Professional Documents
Culture Documents
3100
Novell Training Services www.novell.com
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents
or use of this documentation, and specifically disclaims any express or implied
warranties of merchantability or fitness for any particular purpose. Further,
Novell, Inc., reserves the right to revise this publication and to make changes to
its content, at any time, without obligation to notify any person or entity of such
revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any
software, and specifically disclaims any express or implied warranties of
merchantability or fitness for any particular purpose. Further, Novell, Inc.,
reserves the right to make changes to any and all parts of Novell software, at any
time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be
subject to U.S. export controls and the trade laws of other countries. You agree to
comply with all export control regulations and to obtain any required licenses or
classification to export, re-export or import deliverables. You agree not to export
or re-export to entities on the current U.S. export exclusion lists or to any
embargoed or terrorist countries as specified in the U.S. export laws. You agree
to not use deliverables for prohibited nuclear, missile, or chemical biological
weaponry end uses. See the Novell International Trade Services Web page (http:/
/www.novell.com/info/exports/) for more information on exporting Novell
software. Novell assumes no responsibility for your failure to obtain any
necessary export approvals.
Copyright © 2008 Novell, Inc. All rights reserved. No part of this publication
may be reproduced, photocopied, stored on a retrieval system, or transmitted
without the express written consent of the publisher.
Novell, Inc., has intellectual property rights relating to technology embodied in
the product that is described in this document. In particular, and without
limitation, these intellectual property rights may include one or more of the U.S.
patents listed on the Novell Legal Patents Web page (http://www.novell.com/
company/legal/patents/) and one or more additional patents or pending patent
applications in the U.S. and in other countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://
www.novell.com/company/legal/trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Contents
Introduction 5
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 3
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
4 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Introduction
Introduction
This workbook is designed to help you practice the skills associated with Upgrading
To Novell Certified Linux Professional 11 (course 3100) objectives.
These skills prepare a Novell Certified Linux Professional 10 to take the Novell®
Certified Linux® Professional 11 (Novell CLP11) certification practicum test.
NOTE: Instructions for setting up a self-study environment are in the directory Setup on the Course
DVD.
Before starting the exercises in this workbook, you need to review the following:
“Course Scenario” on page 5
“Exercise Conventions” on page 5
Course Scenario
The exercises in this course center around the fictional Digital Airlines Company that
has offices at various airports around the globe.
The Digital Airlines management has made the decision to migrate several back-end
services to Linux servers running SUSE Linux Enterprise Server 11.
You have already installed SUSE Linux Enterprise Server 10 before and are familiar
with administering SUSE Linux Enterprise Server 10. You need to become familiar
with SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11
The migration plan includes the following:
Providing software and patch management
Providing basic networking services as well as file and print services
Introducing IPv6
Installing of desktops and servers using AutoYaST
Virtualizing with Xen
Your task is to set up a test server in the lab to enhance your skills in these areas.
Exercise Conventions
When working through an exercise, you will see conventions that indicate
information you need to enter that is specific to your server.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 5
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
6 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Software for SUSE Linux Enterprise 11
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 7
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
8 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Hardware
In this section of the workbook, you can find the following exercises:
n “Modify udev Rules” on page 10
In this exercise, you modify a udev rule to rename your Ethernet interface.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 9
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
10 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Hardware
You should also see a message indicating the eth1 interface has not been
configured, as shown below:
Figure 2-2
11. Open a terminal session and switch to root with the su - command and a
password of novell.
12. At the shell prompt, enter cd /etc/udev/rules.d.
16. Reboot your DA1 virtual server by entering init 6 at the shell prompt.
17. When the system starts to boot, press Esc so you can view your system’s boot
messages.
18. Verify that your network interface is now named eth0 and that the appropriate
network configuration parameters are applied, as shown in the following:
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 11
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Figure 2-3
(End of Exercise)
12 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure NFS (Network File System)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 13
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
14 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure NFS (Network File System)
5. Select the Start button in the NFS server section of the dialog.
6. Deselect the Enable NFSv4 check box, then continue by selecting Next.
A Directories to Export dialog appears.
7. Add the /export/documentation directory to the list of directories:
a. Select Add Directory.
A dialog appears where you have to specify the directory to export.
b. Type /export/documentation, then select OK.
In case the directory does not exist, a message informs you of the fact and
asks if you want to create it. After confirmation, a dialog appears with fields
for specifying a Host Wild Card and Options.
c. Change the preset values to match the following, then select OK.
n Hosts Wild Card: *
n Options: rw,root_squash,sync,no_subtree_check (make sure you
replace “ro” with “rw”)
The directory is added to the list.
8. Save the changes to the system by selecting Finish.
9. At the terminal window, verify that the file system was exported by entering the
following:
showmount -e localhost
10. View the entry made by YaST to the file /etc/exports by entering cat /etc/
exports.
You should see the settings you entered in YaST.
This exercise uses localhost as the NFS server. This does not require a separate NFS
server. On da-host, do the following:
1. In the terminal window where you switched to the root account, create a
mountpoint named /import/docs for the remote file system to be mounted on your
server by entering the following:
mkdir -p /import/docs
2. Add a remote file system to the NFS Client Configuration.
a. Start the NFS Client Configuration from the terminal window by entering
yast2 nfs &.
Mount a remote file system by selecting the NFS Shares tab, then click
Add.
A dialog appears for adding the remote file system.
b. Specify the following, then select OK.
n NFS Server Hostname: 127.0.0.1 (this is the local host address)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 15
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Do the following:
1. If your da1 virtual machine is not running, start the VMware player and the da1
virtual machine.
2. Log in to da1 as geeko, open a terminal window, and su - to root (password:
novell).
3. On da1, create the /data directory and some files in it using these commands:
mkdir /data
touch /data/file{1,2,3}
4. Edit the /etc/exports file so it contains the following lines (delete any lines
that might already exist in the file first):
/export *(fsid=0,crossmnt,ro,no_subtree_check,sync)
/export/data *(ro,no_subtree_check,sync,bind=/data)
5. Save the file and close the editor
6. Make sure that NFSv4 support is turned on.
Open the /etc/sysconfig/nfs file in an editor and make sure the variable
NFS4 support is set to “yes”. If set to “no,” change it so it looks like the
following:
NFS4_SUPPORT="yes"
16 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure NFS (Network File System)
Do the following:
1. If your da1 virtual machine is not running, start the VMware player and the
virtual machine.
2. Log in to da1 as geeko, open a terminal window, and su - to root (password:
novell).
3. On da1, open the /etc/exports file in an editor to include the following two
lines (the first line should already exist from Part III of this exercise, and the line
starting with /export/data can remain in the file):
/export *(fsid=0,crossmnt,ro,root_squash,sync,no_subtree_check)
/export/home *(rw,root_squash,sync,no_subtree_check,bind=/home)
4. Save the file and close the editor.
5. On da1, restart the NFS server with the command rcnfsserver restart.
6. On da1, make sure the NFS server is started automatically when the system boots
by entering the command chkconfig nfsserver on.
7. On da-host, open a terminal window and su - to root.
8. Open the /etc/auto.master file in an editor and make the following
changes:
n Add a comment sign (#) in front of +auto.master.
n Add the following line at the end of the file:
/remote-home /etc/auto.remote-home
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 17
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
mkdir /remote-home
11. Create the new /etc/auto.remote-home file by entering
vi /etc/auto.remote-home
then add the following line to it:
* -fstype=nfs4,rw,nosuid,nodev 172.17.8.101:/home/&
(End of Exercise)
18 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 19
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
First, you need to install and configure an LDAP directory server on da-host:
1. On da-host, start YaST and select Network Services > LDAP Server.
2. When prompted to install the openldap2 packages, select Install.
Wait while the packages are installed. When complete, an LDAP Server
Configuration, General Settings dialog appears.
3. On the General Settings screen, configure the following:
a. Under Start LDAP Server, verify that Yes is selected.
b. Select Register at an SLP Daemon.
c. If your server’s host firewall is enabled, select Open Port in Firewall.
4. Select Next.
an LDAP Server Configuration, TLS Settings dialog appears.
5. Enable encryption using TLS by doing the following:
a. Verify that Enable TLS is selected.
b. Verify that Enable LDAP Over SSL (ldaps) Interface is selected.
c. Verify that Use Common Server Certificate is selected.
NOTE: If you cannot mark Use Common Server Certificate, then this certificate wasn’t
created during installation. In this case you have to click Launch CAManagement Module
and create a CA and common server certificate.
6. Select Next.
The Basic Database Settings screen is displayed:
20 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 21
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
22 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 23
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
14. Verify that the LDAP daemon is running by entering (as root) in a terminal
window rcldap status.
You should see a status of running.
24 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
With the LDAP server running on da-host, you now need to configure the LDAP
client on da-host such that authentication can occur via either the local files (/etc/
passwd, /etc/shadow, and so on) or the LDAP directory on da-host.
Do the following on da-host:
1. In YaST, select Network Services > LDAP Client.
The following is displayed:
Figure 4-5 Configuring the LDAP Client
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 25
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
26 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
f. In the Name of New Module field, type Users; then select OK.
You should see the following:
Figure 4-7 Configuring LDAP Modules
15. Conditional: Install the pam_ldap and nss_ldap packages by selecting Install
when prompted.
Next, you need to configure the LDAP client on da1such that authentication can
occur via either the local files (/etc/passwd, /etc/shadow) or the LDAP
directory on da-host.
Do the following on da1:
1. If necessary, log into da1as geeko with a password of novell.
2. Start YaST and select Network Services > LDAP Client.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 27
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
13. Conditional: Install the pam_ldap and nss_ldap packages by selecting Install
when prompted.
With LDAP configured on your server and your server and workstation configured to
use LDAP for authentication, you can now manage users and groups in the directory
tree.
Complete the following on either da1 or da-host:
1. Create a new user using the YaST User and Group Management module.
a. In YaST, select Security and Users > User and Group Management.
b. Select Set Filter > LDAP Users.
An LDAP Server Password dialog appears.
c. In the LDAP Server Password field, enter novell.
d. In the User and Group Administration dialog, Select Add.
e. In the New LDAP User dialog, select the User Data tab and enter the
following user information:
First Name: Tux
Last Name: Penguin
Username: tux
Password: novell
f. Select OK.
g. When prompted that the password is too simple, select Yes > Yes.
In the User and Group Adminstration dialog, you should see the tux user
account added.
h. Select OK.
i. Close YaST.
28 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
geeko@da-host:~/Desktop> su tux
Password:
Creating directory ‘/home/tux’.
Creating directory ‘/home/tux/.fonts’.
Creating directory ‘/home/tux/bin’.
Creating directory ‘/home/tux/.mozilla’.
tux@da-host:/home/geeko/Desktop>
NOTE: You can find this file on your 3103 Course DVD
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 29
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
da-host:~ # vi newuser.ldif
da-host:~ # ldapadd -x -D
cn=Administrator,dc=digitalairlines,dc=com -W -f newuser.ldif
Enter LDAP Password:
adding new entry "cn=trixi,ou=People,dc=digitalairlines,dc=com"
da-host:~ #
6. View your LDAP directory tree using the YaST LDAP Browser module.
a. Start YaST and select Network Services > LDAP Browser.
b. On the LDAP Connections screen, select Add.
c. Type a name of da-host for the connection, then select OK.
d. In the LDAP Server field, type da-host.digitalairlines.com.
e. In the Administrator DN field, type
cn=Administrator,dc=digitalairlines,dc=com.
f. In the LDAP Server Password field, type novell.
g. Select the LDAP TLS option, then select OK.
h. In the left pane, click dc=digitalairlines,dc=com.
30 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use OpenLDAP
i. Expand ou=people.
You should see the trixi and tux users, as shown below:
Figure 4-8 Viewing LDAP Users in the LDAP Browser
j. If time permits, explore the attributes and values associated with the two
users you added.
k. When complete, select Close.
l. Close YaST, then close the terminal window.
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 31
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
32 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use Samba
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 33
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
In this part of the exercise, you configure global settings for the Samba service on da-
host.
Complete the following:
1. In YaST on da-host, select Network Services > Samba Server.
2. In the Workgroup or Domain Name field, type digitalairlines, then select
Next.
3. Under Samba Server Type, select Not a Domain Controller, then select Next.
4. On the Start-Up tab, select the following options:
n During Boot
n Open Port in Firewall (if necessary)
5. Select the Identity tab.
6. In the NetBIOS Hostname field, type da-host.
7. Select WINS Server Support.
8. Deselect Retrieve WINS Server via DHCP, then select Use WINS for
Hostname Resolution.
9. Select Advanced Settings > Expert Global Settings.
Confirm the warnings by clicking OK.
10. Verify that security is set to user and that printing is set to cups.
In this part of the exercise, you create a share named geeko-data that points to the
/srv/samba/geeko-data directory.
34 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use Samba
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 35
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
36 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use Samba
You should see that the geeko user has a variety of Samba-related attributes
added.
17. Select Close.
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 37
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
38 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Configure and Use Samba
2. Mount the data share in the /mnt directory by entering the following command at
the shell prompt:
mount -t cifs -o username=geeko //da-host/geeko-data /
mnt
When prompted for a password, enter novell.
3. At the shell prompt, enter mount.
You should see that //da-host/geeko-data is mounted on /mnt.
4. Display the content of the mounted share by entering ls /mnt/ at the shell
prompt.
You should see the my_file file.
5. Umount the share by entering umount /mnt at the shell prompt.
6. Optional: Create an entry in the /etc/samba/smbfstab file to mount the
share using the rcsmbfs start command. Test your entry using rcsmbfs
start and rcsmbfs stop.
7. Close your terminal window.
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 39
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
40 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Internet Protocol Version 6 (IPv6)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 41
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
42 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Internet Protocol Version 6 (IPv6)
This exercise you set an IPv6 address and configure radvd on da1.
Do the following:
1. On da1, in a terminal window as root, install the radvd package using the
command
yast2 -i radvd
2. On da1, add an IPv6 address (from the range reserved for examples and
documentation) to the eth0 interface with the command
ip address add 3fff:ffff::1/64 dev eth0
3. View the IPv6 addresses of the eth0 interface with the command
ip address show dev eth0
The address you just added has the scope “global.”
4. In an editor, open the /etc/radvd.conf file and scroll down to the following
lines.
#
# example of a standard prefix
#
prefix 2001:db8:1:0::/64
5. Change the line beginning with “prefix” to read
prefix 3fff:ffff::/64
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 43
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
rcradvd start
11. On da-host, in a terminal window, enter
ip -6 a s dev vmnet1
You should see that the interface has now an additional IPv6 address with the
prefix 3fff:ffff and the scope “global dynamic.”
12. On da-host, ping6 da1 using the IP address you added in step 1 with the
command
ping6 3fff:ffff::1
13. From da-host, log in to da1 using the IP address you added in step 1 with the
command
ssh 3fff:ffff::1
Enter yes when prompted and the password novell.
You are logged in to da1.
14. Log out from da1 by entering exit.
(End of Exercise)
44 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 45
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
4. As copying the content will take some time, open another terminal window, su
- to root (password: novell).
5. Edit the /etc/exports file to add the following line:
/srv/install-repo/sles11 *(ro,sync,no_subtree_check)
NOTE: You can also use the YaST Installation Server module to accomplish the above.
46 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
To add a repository for add-on products or RPMs of your own, do the following:
1. At a terminal window as root, install the inst-sourc-utils package if not yet
installed, using the command
rpm -q inst-source-utils || yast -i inst-source-utils
2. Create the directory structure for the files you want to make available, using the
command
create_update_source.sh /srv/install-repo/sles11/CD1
3. Explore the directory structure created in the /srv/install-repo/
sles11/CD1/updates/ directory using ls.
4. Create the /srv/install-repo/sles11/CD1/updates/suse/i586
directory using the mkdir command.
5. Insert the Student DVD from your Student Kit into the DVD drive and copy the
Exercises/Section_09/tree-1.5.1-2.8.i586.rpm file from the
Student DVD to the /srv/install-repo/sles11/CD1/updates/
suse/i586 directory.
6. Change to the /srv/install-repo/sles11/CD1/updates/suse/
directory and run the command
create_package_descr -x setup/descr/EXTRA_PROV
7. Change to the /srv/install-repo/sles11/CD1/updates/suse/
setup/descr/ directory.
8. View the content of the packages, packages.en, and packages.DU files
in the /srv/install-repo/sles11/CD1/updates/suse/setup/
descr/ directory using cat.
9. In the /srv/install-repo/sles11/CD1/updates/suse/setup/
descr/ directory run
ls > directory.yast
10. Change to the /srv/install-repo/sles11/CD1/updates/ directory
and run the command
create_sha1sums -x -n .
(Note the dot at the end of the command for the current directory.)
11. View the content file using cat.
12. Look up your current IP address of the physical interface connected to other
computers in your network (usually eth0) using the ip address show
command and record it here:
IP address:
13. Change to the /srv/install-repo/sles11/CD1/ directory (the root of the installation
repository).
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 47
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
14. In the root of the installation repository, use a text editor to create an
add_on_products.xml file with the following content:
<?xml version="1.0"?>
<add_on_products xmlns="http://www.suse.com/1.0/yast2ns"
xmlns:config="http://www.suse.com/1.0/configns">
<product_items config:type="list">
<product_item>
<name>SLES11 Add-ons</name>
<url>nfs://your_ip/srv/install-repo/sles11/CD1/updates</url>
<path>/</path>
<ask_user config:type="boolean">false</ask_user>
<selected config:type="boolean">true</selected>
</product_item>
<!-- Another product item -->
<product_item />
</product_items>
</add_on_products>
15. Save the file and close the editor.
16. Create a SHA1SUMS file, containing the SHA1 hash value of the file you just
created, using the command
sha1sum add_on_products.xml > SHA1SUMS
17. Create a gpg public private key pair using the command
gpg --gen-key
Use the default values and answer the questions (name, e-mail address,
comment) appropriately. For the purposes of this exercise you can use a simple
password like “secret”.
If you get a “Can’t connect to ‘/root/.gnupg/S.gpg-agent’” message, switch to a
text console (Ctrl+F1), log in as root, enter the gpg command as above, then
switch back to the graphical interfacd (Ctrl+F7).
18. Sign the SHA1SUMS file with the command
48 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
cd updates/
gpg -b --sign --armor content
This will create the content.asc file.
If you get a “Can’t connect to ‘/root/.gnupg/S.gpg-agent’” message, switch to a
text console (Ctrl+F1), log in as root, change to the /srv/install-repo/
sles11/CD1/updates directory, enter the gpg command as above, and
switch back to the graphical interfacd (Ctrl+F7).
22. If you want to use a different name or location for the updates directory, such
as add-ons or /srv/install-repo/sles11/add-ons, proceed as
follows:
a. Rename the updates directory using the mv command.
b. Edit <url>...</url> entry in the add_on_products.xml file to
reflect the new name or location of the repository.
c. Create a new SHA1SUMS file in the root directory of the installation
repository, using the command
sha1sum add_on_products.xml > SHA1SUMS
d. Sign the SHA1SUMS file as in Step 18 on page 48, overwriting the existing
SHA1SUMS.asc file.
23. To include your GPG public key in the initrd, enter the following commands:
cd /tmp
cp /srv/install-repo/sles11/CD1/SHA1SUMS.key my-
key.gpg
cp /srv/install-repo/sles11/CD1/boot/i386/loader/
initrd .
mv initrd initrd.gz
gunzip initrd.gz
find my-key.gpg | cpio -o -A -F initrd -H newc
gzip initrd
You will copy the new initrd.gz file you just created to the /tftpboot
directory in a later exercise.
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 49
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
50 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
user = root
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot -r blksize
# disable = yes
}
5. Start xinetd using the command
rcxinetd start
6. Make sure xinetd is started every time the system starts up by entering
insserv xinetd
# SLES11
label SLES11
kernel linux
append initrd=initrd install=nfs://your_IP/srv/install-repo/
sles11/CD1
implicit 0
display message
prompt 1
timeout 100
Adapt the IP address of the NFS server according to your setup and make sure
that the options after “append” are written in one line.
6. Edit the file /tftpboot/message to match your default file.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 51
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
NOTE: You can ping your partner’s IP address and then use the arp command in a terminal
window to find out the MAC address of his network interface card.
52 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
#
# /etc/dhcpd.conf
#
ddns-update-style none;
#
# specify default and maximum lease time
#
default-lease-time 600;
max-lease-time 7200;
#
# What is the DNS domain and where is the name server?
#
option domain-name "digitalairlines.com";
option domain-name-servers 172.17.8.101;
#
# This is a router - adapt to your network
#
option routers 172.17.8.1;
#
# A subnet
# (Use the values that fit your eth0 device)
#
subnet 172.17.0.0 netmask 255.255.0.0 {
}
#
# This dhcp server serves just one machine
# Use the values established in the previous step
#
host da49 {
fixed-address 172.17.8.149;
hardware ethernet 00:11:22:33:44:55;
}
#
# Parameters necessary for bootp and PXE
#
allow bootp;
# your machine’s IP:
next-server 172.17.8.110;
server-name "da-host.digitalairlines.com";
filename "pxelinux.0";
9. Start the DHCP server with the rcdhcpd start command and watch for any
error messages and correct your /etc/dhcpd.conf file as needed.
10. Make sure the DHCP server is started every time the system starts up by entering
insserv dhcpd
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 53
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
(End of Exercise)
54 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 55
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Exercise 7-4 Activate PXE Booting and Install SUSE Linux Enterprise Server
In this exercise, work with a fellow student (or use a second computer if there is no
one with whom to do the exercise) to boot your machine using PXE and start the
installation of SUSE Linux Enterprise Server 11.
NOTE: A prerequisite for this exercise is a network card that is PXE capable.
NOTE: If you do not want to reinstall the machine at this point, you have to power it off
before the hard drive gets partitioned!
The kernel and initrd are transfered from the TFTP server. YaST will start, fetch
the sles11.xml file, and automatically install SLES11, based on the
configuration contained in the sles11.xml file.
56 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Deploy SUSE Linux Enterprise 11
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 57
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
58 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Virtualization with Xen
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 59
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
IMPORTANT: VMware cannot run on SLES11 running the Xen kernel. Therefore, the da1
VMware virtual machine will not be available in this section.
In the first part, install the software necessary to run a Xen virtual machine server.
In the second part, change the grub menu to load the Xen kernel by default, turn off
the firewall, and reboot your machine. Then use xm list to find out if domain0 is
running as expected.
In the third part, create a virtual machine for SUSE Linux Enterprise Server 11 and
install it, using the installation server created in the previous section.
Do the following:
1. If the VMware player is running, shut down da1 and close the VMware player.
2. Open a terminal window and su - to root (password: novell).
3. Unload the VMware kernel modules using the command
/etc/init.d/vmware stop
4. Make sure the modules are not loaded automatically using the command
chkconfig vmware off
5. Insert the SUSE Linux Enterprise Server 11 DVD into the DVD drive.
6. Start the YaST and select Virtualization > Install Hypervisor and Tools.
7. Select Accept and let YaST install all required software packages.
Confirm the installation of any automatically selected packages by selecting
Continue.
8. Select Yes in the Network Bridge Configuration dialog.
9. Close the YaST Control Center.
60 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Virtualization with Xen
Do the following:
1. Open a terminal window and su - to the root user (password: novell).
2. Open the /boot/grub/menu.lst file with a text editor (such as vi).
3. Make sure the file contains a section with the title “Xen”.
4. In the Xen section, make sure that the root= parameter points to the root
partition of your installation.
5. Change the “default” line to point to the Xen entry.
If the Xen entry is the first entry in the file, change the default value to 0; if it is
the second, change the default entry to 1, and so on:
default 0
11. When the system has booted, log in as user geeko with the password novell.
In the output, you should see one domain (Domain-0) with the status running.
Do the following:
1. Start YaST and select Virtualization > Create Virtual Machines.
2. Read the information displayed, then select Forward.
3. Select I need to install an operating system, then select Forward.
4. Select SUSE Linux Enterprise Server 11, then select Forward.
5. On the Summary page, select Name of Virtual Machine.
6. Type da-xen in the Name field and select Apply.
You are returned to the Summary page.
7. On the Summary page, select Network Adapters.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 61
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
14. In the Operating System Installation dialog, select Network URL as the
installation medium, then type nfs://your_IP_address/srv/install-repo/sles11/
CD1 and select Apply.
You are returned to the Summary dialog.
15. In the Summary dialog, select OK.
A VNC window opens with the SLES11 installation system starting up.
16. Within the VNC window, follow the installation workflow, using the following
values in the respective dialogs (use the suggested defaults for items not
mentioned here):
Time zone: USA Mountain
Root password: novell
Hostname: da-xen
Domain Name: digitalairlines.com
Change Hostname via DHCP: Uncheck
Write Hostname to /etc/hosts: Check
Firewall: Disable by selecting enabled
Skip the Internet connection test.
Local user:
User’s Full Name: Geeko Novell
Username: geeko
Password: novell
Clone This System for Autoyast: Deselect
17. When all steps of the installation are successfully completed, test if you can log
in to the your SLES 11 server as user geeko with the password novell at the login
screen that appears.
(End of Exercise)
62 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Virtualization with Xen
12. Log in to the virtual machine as geeko (password: novell) and open a terminal
window.
13. Enter the top command and note the Mem (total) value.
14. In the Virtual Machine Details window, change the memory allocation
(Change allocation field) to 500 MB, then select Apply.
15. Watch the Mem value change in the output of top.
16. In the Virtual Machine Details window, change the memory allocation
(Change allocation field) to 650 MB, then select Apply.
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 63
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Note that the value is increased only to the 600 MB set when you started the
virtual machine.
17. In the Virtual Machine Manager Details window, change the memory
allocation (Change allocation field) back to 512 MB, then select Apply.
(End of Exercise)
64 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
Manage Virtualization with Xen
rm /etc/xen/auto/da-xen
11. Optional: Create a start script based on /etc/init.d/skeleton that uses
the xm or virsh commands to start and shutdown managed domains.
(End of Exercise)
Version 1 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 65
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Novell Training Services (en) 15 April 2009
(End of Exercise)
66 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 1
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.