suse linux 9 bible

This book is for anyone who is interested in running a SUSE Linux system — at home or at work, “for fun or for profit.” It covers all the rently available versions from SUSE: The “9” in

SUSE ™

9 Bible Justin Davies, Roger Whittaker, and William von Hagen

SUSE ™

9 Bible

SUSE ™

9 Bible Justin Davies, Roger Whittaker, and William von Hagen

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS

OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING,

OR OTHER PROFESSIONAL SERVICES IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK

AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR

OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.

SUSE ™ Linux ® 9 Bible

Copyright © 2005 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

Trademarks: Wiley, the Wiley Publishing logo and related trade dress are trademarks or registered trademarks of John Wiley &

Sons, Inc and/or its affiliates, in the United States and other countries, and may not be used without written permission SUSE

is a trademark of SUSE Linux AG Linux is a registered trademark of Linus Torvalds All other trademarks are the property

of their respective owners Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book

About the Authors

Justin Davies has been a Linux user since the age of 15, after getting frustrated at the (lack

of) features in DOS After University, he became a technical consultant at SUSE Linux, where

he became very interested in Linux on non-Intel architecture After a stint as a Unix trator post-SUSE, he joined the world of the value-added reseller and now works for SCC as

adminis-an enterprise solutions architect, helping orgadminis-anizations realize that Linux is a viable businesssolution

After working as a teacher of mathematics and as deputy head of an independent school in

London, Roger Whittaker discovered Linux in 1996 and became increasingly interested

(some would say obsessed) When SUSE Linux opened its U.K office in 1999, he changedcareers and worked as a technical and training consultant until early 2004, when he moved to

a position in London as a Linux consultant at CSF, a leading supplier of enterprise informationtechnology solutions He is a Council member of UKUUG, the U.K.’s Unix and Open Systemsuser group

William von Hagen has been a Unix system administrator for over 20 years and a Linux

fanatic since the early 1990s He has worked as a systems programmer, system administrator,writer, application developer, programmer, drummer, and content manager Bill has writtenbooks on such topics as Linux filesystems, Red Hat Linux, GCC, SGML, Mac OS X, and hackingthe TiVo He has written numerous articles on Linux, Unix, and open source topics for publi-

cations including Linux Magazine, Linux Format, and Mac Format An avid computer collector

specializing in workstations, he owns more than 200 computer systems

Credits Acquisitions Editor

Debra Williams Cauley

Copy Editor

Nancy Rapoport

Editorial Manager

Mary Beth Wakefield

Vice President and Executive Group Publisher

Quality Control Technicians

Susan Moritz Carl William Pierce

To my wife, Aimee —Justin Davies

To Shekufeh and Golnaz, who tolerate all this —Roger Whittaker

My Brothers and Sisters,

Should we accept that this book is indeed a Bible? Let us use a dictionary to see what the inition of a Bible is.

def-The first definition is marked obsolete, and just means “a book.” I think everyone would agree

that this tome is a Bible by that definition.

The second definition is the one that most know, “The Book by way of eminence accepted

as of divine authority and origin.” Well, Linux has long been known for its gurus who hand outsmall snippets of sage advice Sometimes that sage advice is in many books, and beginnersare often told RTFM (Read The Freaking Manual) Easy enough for the guru to say, but whenthere are so many manuals, HOWTOs, and other pieces of information scattered about, how

do you put it all together?

Therefore, a Bible is necessary The hope is that it carries information pertinent to your own religion, or in this case distribution If the Bible tries to cover the information in every distri- bution, the reader may become lost That is why this is SUSE Linux 9 Bible, and not some

other brand of Linux

Some people say that Linux and Free and Open Source (FOSS) are a religion and that the people who support it are religious zealots I don’t think that is true, for the people I know inFOSS are multifaceted But when it comes to programming, we believe that Linux and FOSSoffer education, government, and business the most flexible, powerful, and lowest-cost solu-tion All you have to do is reach out and accept that fact

As with any good religion, you have to practice it, study it, and really understand what isbeing said to you You also have to apply it to your life Look for ways in your life that thissoftware can help you, whether to organize your life or your business better

Many people think that Total Cost of Ownership (TCO) is simply made up of the cost of thehardware, software, and services of the solution you pick How naive Total Cost of Ownership

is also made up of the cost of not picking a better solution, one that is flexible enough to solve

99 percent of your problems instead of 80 percent of your problems How much does it costyou not to be able to solve that 19 to 20 percent?

The freedom that you get when you use FOSS is the key to this savings, or (in reverse) theadditional earning power To be able to fully tailor the software to meet your needs is thegreatest value of FOSS But you can’t do this without knowledge

That is where this Bible comes in, to give you the knowledge to go out and explore further.

So, my brothers and sisters, throw off the shackles of proprietary software and learn how to

make software do what you want it to do Open the pages of this Bible and see your life change.

Welcome to the bright side of “The Force.”

Carpe diem!

Jon ‘maddog’ HallPresident, Linux International

Welcome to SUSE Linux 9 Bible! This book is for anyone who is interested in running a

SUSE Linux system — at home or at work, “for fun or for profit.” It covers all the rently available versions from SUSE: The “9” in the title refers both to Enterprise Server 9 and

cur-SUSE Professional and Personal 9.x Most of the content applies equally to previous versions

also, however We shall also describe SUSE’s two other business products: the OpenExchangeServer and the SUSE Linux Desktop

The book aims to supplement the documentation provided by SUSE and to show the reader howbest to carry out a particular task on a SUSE system, making full use of SUSE’s configurationutilities Many Linux books and “howto” documents provide generic instructions for carryingout particular tasks; however, it often turns out that these are either incorrect in details orunnecessarily complicated when applied to a particular distribution In this book we aim todescribe the best ways of working with SUSE in a wide variety of situations, making full use ofSUSE’s specific configuration tools

Too often, computer books are written only from the standpoint of “how to” perform a taskand fail to provide a real understanding of the underlying principles Our aim in this book

is to combine a description of the steps necessary to perform a particular task with a realunderstanding of what is being done

While we discuss the use of SUSE Linux in enterprise applications, with examples based onour own consulting experience, the book is also for home users coming to grips with Linux

for the first time In short, we aim for SUSE Linux 9 Bible to be what you need to run your

SUSE Linux system, whatever your situation might be

How This Book Is Structured

We’ve organized this book into five parts:

✦ Part I: SUSE Linux Basics — This part introduces SUSE Linux by describing the

installa-tion of a SUSE system and discusses the fundamental concepts of Linux

✦ Part II: The SUSE System — This part describes the use of YaST for system

configura-tion, explains Linux networking, system logs and the X Window system, and helps you

to find further documentation

✦ Part III: Using the Command Line in SUSE Linux — This part covers the power of the

Linux command line, with chapters covering text editing and tools for manipulatingtext files, as well as package maintenance and advanced networking

✦ Part IV: Implementing Network Services in SUSE Linux — This part describes the

setup of the major network services on a SUSE system, including setting up webservers, mail servers, and file and print servers

xii Preface

✦ Part V: SUSE Linux in the Enterprise — This part describes the place of SUSE Linux

in the modern enterprise and covers the use of storage area networks (SANs) The configuration of the kernel is also covered The SUSE Linux Standard Server and theOpenExchange Server are explained in detail

Conventions Used in This Book

Throughout the book, monospace type indicates code or commands:

This is how code looks

Additionally, the following icons are used to call your attention to points that are particularlyimportant

A Caution warns you to be careful when executing a procedure or you could damage yourcomputer hardware or software

A Cross-Reference refers you to further information on a subject that you can find outsidethe current chapter

A Note provides extra information to which you need to pay special attention

A Tip shows a special way of performing a particular task or introduces a shortcut to easeyour way

We hope you enjoy working with your SUSE Linux system as much as we enjoy working with

ours, and we know that SUSE Linux 9 Bible will be an invaluable tool to help you get the most

out of it

DVD and Web Site

This book comes with a DVD containing the SUSE Linux 9.1 Professional distribution Todownload the complete source code for the SUSE Linux Professional Edition version 9.1, go

to www.wiley.com/go/suselinux9source Additionally, check out this book’s web site atwww.wiley.com/go/suselinux9bibleperiodically for additional and updated content Formore great books on Linux from Wiley, you can point your browser to www.wiley.com orwww.wrox.com

Tip Note

Cross-Reference

Caution

Ithank my wife, Aimee, for her unfaltering support during late-night writing sessions; HenneVogelsang, Jono Bacon, Wido Depping, Lenz Grimmer, and Pete Prior for their excellenttechnical editorial skills; and Paul Weinstein for contributing the Apache chapter Finally, Ithank my coauthor, Roger Whittaker, for agreeing that this idea would work! —Justin Davies

Contents at a Glance

Foreword ix

Preface xi

Acknowledgments xiii

Introduction xxxi

Part I: SUSE Linux Basics 1

Chapter 1: Installing SUSE 9.1 3

Chapter 2: Linux Fundamentals 45

Chapter 3: Partitions, Filesystems, and Files 69

Part II: The SUSE System 95

Chapter 4: Booting the System 97

Chapter 5: Documentation 117

Chapter 6: Understanding Your Linux Network 135

Chapter 7: Logging 149

Chapter 8: The X Window System 165

Chapter 9: Configuring the System with YaST 189

Part III: Using the Command Line in SUSE Linux 229

Chapter 10: Text Manipulation 231

Chapter 11: Text Editors 255

Chapter 12: Working with Packages 275

Chapter 13: Working with Files 293

Chapter 14: Working with the System 317

Chapter 15: Linux Networking 349

Part IV: Implementing Network Services in SUSE Linux 375

Chapter 16: Setting Up a Web Site with the Apache Web Server 377

Chapter 17: Mail Servers — Postfix, Qpopper, and Cyrus 391

Chapter 18: Setting Up Windows Interoperability with Samba 413

Chapter 19: Using DHCP Services 443

Chapter 20: Configuring a DNS Server 449

Chapter 21: Working with NFS 461

Chapter 22: Running an FTP Server on SUSE 471

Chapter 23: Implementing Firewalls in SUSE Linux 481

Chapter 24: Working with LDAP in SUSE 501

Chapter 25: Setting Up a Web Proxy with Squid 519

Part V: SUSE Linux in the Enterprise 529

Chapter 26: Enterprise Architecture 531

Chapter 27: The Kernel 551

Chapter 28: The SUSE Linux Standard Server 565

Chapter 29: SUSE Linux OpenExchange Server 581

Appendix A: What’s on the DVD 625

Appendix B: About SUSE Linux Professional Version 9.2 627

Index 629

GNU General Public License 667

Foreword ix

Preface xi

Acknowledgments xiii

Introduction xxxi

Part I: SUSE Linux Basics 1 Chapter 1: Installing SUSE 9.1 3

Selecting Your Installation Method 3

Starting Your Installation 4

Selecting boot options 6

Configuring language settings 8

Selecting and Customizing Installation 9

Partitioning your disks 11

Resizing existing operating system partitions 13

Primary and extended partitions 14

Defining filesystems 14

Selecting software for installation 19

Selecting a boot loader 22

Changing the default runlevel 24

Running the Installation 25

Configuring your root password 26

Configuring your network access 27

Testing your connection and online updates 31

Configuring your modem 32

ISDN and ADSL connections 33

Adding a new user 34

SuSEconfig 35

Reviewing the release notes 36

Configuring your hardware 36

Completing Installation 42

Chapter 2: Linux Fundamentals 45

Command Line 101: The Shell 45

Commonly used shell features 46

Advanced shell features 47

Getting Help for Linux Commands 52

Working with Files and Directories 52

Listing files 52

Copying files 53

Moving and renaming files 53

xviii Contents

Deleting files and directories 53

Changing directories 54

Making directories 54

Making links to files or directories 54

Concatenating files 55

Viewing files with more and less 55

Viewing the start or end of files 55

Searching files with grep 56

Finding files with find and locate 56

Editing text with vi and emacs 57

Common Administrative Tasks 57

Basic user and group concepts 57

Creating users and groups 58

Working with file ownership and permissions 59

Configuring user preferences 62

Mounting and unmounting filesystems 63

Working with Software Packages 63

Checking what’s installed 63

Examining RPM packages 64

Extracting files from packages 65

Compiling source packages 66

Working with source RPMs 66

Connecting over the Network 66

Backing Up, Restoring, and Archiving Files 67

Creating and reading simple archives 67

Creating an ISO image to burn to CD 68

Chapter 3: Partitions, Filesystems, and Files 69

Partitions 69

Types of partitions 70

Creating partitions 71

Updating a disk’s partition table 76

Changing partition types 76

Filesystems 77

EXT2 78

EXT3 78

ReiserFS 79

JFS 79

XFS 80

VFAT/NTFS 80

Creating Filesystems 80

Creating an EXT2 filesystem 81

Creating an EXT3 filesystem 82

Upgrading an EXT2 filesystem to an EXT3 filesystem 83

Creating a ReiserFS filesystem 84

Filesystem Benchmarks 85

Mounting Filesystems 87

Mount options 88

Automatically mounting filesystems 91

Unmounting Filesystems 92

Contents

Chapter 4: Booting the System 97

Booting Concepts 97Runlevels 100Switching runlevels manually 101Using chkconfig to control runlevels 103Customizing runlevels for different types of systems 104Boot Managers 105LILO 105GRUB 107Dual Booting 109Installing Windows and Linux on a new system 109Installing Linux on an existing Windows system 109Manually partitioning an existing Windows system 110Sharing data on Windows and Linux partitions 112Troubleshooting Booting 113Fixing boot problems using runlevels 113The SUSE Rescue System 115

Chapter 5: Documentation 117

Finding Help on Your SUSE System 117The SUSE manuals 117Man pages 118Info pages 122The SUSE Help Center 123/usr/share/doc/packages/ 124Other documentation packages 124Linux Documentation Project Resources 125FAQs 125HOWTOs 126Linux Documentation Project Guides 126The SUSE package books 127Finding Help Online 128The SUSE Portal 128SUSE public mailing lists 129The unofficial SUSE FAQ 129Other SUSE documents 130SUSE Linux OpenExchange Server web sites 130Topic-specific sites 130Finding software 131IBM 132Other distributions 132News sites 132IRC 132Finding Further Information 132

xx Contents

Chapter 6: Understanding Your Linux Network 135

Internet 101 136TCP/IP 136The ISO OSI model 137The DoD model 140

IP addresses 141Routing 146And Breathe 147

Chapter 7: Logging 149

Why Log? 149The Files in /var/log 149Logging with syslog 151Logging with syslog-ng 153The log source 154The filter 155The log destination 156The log definition — tying it all together 156Future Directions for Linux Logging 157Managing Your Logs with logrotate 157Analyzing Your Logs with logcheck 159Using Webalizer 161Reading Log Files 162

Chapter 8: The X Window System 165

X Window System Concepts 166Window managers 166KDE and GNOME 167Configuring X 168Getting hardware information 168Using sax2 168Framebuffer graphics 170Accessing framebuffer graphics after installation 172

If X still doesn’t start 172Switching resolutions 172Copy and paste in X 172User preferences in X 173Using X remotely 174Diskless X terminals 177KDE 178Konqueror 179The KDE Control Center 180KDE applications 181GNOME 182Nautilus 184Epiphany 184Evolution 184Gnucash 184AbiWord 184Gnumeric 184

Contents

Other Window Managers 185MWM and FVWM2 185Blackbox 186IceWM 186XFCE 187Window Maker 187FVWM 187

Chapter 9: Configuring the System with YaST 189

YaST Modules 191Configuring Installation Sources 194Creating and Using Boot and Rescue Floppies 196Setting Up Proxy Settings 197Using NTP Time Services 197Printer Configuration 198Setting Up a Scanner 204Boot Loader Configuration 205Setting Up SCPM 208Runlevel Editor 211Configuring DHCP 213Users and Groups 213Adding or editing users 213Adding or editing groups 216YOU — the YaST Online Update 218YOU on SUSE Professional and on SLES 218susewatcher 218The YaST Online Update module 218YOU dangers 220Autoinstallation — AutoYaST 221Principles 221Mode of operation 221The YaST autoinstallation module 223Using pre-install, chroot, and post-install scripts 226Further information 227

Part III: Using the Command Line in SUSE Linux 229

Chapter 10: Text Manipulation 231

Reading Lines from Files 231cat 231tac 233zcat 233head 234tail 234expand 234

nl 235uniq 235sort 236

xxii Contents

Extracting Lines from Files 236grep 236zgrep 238grepmail 239sgrep 239split 240csplit 240Working with Fields from Text Files 242cut 242paste 242join 243awk 243Getting Statistics about Text Files with wc 245Replacing Text 246sed 246

tr 247dos2unix and unix2dos 248Formatting Text Files for Viewing and Printing 249

pr 249fold 249fmt 249groff -Tascii 249a2ps 250enscript 250Comparing Files 250cmp 251diff and patch 251Getting Text out of Other File Formats 252antiword 252ps2ascii 253ps2pdf 253dvi2tty 253detex 253acroread and xpdf 254html2text 254strings 254

Chapter 11: Text Editors 255

The Politics 256vi/vim 256Using command mode 258Moving around the text 258Deleting text 260Copying and pasting 263Inserting and saving files 264Searching and replacing 264Using the vim initialization file 265Exiting vim 265emacs 266What to install 266Starting emacs 267Controlling emacs 268Using word completion 270

Contents

Using command completion and history 270emacs modes 271Using the calendar 273More information 273

Chapter 12: Working with Packages 275

Binary RPMs 275Installing an RPM 276Querying RPM packages 277Removing installed packages 279Verifying an RPM 280Creating an RPM 281Distribution RPMs 282Source code 282The RPM environment 282The spec file 283Compiling an RPM from the spec file 288Checking the finished RPM 290

Chapter 13: Working with Files 293

Listing, Copying, and Moving Files 293The command-line tools 293File managers 296Finding Files 298Using find 298Using locate 299Using Konqueror to find files 299Finding files in GNOME 300Finding files in mc 301Looking at Files and File Types 301The file command 301strings, ghex2, khexedit, and antiword 302Viewing and opening different file types and formats 303Compressing Files 309Working with Archives 310Working with tar archives 310Working with cpio archives 312Working with zip archives 312Unpacking RPM packages 313Using pax 313Using ark 314Files Attributes and ACLs 314File attributes 314File ACLs 315

Chapter 14: Working with the System 317

System Rescue and Repair 317Booting from the hard disk with special boot parameters 317Booting into the Rescue System 318Booting into YaST System Repair mode 318Working with Partitions 321Partitioning examples 323Making a filesystem 327

xxiv Contents

Working with Disk Images 328Creating ISO images 329Burning ISO images to CD 329Working with disk images 330Webmin 331Installing Webmin 332Contacting a running Webmin process 333Webmin and YaST 334Automating Tasks 336Shell aliases 336Writing shell scripts 337Scripting languages 344

Chapter 15: Linux Networking 349

Configuring an IP Network 349ifconfig 349Setting up your routes 352Using iproute 355The Wonderful World of ARP 357Taking Part in an IPX Network 358Network Tools 359Using Telnet 360Using SSH 362rsync 365wget 367Network Troubleshooting 367ping 367traceroute 368Wireless Networking 369Bluetooth 371

Part IV: Implementing Network Services in SUSE Linux 375

Chapter 16: Setting Up a Web Site with the Apache Web Server 377

Configuring Apache 379Global directives 380Main server 381Virtual hosts 383Security 384Setting up user access 384Setting up group access 385The Common Gateway Interface 386Creating Dynamic Content with PHP 388

Chapter 17: Mail Servers — Postfix, Qpopper, and Cyrus 391

How Mail Is Sent and Received 391Postfix 392Postfix configuration 393Postfix terminology and use 399Stopping spam 403

Contents

Qpopper 404Fetchmail 406Cyrus IMAPD 407Configuring the Cyrus user 407Adding users to Cyrus 408Creating a shared mailbox 408Integrating Cyrus and Postfix 409Setting an alias for root’s mail in Cyrus 410Choosing a Mail Client 410The command-line clients 410The graphical mail clients 411Mail Systems on Linux 412

Chapter 18: Setting Up Windows Interoperability with Samba 413

A Bit of Background 413Setting Up and Using a Samba Client 414Configuring a Samba client 415Browsing available Windows resources 418Mounting a shared Windows drive 420Using a Windows printer from Linux 421Setting Up a Samba Server 426Creating and Managing the Samba Password File 433Working with the Winbind Daemon 434Command-Line Utilities for Samba 435The Samba Configuration File 436Samba Client and Server Packages 438Samba-related packages in SUSE 9.1 438When Samba-related packages are installed 439Installing Samba packages without a graphical interface 439Installing Samba packages 440

Chapter 19: Using DHCP Services 443

Configuring the DHCP Server 444

IP address ranges 444Assigning a default gateway 444Configuring name services 445Host Specification 446Defining host groups 447Specifying Leases 447Other DHCP Options 448The DHCP Client 448

To DHCP or Not? 448

Chapter 20: Configuring a DNS Server 449

Some DNS Theory 449Top-level domains 450How does a DNS search work? 450Caching 451Configuring BIND for Caching and Forwarding 451Using dig 452Using host 453

xxvi Contents

Examining Record Types 454Working with Zones 454The Start of Authority 455The NS entry 456The Mail Exchanger 456The Address record 457The CNAME record 457Adding the zone to named.conf 457The Reverse Zone 458

Chapter 21: Working with NFS 461

Mounting NFS Filesystems 461Mounting NFS filesystems at boot time 461Using mount options 462rcnfs start and rcnfs stop 463YaST’s NFS client module 463The NFS Server 464The exports file 465The exportfs command 467The showmount command 468Problems with mounting NFS shares 468Matching up user IDs 469Security 470

Chapter 22: Running an FTP Server on SUSE 471

vsftpd as an Anonymous FTP Server 472Setting Up User FTP with vsftpd 476Allowing Uploads 477Using pure-ftpd 479Further Information 479

Chapter 23: Implementing Firewalls in SUSE Linux 481

Why Use a Firewall? 482Configuring a Firewall with iptables 483Implementing an iptables firewall 484Setting your first rules 486Adding a rule 487The order of rules 488Network Address Translation 488Source NAT 488Allowing the packets to be forwarded 490Destination NAT 491Redirecting Traffic 491Allowing ICMP Traffic 492Allowing Loopback 493Logging Dropped Packets 493Using SuSEfirewall2 493What Next? 499

Contents

Chapter 24: Working with LDAP in SUSE 501

What Is LDAP? 501LDAP objects 502The hierarchy 503Implementing the LDAP Server 504Configuring the administrator 504Testing the LDAP server 505Adding information 506Adding user data to the LDAP server 509Pluggable Authentication Modules 514Integrating LDAP into Linux 515Setting the ACL on the LDAP Server 516How Can LDAP Help You? 517

Chapter 25: Setting Up a Web Proxy with Squid 519

Getting Started with Squid on SUSE 519User Authentication 522Restricting Access by Hardware Address 524The Squid Log 524Using Squid as a Transparent Proxy 525Using Cache Manager 526Using squidGuard 527

Part V: SUSE Linux in the Enterprise 529

Chapter 26: Enterprise Architecture 531

A Typical Organization 532Where can Linux be used? 533

I know where, but how? 534Fulfilling your staff requirements 534Linux Enterprise Hardware: The Big Players 535IBM 535Hewlett-Packard 53664-bit platforms 537Blade technology 538Putting It All Together 538Where do I put the services? 539Storage area networks 543Disaster recovery 547

Chapter 27: The Kernel 551

Why You Probably Don’t Need This Chapter 551Why You Might Need This Chapter 551SUSE Kernels and “Vanilla” Kernels 552Kernel version numbers 552The binary kernel packages 552What kernel am I running? 553

xxviii Contents

Upgrading a Kernel Package 554Kernel Configuration 554Building the Kernel 559Rebuilding the km_* Packages 560The kernel and third-party software 561Loading kernel modules 562Kernel Parameters at Boot Time 562The Initial Ramdisk 563

Chapter 28: The SUSE Linux Standard Server 565

Standard Server Structure 566Standard Server Installation 566The Web Administration Interface 572Users and groups 573Mail server settings 575Security settings 577Network services 577Tools 579Monitor 579File server 580Language 580

Chapter 29: SUSE Linux OpenExchange Server 581

Licensing SLOX 581Installing SLOX 582Starting the SLOX installation 582Configuring UnitedLinux 585Configuring SLOX 591The SLOX Architecture 592PostgreSQL 593OpenLDAP 593Netline servlets 593Cyrus and Postfix 594Administrating SLOX 594Managing Users 596Creating the user 596Creating a virtual domain 598Mapping a virtual user to a real user 600Configuring the Postfix Subsystem 601Enabling SMTP-AUTH 601Enabling spam prevention 602Managing the Cyrus Subsystem 602Managing Groups and Folders 603Creating a group of users 603Creating a shared folder 604Checking System Resources 606The User Perspective 607Reading your mail 608The calendar 609Jobs (tasks) 610

Contents

Creating documents 611Creating a note 613Creating a new contact 614Viewing your new Portal page 615Using the Outlook Connectors 616iSLOX 616oSLOX 616Using oSLOX 617Your first synchronization 620

To SLOX or Not to SLOX? 623

Appendix A: What’s on the DVD 625 Appendix B: About SUSE Linux Professional Version 9.2 627

Index 629 GNU General Public License 667

What is Linux? There was a time (not so long ago) when the first page of every book andthe first slide of every presentation on Linux had this obligatory question We havecome a long way since that time, and we certainly no longer feel that we have to start ourown presentations with that slide However, in a book like this, a brief introduction to Linux

in general can provide an appropriate entry into our discussion of SUSE Linux in particular.Linux is a multiuser, multitasking, multiplatform computer operating system (strictly speak-ing, an operating system kernel) that has been developed by an open source, collaborativeprocess involving large numbers of people all over the world Linux is a “Unix-like” operatingsystem This means that it conforms closely to a set of conventions and standards associatedwith Unix; however, Linux does not contain any of the original Unix code

Linux has been developed by the open source development method What that means is thatall the work that is done by Linux developers is open and shared It is open to peer review,which encourages honesty and means that each developer is able to build upon work thathas already been done by others Although this method is often still seen as revolutionary

in the field of software development, it is effectively the same method that has been used byscience in the Western world since about the time of Newton The development of Westernscience has been spectacularly successful precisely because it is based on the same values ofopenness and shared results and because of the quality assurance provided by the scrutiny

of peer review

This model works so well both in science and software because openness leads to scrutiny,and scrutiny leads to improvement and the correction of errors Openness also means theability to build on the results of others Newton himself said that if he saw further than oth-ers, it was “by standing upon the shoulders of giants.” This sums up very well the power

of collaborative development in any field It contrasts strongly with the traditional closedsource development model: a group of programmers working in secrecy with deadlines forwork to be handed to a manager In such a situation, a team member who knows that his workhas a bug in it has no incentive to tell anyone; when the program is finally released, no oneoutside the small development group can look at the code to understand why it does not work

as advertised In contrast, Eric Raymond coined a phrase to describe the power of having alarge open source developer community to debug code: “Given enough eyeballs, all bugs areshallow.”

The dramatic success of Linux and of other associated open source projects such as theApache web server and Samba are proof of the power of the open source developmentmethod

Linux has come a long way since its beginnings in the early 1990s In 1991, it was one man’shobby: Ten years later, in 2001, IBM announced that it was investing one billion dollars in itsLinux strategy

xxxii Introduction

Linux History

The beginning of Linux is usually dated to August 25, 1991, the date on which Linus Torvaldssent a posting to the comp.os.minix newsgroup describing the work he had done so far Hesubsequently invited others to join the project, made the code available by FTP, and offered

it under a license allowing free redistribution (originally a license that he wrote himself, butsoon afterward moving to the GNU GPL)

A worldwide community quickly arose, working on the Linux kernel and submitting code andpatches back to Torvalds to be incorporated into the kernel As time went on, the number ofpeople working on Linux grew rapidly, and systems were put in place to filter and channel theincoming code; however, Linus Torvalds has stayed in charge of the whole project, which hasremained independent of any particular vendor

The remarkable rate at which Linux grew and matured is well known: Linux is living proof ofthe power of the open source development model

Both the history of Linux and descriptions of the workings of open source development are

well described in many other publications Glyn Moody’s Rebel Code: Linux and the Open

Source Revolution has a very good history of Linux and the open source movement generally.

The classic exposition of why and how the open source development model works so well is

in Eric S Raymond’s The Cathedral and the Bazaar.

Both of these are recommended to any readers who want to know more about the history ofLinux and open source software, and particularly to anyone who has residual doubts aboutwhether free and open source software can really be secure or reliable

In the first few years of Linux, a number of “distributions” of Linux emerged It is important

to understand that, properly speaking, the term Linux refers only to the kernel To create a

system that you can install and run, much more is required, including in particular the whole

range of GNU utilities and a method of installing the system A distribution of Linux is a

com-plete set of packages built to work together around a Linux kernel, combined with a method

of easily installing the system to the hard disk

Many of the early Linux distributions have been forgotten But a few companies formed in theearly years began to produce important commercial versions of Linux: The most importantthen were Red Hat, Caldera, and SUSE The most influential early noncommercial (or possiblysemicommercial) distribution was Slackware, which played an important part in the early life

of SUSE (and which still exists) The Debian project began at around the same time and alsocontinues to this day as the “purest” Linux distribution from the point of view of the ideology

of software freedom

Red Hat’s IPO (stock market flotation) in mid-1999 was perhaps the event that put Linux onthe map for the wider world The subsequent dramatic rise and equally dramatic fall of thestock price were perhaps at the same time somewhat unfortunate because it gave the percep-tion that Linux was part of the “Internet bubble” — just another bright idea lacking a coherentbusiness model

However, the continual increase in the uptake of Linux by business and its endorsement bysome of the giants of the computer industry made its importance clear even to the doubters.Oracle announced support for Linux in mid-1998; Oracle installations on Linux are a signifi-cant factor in the acceptance of Linux in the enterprise market IBM began to take Linux veryseriously from 1998 onward and started offering ports of its software to Linux the following

Introduction

year (including the DB2 database and Domino server); now it forms a major part of the pany’s strategy

com-The past two to three years have brought us to a point where Linux is regarded as mainstream

All major industry players in both the hardware and software sectors (apart from Microsoftand its close collaborators) have adopted Linux or have a Linux strategy

The takeover of SUSE by Novell at the end of 2003, and Novell’s enthusiastic conversion toLinux, is a logical part of that process and is certain to accelerate Linux adoption globally

SUSE History

SUSE is the oldest existing commercial distribution of Linux The company was founded in

1992 near Nuremberg in Germany The first release of a Linux distribution by SUSE was early

The company was founded on September 2, 1992 The founders were Roland Dyroff, ThomasFehr, Burchard Steinbild, and Hubert Mantel, all in their mid-twenties at the time Three of thefounders were still at University studying mathematics: Thomas Fehr had already graduatedand was working as a software engineer The original intention was that the company would doconsulting work and software development for clients; according to Hubert Mantel’s account,this did not work out very well as work was in short supply, and after a while the group hadthe idea of distributing Linux Initially the company distributed a version of Linux called SLS(Soft Landing Systems) Later they switched to Slackware, producing a German-language ver-sion in cooperation with Slackware’s founder, Patrick Volkerding

According to Bodo Bauer’s recollection, the SUSE people decided that rather than constantlyfixing bugs in Slackware before shipping their translated and enhanced version, it would bebetter to produce their own distribution They also felt the lack of a good installation andconfiguration tool in Slackware The result was that SUSE took Florian LaRoche’s Jurix distri-bution as a starting point and started to develop YaST

The first true SUSE distribution was released in May 1996 and was numbered 4.2 (an

inten-tional reference to the use of the number 42 in The Hitchhiker’s Guide to the Galaxy by

Douglas Adams)

At the time that early versions of Red Hat (and Red Hat clones) were ubiquitous in the UnitedStates, SUSE Linux gained popularity in Europe SUSE became a worldwide company with theestablishment of offices in the United States (1997) and in the U.K (1999)

SUSE never attempted an IPO, although there were rumors that this would happen at onestage Instead, the company went through a number of rounds of funding from venture capi-talist and industry sources Over-optimism and too rapid an expansion led to a point in 2001when the company was forced to downsize significantly to survive After that time, stricter

xxxiv Introduction

financial discipline, the release of the enterprise versions, and the growing uptake of Linux

by business put the company on a sound footing With the takeover by Novell in 2003, theinvestors recouped their investment, while the market’s approval became very clear in thedramatic and sustained rise in Novell’s stock following the announcement

Originally SUSE provided one product (simply known as S.u.S.E Linux), which was releasedabout three times a year and was available for the x86 platform only The current SUSEProfessional is the direct descendant of this, and the current version number of 9.1 is one

of a series that goes back to the original 4.2

In 2000, the SUSE offering was split into Professional and Personal versions, and versions forother hardware platforms (Alpha, Sparc, and PPC) were released

The following year, SUSE released the Enterprise Server 7 version, and in due course, sions of Enterprise Server for IA64 (Itanium), PPC (intended for the IBM iSeries and pSeries),S/390, and zSeries were released SUSE developed powerful tools to aid in the process of port-ing Linux to other platforms, and there was close collaboration with IBM in the production

ver-of versions for the PPC-based iSeries and pSeries and for the S/390 and zSeries mainframes.SUSE also worked with AMD on the development of a version for the “Hammer” chip (nowknown as the Opteron and Athlon 64) The story goes that an entire distribution for thisarchitecture was completed and tested using emulation before AMD had any hardware tooffer; when the first machine arrived at SUSE from AMD, the installation CD booted andinstalled flawlessly

SUSE also released a series of mail server products leading up to the current SUSE LinuxOpenExchange Server 4 Enterprise Server 7 was succeeded by Enterprise Server 8 (available

on x86, IA64, AMD64, iSeries and pSeries and zSeries), and at the time of this writing, EnterpriseServer 9 has just been released Prior to the release of Enterprise Server 8 (in November 2002),the UnitedLinux consortium was established, with SUSE, Connectiva, Turbolinux, and SCO asmembers UnitedLinux was an agreed core, developed by SUSE for enterprise distributions to

be issued by the other vendors in the consortium Following the defection of SCO from theLinux community and its extraordinary decision to take legal actions against IBM and Linuxdistributors and users, the UnitedLinux consortium lost its importance

In the early days, SUSE appeared to be simply one of a large number of Linux distributions.However, unlike many of the other distributions, SUSE had a developer team of real quality andstrength in numbers This fact was not lost on IBM when they increasingly cooperated withSUSE in development work for their high-end platforms, and it gradually became apparent thatthere were really only two Linux companies that really mattered — namely, SUSE and Red Hat.Historically, however, there were some differences between the two companies’ philosophies.Both Red Hat and SUSE provided boxed versions of their “consumer” version for sale Red Hatoffered ISO images identical to the CDs in the boxed product for download; SUSE did not, butallowed an FTP installation SUSE somewhat controversially placed a licensing restriction onthe redistribution of the YaST installation and administration tool; while the source remainedopen, it was not permissible to redistribute YaST on media offered for sale This prevented aproliferation of SUSE clones in the way that there were numerous Linux distributions “based

on Red Hat.”

SUSE made a clearer distinction between their Enterprise and “consumer” versions than RedHat did Red Hat was already offering a commercial software maintenance and support system

on its “boxed product” (Red Hat 7.x, 8.x, and so on) when it introduced its Enterprise versions

(Advanced Server and Enterprise Server) Its subsequent withdrawal of all support for theboxed versions was something of a PR disaster for Red Hat and left many commercial usersfeeling very dissatisfied and looking for other options A considerable proportion of theseusers have migrated to SUSE

Introduction

The SUSE Family of Products

Now that we have introduced some of the history behind what this book is about, it’s time

to take a look at the software that SUSE currently offers SUSE makes a distinction between

“Business Customers” and “Home Users”: This is essentially the distinction between the sions that are sold with a paid-for software maintenance system and those that are not

ver-“Home Users”

The “Home Users” products are SUSE Linux Professional and SUSE Linux Personal These arethe direct descendants of the original SUSE Linux

SUSE Linux Professional

SUSE Linux Professional now contains versions for both the x86 and AMD64 platforms It consists of five CDs and two double-sided DVDs The five CDs form an installation set for x86machines One of the DVDs is an installation DVD for x86 on one side and for AMD64 on theother; the other DVD provides the source packages The Professional version contains a verywide range of software, including desktop and server software and development tools It actu-ally contains considerably more packages than the Enterprise Server versions but should beregarded as essentially an unsupported version

SUSE Linux Personal

SUSE Linux Personal is for x86 only It contains four CDs: Two of these contain the installationset, one contains source, and the other is a “Live CD” version This is a bootable CD that allowsyou to boot and run a SUSE Linux system without installing it to the hard disk It is intendedboth as a way of allowing users to check hardware compatibility and also to let people try outSUSE Linux before committing themselves The Live CD is also available as a download fromftp://ftp.suse.comand mirror sites The Personal version is mainly intended as a desktopsystem and for Linux beginners

From time to time SUSE has issued add-on disks for the Professional and Personal versions;

the latest of these was the “Wine Rack” CD issued alongside version 9.0 and including amongother things a copy of CodeWeaver’s CrossOver Office product, which makes it easy to runWindows programs on Linux

“Business Customers”

The most important difference between the “Home Users” versions and the “BusinessCustomers” versions is the way that you pay for them SUSE’s Enterprise Server and theother business products are offered only together with a subscription to a paid-for softwaremaintenance system

SUSE Linux Enterprise Server

The “flagship” product of SUSE is the SUSE Linux Enterprise Server (SLES) SUSE LinuxEnterprise Server is, as its name implies, a version of Linux intended for use in an enterpriseenvironment

While the Professional version focuses on being cutting-edge (containing the latest versions

of software) and experimental, the Enterprise Server concentrates on being stable, able, and certified So the software packages that make up the Enterprise Server have beencarefully chosen, and the entire distribution is subject to very careful quality control and testing This includes the all-important certifications by hardware and software vendors

support-xxxvi Introduction

Hardware from the major vendors, and particularly complete server systems from IBM, HP,Dell, Fujitsu Siemens, and others is certified against SLES Certified software includes a widerange of IBM products and software from SAP and Oracle Perhaps the most important ofthese from a business point of view is the certification by Oracle Details of all certificationsfor the SUSE Linux Enterprise Server are at www.suse.com/us/business/certifications/index.html

SLES is available for the following hardware platforms:

✦ x86

✦ x86-64 (AMD64 processors: Opteron and Athlon 64, and Intel’s EM64T)

✦ Itanium

✦ IBM iSeries and pSeries

✦ IBM mainframe (S/390 and zSeries)

On each of the supported hardware platforms, the kernel and package version numbersare the same; the entire environment is the same apart from those details that are hardware-specific This consistency is guaranteed by SUSE’s Autobuild system, which is a method usedinternally to create the software distribution from source code As a result, you can develop

on one hardware platform and deploy on another, or you can move production servers fromone architecture to another and have the assurance that everything will continue to work asexpected

The boxed copy of SLES 9 for the low-end platforms bundles the x86 and x86-64 versionstogether in one box, so it contains 12 CDs in all, 6 for each platform In each case the first CDstarts the installation and the bulk of the packages are on the other 5

SUSE Linux OpenExchange Server

The SUSE Linux OpenExchange Server (SLOX) is the latest incarnation in a series of mailserver products that SUSE has produced based around the Cyrus IMAP server SUSE LinuxOpenExchange Server 4 has gained considerable popularity as a mail server for medium-sizedorganizations It is a hybrid product; it combines well-known open source components with

a proprietary application server from Netline, which provides groupware functionality.During the production of this book, it was announced that the Netline application server is to

be released under the General Public License (GPL)

SLOX is a stand-alone product It is based on the same Linux version as SLES 8 and usesPostfix as its mail transport agent; Cyrus as the IMAP and POP server; and OpenLDAP for userinformation, address books, and authentication Groupware data is stored in a PostgreSQLdatabase

Virtually any mail client on any platform will operate as a client to SLOX To access the ware information, you have the choice of using the web interface or using Microsoft Outlook

group-in essentially the same way as it is used group-in conjunction with a Microsoft Exchange server Theability to offer this functionality is a major selling point for SLOX, particularly at a time whensupport for older versions of Microsoft Exchange is being discontinued

Note

Introduction

SUSE Linux OpenExchange Server is covered in detail in Chapter 29

SUSE Linux Desktop

Whether (or when) Linux becomes a serious contender on the business desktop has beencontroversial for some time In terms of usability, the latest versions of the KDE and GNOMEdesktops are comparable to Windows for most tasks In terms of manageability, running Linux

on desktops in place of Windows could save companies money in license fees and take away

a wide range of administrative headaches, particularly in terms of security and softwarelicensing and auditing OpenOffice and/or StarOffice are now capable of almost everythingthat Microsoft Office can do However, the devil is in the detail A very powerful factor pre-venting change is the use of particular specialized applications that may be available only

on Windows

SUSE’s spectacular success in persuading Munich City Council to move to Linux desktops got

a lot of publicity in mid-2003 Both IBM and Novell have signaled their determination to move

to Linux on the desktop internally, and despite the problems, there is a growing feeling thatthere will be a wider move toward Linux on desktops

Some months before buying SUSE, Novell acquired Ximian Ximian’s central involvement in theGNOME desktop project and particular applications for it (notably the Evolution mail client)was undoubtedly one factor in that decision and signals that the enterprise desktop is certainlypart of Novell’s thinking

It is interesting to note that Red Hat has also shown its interest in this area with the recentrelease of the Red Hat Desktop

Time will tell, and while even the authors of this book differ among themselves about thequestion of how soon Linux desktop adoption will take off in business, we have no doubtthat SUSE is committed to Linux on the desktop

The SUSE Linux Desktop is a business desktop version that is offered with a software tenance agreement and that additionally includes licensed copies of Sun’s StarOffice andCodeWeaver’s CrossOver Office (for running Windows applications) and a Citrix client Thesoftware comes on five CDs, and there is a surprising amount of software included The inclu-sion of CrossOver means that users can install and run most versions of Microsoft Office ifthey need to

main-At the time of this writing, an updated business desktop version is under development Norelease date has yet been announced, but it is rumored that it will be a Novell-branded ver-sion based on the current SUSE release with a default Ximian GNOME look and feel and willadd integration with certain existing Novell technologies, including iFolder

Cross-Reference