suse linux 10 bible 2006

It covers all the currently available versions from SUSE: The 10 in the title refers to Enterprise Server 10, SUSE Linux 10.x and OpenSUSE 10.x.. We shall also describe other SUSEand Nov

SUSE Linux®

10 Bible

SUSE Linux ®

10 Bible

Justin Davies Roger Whittaker William von Hagen

SUSE Linux ® 10 Bible

Copyright © 2006 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS

A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS

IT MAY MAKE FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S at (800) 762-2974, outside the U.S at (317) 572-3993 or fax (317) 572-4002.

Library of Congress Cataloging-in-Publication Data

Trademarks: Wiley, the Wiley logo, and related trade dress are trademarks or registered trademarks of John Wiley & Sons,

Inc and/or its affiliates, in the United States and other countries, and may not be used without written permission SUSE Linux is a registered trademark of SUSE Linux Products GmbH, a Novell company, in the United States and other countries Linux is a registered trademark of Linus Torvalds All other trademarks are the property of their respective owners Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

Wiley also publishes its books in a variety of electronic formats Some content that appears in print may not be available in electronic books.

About the Authors

Justin Davies has been a user of Linux since the age of 15, after getting frustrated at

the (lack of) features of DOS After University, he joined SUSE Linux as a TechnicalConsultant where he became very interested with Linux on non-Intel architecture.After a stint as a Unix Administrator post-SUSE, he joined the world of the value-added reseller and now works for SCC as an Enterprise Solutions Architect, helpingorganizations realize that Linux is a viable business solution

After working as a teacher of Mathematics and Deputy Head of an independent

school in London, Roger Whittaker discovered Linux in 1996 and became increasingly

interested (some would say obsessed with) in the software When SUSE Linux openedthe company’s UK office in 1999, he changed careers and worked as a technical andtraining consultant until early in 2004 He now works in London as a Linux consultant

He is a Council member of UKUUG, the UK’s Unix and Open Systems user group

William von Hagen has been a Unix system administrator for 20 years and a Linux

fanatic since 1993 He has also worked as a systems programmer, product manager,writer, application developer, drummer, and content manager Bill has written books

on such topics as Linux filesystems, Red Hat Linux, GCC, SGML, Mac OS X, Linuxsystem administration, and hacking the TiVo He has written numerous articles

on Linux, Unix, and open source topics for publications including Linux Magazine,

Linux Journal, Linux Format, and Mac Format An avid computer collector specializing

in workstations, he owns more than 200 computer systems

Quality Control Technicians

David FaustLeeann HarneyJoe NiesenBrian H Walls

Media Development Associate Producer

my wife and best friend

—Bill von Hagen

My Brothers and Sisters,

Should we accept that this book is indeed a Bible? Let us use a dictionary to see what the definition of a Bible is.

The first definition is marked obsolete, and just means “a book.” I think that anyone

would agree that this tome is a Bible by that definition.

The second definition was the one that most know, “The Book by way of eminence accepted as of divine authority and origin.” Well, Linux has long been known for itsgurus who hand out small snippets of sage advice Sometimes that sage advice is

in many books, and beginners are often told RTFM (Read The Freaking Manual).Easy enough for the guru to say, but when there are so many manuals, HOWTOs,and other pieces of information scattered about, how do you put it all together?Therefore, a Bible is necessary Hopefully it carries information pertinent to your ownreligion, or in this case distribution If the Bible tries to cover the information in every

distribution, the reader may become lost That is why this is SUSE Linux 10 Bible,

and not some other brand of Linux

Some people say that Linux and Free and Open Source (FOSS) are a religion, andthat the people that support it are religious zealots I don’t think that is true, forthe people I know in FOSS are multifaceted But when it comes to programming, webelieve that Linux and FOSS offer education, government, and business the mostflexible, powerful, and lowest-cost solution All you have to do is reach out andaccept that fact

Like any good religion you have to practice it, study it, and really understand what isbeing said to you You also have to apply it to your life Look for ways in your life thatthis software can help you, whether to organize your life or your business better.Many people think that Total Cost of Ownership (TCO) is simply made up of thecost of the hardware, software, and services of the solution you pick How naive

TCO is also made up of the cost of not picking a better solution, one that is flexible

enough for you to solve 99 percent of your problems instead of 80 percent of yourproblems How much does it cost you not to be able to solve that 19 to 20 percent?

The Freedom that you get when you use FOSS is the key to this savings, or (in reverse)the additional earning power To be able to fully tailor the software to meet yourneeds is the greatest value of FOSS But you can’t do this without knowledge.

This is where this Bible comes in, to give you the knowledge to go out and explore

further

So, my brothers and sisters, throw off the shackles of proprietary software and

learn how to make software do what you want it to do Open the pages of this

Bible and see your life change Welcome to the bright side of “The Force.”

Carpe Diem!

Jon “maddog” HallPresident, Linux International

Welcome to SUSE Linux ® 10 Bible! This book is for anyone who is interested

in running a SUSE Linux system — at home or at work, for fun or for profit

It covers all the currently available versions from SUSE: The 10 in the title refers to Enterprise Server 10, SUSE Linux 10.x and OpenSUSE 10.x Most of the content applies

equally to previous versions as well, however We shall also describe other SUSEand Novell business products: the Novell Linux Desktop and the Open Enterpriseand OpenExchange Servers

The book aims to supplement the documentation provided by SUSE and to showthe reader how best to carry out a particular task on a SUSE system, making full use

of the SUSE configuration utilities Many Linux books and how-to documents vide generic instructions for carrying out particular tasks; however, it often turnsout that these are either incorrect in the details or unnecessarily complicated whenapplied to a particular distribution In this book we aim to describe the best ways

pro-of working with SUSE in a wide variety pro-of situations, making full use pro-of the SUSEconfiguration tools

Too often, computer books tend to be written only from the standpoint of how toperform a task and fail to provide a real understanding of the underlying principles.Our aim in this book is to combine a description of the steps necessary to perform

a particular task with a real understanding of what is being done

While we discuss the use of SUSE Linux in enterprise applications, with examplesbased on our own consulting experience, the book is also for home users getting

to grips with Linux for the first time In short, we aim for SUSE Linux 10 Bible to be

what you need to run your SUSE Linux system, whatever your situation might be

How This Book Is Structured

We’ve organized this book into five parts:

✦ Part I: SUSE Linux Basics—This part introduces SUSE Linux by describing

the installation of a SUSE system and discussing the fundamental concepts ofLinux

✦ Part II: The SUSE System—This part describes the use of YaST for system

configuration, explains Linux networking, system logs, the X Window system,and helps you to find further documentation

✦ Part III: Using the Command Line in SUSE Linux—This part covers the

power of the Linux command line, with chapters covering text editing andtools for manipulating text files, as well as package maintenance andadvanced networking

✦ Part IV: Implementing Network Services in SUSE Linux—This part

describes the setup of the major network services on a SUSE system, ing setting up web servers, mail servers, and file and print servers

includ-✦ Part V: SUSE Linux in the Enterprise—This part describes the place of SUSE

Linux in the modern enterprise and covers the use of storage area networks(SANs) The configuration of the kernel is also covered The SUSE

OpenExchange server is described in detail, and an overview is offered of theNovell Open Enterprise Server The Novell Linux desktop is also discussed

Conventions Used in This Book

Throughout the book, special typeface indicates code or commands Commandsand code are shown in monospace type:

This is how code looks

Additionally, the following icons are used to call your attention to points that areparticularly important

A Caution warns you to be careful when executing a procedure or you coulddamage your computer hardware or software

A Cross-Reference refers you to further information on a subject that you can findoutside the current chapter

A Note provides extra information to which you need to pay special attention

A Tip shows a special way of performing a particular task or introduces a shortcut

to ease your way

We hope you enjoy working with your SUSE Linux system as much as we enjoy

working with ours, and we know that SUSE Linux 10 Bible will be an invaluable tool

to help you get the most out of it

Tip Note

Cross-Reference

Caution

DVD and Web Site

This book comes with a DVD containing a full copy of SUSE 10.0 for computers withx86, AMD64, or EM64T processors Additionally, check out this book’s web site at

www.wiley.com/go/suselinux10bibleperiodically for additional and updated tent For more great books on Linux from Wiley, you can point your browser to

con-www.wiley.comor www.wrox.com

Contents at a Glance

Foreword ix

Preface xi

Introduction xxxiii

Part I: SUSE Linux Basics 1

Chapter 1: Installing SUSE 10 3

Chapter 2: Linux Fundamentals 47

Chapter 3: Partitions, Filesystems, and Files 77

Part II: The SUSE System 107

Chapter 4: Booting the System 109

Chapter 5: Documentation 135

Chapter 6: Understanding Your Linux Network 155

Chapter 7: Logging 171

Chapter 8: The X Window System 189

Chapter 9: Configuring the System with YaST 221

Part III: Using the Command Line in SUSE Linux 267

Chapter 10: Text Manipulation 269

Chapter 11: Text Editors 299

Chapter 12: Working with Packages 323

Chapter 13: Working with Files 343

Chapter 14: Working with the System 373

Chapter 15: Linux Networking 411

Part IV: Implementing Network Services in SUSE Linux 443

Chapter 16: Setting Up a Web Site with the Apache Web Server 445

Chapter 17: Mail Servers — Postfix, Sendmail, Qpopper, and Cyrus 463

Chapter 18: Setting Up Windows Interoperability with Samba 495

Chapter 19: Setting Up Printing with CUPS 527

Chapter 20: Configuring and Using DHCP Services 547

Chapter 21: Configuring a DNS Server 569

Chapter 22: Working with NFS and NIS 583

Chapter 23: Running an FTP Server on SUSE 603

Chapter 24: Implementing Firewalls in SUSE Linux 613

Chapter 25: Working with LDAP in SUSE 635

Chapter 26: Setting Up a Web Proxy with Squid 655

Part V: SUSE Linux in the Enterprise 667

Chapter 27: Enterprise Architecture 669

Chapter 28: Emulation and Virtualization 693

Chapter 29: The Kernel 723

Chapter 30: SUSE Linux OpenExchange Server 739

Chapter 31: The Novell Open Enterprise Server 783

Chapter 32: Business Desktop Linux: The Novell Linux Desktop 797

What’s on the DVD 807

Index 809

GNU General Public License 859

Foreword ix

Preface xi

Introduction xxxiii

Part I: SUSE Linux Basics 1 Chapter 1: Installing SUSE 10 3

Selecting Your Installation Method 3

Starting Your Installation 5

Selecting Boot Options 6

Configuring Language Settings 9

Media Check 10

Customizing the Installation 11

Selecting Your Desktop Environment 11

Installation Overview 12

Customizing Your Installation 12

Partitioning Your Disks 14

Resizing Existing Operating System Partitions 16

Primary and Extended Partitions 17

Defining Filesystems 18

Selecting Software for Installation 23

Selecting a Boot Loader 25

Changing the Default Runlevel 27

Running the Installation 28

Configuring Your Root Password 30

Configuring Your Network Access 30

Testing Your Connection and Online Updates 34

Configuring Your Modem 35

ISDN and ADSL Connections 36

Adding a New User 37

SuSEconfig 38

Reviewing the Release Notes 39

Configuring Your Hardware 40

Completing Installation 43

Chapter 2: Linux Fundamentals 47

Command Line 101: The Shell 48

Commonly Used Shell Features 48

Advanced Shell Features 49

Getting Help for Linux Commands 55

Working with Files and Directories 55

Listing Files 56

Copying Files 56

Moving and Renaming Files 57

Deleting Files and Directories 57

Changing Directories 58

Making Directories 58

Removing Directories 58

Making Links to Files or Directories 58

Concatenating Files 59

Viewing Files with more and less 59

Viewing the Start or End of Files 60

Searching Files with grep 60

Finding Files with find and locate 61

Editing Text with vi and emacs 61

Common Administrative Tasks 62

Basic User and Group Concepts 62

Creating Users and Groups 63

Working with File Ownership and Permissions 64

Configuring User Preferences 68

Mounting and Unmounting Filesystems 69

Working with Software Packages 70

Checking What’s Installed 70

Examining RPM Packages 71

Extracting Files from Packages 71

Working with Source RPMs 72

Compiling Source Packages 73

Connecting over the Network 73

Backing Up, Restoring, and Archiving Files 75

Creating and Reading Simple Archives 75

Creating an ISO Image to Burn to CD 76

Chapter 3: Partitions, Filesystems, and Files 77

Partitions 78

Types of Partitions 78

Creating Partitions 80

Updating a Disk’s Partition Table 85

Changing Partition Types 86

Filesystems 86

EXT2 88

EXT3 88

ReiserFS 89

JFS 89

XFS 90

VFAT/NTFS 90

Creating Filesystems 91

Creating an EXT2 Filesystem 92

Creating an EXT3 Filesystem 93

Upgrading an EXT2 Filesystem to an EXT3 Filesystem 94

Creating a ReiserFS Filesystem 95

Filesystem Benchmarks 97

Mounting Filesystems 98

Mount Options 100

Mounting Filesystems Automatically 104

Unmounting Filesystems 105

Part II: The SUSE System 107 Chapter 4: Booting the System 109

Booting Concepts 109

Runlevels 113

Switching Runlevels Manually 114

Using chkconfig to Control Runlevels 117

Customizing Runlevels for Different Types of Systems 118

Boot Managers 119

LILO 119

GRUB 122

Dual Booting 124

Installing Windows and Linux on a New System 124

Installing Linux on an Existing Windows System 125

Manually Partitioning an Existing Windows System 126

Sharing Data on Windows and Linux Partitions 128

Troubleshooting Booting 130

Fixing Boot Problems Using Runlevels 130

The SUSE Rescue System 131

Chapter 5: Documentation 135

Finding Help on Your SUSE System 135

The SUSE Manuals 135

Man Pages 136

Info Pages 141

The SUSE Help Center 141

/usr/share/doc/packages/ 142

Other Documentation Packages 143

Linux Documentation Project Resources 143

FAQs 144

HOWTOs 145

Linux Documentation Project Guides 145

The SUSE Books Package 147

Finding Help Online 147

The SUSE Portal 148

SUSE Public Mailing Lists 149

The Unofficial SUSE FAQ 149

Other Unofficial SUSE Help Sites 149

Other SUSE Documents 149

SUSE Linux OpenExchange Server and OPEN-XCHANGE Web Sites 150

Topic-Specific Sites 150

Finding Software 152

IBM 152

Other Distributions 153

News Sites 153

IRC 153

Finding Further Information 153

Chapter 6: Understanding Your Linux Network 155

Internet 101 156

TCP/IP 157

The ISO OSI Model 157

The DoD Model 161

IP Addresses 162

Routing 169

And Breathe 170

Chapter 7: Logging 171

Why Log? 171

The Files in /var/log 172

Logging with syslog 173

Logging with syslog-ng 176

The Log Source 178

The Filter 179

The Log Destination 179

The Log Definition — Tying It All Together 180

Future Directions for Linux Logging 180

Managing Your Logs with logrotate 181

Analyzing Your Logs with logcheck 183

Using Webalizer 186

Reading Log Files 187

Chapter 8: The X Window System 189

X Window System Concepts 190

Window Managers 190

KDE and GNOME 191

Configuring X 192

Getting Hardware Information 193

Using sax2 193

Framebuffer Graphics 195

Accessing Framebuffer Graphics after Installation 196

If X Still Doesn’t Start 197Switching Resolutions 197Copy and Paste in X 197User Preferences in X 198Using X Remotely 198Diskless X Terminals 203KDE 204Konqueror 205The KDE Control Center 207KDE Applications 208GNOME 209Nautilus 211Epiphany 211Evolution 211Gnucash 211AbiWord 211Gnumeric 212Other Window Managers 212MWM and FVWM2 213Blackbox 213IceWM 214XFCE 214Window Maker 215FVWM 215Building Your Own X Applications 216Development Requirements for X Applications 216Building Fluxbox 216Using Fluxbox 218Wrapping Up 220

Chapter 9: Configuring the System with YaST 221

YaST Modules 223Configuring Installation Sources 226Creating and Using Boot and Rescue Floppies 228Setting Up Proxy Settings 229Using NTP Time Services 230Printer Configuration 231Setting Up a Scanner 238Boot Loader Configuration 238Setting Up SCPM 241Runlevel Editor 244Configuring DHCP 246Users and Groups 246Adding or Editing Users 246Adding or Editing Groups 249Installing Additional Software with YaST 250YOU — The YaST Online Update 253YOU on SUSE Professional and on SLES 253susewatcher 253

The YaST Online Update Module 254YOU Dangers 256The YaST Installation Server Module 256Setting Up an Installation Server 257Installing from the Installation Server 260Autoinstallation — AutoYaST 260Principles 260Mode of Operation 261The YaST Autoinstallation Module 261Using Pre-Install, chroot, and Post-Install scripts 264Further Information 265

Chapter 10: Text Manipulation 269

Reading Lines from Files 270cat 270tac 272zcat 272head 272tail 272expand 273

nl 273uniq 274sort 275Extracting Lines from Files 275grep 275zgrep 278grepmail 278sgrep 279split 280csplit 280Working with Fields from Text Files 282cut 282paste 282join 283awk 284Getting Statistics about Text Files with wc 286Replacing Text 286sed 286

tr 288dos2unix and unix2dos 290Formatting Text Files for Viewing and Printing 290

pr 290fold 291

fmt 291groff -Tascii 291a2ps 292enscript 292Comparing Files 293cmp 293diff and patch 293Getting Text out of Other File Formats 295antiword 295ps2ascii 296ps2pdf 296dvi2tty 296detex 296acroread and xpdf 297html2text 297strings 297

Chapter 11: Text Editors 299

The Politics 300vi/vim 300Using Command Mode 302Moving Around the Text 302Deleting Text 304Copying and Pasting 307Inserting and Saving Files 308Searching and Replacing 309Using the vim Initialization File 310Exiting vim 310emacs 311What to Install 311Starting emacs 312Controlling emacs 313Using Word Completion 315Using Command Completion and History 316emacs Modes 316Using the Calendar 318Customizing emacs 318More Information 322

Chapter 12: Working with Packages 323

Binary RPMs 324Installing an RPM 324Querying RPM Packages 326Removing Installed Packages 328Verifying an RPM 329

Creating an RPM 331Distribution RPMS 331Source Code 331The RPM Environment 333The Spec File 333Compiling an RPM from the Spec File 339Checking the Finished RPM 341

Chapter 13: Working with Files 343

Listing, Copying, and Moving Files 343The Command-Line Tools 343File Managers 348Finding Files 350Using find 350Using locate 350Using Konqueror to Find Files 351Finding Files in GNOME 351Finding Files in mc 352Looking at Files and File Types 353The file Command 353strings, ghex2, khexedit, and antiword 354Viewing and Opening Different File Types and Formats 355Compressing Files 362Working with Archives 363Working with tar Archives 364Working with cpio Archives 366Working with zip Archives 367Unpacking RPM Packages 367Using pax 367Using ark 368Files Attributes and ACLs 369File Attributes 369File ACLs 370

Chapter 14: Working with the System 373

System Rescue and Repair 373Booting from the Hard Disk with Special Boot Parameters 374Booting into the Rescue System 374Booting into YaST System Repair Mode 375Working with Partitions 378Partitioning Examples 380Making a Filesystem 384Working with DVDs, CDs, and Floppies 385Creating and Using Images of Existing Disks 385Creating and Using New Disk Images 387Creating ISO CD and DVD Images 388

Burning CDs from the Command Line 389Burning CDs and DVDs Using k3b 389Webmin 391Contacting a Running Webmin Process 391Webmin and YaST 392Automating Tasks 395Shell Aliases 395Writing Shell Scripts 396Scripting Languages 405

Chapter 15: Linux Networking 411

Configuring an IP Network 411ifconfig 412Setting Up Your Routes 415Using iproute 419The Wonderful World of ARP 422Taking Part in an IPX Network 423Network Tools 424Using Telnet 425Using SSH 427rsync 432wget 433Network Troubleshooting 434ping 434traceroute 435Wireless Networking 436ndiswrapper 437Configuring Your Wireless Network 439Bluetooth 440

Part IV: Implementing Network

Chapter 16: Setting Up a Web Site with the Apache Web Server 445

Configuring Apache 447Global Directives 448Main Server 450Virtual Hosts 452Security 453Setting Up User Access 454Setting Up Group Access 455The Common Gateway Interface 456Creating Dynamic Content with PHP 459

Chapter 17: Mail Servers — Postfix, Sendmail, Qpopper, and Cyrus 463

How Mail Is Sent and Received 464Postfix 465Postfix Configuration 466Postfix Terminology and Use 473Stopping Spam 478sendmail 479Installing sendmail 480Configuring sendmail 481Starting sendmail 485Getting More Information about sendmail 486Qpopper 486Fetchmail 488Cyrus IMAPD 489Configuring the Cyrus User 489Adding Users to Cyrus 490Creating a Shared Mailbox 490Integrating Cyrus and Postfix 492Setting an Alias for Root’s Mail in Cyrus 492Choosing a Mail Client 493The Command-Line Clients 493The Graphical Mail Clients 494Mail Systems on Linux 494

Chapter 18: Setting Up Windows Interoperability with Samba 495

A Bit of Background 496Setting Up and Using a Samba Client 497Configuring a Samba Client 497Browsing Available Windows Resources 501Mounting a Shared Windows Drive 503Using a Windows Printer from Linux 505Setting Up a Samba Server 508Creating and Managing the Samba Password File 516Working with the Winbind Daemon 517Command-Line Utilities for Samba 519The Samba Configuration File 520Samba Client and Server Packages 521Samba-Related Packages in SUSE Linux 522When Samba-Related Packages Are Installed 522Installing Samba Packages without a Graphical Interface 523Installing Samba Packages 524

Chapter 19: Setting Up Printing with CUPS 527

Setting Up a Locally Connected Printer 529Printers Not Listed by YaST 531Unsupported Printers 532Printing from Applications 532Printing from the Command Line 533Canceling a Print Job from the Command Line 533Setting Up a Simple Print Server on the Local Network 534Setting Up a Windows Client to Print to the CUPS Server 537Printing from Linux to Other Types of Remote Printers 537Using the CUPS Web Interface 538The CUPS Command-Line Tools and Configuration Files 541The CUPS Logs 543Other Tools 544Documentation 544CUPS Online Documentation 545The CUPS Book 545SUSE Printing Documentation 545IPP Documentation 545

Chapter 20: Configuring and Using DHCP Services 547

What Is DHCP? 548SUSE DHCP Server Packages 550Setting Up a DHCP Server Using YaST 551Using the YaST DHCP Server Wizard 551Reconfiguring an Existing DHCP Server in YaST 556Manually Configuring a DHCP Server 559

IP Address Ranges 560Assigning a Default Gateway 560Configuring Name Services 560Host Specification 562Defining Host Groups 563Specifying Leases 563Other DHCP Options 564Starting and Stopping DHCP Clients 564Troubleshooting DHCP Clients and Servers 565Troubleshooting DHCP Clients 565Troubleshooting DHCP Servers 566Wrapping Up 568

Chapter 21: Configuring a DNS Server 569

Some DNS Theory 569Top-Level Domains 570How Does a DNS Search Work? 571Caching 572

Configuring BIND for Caching and Forwarding 572Using dig 573Using host 574Examining Record Types 575Working with Zones 576The Start of Authority 576The NS Entry 578The Mail Exchanger 578The Address Record 579The CNAME Record 579Adding the Zone to named.conf 579The Reverse Zone 580

Chapter 22: Working with NFS and NIS 583

Mounting NFS Filesystems 583Mounting NFS Filesystems at Boot Time 584Using mount Options 585rcnfs start and rcnfs stop 586YaST’s NFS Client Module 586The NFS Server 587The exports File 588The exportfs Command 591The showmount Command 591Problems with Mounting NFS Shares 592NFS Security Considerations 593Using NIS for Authentication 593Setting Up an NIS Server Using YaST 594Setting Up an NIS Server Manually 597Configuring Clients for NIS 599Wrapping Up 601

Chapter 23: Running an FTP Server on SUSE 603

vsftpd as an Anonymous FTP Server 604Setting Up User FTP with vsftpd 608Allowing Uploads 609Using pure-ftpd 611Further Information 612

Chapter 24: Implementing Firewalls in SUSE Linux 613

Why Use a Firewall? 614Configuring a Firewall with iptables 615Implementing an iptables Firewall 617Setting Your First Rules 619Adding a Rule 620The Order of Rules 621

Network Address Translation 622Source NAT 622Allowing the Packets to be Forwarded 624Destination NAT 625Redirecting Traffic 626Allowing ICMP Traffic 626Allowing Loopback 627Logging Dropped Packets 628Using SuSEfirewall2 628What Next? 633

Chapter 25: Working with LDAP in SUSE 635

What Is LDAP? 636LDAP Objects 637The Hierarchy 638Implementing the LDAP Server 639Configuring the Administrator 639Testing the LDAP Server 640Adding Information 641Adding User Data to the LDAP Server 645Pluggable Authentication Modules 649Integrating LDAP into Linux 651Setting the ACL on the LDAP Server 653How Can LDAP Help You? 653

Chapter 26: Setting Up a Web Proxy with Squid 655

Getting Started with Squid on SUSE 656User Authentication 659Restricting Access by Hardware Address 661The Squid Log 661Using Squid as a Transparent Proxy 663Using Cache Manager 664Using squidGuard 664

Chapter 27: Enterprise Architecture 669

A Typical Organization 670Where Can Linux Be Used? 671

I Know Where, but How? 672Fulfilling Your Staff Requirements 673Linux Enterprise Hardware: The Big Players 674IBM 674Hewlett-Packard 676

64-bit Platforms 676Blade Technology 677Putting It All Together 678Where Do I Put the Services? 679Storage Area Networks 683Disaster Recovery 688

Chapter 28: Emulation and Virtualization 693

Emulation versus Virtualization 693DOS Emulation Using dosemu and dosbox 695dosemu 695dosbox 696Running Microsoft Windows Applications Using Wine 696The bochs PC Emulator 698Virtual Machines Using QEMU 699Installing and Running QEMU 700Building and Using the QEMU Accelerator 701VMWare Virtual Machines 703VMWare Workstation 703Creating and Using Virtual Machines with Xen 706Installing Xen 707Creating Xen Virtual Machines Using YaST 708Creating Xen Virtual Machines Manually 711Starting, Stopping, and Interacting with Xen Virtual Machines 716Automating Xen Domain Startup 718More Information About Xen 719User Mode Linux and FAUmachine 719User Mode Linux Installation and Setup 719FAUmachine Installation and Setup 720Other Emulators 720Summary 720

Chapter 29: The Kernel 723

Why You Probably Don’t Need This Chapter 723Why You Might Need This Chapter 724SUSE Kernels and Vanilla Kernels 724Kernel Version Numbers 724The Binary Kernel Packages 725What Kernel Am I Running? 726Upgrading a Kernel Package 726Kernel Configuration 726Building the Kernel 732

Rebuilding the km_* Packages 734The Kernel and Third-Party Software 735Loading Kernel Modules 735Kernel Parameters at Boot Time 736The Initial Ramdisk 737

Chapter 30: SUSE Linux OpenExchange Server 739

Licensing SLOX 740Installing SLOX 740Starting the SLOX Installation 741Configuring UnitedLinux 743Configuring SLOX 748The SLOX Architecture 750PostgreSQL 750OpenLDAP 751Netline Servlets 751Cyrus and Postfix 751Administrating SLOX 752Managing Users 754Creating the User 754Creating a Virtual Domain 757Mapping a Virtual User to a Real User 758Configuring the Postfix Subsystem 759Enabling SMTP-AUTH 760Enabling Spam Prevention 760Managing the Cyrus Subsystem 761Managing Groups and Folders 762Creating a Group of Users 762Creating a Shared Folder 763Checking System Resources 764The User Perspective 765Reading Your Mail 766The Calendar 768Jobs (tasks) 769Creating Documents 770Creating a Note 771Creating a New Contact 772Viewing Your New Portal Page 773Using the Outlook Connectors 774iSLOX 774oSLOX 775Using oSLOX 775Your First Synchronization 778

To SLOX or Not to SLOX? 782

Chapter 31: The Novell Open Enterprise Server 783

OES components 784eDirectory 785iManager 785Linux User Management 785eGuide 786iFolder 786iPrint 787NetStorage 787QuickFinder 787Virtual Office 788Novell Remote Manager 788Novell Storage Services 789Novell NCP server 789Novell Samba server 789Novell Cluster Services 790Obtaining OES 790Installing OES 790OES Licensing 793Post-Installation Configuration of OES 793What Next? 795Further Information 796

Chapter 32: Business Desktop Linux:

The Novell Linux Desktop 797

The Technical Background 798The Stubborn Applications 799Commercial Desktop Distributions 799Other Approaches 800SLD and NLD 801NLD Installation 802Special Features of NLD 802The Future of NLD 806For More Information 806

What’s on the DVD 807

System Requirements 807What’s on the DVD 807Troubleshooting 808Customer Care 808

Index 809 GNU General Public License 859

What is Linux? There was a time (not so long ago) when the first page of

every book and the first slide of every presentation on Linux had this gatory question We have come a long way since that time, and we certainly nolonger feel that we have to start our own presentations with that slide However, in

obli-a book like this, obli-a brief introduction to Linux in generobli-al cobli-an provide obli-an obli-appropriobli-ateentry into our discussion of SUSE Linux in particular

Linux is a multiuser, multitasking, multiplatform computer operating system(strictly speaking, an operating system kernel) that has been developed by an opensource, collaborative process involving large numbers of people all over the world.Linux is a Unix-like operating system This means that it conforms closely to a set ofconventions and standards associated with Unix; however, Linux does not containany of the original Unix code

Linux has been developed using the open source development model What thatmeans is that all the work that is done by Linux developers is open and shared It isopen to peer review, which encourages honesty and means that each developer is able

to build upon work that has already been done by others Although this method isoften still seen as revolutionary in the field of software development, it is effectively thesame method that has been used by science in the Western world since about the time

of Newton The development of Western science has been spectacularly successfulprecisely because it is based on the same values of openness and shared resultsand because of the quality assurance provided by the scrutiny of peer review.This model works so well both in science and software because openness leads toscrutiny, and scrutiny leads to improvement and the correction of errors Opennessalso means the ability to build on the results of others Newton himself said that if hesaw further than others, it was “by standing upon the shoulders of giants.” This sums

up very well the power of collaborative development in any field It contrasts stronglywith the traditional closed source development model: a group of programmersworking in secrecy with deadlines for work to be handed to a manager In such a sit-uation, a team member who knows that his work has a bug in it has no incentive totell anyone; when the program is finally released, no one outside the small develop-ment group can look at the code to understand why it does not work as advertised

In contrast, Eric Raymond coined a phrase to describe the power of having a largeopen source developer community to debug code: “Given enough eyeballs, all bugsare shallow.”

The dramatic success of Linux and of other associated open source projects such

as the Apache web server and Samba are proof of the power of the open sourcedevelopment method

Linux has come a long way since its beginnings in the early 1990s In 1991, it wasone man’s hobby: Ten years later, in 2001, IBM announced that it was investing onebillion dollars in its Linux strategy

Linux History

The beginning of Linux is usually dated to August 25, 1991, the date on which LinusTorvalds sent a posting to the comp.os.minixnewsgroup describing the work hehad done so far He subsequently invited others to join the project, made the codeavailable by FTP, and offered it under a license allowing free redistribution (origi-nally a license that he wrote himself, but soon afterward moved to the GNU GPL)

A worldwide community quickly arose, working on the Linux kernel and submittingcode and patches back to Torvalds to be incorporated into the kernel As time went

on, the number of people working on Linux grew rapidly, and systems were put inplace to filter and channel the incoming code; however, Linus Torvalds has stayed

in charge of the whole project, which has remained independent of any particularvendor

The remarkable rate at which Linux grew and matured is well known: Linux is livingproof of the power of the open source development model

Both the history of Linux and descriptions of the workings of open source

develop-ment are described in many other publications Glyn Moody’s Rebel Code: Linux and

the Open Source Revolution has a very good history of Linux and the open source

movement generally The classic exposition of why and how the open source

devel-opment model works so well is in Eric S Raymond’s The Cathedral and the Bazaar.

Both of these books are recommended to any readers who want to know moreabout the history of Linux and open source software, and particularly to anyonewho has residual doubts about whether free and open source software can really

be secure or reliable

In the first few years of Linux, a number of distributions of Linux emerged It is

impor-tant to understand that, properly speaking, the term Linux refers only to the kernel.

To create a system that you can install and run, much more is required, including

in particular the whole range of GNU utilities and a method of installing the system

A distribution of Linux is a complete set of packages built to work together around a

Linux kernel, combined with a method of easily installing the system to the hard disk

Many of the early Linux distributions have been forgotten But a few companiesformed in the early years began to produce important commercial versions of Linux:

the most important then were Red Hat, Caldera, and SUSE The most influential earlynoncommercial (or possibly semicommercial) distribution was Slackware, whichplayed an important part in the early life of SUSE (and which still exists) The Debianproject began at around the same time and also continues to this day as the purestLinux distribution from the point of view of the ideology of software freedom

Red Hat’s IPO (stock market flotation) in mid-1999 was perhaps the event that putLinux on the map for the wider world The subsequent dramatic rise and equallydramatic fall of the stock price were perhaps at the same time somewhat unfortunatebecause it gave the perception that Linux was part of the Internet bubble—justanother bright idea lacking a coherent business model

However, the continual increase in the uptake of Linux by business and its ment by some of the giants of the computer industry made its importance clear even

endorse-to the doubters Oracle announced support for Linux in mid-1998; Oracle installations

on Linux are a significant factor in the acceptance of Linux in the enterprise market

IBM began to take Linux very seriously from 1998 onward and started offering ports

of its software to Linux the following year (including the DB2 database and Dominoserver); now it forms a major part of the company’s strategy

The past few years have brought us to a point where Linux is regarded as stream All major industry players in both the hardware and software sectors(apart from Microsoft and its close collaborators) have adopted Linux or have

main-a Linux strmain-ategy

The takeover of SUSE by Novell at the end of 2003, and Novell’s enthusiastic version to Linux, is a logical part of that process and is certain to accelerate Linuxadoption globally

con-SUSE History

SUSE is the oldest existing commercial distribution of Linux The company wasfounded in 1992 near Nuremberg in Germany The first release of a Linux distribu-tion by SUSE was early in 1994

A very frequently asked question is “What does SUSE stand for?” SUSE is a German acronym for Software und System Entwicklung or Software and System Development

(not a terribly original or gripping name for a software company) However, the fullname is never used; the company has been known as SUSE since the earliest days

More accurately, the company has been known as S.u.S.E., then as SuSE, and nowSUSE as the marketing people gradually got to work on the corporate image of thecompany In what follows, for simplicity we use the current form, SUSE, at the risk

of anachronism

The company was founded on September 2, 1992 The founders were Roland Dyroff,Thomas Fehr, Burchard Steinbild, and Hubert Mantel, all in their mid-twenties at thetime Three of the founders were still at University studying mathematics: ThomasFehr had already graduated and was working as a software engineer The originalintention was that the company would do consulting work and software developmentfor clients; according to Hubert Mantel’s account, this did not work out very well aswork was in short supply, and after a while the group had the idea of distributingLinux Initially the company distributed a version of Linux called SLS (Soft LandingSystems) Later they switched to Slackware, producing a German-language version

in cooperation with Slackware’s founder, Patrick Volkerding

According to the recollections of Bodo Bauer (one of the very earliest SUSE ees), the SUSE people decided that rather than constantly fixing bugs in Slackwarebefore shipping their translated and enhanced version, it would be better to producetheir own distribution They also felt the lack of a good installation and configurationtool in Slackware The result was that SUSE took Florian LaRoche’s Jurix distribution

employ-as a starting point and began to develop YaST (Florian also joined the SUSE team.)The first true SUSE distribution was released in May 1996 and was numbered 4.2

(an intentional reference to the use of the number 42 in The Hitchhiker’s Guide to

the Galaxy by Douglas Adams).

At the time that early versions of Red Hat (and Red Hat clones) were ubiquitous inthe United States, SUSE Linux gained popularity in Europe SUSE became a world-wide company with the establishment of offices in the United States (1997) and inthe United Kingdom (1999)

SUSE never attempted an IPO, although there were rumors that this would happen atone stage Instead, the company went through a number of rounds of funding fromventure capitalist and industry sources Over-optimism and too rapid an expansionled to a point in 2001 when the company was forced to downsize significantly tosurvive After that time, stricter financial discipline, the release of the enterpriseversions, and the growing uptake of Linux by business put the company on a soundfooting With the takeover by Novell in 2003, the investors recouped their investment,while the market’s approval became very clear in the dramatic and sustained rise inNovell’s stock following the announcement

Originally SUSE provided one product (simply known as S.u.S.E Linux), which

was released about three times a year and was available for the x86 platform only.

The current SUSE Professional is the direct descendant of this, and the current version number of 10.0 is one of a series that goes back to the original 4.2

In 2000, the SUSE offering was split into Professional and Personal versions, andversions for other hardware platforms (Alpha, Sparc, and PPC) were released

The following year, SUSE released the Enterprise Server 7 version, and in due course,versions of Enterprise Server for IA64 (Itanium), PPC (intended for the IBM iSeriesand pSeries), S/390, and zSeries were released SUSE developed powerful tools toaid in the process of porting Linux to other platforms, and there was close collabo-ration with IBM in the production of versions for the PPC-based iSeries and pSeriesand for the S/390 and zSeries mainframes SUSE also worked with AMD on the devel-opment of a version for the Hammer chip (now known as the Opteron and Athlon 64).

The story goes that an entire distribution for this architecture was completed andtested using emulation before AMD had any hardware to offer; when the first machinearrived at SUSE from AMD, the installation CD booted and installed flawlessly SUSEuses a system known as AutoBuild that takes the same source code for all packagesand builds the distribution for all platforms from it This ensures a high degree ofcompatibility between versions on different platforms and is one of the key advan-tages of the SUSE Enterprise Server

SUSE also released a series of mail server products leading up to the SUSE LinuxOpenExchange Server 4, a mail and groupware server allowing integration with popular desktop clients, including Outlook and, hence, becoming a competitor toMicrosoft Exchange Server OpenExchange was developed jointly by SUSE andNetline, who wrote the groupware element This has now been released as a sepa-rate product under the GPL, and can be run on other Linux versions as well as SUSE

Enterprise Server 7 was succeeded by Enterprise Server 8 (available on x86, IA64,

AMD64, iSeries, pSeries, and zSeries) in November 2002

Prior to the release of Enterprise Server 8 (in November 2002), the UnitedLinux sortium was established, with SUSE, Connectiva, Turbolinux, and SCO as members

con-UnitedLinux was an agreed core, developed by SUSE for enterprise distributions to

be issued by the other vendors in the consortium Following the defection of SCOfrom the Linux community and its extraordinary decision to take legal actions againstIBM and Linux distributors and users, the UnitedLinux consortium lost its importanceand is now only of historical interest

Enterprise Server 8 was followed by Enterprise Server 9 in August 2004, continuing apattern of Enterprise releases separated by less than two years These releases over-lap each other in time: the full life cycle of each enterprise release is five years frominitial release until the final end of support and maintenance, which means that atany one time there are two fully supported versions of the Enterprise Server, one ofwhich is approaching its end of life The next version in the Enterprise Server line isexpected to be released in the first quarter of 2006

March 2005 saw the release of the Novell Open Enterprise Server (based on SLES 9),marking the fulfillment of Novell’s intention of integrating its NetWare product withLinux: the Open Enterprise Server makes NetWare’s core functionality a service run-ning on Linux rather than an operating system in itself and provides versions ofNovell’s directory services and management software on top of this platform

In the early days, SUSE appeared to be simply one of a large number of Linux butions However, unlike many of the other distributions, SUSE had a developerteam of real quality and strength in numbers This fact was not lost on IBM whenthey increasingly cooperated with SUSE in development work for their high-endplatforms, and it gradually became apparent that there were really only two Linuxcompanies that really mattered—namely, SUSE and Red Hat.

distri-Historically, however, there were some differences between the two companies’philosophies Both Red Hat and SUSE provided boxed versions of their consumerversion for sale Red Hat offered ISO images identical to the CDs in the boxed productfor download; SUSE did not, but allowed an FTP installation SUSE somewhat contro-versially placed a licensing restriction on the redistribution of the YaST installationand administration tool; while the source remained open, it was not permissible toredistribute YaST on media offered for sale This prevented a proliferation of SUSEclones in the way that there were numerous Linux distributions “based on Red Hat.”Since the takeover of SUSE by Novell, however, the YaST license has been changed tothe GPL, and more recently ISO images have been made available by FTP Both thesechanges can be seen as signs of Novell’s confidence in SUSE’s leading place in theLinux market

SUSE made a clearer distinction between the company’s enterprise and consumerversions than Red Hat did Red Hat was already offering a commercial software

maintenance and support system on its boxed product (Red Hat 7.x, 8.x, and so on)

when it introduced its enterprise versions (Advanced Server and Enterprise Server).Its subsequent withdrawal of all support for the boxed versions was something of

a PR disaster for Red Hat and left many commercial users feeling very dissatisfiedand looking for other options A considerable proportion of these users migrated atthat time to SUSE

The SUSE Family of Products

Now that we have introduced some of the history behind what this book is about, it’stime to take a look at the SUSE software that Novell currently offers Novell divides itsSUSE Linux products into Enterprise and Personal This is essentially the distinctionbetween the versions that are sold with a paid-for software maintenance systemand those that are not

Personal

The Personal category now consists of just one product, SUSE Linux Professional.(In the past there was a cut-down version of SUSE Linux Professional known asSUSE Linux Personal; with the release of 9.3 this product was dropped Do not con-fuse Novell’s customer category Personal with SUSE’s former product SUSE LinuxPersonal.)

SUSE Linux Professional

SUSE Linux Professional now contains versions for both the x86 (Intel-compatible

PC 32-bit) and x86-64 (Athlon 64, Opteron, and Intel EM64T) platforms It consists of

five CDs and two double-layer DVDs The five CDs form is an installation set for x86

machines One of the DVDs is an installation DVD for both x86 and x86-64; the other

DVD provides the source packages The Professional version contains a wide range

of software, including desktop and server software and development tools It actuallycontains considerably more packages than the Enterprise Server versions but should

be regarded as essentially an unsupported version, but limited installation support

is included in the price of the boxed set A new version of SUSE Linux Professionalappears twice a year

A Live DVD version (it’s been a DVD since version 9.2; previously this was a Live CD)

is released with each version This is available by FTP and can be burned to disk

This version cannot be installed, but booting a PC from this DVD provides a liveLinux system that can be used to evaluate SUSE Linux without installing it or, if youwant, as a way of carrying a Linux system around with you (perhaps with a USB stick

to hold your files)

Traditionally SUSE did not provide ISO images of the distribution for download

This changed in the summer of 2005 when the full ISO images for version 9.3 wereprovided in this way The Professional version has always been made available in

an FTP version that allows for network installation, either directly from the FTP site

or using a local mirror

Recently, SUSE has also begun to offer a DVD ISO image (by FTP) of a cut-downinstallable version of the Professional distribution This should be thought of as anevaluation edition, or as a replacement for the old Personal edition This version ismade available rather later in the product cycle than the FTP version and is known

as the FTP DVD version

openSUSE

Although the software concerned was almost all open source and freely distributable,the development of SUSE Linux was traditionally a closed process Beta testing wasdone internally by the company with the help of volunteers from partner companiesand the members of the public who carried out the testing under non-disclosureagreements

When the first beta version of 10.0 was ready in August 2005, the beta testing processand the development of SUSE was opened up with the start of the openSUSE project

This is intended to create a community around the development of SUSE Linux andmake the cutting-edge version of SUSE an entirely free one In some ways the con-cept is similar to the Fedora project, which plays a similar role in the development

of Red Hat; however, openSUSE aims to draw in a wider genuine participation byoutside users and developers and has an interest in desktop usability and the needs

of end users