@skynet tmp]# /etc/init.d/xinetd restart Stopping xinetd: [ OK ]

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Networking

Page 62 of 167

Starting xinetd: [ OK ] [root@skynet tmp]# Now you are ready to use telnet.

11.5 Setting up rsh and rlogin
rsh server RPM's filename usually starts with the word "rsh-server" followed by a version number like this: rshserver-0.17-28.i386.rpm. this packages located in 3rd cd. rsh and rlogin are disabled in RedHat Linux by deafult. If you want to enable rsh and rlogin then edit the file /etc/xinetd.d/rsh and /etc/xinetd.d/rlogin, set the disable parameter to "no". just like we’ve done for Telnet server (see above) disable = no You'll then have to restart xinetd for the new settings to take effect. [root@skynet tmp]# /etc/init.d/xinetd restart Stopping xinetd: [ OK ] Starting xinetd: [ OK ] Now rsh and rlogin are ready to use. Just create .rhosts under user’s home directory which contains trusted Host name and IP address (or name of trusted Host) Eg:[root@skynet tmp]# vi /root/.rhosts 200.200.0.2 root wq! Here in this example we trust the host 200.200.0.2 and the user root on 200.200.0.2.

11.6 Configuring an FTP server
Introduction The File Transfer Protocol (FTP) is used as one of the most common means of copying files between servers over the Internet or LAN. FTP relies on a pair of TCP ports to get the job done. It operates in two connection channels: FTP Control Channel, TCP Port 21: All commands you send and the ftp server's responses to those commands will go over the control connection, but any data sent back (such as "ls" directory lists or actual file data in either direction) will go over the data connection. FTP Data Channel, TCP Port 20: This port is used for all subsequent data transfers between the client and server. Anonymous FTP: Anonymous FTP is the choice of Web sites that need to exchange files with numerous unknown remote users. Common uses include downloading software or software updates and uploading diagnostic information or files etc. Unlike regular FTP where you login with a preconfigured Linux username and password, anonymous FTP requires only a username of anonymous and your email address for the password. Once logged in to a VSFTPD (very Secure File transfer protocol) server, you automatically have access to only the default anonymous FTP directory (/var/ftp in the case of VSFTPD) and all its subdirectories.

Install and Configure Install VSFTPD Most RedHat and Fedora Linux software products are available in the RPM format. When searching for the file, remember that the VSFTPD RPM's filename usually starts with the word vsftpd followed by a version number, as in: vsftpd-1.2.1-5.i386.rpm.
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Networking

Page 63 of 167

Start VSFTPD service You can start, stop, or restart VSFTPD after booting by using these commands: [root@skynet tmp]# service vsftpd start [root@skynet tmp]# service vsftpd stop [root@skynet tmp]# service vsftpd restart To configure VSFTPD to start at boot you can use the chkconfig command. [root@skynet tmp]# chkconfig vsftpd on

You have to restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers and /etc/vsftpd.userlist file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn't have FTP access. As FTP doesn't encrypt passwords, thereby increasing the risk of data or passwords being compromised, it is a good idea to let these entries remain and add new entries for additional security Edit the /etc/vsftpd.userlist and /etc/vsftpd.ftpusers and mention the DENY users list. If you want to allow any user including root just comment out or remove that particular user’s entry from both of the files. Now you can try doing ftp from the remote machine. [root@skynet_1 tmp]# ftp 192.168.1.100 Connected to 192.168.1.100 (192.168.1.100) 220 ready, dude (vsFTPd 1.1.0: beat me, break me) Name (192.168.1.100:root): user1 331 Please specify the password. Password: 230 Login successful. Have fun. Remote system type is UNIX. Using binary mode to transfer files. ftp> To view and download a copy of the VSFTPD RPM located on the FTP server skynet. ftp> ls 227 Entering Passive Mode (192,168,1,100,35,173) 150 Here comes the directory listing. -rwxr----- 1 0 502 76288 Jan 04 17:06 vsftpd-1.1.0-1.i386.rpm 226 Directory send OK. ftp> get vsftpd-1.1.0-1.i386.rpm vsftpd-1.1.0-1.i386.rpm.tmp local: vsftpd-1.1.0-1.i386.rpm.tmp remote: vsftpd-1.1.0-1.i386.rpm 227 Entering Passive Mode (192,168,1,100,44,156) 150 Opening BINARY mode data connection for vsftpd-1.1.0-1.i386.rpm (76288 bytes). 226 File send OK. 76288 bytes received in 0.499 secs (1.5e+02 Kbytes/sec) ftp> exit 221 Goodbye. Note: You can ? (question mark) to list all the available commands at ftp prompt. We can alos perform FTP downloads and uploads by using a GUI tool “gftp”. Type the command “gftp” at a graphical console and you can simply drag and drop the files from remote machine’s window to the local one. See the figure below:

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Networking Page 64 of 167 Figure:gftp In the above figure left window has the Local files and right window shows the Remote ftp server skynet.com info@wilshiresfot.com's files. You can drag and drop the files between windows or you can select individual files and then use the Arrow buttons to upload or download. www.wilshiresoft.wilshiresoft.

You can only export directories beneath the "/" directory. the directories of their filesystems to a directory of an already existing filesystem. Likewise you cannot export the parent of a subdirectory unless it is on a separate device too. NetFS Allows RPC processes run on NFS clients to mount NFS filesystems on the server.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The NFS daemon only needs to be run on the NFS server. 12. 2. Portmap is manages connections for applications that use the RPC specification. NFSlock Used to allow NFS clients to lock files on the server via RPC processes. Here's how to do it. Portmap This is the primary daemon upon which all the others rely. NFS Starts the RPC processes needed to serve shared NFS file systems.1 The /etc/exports File This is the main NFS configuration file and consists of two columns. 12. The server will need portmap. This is then used to negotiate a range of TCP ports.wilshiresoft. The NFSlock daemon needs to be run on both the NFS server and client. Portmap needs to be run on both the NFS server and client. but a suite of interrelated programs that work together to get the job done. The systems administrator on the NFS server has to define the directories that need to be activated or "exported" for access by the NFS clients. or "mounting". usually above port 1024. NFS was developed to allow a computer system to access directories on remote computers by mounting them on a local filesystem as if they were just like a local disk. The NFSlock daemon only needs to be run on the NFS client. New disks are added by attaching. to be used for subsequent data transfers.2 Important NFS Daemons NFS isn't a single program. The exception being when the subdirectory is on a different physical device. You cannot export a subdirectory of a directory that has already been exported. You can only export local file systems. The second column has two parts.3.Linux Administration – Network File System (NFS) Page 65 of 167 12. nfs and nfslock operational and have a correctly configured /etc/exports file. This in effect makes the new hard disk transparently appear to be a sub directory of the file system to which it is attached. The first part lists the networks or DNS www.1 NFS Operational Overview Linux data storage disks contain files stored in filesystems with a standardized directory structure.3 Configuring NFS on The Server Both the NFS server and NFS client will have to have parts of the NFS package installed and running. 1. NFS 12. The first column lists the directories you want to make available to the network. By default portmap listens to TCP port 111 on which an initial connection is made. 3. General NFS Rules There are some general rules that need to be followed when configuring NFS. 12.com info@wilshiresfot. and administrators on the clients need to define both the NFS server and the subset of its exported directories to use.

In the examples below we're using the "start" option.168.255 Read/write access to the /data/test directory from servers in the my-site. Here's how to do it all.1. Starting NFS on the Server Configuring an NFS server is straightforward with the easy to follow steps outlined below. Use the chkconfig command to configure the required NFS and RPC portmap daemons to start at boot.203/32(rw.1.4.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .1 Starting NFS on the Client 1.168. that is all addresses from 192.1.1. create a directory on which to mount the NFS server's directories that we exported via the /etc/exports file.0 /24 network. In the case below we have provided: Read only access to the /data/files directory to all networks Read/write access to the /home directory from all servers on the 192. www.1.my-site. 12. you can also stop and restart the processes with the "stop" and "restart" options.0/24(rw. Use the chkconfig command to configure the required NFS and RPC portmap daemons to start at boot. and finally to mount the NFS server's directory on your local directory or "mount point".d directory to start the NFS and RPC portmap daemons. 1.d directory to start the NFS and RPC portmap daemons.1.168. but when needed.com DNS domain Read/write access to the /data/database directory from a single server 192.4 Configuring NFS on The Client NFS configuration on the client requires you to start the NFS application. [root@skynet tmp]# chkconfig --level 35 netfs on [root@skynet tmp]# chkconfig --level 35 nfslock on [root@skynet tmp]# chkconfig --level 35 portmap on 2. the second part lists NFS options in brackets.sync) Once you have configured your /etc/exports file.wilshiresoft. but when needed. Use the init scripts in the /etc/init.Linux Administration – Network File System (NFS) Page 66 of 167 domains that can get access to the directory.168. [root@skynet tmp]# chkconfig --level 35 nfs on [root@skynet tmp]# chkconfig --level 35 nfslock on [root@skynet tmp]# chkconfig --level 35 portmap on 2.sync) 192. You will also have to activate NFS file locking to reduce the risk of corrupted data. #/etc/exports /data/files /home /data/test /data/database *(ro. Use the init scripts in the /etc/init. you can also stop and restart the processes with the "stop" and "restart" options.com(rw.168. In all cases we have used the "sync" option to ensure that file data cached in memory is automatically written to the disk after the completion of any disk data copying operation. [root@skynet tmp]# service portmap start [root@skynet tmp]# service nfs start [root@skynet tmp]# service nfslock start 12.sync) 192.sync) *.203. you'll need to activate the settings.com info@wilshiresfot. You will also have to activate NFS file locking to reduce the risk of corrupted data.168.0 to 192. but first you'll have to make sure NFS is running correctly. In the examples below we're using the "start" option.

This is a manual process. Moving Or Modifying A Share Removing an exported directory from the /etc/exports file requires work on both the NFS client and server.4.4.168.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .nfsvers=2 0 0 In this example we used the "soft" and "nfsvers" options.100) as an NFS type filesystem using the local /mnt/nfs mount point directory.1. Therefore you need to edit the /etc/fstab file if you need the NFS directory to be made permanently available to users on the NFS.100. but an automated process can be seen in the automounter section. [root@skynet tmp]# mkdir /mnt/nfs [root@skynet tmp]# ls /mnt/nfs [root@skynet tmp]# mount -t nfs 192.100:/data/files Type Options /mnt/nfs nfs Dump FSCK soft. [root@skynet tmp]# umount /mnt/nfs www.100:/data/files /mnt/nfs [root@skynet tmp]# ls /mnt/nfs ISO ISO-RedHat kickstart RedHat 12.2 Making NFS Mounting Permanent In most cases. In this case we're unmounting the /mnt/nfs mount point. In this case we're mounting the /data/files directory as an NFS type filesystem on the /mnt/nfs mount point. New Exports File When no directories have yet been exported to NFS.1. then the "exportfs -a" command is used as seen below. This requires an entry in the /etc/fstab file in addition to the creation of the "mount point directory" as seen below.wilshiresoft. The NFS server is "skynet" whose IP address is 192. Use the NFS man pages for more details.4 Deleting.16801.3 Activating Modifications To The /etc/exports File You can force your system to re-read the /etc/exports file by restarting NFS. [root@skynet tmp]# exportfs -r 12. #/etc/fstab #Directory Mount Point 192.168. The /etc/fstab File The /etc/fstab file lists all the partitions that need to be auto-mounted when the system boots.1.4. Unexport the mount point directoty on the NFS client using the "umount" command. Table 30-1 outlines these and other useful NFS mounting options you may want to use. In this case we're mounting the /data/files directory on server "skynet" (IP address 192.Linux Administration – Network File System (NFS) Page 67 of 167 [root@skynet tmp]# service portmap start [root@skynet tmp]# service netfs start [root@skynet tmp]# service nfslock start 12. Here are some methods you can use to update and activate the file with the least amount of inconvenience to others. then you can use the "mount" command without the /etc/fstab entry to gain access only when necessary. Manually Mounting NFS File Systems If you don't want a permanent NFS mount.168. In a non production environment this may cause disruptions when an exported directory suddenly disappears without prior notification to users. 1. users want their NFS directories to be permanently mounted. this changes after the mounting is completed. [root@skynet tmp]# exportfs -a Adding A Shared Directory To An Existing Exports File When adding a shared directory you can use the "exportfs -r" command to export only the new entries. Notice how before mounting there were no files visible in the /mnt/nfs directory.com info@wilshiresfot. The steps are as follows.

Linux Administration – Network File System (NFS) Page 68 of 167 Note: You may also need to edit the /etc/fstab file of any entries related to the mount point if you want to make the change permanent even after rebooting.168.1. Comment out the corresponding entry in the NFS server's /etc/exports file and reload the modified file as seen below.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .168.1. the "showmount -a" command will list all the currently exported directories. in this case one client is with an IP address of 192. It will also show a list of NFS clients accessing the server. 2. [root@skynet tmp]# exportfs -ua [root@skynet tmp]# exportfs -a The showmount Command When run on the server.com info@wilshiresfot.wilshiresoft.102:* www. [root@skynet tmp]# showmount -a All mount points on skynet: *:/home 192.102.

2 Configuring The NFS Server for NIS Here are the steps to configure the NFS server in this scenario: Edit the /etc/exports file to allow NFS mounts of the /home directory with read/write access. In a production environment in which the /home directory would be actively used. /home *(rw. An advantage of NIS is that users only need to change their passwords on the NIS server. Centralized Logins Using NIS 13. [root@skynet tmp]# chkconfig nfslock on [root@skynet tmp]# chkconfig netfs on [root@skynet tmp]# chkconfig portmap on [root@skynet tmp]# service portmap start Starting portmapper: [ OK ] [root@skynet tmp]# service netfs start www. NFS lock and port mapper daemons are both running and configured to start after the next reboot. you'd have to force the users to log off. distributed software development projects or any other situation where groups of people have to share many different computers. 1.com info@wilshiresfot. As this is a lab environment.sync) Let NFS read the /etc/exports file for the new entry and make /home available to the network with the exportfs command.wilshiresoft. these prerequisites won't be necessary. 13. NIS clients download the necessary username and password data from the NIS server to verify each user login. The procedure below will archive the /home directory. The disadvantage is that NIS doesn't encrypt the username/password information sent to the clients with each login and all users have access to the encrypted passwords stored on the NIS server. [root@skynet tmp]# exportfs -a Make sure the required NFS.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Network Information System (NIS) Page 69 of 167 13.2. [root@skynet tmp]# chkconfig nfslock on [root@skynet tmp]# chkconfig nfs on [root@skynet tmp]# chkconfig portmap on [root@skynet tmp]# service portmap start Starting portmapper: [ OK ] [root@skynet tmp]# service nfslock start Starting NFS statd: [ OK ] [root@skynet tmp]# service nfs start Starting NFS services: [ OK ] Starting NFS quotas: [ OK ] Starting NFS daemon: [ OK ] Starting NFS mountd: [ OK ] [root@skynet tmp]# 13. restore it to the NFS server and then follow the steps below. instead of every system on the network. This makes NIS popular in computer training labs. but I would suggest that you restrict its use to highly secure networks or networks where access to non NIS networks is highly restricted. backup the data. A detailed analysis of NIS security is beyond the scope of this book. NFS lock and port mapper daemons are both running and configured to start after the next reboot.1 Introduction to NIS Network Information Services (NIS) allows you to create user accounts that can be shared across all systems on your network. Make sure the required netfs. The user account is created only on the NIS server.1 Configuring The NFS Client for NIS You'll also need to configure the NFS clients to mount their /home directories on the NFS server.

#/etc/sysconfig/network www.home to do the NFS mount whenever the /home directory is accessed.Linux Administration – Network Information System (NIS) Page 70 of 167 Mounting other filesystems: [ OK ] [root@skynet tmp]# service nfslock start Starting NFS statd: [ OK ] 2.1.100:/home /home/ [root@skynet tmp]# ls /home ftpinstall nisuser quotauser skynet www [root@skynet tmp]# umount /home 4.100:/home:& 6.intr. This is because by default NFS activates the root squash feature which disables this user from having privileged access to directories on remote NFS servers... [root@skynet tmp]# mv /home /home.rsize=8192. Start autofs and make sure it will start after the next reboot with the chkconfig command.. when in reality they are automatically mounted and accessed over your network. you won't be able to see the contents of the /home directory on skynet as user "root". Edit Your /etc/sysconfig/network File You need to add the NIS domain you wish to use in the /etc/sysconfig/network file. Unmount it once everything looks correct.soft. Make sure you can mount skynet's /home directory on the new /home directory we just created.master /home /etc/auto. This scheme will make the users feel their home directories are local.168.home -fstype=nfs. The developers had to change the name after a copyright infringement lawsuit.. In the case below.168. NIS was called "Yellow Pages". .tcp \ 192. [root@skynet tmp]# mount 192.master file to refer to file /etc/auto. and create a new directory /home on which we'll mount the NFS server's directory.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .com info@wilshiresfot. autofs will unmount the directory.nosuid.1. Start configuring autofs automounting.home for mounting information whenever the /home directory is accessed. we've called the domain "NIS-HOME_NETWORK". Edit your /etc/auto.wilshiresoft.save [root@skynet tmp]# mkdir /home [root@skynet tmp]# ll / .3 Configuring The NIS Server In the early days. 13. drwxr-xr-x 1 root root 11 Nov 16 20:22 home drwxr-xr-x 2 root root 4096 Jan 24 2003 home. If the line is too long to view on your screen.. After five minutes.wsize=8192. Edit file /etc/auto. [root@skynet tmp]# chkconfig autofs on [root@skynet tmp]# service autofs restart Stopping automount:[ OK ] Starting automount:[ OK ] Note: After doing this. you can add a "###BOT_TEXT###quot; at the end to continue on the next line. * #/etc/auto. yet many of the key programs associated with NIS have kept their original names beginning with "yp".home --timeout 600 5.save . #/etc/auto. We'll be able to test this later once NIS is configured. 3. All newly added Linux users will now be assigned a home directory under the new remote /home directory. Keep a copy of the old /home directory..

.. When you are done with the list. all non privileged accounts will automatically be accessible via NIS. which in this case is "skynet". [root@skynet tmp]# /usr/lib/yp/ypinit -m At this point..1 Required NIS Server Daemons portmap yppasswdd ypserv ypbind ypxfrd The foundation RPC daemon upon which NIS runs. one per line.. Building /var/yp/DESTINY.COM' Updating passwd. next host to add: skynet next host to add: The current list of NIS servers looks like this: skynet Is this correct? [y/n: y] y We need a few minutes to build the databases.0. we have to construct a list of the hosts which will run NIS servers.byname. www.com info@wilshiresfot. skynet is in the list of NIS server hosts. You will be prompted for the name of the NIS server.conf File NIS servers also have to be NIS clients themselves.wilshiresoft. Lets users change their passwords on the NIS server from NIS clients Main NIS server daemon Main NIS client daemon Used to speed up the transfer of very large NIS maps [root@skynet tmp]# service portmap start Starting portmapper: [ OK ] [root@skynet tmp]# service yppasswdd start Starting YP passwd service: [ OK ] [root@skynet tmp]# service ypserv start Setting NIS domain name DESTINY. Updating passwd. Updating group. you'll have to use the ypinit command to create the associated authentication files for the domain. Running /var/yp/Makefile.byname.1 Start The Key NIS Server Related Daemons Start the necessary NIS daemons in the /etc/init.conf to list the domain's NIS server as being the server itself or "localhost". Updating group.conf ...0. Please continue to add the names for the other hosts.COM: [ OK Starting YP server services: [ OK ] [root@skynet tmp]# chkconfig portmap on [root@skynet tmp]# chkconfig yppasswdd on [root@skynet tmp]# chkconfig ypserv on ] 13.d directory and use the chkconfig command to ensure they start after the next reboot.3.2 Initialize Your NIS Domain Now that you have decided on the name of the NIS domain.3.ypbind configuration file ypserver 127.COM/ypservers. With this procedure. so you'll have to edit the NIS client configuration file /etc/yp.byuid..COM" Edit Your /etc/yp.bygid. 13..Linux Administration – Network Information System (NIS) Page 71 of 167 NISDOMAIN="DESTINY.. # /etc/yp.... type a <control D>..com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .. gmake[1]: Entering directory `/var/yp/DESTINY.

byuid. New password: Retype new password: passwd: all authentication tokens updated successfully... Note: Make sure portmapper is running before doing this or you'll get errors like the one below. not just newly created ones. [root@skynet tmp]# ypmatch nisuser passwd nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/::504:100::/home/nisuser:/bin/bash www... Updating services.byname...byname.byaddr. [root@skynet tmp]# useradd -g users nisuser [root@skynet tmp]# passwd nisuser Changing password for user nisuser. [root@skynet tmp]# cd /var/yp [root@skynet yp]# make gmake[1]: Entering directory `/var/yp/DESTINY. you will then have to update the NIS domain's authentication files by executing the make command in the /var/yp directory.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Updating protocols. yppasswd and ypserv before you'll be able to do this again successfully. This procedure will make all NIS enabled.byname. the user's group and home directory..COM' Updating passwd. [root@skynet tmp]# service ypbind start Binding to the NIS domain: [ OK ] Listening for an NIS domain server. Start The ypbind and ypxfrd Daemons You can now start the ypbind and the ypxfrd daemons now that the NIS domain files have been created.wilshiresoft. Updating rpc. In this case we'll create a user account called "nisuser" and give it a new password.. Updating mail. gmake[1]: Leaving directory `/var/yp/DESTINY.COM directory and restart portmapper.. Updating rpc.. Updating netid.Linux Administration – Network Information System (NIS) Page 72 of 167 Updating hosts... [root@skynet tmp]# service ypxfrd start Starting YP map server: [ OK ] [root@skynet tmp]# chkconfig ypbind on [root@skynet tmp]# chkconfig ypxfrd on 13.com info@wilshiresfot. failed to send 'clear' to local ypserv: RPC: Port mapper failureUpdating group. Updating services.. Updating netid... It will also export all the user's characteristics stored in the /etc/passwd and /etc/group files such as the login shell.COM' skynet has been set up as a NIS master server.bynumber.bygid.. You will have to delete the /var/yp/DESTINY..byname.aliases.. non privileged accounts become automatically accessible via NIS.byname. Updating passwd.COM' You can check to see if the user's authentication information has been updated by using the ypmatch command which should return the user's encrypted password string. Once this is complete.byname....byservicename..bynumber..byname.. Updating hosts.4 Managing NIS server Adding New NIS Users New NIS users can be created by logging into the NIS server and creating the new user account.. Updating protocols.. Now you can run ypinit -s skynet on all slave server. gmake[1]: Leaving directory `/var/yp/DESTINY...

pJ/:504:100::/home/www:/bin/bash skynet:$1$qHni9dnR$iKDs7gfyt. The procedure can be seen below: Run authconfig The authconfig program will automatically configure your NIS files after prompting you for the IP address and domain of the NIS server. It will also edit the /etc/sysconfig/network file to define the NIS domain to which the NIS client belongs.conf file can also be located in the /usr/share/doc/yp-tools* directory Start The NIS Client Related Daemons Start the ypbind NIS client.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . #/etc/nisswitch.1.com info@wilshiresfot.conf . Here we can see where NIS entries have been added for the important login files. it's time to configure the NIS clients.168.5 Configuring The NIS Client Now that the NIS server has been configured. LDAP and NIS. it should create a /etc/yp. the IP address of the NIS server for a particular domain.ypbind configuration file domain DESTINY. # /etc/yp.d directory and use the chkconfig command to ensure they start after the next reboot.BS9Lry3DAq. [root@skynet tmp]# service yppasswdd start Starting YP passwd service: [ OK ] [root@skynet tmp]# chkconfig ypbind on [root@skynet tmp]# chkconfig portmap on [root@skynet tmp]# chkconfig yppasswdd on Test NIS Access To The NIS Server You can run the ypcat.conf file that defines.100 #/etc/sysconfig/network NISDOMAIN=DESTINY.. There are a number of related configuration files that you'll need to edit to get it to work.wilshiresoft. [root@skynet tmp]# service portmap start Starting portmapper: [ OK ] [root@skynet tmp]# service ypbind start Binding to the NIS domain: Listening for an NIS domain server. yppasswd and portmap daemons in the /etc/init.conf passwd: files nis shadow: files nis group: files nis Note: A sample NIS nsswitch. [root@skynet tmp]# authconfig Once finished. amongst other things.Linux Administration – Network Information System (NIS) Page 73 of 167 13.:502:100::/:/bin/bash www:$1$DDCi/OPI$hwiTQ.conf file which lists the order in which certain data sources should be searched for name lookups like those in DNS. [root@skynet tmp]# ypcat passwd nisuser:$1$Cs2GMe6r$1hohkyG7ALrDLjH1:505:100::/home/nisuser:/bin/bash quotauser:!!:503:100::/home/quotauser:/bin/bash ftpinstall:$1$8WjAVtes$SnRh9S1w07sYkFNJwpRKa.COM The authconfig program also updates the /etc/nisswitch.COM server 192.:501:100::/:/bin/bash [root@skynet tmp]# ypmatch nisuser passwd nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash [root@skynet tmp]# getent passwd nisuser nisuser:$1$d6E2i79Q$wp3Eo0Qw9nFD/:504:100::/home/nisuser:/bin/bash www. Remember to use the "rpcinfo" command to ensure they are running correctly. ypmatch and getent commands to make sure communication to the server is correct.L0XqYJUk09Bw.

168.1.201. Connected to 192.conf files Failure to run the ypinit command on the NIS server NIS not being started on the NIS server or client.20-6 on an i686 login: nisuser Password: Last login: Sun Nov 16 22:03:51 from 192-168-1-100.4.wilshiresoft.my-site.168.com info@wilshiresfot.. [nisuser@skynet nisuser]$ yppasswd Changing NIS account information for nisuser on skynet. Escape character is '^]'.my-site.. www.1. Test Logins Via The NIS Server You should next try to test a remote login once your basic NIS functionality testing is complete. Failures in this area could be due to firewalls blocking telnet or SSH access and the telnet and SSH server process not being started on the clients.com.conf. Please enter old password: Changing NIS password for nisuser on skynet.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Red Hat Linux release 9 (Shrike) Kernel 2.com Changing Your NIS Passwords You should also test to make sure your users can change their NIS passwords from the NIS clients with the yppasswd command. /etc/sysconfig/network and /etc/nsswitch.201 Trying 192. Poor routing between the server and client.com.com.Linux Administration – Network Information System (NIS) Page 74 of 167 Possible sources of error would include: Incorrect authconfig setup resulting in errors in the /etc/yp. or the existence of a firewall that's blocking traffic Try to eliminate these areas as sources of error and refer to the syslog /var/log/messages file on the client and server for entries that may provide additional clues.201.my-site.168.simiya. Users Changing Their Own Passwords Users can change their passwords by logging into the NIS server and issuing the yppasswd command.1. Please enter new password: Please retype new password: The NIS password has been changed on skynet. Logging In Via Telnet Try logging into the NIS client via telnet if it is enabled [root@skynet tmp]# telnet 192.

com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft.200.conf file which defines the IP address of the DNS server it should use. Forward Lookup Example [root@skynet tmp]# host www. You may have to ask your ISP to make a custom DNS change to correct this. an IP address can map to only one FQDN.wilshiresoft.com www.com As you can see.1. the forward and reverse entries don't match. DNS 14.in-addr.Linux Administration – DNS Page 75 of 167 14.200.1 Introduction to DNS Before we begin. DNS is similar in that a family of websites can be closely described as being a "domain". The reverse is also true.arpa domain name pointer 200. For example the domain wilshiresoft. it always has to refer to a DNS server to get it.wilshiresoft. DNS is also capable of determining the fully qualified domain name associated with an IP address in what is unsurprisingly called a "reverse lookup".conf file in the sections that follow. The only DNS configuration file for a DNS client is the /etc/resolv. so it is quite common for the reverse lookup to resolve to the ISP's domain.1 0.com for the web and mail servers respectively.com and mail. You can learn more about the /etc/resolv. 14.com. This means that forward and reverse entries frequently won't match. The most well known program in BIND is "named". such as www. They are the "last word" in information related to your domain. The nslookup Command www.0. DNS Clients A DNS client doesn't store DNS information.200.com info@wilshiresfot.com has a number of production such as www.wilshiresoft.2 Basic DNS Testing of DNS Resolution DNS resolution maps a fully qualified domain name (FQDN). The reverse entry matches the entry of the ISP. the daemon that responds to DNS queries from remote machines. it is best to understand a few foundation concepts in DNS on which the rest of the document is built.wilshiresoft. The first one is "host" which is set to replace the older "nslookup" command. The Host Command The host command will accept arguments that are either the fully qualified domain name or the IP address of the server when providing results as we see below. This isn't an important factor for most small sites. but some eCommerce applications require matching entries to operate correctly. The reverse DNS entries are usually the responsibility of the ISP hosting your site. Authoritative DNS Servers Authoritative servers provide the definitive information for your DNS domain such as the names of servers and websites in it. DNS Domains Everyone in the world has a first name and a last or "family" name. There are a number of commands you can use do these lookups. You shouldn't need to configure any other files.wilshiresoft.0. BIND BIND is an acronym for the "Berkeley Internet Name Domain" project which maintains the DNS related software suite that runs under Linux. It is possible to have many different websites mapping to a single IP address but the reverse isn't true.1 [root@skynet tmp]# Reverse Lookup Example [root@skynet tmp]# host 200.200. to an IP address. This is also known as a "forward lookup".200.com has address 200.0.wilshiresoft.

34 Server: 200.wilshiresoft.1#53 14. Domain Search www. Start the BIND service You can use the chkconfig command to get BIND configured to start at boot: [root@skynet tmp]# chkconfig named on To start/stop/restart BIND after booting [root@skynet tmp]# service named start [root@skynet tmp]# service named stop [root@skynet tmp]# service named restart Note: Remember to restart the BIND process every time you make a change to the configuration file for the changes to take effect on the running process.conf Keyword nameserver Value IP address of your DNS nameserver. Forward Lookup Example [root@skynet tmp]# nslookup www.1 Address: 200.0.wilshiresoft.115.0.200. the nslookup command is available to Windows PCs. 14.1#53 Non-authoritative answer: Name: www.com If you refer to another server just by its name without the domain added on. DNS on your client will append the server name to each domain in this list and do an nslookup on each to get the remote servers' IP address.200.200.wilshiresoft.2. This is a handy time saving feature to have so that you can refer to servers in the same domain by only their servername without having to specify the domain. you'll need to have multiple "nameserver" lines.1 Reverse Lookup Example [root@skynet tmp]# nslookup 65.0.com info@wilshiresfot.com Address: 200. remember that the BIND RPM's filename usually starts with the word "bind" followed by a version number like this: bind-9.i386. If the server is wstsun1.200.0. If there is more than one nameserver. then the entry would just be wilshiresoft.conf File This file is used by DNS clients (servers not running BIND) to determine both the location of their DNS server and the domains to which they belong. A list of keywords can be found in the following Table Keywords In /etc/resolv.71.4 Configuring DNS Install The BIND Packages When searching for the file. The local domain name to be used by default.2. There should be only one entry per "nameserver" keyword. It generally has two columns. the first contains a keyword and the second contains the desired value(s) separated by commas.rpm.200.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .P3-9.0.Linux Administration – DNS Page 76 of 167 The nslookup command tends to be more verbose than the host command providing the IP addresses of the DNS servers that provided it with its information.com Server: 200.wilshiresoft.3 The /etc/resolv. The domains in this list must separated by spaces.com.1 Address: 200. Unlike the host command.

though not explicitly stated.wilshiresoft.200.zone should be located in the default directory of /var/named/chroot/var/named in Fedora Core and in /var/named in RedHat 9 and older. Each will be explained later with examples.1 provide DNS name resolution. allow-query { any.0.com info@wilshiresfot. notify no.in-addr. then caching servers will use the original stored response for this length of time before making the query again.0. If the TTL is set to three days.arpa" { type master.com" { type master.wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .0. zone "wilshiresoft. Time to Live Value Caching DNS servers cache the responses to their queries from authoritative DNS servers.200.200. you could modify the directive to state allow-query { 200. notify no. Note: the reverse order of the IP address in the zone section is important as is the fact that only the first three octets of the IP address are represented.200.g.0/24.conf file which is used to tell BIND where to find the configuration files for each domain you own. }. 200. www. }.com nameserver 200.conf file The main DNS configuration is kept in the /etc/named. zone "0. your zone files are located in the directory /var/named or /var/named/chroot/var/named. the file wilshiresoft.zone and.1 Configuring Nameserver The named. In all zone files.conf file. In the example below. The TTL value for the zone is usually the very first entry in the zone file.zone". The purpose of a TTL is to reduce the number of DNS queries the authoritative DNS server has to answer." character then typing in the text of your comment. file "200-200-0.0/24 network.200. The authoritative servers not only provide the DNS answer but the valid lifetime or time to live (TTL) of the information. to limit queries to only our 200. file "wilshiresoft.200. search wilshiresoft.Linux Administration – DNS Page 77 of 167 Here is a sample configuration in which: Nameserver. }. A and CNAME) which govern different areas of BIND.0. The reverse zone definition below is an example of a named. Note: The "allow-query" directive defines the networks that are allowed to query your DNS server for information on any zone. For example. MX.zone".zone for the 200. The zone file is named wilshiresoft. }.0 network.conf for a reverse zone file named 200-200-0. you can place a comment at the end of any line by inserting a semi-colon ". There are usually two zone areas in this file: Forward zone file definitions which list files to map domains to IP addresses Reverse zone file definitions which list files to map IP addresses to domains In this example the forward zone for www. Each zone file contains a variety of records (e. it is set to three days. SOA.0. By default.200. Configuring The Zone Files There are a number of things to keep in mind when configuring DNS zone files.com is being set up by placing the following entries at the bottom of the named. NS.

wilshiresoft. Primary name servers are more commonly called "wstsun1" and secondary name servers "wstsun2". expiry 1D ) .3 wstsun1 Notice that in this example: Server wstsun1. ( 2004100801 . The SOA Record The very first resource record is the Start of Authority (SOA) record which contains general administrative and control information about the domain. Sample Forward Zone File Now that the key elements of a zone file have been described.Linux Administration – DNS Page 78 of 167 $TTL 3D Note: BIND recognizes a number of suffixes for time related values.com. a "W" signifies weeks and an "H" signifies hours. NS www wstsun1 wstsun2 wstsun3 server A A A CNAME hostmaster. ( . A "D" signifies days.200.com. seconds . Here is an example: @ IN SOA wstsun1. seconds 3600 ) . aliases (CNAME) and overall zone definitions (SOA).com is the name server for wilshiresoft.com" with a contact email address of "hostmaster@wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft. For the sake of formatting. retry 1W .0.com".1 200.200. 1 week and 1 day respectively. minimum So in this example. Like the SOA record. BIND assumes the value is in seconds. DNS Resource Records The rest of the records in a zone file are usually BIND resource records.0. www. In the absence of a suffix. seconds 3600 . refresh. expire. serial # 4H . They all have the general format: Name Class Type Data There are different types of record for mail (MX). You can also add comments to the end of each new line separated by a semicolon when you do this. The formatting and use of each type of record will be discussed in sections to follow. The serial number is "2004100801" with refresh. It has the following format: Name Class Type Name-Server Email-Address Serial-No Refresh Retry Expiry Minimum-TTL The record can be long. forward lookups (A). reverse lookups (PTR). . the "name" is also subject to interpretation based on this factor.wilshiresoft. it's time to examine a working example for the domain wilshiresoft.com info@wilshiresfot. retry. They define the nature of the DNS information in your zone files that's presented to querying DNS clients. serial# 3600 .2 200. and will sometimes wrap around on your screen.0. 200211152 .wilshiresoft. the primary name server has been defined as "wstsun1. refresh 1H . Inet Address of nameserver 200.com. @ IN SOA wstsun1. In corporate environments there may be a separate name server for this purpose. MX. minimum. expiry and minimum values of 4 hours. PTR and CNAME records each occupy a single line with a very similar general format. hostmaster. seconds 3600 .wilshiresoft. A.200. 1 hour.com.com. the NS. Similarly. retry.wilshiresoft.wilshiresoft.com. The data portion is formatted according to the record "type" and may consist of several values separated by spaces. you insert "new line" characters between the fields as long as you insert at the beginning and end of the insertion to alert BIND that part of the record will straddle multiple lines.

wilshiresoft.1 named named 433 May 3 2005 named. 200303301 . The MX record for wilshiresoft.conf file is correctly updated. 3 PTR wstsun3. take a look at the end of your /var/log/messages file to make sure there are no errors.0. All the entries in the first column refer to the last octet of the IP address for the network.wilshiresoft.wilshiresoft. Make sure your /etc/hosts and /etc/resolv. .local -rw-r--r-.zone The configuration files above will not be loaded until you issue the following command to restart the named process that controls DNS.com.wilshiresoft.wilshiresoft. [root@skynet tmp]# cd /var/named [root@wstsun1 named]# ll total 6 -rw-r--r-.zone -rw-r--r-. Note: (Make sure to increment your configuration file serial number before doing this). refresh.x network.wilshiresoft.ca -rw-r--r-.com.200. Make sure your file permissions and ownership are OK in the /var/named directory.200. Loading Your New Configuration Files Here are the steps you need to follow to load your new configuration files. 1 PTR wstsun1.com.1 named named 195 May 3 2005 localhost. This is very important if you are running a mail server on your network as sendmail typically will only relay mail from hosts whose IP addresses resolve correctly in DNS. Nameserver Address .1 named named 2769 May 3 2005 named. serial number 8H .1 points to the name wstsun1.com.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 hostmaster.com info@wilshiresfot.com.0.1 named named 763 May 2 16:23 wilshiresoft. .Linux Administration – DNS Page 79 of 167 The minimum TTL value ($TTL) is 3 days therefore remote DNS caching servers will store learned DNS information from your zone for 3 days before flushing it out of their caches. expire.zone [root@wstsun1 named]# chown named * [root@wstsun1 named]# chgrp named * [root@wstsun1 named]# ll total 6 -rw-r--r-.wilshiresoft. so the IP address 200. seconds 1D ) . $TTL 3D @ IN SOA www.zone -rw-r--r-.ca -rw-r--r-. This is an example of a zone file for the 200. but not least.com Sample Reverse Zone File Now we need to make sure that we can do an nslookup query on all our home network's PCs and get their correct IP addresses.d/named restart Last. And test your configuration with nslookup and dig commands.200. also requires valid reverse lookup capabilities. 2 PTR wstsun2. ( . retry.1 named named 433 May 3 2005 named.x . seconds . seconds 2H . Also the PTR records cannot have CNAME aliases. Notice how the main difference between forward and reverse zone files is that the reverse zone file only has PTR and NS records. NFS.com. www. Zone file for 200. which is used in network based file access.1 named named 2769 May 3 2005 named. minimum.1 root root 763 May 2 16:23 wilshiresoft. [root@skynet tmp]# /etc/init.local -rw-r--r-. seconds 4W .0.com points to the server named mail.1 named named 195 May3 2005 localhost.wilshiresoft. NS www .

www.com info@wilshiresfot.wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . but it’s not recommended.Linux Administration – DNS Page 80 of 167 Note: We can also use the redhat-config-bind GUI tool to configure DNS.

15.Linux Administration – DHCP Page 81 of 167 15.200.conf Here is a quick explanation of the dhcpd.0.conf file. IP address.com info@wilshiresfot.DHCP/Bootp DHCP (Dynamic Host Configuration Protocol) and bootp are protocols that allow a client machine to obtain network information (such as an IP number) from a server. Here is the command to do the copying for the version 3.2 the /etc/dhcpd.1 DHCP Operational Overview As with most network services there is a server side and a client side to DHCP.wilshiresoft. Can answer requests from bootp clients.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .sample Copy the sample dhcpd. and the pump (is a client program) executable on the client side.255.220.0.200. Gateways.200.conf. but these binaries are the ones installed with Red Hat by default. Netbios name servers.0. It uses the commands here to configure your network. # Set the default gateway to be used by # the PC clients option routers 200. /usr/share/doc/dhcp-<version-number>/dhcpd. but you can find a sample copy of dhcpd.0.1rc14-1.255. Domain name.conf file to the /etc directory and then edit it.sample \ /etc/dhcpd. Many RPM packages don't automatically install a /etc/dhcpd. 15.conf in the following directory which you can always use as a guide.conf file: Most importantly. ddns-update-style interim # ignore client-updates # subnet 200. Provides dynamic configuration and network information to hosts. # Don't forward DHCP requests from this # NIC interface to any other NIC # interfaces option ip-forwarding off. Uses broadcast packets to retrieve information.1. www. Superset of bootp. There are other packages available. The examples use the DHCPd daemon on the server side.conf.0 netmask 255.0pl1/dhcpd. Install the DHCP package dhcp-3.conf.200. there must be a "subnet" section for each interface on your Linux box.i386.conf File When DHCP starts it reads the file /etc/dhcpd. DNS servers. max-lease-time 86400.0p11 RPM file: [root@skynet tmp]# cp /usr/share/doc/dhcp-3. Many organizations are starting to use dynamic host control because it simplifies and centralizes network administration.rpm (available in 3rd CD of RedHat9 distribution).0. Only one DHCP server per network segment. # Set the amount of time in seconds that # a client may keep the IP address default-lease-time 86400.201 200.0 { # The range of IP addresses the server # will issue to DHCP enabled PC clients # booting up on the network range 200.

200.leases stores the DHCP client lease database.255. First. the start and end dates for the lease.leases and then start the daemon.d/dhcpd stop [root@skynet tmp]# /etc/init.leases~ and the temporary lease database is written to dhcpd.200.255. The command to do this follows: [root@skynet tmp]# man dhcp-options Lease Database On the DHCP server. all old leases are lost which causes many problems. the dhcpd. # If you specify a WINS server for your Windows clients. # Set the DNS server to be used by the # DHCP clients option domain-name-servers 200.d/dhcpd start [root@skynet tmp]# /etc/init. # Set the NTP server to be used by the # DHCP clients option nntp-server 200. } # # List an unused interface here # subnet 200.leases~ backup file to dhcpd.1. These include telling the DHCP clients where to go for services such as finger and IRC. option subnet-mask 255.0.leases.0 { } There many more options statements you can use to configure DHCP.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 15.200.conf file: option netbios-name-servers 200. DHCP lease information for each recently assigned IP address is automatically stored in the lease database.0 netmask 255. The DHCP daemon could be killed or the system could crash after the lease database has been renamed to the backup file but before the new file has been written. The dhcpd.d/dhcpd restart Remember to restart the DHCP process every time you make a change to the conf file for the changes to take effect on the running process. Do not create a new lease file.255.200.1 Start the DHCP services Use the chkconfig command to get DHCP configured to start at boot: [root@skynet tmp]# chkconfig dhcpd on Use the /etc/init.0.2. and the MAC address of the network interface card that was used to retrieve the lease.200.Linux Administration – DHCP Page 82 of 167 # Set the broadcast address and subnet mask # to be used by the DHCP clients option broadcast-address 200. the file /var/lib/dhcp/dhcpd.d/dhcpd script to start/stop/restart DHCP after booting [root@skynet tmp]# /etc/init.0.2.255.leases file is renamed dhcpd.1. The lease database is recreated from time to time so that it is not too large.leases file does not exist. The correct solution is to rename the dhcpd.wilshiresoft.255. All times in the lease database are in Greenwich Mean Time (GMT).1. The information includes the length of the lease. If you do. not local time. This file should not be modified by hand.0. Check the dhcp-options man page after you do your install. You also can test whether the DHCP process is running with the following command. # you need to include the following option in the dhcpd. If this happens.com info@wilshiresfot. to whom the IP address has been assigned. you should get a response of plain old process ID numbers: www.0. all known leases are saved in a temporary lease database. but it is required to start the service.

wilshiresoft. always remember to set your PC to get its IP address via DHCP.Linux Administration – DHCP Page 83 of 167 [root@skynet tmp]# pgrep dhcpd Finally. Here is an example shows how to configure the DHCP client: [root@skynet tmp]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 bootproto=dhcp wq! Here bootproto=dhcp tells the system to get an IP address from the DHCP server during the boot time# We can also get an IP address from DHCP server by using following command: [root@skynet tmp]# dhclient www.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 15.3 Configuring Linux Clients To Use DHCP Linux NIC cards can be configured to dynamically get their IP addresses from a DHCP server by editing the interface scripts in the /etc/sysconfig/network-scripts directory.com info@wilshiresfot.

Apache Web Server 16. it was several Universities that contributed to the project the most. and this code was distributed without charge to the community. Early the next year. Tim Berners-Lee developed something that he called the World Wide Web. on a volunteer basis. URLs. Brian got some space donated on a server. Brian Behlendorf and a small group of other developers started collecting these patches in a central repository. which was given the name Apache. communicating via email. The main reason for this was that it was hard to use. The core of the server is very light-weight. That. developed the CERN web server. in their spare time. rely heavily on them. The Apache Group. as they were known at that time. Although that project is not active any more. Along with a lot of help from the standards community (and. Roy Fielding). And in April of 1995.Linux Administration – Apache Web Server Page 84 of 167 16. 16.6.edu/> It still contains a wealth of information. and all you ever really did was browse. Sendmail. and worked entirely in their free time. Perl. but there was no longer anyone collecting those patches. Configuring Apache www. communicated only over email. and our businesses. In 1995. it is to people that are not familiar with the Open Source methodology. There were still a lot of people using his code.2. That is. The Apache Server When Rob left the project.What is Apache The Apache web server project is more than just a piece of software.wilshiresoft. The Apache web server is the best. and actively making patches to the code. and Open Source projects like Linux. In 1991. and a variety of others. for them to use. and most preferred. Rob McCool wrote the original code for the NCSA HTTPd. because the standards have not changed much in 8 years. with the understanding that if they fixed bugs.ncsa. it was entirely the domain of geeks and hobbyists. and with the help of colleagues around the world. it left a problem. Ironic that the name stuck! NCSA As more and more people got involved in the project. they released the first official release (Version 0. His purpose was to give quick and easy access to documents for geographically distributed people collaborating on projects. and a simple Web client. most of which is still relevant. 1995) Apache has has a modular design. But for most of that time. one of the front-runners was the National Center for Supercomupting Activities (NCSA) at the University of Illinois at Urbana Champaign (UIUC). notably. while working at CERN. you can still see the web site of the project at <http://hoohoo.2). had no formal organizational structure. is astonishing. by volunteer programmers. The WWW The Internet has been around for a long time. NCSA started working on the NCSA HTTPd (HyperText Transfer Protocol Daemon). because it was ``a patchy server''.com info@wilshiresfot. in itself. HTTP server software in use on the Internet today. and set up a CVS tree so that developers could check in patches. Apache's architecture Since the 1. you can write your own custom module to plug into the core. This means that you can keep the size of the executable down by leaving out functionality that you don't need. and all other functions are implemented as modules that plug in to the core. that they would then contribute them back to Rob to put into future versions. and is now used on more than 60% of all web servers on the Internet. HTML.0 release of Apache (December 1. whether we are aware of it or not.'' The name came about because there was very little of real value on the Web at that time. and it was written entirely as a volunteer project. More than 30 years now. and the other necessary components of making the Web a reality. It also means that if there is some functionality missing that you do need. free software packages is that most of us. never met. The interesting thing about these volunteer-written. which he dubbed a ``browser.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . they defined HTTP.1 Introduction . He then went off. or added features. Apache passed NCSA as the most widely used server on the Internet.uiuc. From very early on.

wilshire.deny Allow from all </Directory> <Files . A lot options exist. it's important to note that we only comment the parameters that relate to security and optimization. with SSL support. vi /etc/httpd/conf/httpd. and it's important to read the documentation that comes with Apache for more information on different settings and parameters. Like most Linux applications you have to restart Apache before changes to the configuration file will take effect.conf file The httpd.com ServerName www.1 Configure the /etc/httpd/conf/httpd.allow Deny from all </Directory> <Directory "/home/httpd/wst"> Options None AllowOverride None Order allow.conf file is the main configuration file for the Apache web server.com DocumentRoot "/home/httpd/wst" <Directory /> Options None AllowOverride None Order deny.conf and add/change: ### Section 1: Global Environment # ServerType standalone ServerRoot "/etc/httpd" PidFile /var/run/httpd. 16.2.Linux Administration – Apache Web Server Page 85 of 167 The configuration file used by Apache is /etc/httpd/conf/httpd.pid ResourceConfig /dev/null AccessConfig /dev/null Timeout 300 KeepAlive On MaxKeepAliveRequests 0 KeepAliveTimeout 15 MinSpareServers 16 MaxSpareServers 64 StartServers 16 MaxClients 512 MaxRequestsPerChild 100000 ### Section 2: 'Main' server configuration # Port 80 <IfDefine SSL> Listen 80 Listen 443 </IfDefine> User www Group www ServerAdmin admin@wilshire.wilshiresoft.conf.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .com info@wilshiresfot. Edit the httpd.pl> Options None AllowOverride None www. The following configuration example is a minimal working configuration file for Apache. and leave all the others to your own research.conf file. Also. Examples of how to configure this file will follow.

html index.Linux Administration – Apache Web Server Page 86 of 167 Order deny.tgz </IfModule> ErrorDocument 500 "The server made a boo boo.0 BrowserMatch "JDK/1\.html index.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .c> ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/" <Directory "/home/httpd/cgi-bin"> AllowOverride None Options None Order allow.c> DirectoryIndex index.1. <IfModule mod_setenvif.c> TypesConfig /etc/httpd/conf/mime.168.0b2." nokeepalive downgrade-1.allow Deny from all </Files> <IfModule mod_dir.deny Allow from all </Directory> </IfModuleGT.cgi </IfModule> #<IfModule mod_include.php index.0" force-response-1.c> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.1/error.0" force-response-1.c> #Include conf/mmap.conf #</IfModule> UseCanonicalName On <IfModule mod_mime.c> AddEncoding x-compress Z AddEncoding x-gzip gz tgz AddType application/x-tar .com info@wilshiresfot.0 BrowserMatch "Java/1\. <IfModule mod_mime.types </IfModule> DefaultType text/plain HostnameLookups Off ErrorLog /var/log/httpd/error_log LogLevel warn LogFormat "%h %l %u %t ###BOT_TEXT###quot;%r###BOT_TEXT###quot; %>s %b ###BOT_TEXT###quot;%{Referer}i###BOT_TEXT###quot; ###BOT_TEXT###quot;%{UserAgent}i###BOT_TEXT###quot;" combined SetEnvIf Request_URI \.Go away.wilshiresoft.php3 default.gif$ gif-image CustomLog /var/log/httpd/access_log combined env=!gif-image ServerSignature Off <IfModule mod_alias.htm index.0" force-response-1. ErrorDocument 404 http://192.0 BrowserMatch "RealPlayer 4\.0 force-response1.htm ErrorDocument 403 "Access Forbidden -.0 </IfModule> ### Section 3: Virtual Hosts # <IfDefine SSL> www.

gif$ gif-image CustomLog /var/log/httpd/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x ###BOT_TEXT###quot;%r###BOT_TEXT###quot; %b" env=!gif-image </VirtualHost> </IfDefine> This tells httpd. You can run it from the super-server inetd.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . ServerRoot "/etc/httpd" The option ServerRoot specifies the directory in which the configuration files of the Apache server lives.crt AddType application/x-pkcs7-crl .com info@wilshiresfot.crt /etc/ssl/crl SSLOptions +ExportCertData +StrictRequire SetEnvIf User-Agent ".wilshiresoft.crt /etc/ssl/private/server.*" nokeepalive ssl-unclean-shutdown SetEnvIf Request_URI \. It's highly recommended to run Apache in standalone type for better performance and speed.conf file to set itself up for this particular configuration setup with: ServerType standalone The option ServerType specifies how Apache should run on the system. ResourceConfig /dev/null www.crl </IfDefine> <IfModule mod_ssl. PidFile /var/run/httpd.wilshire.key /etc/ssl/certs /etc/ssl/certs/ca.com ErrorLog /var/log/httpd/error_log SSLEngine on SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile SSLCertificateKeyFile SSLCACertificatePath SSLCACertificateFile SSLCARevocationPath SSLVerifyClient none SSLVerifyDepth 10 /etc/ssl/certs/server.c> SSLPassPhraseDialog SSLSessionCache SSLSessionCacheTimeout SSLMutex builtin dbm:/var/run/ssl_scache 300 file:/var/run/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLLog /var/log/httpd/ssl_engine_log SSLLogLevel warn </IfModule> <IfDefine SSL> <VirtualHost _default_:443> DocumentRoot "/home/httpd/wst" ServerName www. It allows Apache to know where it can find its configuration files when it starts.com ServerAdmin admin@wilshire.Linux Administration – Apache Web Server Page 87 of 167 AddType application/x-x509-ca-cert . or as standalone daemon.pid The option PidFile specifies the location where the server will record the process id of the daemon when it starts.*MSIE. This option is only required when you configure Apache in standalone mode.

For high load operation. and functions just for the purpose of running the web server daemon. To improve performance of your web server it's recommended to list the most used default index pages of your web site first.htm index. KeepAlive On The option KeepAlive. Apache will wait for a subsequent request before closing the connection. and allow more than one request per connection. www. and in this manner.cgi The option DirectoryIndex specifies the files to use by Apache as a pre-written HTML directory index. MinSpareServers 16 The option MinSpareServers specifies the minimum number of idle child server processes for Apache. When the value of this option is set to 0 then unlimited requests are allowed on the server. It's important to create a new user that has minimal access to the system. specifies enabling persistent connections on this web server.wilshiresoft. You can safely leave this option on its default values.html index. POST. For server performance. MaxClients 512 The option MaxClients specifies the number of simultaneous requests that can be supported by Apache. This is an important tuning parameter regarding the performance of the Apache web server. This is.php index. When you set the location to /dev/null.php3 default. MaxRequestsPerChild 100000 The option MaxRequestsPerChild specifies the number of requests that an individual child server process will handle. a value of 16 is recommended by various benchmarks on the Internet. MaxKeepAliveRequests 0 The option MaxKeepAliveRequests specifies the number of requests allowed per connection when the KeepAlive option above is set to On.com info@wilshiresfot. This is also an important tuning parameter regarding the performance of the Apache web server. a value of 64 is recommended by various benchmarks on the Internet. PUT request and ACKs on transmissions. MaxSpareServers 64 The option MaxSpareServers specifies the maximum number of idle child server processes for Apache. User www The option User specifies the UID that Apache server will run as. again. For better performance. in seconds. StartServers 16 The option StartServers specifies the number of child server processes that will be created by Apache on start-up. if available. it'll try the next entry in this parameter.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . For high load operation. if set to On.conf file. DirectoryIndex index. if Apache can't find the default index page to display. It's important to create a new group that has minimal access to the system and functions just for the purpose of running the web server daemon. For high load operation.conf file. a value of 16 is recommended by various benchmarks on the Internet. it's recommended to set this option to On.conf file that Apache read after it finished reading the httpd. Group www The option Group specifies the GID the Apache server will run as. This too is an important tuning parameter regarding the performance of the Apache web server. For high load operation. Apache allows you to include the content of this file in httpd.Linux Administration – Apache Web Server Page 88 of 167 The option ResourceConfig specifies the location of the old srm.html index. KeepAliveTimeout 15 The option KeepAliveTimeout specifies how much time. The value of 15 seconds is a good average for server performance. it's recommended to allow unlimited requests. an important tuning parameter regarding the performance of the Apache web server. This too is an important tuning parameter regarding the performance of the Apache web server. Timeout 300 The option Timeout specifies the amount of time Apache will wait for a GET. which is not handling a request. In other words. which is not handling a request. you have just one file that handles all your configuration parameters for simplicity. a value of 512 is recommended by various benchmarks on the Internet.

html pointing to the file index. if you have a servername of www.html [root@skynet site1]# ll index.htm". File Permissions And Apache Apache will display web as long as they are world readable.com in your browser. This isn't usually a problem if all your HTML files have hyperlinks pointing to files ending in ". Apache will search the DocumentRoot directory for an index or "home" page named index.htm page. By default.html" extension.conf maps files into memory for faster serving. [root@skynet tmp]# cd /home/www/site1 [root@skynet site1]# ln -s index.htm" as FrontPage does.htm.wilshiresoft. Recursively changing the file ownership permissions of the /home/www directory and all its sub-directories. The examples will use the /home/www directory to illustrate how you can place them in other locations successfully. This file mmap.html -> index. The Default File Location By default. You have to make sure you make all the files and sub-directories in your DocumentRoot have the correct permissions. In the example below we do this by: 1. The easiest solution is to create a symbolic link ("shortcut" for Windows users) called index. Apache expects to find all its web page files in the /var/www/html/ directory with a generic DocumentRoot statement at the beginning of httpd.html being updated automatically.htm index. if set to Off. not ". Apache will display the contents of the file /home/www/site1/index. and to improve the performance of your Apache web server. You'll almost never have to worry about index. HostnameLookups Off The option HostnameLookups.com info@wilshiresfot.html entry signifies a link and the "->" the link target.Linux Administration – Apache Web Server Page 89 of 167 Include conf/mmap.* -rw-rw-r-1 root root 48590 Jun 18 23:43 index.html. The problem occurs with Apache not recognizing the topmost index.htm The "l" at the very beginning of the index. we include the mmap.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . It's recommended to set this option to Off in order to save the network traffic time.conf.conf. It is a good idea to have the files owned by a non privileged user so that web developers can do updates to the files using FTP or SCP without requiring the root password.conf file.3. The most commonly used statements or "directives" inside a VirtualHost container would be: "servername" which defines the name of the website managed by the VirtualHost container. In our case. 2.htm lrwxrwxrwx 1 root root 9 Jun 21 18:05 index.htm with index.my-site.1 Where To Put Your Web Pages All the statements that define the features of each web site are grouped together inside their own VirtualHost section or "container" in the httpd.conf The option Include specifies the location of other files that you can include from within the server configuration files httpd.html when you enter http://www. www. "DocumentRoot" which defines the directory in which the web pages for the site can be found.html and Apache again! In the example below we create a symbolic link to index.my-site. So for example. Some editors like Microsoft FrontPage will create files with an ". specifies the disabling of DNS lookups. Creating a user with a home directory of /home/www. This is only needed in "Named Virtual Hosting" as I'll explain below.conf file located under /etc/httpd/conf directory. This will then allow you to edit/copy the file index. 16.html in the /home/www/site1 directory.com with a DocumentRoot directory of /home/www/site1/.

then Apache will use the first <VirtualHost> in the list that matches the target IP address of the request. Notice that within each <VirtualHost> container you specify the primary website domain name for that IP address with the ServerName directive.htm> that you can use to recursively set the file permissions in a directory to match those expected by Apache.26 <VirtualHost *> Default Directives. The <VirtualHost> containers in the file then tell Apache where it should look for the web pages used on each web site. Apache will search for a perfect match of NameVirtualHost.conf file is used to tell Apache the IP addresses which will participate in this feature.my-other-site. Named Virtual Hosting Example In the case below.158.253.158.com Directives for site #2 </VirtualHost> Be careful with using "*" in other containers. then your files or directories under your DocumentRoot most likely have incorrect permissions.com Directives for site #1 </VirtualHost> <VirtualHost 97.com info@wilshiresfot.3. (In other words.2 Named Virtual Hosting You can make your web server host more than one site per IP address by using Apache's "named virtual hosting" feature.com/linux-hn/appendix.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . including the Apache's httpd daemon.siliconvalleyccie.my-site. [root@skynet tmp]# ll /home/www/site1/index.26> servername www. even if the www.253.html -> index. to read the files inside.158. the server is configured to provide content on 97. The NameVirtualHost directive in the /etc/httpd/conf/httpd. not site #1 or site #2) </VirtualHost> <VirtualHost 97.26. If there is no match. <VirtualHost> and ServerName when making a decision as to which content to send to the remote user's web browser. 16. You may also have to use the "Directory" directive to make Apache serve the pages once the file permissions have been correctly set. If you browse your website after configuring Apache and get a "permissions" error on your screen.* -rw-rw-r-1 www users 48590 Jun 25 23:43 index.htm [root@skynet tmp]# Note: It is also a good practice to FTP or SCP new files to your web server as this new user. Appendix II has a short script <http://www. [root@skynet tmp]# useradd -g users www [root@skynet tmp]# chown -R www:users /home/www [root@skynet tmp]# chmod 755 /home/www Now we test for the new ownership with the "ll" command. If you have your files in the default /home/www directory then this second step becomes unnecessary.wilshiresoft.253. You can also list secondary domain names which will serve the same content as the primary ServerName using the ServerAlias directive. NameVirtualHost 97.Linux Administration – Apache Web Server Page 90 of 167 3. The directory where the index page for that site is located is defined with the DocumentRoot directive.htm lrwxrwxrwx 1 www users 9 Jun 25 18:05 index. You must specify the IP address for which each <VirtualHost> container applies.26> servername www. This is why we have placed a "*" <VirtualHost> at the very beginning which will be used for all other web queries. Changing the permissions on the /home/www directory to 755 which will allow all users. This will make all the transferred files automatically have the correct ownership.253. A <VirtualHost> with a specific IP address will always get higher priority than a <VirtualHost> statement with a "*" intended to cover the same IP address.158.

253. Apache will display the content in the first <VirtualHost *> directive even if you add another right after it. try to limit the use of your "*" <VirtualHost> statements to the beginning of the list to cover any other IP addresses your server may have. You can also have multiple NameVirtualHost directives. The /var/log/httpd/error_log file also is the location where CGI script errors are written. In this case you will NOT have a NameVirtualHost directive for the IP address. there is no standardized formatting.253. the /var/log/httpd/error_log file will most likely have the cause of the problem. and you must only have a single <VirtualHost> container per IP address. Example IP Virtual Hosting : Single Wild Card In this example. but gives different content for addresses 97. <VirtualHost *> DocumentRoot /home/www/site1 </VirtualHost> <VirtualHost 97.253.26 and 97.27.27> DocumentRoot /home/www/site3 </VirtualHost> [root@skynet tmp]# service httpd restart The Apache Error Log Files The /var/log/httpd/error_log file is a good source for error information.253. Web surfers will get the "site1" content if they try to access the web server on any of its other IP addresses. in cases where your web server has more than one IP address IP Based Virtual Hosting The other virtual hosting option is to have one IP address per website which is also known as IP based virtual hosting. Unlike the /var/log/httpd/access_log file.158. Many times CGI scripts will fail with a blank screen on your browser.26> DocumentRoot /home/www/site2 </VirtualHost> <VirtualHost 97.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Apache listens on all interfaces.158. each with a single IP address. Apache also seems to enforce the single <VirtualHost> container per IP address requirement by ignoring any ServerName directives you may use inside it. Apache listens on all interfaces.Linux Administration – Apache Web Server Page 91 of 167 ServerName directive doesn't match.158. To get consistent results.wilshiresoft.158. but gives the same content. www.com info@wilshiresfot. <VirtualHost *> DocumentRoot /home/www/site1 </VirtualHost> Example IP Virtual Hosting : Wild Card and IP addresses In this example.

rpm Start SAMBA service You can configure Samba to start at boot time using the chkconfig command: [root@skynet tmp]# chkconfig smb on You can start/stop/restart Samba after boot time using the smb initialization script as in the examples below: [root@skynet tmp]# service smb start [root@skynet tmp]# service smb stop [root@skynet tmp]# service smb restart Note: Unlike many Linux packages.conf file is the main configuration file you'll need to edit. Sharing Resources Using SAMBA 17.smb.2. You can edit this file by hand. or more simply through Samba's SWAT web interface.0-15. File Format .conf [global] General Samba configuration parameters [printers] Used for configuring printers [homes] Defines treatment of user logins [netlogon] A share for storing logon scripts.3 Configuring SWAT (Samba Web Administration Tool) Samba has a web based configuration tool called SWAT that allows you configure your smb.wilshiresoft. Samba does not need to be restarted after changes have been made to its configuration file. 17. www.com info@wilshiresfot. It is split into five main sections.conf file without you needing to remember all the formatting. For ease of use. You can test whether the smb process is running with the pgrep command.conf file into which you fill in the desired parameters.0. Either configuration will allow everyone at home to have their own logins on all the home windows boxes while having their files on the Linux box appear to be located on a new Windows drive shared access to printers on the Linux box shared files accessible only to members of their Linux user group.i386. 17.) [profile] A share for storing domain logon information such as "favorites" and desktop icons. as it is read after the receipt of every client request. Configuring SAMBA Install the SAMBA [root@skynet tmp]# rpm -ivh samba-client-3.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . each parameter box has its own online help. (Not created by default. you should get a response of plain old process ID numbers: [root@skynet tmp]# pgrep smb The Samba Configuration File The /etc/samba/smb. Each SWAT screen is actually a form that covers a separate section of the smb.1 Introduction Samba is a suite of utilities that allows your Linux box to share files and other resources such as printers with Windows boxes.Linux Administration – Sharing Resources Using SAMBA Page 92 of 167 17.

especially as there are only two entries of interest.168. Controlling SWAT As with all xinetd controlled applications.1.1. Activating SWAT [root@skynet tmp] chkconfig swat on Deactivating SWAT [root@skynet tmp] chkconfig swat off Add Users To Your Samba Domain www.com info@wilshiresfot.168.168.conf. The original Samba smb.100:901.168.conf file but also strips out any comments you may have manually entered into it beforehand.1. [root@skynet tmp]# cp /etc/samba/smb. SWAT doesn't encrypt your login password.3 and localhost.wilshiresoft.conf file parameters because it eliminates these comments. you could save the original file with the name /etc/samba/smb. Here's an example of an entry to allow connections only from 192.0. Remember that most firewalls don't allow TCP port 901 trough their filters.3. The "disable" parameter must be set to "no" to accept connections.100 from PC 192. This may be a security concern in a corporate environment.1 Basic SWAT Setup You must always remember that SWAT edits the smb.1.conf.168. It is therefore always good practice to become familiar with the most important options in this file before proceeding with SWAT. Therefore to activate SWAT the The default configuration only allows SWAT web access from the VGA console as user "root" on port 901 with the Linux root password.0.conf file has many worthwhile comments in it and should be saved as a reference before proceeding with SWAT which will remove them.3 Therefore in this case you can also configure Samba on your Linux server "Skynet" IP with address 192. you may want to create a Samba administrator user that has no root privileges and/or only enable SWAT access from the GUI console or localhost.conf /etc/samba/smb. You can make SWAT accessible from other servers by adding IP address entries to the only_from parameter of the SWAT configuration file.Linux Administration – Sharing Resources Using SAMBA Page 93 of 167 17. You may have to adjust your rules for this traffic to pass. service swat { port socket_type protocol wait user server log_on_failure disable only_from } = 901 = stream = tcp = no = root = /usr/sbin/swat += USERID = no = localhost The formatting of the file is fairly easy to understand. Notice there are no commas between the entries. using SWAT requires some understanding of the smb. Because of this.1. For example. the chkconfig command will automatically modify the "disable" field accordingly in the configuration file and activate the change.original As you can see. only_from = localhost 192.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . This means you'll have to enter "http://127.0:901" in your browser to get the login screen.3 using the URL http://192.original as seen below.

let's add user "father" to the group.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . KICKSTART (Network Based Linux Inst over the NFS) 18.1 Introduction www. This is different from the Linux login password to log into the Samba box.conf file should have an entry like this at the end: # Marketing Shared Area [only-marketing] path = /home/parent-files valid users = @marketing Now simply restart the smb service and access the share from windows machine. 18. [root@skynet tmp]# passwd peter Changing password for user peter.com info@wilshiresfot. Create The Directory And User Group 1. and final step is to map a Windows drive letter to the user's Linux home directory. This is all outlined below: Adding The Users In Linux First go through the process of adding users in Linux just like you would normally do. For instance. The first is adding a Linux user on the Samba server. you might want to change the chown statement to make them owner [root@skynet tmp]# mkdir /home/parent-files [root@skynet tmp]# chgrp marketing /home/parent-files [root@skynet tmp]# chmod 0770 /home/parent-files 3. Mapping The Linux Users To An smbpassword Next you need to create Samba domain login passwords for the user [root@skynet tmp]#/usr/bin/smbpasswd -a username password The "-a" switch adds the user to the /etc/smbpasswd file. Remember the smbpasswd sets the Windows Domain login password for a user. Passwords won't be necessary unless you want the users to log in to the Samba server via Telnet or SSH.wilshiresoft. Create the user [root@skynet tmp]# useradd -g 100 peter Give them a Linux Password This is only necessary if the user needs to log into the Samba server directly.Linux Administration – Sharing Resources Using SAMBA Page 94 of 167 Adding users to a domain has three broad phases. New password: Retype new password: passwd: all authentication tokens updated successfully. Create a new directory for the group's files. /etc/samba/smb. If one user is designated as the leader. [root@skynet tmp]# /usr/sbin/usermod -G marketing father 4. Create a new Linux group marketing: [root@skynet tmp]# /usr/sbin/groupadd marketing 2. Next add the group members to the new group. the second is creating a Samba smbpasswd that maps to the Linux user created previously. Use a generic password then have users change it immediately from their workstation the usual way.

[root@skynet tmp]# mkdir -p /network-install/kickstart Copy the Files The NFS kickstart method all require the base set of RedHat files to be installed on the kickstart server. www. [root@skynet tmp]# mount /dev/cdrom /mnt/cdrom [root@skynet tmp]# cp –r /mnt/cdrom/RedHat /network-install/ [root@skynet /]# eject 2. To answer this need.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . nfslock and netfs daemons are all running to create an NFS server. All the necessary files will be placed in the /network-install directory. nfs. Create a /etc/exports file with the following entry in it. you must: Create a kickstart file.2. The startup scripts for these are found in the /etc/init.1 Create the Installation Directories We'll first create the directories /network-install and /network-install/kickstart in which we will place the necessary files. not spaces between the entries /network-install *(ro.d directory. Using kickstart. or via NFS. or HTTP. Create a boot diskette with the kickstart file or make the kickstart file available on the network. What is required to perform Kickstart Installation? Kickstart installations can be performed using a local CD-ROM.sync) Make sure that the portmap. Mount the Third CD ROM and copy all the RPMS [root@skynet /]# cp –r /mnt/cdrom/RedHat/RPMS/* /network-install/RedHat/RPMS/ 18. a system administrator can create a single file containing the answers to all the questions that would normally be asked during a typical Red Hat Linux installation. What are Kickstart Installations? Many system administrators would prefer to use an automated installation method to install Red Hat Linux on their machines. FTP. It is comparatively much faster than using CDs and the whole install process can be automated.2 Setting up the Installation Server Basic Preparation In this example we are going to set up a kickstart server that will be used in RedHat Liniux 9 installations.wilshiresoft. 1. Make the installation tree available. To use kickstart. You must use tabs.2. Mount the Second CD ROM and copy all the RPMS [root@skynet /]# cp –r /mnt/cdrom/RedHat/RPMS/* /network-install/RedHat/RPMS/ 3. Mount your first RedHat CD ROM. making it ideal for network and system administrators. Red Hat created the kickstart installation method. Kickstart files can be kept on single server system and read by individual computers during the installation. 18. 18.Linux Administration – Sharing Resources Using SAMBA Page 95 of 167 RedHat Linux allows you to install the operating system over the network using a Kickstart server. a local hard drive. Here's how to do it: 1. Start the kickstart installation.3 Setup Your NFS Server The steps for setting up an NFS server are more complicated. This installation method can support the use of a single kickstart file to install Red Hat Linux on multiple machines.

wilshiresoft. And go through the othe options such as Time installation etc. Basic Configuration: Choose the language to use during the installation and as the default language after installation from the Language menu. To use Kickstart Configurator. 18. you can select File => Preview at any time to review your current selections.4 Setup DNS and DHCP servers. To start Kickstart Configurator. containing a list of items.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . To save the password as an encrypted password in the file. Zone. If No Mouse is selected.2. Basic Configuration: www. As you are creating a kickstart file.2. Choose the mouse for the system from the Mouse menu. You can create it by editing a copy of the sample. using the Kickstart Configurator application.ks file found in the RH-DOCS directory of the Red Hat Linux Documentation CD. select Encrypt root password. select the Main Menu Button (on the Panel) => System Tools => Kickstart. you must be running the X Window System. The Red Hat Linux installation program also creates a sample kickstart file based on the options that you selected during installation. Probing works for most modern mice. or writing it from scratch. Language. If Probe for Mouse is selected.Linux Administration – Sharing Resources Using SAMBA Page 96 of 167 Run the exportfs command to add this directory to the NFS database of network available directories.3 Kickstart Configurator Kickstart Configurator allows you to create a kickstart file using a graphical user interface. the installation program tries to auto-detect the mouse. so that you do not have to remember the correct syntax of the file. (See the figure below) Select the system keyboard type from the Keyboard menu.com info@wilshiresfot. 1. You should be able to edit it with any text editor or word processor that can save files as ASCII text. You can also create a customized kickstart configuration file by using the "ksconfig (or) redhat-configkickstart" command from a GUI console. no mouse will be configured. you save the configuration with the filename of your choice.local file so that this is repeated after every reboot. or type the command /usr/sbin/redhat-config-kickstart. It is written to the file /root/anaconda-ks.5 Create Kickstart Configuration Files The kickstart file is a simple text file. It will bring up a menu from which you can select all your installation options. each identified by a keyword. You should also add this command to your /etc/rc. When finished. [root@skynet tmp]# exportfs –ra [root@skynet tmp]# service nfs restart [root@skynet tmp]# showmount –e ## (this command should not show any RPC errors) 18. and Reboot system after Enter the desired root password for the system in the Root Password text entry box. Note : See later chapters for configuring DHCP and DNS for Kickstart 18.cfg.

com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Also choose the opropriate kickstart installation to perform from this screen. 2. 3. They are not supported for kickstart upgrades.com info@wilshiresfot. If you choose upgrade. NFS. Installation Method: The Installation Method screen allows you to choose whether to perform a new installation or an upgrade. Do not type an already encrypted password and select to encrypt it. HTTP or Hard Drive. You can choose from the following options: CD-ROM. In our example we are going to perform over the NFS so choose NFS. when the file is saved. the Partition Information and Package Selection options will be disabled.Linux Administration – Sharing Resources Using SAMBA Page 97 of 167 If the encryption option is selected.wilshiresoft. the plain text password that you typed will be encrypted and written to the kickstart file. Boot Loader Options: www.

wilshiresoft. choose to make the partition a fixed size. Network Configuration: www. In the Additional Size Options section. click the Add button. and partition size for the new partition. For example. Format the partition as the chosen file system type. to make the partition on the first partition on the first IDE hard disk (/dev/hda1).Linux Administration – Sharing Resources Using SAMBA Page 98 of 167 You have the option of installing GRUB or LILO as the boot loader. Use an existing partition.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . specify hda1 as the partition. The Partition Options window shown in following figure.e install a boot loader. Creating Partitions: To create a partition. up to a chosen size.com info@wilshiresfot. Do not include /dev in the partition name. If you selected swap as the file system type. Its recommended that you choose defaults i. you can select to have the installation program create the swap partition with the recommended size instead of specifying a size. See the following figure: 4. Do not include /dev in the drive name. Force the partition to be created as a primary partition. Use GRUB for the boot loader and Install Boot loader on Master Boot Record MBR. Create the partition on a specific hard drive. or fill the remaining space on the hard drive. For example. specify hda as the drive. 5. to make the partition on the first IDE hard disk (/dev/hda). Choose mount point. file system type.

100 Note: Here 192. select eth1 for the second Ethernet card.conf file and add the following lines to the section for the interface that will be serving DHCP IP addresses. click Add Network Device and select the network device and network type of the device. 7. See Chapter 20 IPTABLES for more information. with the same functionality. Firewall Configuration: The Firewall Configuration window is identical to the screen in the Red Hat Linux installation program and the Security Level Configuration Tool. Pre-Installation Script You can add commands to run on the system immediately after the kickstart file has been parsed and before the installation begins. There are also options available to resolve and ignore package dependencies automatically.cfg". Currently. select whether to use shadow passwords and MD5 encryption for user passwords. type it in the text area. Authentication: In the Authentication section. Hesiod. Be sure to specify a color depth and resolution that is compatible with the video card and monitor for the system. RedHat recommends that you configure the firewall settings manually after the installation. Now save the settings under /network-install/kickstart/ks. 9. Package Selection: The Package Selection window allows you to choose which package groups to install. Place your kickstart file in the /network-install/kickstart directory. the network is enabled.cfg on either the boot CD / floppy. Kerberos 5. X Configuration: The first step in configuring X is to choose the default color depth and resolution. next-server 192.1. 2. If you don’t setup this in /etc/dhcpd.168.168. Kickstart Configurator does not allow you to select individual packages. 8. 11. If you have configured the network in the kickstart file. Select them from their respective pull down menus. LDAP. and so on. If the network is properly configured in the kickstart file.Linux Administration – Sharing Resources Using SAMBA Page 99 of 167 For each Ethernet card on the system. and Name Switch Cache. 3.wilshiresoft. filename "/network-install/kickstart/ks. Note: It is strongly recommended that you choose Firewall Configuration as Disabled. It will then automatically attempt to get a DHCP IP address and see if the DHCP server will specify a configuration file. To include a pre-installation script. To include a post-installation script.100 is the Kickstart server’s IP address. type it in the text area.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Select eth0 as the network device for the first Ethernet card.1. The Authentication Configuration options allow you to configure the following methods of authentication: NIS.cfg. During the kickstart process you will be prompted for these unspecified values. 10.com info@wilshiresfot. Post-Installation Script You can also add commands to execute on the system after the installation is completed. SMB. www. Now on the client side insert the boot floppy or CD into the kickstart client and at the boot: prompt type in the following command: boot: linux ks Kickstart will first search for a configuration file named ks.conf file then the installation client will ask you for the location of the Kickstart server and method of installation. and the script can include commands to access resources on the network. You may want to then edit the configuration file and comment out certain parameters that may change from system to system with ”#". These could include things like the system's name and IP address. Configuring the Filename Automatically 1. the network is enabled before this section is processed. Edit your /etc/dhcpd. 6. These options are highly recommended and chosen by default.

wilshiresoft. The rest should be automatic.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . www.Linux Administration – Sharing Resources Using SAMBA Page 100 of 167 Kickstart will then use NFS to get both the configuration file and the installation files.com info@wilshiresfot.

This provides simple access control to the Internet.com info@wilshiresfot. Users configure their web browsers to use the Squid proxy server instead of going to the web directly. If the ISP connection we have is a Leased line or Cable connection. 19. this reduces the amount of data accessed from the web. and if not. SQUID Proxy server 19. Once it finds the information. You can set this with the "visible_hostname" parameter in /etc/squid/squid. Another advantage is that you can configure your firewall to only accept HTTP web traffic from the Squid server and no one else.1 Introduction to SQUID Two important goals of squid are to: Reduce Internet bandwidth charges Limit access to the Web to only authorized users. visible_hostname wstsun1 www.2.2 Configuring SQUID Start the SQUID service Use the chkconfig to configure Squid to start at boot: [root@skynet tmp]# chkconfig squid on Use the service command can be used to start/stop/restart Squid after booting [root@skynet tmp]# service squid start [root@skynet tmp]# service squid stop [root@skynet tmp]# service squid restart You can test whether the Squid process is running with the following command.conf which we'll discuss in detail in following sections. use kppp Dial-out configuration GUI utility. Squid needs to be restarted in order for changes to the configuration file can take effect. Squid can then be configured to request usernames and passwords for each user that users its services. Here we set it to the real name of our server "wstsun1".1 The /etc/squid/squid. Note: Before we configure a PROXY server its compulsory that you configure Internet connection either by using a Leased line or by using PPP Dial-out server. In case you are using a modem Dial-out server to connect to the ISP.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The Visible Host Name Note: Older versions of Squid will fail to start if you don't give your server a hostname.conf with your ISP’s DNS <domain name> and nameserver <IP addresses>. Activating Configuration Changes Like most Linux applications.conf File The main Squid configuration file is squid. Install the Squid package from the 3rd CD of RedHat9 distribution.conf. it will populate its cache with it and also forward it to the user's web browser. As you can see. The Squid server then checks its web cache for the web information requested by the user. It will return any matching information that finds in its cache.Linux Administration – SQUID Proxy Page 101 of 167 19. you should get a response of plain old process ID numbers: [root@skynet tmp]# pgrep squid 19. it will go to the web to find it on behalf of the user. simply configure /etc/resolv.wilshiresoft.

conf file.conf # http_access allow home_network business_hours Only Allow Access In The Morning # # Add this to the bottom of the ACL section of squid.Linux Administration – SQUID Proxy Page 102 of 167 19. [root@skynet tmp]# service squid restart www.conf # acl home_network src 192. Each ACL line defines a particular type of activity. Here are some guide lines that may be helpful: Squid matches each web access request it receives by checking the http_access list from top to bottom.1. In this case we're creating an ACL that defines our home network of 192.2. It is best to put new customized entries right after this list to make the file easier to read.168.0/255. they are then linked to an http_access statement that tells squid whether or not to deny or allow traffic that matches the ACL.1. such as an access time or source network.conf # http_access allow home_network Remember to restart Squid for the changes to take effect. Here are some quick examples.168.com info@wilshiresfot.conf # acl mornings time 08:00-12:00 # # Add this at the top of the http_access section of squid. # # Add this at the top of the http_access section of squid.1. # # Add this to the bottom of the ACL section of squid.conf # http_access allow mornings Restricting Web Access By IP Address You can create an access control list (ACL) that restricts web access to users on certain networks. You will have to be careful not to place a "deny" statement in the list that blocks a similar "allow" statement below it.0 You will also have to add a corresponding http_access statement that allows traffic that matches the ACL.wilshiresoft. The final http_access statement denies everything. If it finds a match.3 Restricting Web Access by Time Access control lists can be created with time parameters.0.2 Access Control Lists You can limit users' ability to browse the Internet with access control lists (ACLs). Squid has a minimum required set of ACL statements in the ACCESS_CONTROL section of the squid.168.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . it enforces the "allow" or "deny" statement and stops reading further.2. 19.conf # acl home_network src 192.0/24 acl business_hours time M T W H F 9:00-17:00 # # Add this at the top of the http_access section of squid. Remember to restart Squid for the changes to take effect. so it is best to place new http_access statements above it.255. Only Allow Business Hour Access from the Home Network # # Add this to the bottom of the ACL section of squid.255.

Click on "LAN Settings" 5. 2. Click on "Connections" 4. 1.2. Click on "Preferences" 2. Click on "Internet Options" 3. Click on the "Edit" item on the menu bar of the browser. 1. Click on "Advanced" 3. Click on the "Tools" item on the menu bar of the browser. Click on "Proxies" 4. Configure with the address and TCP port (3128 default) used by your Squid server.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft.Linux Administration – SQUID Proxy Page 103 of 167 19.4 Configure the Web Browsers to Use Your Squid Server If you don't have a firewall that supports redirection then you'll need to: Configure your firewall to only accept HTTP Internet access from the Squid server Configure your PC browser's proxy server settings manually to use the squid server using the following methods: Internet Explorer Here's how to make these changes using Internet Explorer. Mozilla / Netscape Here's how to make these changes using Mozilla.com info@wilshiresfot. Configure with the address and TCP port (3128 default) used by your Squid server under "Manual Proxy Configuration" www.

Linux Administration – IPTABLES Page 104 of 167 20. OUTPUT . Improved logging.4 and above kernels only.1 Overview Note: 2.0/24 -j ACCEPT Capabilities Table .All packets leaving an interface that originated from a local process use these chains. Many more filtering options: All TCP flags. iptables does "stateful" packet inspection.1.All packets entering an interface that are destined for a local process use this chain.168.1 What is iptables? Originally. or mangle/ Action –Action to be taken on specified n/w or host.netfilter. Format iptables [table] [action] [chain] [options] [target] iptables -t filter -A INPUT -m state --state NEW -p tcp -s 12. Rate Limiting. etc.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . # Filter Table: INPUT . This means that the firewall keeps track of each connection passing through it and in certain cases will view the contents of data flows in an attempt to anticipate the next action of certain protocols.com info@wilshiresfot. This is an important feature in the support of active FTP and DNS as well as many other network services. IPTABLES (Netfilter) 20. There have been improvements in system logging which now provides the option of adjusting the level of detail of the reporting. filter. Chains .1.org/> organization decided to create a new product called iptables in order to rectify this and developed these improvements and more: The iptables application has better integration with the Linux kernel with the capability of loading iptables specific kernel modules designed for improved speed and reliability. Many benefits over ipchains: Connection Tracking.Only packets routed from one interface to another pass through this chain. Network address translation has been improved and new support for transparent integration with web proxy programs such as Squid has been incorporated into the product.5 Built-in chains.wilshiresoft. The new rate limiting feature helps iptables to block some types of denial of service (DoS) attacks 20. the most popular firewall / NAT package running on Linux was ipchains but it had a number of shortcomings. This is helpful in preventing attacks using malformed packets and in restricting access from locally attached servers to other networks in spite of what their IP addresses are. MAC address user. Names capitalized unlike IPCHAINS. The Netfilter <http://www. # Nat Table: www. iptables can filter packets by MAC address and the values of the flags in the TCP header. FORWARD .Specifies which table the chain applies to: nat.

tracking ftp connections requires a special kernel module: ip_conntrack_ftp.com info@wilshiresfot. If you wish to use NAT with ftp connection tracking. Options -i = Input interface (eth0.icmp.1.wilshiresoft.g. or the protocol number) -s = Source address of packet (192.2.168.0. only for the destination address -m = Specify an extension module to load (e. Destination NAT (DNAT) is configured using this chain. etc. lo) -o = Output interface (eth0. 192.Linux Administration – IPTABLES Page 105 of 167 PREROUTING .20. Start iptables service You can start/stop/restart iptables after booting by using the following commands: [root@skynet tmp]# service iptables start [root@skynet tmp]# service iptables stop [root@skynet tmp]# service iptables restart To get iptables configured to start at boot you can use the chkconfig command. eth1. you must also load the ip_nat_ftp kernel module Install Iptables iptables-1.rpm package from 3rd CD of RedHat distribution.168.0/24.1. ICMP error messages) = Packet doesn't belong to any other connection Tracking FTP Connections: Because of the nature of the FTP protocol. Packet STATES: NEW = A new connection ESTABLISHED = Packet is part of an existing connection RELATED INVALID = Packet is related to an existing connection (e.i386.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Rules in this chain occur after the OUTPUT and FORWARD chains. [root@skynet tmp]# chkconfig iptables on IPTABLES Examples www. Source NAT (SNAT) is configured using this chain.9-1.tcp. This must be the first option specified if it is used --sport = Source port --dport = Destination port Targets # 3 Default Targets DROP = DROP the packet without returning an indication that it was dropped to the source ACCEPT = Accept the packet <CHAIN> = A user defined chain # Additional Targets provided by modules: LOG = Log the packet REJECT = Reject the packet and send the source a user defined response (defaults to an icmp error message) Connection Tracking Requires state module (-m state).) -d = Same as -s. -m state).g. eth1. POSTROUTING .Rules in this chain occur before it is determined whether the packet will use the INPUT or FORWARD chain. lo) -p = Protocol (udp.

[root@skynet tmp]#iptables -A INPUT -i eth0 -p icmp -s-icmp-type 8 -m state -state NEW. A burst of 3 will allow a burst of up to 3 ICMP packets before the rate limiting kicks in.1. the iptables-restore program reads the configuration and makes it the active configuration.168.ESTABLISHED -m limit --limit 1/s --limit-burst 3 -j ACCEPT [root@skynet tmp]#iptables -A OUTPUT -o eth0 -p icmp -m state --state ESTABLISHED -j ACCEPT Status Messages [root@skynet tmp]# service iptables status Table: filter Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@skynet tmp]# Saving iptable Scripts The "service iptables save" command will permanently save the iptables configuration in the /etc/sysconfig/iptables file.RELATED -i eth0 -p tcp --dport 1024: -j ACCEPT # Allow external access to our DNS services. and use connection #tracking so we don't have to create rules to allow us to receive the packets coming back.RELATED -o eth0 -p tcp --sport 1024: -j ACCEPT [root@skynet tmp]#iptables -A INPUT -m state –state ESTABLISHED.ESTABLISHED.wilshiresoft. When the system reboots. www.ESTABLISHED.com info@wilshiresfot. but limit them to 1 per second. [root@skynet tmp]#iptables -A INPUT -m state –state NEW.RELATED -o eth0 -p udp --sport 53 -j ACCEPT # Redirect all incoming traffic that hits port 8080 to port 80 on a web server in our internal LAN [root@skynet tmp]#iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 8080 j DNAT --to 192.0. [root@skynet tmp]#iptables -A OUTPUT -m state –state NEW. and keep state on the connection.0 -dport 1024: -j ACCEPT # Allow outgoing connections to all ports.0.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .10:80 # Allow ICMP echo requests.0.0 --sport 1024: --dport 80 -j ACCEPT # We must also allow packets back out in order for the connection to work since we aren't using connection tracking [root@skynet tmp]#iptables -A OUTPUT -o eth0 -p tcp --sport 80 -d 0. The initialization of built in chains is automatic and the string "iptables" is omitted from the rule statements. The format of the /etc/sysconfig/iptables file is slightly different from that of the scripts shown in this document.Linux Administration – IPTABLES Page 106 of 167 # Set the default Policies to DENY iptables -P INPUT DENY iptables -P OUTPUT DENY iptables -P FORWARD DENY # Allow all incoming tcp connections on interface eth0 to port 80 (www) iptables -A INPUT -i eth0 -p tcp -s 0.RELATED i eth0 -p udp --dport 53 -j ACCEPT [root@skynet tmp]#iptables -A OUTPUT -m state –state ESTABLISHED.0.

14304K free. process statistics.5% user. While there are more than those listed here. 0. 0K shrd. as in the following command [root@skynet tmp]#watch -n 1 -d free top While free displays only memory-related information. The tools are: free top (and GNOME System Monitor. 3 running. free The free command displays system memory utilization.3 1.7% system. 241204K used. This makes it much easier to see how memory utilization changes over time.com info@wilshiresfot. 0 stopped CPU states: 0. 0. use this command: [root@skynet tmp]#watch free The watch command issues the free command every two seconds.00. CPU utilization.4 0:11 top 4084 3524 2752 S 0. after first clearing the screen. Here is an example of its output: total buffers cached Mem: 255508 -/+ buffers/cache: Swap: 530136 240268 146488 26268 used 15240 109020 503868 free 0 shared 7592 86188 The Mem: row displays physical memory utilization. top's default behavior is to run continuously. 0. and can cause any changes between updates to be highlighted by using the -d option.05.5 0. 1 zombie. Here is a sample display: 11:13am up 1 day. or quickly determining if a memory-related problem is currently in progress.com PRI 16 15 NI 0 0 SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND 1156 1156 912 R 0.3 0:00 gnomeWilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . there is no need to use the watch command. and the -/+ buffers/cache: row displays the amount of physical memory currently devoted to system buffers. In addition. unlike the free command. You can control the delay between updates by using the -n option. load average: 0.07 89 processes: 85 sleeping. while the Swap: row displays the utilization of the system swap space. A better solution than using free -s would be to run free using the watch command. a more graphically oriented version of top) vmstat The Sysstat suite of resource monitoring tools Let us look at each one in more detail. the output scrolls.wilshiresoft. 0. 31 min. 98.6% idle Mem: 255508K av.1 Resource Monitoring Commands Red Hat Linux comes with a variety of resource monitoring tools. making it difficult to easily see changes in memory utilization. as it is not necessary to scan continually scrolling output. Since free by default only displays memory utilization information once. For example. memory utilization — top does it all. Linux Resource Monitoring 21. the top command does a little bit of everything. 56964K used. these tools are representative in terms of functionality. 5 users. it is only useful for very short-term monitoring.0% nice. 16604K buff Swap: 530136K av.Linux Administration – Linux Resorce Monitoring Page 107 of 167 21. 473172K free 64724K cached PID USER 8532 ed 1520 ed www. to display memory utilization every two seconds (the default display interval). Although free has the ability to repetitively display memory utilization figures via its -s option.

2 4.0 0.0 0.0 0.1 0.2 0.0 0.0 0. along with a tabular disk space utilization listing.0 0. The lower section displays process-level statistics.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .0 0.2 0:01 gnome0:18 0:04 0:00 0:00 0:00 0:00 0:00 0:00 0:00 0:00 0:00 0:00 0:00 0:00 emacs init keventd kapmd kswapd bdflush kupdated mdrecoveryd kjournald khubd kjournald kjournald dhcpcd 0 11216 0 472 0 0 0 0 19 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 712 The display is divided into two sections. The top section contains information related to overall system status — uptime.0 0. the exact nature of which can be controlled while top is running. memory and swap utilization.0 0. memory. and swap utilization.1 0.0 0.0 0.0 0. process counts.0 0.0 1. Here is an example of the GNOME System Monitor's Process Listing display: www.0 0. CPU status. process counts. load average.0 0.0 0. the GNOME System Monitor displays information related to overall system status. and process-level statistics. and utilization statistics for both memory and swap space.1 0. However.0 0.0 0.0 0.0 0. Like top.Linux Administration – Linux Resorce Monitoring Page 108 of 167 terminal 1481 ed 15 terminal 1560 ed 15 1 root 15 2 root 15 3 root 15 4 root 34 ksoftirqd_CPU0 5 root 15 6 root 25 7 root 15 8 root 25 12 root 15 91 root 16 185 root 15 186 root 15 576 root 15 0 3716 3280 10M 432 0 0 0 0 0 0 0 0 0 0 0 632 2736 R 4256 416 0 0 0 0 0 0 0 0 0 0 0 612 S S SW SW SWN SW SW SW SW SW SW SW SW S 0.com info@wilshiresfot. the GNOME System Monitor may be more to your liking.0 0.0 0.wilshiresoft. the GNOME System Monitor goes a step further by also including graphical representations of CPU.0 0. The GNOME System Monitor — A Graphical top If you are more comfortable with graphical user interfaces.

but only for the next ten seconds. memory. most administrators take advantage of vmstat's ability to repetitively display resource utilization data at set intervals. I/O.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . vmstat For a more concise view of system performance. system. only one line is displayed. This line contains averages. calculated from the time the system was last booted. Using this resource monitor. as the time over which it was collected varies. most system administrators do not rely on the data in this line. clicks on the System Monitor tab. a different kind of tool is required — a tool capable of more in-depth data collection and analysis.Linux Administration – Linux Resorce Monitoring Page 109 of 167 The GNOME System Monitor Process Listing Display Additional information can be displayed for a specific process by first clicking on the desired process and then clicking on the More Info button.wilshiresoft. But to gain more insight into those issues. However.com info@wilshiresfot. and disk usage statistics. Instead. vmstat can be used to quickly determine resource utilization and performance issues. try vmstat. and CPU activity in one line of numbers: procs cpu r b w sy id 1 0 0 3 87 memory swpd free buff cache swap si 0 so 0 bi 1 io bo 6 system in 111 cs 114 us 10 0 524684 155252 338068 The process-related fields are: r — The number of runnable processes waiting for access to the CPU b — The number of processes in an uninterruptible sleep state w — The number of processes swapped out. but runnable The memory-related fields are: swpd — The amount of virtual memory used free — The amount of free memory buff — The amount of memory used for buffers cache — The amount of memory used as page cache The swap-related fields are: si — The amount of memory swapped in from disk so — The amount of memory swapped out to disk The I/O-related fields are: bi — Blocks sent to a block device bo— Blocks received from a block device The system-related fields are: in — The number of interrupts per second cs — The number of context switches per second The CPU-related fields are: us — The percentage of the time the CPU ran user-level code sy — The percentage of the time the CPU ran system-level code id — The percentage of the time the CPU was idle When vmstat is run without any options. it is possible to get an overview of process. the command vmstat 1 displays one new line of utilization data every second. while the command vmstat 1 10 displays one new line per second. memory. pstree Gives a hierarchical structure of all currently running processs: www. To view the CPU. In the hands of an experienced administrator. For example. swap.

For organizational purposes. It is for this reason that /proc/ is often referred to as a virtual file system. For example. Others. users can immediately access an enormous amount of information about the system. Viewing Virtual Files By using the cat. indicative of the fact they are constantly updated. it can contain a large amount of information. But the /proc/ directory contains another type of file called a virtual file. Likewise. type cat /proc/cpuinfo to receive output similar to the following: www. For instance. /proc/ide/ contains information for all physical IDE devices. /proc/meminfo. Most users are familiar with the two primary types of files: text and binary. some of the files within the /proc/ directory tree can be manipulated by users and applications to communicate configuration changes to the kernel. Virtual files such as /proc/interrupts. to display the type of CPU a computer has. In addition. Within the /proc/ directory.Linux Administration – Linux Resorce Monitoring Page 110 of 167 21. Most of them are listed as zero bytes in size and yet when one is viewed. The /proc/ directory contains a hierarchy of special files which represent the current state of the kernel -allowing applications and users to peer into the kernel's view of the system. A Virtual File System Under Linux.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . all data are stored as files. or less commands on files within the /proc/ directory. more. one can find a wealth of information detailing the system hardware and any processes currently running. like /proc/filesystems and the /proc/sys/ directory provide system configuration information and interfaces.com info@wilshiresfot. most of the time and date settings on virtual files refiect the current time and date. files containing information on a similar topic are grouped into virtual directories and sub-directories. process directories contain information about each running process on the system. and /proc/partitions provide an up-to-themoment glimpse of the system's hardware.wilshiresoft. /proc/mounts. In addition. These virtual files have unique qualities.2 The proc File System The Linux kernel has two primary functions: to control access to physical devices on the computer and to schedule when and how processes interact with these devices.

Examples of these utilities include lspci. Note: In most cases. and top. /proc/cmdline This file shows the parameters passed to the kernel at the time it is started.919 cache size : 256 KB fdivfibug : no hltfibug : no f00ffibug : no comafibug : no fpu : yes fpufiexception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr mce cx8 pge mmx syscall 3dnow k6fimtrr bogomips : 799.com info@wilshiresfot.53 When viewing different virtual files in the /proc/ file system.1 Top-level Files in the proc File System Below is a list of some of the more useful virtual files in the top-level of the /proc/ directory. free. This is especially true for files in the /proc/sys/ subdirectory. /proc/cpuinfo This virtual file identifies the type of processor used by your system.wilshiresoft. This is in part why utilities exist to pull data from virtual files and display it in a useful way. The following is an example of the output typical of /proc/cpuinfo: processor : 0 vendorfiid : AuthenticAMD cpu family : 5 model : 9 model name : AMD-K6(tm) 3D+ Processor stepping : 1 cpu MHz : 400. This is because much of the information is specific to the hardware on which Red Hat Linux is running. As a general rule. some of the information is easily understandable while some is not human-readable. apm.2. the content of the files listed in this section will not be the same on your machine. most virtual files within the /proc/ directory are read only. The proc File System f00ffibug : no comafibug : no fpu : yes fpufiexception : yes cpuid level : 1 wp : yes www. However. A sample /proc/cmdline file looks like this: ro root=/dev/hda2 This tells us that the kernel is mounted read-only (signified by (ro)) off of the second partition on the first IDE device (/dev/hda2).919 cache size : 256 KB fdivfibug : no hltfibug : no 46 Chapter 5. 21.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Linux Resorce Monitoring Page 111 of 167 processor : 0 vendorfiid : AuthenticAMD cpu family : 5 model : 9 model name : AMD-K6(tm) 3D+ Processor stepping : 1 cpu MHz : 400. some can be used to adjust settings in the kernel.

Defines a number of different qualities about the processor. model name . or 386. On systems that have one processor. there will be only a 0. Because some RPM packages are compiled for each of these particular architectures. This is particularly helpful for those attempting to identify the architecture of an older system such as a 586. cpu family . Sample output from a generic /proc/filesystems looks similar to this: nodev rootfs nodev bdev nodev proc nodev sockfs nodev tmpfs nodev shm nodev pipefs ext2 nodev ramfs iso9660 nodev devpts www. For an Intel-based system. flags . such as the presence of a fioating point unit (FPU) and the ability to process MMX instructions. 486.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Linux Resorce Monitoring Page 112 of 167 flags : fpu vme de pse tsc msr mce cx8 pge mmx syscall 3dnow k6fimtrr bogomips : 799. cache size .Displays the common name of the processor. this value also helps users determine which packages to install.Shows the precise speed in megahertz for the processor to the thousandth decimal point.Authoritatively identifies the type of processor you have in the system.Provides each processor with an identifying number. place the number in front of "86" to determine the value. including its project name.Displays the amount of level 2 memory cache available to the processor.53 processor .com info@wilshiresfot. cpu MHz .wilshiresoft. /proc/devices This file displays the various character and block devices currently configured (not include devices whose modules are not loaded). Below is a sample output from this file: Character devices: 1 mem 2 pty 3 ttyp 4 ttyS 5 cua 7 vcs 10 misc 14 sound 29 fb 36 netlink 128 ptm 129 ptm 136 pts 137 pts 162 raw 254 iscsictl Block devices: 1 ramdisk 2 fd 3 ide0 9 md 22 ide1 /proc/filesystems This file displays a list of the file system types currently supported by the kernel.

/proc/interrupts This file records the number of interrupts per IRQ on the x86 architecture. IO-APIC-level . IO-APIC-edge . mean something a little different. the following values are common: XT-PIC. this file may look slightly different: CPU0 CPU1 0: 1366814704 0 XT-PIC timer 1: 128 340 IO-APIC-edge keyboard 2: 0 0 XT-PIC cascade 8: 0 1 IO-APIC-edge rtc 12: 5323 5793 IO-APIC-edge PS/2 Mouse 13: 1 0 XT-PIC fpu 16: 11184294 15940594 IO-APIC-level Intel EtherExpress Pro 10/100 Ethernet 20: 8450043 11120093 IO-APIC-level megaraid 30: 10432 10722 IO-APIC-level aic7xxx 31: 23 22 IO-APIC-level aic7xxx NMI: 0 ERR: 0 The first column refers to the IRQ number. The next column reports the type of interrupt. creating an edge.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . where the interrupt occurs and is only signaled once.This is the old AT computer interrupts. and the last column contains the name of the device that is located at that IRQ. Each CPU in the system has its own column and its own number of interrupts per IRQ.Linux Administration – Linux Resorce Monitoring Page 113 of 167 ext3 nodev autofs nodev binfmtfimisc The first column signifies whether the file system is mounted on a block device. This kind of interrupt. The mount command cycles through these file systems listed here when one is not specified as an argument. which are architecture-specific. For x86 machines. The second column lists the names of the file systems supported.Generates interrupts when its voltage signal goes high until the signal goes low again. Each of the types of interrupts seen in this file. are only seen on systems with processors from the 586 family and higher. www. A standard /proc/interrupts looks similar to this: CPU0 0: 80448940 XT-PIC timer 1: 174412 XT-PIC keyboard 2: 0 XT-PIC cascade 8: 1 XT-PIC rtc 10: 410964 XT-PIC eth0 12: 60330 XT-PIC PS/2 Mouse 14: 1314121 XT-PIC ide0 15: 5195422 XT-PIC ide1 NMI: 0 ERR: 0 For a multi-processor machine.level interrupt.The voltage signal on this interrupt transitions from low to high. as well as the IO-APIC. Those beginning with nodev are not mounted on a device.wilshiresoft.com info@wilshiresfot.

Supposedly everything has been backed up. It is a reflection of that data at a particular moment in time. They are: Full backups www. we must first understand the different types of backups that can be created. To understand more about this. In most organizations. upgraded. while data that changes often must be backed up more frequently. the system administrator is staring at hardware that used to be a productive part of the data center. Application Data This data changes as frequently as the associated applications are run. The question is: has it? And if it has.3 Types of Backups If you were to ask a person that was not familiar with computer backups. the installation of bug fixes. 22. and any site-specific modifications Application Software This data changes whenever applications are installed. the backup created Wednesday evening would be identical to the one created on Tuesday. most would think that a backup was just an identical copy of all the data on the computer.Linux Administration – Backups Page 114 of 167 22. However. it is little more than a lifeless chunk of steel and silicon. this means that changes take place all the time. if a backup was created Tuesday evening. users. The thing that is missing is all the software and data you and your users have assembled over the years. There are two reasons for this: A backup is nothing more than a snapshot of the data being backed up. User Data This data changes according to the usage patterns of your user community. Now. The second situation is a system administrator's worst nightmare: for whatever reason.wilshiresoft. In other words. While it is possible to configure backups in this way. can yourestore it? 22.2 Different Data: Different Backup Needs The pace at which data changes is crucial to the design of a backup procedure.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . this could mean that changes take place second-by-second or once at the end of each fiscal year. Based on these categories (and any additional ones that are specific to your organization). System administrators that have a good understanding of their systems. Data that changes infrequently can be backed up infrequently. and nothing changed on the computer all day Wednesday. but this is the most common day-to-day use for backups. or removed. you should have a pretty good idea concerning the nature of the backups that are needed to protect your data. and applications should be able to quickly group the data on their systems into different categories. Depending on the specific application and your organization.com info@wilshiresfot. Backups 22. The exact circumstances may vary somewhat. it is likely that you would not.1 Introduction Backups have two major purposes: To permit restoration of individual files To permit wholesale restoration of entire file systems The first purpose is the basis for the typical file restoration request: a user accidentally deletes a file and asks that it be restored from the latest backup. here are some examples to get you started: Operating System This data normally only change during upgrades.

On the other hand.3. The primary disadvantage to incremental backups is that restoring any given file may mean going through one or more incremental backups until the file is found. In the following sections we look at the most popular backup media. incremental backups first look to see whether a file's modification time is more recent than its last backup time. with daily incrementals). a slightly different approach was implemented. and review their advantages as well as their disadvantages. The effect of using differential backups in this way is that the differential backups tend to grow a bit over time (assuming different files are modified over the time between full backups).2 Incremental Backups Unlike full backups. A full backup is a backup where every single file is written to the backup media. This means that a great deal of backup media is used even if nothing has changed. Given these characteristics. Incremental backups are used in conjunction with a regularly-occurring full backup (for example. The primary advantage gained by using incremental backups is that the incremental backups run more quickly than full backups. full backup.Linux Administration – Backups Page 115 of 167 Incremental backups Differential backups 22. differential backups are cumulative — in other words. This places differential backups somewhere between incremental backups and full backups in terms of backup media utilization and backup speed.com info@wilshiresfot. If it is not. with a differential backup. while often providing faster single-file and complete restorations (due to fewer backups to search/restore). Most experienced system administrators usually think about backups in terms of reading and writing tapes.4. differential backups are worth careful consideration. a weekly full backup. Backup Media We have been very careful to use the term "backup media" throughout the previous sections. the file has not been modified since the last backup and can be skipped this time.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . At one time. but today there are other options. 22.3. There is a reason for that.wilshiresoft. every full backup being created will be the same. Like the backup strategy used with incremental backups. tape devices were the only removable media devices that could reasonably be used for backup purposes. 22.3 Differential Backups Differential backups are similar to incremental backups in that both backup only modified files. That similarity is due to the fact that a full backup does not check to see if a file has changed since the last backup. This is known as the differential backup. of course). the file has been modified and should be backed up. In an attempt to alleviate the need to go through every incremental backup. 22.1 Full Backups The type of backup that was discussed at the beginning of this section is known as a full backup. that is why incremental backups were created. making it possible to perform a complete restoration with only the last full backup and the last differential backup. it blindly writes everything to the backup media whether it has been modified or not. However. it is necessary to restore the last full backup and every subsequent incremental backup. this has changed. differential backups normally follow the same approach: a single periodic full backup followed by more frequent differential backups. This means that each differential backup contains all the files modified since the last full backup. However. As noted above. once a file has been modified it continues to be included in all subsequent differential backups (until the next. www. When restoring a complete file system. if the data being backed up never changes. if the modification date is more recent than the last backup date.3. Backing up 100 gigabytes of data each night when maybe 10 megabytes worth of data has changed is not a sound approach. This is the reason why full backups are not done all the time — every file is written to the backup media.

and the amount of data to be backed up is large. for a number of reasons: Disk drives are not normally removable.wilshiresoft. Self support options are available via the many mailing lists hosted by Red Hat (available at <https://listman. After all.5 Red Hat Linux-Specific Information (applies to all versions) There is little about the general topic of disasters and disaster recovery that has a direct bearing on any specific operating system.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . and you can count on it being usable now and in the future. storage prices have dropped to the point where. The primary reason for using disk drives as a backup medium would be speed.1 Software Support As a software vendor. On the other hand. the computers in a flooded data center will be inoperative whether they run Red Hat Enterprise Linux or some other operating system. Disk drives are expensive Disk drives are fragile. These mailing lists take advantage of the combined knowledge of www. Disk In years past. However.com/mailman/listinfo/>). in some cases. With sufficient network bandwidth. Documentation for Red Hat Linux is available on the Red Hat Linux Documentation CD (which can also be installed on your system for fast access). the speed advantage you can get from backing up to disk drives is maintained. so there is no need for transporting fragile disk drives anywhere. tape is one of the most inexpensive mass storage media available. But combined with mass storage technologies.com info@wilshiresfot. there are parts of Red Hat Linux that relate to certain specific aspects of disaster recovery. by combining a high-speed network link to a remote data center containing large amounts of disk storage. tape has some disadvantages — it is subject to wear. 22. For instance. suddenly the disadvantages about backing up to disks mentioned earlier are no longer disadvantages. There is no faster mass storage medium available. This means that building a good-sized tape library need not consume a large part of your budget. Speed can be a critical factor when your data center's backup window is short. Red Hat does have a number of support offerings for its products. However. However. You are using the most basic support tool right now by reading this manual. it is a cost they gladly pay. and that searching for a specific file on tape can be a lengthy proposition. Network By itself. 22. the costs of a remote data center with a high-speed link to the main data center make this solution extremely expensive.redhat. But disk storage is not the ideal backup medium. disk drives would never have been used as a backup medium. These factors mean that it is necessary to keep track of tape usage (retiring tapes once they have reached the end of their useful life). a network cannot act as backup media. and data access on tape is sequential in nature. Disk drives are not archival media. it can serve quite well. In addition. By backing up over the network. However. including Red Hat Linux. the disk drives are already off-site. It has the benefits of low media cost and reasonably-good storage capacity. these are discussed in this section. using disk drives for backup storage does make sense. this approach still does nothing to address the matter of archival storage (though the same "spin off to tape after the backup" approach mentioned earlier can be used). in printed form.Linux Administration – Backups Page 116 of 167 Tape Tape was the first widely-used removable data storage medium. and it has a long history of reliability. Even if you spend the extra money for removable disk drives.5. But for the types of organizations that need the kind of features this solution can provide. their fragility can be a problem.

The tar implementation included with Red Hat Enterprise Linux is GNU tar. By having a client/server architecture. 22. they can be used as the nucleus of such a solution.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . these utility programs do not constitute a complete backup solution. The archive contains the contents of the /home/ directory. as such. Other resources are available from Red Hat's main support page at <http://www. in addition. can serve well as a backup program.com/apps/support/>.5.redhat.cpio and residing in the /mnt/backup/ directory. The archive file can be compressed by adding a single option to the previous command: tar czf /mnt/backup/home-backup. AMANDA's design also serves to centralize the administration of backups. which need nothing more than the AMANDA client software. instead of requiring additional hardware for every system requiring backup services.tar.gz /home/ cpio The cpio utility is another traditional UNIX program. information on them can be found on the Red Hat website. More comprehensive support options exist. Depending on the type of data being backed up. who contribute as time permits. many lists are monitored by Red Hat personnel. The behavior of cpio is a bit different from tar.com info@wilshiresfot. Using tar. The resulting archive file will be nearly as large as the data being backed up. find /home/ -atime +365 | cpio -o > /mnt/backup/home-backup. By themselves. tar The tar utility is well known among UNIX system administrators. A common method of generating a list of files for cpio is to use programs such as find whose output is then piped to cpio: find /home/ | cpio -o > /mnt/backup/home-backup.cpio AMANDA AMANDA (The Advanced Maryland Automatic Network Disk Archiver) is a client/server based backup application produced by the University of Maryland. one of the more feature-rich tar implementations. It is an excellent general-purpose program for moving data from one place to another and.cpio This following command creates a cpio archive file (containing the everything in /home/) called home-backup. Unlike tar. The AMANDA server manages a pool of backup media and rotates usage through the pool in order to ensure that all backups are retained for the administrator-dictated retention period. All media is pre-formatted with data that www. This approach to backups makes a great deal of sense.tar in /mnt/backup/.wilshiresoft.2 Backup Utilities Red Hat Linux comes with several different programs for backing up and restoring data. as it concentrates those resources needed for backups in one system. It is the archiving method of choice for sharing ad-hoc bits of source code and files between systems. making the system administrator's life that much easier. compressing the archive file can result in significant size reductions. a single backup server (normally a fairly powerful system with a great deal of free space on fast disks and configured with the desired backup device) can back up many client systems.Linux Administration – Backups Page 117 of 167 Red Hat's user community. backing up the contents of a directory can be as simple as issuing a command similar to the following: tar cf /mnt/backup/home-backup. cpio reads the names of the files it is to process via standard input. However.tar /home/ This command creates an archive file called home-backup.

automatically determining the order in which systems are to be backed up. % ls -l /dev/*st[0-9] www. Although the archive may be created as a regular file on a regular filesystem. but it does come with a brilliant feature for incremental archiving. AMANDA contains a utility program that allows the operator to identify the file system.6 Working with “dump/restore” The “dump” handles a physical filesystem as an archiving target and the restore command usually uses the archive to restore the filesystem as it was dumped. you will never face such a problem. but it was removed'. With dump. one method of using dump can cause problems. manual process. where it is stored on a holding disk. This results in a continuous stream of data available for writing to the backup media. For example. date.wilshiresoft. basically. In operation. making it possible to completely automate backups. Dump backups a filesystem as a whole into an ``archive''. The dump(8) and restore(8) commands have traditionally been used on the BSD systems to backup and restore filesystems. making review easy and fast. and file name(s). Once the backups actually start.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 22. AMANDA identifies the correct backup media and then locates and restores the desired data. However. As backups are written to the backup media. dump puts the record in the archive as `there used to be a file foo. dump/restore The dump and restore programs are Linux equivalents to the UNIX programs of the same name. Dump is indeed a simplistic and primitive tool. You may also use loadable module. As stated earlier. check the device files. Once all the estimates are available. As such. Once all backups have been completed. Should it be necessary to restore data. they are deleted from the server's holding disk. if you prefer. In summary. AMANDA can be interfaced with robotic media changing units. Note: Dump is suitable for archiving whole filesystems and is Not Recommended for Mounted File Systems! Tape Device files The Linux kernel provides the drivers for the tape devices. Please build the proper driver for your device when compiling your kernel. other clients are sending their backups to the server for storage on the holding disk. it is usually stored on an external backup device such as a magnetic tape. and restore retrieves files from it.com info@wilshiresfot. AMANDA is normally scheduled to run once a day during the data center's backup window.Linux Administration – Backups Page 118 of 167 allows AMANDA to detect whether the proper media is available or not. Then. Once a backup is complete. AMANDA's design also makes it possible to restore data even without AMANDA's assistance. it would be fair to say cpio. If you use tar for your regular incremental backup tasks and attempt a full restoration one day. dump cannot exclude specific files from the archive. the system administrator is emailed a report outlining the status of the backups. suppose a file `foo' was backed up during the last archiving and removed afterwards. On the next incremental archiving. In addition. At the same time. many system administrators with UNIX experience may feel that dump and restore are viable candidates for a good backup program under Red Hat Enterprise Linux. Each file is managed by the i-node number and. the server starts writing it out from the holding disk to the backup media. you may run out of the disk space by trying to restore a large number of files that had already been removed. the server constructs a schedule. It identifies newly created or modified files after the previous backup and efficiently stores them to an archive very fast. although identification of the correct media would be a slower. tar or afio is suitable for archiving specific files or directories. Some features are implemented in dump to support such devices. the data is sent over the network from the client to the server. The AMANDA server connects to the client systems and directs the clients to produce estimated sizes of the backups to be done. Once this is done.

st? are ``auto-rewind'' devices. but I prefer the no rewind ones.wilshiresoft. Which to use is your choice. In the above example. In the following example. To do this.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . you may want to create the symlink to it named ``/dev/tape''. /dev/nst0 is used as the target device. 0 Oct 9. make them with MAKEDEV command). and the second drive is backup purposes only. 22. ln -s nst0 tape If you intend to use the tape drive for the backup only. the following parameters should be the order: dump sbf `tape length' `blocksize' `filesystem' `output file' . In this document.6.filesystem mount point or a device name of the filesystem to dump It's interesting to use the dump backup program if you want to take advantage of its several levels of backup procedures. and nst? are ``no-rewind'' devices. For example. if the option is ``sbf''. DUMP: Volume 1 started at: Fri Jan 28 21:25:14 2000 DUMP: dumping (Pass III) [directories] DUMP: dumping (Pass IV) [regular files] DUMP: DUMP: 18580 tape blocks on 1 volume(s) DUMP: finished in 4 seconds.1 Making backups with dump USAGE: dump `option' `parameter' `filesystem' . When the target device is chosen. Given below is a procedure to have a longer backup history and to keep both the backup and restore times to a minimum. for example: [root@skynet] /# dump -0u -f /dev/st0 /home DUMP: Date of this level 0 dump: Fri Jan 28 21:25:12 2000 DUMP: Date of last level 0 dump: the epoch DUMP: Dumping /dev/sda6 (/home) to /dev/st0 DUMP: mapping (Pass I) [regular files] DUMP: mapping (Pass II) [directories] DUMP: estimated 18582 tape blocks on 0. % cd /dev. 129 Oct 9.com info@wilshiresfot. which rewind the tape after the command is invoked to the driver. 128 Oct 9.Linux Administration – Backups Page 119 of 167 crw-rw-rwcrw-rw---crw-rw-rwcrw-rw---- 1 1 1 1 root root root root disk disk disk disk 9. you should consider limiting the access to it. throughput 4645 KBytes/sec DUMP: Volume 1 completed at: Fri Jan 28 21:25:18 2000 DUMP: Volume 1 took 0:00:04 DUMP: Volume 1 transfer rate: 4645 KB/s www.Options 0-9 : dump level B : number of records per volume b : blocksize per record (KB) h : dump level below which the nodump attribute affects f : output file (tape) d : tape density n : notify to the operator s : tape length u : update /etc/dumpdates T : specify the date to record in /etc/dumpdates W : print the filesystems to be dumped with marks w : print the filesystems which need to be dumped . we assume that the backup is written to a tape drive named /dev/st0 and we backup the home directory /home of our system. remove the read/write permissions for `Others'.48 tape(s).parameters Specify the parameters corresponding to the options in sequence. the first tape drive is accessible to normal users. It is important to always start with a level 0 backup. 1 Oct 5 5 5 5 1995 1995 1995 1995 /dev/nst0 /dev/nst1 /dev/st0 /dev/st1 There should be two kinds of device files: /dev/nst? and /dev/st? (if not. to which the access is prohibited except for the owner and the users belonging to the `disk' group. you can omit the device name on the command lines of mt and others. With this.

It is also done in interactive mode. With this kind of procedure. the u option means to update the file /etc/dumpdates after a successful dump.bashrc Personal/ To add the current directory or file to the list of files to be extracted. a tape drive. In an interactive restoration of files from a dump. It restores files or file systems from backups made with dump.Xdefaults .: admin/ lost+found/ restore > named/ quota. directory. it is the /home directory /home. the -f option to write the backup to file The file may be a special device file like /dev/st0. Use the ls command as shown below: restore > ls . a disk drive Finally.6. or partial backups. In our example.bash_history . use the following command: [root@skynet /home]# restore -i -f restore > /dev/st0 A prompt will appear in your terminal. The full backup should be done at set intervals.bash_logout . use the cd commands. In our example. you will have 12 tapes for 12 months that handle histories and changes of your system for one year. You have a number of possibile commands and options to restore backed up data with the dump program. 22. [root@skynet] /# cd /home To restore files from a dump in interactive mode. you must specify what you want to backup. and on a set of fresh tapes that are saved forever. then it and all its descendents are added to the extraction list as shown below: restore > add Personal/ Files that are on the extraction list are prepended with a * when they are listed by the ls command: restore > ls .bash_profile restore > . This is required. or specified./accounts: . we change to accounts directory./accounts: www. and subsequent incremental backups layered on top of it. after reading in the directory information from the dump.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . /dev/rsd1c. with the following command we must move to the partition file system where we want to restore our backup. detailed is a procedure that uses the full potential of the restore program with the most options possible. say once a month. you can copy the 12 tape backups onto a different computer designated to keep all yearly backups for a long time and be able to reuse them. Below. If a directory is specified.wilshiresoft.2 Restoring files with “restore” command The restore command performs the inverse function of dump(8). to list the current.com info@wilshiresfot.group quota. the restore program provides a shell like interface that allows the user to move around the directory tree selecting files to be extracted. A full backup of a file system may be restored. Later. 12 tapes. The following is what we will see if we try to restore our /home directory: First of all. Single files and directory sub-trees may be restored from full. as shown below: restore > cd accounts restore > ls .user accounts/ To change the current working directory to the specified one.Linux Administration – Backups Page 120 of 167 DUMP: DUMP: DUMP: DUMP: DUMP: DUMP: level 0 dump on Fri Jan 28 21:25:12 2000 DUMP: Date of this level 0 dump: Fri Jan 28 21:25:12 2000 DUMP: Date this dump completed: Fri Jan 28 21:25:18 2000 DUMP: Average transfer rate: 4645 KB/s Closing /dev/st0 DUMP IS DONE -0 to -9 is the backup level option you want to use. since the interactive mode of the restore program will restore our backups from the current partition file system where we have executed the restore command. to repeat the procedure for a new year. use the add command.

bash_logout .doc *Linux/ *Overview.wilshiresoft.7 Managing the tape “mt” Command The mt command is a utility to manipulate tape drives. Some commands of mt are drivedependent.bash_profile *Personal/ To delete the current directory or specified argument from the list of files to be extracted. If possible. Restore will ask which volume the user wishes to mount./accounts/Personal: *Ad?le_Nakad. as shown below: restore > extract You have not read any tapes yet. It is a must-have tool if you want to use dump/restore with tape drives.doc *Resume/ *SAMS/ *Templates/ *bruno universite. Further documentation.com info@wilshiresfot.doc *My Pictures/ restore > delete Resume/ restore > ls . and practice around with it. Specify next volume #: 1 set owner/mode for '. as shown below: restore > cd Personal/ restore > ls .Linux Administration – Backups Page 121 of 167 .doc *My Pictures/ The most expedient way to extract most of the files from a directory is to add the directory to the extraction list and then delete those files that are not needed. it is a good idea to prepare a tape for training purposes. If a directory is specified.'? [yn] y To exit from the interactive restore mode after you have finished extracting your directories or files. /sbin/restore > quit Other methods of restoration exist with the dump program.doc *Divers. The fastest way to extract a few files is to start with the last volume and work towards the first volume. as well as check the drive status.doc *Divers. you can rewind/forward/position the tape. use the extract command. there are man pages you can read: dump(8)and restore(8).Xdefaults .bash_history . use the delete command.doc *BIMCOR/ *My Webs/ *Contents. With mt. mt Operations www. Unless you know which volume your file(s) are on you should start with the last volume and work towards the first. for more details. then all its descendents including itself are deleted from the extraction list.bashrc . so please read the manual carefully to know which commands are available for your drive./accounts/Personal: *Ad?le_Nakad.doc *Linux/ *Overview. To extract all files in the extraction list from the dump. consult the man page of dump for more information.doc *BIMCOR/ *My Webs/ *Contents. 22. use the quit command as shown below.doc Resume/ *SAMS/ *Templates/ *bruno universite.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .

one by one. you have to pass the "compression" flag explicitly to the drive by mt. Density code 0x0 (default). Next. Here is an example: % mt status SCSI 1 tape drive: File number=0. chances are that the link /dev/tape doesn't point to the device file of your drive correctly. Now you can try writing some files to your tape. fix the link to point to it. % tar cf /dev/tape file-01 If you see no errors. The drive status must be "ONLINE" before read / write operations. you don't have to set tape density and tape block size parameters. Generate six dummy files (from file-01 to file-06) by touch command. and is incremented as passing the End-Of-File (EOF) marks on the tape. block number=0. mt status command can be used to do this.com info@wilshiresfot. you may want to set these parameters explicitly for portability. it should have worked. block number=0. Let's see mt status. Soft error count since last status=0 General status bits on (41010000): BOT ONLINE IM_REP_EN First of all. Next word "ONLINE" indicates that the tape drive is ready to be operated (by mt). File number zero corresponds to the beginning of the tape. /dev/nst0: No such device or address In this case. Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 www. Please refer to the mt(1) manual page (items on defsetblk. % mt SCSI File Tape status 1 tape drive: number=1. This means that the drive has a tape loaded. Density code 0x0 (default). It shows that the current file number is zero. These hardware specific parameters are strongly dependent on the drive you use. (tcsh)% foreach num (01 02 03 04 05 06) foreach? touch file-$num foreach? end (tcsh)% ls -l -rw-r--r-1 fuku users 0 Nov 21 01:10 file-01 -rw-r--r-1 fuku users 0 Nov 21 01:10 file-02 -rw-r--r-1 fuku users 0 Nov 21 01:10 file-03 -rw-r--r-1 fuku users 0 Nov 21 01:10 file-04 -rw-r--r-1 fuku users 0 Nov 21 01:10 file-05 -rw-r--r-1 fuku users 0 Nov 21 01:10 file-06 Then. and the status BOT indicates that the drive head is at the beginning of the tape. Create a directory for practice in an appropriate place. write these files to the tape with tar. because these will be automatically set to suit your drive. If "mt status" outputs an error message as follows. Tape block size 1024 bytes.Linux Administration – Backups Page 122 of 167 Insert a tape (for practice purpose. Normally.com . if possible) into your drive. After the tape has been loaded. defcompression.wilshiresoft. and the manual of your drive. block size 1024 bytes. If your drive supports compression feature and you want to use it. try other tape-device files by -f option. If you want to read/write the tape on other OS's also. let us confirm the tape status. datcompression and compression). setblk. look at the bottom line. After finding the right one. see the third line.

set the tape head at the EOF of the previous file so that you can read the file from the first block. First. rewind the tape completely. Since one EOF mark has been written on the tape. the file number is incremented by one. Because /dev/tape is /dev/nst0 in this case.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . You have to move the head to where the target file is recorded. This can be done as shown below.wilshiresoft. of course you will lose whole contents of it. Density code 0x0 (default). As the next practice. you must set the head at the EOF of the last file in this tape.Linux Administration – Backups Page 123 of 167 Soft error count since last status=0 General status bits on (81010000): EOF ONLINE IM_REP_EN Looks fine. When reading the file. let's read a certain file from the tape which contains multiple files sequentially. If you write data from middle of some file. these two parts are generated automatically. the EOF mark of the file is also a start position of the next file. consider extracting file-03 from the tape to which we just wrote six files. % mt rewind www. It is important to know that each file consists of two parts. which is no rewind device. as shown in below figure. Firstly. Soft error count since last status=0 General status bits on (81010000): EOF ONLINE IM_REP_EN All files have been properly written. Tape block size 1024 bytes. and then go to the proper position.com info@wilshiresfot. The drive head position is at the end of the files just written. Then write rest of the files at once. In other words. the head position is at the EOF of the file just written. (tcsh)% foreach num (02 03 04 05 06) foreach? tar cf /dev/tape file-$num foreach? end Again. % mt status SCSI 1 tape drive: File number=6. a file content and the EOF mark. block number=0. If you write a file successfully. And if you want to add a file to the tape. confirm the status. And the drive is ready to write next data.

wilshiresoft. This "end of file" is DIFFERENT from the EOF of the tape. Density code 0x0 (default). Density code 0x0 (default). which is two files ahead of the current position. block number=0.Linux Administration – Backups Page 124 of 167 file-03 is written at the position of file number 2. % mt fsf 2 mt fsf command skips specified numbers of EOFs and goes to the starting block of the next file. Tar program usually reads an archive until its own "end of file" mark. % mt fsf 2 % mt status SCSI 1 tape drive: File number=2. Let's see tape status. Let's look the content of this file by tar: % tar tf /dev/nst0 file-03 It is file-03. fsf 2 means that the head should be moved to the starting position of the file. Tape block size 1024 bytes. as expected. Soft error count since last status=0 General status bits on (81010000): EOF ONLINE IM_REP_EN Status says that the head is at the EOF of the file number 2 (where the file-02 is archived).com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . www. Soft error count since last status=0 General status bits on (1010000): ONLINE IM_REP_EN Note that EOF is not shown in this status. Now the head is at the beginning of this tape (BOT). and stops. % mt status SCSI 1 tape drive: File number=2. Tape block size 1024 bytes. block number=10. and is also the starting point of file-03.com info@wilshiresfot. so you have to skip two EOFs to go to file-03.

If you want to read the next file. The detail is somewhat cumbersome so it is omitted here. this command might not work with certain drives.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Backups Page 125 of 167 In figure-6. after you did "mt fsf" and the head is now at the EOF mark of it. That is the beginning of this file. Even if it doesn't work. and ejected from the drive. type: % mt bsfm 2 bsfm is an extended command of mt. You can go to the EOF of the last file by mt eod command. F (blue mark) is the tar's "end of file" mark. Let's consider how to read the archive which has file-03 again. To do this. This operation also depends on the kind of your drive. www. rewind the tape and eject it. do this command: % mt fsf to skip one EOF mark.com info@wilshiresfot. and some old mt doesn't implement it. However. The answer is searching the tape backward until the second EOF mark will be found. since it is slightly confusing. Note that this is still within the recorded block of the file. so you should test it beforehand. If you try to read next block from this position. Finally. but usually the following command works: % mt offline Then the tape is rewinded if necessary. Please remember this behavior. In that case.wilshiresoft. you can do the same by "fsf" command if you know how many files are written in this tape by logging your operations. you will have to use bsf and fsf in sequence to achieve the desired operation. tar immediately finds EOF mark and silently quits without reading any files.

com info@wilshiresfot.1.1. This chapter discusses the various printers available and compares their uses in different computing environments. Determining the needs of the everyday user allows administrators to determine the right printer for the job. images. serial. There are several factors to consider when evaluating printers for procurement and deployment in your computing environment. or data networking protocols. although these are often only used for specialized purposes. www. printers could only print on one side of the page (called simplex printing). thus reducing the cost of consumables — primarily paper. However. it is recommended you use a dye-sublimation or thermal wax transfer color printer instead of a laser or impact printer. Printers Printers and Printing Printers are an essential resource for creating a hard copy — a physical depiction of data on paper — version of documents and collateral for business. Printer hardware interfaces with a PC or network using parallel. Printers have become an indispensable peripheral in all levels of business and institutional computing. there are several types of printers available. if your requirements call for high-quality color images on professional-grade glossy paper. however. Printing Considerations There are several aspects to factor into printer evaluations. high-end features such as network modules for workgroup and remote site printing should also be considered during evaluation. 23. Function Evaluating your organizational needs and how a printer services those needs is the essential criteria in determining the right type of printer for your environment. In addition. be capable of a manual duplexing method that requires the user to flip the paper themselves). there are large-format printers capable of using A3 (297mm x 420mm) or tabloid (11" x 17") paper sizes. Another factor to consider is paper size. such addons can drive one-time costs up considerably. Most lower-end printer models today do not have duplexing by default (they may.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .Linux Administration – Printers Page 126 of 167 23. or use a laser to generate an image of the page to be printed. Additionally. 23. The most important question to ask is "What do we need to print?" Since there are specialized printers for text. Other factors to consider are features such as duplexing — the ability to print on both sides of a piece of paper. academic. The following specifies some of the most common criteria when evaluating your printing needs. Some models offer add-on hardware for duplexing. The following sections discuss the various printer types and the protocols that printers use to communicate with computers. Conversely. For example.1. Types of Printers Like any other computer peripheral. and home use. such as printing blueprints. you should be certain that you procure the right tool for your purposes.wilshiresoft. laser or inkjet printers are well-suited for printing rough drafts or documents intended for internal distribution (such high-volume printers are usually called workgroup printers). while others spray ink on paper. duplex printing may reduce costs over time by reducing the amount of paper used to print documents. Some printers employ technologies that mimic manual typewriter-style functionality. It then describes how printing is supported by Red Hat Enterprise Linux. Traditionally. Most printers are capable of handling the more common paper sizes: letter — (8 1/2" x 11") A4 — (210mm x 297mm) JIS B5 — (182mm x 257mm) legal — (8 1/2" x 14") If certain departments (such as marketing or design) have specialized needs such as creating posters or banners. there are printers capable of even larger sizes. or any variation thereof.

Printer manufacturers have addressed this need by developing departmental (or workgroup) printers. PostScript and PCL are now widely adopted PDLs and are supported by most printer manufacturers. The previous default printing system. charts. The choice of media is heavily dependent on the type of information being printed. Such complexity must adhere to some format conventions. Red Hat Linux defaults to the CUPS printing system. If the system was upgraded from a previous Red Hat Linux version that used LPRng. complete with text and any graphics included. a software company catering mostly to electronic graphics and document professionals. the PC or workstation takes the images. Networked Versus Local Printers Depending on organizational needs. These machines are usually durable. Printer Languages and Technologies Before the advent of laser and inkjet technology.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . but full adoption of the language by the rest of the printing industry was never realized. consumables is a general term used to describe the material used up during the printing process. you were to send a print-ready file using a proprietary PDL to a professional press. the system will continue to use LPRng. and scalable to fit different paper sizes. At the same time. 23. This is what spurred the development of the page description language (or PDL) — a specialized document formatting language specially made for computer communication with printers. and print filters. www. As the name implies.6.7. However. all on one page.Linux Administration – Printers Page 127 of 167 Cost Cost is another factor to consider when evaluating printers. such proprietary languages applied only to the printers that the manufacturers created themselves. a series of scanned lines that form an image of the document (called Raster Image Processing or RIP). resulting in little or no variation in printing from one printer to the next. and uses them as objects that form instructions for the printer to process. and document layout. the Hewlett-Packard ® Company developed the Printer Control Language™ (or PCL) for use in their ubiquitous laser and inkjet printer lines. Two original developers of Interpress left Xerox and formed Adobe®. and prints the output onto the page as one image. Today. determining the one-time cost associated with the purchase of the printer itself is not sufficient. there was no guarantee that your file would be compatible with the printer's machines. The issue of portability came into question. The printer then translates those objects into rasters. they developed a widely-adopted PDL called PostScript™. printers are able to process complex documents with embedded images. There are other costs to consider. Such overlap in expenditure can eat into allotted budgets. impact printers could only print standard. print spool directories. When a document is ready for printing. the upgrade process did not replace LPRng with CUPS. which uses a markup language to describe text formatting and image information that could be processed by printers. This work-flow makes printing documents of any complexity uniform and standard. While local printers attached via a parallel or USB cables to every workstation are an ideal solution for the user. 23. PDLs are designed to be portable to any format. Starting with version 9 and Fedora. This tool helps maintain the printer configuration file. More recent departmental printers include built-in or add-on network interfaces that eliminate the need for a dedicated print server. it is usually not economically feasible. typographical information. If. justified text with no variation in letter size or font style. Xerox® developed the Interpress™ protocol for their line of printers. fast. Workgroup printers usually are attached to a print server. At Adobe. and have long-life consumables. The Printer Configuration Tool allows users to configure a printer in Red Hat Linux. and tables in multiple frames and in several languages. LPRng is still provided. leaving less capital for other necessities. and printer add-ons. for example. a standalone device (such as a reconfigured workstation) that handles print jobs and routes output to the proper printer when available. such as consumables. parts and maintenance.com info@wilshiresfot. Consumables primarily take the form of media and ink. However. Over the years. PDLs work on the same principle as computer programming languages. it may be unnecessary to assign one printer to each member of your organization.wilshiresoft. printer manufacturers have developed their own proprietary languages to describe document formats. The media is the material on which the text or image is printed.

The changes www. the old file is saved as /etc/printcap.local file. however. the upgrade process preserved the configured queues. a printer attached to a Microsoft Windowsô machine).8 Printer Configuration The following types of print queues can be configured: Locally-connected a printer attached directly to the computer through a parallel or USB port.wilshiresoft. your existing configuration file was converted to the new format used by this application. select Main Menu Button (on the Panel) => System Settings => Printing.Linux Administration – Printers Page 128 of 167 If a system was upgraded from a previous Red Hat Linux version that used CUPS.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The entries in /etc/printcap. edit the /etc/printcap. If you upgraded your system from a previous version of Red Hat Linux. 23. The Printer Configuration Tool configures both the CUPS and LPRng printing system. it configures the active printing system.com info@wilshiresfot.old. Each time the printer daemon (lpd or cups) is started or restarted. To start the application. Networked Novell (NCP) a printer attached to a different system which uses Novell's NetWare network technology. a printer attached to another Red Hat Linux system running LPD on the network). Each time a new configuration file is generated. or type the command redhatconfig-printer.local are not displayed in the Printer Configuration Tool but are read by the printer daemon. you must apply the changes to them to take effect. and the system will continue to use CUPS. new configuration files are dynamically created. To use the Printer Configuration Tool you must have root privileges. You can also force the Printer Configuration Tool to run as a text-based application by using the command redhat-config-printer-tui from a shell prompt. Networked UNIX (LPD) a printer attached to a different UNIX system that can be accessed over a TCP/IP network (for example. When you apply changes. Figure1: Printer Configuration Tool Networked Windows (SMB) a printer attached to a different system which is sharing a printer over a SMB network (for example. depending on which one the system is configured to use. If you are using CUPS. Important If you add a new print queue or modify an existing one. the Printer Configuration Tool does not display any queues or shares not configured using the Printer Configuration Tool. Important Do not edit the /etc/printcap file or the files in the /etc/cups/ directory. If you are using LPRng and want to add a printer without using the Printer Configuration Tool. Clicking the Apply button saves any changes that you have made and restarts the printer daemon. This command automatically determines whether to run the graphical or text based version depending on whether the command is executed in the graphical X Window System environment or from a text-based console. it will not remove them from the configuration files. The files are dynamically created when changes are applied with Printer Configuration Tool as well.

dashes (-). and select the device. Click Forward to continue. enter a short description for the printer. and underscores (fi). which can contain spaces. Figure2: Adding a Printer In the window shown below Figure3. Figure4 appears. www. click Rescan devices to rescan the computer or click Custom device to specify it manually.com info@wilshiresfot. click the New button in the main Printer Configuration Tool window to display the window in following Figure2. numbers. Optionally. The printer name may contain letters. Figure3: Selecting a Queue Name After clicking Forward.Linux Administration – Printers Page 129 of 167 are not written to the configuration file until the printer daemon is restarted.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Alternatively. Select Locally-connected from the Select a queue type menu. Click Forward to proceed. Adding a Local Printer To add a local printer. you can choose Action => Apply. enter a unique name for the printer in the Name text field. If no devices appear in the list. The device is usually /dev/lp0 for a parallel printer or /dev/usb/lp0 for a USB printer. such as one attached through a parallel port or USB port on your computer. The printer name cannot contain spaces and must begin with a letter.wilshiresoft.

www.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The printer name may contain letters.Linux Administration – Printers Page 130 of 167 Figure4. The printer name cannot contain spaces and must begin with a letter. and underscores (fi). Figure5. Optionally. and click Forward. and underscores (fi). Go to Selecting the Printer Model and Finishing to continue. Select Networked UNIX (LPD) from the Select a queue type menu. dashes (-). Adding a Samba (SMB) Printer To add a printer which is accessed using the SMB protocol (such as a printer attached to a Microsoft Windows system). In the window shown in Figure3. such as one attached to a different Linux system on the same network. numbers. In the window shown in Figure3.wilshiresoft. enter a short description for the printer. Queue The remote printer queue. The default printer queue is usually lp. Click Forward to continue. dashes (-). enter a unique name for the printer in the Name text field. enter a short description for the printer. click the New button in the main Printer Configuration Tool window. The next step is to select the type of printer. Adding a Local Printer The next step is to select the type of printer.com info@wilshiresfot. The printer name cannot contain spaces and must begin with a letter. The window shown in Figure2 will appear. numbers. which can contain spaces. Click Forward to proceed. click the New button in the main Printer Configuration Tool window. Click Forward to proceed. The printer name may contain letters. Adding a Remote UNIX (LPD) Printer To add a remote UNIX printer. which can contain spaces. enter a unique name for the printer in the Name text field. The window shown in Figure2 will appear. Adding a Remote LPD Printer Text fields for the following options appear: Server The hostname or IP address of the remote machine to which the printer is attached. Optionally.

Password The password (if required) for the user specified in the User name field. the next step is to select the printer model. click the Specify button on the right. This user must exist on the Windows system. you can change it here as well. To avoid this. or nobody for Samba servers. If a workgroup name is required to connect to the share. The default user name is typically guest for Windows servers. select the model from the list. SMB shares are automatically detected and listed. From the expanded list. it is possible for others to learn the username and password if they have root access. This dialog window is the same as the one shown when the Specify button is clicked. Adding a SMB Printer As shown in Figure6. Click Forward to continue. Warning If you require a username and password. Select the name of the printer manufacturer from the pulldown menu. If it was not auto-detected. Selecting the Printer Model and Finishing After selecting the queue type of the printer. The printers are divided by manufacturers. Click the arrow beside each share name to expand the list. it can be specified in this dialog box. and the user must have permission to access the printer. The Printer Configuration Tool then attempts to connect to the shared printer. Figure6. the username and password to access the printer should be different from the username and password used for the user's account on the local Red Hat Linux system. Thus. If they are different. Text fields for the following options appear: Workgroup The name of the Samba workgroup for the shared printer Server The name of the server sharing the printer Share The name of the shared printer on which you want to print. This name must be the same name defined as the Samba printer on the remote Windows machine. choose this queue type.com info@wilshiresfot. The printer models are updated each time a different manufacturer is selected. it is recommended that they also use a different password than the one for the print queue. If the shared printer requires a username and password. www. they are stored unencrypted in files only readable by root and lpd.Linux Administration – Printers Page 131 of 167 Select Networked Windows (SMB) from the Select a queue type menu. If the printer you are looking for does not appear in the list. then the only possible security compromise would be unauthorized use of the printer. If an incorrect share name is specified. and click Forward. User name The name of the user you must log in as to access the printer. Select the printer model from the list. a dialog window appears prompting you to provide a valid username and password for the shared printer. If there are file shares from the server. You will see a window similar to Figure7.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft. If the printer is attached to a Microsoft Windows system. select a printer.

wilshiresoft. the remote print server usually has its own print driver. Try selecting a print driver according to the manufacturer and model of the remote printer. or NCP). print a test page to ensure the configuration is correct. Test Page Options www. Selecting a Printer Model The recommended print driver is selected based on the printer model selected.com info@wilshiresfot. SMB. applying the changes. first try selecting Generic as the manufacturer and Raw Print Queue or Postscript Printer as the printer model. Printing a Test Page After you have configured your printer. To print a test page. Click the Apply button in the main window to save your changes and restart the printer daemon. After applying the changes. LPD. Click Apply to add the print queue if the settings are correct. To make sure the data is not filtered more than once. If the test fails. Since a local printer is attached directly to your computer. and printing a test page. print a test page to try out this new configuration. If you change the print driver or modify the driver options. Confirming Printer Configuration The last step is to confirm your printer configuration. If you select an additional print driver on your local computer. then select the appropriate test page from the Test pulldown menu. you should print a test page to test the different configuration. select the printer that you want to try out from the printer list. Figure8. If you are configuring a remote printer (IPP. the remote print server might not have a print driver configured.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . you need a print driver to process the data that is sent to the printer. the data is filtered multiple times and is converted to a format that the printer can not understand. Click Back to modify the printer configuration.Linux Administration – Printers Page 132 of 167 Figure7. After applying the changes. you should print a test page to make sure the printer is functioning properly. The print driver processes the data that you want to print into a format the printer can understand.

Some printers require both Send Form-Feed (FF) and Send EndofTransmission (EOT) to eject the last page. The name of the printer should change in the printer list. Depending on which queue type is chosen. Editing a Printer Queue Name To rename a printer or change its short description. Click Apply to save the changes and restart the printer daemon. Figure9. The window contains the current values for the selected printer. the form feed light fiashes). Make any necessary changes. This option is only available with the LPRng printing system. Click Apply in the main Printer Configuration Tool window to save the changes and restart the printer daemon. different options are displayed. select the printer from the printer list and click the Default button on the toolbar. To set the default printer. www. click OK to return to the main window. The tabbed window shown in Figure9 is displayed. click OK to return to the main window.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Refer to the appropriate section on adding a printer for a description of the options. The default printer icon appears in the Default column of the default printer in the list. and click OK. Click Apply to save the change and restart the printer daemon. the settings can be edited by selecting the printer from the printer list and clicking the Edit button. The queue type of the printer can be changed or just the settings. Click OK to return to the main window. Options vary for each print driver.wilshiresoft. change the value in the Queue name tab. Queue Type The Queue type tab shows the queue type that was selected when adding the printer and its settings. select the printer and click the Delete button on the toolbar. Driver Options The Driver Options tab displays advanced printer options. If it is changed. After adding the printer(s). Click Apply to save the change and restart the printer daemon.com info@wilshiresfot. Common options include: Send Form-Feed (FF) should be selected if the last page of the print job is not ejected from the printer (for example. Click Apply to save the changes and restart the printer daemon.Linux Administration – Printers Page 133 of 167 Modifying Existing Printers To delete an existing printer. try selecting Send End-of-Transmission (EOT) instead. Printer Driver The Printer driver tab shows which print driver is currently being used. If this does not work. After making modifications. The printer is removed from the printer list.

type this command as root: /usr/sbin/redhat-config-printer-tui --Ximport < settings. This option prerenders non-standard PostScript fonts so that they are printed correctly. The options include US Letter. the application creates its own configuration file that is used to create the files in the /etc/cups directory (or the /etc/printcap file that lpd reads). If this file is saved. If the system is using LPRng and custom settings have been added in the /etc/printcap. US Legal. To save your printer configuration. To modify the driver options. Assume Unknown Data is Text should be selected if the print driver does not recognize some of the data sent to it.xml. this is not an option because text is always converted to PostScript. If the printer does not support the fonts you are trying to print.wilshiresoft. it can be used to restore the printer settings. A3. This is useful if the printer configuration is deleted. Change this option to use paper from a different tray. type this command as root: /usr/sbin/redhat-config-printer-tui --Xexport > settings. For example. Page Size allows the paper size to be selected. If you want to keep your www. it should be saved as part of the backup system as well. select this option to print Japanese fonts to a non-Japanese printer. andA4. use the following method to save the printer configuration files. the print driver assumes that any data that it can not recognize is text and attempts to print it as text. If the CUPS printing ystem is used.xml If you already have a configuration file (you have configured one or more printers on the system already) and you try to import another configuration file. Refer to Send FormFeed (FF) above.xml Your configuration is saved to the file settings. click OK to return to the main window. If the /etc/cups directory or the /etc/printcap file is saved and restored to the same locations. If this option is selected along with the Convert Text to Postscript option. try selecting this option. If this option is selected. Extra time is required to perform this action.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Also select this option if the printer can not handle PostScript level This option converts it to PostScript level 1 GhostScript pre-filtering allows you to select No pre-filtering.com info@wilshiresfot. Only select this option if there are problems printing. the printer configuration is not be restored because each time the printer daemon is restarted. or if the same printer configuration is needed on Printer Configuration multiple systems. Effective Filter Locale defaults to C. Click Apply to save the change and restart the printer daemon. To restore the configuration. Convert Text to Postscript is selected by default. Do not choose it unless problems printing the correct fonts exist. the print driver assumes the unknown data is text and then converts it to PostScript. This option is only available with the LPRng printing system. This option is only available with the LPRng printing system. Convert to PS level 1.Linux Administration – Printers Page 134 of 167 Send End-of-Transmission (EOT) should be selected if sending a form-feed does not work. When creating a backup of the system's configuration files. the existing configuration file will be overwritten. or Convert to PS level 2 in case the printer can not handle certain PostScript levels. You can use the command line options to save or restore the Printer Configuration Tool file. Saving the Configuration File When the printer configuration is saved using the Printer Configuration Tool. Media Source defaults to Printer default. This option is only available if the PostScript driver is used with the CUPS printing system. Prerender Postscript should be selected if characters beyond the basic ASCII set are being sent to the printer but they are not printing correctly (such as Japanese characters). The file should be saved on a different system before reinstalling. If the printer can print plain text. try unselecting his when printing plain text documents to decrease the time it takes to print. it creates a new /etc/printcap file from the special Printer Configuration Tool configuration file. if Red Hat Linux is reinstalled.local file.

As root. issue the command: /sbin/service cups restart If you are using LPRng.wilshiresoft. after adding the printer. This method is useful if you want to add a printer from a script or in the %post section of a kickstart installation.xml Your printer list will then consist of the printers you configured on the system as well as the printers you imported from the saved configuration file. Adding a Local Printer To add a printer: redhat-config-printer-tui --Xadd-local options Options: --device=node (Required) The device node to use For example. If one is not given. use the following command to start/restart the printer daemon: #service lpd restart Removing a Local Printer A printer queue can also be removed via the command line. you must restart the printer daemon. If the imported configuration file has a print queue with the same name as an existing print queue on the system. a name based on the device node (such as ìlp0î) will be used. to remove a printer queue: redhat-config-printer-tui --Xremove-local options Options: --device=node www.Linux Administration – Printers Page 135 of 167 existing configuration and add the configuration in the saved file. issue the command: /sbin/service lpd restart Command Line Configuration If you do not have X installed and you do not want to use the text-based version. after adding the printer. --name=name (Optional) The name to be given to the new queue. /dev/lp0 --make=make (Required) The IEEE 1284 MANUFACTURER string or the printer manufacturer's name as in the foomatic database if the manufacturer string is not available --model=model (Required) The IEEE 1284 MODEL string or the printer model listed in the foomatic database if the model string is not available. you can merge the files with the following command (as root): /usr/sbin/redhat-config-printer-tui --Ximport --merge < settings. After importing the configuration file (with or without the merge command). If you are using CUPS.com info@wilshiresfot. If you are using CUPS as the printing system (the default).com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . use the following command to start/restart the printer daemon: #service cups restart If you are using LPRng as the printing system. you can add a printer via the command line. the print queue from the imported file will override the existing printer.

click the Printer Manager icon on the panel to start the GNOME Print Manager as shown in Figure10. GNOME Print Manager It can also be started by selecting Main Menu Button (on the Panel) => System Tools => Print Manager. and do not want to run the printer daemon anymore. the username of the person who sent the request. the print job is added to the print spool queue. Double-click on a configured printer to view the print spool queue as shown in Figure11 www. restart the printer daemon for the changes to take effect: #service cups restart If you are using the LPRng printing system. If you are using the CUPS printing system (the default). execute the following command: #service lpd stop Managing Print Jobs When you send a print job to the printer daemon. execute the following command: #service cups stop If you are using LPRng. have removed all printers. and more. --make=make (Required) The IEEE 1284 MANUFACTURER string. or (if none is available) the printer manufacturer's name as in the foomatic database --model=model (Required) The IEEE 1284 MODEL string.Linux Administration – Printers Page 136 of 167 (Required) The device node used such as /dev/lp0. the hostname of the system that sent the request.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . If you are running a graphical desktop environment. the job number. after removing the printer from the Printer Configuration Tool configuration. and do not want to run the printer daemon anymore. such as the status of the request.wilshiresoft. restart the printer daemon for the changes to take effect: #service lpd restart If you are using CUPS. have removed all printers. The Printer Configuration Tool is then started. Figure10. right-click on the icon for the printer and select Properties. after removing the printer from the Printer Configuration Tool configuration. The print spool queue is a list of print jobs that have been sent to the printer and information about each print request. or (if none is available) the printer model as listed in the foomatic database.com info@wilshiresfot. such as printing text file from Emacs or printing an image from The GIMP. To change the printer settings.

com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Figure10: Clicking on the printer notification icon starts the GNOME Print Manager to display a list of current print jobs. the icon might not be displayed for short print jobs. The window shown in Figure12 is displayed. Click OK to start printing the file. a printer notification icon might appears in the Panel otification Area of the desktop panel as shown in Figure10. select it from the list and select dit => Cancel Documents from the pulldown menu. The last few lines will look similar to the following: Example of lpq output Rank Owner/ID Class Job Files Size Time active user@localhost+902 A 902 sample. Print Verification Window To view the list of print jobs in the print spool from a shell prompt. Because it probes for active print jobs every five seconds. browse to the location of the file and drag and drop it on to the Print Manager icon on the Panel.txt 2050 01:20:46 www. type the command lpq. Also located on the Panel is a Print Manager icon. To print a file from Nautilus.Linux Administration – Printers Page 137 of 167 Figure11 List of Print Jobs To cancel a specific print job listed in the GNOME Print Manager.wilshiresoft.com info@wilshiresfot. Figure12. If there are active print jobs in the print spool.

Allowing users on a different computer on the network to print to a printer configured for your system is called sharing the printer. Then select Action => Sharing from the pulldown menu. Allowed Hosts The General tab configures settings for all printers. Note: If a printer is not selected.Linux Administration – Printers Page 138 of 167 Sharing a Printer The Printer Configuration Tool's ability to share configuration options can only be used if you are using the CUPS printing system.wilshiresoft. Figure14. it must be able to send and receive connections on the incoming UDP port.com info@wilshiresfot. start the Printer Configuration Tool and select a printer from the list. By default. If you have a firewall configured on the client (the computer sending the print request). including those not viewable with the Printer Configuration Tool. it must be allowed to send and accept connections on port 631. especially if the system is directly connected to the Internet. It is recommended that this option be changed by selecting the All hosts entry and clicking the Edit button to display the window shown in Figure14. by default. Figure13. Allowing all systems on the network to print to the queue can be dangerous. all hosts are allowed to print to the shared printer. printers configured with the Printer Configuration Tool are not shared. select the option to make the queue available to other users. Queue Options After selecting to share the queue. Action => Sharing only shows the system-wide sharing options normally shown under the General tab. There are two options: www. If you have a firewall configured on the print server.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . To share a configured printer. 631. On the Queue tab.

This option does not automatically share the printers configured on the local system. Select either the LPRng or the CUPS printing system. the queues are automatically added to the list of printers available to the system.perms: ACCEPT SERVICE=X REMOTEHOST= < /etc/accepthost 3. in an XTerm or GNOME terminal). Start it by selecting the Main Menu Button (on the Panel) => System Settings => More System Settings => Printer System Switcher. this option enables IPP browsing. and the unselected print daemon is disabled so that it does not start at boot time. Uncomment the following line in /etc/lpd. If you only have one printing system installed. CUPS is the default. sharing must be configured manually.com info@wilshiresfot. To allow systems on the network to print to a configured printer on a Red Hat Linux system. 2. System-wide Sharing Options Automatically find remote shared queues Selected by default. the program starts in graphical mode as shown in Figure16. Sharing a Printer with LPRng If you are running the LPRng printing system. Restart the daemon for the changes to take effect: #service lpd restart Switching Print Systems To switch printing systems. In this file. the selected print daemon is enabled to start at boot time. use the command redhat-switch-printer-nox. If it is running. run the Printer System Switcher application. it starts in a text-based mode. The program automatically detects if the X Window System is running. it is the only option shown. add the IP address or hostname of the system that you want to allow print access to. with one line per IP or hostname. use the following steps: 1. To force it to run in as a text-based application. Create the file /etc/accepthost.wilshiresoft.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . If you select OK to change the printing system. If X is not detected. In Red Hat Linux 9. no additional configuration is required for a printer found from IPP browsing.Linux Administration – Printers Page 139 of 167 Figure15. www. which means that when other machines on the network broadcast the queues that they have. or type the command redhat-switch-printer at a shell prompt (for example.

conf The manual page for the class configuration file for CUPS. refer to the following resources.conf The manual page for the CUPS printer daemon configuration file. man cupsd The manual page for the CUPS printer daemon. map lpr The manual page for the lpr command that allows you to print files from the command line. thus making the changes take place immediately.Linux Administration – Printers Page 140 of 167 Figure16 Printer System Switcher The selected print daemon is started. man lpd The manual page for the LPRng printer daemon. man cupsd. Installed Documentation man printcap The manual page for the /etc/printcap printer configuration file. www. man lprm The manual page for the command line utility to remove print jobs from the LPRng spool queue.wilshiresoft. and the other print daemon is stopped. Additional Resources To learn more about printing on Red Hat Linux. man classes.com info@wilshiresfot. man mpage The manual page for the command line utility to print multiple pages on one sheet of paper.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .

4 kernel setup in place.4. IPv6. Note: This feature is turned off on distributions. So be patient! STEP2 The upgrade requires a few modifications to various config files.6 Kernel contains the following common features: 0(1) Scheduler .d/halt /etc/fstab STEP3 www.x.Provides fast and more efficient I/O processing on multiple file descriptors. The Machine on which we are going to upgrade the kernel is with following Hardware configuration PIV 2Ghz processor. but its use for device driver information is deprecated. Block I/O .x and 2.6.22-1.4.Linux Administration – Upgrading Linux Kernel Page 141 of 167 24. New device driver interface . Note: On the slower machine kernel upgrading process takes quite long. The specific version (2.x as and when they come out.1 Upgrading Kernel Step By Step STEP1 Most Important: Security holes have been found in earlier kernels and are fixed in the latest kernel This practical assumes that you have a fully functional 2. This addition provides improved scalability for systems running Domino®.XA (external attributes).6. Memory management enhancements . Kernel preemption support .nptl or what not) is not important. The files are: /etc/rc. ePoll . the upgrade is slightly more tedious that upgrading within the same branch.sysinit /etc/init. IPsec additional features .8 or 2. New file system/volume manager features .4.4.wilshiresoft.Allows for cryptographic security at network protocol level and enables crypto exploitation for z990.6. procfs (/proc) is still available.Kernel assisted threading allows increased speed for multithreaded applications.6 kernel code features The Linux 2. Since there are interface changes between 2. Drivers for the hardware you do have are updated and you need to use them.Allows more processes and improved response time.6.Performance improvements by lock contention reduction. it would be a good idea to copy these files to a safe location so that reverting back to your existing setup is easy.Device information is now kept in sysfs (/sys) and device configuration is only available through sysfs. Constraint relief .Upgrading the RedHat Linux Kernel Typical reasons for upgrading the kernel You have installed newer hardware that wasn't previously supported. SMP scalability enhancements . Per-CPU optimizations . Just to be safe.Asynchronous I/O layer improvements and enhancements. Device numbers have been replaced with bus IDs. management.Provides more capacity for swapping systems. Most Important: Security holes have been found in earlier kernels and are fixed in the latest kernel New and common 2. the exact same steps should apply to 2. Access control lists.x to 2.com info@wilshiresfot.512Mb RAM. Extended attributes. Also. 40Gb Hd and installed with RedHat Linux 9 Shrike OS.Provides enhanced time sharing within one Linux image for certain types of workloads. New threading model (NPTL) .Performance improvement by lock contention reduction. 24.Support for more than 32 CPUs.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .2115. though this upgrade deals with 2. and security improvements for the Samba server.

6.com info@wilshiresfot. However.It is recommended that you copy the kernel to /home/kernel/src/ #mkdir –p /home/kernel/src #cp linux-2. Use this option if you've made minor changes to source files or need to script the rebuild process. This command will backup the current kernel settings and adds to the new one we are about to build.bz2 /home/kernel/src # cd /home/kernel/src # bunzip2 -c linux-2.org/pub/linux/kernel/people/rusty/modules/ or or Install all the developer related tools by using redhat-config-packages.6 STEP5 Copy the appropriate /usr/src/linux-2. #make oldconfig The above command preserves most settings and will prompt you only for new items. In our case it's /home/src/kernel/linux-2. insmod.tar.config in whatever directory you are installing.config.4 config to .tar.3 cp /usr/src/linux-2.tar. STEP4 Download the latest kernel.6 kernel. You can alos use “make menuconfig” which brings up a TUI See the following figure: #make xconfig www. Note that oldconfig will only work within the same major version of the kernel. probably you don’t have linux-source-2. rmmod etc.6.0. these tools are backward compatible so things will still work in your 2.6.4.6.4 setup after you install it.4/configs/kernel-2.4/configs [kernel-2. STEP6 Assuming you copied the appropriate kernel-2.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .4.config and rewrite necessary links and files.6/.kernel.20-i686. required because of the reimplementation of the in-kernel module loader in 2.4 dose not exists. You can also use “make xconfig” command which brings up GUI window asking you to setup all the parameters that you want to enable or disable.6.4.config \ Note: If the /usr/src/linux-2.20 package installed. run the following which will run through necessary questions for the 2. You can install this package from 2nd and 3rd CD of RedHat 9 distribution.config /home/src/kernel/linux-2. oldconfig will read the defaults from an existing .wilshiresoft. here we are using linux-2. Use redhat-config-packages and install the Kernel Development section of packages or simply use rpm command to install the package. The modutils package contains versions of modprobe.0.6.bz2 | tar -xv # cd /home/kernel/src/linux-2.20-i686.bz2 uncompress and unzip it.Linux Administration – Upgrading Linux Kernel Page 142 of 167 Download the latest version of modutils-tools from the following site http://www.config] to .6.6.

Here also the 2. but now you need to create all the loadable modules if you have them configured.6.config CONFIG_EXT3_FS=y Edit the Makefile and add changes to the Extraversion as desired. #vi /home/src/kernel/linux-2.Linux Administration – Upgrading Linux Kernel Page 143 of 167 Figure: make xconfig Note: Run only one of the above commands. Be aware that typical distribution kernels tend to have almost every feature installed.6. lots of messages will scroll by on the screen. To install the modules run: #make modules_install www. Patches will update these values as well.6. The stock kernels are somewhat leaner by default and take.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . To build the modules we run: #make modules STEP 10: Again. For example.x series is less talkative.6/. On a Pentium III with 128Mb RAM took almost 45 minutes to build the kernel Image. plus a few others for good measure. Once the modules are built they can be installed. however. on IA32 systems we can verify this with: #ls -l arch/i686/boot STEP 9: There is one more step needed for the build process.wilshiresoft. outputting only summary information. STEP7 This is very important. These can typically take an hour or so to build.config has the following in it CONFIG_EXT3_FS=y You'll run into the error if you leave this =m instead of =y: vi /home/src/kernel/linux-2. You have created the kernel. Make sure you're .3/Makefile VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 3 EXTRAVERSION = -custom_ker-6 Here we are just adding our own name (-custom_ker-6) to the kernel’s extra version. STEP 8: Build the Kernel Image Building the bzImage takes substatially long time based on your system performance./arch/$ARCH/boot. #make bzImage If everything went correctly then the new kernel should exist in . on average. 25 minutes to compile.com info@wilshiresfot.

3-custom_ker-6 System.config Run /sbin/lsmod or cat /proc/modules to make sure a 2. Simply run the make install command. Here's an example of grub. Latest kernel is 2.2) kernel /vmlinuz-2. In /boot/grub/grub.map-2.6. #make install STEP 12 (CHECKING EVERYTHING): Check the following: The new image file should be installed on boot and there should be sym link to it.6.6.6-custom_ker www.map -> System. It should automatically update the GRUB boot loader configuration file /boot/grub/grub. and I got the "-custom_ker-6" from the values I put in the Makefile.Linux Administration – Upgrading Linux Kernel Page 144 of 167 STEP 11: Now it’s the time to install our new kernel. see the following: ls –l /boot vmlinuz -> vmlinuz-2. #boot=/dev/hda default=0 timeout=10 splashimage=(hd0. Also look at "#cat /proc/iomem" Lastly: reboot the system tryout the new kernel.com info@wilshiresfot. Use the uname –r command to see the current kernel version.conf: # grub.sysinit CONFIG_EXT3_FS=y was used in the .2)/grub/splash.4 kernel module wasn't forgotten.xpm.6.conf.conf Should have been automatically updated from make. create initial ram disk image (/boot/initrd-2.wilshiresoft.conf generated by anaconda # # Note that you do not have to rerun grub after making # NOTICE: You have a /boot partition.gz title Red Hat Linux (2. #uname –r 2.6-custom_ker-6) and place the new kernel (/boot/vmlinuz-2.6.6.3-custom_ker-6.6custom_ker-6) under /boot directory.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .3custom_ker-6.conf change "default=0" to boot with the new kernel.6.3-custom_ker-6 ro root=LABEL=/ initrd /initrd-2.3-custom_ker-6) root (hd0.img You added the mount command for sys in /etc/rc.3-custom_ker-6 /boot/grub/grub.6.6.

18-14 on an i686 skynet login: Note: By default. For non-modem connectivity (PC to PC) connect a NULL modem cable to the COM port you want to test. Just add ttyS0 and ttyS1 to the list if you need this access. Configuring Dumb Terminal In a corporate environment with large numbers of Linux servers racked in data centers it’s not easy and affordable to provide a Monitor (console) to each one of the server. Instead we can use a Dumb Terminal to connect to the server by using one of its COM port. To do this you'll have to edit the /etc/securetty file which contains the device names of tty lines on which root is allowed to login. but "agetty" usually isn't activated when you boot up unless its configuration file /etc/inittab is modified. Hit "enter" a couple times and you see something like this: Red Hat Linux release 9 (Shrike) Kernel 2. In this chapter we will see how to connect to a Linux from a dumb terminal.4. user "root" will not be able to log in from a terminal. find the proper port and mention only that particular port in /etc/inittab i. connect the other end to the client PC running "Hyperterm" or whatever terminal emulation software you are using. the COM1 and COM2 ports are controlled by a program called "agetty". One popular Linux equivalent to Hyperterm is “minicom”. Unfortunately your BIOS may halt the system during the Power On Self Test (POST) if it doesn't detect a keyboard. Connect the console / modem cable between the client and your Linux box. This feature can usually be found on the very first screen under the “Halt On” option. Make sure you disable this feature in the BIOS setup of your PC before proceeding. "agetty" may be called just plain "getty". The next step is to restart the "init" process to re-read /etc/inittab [root@skynet tmp]# init q Now you need to configure the terminal client such “as Hyperterm” to match the speed settings in /etc/inittab.Linux Administration – Dumb Terminal Page 145 of 167 25. Preparing To Go “Headless” One of the advantages of this method is that you don't need a keyboard either. In such case check the back panel of the system.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Configuration Steps In RedHat Linux.wilshiresoft. In other versions of Linux.com info@wilshiresfot. www. Port COM1 COM2 Linux "agetty" Device Name ttyS0 ttys1 The following lines added to /etc/inittab will configure your COM ports for terminal access: # Run COM1 and COM2 gettys in standard runlevels S0:235:respawn:/sbin/agetty -L 9600 ttyS0 vt100 S1:235:respawn:/sbin/agetty -L 9600 ttyS1 vt100 Warning: The system will HANG if one of ttyS0 or ttyS1 is connected to Mouse or other devices are using the particular port. Here is a table that lists the physical ports to their equivalent Linux device names. If the mouse is PS/2 type or both the ports are not in use then there shouldn’t be any problem.e either ttyS0 or ttyS1. You will also need to make sure that you have activated your COM ports in your BIOS settings.

RAID 0 can accommodate disks of unequal sizes. the data access speed is lower for this portion of data as the total number of RAID drives available is reduced. When the failed disk is replaced.1. RAID 1 also offers the possibility of using a "hot standby" spare disk which will be automatically cloned in the event of a disk failure on any of the primary RAID devices. A file that is spread over four disks can be read four times as fast. RAID can be handled either by the operating system software or it may be implemented via a purpose built RAID disk controller card without having to configure the operating system at all. This chapter will explain how to configure the software RAID schemes supported by RedHat / Enterprise/ Fedora Linux.wilshiresoft.1. It is for this reason that RAID 0 is best used with equal sized drives. 26.2 RAID 1 With RAID 1. the data is automatically cloned to the new disk from the surviving disk. When this occurs. it then continues the striping using the available space on the remaining drives.1 RAID 0 With RAID 0 the RAID controller tries to evenly distribute data across all disks in the RAID set. Following figure illustrates the data allocation process in RAID 0. data is cloned on a duplicate disk. When RAID runs out of "striping space" on the smallest device. A good analogy would be telling two people the same story so that if one forgets some of the details you can ask the other one to remind you. The advantage of RAID 0 is data access speed. Software RAID The main goal of using Redundant Arrays of Inexpensive Disks (RAID) is to either improve disk data performance and/or provide data redundancy. 26. www.1 RAID Types 26. This RAID method is therefore frequently called "disk mirroring". RAID 0 aims to accommodate large file systems spread over multiple devices with no data redundancy.com info@wilshiresfot.Linux Administration – Software RAID Page 146 of 167 26. You should also be aware that RAID 0 is often called "striping".com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . When one of the disks in the RAID set fails. the other one continues to function.

If hardware RAID isn't available then you should be aware of these basic guidelines to follow when setting up software RAID. Unlike RAID 0.1. A disadvantage of software based RAID 1 is that the server has to send data twice to be written to each of the mirror disks. so you can configure them right after your system's the power on self test (POST). Like RAID 4. without the speed advantages of RAID 0.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . With a hardware based solution. A limitation of RAID 1 is that the total RAID size in Gigabytes is equal to that of the smallest disk in the RAID set. Linux RAID 5 requires a minimum of three disks / partitions. RAID 5 can only survive the loss of a single disk. This can saturate data busses and CPU utilization. This avoids the parity disk bottleneck while maintaining many of the speed features of RAID 0 and the redundancy of RAID 1. the hardware does all the work. Following figure illustrates the data allocation process in RAID 1. Specially built hardware based RAID disk controllers are available for both IDE and SCSI drives. the extra space on the larger device isn't used.wilshiresoft. 26. Hardware based RAID is transparent to your operating system. the server CPU sends the data to the RAID disk controller once. and the disk controller then duplicates the data to the mirror disks. Followinf figure illustrates the data allocation process in RAID 5. They usually have their own BIOS. This makes RAID capable disk controllers the preferred solution when implementing RAID 1.3 RAID 5 RAID 5 improves on RAID 4 by striping the parity data between all the disks in the RAID set.Linux Administration – Software RAID Page 147 of 167 RAID 1 offers data redundancy.com info@wilshiresfot. www.

You cannot replace them while your system is running. making them suitable for data center applications. The performance of the IDE bus can be degraded by the presence of a second device on the cable. It is for these reasons that it is recommended to use only one IDE drive per controller when using RAID. Only two devices can be attached per controller.2. SCSI cables can be several meters long. Much more than two devices may be connected to a SCSI cable bus. This can be fatal if you have two IDE drives of the same RAID set attached to the same cable. IDE drives do not "hot swap". Some models of SCSI devices support "hot swapping" which allows you to replace them while the system is running. However SCSI drives tend to be more expensive than IDE drives.2.1 IDE Drives Following are IDE disks limitations: The total length of an IDE cable can only be a few feet long which generally limits their use to small home systems. especially in a corporate environment.Linux Administration – Software RAID Page 148 of 167 Before You Start 26.com info@wilshiresfot.2 SCSI Drives SCSI hard disks have a number of features that make them more attractive for RAID use. Software RAID Partitions Or Entire Disks? www. The failure of one drive on an IDE bus often causes the malfunctioning of the second device. It can accommodate 7 (singleended SCSI) or 15 (all other SCSI types) devices. 26.wilshiresoft. SCSI controllers are more tolerant of disk failures.2 SCSI and IDE 26.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . The failure of a single drive is less likely to disrupt the remaining drives on the bus.

Make sure you create these partitions on SCSI Disk array. [root@skynet tmp]# init 1 26. This will reduce the risk of data corruption during the exercise. This will cause all the old data on the underlying RAID partitions to be lost. If you are doing RAID 0 or RAID 5. the partitions should be of approximately the same size. A mistake could unintentionally corrupt valid data. This can be done using fdisk. In our example we'll be configuring RAID 5 using a system with three pre-partitioned hard disks. The reason for this is obvious as a disk failure could still incapacitate a system. This will make sure that most applications and networking will be shutdown and that all other users will not be able to access the system. www. but this is larger than 1024... The partitions to be used will be: /dev/sdb1 /dev/sdc1 /dev/sdd1 You'll need to adapt the various stages outlined below to your particular environment..com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .. If you decide to use RAID. DOS FDISK. .. RAID will limit the extent of data access on each partition to an area no larger than that of the smallest partition in the RAID set.g.wilshiresoft. all the partitions on each RAID disk should be part of a RAID set. OS/2 FDISK) Command (m for help): Use FDISK Help We now use the fdisk "m" command to get some help Command (m for help): m .com info@wilshiresfot. Determining Available Partitions Use the "fdisk -l" command to view all the mounted and unmounted filesystems available on your system. Here is an example using /dev/sdb1 [root@skynet tmp]# fdisk /dev/sdb The number of cylinders for this disk is set to 8355. 26. each on a separate disk. old versions of LILO) 2) booting and partitioning software from other OSs (e.1 Configuring Software RAID Configuring RAID using Fedora Linux requires a number of steps that need to be followed carefully.Linux Administration – Software RAID Page 149 of 167 It is generally a not a good idea to share RAID configured partitions with non RAID partitions.3. Backup Your System First Software RAID creates the equivalent of a single RAID virtual disk drive made up of all the underlying regular partitions used to create it.. Prepare The Partitions With FDISK You have to change each partition in the RAID set to be of type FD (Linux raid autodetect). RAID Partitioning You will first need to identify two or more partitions.3 Configure RAID In Single User Mode As you will be modifying the disk structure of your system you should also consider configuring RAID while your system is running in single user mode from the VGA console. and could in certain setups cause problems with: 1) software that runs at boot time (e. It is best to backup the data on these and any other partitions on the disk drive on which you want implement RAID. There is nothing wrong with that. as in this scenario.g. You will have to format this new RAID device before your Linux system will be able to store files on it.

[root@skynet tmp]# The error above will occur if any of the other partitions on the disk is mounted.wilshiresoft. Repeat For The Other Partitions Seps for changing the IDs for /dev/sdc1 and /dev/sdd1 are very similar. . 16 Hidden FAT16 61 SpeedStor a9 NetBSD f2 DOS secondary 17 Hidden HPFS/NTF 63 GNU HURD or Sys ab Darwin boot fd Linux raid auto 18 AST SmartSleep 64 Novell Netware b7 BSDI fs fe LANstep 1b Hidden Win95 FA 65 Novell Netware b8 BSDI swap ff BBT Hex code (type L to list codes): fd Changed system type of partition 1 to fd (Linux raid autodetect) Make Sure The Change Occurred Use the "p" command to get the new proposed partition table Command (m for help): p Disk /dev/hde: 4311 MB... The kernel still uses the old table. We now modify its "type" using the "t" command and then specifying the partition number and type code. .. WARNING: Re-reading the partition table failed with error 16: Device or resource busy.Linux Administration – Software RAID Page 150 of 167 p print the partition table q quit without saving changes s create a new empty Sun disklabel t change a partition's system id . Command (m for help): Set The ID Type To FD Partition /dev/sdb1 is the 1st partition on disk /dev/hde. 8355 cylinders Units = cylinders of 1008 * 512 = 516096 bytes Device Boot /dev/sdb1 /dev/sdb2 Save The Changes Use the "w" command to permanently save the changes to disk /dev/hde. .. Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table.. Command (m for help): t Partition number (1-5): 1 Hex code (type L to list codes): L .. Start 1 4089 End 4088 5713 Blocks 2060320+ 819000 Id fd 83 System Linux raid autodetect Linux www. Syncing disks. 63 sectors/track.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .. 4311982080 bytes 16 heads.com info@wilshiresfot.. The new table will be used at the next reboot. We also use the "L" command to get a full listing of ID types in case we forget...

In this case we want to create the logical RAID device /dev/md0 [root@skynet tmp]# mkraid /dev/md0 analyzing super-block disk 0: /dev/sdb1. For example. Templates for this file may be found in the /usr/share/doc/raidtools* directory and explanation of the various parameters can be viewed with the command "man raidtab". 2 & 3. # # sample raiddev configuration file # 'old' RAID0 array created with mdtools.wilshiresoft. Confirm that the initialization is finished by inspecting the file and making sure that there are no initialization related messages. algorithm 3 [3/3] [UUU] unused devices: <none> Format The New RAID Set www. sdc1 sdd1). The "raid-disk" parameters for each partition in the /etc/raidtab file are numbered starting at "0". "persistent-superblock" must be set to "0" In our example: We configure RAID 5 on using each of the desired partitions on the 3 disks (sdb1. raid superblock at 104320kB disk 2: /dev/sdd1. raid superblock at 104320kB Confirm RAID Is Correctly Inititalized The /proc/mdstat file provides the current status of all RAID devices. they would be numbered 0.Linux Administration – Software RAID Page 151 of 167 Edit the RAID Configuration File The Linux RAID configuration file is /etc/raidtab. 32k chunk.2 Create the RAID Set The mkraid command creates the RAID set by reading the /etc/raidtab file. # raiddev /dev/md0 raid-level 5 nr-raid-disks 3 persistent-superblock 1 chunk-size 32 parity-algorithm left-symmetric device /dev/sdb1 raid-disk 0 device /dev/sdc1 raid-disk 1 device /dev/sdd1 raid-disk 2 26. 104391kB. raid superblock at 104320kB disk 1: /dev/sdc1. 104391kB. [root@skynet tmp]# cat /proc/mdstat Personalities : [raid5] read_ahead 1024 sectors md0 : active raid5 sdd1[2] sdb1[1] sdc1[0] 4120448 blocks level 5.com info@wilshiresfot. For all RAID versions. For RAID levels 1. The set of 3 RAID disks will be called /dev/md0. 4 and 5 /etc/raidtab "persistent-superblock" must be set to "1" in order for the RAID autodetect feature (partition type FD) to work. if you have four partitions for RAIN.3. 1.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 104391kB. General Guidelines When configuring RAID 5 a "parity-algorithm" setting must be used.

[root@skynet tmp]# raidstart /dev/md0 Create A Mount Point For The RAID Set The next step is to create a mount point for /dev/md0. whichever comes first. 884736 Writing inode tables: done Creating journal (8192 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 26 mounts or 180 days.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . 163840. then you will get parity errors.Linux Administration – Software RAID Page 152 of 167 Your new RAID device will now have to be formatted. Load The RAID Driver For The New RAID Set The next step is make the Linux operating system fully aware of the RAID set by loading the driver for the new RAID set using the raidstart command. 819200. Device mounting then occurs later on in the boot process.00%) reserved for the super user First data block=0 32 block groups 32768 blocks per group. On startup. just use the real device name such as "/dev/md0".wilshiresoft. Mount The New RAID Set The mount command can now be used to mount the RAID set. It is very important that the "chunk-size" parameter in the /etc/raidtab file match the value of the block size multiplied by the stride value in the command below. In this case we'll create one called /mnt/raid [root@skynet mnt]# mkdir /mnt/raid Edit The /etc/fstab File The /etc/fstab file lists all the partitions that need to be mounted when the system boots. A block size of 4KB (4096 bytes) is used with each chunk being comprised of 8 blocks. Add an Entry for the RAID set We'll now add an entry for the /dev/md0 device. 294912. Note: If the values don't match. Use tune2fs -c or -i to override. Using the automount feature www.d/rc. In the example below: We use the "-j" qualifier to ensure that a journaling file systems is created. the /etc/rc. Mounting a RAID device that doesn't have a loaded driver can corrupt your data giving the error below.sysinit script checks the /etc/fstab file for device entries that match RAID set names in the /etc/raidtab file. 229376. 32768 fragments per group 16128 inodes per group Superblock backups stored on blocks: 32768.32 (09-Nov-2002) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) 516096 inodes. Here is an example of a line that could be used: /dev/md0 /mnt/raid ext3 defaults 1 2 Note: It is very important that you DO NOT use labels in the /etc/fstab file for RAID devices. It will not automatically start the RAID set driver for the RAID set if it doesn't find a match. 98304. 1030160 blocks 51508 blocks (5.com info@wilshiresfot. [root@skynet tmp]# mke2fs -j -b 4096 -R stride=8 /dev/md0 mke2fs 1.

the file has very little information as seen below [root@skynet tmp]# raidstop /dev/md0 [root@skynet tmp]# cat /proc/mdstat Personalities : [raid5] read_ahead 1024 sectors unused devices: <none> More information. is provided once the driver is loaded using the raidstart command. [root@skynet tmp]# raidstart /dev/md0 [root@skynet tmp]# cat /proc/mdstat Personalities : [raid5] read_ahead 1024 sectors md0 : active raid5 sdd1[2] sdb1[1] sdc1[0] 4120448 blocks level 5. 32k chunk.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .wilshiresoft. algorithm 3 [3/3] [UUU] unused devices: <none> www.Linux Administration – Software RAID Page 153 of 167 The mount command's "-a" flag will cause Linux to mount all the devices in the /etc/fstab file that have automounting enabled (default) and that are also not already mounted. including the partitions of the RAID set. [root@skynet tmp]# mount /dev/md0 /mnt/raid Check The Status Of The New RAID The /proc/mdstat file provides the current status of all the devices. [root@skynet tmp]# mount -a Manually Mounting the RAID Set You can also mount the device manually.com info@wilshiresfot. When the raid driver is stopped.

among other things. for example–never require user input. Bot – Short for Robot. including suspend. other packages include both source and binaries. Often created to facilitate transferring between computers. Some background processes–daemons.com info@wilshiresfot. see Bash and Korn Shell.) BDF Fonts – A variety of bitmapped fonts for the X Window System. each with varying access (permission) levels. sleep and off. restore the Master Boot Record. A program designed to search for information on the Internet with little human intervention. ZIP and ZOO. A GNU version is called Gawk. usually compressed to save storage space. Binaries – Source code that has been compiled into executable programs. Weinberger. such as UNIX/Linux. data entry). A boot disk can be used to partition and format the hard drive. www. while the user is interacting with the foreground process (for example. or User Name. (Also. CGI scripts are often created using the Perl language. After Linux installation. Others are merely in the background temporarily while the user is busy with the program presently running in the foreground. or root operator. Also. account names are assigned by the Superuser. and Kernighan) – A programming language useful for its pattern matching syntax. to create such an archive file.Linux Administration – Glossary Page 154 of 167 Glossary of Common Linux Terms (A) Account Name – Same as Login ID. see FreeBSD. etc. Bootstrap – is using a much smaller initial program to load in the desired program (which is usually an operating system). (Also. This may be necessary if the system was rendered non-bootable for some reason. The name assigned to a user on a UNIX/Linux system. A number of background processes can be running on a multitasking operating system. and can generate dynamic Web content (including e-commerce shopping baskets.) Bin – A directory containing executable programs. User ID. because it saves battery power. Bourne Shell – A popular command line shell offering many advantages over the DOS command prompt. providing smaller file sizes than Gzip (C) CGI (Common Gateway Interface) – Used on Web servers to transmit data between scripts and/or applications and then return the data to the Web page or browser. Awk – (Aho.) BSD – (Berkeley Software Distribution) UNIX – UNIX distribution from University of California at Berkeley (Also. see PostScript Fonts and TrueType Fonts. Boot Disk – A diskette (floppy) containing enough of an operating system (such as Linux) to boot up (start) the computer and run some essential programs from the command line. Archive – A single large file containing multiple files. current news. In the UNIX/Linux world.wilshiresoft. or copy specific files. primarily binary files.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . discussion groups. and often used for data retrieval and data transformation. Popular archival formats include ARJ. (B) Background Process – A program that is running without user input. Multiple users can be set up on a system with unique account names. survey forms. TAR.). APM (Advanced Power Management) – An industry standard for allowing the system processor and various components to enter power-saving modes. see Korn Shell.) Bzip2 – A newer file compression program for UNIX/Linux. still others are distributed only in binary format. Bash – (Bourne Again SHell) – An enhanced version of the Bourne Shell. APM software is especially important for mobile devices. (Also. some software is distributed as source code only.

that can be installed by a user. TurboLinux and others. windows. monitors. CSV – Comma Separated Value file contains the values in a table as a series of ASCII text lines organized so that each column value is separated by a comma from the next column's value and each row starts a new line. (Also. for example) from a server. A daemon usually lurks in the background until something triggers it into activity. Often available as a free download or in a low-cost CD-ROM package. Popular distributions include Caldera OpenLinux. and other software into a user deliverable. SuSE. drivers. etc. NOME. Desktop – The operating system user interface. It provides standard Unix file semantics and advanced features. see AfterStep. the perating system desktop uses program and data icons.Linux Administration – Glossary Page 155 of 167 CHS – (Cylinder/Head/Sector) – Disk information required by FDISK during partitioning. www. etc. including KDE.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . taskbars. The operation is then performed. A journaling file system uses a separate area called a log or journal. such as a specific time or date. CUPS – Common Unix Printing System provides a portable printing layer for UNIX and linux based operating systems (D) Daemon – A background process of the operating system that usually has root security level permission.) Elm – was a popular e-mail program for users of Unix or linux based operating systems that runs in a cmd line mode (like reading email in DOS).) Device Driver – A program that serves as an intermediary between the operating system nd a device (ports. go to www. GNOME. Moreover. CoreLinux. Distribution – A packaging of the Linux kernel (core) with various user interfaces. The CLI displays output text from the operating system or program and provides a command prompt for user input. EXT3 – Extended File System Version 3 Ext3 support the same features as Ext2. time interval. Client – A machine that requests services (e-mail. receipt of e-mail. For more on fterStep. thanks to the optimizations included in the kernel code. there is enough information in the log to "replay" the log record and complete the operation. and X11. (Also. and the like. it is robust and offers excellent performance. Rather than physical telephones. (E) Emacs (Editing with MACroS) – A popular text editor. lamps. such as Tar or Mkdir Cluster – A network of workstations (PCs or other) running Linux. Red Hat. Slackware. Cron – A Linux daemon that executes specified tasks at a designated time or interval..wilshiresoft. Debian.afterstep. but includes also Journaling.) Command Line Interface (CLI) – A full-screen or windowed text-mode session where the user executes programs by typing in commands with or without parameters. they are logged to this separate area. If the system crashes during the operation. which is designed to represent an office esk with objects on it. etc. or shell. utilities. in/out baskets. Window manager and X Window System.org.) defining to the operating system what apabilities the device has and translating the operating system commands into nstructions the device understands. see GUI. KDE and X Window system. (Also. CLU – (Command Line Utility) – A program that is run from a command line session. Enlightenment – One of several user interfaces (window managers). Errata – Redhat has lots of this stuff EXT2 – Extended File System Version 2 is probably the most widely used filesystem in the Linux community. drives. Console Application – A command line program that does not require (or perhaps even offer) a graphical user interface to run. printers. see Beowulf. Compiler – A program used to turn programming source code into an executable program. here are many different desktop environments available for Linux. Before metadata changes are actually performed.com info@wilshiresfot.

So-called because many of the components included in a Linux distribution are GNU tools. windows. Gtk/Gtk+ – (GIMP ToolKit) – A powerful. as the user jumps between them. The kernel then starts the rest of the operating system. FreeBSD – (Free Berkeley Software Distribution) – Similar to Linux in that it includes many GNU programs and runs many of the same packages as Linux. (A .gz or . menus and other graphical objects. (Also. Sed and sort.gz extension.Linux Administration – Glossary Page 156 of 167 (F) File System – A set of programs that tells an operating system how to access and nterpret the contents of a disk or tape drive.Z extension indicates an older version of Gzip. built with Gtk.html to see a copy of the GPL agreement. Visit Grep – (Global Regular Expression and Print) – A tool that searches files for a string of text and outputs any line that contains the pattern Grub – A linux bootloader is the first software program that runs when a computer starts. . GNU software is licensed under the GPL. go to www. Foreground Process – In a multitasking operating system.) Compression is used to compact files to save storage space and reduce transfer time. GIMP – (GNU Image Manipulation Program) – A popular image editor/paint program for Linux. fast open source graphics library for the X window System on UNIX/Linux. such as UNIX/Linux.org/LDP/gs/app-gpl/node1.) FTP – (File Transfer Protocol) – A method of transferring files to and from other computers–often software repositories. it is the topmost window. data entry). (Also.tgz. see GNOME.tar. see BSD UNIX.z or . the foreground process is the program that the user is interacting with at the present time (for example. and other onscreen graphical images that provide the user’s interaction with the operating system. see Desktop and Window manager. GNU/Linux – Same as Linux. KDE and X Window System.wilshiresoft.) Gzip – (GNU zip) – The original file compression program for UNIX/Linux.org. It is responsible for loading and transferring control to the operating system kernel software. Filter – A program that reads data (from a file. GNOME (GNU Network Object Model Environment) – One of several user interfaces (window managers) for Linux.Z. Finger – A UNIX/Linux command that provides information about users that are logged on. program output or command line entry) as input. processes it according to a set of predefined conditions (for example. HPFS (OS/2). NTFS (Windows NT/2000).com info@wilshiresfot. GPL – (GNU General Public License) – A common usage and redistribution www. (G) GCC – (GNU C Compiler) – A high-quality C compiler governed by the GPL. Recent versions produce files with a . For more on GNOME.gnome.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Some filters include Awk. (When combined with Tar. used by programmers to create buttons. However. or other storage medium. Grep. (Also. (Also. see AfterStep. Motif and Qt. Different programs can be in the foreground at different times.) GUI (Graphical User Interface) – The collection of icons.linuxdoc. NFS. In a tiered windowing environment. Enlightenment. the resulting file extensions may be . and others. license. some kernel functions are implemented differently.tar. sorted lphabetically) and outputs the processed data.) GNU – (GNU is Not Unix) Project – An effort of the Massachusetts Institute of Technology (MIT) Free Software Foundation (FSF) to develop and promote alternatives to proprietary UNIX implementations. Common file reparing Today for Linux Tomorrow systems include: FAT and FAT-32 (DOS/Windows).) (H) www.

LILO – (LInux LOader) – A popular partition boot manager utility. A different JVM is required for each unique operating system (Linux.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . and generally cannot communicate with other computers across a network. It starts the system in single-user mode or spawns a shell to read the startup files. Korn Shell – An enhanced version of the Bourne Shell.” Java is a somewhat simplified version of the C++ language. (J) Java® – An object-oriented programming language developed by Sun Microsystems® to be operating system independent. (Also. Changes to the index are written to a log file before the changes take effect so that if the index is corrupted (by a power failure during the index write.com info@wilshiresfot. go to www.wilshiresoft. IBM or others. built with Qt. allow the Web page designer to specify highlighting. or smaller Java “applets. It is not file system-specific. input/output. JVM – (Java Virtual Machine) – A Java runtime environment. Java Applets – Small Java programs that are embedded in a Web page and run within a browser. printers. JFS – (Journaled/Journaling File System) – A file system that includes built-in backup/recovery capabilities.kde. including memory allocation. Java applications and applets are sometimes offered as downloads to run on users’ systems. capable of booting to operating systems other than Linux. create hyperlinks. JavaBeans – component architecture for the Java language. and opens ports designated as login ports. GNOME and X Window System. For more on KDE. the index can be rebuilt from the log. JavaScript – A cross-platform World Wide Web scripting language. and is normally interpreted rather than compiled.) Kernel – The core of the operating system. position graphics. (K) KDE – (K Desktop Environment) – One of several user interfaces (window managers) for Linux. as an embedded language in server-parsed HTML. see AfterStep. HTTP – (Hyper Text Transport Protocol) – The set of guidelines created for requesting and sending HTML-based Web pages. but any JVM can run the same version of a Java program. including extensive scripting support and command line editing. such as files and serial devices (modems. which includes a Java interpreter. www. (Also. and user access. etc. Markup “tags.” or formatting commands. security. HTML – (Hyper Text Markup Language) – The standard markup language for designing Web pages. JDK – (Java Development Kit) – A Java programming toolkit from Sun. A older system of chatting online using the Internet. for example). It can be used as a server-side scripting language.) (L) LGPL (Library GPL) – A variation of the GPL that covers program libraries.). (I) Init – The first process to run immediately after the operating system loads.). available for UNIX/Linux and other operating systems. JavaBeans components are called Beans. upon which all other components rely.Linux Administration – Glossary Page 157 of 167 Home Directory – The directory the user is placed in after logging on. see Bash. IRC Internet relay chat. Applets cannot access some resources on the local computer. It supports many scripts written for the Bourne Shell. including the changes. Windows 98. vaguely related to Java.org. not as a stand-alone application. Enlightenment. and as an embedded language for browsers. etc. The kernel manages such tasks as low-level hardware interaction and the sharing of resources. Java programming can produce applications. required for the running of Java programs. etc. These can be more like the wild west days since there is usally little to no direct control or moderation of these. OS/2. Java is often used on Web servers.

“Linux” really refers to only the operating system kernel. Using standard components reduces development time (because the writing and testing of those www. or task. at a time. A word processor can make good use of multithreading. A cooperative multitasking OS. Multithreaded programming requires a multitasking/multithreading operating system. offers better utilization of processors and other system resources. or core. a keyboard macro that types in a user ID when Ctrl-U is pressed on the keyboard). for example) data. Multithreading.wilshiresoft.Linux Administration – Glossary Page 158 of 167 Linux – An open source UNIX-like operating system. originally begun by Linus Torvalds. MIME (Multipurpose Internet Mail Exchange) – A communications protocol that allows text e-mail messages to include non-textual (graphics. LISA also provides the ability to reason over ordinary CLOS objects. and. a file that holds this information. Windows NT/2000 or OS/2. Mozilla – was Netscape Communication's nickname for Navigator. such as UNIX/Linux. Macros may be applicationspecific (such as a spreadsheet or word processing macro that performs specific steps within that program) or general-purpose (for example. Lynx – A popular non-graphical (text-based) Web browser. MBR (Master Boot Record) – The first physical sector on a bootable disk drive. to determine which partition is currently active (bootable). Windows NT/2000 or OS/2. The place where the system BIOS looks when the computer is first booted. so that one application is unable to hog resources when they are needed by another program. Lindows is less expensive than Windows XP. requires one application to voluntarily free up resources upon request so another application can use it. or threads. menus and other graphical objects for the X Window System. because it can spell check in the foreground while saving to disk and sending output to the system print spooler in the background. Multitasking – The ability of an operating system to run more than one program. Lindows – is a low-cost commercial Linux-based operating system with a user interface similar to the latest Microsoft Windows operating system.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . before reading that partition’s first (boot) sector and booting from the partition. LISA – (Lisp-based Intelligent Software Agents) is a production-rule system heavily influenced by JESS (Java Expert System Shell). Mesa – An implementation of the OpenGL (Open Graphics Library) API (Application Programming Interface). A preemptive multitasking OS. rather than requiring the developer to write custom programming code each time. more recently. capable of running many programs concurrently. The rest of a Linux distribution consists of various utilities. Man – The UNIX/Linux command for reading online manual pages. when done correctly. Motif – A powerful proprietary graphics library for UNIX/Linux. its Web browser. Multithreading – The ability of an operating system to concurrently run programs that have been divided into subcomponents. developed by the Open Software Foundation (OSF) and used by programmers to create buttons. applications. (N) NFS (Network File System) – A file system that allows the sharing of files across a network or the Internet. More than 200 people have contributed to the development of the Linux kernel. Mount – Identify a disk drive to the file system before use. (O) Object-Oriented – A software development methodology that offers the programmer standard reusable software modules (components). (M) Macro – A set of instructions stored in an executable form. a user interface and other tools that generally can be compiled and run on other UNIX operating systems as well. the name of an open source public collaboration aimed at making improvements to Navigator. Although Lindows is proprietary and is not open source like Linux. It has at its core a reasoning (artifical intelligence) engine based on the Rete pattern matching algorithm. device drivers. on a time-slice basis. frees up resources when ordered to by the operating system. video or audio. or a priority basis. Log – To store application or system messages or errors. Also. such as UNIX/Linux. It provides standard guidelines and a toolset for writing 2D and 3D hardware-assisted graphics software.com info@wilshiresfot. like Windows 95/98.

PHP is a script language and interpreter that is freely available and used primarily on Linux Web servers.Linux Administration – Glossary Page 159 of 167 components has already been done by other programmers). POSIX (Portable Operating System Interface for uniX) – A set of programming interface standards governing how to write application source code so that the applications are portable between operating systems.wilshiresoft. PCF fonts – A variety of bitmapped fonts to be used with the X Window System. PostScript Fonts – A wide variety of fonts that can be used with OS/2. which can be viewed using Acrobat Reader or other programs. It is often used to feed the output from one command or program to another. which allows programs to be written without knowing which authentication scheme will be used.is a tool for reading. Open Source – A somewhat ambiguous term that refers to software that is released with its source code. Used for producing operating system-independent documents.afm. MS Windows and the X Window System.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . Panel – The name for the Linux equivalent of the Windows Taskbar. OSS (Open Source Software) – See Open Source. .bash_history file (via the history command) to the grep program. Font files include those with . This allows a module to be replaced later with a different module without requiring rewriting the software. Thus. and managing electronic messages. PostScript – A page description language developed by Adobe Systems that tells a printer how to display text or graphics on a printed page. public-key data encryption program for UNIX/Linux and other operating systems. Partition – A contiguous section of a disk drive that is treated by the operating system as a physical drive. PGP (Pretty Good Privacy) – A high-security. and supports most popular audio chips and adapters.pfb extensions. sending. searching for the string “mcopy”. PD – See Public Domain.) Pine is a program for Internet News & Email . Sometimes called Adobe Type 1 fonts. It is often used on UNIX/Linux Web servers for generating CGI scripts. Piping Symbol – The | keyboard character (the Shift-Backslash character above the Enter key on a typical 101key keyboard). OSS (Open Sound System) – A device driver for accessing sound cards and other audio devices under UNIX/Linux. PDF (Portable Document Format) files – Binary files created with Adobe Acrobat or other programs capable of producing output in this format. Portable – A term referring to software that is designed to be use on more than one operating system with only minor modifications and recompilation. OO – See Object-Oriented. (P) PAM (Pluggable Authentication Modules) – A replaceable user authentication module for system security. including Web browsers equipped with an Acrobat Reader plugin. For example. The term is sometimes used interchangeably with “free software. or ATM www. (Also.” although they are not always the same. history | grep mcopy sends the contents of the . POSIX is based on UNIX and is the basis for the X/Open specification of The Open Group. one disk drive can have several drive letters assigned to it. as opposed to optimizing an application for a specific operating system. It evolved from the Linux Sound Driver. The fact that the source code is provided does not necessarily mean that users can modify and redistribute the source code.com info@wilshiresfot. Perl (Practical Extraction and Report Language) – A common scripting/programming language. PL file extension for a perl script Port/Ported/Porting – The process of taking a program written for one operating system platform and modifying it to run on another OS with similar functionality. and ensures a standard look and feel for programs using the same components. There is generally little or no attempt to customize the program to take advantage of the unique capabilities of the new operating system. see Append Symbol and Redirection Symbol.pfa and .

see Multitasking and Multithreading.com info@wilshiresfot. It produces files with a . repetitive. the public key is published and can be used to encrypt data sent to the holder of the private key. ls -a > output. Commonly used RAID types include RAID 0 (Data Striping).) Queue – (Sometimes incorrectly spelled Que. to be executed automatically when the operating system is started. RAID configurations typically require SCSI disk drives (not IDE/EIDE) and may require identical drives (same capacity. Rdev – A utility for obtaining information about a Linux system. (Also. (Also called Superuser) Root Window – The underlying session in which the Linux desktop runs. see Append Symbol and Piping Symbol. PostScript fonts typically require a PostScript-compatible printer.Linux Administration – Glossary Page 160 of 167 (Adobe Type Manager) fonts.) Process – An executing program. Public domain software is not copyrighted. RAID arrays appear to the operating system as a single device. from login to logoff. RCS (Revision Control System) – A suite of programs that controls shared access to files in a group environment and tracks text file changes. Repeating the command will replace the content of the file with new data. see Gtk/Gtk+ and KDE. which is used by programmers to create buttons. Data encrypted with the public key can be decrypted only with the private key and vice versa.RPM extension. Root Operator – The user ID with authority to perform all system-level tasks. the video mode. Similar to Dpkg.) Public Domain – Software that is available to be used and modified by anyone. and no rights are retained by the author. (S) Script – A set of commands stored in a file. by spreading or duplicating data across multiple disk drives. and may even be incorporated for distribution in commercial software. improved performance and/or quick data recoverability from disk crashes.” Qmail – is one of the more popular email servers also called a SMTP server (R) RAID (Redundant Array of Independent/Inexpensive Disks/Devices) – A method of providing data redundancy. It is often used to send the output from a command to a text file. brand. included with some Linux distributions. (Also.) A list of tasks awaiting execution. see BDF Fonts and TrueType Fonts. as in “the print queue. RAID 1 (Disk Mirroring) and RAID 5 (Striping with Distributed Parity). the swap device and a RAM disk. Python – An object-oriented p-code programming language. Public Key Encryption – A method of data encryption that involves two separate keys: a public key and a private key. menus. Redirection Symbol – The > keyboard character. etc. (Also. fast open source graphics library for the X Window System on UNIX/Linux. It is used to query and set the image root device. The file. and other graphical objects. Typically.) RFS (Remote File Sharing) – A program that lets the user access files on another computer as if they were on the user’s system. for any purpose.). contains a list of instructions (commands or other scripts) to run. (Q) Qt – A powerful. For example. Used for automated. Generally used for maintaining programming source code modules. RC File – A script file containing the startup instructions for a program (an application or even the operating system).com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 . RPM (RPM Package Manager) – A packaging and installation tool for Internet downloads. (Also.wilshiresoft. and the private key is used to sign ata.txt. Session – A complete interaction period between the user and the operating system. execution. www.txt sends the current directory list to a file called output.

Linux Administration – Glossary

Page 161 of 167

Shareware – A form of commercial software, where it is offered as “try before you buy”. If the customer continues to use the product after a short trial period, they are required to pay a specified, usually nominal, fee. (Also, see Open Source and Public Domain.) Shell – A text-mode window containing a command line interface to the operating system. Shell Prompt – The user input area of a shell. Whereas in a DOS shell the command prompt is designated by a Greater Than (>) symbol, in Linux it is usually a Percent (%) symbol, Dollar sign ($) or other special character, depending on the shell used. Shell Script – A script designed to be run automatically when a shell is started. SHTTP (Secure Hyper Text Transport Protocol) – A secure, encrypted version of HTTP used for financial transactions and other private information sent via the Internet. Slash (/) – The symbol used in file pathnames, instead of the backslash (\) used in the DOS/Windows and OS/2 operating systems. Source Code – Programming commands in their raw state as input by a programmer. Some programming languages allow the commands to be executed on the fly by a program interpreter. Other languages require the commands to be compiled into executable programs (binaries) before they can be used. In the UNIX/Linux world, some software is distributed as source code only; other packages include both source and binaries; still others are distributed in binary format only. SPAM – Unsolicited email. Currently it is estimated that world wide over 50% of all email is SPAM Spool (Simultaneous Peripheral Operation On-Line) – To send data to a program that queues up the information for later use (for example, the print spooler). SQL (Structured Query Language) – The language used for manipulating records and fields (rows and columns) in a relational database. Sometimes erroneously pronounced “sequel”. Steganography – The practice of hiding one piece of information within another. One example is putting an invisible digital watermark in a digitized photograph. String – A sequence of characters, as in a “search string.” Superuser – Usually synonymous with root operator. Swap – To temporarily move data (programs and/or data files) from random access memory to disk storage (swap out), or back (swap in), to allow more programs and data to be processed than there is physical memory to hold it. Also called Virtual Memory. Swap Space – Where swapped data is temporarily stored on disk. Linux uses a dedicated disk partition for swap space, rather than a specific swap file. Symbolic link – An alias or shortcut to a program or file. Sync – To force all pending input/output to the disk drive. Syslog – The UNIX/Linux System Logger, where all system messages or errors are stored.

(T) Tag – A command in a markup language, such as HTML, to display information in a certain way, such as bold, centered or using a certain font. Tar (Tape ARchive) – A file packaging tool included with UNIX/Linux for the purpose of assembling a collection of files into one combined file for easier archiving. It was originally designed for tape backup, but today can be used with other storage media. When run by itself, it produces files with a .tar extension. When combined with Gzip, for data compression, the resulting file extensions may be .tgz, .tar.gz or .tar.Z. Tarball – A file created by the Tar utility, containing one or more other archived and, optionally, compressed files. TeX – A popular macro-based text formatter. The basis for other such formatters, including LaTeX and teTeX. TFTP (Trivial File Transfer Protocol) – A simplified version of FTP without authentication or many other basic features of FTP.
www.wilshiresoft.com info@wilshiresfot.com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Glossary

Page 162 of 167

Thread – A small piece of programming that acts as an independent subset of a larger program, also called a “process”. A multithreaded program can run much faster than a monolithic, or single-threaded, program because several, or even many, different tasks can be performed concurrently, rather than serially (sequentially). Also, threads within a single application can share resources and pass data back and forth between themselves. Time-sharing – A method of allowing multiple users to share a processor by allocating each user a portion of the processor resources on a timed basis and rotating each user’s processes within those time segments. (Also, see Multitasking.) Torvalds, Linus – The original creator of the Linux kernel in 1991, holder of the Linux copyright, and currently still the coordinator of the Linux development project. Touch – A command that changes the date/time stamp of a file without affecting the contents. TrueType Fonts – A wide variety of fonts designed to be printer-independent, unlike PostScript fonts available for the Apple Macintosh and Windows. Not commonly used with UNIX/Linux. (Also, see BDF Fonts and PostScript Fonts.) Tux – The name of the fictional Linux penguin mascot.

(U) UNIX – UNIX began as a proprietary operating system developed by Bell Laboratories in the 1960s. It eventually spawned a number of mutually incompatible commercial versions from such companies as Apple (Mac OS X), Digital (Digital UNIX), Hewlett-Packard (HPUX), IBM (AIX®), NeXT (NeXTSTEP) and others. UUCP – A set of programs and protocols that have become the basis for a worldwide network of UNIX computers named after the UNIX to UNIX Copy Program.

(V) Virtual Desktop – A method for expanding the user’s workspace beyond the boundaries of the computer screen. The desktop may be scrollable left and right, up and down, as if a larger desktop were positioned behind the glass screen and moved around to reveal icons, windows and other objects that were “off-stage,” or out of view. Alternatively, as with the KDE desktop, multiple buttons may be available, each of which displays an area of desktop equal to the size of the glass screen and which can each contain different objects. Virtual Machine – Virtual Machines (VMs) are features of central processor chips that isolate an area of memory from the rest of the system. Because operating systems and applications run in a “protected mode” environment, if a program freezes in one Virtual Machine it will not affect the operation of the programs and operating systems running outside of that Virtual Machine. Virtual Memory – The process of using a portion of disk space as a temporary storage area for memory synonymous with Swap. VRML (Virtual Reality Modeling Language) – A primarily Web-based language used for 3D effects (such as building walk-throughs).

(W) Widget – A graphical user interface programming object (button, scrollbar, radio button, etc.) for the X Window System. (Also, see X Window System.) Window Manager – The graphical user interface (GUI) that runs on top of X Window to provide the user with windows, icons, taskbars and other desktop objects. Wine – is a Windows compatibility layer. Wine does not require Microsoft Windows, as it is a completely alternative implementation consisting of 100% Microsoft-free code, but it can optionally use native system DLLs if they are available. This is what you would use if you wanted to run a windows program on a linux machine WineX – is the equivilant of wine except it main strength is the ability to play games designed for Windows Working Directory – Another name for the current directory, or the directory in which the user is currently working.

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

Linux Administration – Glossary

Page 163 of 167

Workspace – Another name for the Root Window, or Desktop. Wrapper – A program used to start another program.

(X) X Window System – A graphical windowing environment for UNIX. The underlying programming required by many user interfaces (Also, see Desktop, Window Manager and XFree86.) X11 – Version 11 of the X Window System. XDM (X Display Manager) – User-friendly login front end for the X Window System. Often used in a cyber café or campus environment where users who are not familiar with UNIX need occasional access. XFree86 – A version of the X Window System for Linux. Used by GNOME, KDE and other Linux user interfaces/window managers. XHTML (extensible Hyper Text Markup Language) – An enhanced version of HTML that supports programmerdefined extensions like XML. Ximian - was a company that provided open source desktop applications for Linux and UNIX based on the GNOME platform. XML (eXtensible Markup Language) – A powerful new markup language for designing Web pages; an alternative to the older HTML, allowing programmers to define their own markup tags, or formatting commands.

(Y) Y (why) – Y not? I needed something to go here…. YaST – Yest another Setup Tool same funciton and purpose as linuxconf. See linuxconf for more information.

(Z) Zip – A popular form of file compression/archiving available on many operating system Platforms, including DOS/Windows, OS/2 and UNIX/Linux. Popular tools include PKZip/PKUnzip and Zip/Unzip. Not to be confused with the Iomega Zip disk, this is a removable storage device. (Confusingly, a zipped file can be stored on a Zip disk—or not. They are unrelated.) Zipped files will have a .zip extension. Zone – An area of a network under administrative or other control. In a name server configuration, a domain can be a zone. Zones can be further subdivided into subzones, each having its own administrators and servers. Zoo – A format for compression and archiving available for UNIX/Linux. Files packaged this way sport a .zoo file extension.

www.wilshiresoft.com info@wilshiresfot.com

Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173

Rev Dt: 15-Oct-08 Ver: 1

.............................................................3 GRUB's Root File System........ 5 Client Solutions:........................................................................... 30 6...................................... 20 4..................................................1.... and Shutdown ........................ 21 4................................................................................................ 7 2.........2 File Names and Blocklists..........................................2....................................................................4............... 9 2..........................5..................................................................2 LILO versus GRUB ....................1 Linux Run levels.......................................................................................1............................ Boot Loaders ..........................7............................................ 11 3..........................3 Ease of Installation Process..........1 Fedora Linux.. 12 3...............................com info@wilshiresfot...............1.... 7 2..................... GPL and Open Source Licenses .1 Init. Open Source and Free Software ........................1 Hardware Requirements ...................................... Flexibility of Open Source Software .................................................................... 5 2............................................................................................... 13 3...................Linux Administration – Index Page i INDEX 1...............................................................1 Evaluation Criteria and Description ...................... 6 2..................................................................................................................................................................................................................................7.........................................5 Per Seat Licensing .....................................................................................................1 LILO and the x86 Boot Process ................. 21 4.............................................................................................. 1 1.................. History .........2........................ 16 4................................................1............................................................................................................ 18 4.... 11 2........................................................................................................................................................................................................... 30 6..7... Current Support for Networking Services ...................com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 ............1.............4 Debian GNU/Linux................................................7............................................... 10 2.......................2 Planning the Installation ... 10 2........................................................................................ 2 1...........................................................................................................................................................................................7 Software Upgrades / Support................................................................................................ 9 2............... Linux Introduction ..........................1......... 24 5.........................1......... 14 4.........................................................................................................7............................................................................... 21 4................................................................................................................................1..1 Boot Loaders and System Architecture.......................................................... Mandrake Linux ................... 2 1............... 14 3...................................2 Organizational Structure................................................................................................................... 10 2....................................................................................................... 4 2.............................. 16 4...................................................................6 Caldera OpenLinux........................ 27 6......................................... Top 6 Distributions...................................................................8 License Fee ......2.......................................................................................................................... 8 2.. 25 5.......................... 18 4......................................................................1..1................ 12 3..........................................................................2 System startup script /etc/rc........ 24 5......................................................... 4 2............. 1 1.................................... 24 5........................2..............................................7................1....................7..........................................................................1 Red Hat Linux.............................................................1.............................. 31 6.............3 Red Hat Enterprise Linux system configuration limits.......................4 Commitment to Open Source...............................................................1 Device Naming Convention ................................2...........sysinit ......................................................... Linux File System ........................................................... Linux Installation....................................5 Slackware Linux ..............................................................................4 Partitioning Naming Conventions..........................................................d/rc........................................................................................................................................ 8 2..... The Linux Distribution Comparison.................................................................. 16 4.............................4 GRUB Commands ......................................................1................................. 22 5..................1 1................4 2............................................................... 7 2...............................6 Configuration File Structure ..................................................................... 29 6.....7...........................................................2............1 Ex2 and Ext3 FIlesystem...........................................................................................................2.......................................................................................... 3 2.....................................................5 GRUB Menu Configuration File.........3 Adding a New Partition ........................................................3 SuSE Linux........................................................................................................................................................................................................................wilshiresoft..................................2................................................................ 12 3...........2 Verify the New Partition ..... 4 Server Solutions: .....................2 LILO........................................................................................................3......... 32 www...............................................................................................................1 Controlling the boot time services using “chkconfig”........1 Features of GRUB.............................................. 3 1...... 11 2.. 27 5......... 19 4..........................................................................................2..................................2 RedHat Enterprise Linux.................................. Linux Boot Process ......................................2 The “service” command................................................................................................................................................................... About Linux ..................................... 29 6............................. 27 Chkconfig Examples .......7.................5 Install Options.................................................................. 8 2......................................................................6 Target Market .........2 Preparing Partitions on Disks .................................3 How Much Space Is Required? ....................

...............................................................................2...........................1 Determining Your IP Address............................ Linux Networking.........................1.............. Linux Desktop Enviornments...................................................................................................................... 58 11......4 Listing Files For Already Installed RPMs .. 53 10........................................................................................................................................................................................................................................................................................................................ 35 The /sbin/ Directory....................... 47 Adding Users............. 53 The visudo command..................................................................................... 45 /etc/group .......................................................2 User Management Commands................................................................................................................................................................................ 41 9............5................................................................ 45 /etc/shadow ......... 39 8.........1...1 FHS Organization .......................................3. 37 7............................4 Setting Up A Telnet Server.......... 49 9............................... 46 /etc/gshadow ..... 36 The /var/ Directory .......................................................................................................... 55 10..........1................. 35 The /usr/local/ Directory ....1 Configuring IP Forwarding ..1................................................................................................................ 52 9................................................................2.............................3............ Special File Locations ...........................................................................................1 Introduction........................................................... 52 9..........................................1 GNOME ............................................................................................................................................................................................................ 34 The /etc/ Directory.......................... 36 7................................................................................................... 48 Changing Passwords .. 44 /etc/passwd .........................3.................................1 Viewing Your Current Routing Table ......................................................................2 What Is a Package? .......................... 39 8............................................................................................com info@wilshiresfot........................... 49 9............................................ 49 9............... 60 11............................1 What Is RPM?...........................................................................................................................................................................................3................................................................................................ 44 9..................................................................... 34 7................................. 44 9................... 51 9................................................ 52 9......................................... 58 11...........5 Using Sudo........................................................... 37 8.................... 60 11............................ 56 11................. 32 7.............................................2 KDE ............ 34 The /lib/ Directory.................................................................................................................... 32 6..................................................... 50 9.......4 Other Quota Topics............................... 58 11....................................................................................................................................................................................... 55 10.................................................................................................................................................... 34 The /dev/ Directory..............................1....................... 55 10.........................................................1 Configuring Your NIC's IP Address ............................................................................................................................................ 44 9................................ 35 The /usr/ Directory ..................................... 48 Delete Users ...........2................................4.................................................................Linux Administration – Index Page ii 6.................................................. 37 7....................................................................... 61 www......................................2.......................................................................................................................3 Files Controlling User Accounts and Groups .. 49 Setup User Aging.............3....................................................................3........3 Managing Swap Space .................................................................................................................................................................... 55 10..............................1 What is SUDO?..........................................................3............................................................................................................................................................................................1 Editing Group Quotas................................................... Linux Accout Management........................2 Managing RPMs ..........................................................3 Setting Up Quotas .............................................................................. 34 The /opt/ Directory ..................................................................................................................com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 ....................................................2 Example Using sudo ..................................................................................................... Red Hat Package Manager (RPMs).................................................................................................. 46 9................3............1 Listing Installed RPMs .............................................................................................................................5....................................................... 55 10........................................................... 34 The /proc/ Directory ..................................................................................2 Settingup and configuring the Quotas ................ 59 11................................................ 53 Simple /etc/sudoers Examples ...2 Multiple IP Addresses On A Single NIC............................................................. 56 10....... 56 10......................................................................................................... 58 11.................................. /usr/local/ in Red Hat Linux..............1........................................................... 59 11......................................3 network-scripts File Formats : .....................................................................................................................2 Changing Your IP Address ..................3 Convert Your Linux Server Into A Router .......2 Listing Files Associated With RPMs ................................................................................................................2 Passwds..................................................................................................... 52 9...............................................................................................................1 Managing User Accounts ....................................... 34 The /mnt/ Directory ..........................................................................................................................................................................................wilshiresoft...................................................................................................3 Files in the /etc/sysconfig/ Directory.........................................1 Understanding Disk Quotas ......................................... Overview of Linux File System Hierarchy Standard (FHS) ....................................................3 Initialize The Quota Table.................................................................................................................................................................................................................................. 60 11............1 Creating Swap Space...........................................................................................

........................................................................................................................................................1.2 Making NFS Mounting Permanent ................................. 81 15...........................................................................................conf File .........................................................2 Configuring The NFS Server for NIS................3....4 Configuring DNS..... ..................................................................................................................................................................................................................................................................................... 65 12..........................................................................3 Setup Your NFS Server ........................1 Create the Installation Directories ................................. DNS.............wilshiresoft.......................4 Configuring NFS on The Client ..............................................................2............................................................................................................................3.......................... 84 16..........................3 Restricting Web Access by Time............................................................................................... 65 12..................................... SQUID Proxy server........................................... 95 18..................................... 95 18...1 Configure the /etc/httpd/conf/httpd.......................................3 Activating Modifications To The /etc/exports File ............................2.......................................................... 101 19.1 Introduction to SQUID ....................1 Configuring The NFS Client for NIS....................................................................... 73 14...............................1 Introduction......................3.......Linux Administration – Index Page iii 11.....1 Introduction to DNS................................................................................... 67 12............................................................................................................................................................ 101 19........... 62 11................................................................................ 104 20..................................................................................................... 75 14............................................2........................................................................... 69 13.............................. 65 12.........3 The /etc/resolv...................1 Introduction to NIS .................................................. 70 13..............................................................................................3............................ 92 17........ 82 15....................... 92 17.......... 75 14..............3.. IPTABLES (Netfilter) ...................... 92 17.........................1 Introduction.......................................1 The /etc/exports File...................................2...2 Configuring SQUID ..................................... 101 19........................................2.................DHCP/Bootp............................................................................................................com info@wilshiresfot.................2........................................... 89 16.......... Sharing Resources Using SAMBA .........................................................2................... 76 15................................................................3 Configuring Linux Clients To Use DHCP......4 Configure the Web Browsers to Use Your Squid Server........ 66 12.................................................................. 101 19.................................... 66 12..............................................................................................3................................................................ 96 19......................................................... 84 16.............................4.....4 Managing NIS server ......................... Centralized Logins Using NIS...... 67 13.............................................................................................................................................................................................................................................................................................................................. 65 12................. 65 12...conf file...3 Configuring The NIS Server..................... 96 18......................................... 85 16......................... 93 18...............................................................................................................................................2....... 105 www...................................1 Where To Put Your Web Pages ............................................................................. 104 20......................................................................................................................................................................................................................................................................................................................................................................................................................................2 Important NFS Daemons.................................................................. 96 18.................3 Configuring NFS on The Server..............................................................................................................................................2...........................................................4 Setup DNS and DHCP servers............................................................ 69 13.............................................2 the /etc/dhcpd....................3 Kickstart Configurator......................2.............................................................................................................. 83 16..........................................2....................2 Initialize Your NIS Domain ......... Configuring SAMBA ............... 94 18................................. 102 19..2............................. Configuring Apache...................................... 81 15......................................................................................... KICKSTART (Network Based Linux Inst over the NFS).............2 Setting up the Installation Server .........................................................................................................................................6 Configuring an FTP server .. 104 Capabilities............. 92 17.......................2 Named Virtual Hosting..........................................................................................2 Basic DNS Testing of DNS Resolution.......................2 Access Control Lists...... 94 18........................... 69 13............................................1 Introduction ............................................................5 Create Kickstart Configuration Files ............. 62 12............................... 75 14...................................conf File ...........What is Apache....................................1 Start the DHCP services..............................4.....................4.................................... 67 12.......... 71 13.................................4..................................1 NFS Operational Overview............1 The /etc/squid/squid...................... 104 Packet STATES:..........................................................3 Configuring SWAT (Samba Web Administration Tool) ..................................................................... 95 18.............. Moving Or Modifying A Share...........................1 Starting NFS on the Client ...... NFS .........................com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 ............................................1 DHCP Operational Overview ....................... Apache Web Server ...............................................1 Overview...............................conf File ............. 84 16................... 81 15............................... 90 17.........................................................................4 Deleting............................................ 72 13......................1 Basic SWAT Setup....................1 Required NIS Server Daemons........................................................................... 102 19.....5 Configuring The NIS Client.......... 69 13....................................................................................................................................... 103 20..........2.................................. 76 14.............................................................5 Setting up rsh and rlogin ............................................... 71 13.........................................................................1 What is iptables? .......................

............... 107 top .......................... 136 Sharing a Printer........................................ 115 Tape ................................................................................................................................3 Differential Backups ............................................................ Printers ........................................................................Upgrading the RedHat Linux Kernel........ 147 26.... 119 22.................................................................................................................................................. 127 23..................................... 126 Cost ................................................................................................. 146 26............................. 114 22.......... 105 Saving iptable Scripts............................................................................................................................................................. 117 AMANDA...........................1 Top-level Files in the proc File System .................................................................... 108 vmstat ............... Printer Languages and Technologies........................................................... 138 Sharing a Printer with LPRng ...................................................................1 Upgrading Kernel Step By Step .......................................... 141 25....... 110 21.........2 Incremental Backups....................... 111 22............................................................................................................................... 148 www..... 126 23................................................................ 139 24............................................................................................................................................................................................................... 120 22...........................................................................................1........... Linux Resource Monitoring...............................1 Full Backups .................. Printing Considerations.................................................... Software RAID ........................................................................................................com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 ................................................................................3........................................ 116 22............................................................................................................ 146 26...................................................................................................................................................................... 145 26............... 107 21.. 118 22....................................... 116 Network......5........................................................................................................................ 128 Printing a Test Page ..............................................2 The proc File System........................................................ 117 dump/restore ..................................................1...............................................................................................................................................................................1 Software Support ................................ 115 22........................1......................................................................................................................... 107 The GNOME System Monitor — A Graphical top ........................3.................................................................................. 126 Function .................................................................................................... 114 22................................................................................................................ 134 Command Line Configuration ...................................... 118 22...8 Printer Configuration .............................................................................................................................................................5..................................................7 Managing the tape “mt” Command.1 RAID Types .............................................................................3...................................................................................................................................................................................................... 117 cpio .....2.........6.................................................................. 117 tar ........... 116 22...............................................................................................................................1 Resource Monitoring Commands................................................................................................................. 121 23...............................................................1 Introduction.................. 116 Disk..................................................................................................................................................................com info@wilshiresfot.....................................................2 RAID 1................................................. 109 pstree.........................................................6....... Backups..........................................................................................1............................................................................................................................................................................................ Types of Printers......................................................................................................................................................................7...........................................................................................................................................................1 Making backups with dump................ 114 22.................................1.................2 Restoring files with “restore” command ............................................................Linux Administration – Index Page iv IPTABLES Examples ............................ 133 Queue Name ............................................................................................................3 RAID 5.............. 134 Printer Configuration ...........6 Working with “dump/restore”............................................................................ 133 Driver Options.............................................................................................................................. 107 free ............................. 127 23...........................................................................2 Backup Utilities ............................. 135 Managing Print Jobs ............................................... 109 21.........................................6...................................................................................5 Red Hat Linux-Specific Information (applies to all versions)............................................................................................................................ 141 24.......................................................... 133 Printer Driver ........wilshiresoft.................................................................. 132 Modifying Existing Printers ...................................................................................................................................................................................................................2 SCSI and IDE ......................................................................... Configuring Dumb Terminal .................................................................. 146 26........................................................................................3 Types of Backups ............................................... 126 23....................... 116 22................................................................................................. 106 21.................................................... 127 23.................................................... 115 22........................................................................................................................................................2 Different Data: Different Backup Needs ..................................................................4.......................................1 RAID 0.................................................... Networked Versus Local Printers.. 114 22................................. Backup Media.............................................................................. 146 26................................................................... 133 Saving the Configuration File..................................................................................................................................................1............................................................................................ 115 22................... 133 Queue Type............................................

................................................... 149 Edit the RAID Configuration File .......................................................wilshiresoft..................................................... 151 Format The New RAID Set..................................................com Wilshire Software Technologies Ph: 2761-2214 / 6677-2214 / 6452-6173 Rev Dt: 15-Oct-08 Ver: 1 .......................com info@wilshiresfot............................................................................................................................................ 153 Glossary of Common Linux Terms ...... 148 26........................................................................................................ 151 Check The Status Of The New RAID ........................... 151 26........................... 154 www........................................3 Configure RAID In Single User Mode....................................................................... 149 26..........................2 SCSI Drives ...........Linux Administration – Index Page v 26...2........ 151 General Guidelines ....................................................................1 IDE Drives .................. 148 26................3......1 Configuring Software RAID........................................................................................................................................................................3..............................................................................................2 Create the RAID Set..................................................2.................