IT training train signal (lab 22) linux networks

56 INSTALLING LINUX DHCP SERVER.... 59 TEST LINUX DHCP SERVER WITH WINDOWS CLIENT .... Computer 2 Computer 2 will be named Server1 and the operating system on this computer will be Re

Linux Networking

Video CBT LAB SERIES

Linux Networking & Administration

Video CBT Lab 23

Red Hat Cerified Technician (RHCT) &

Linux Networking & Administration:

A complete Linux, Red Hat Certified Technician

(RHCT) & CompTia Linux +

Preparatory Course

Fast Track CBT Video Lab

Labs 1 - 10

About the Author

David Davis has been in the IT industry for 12 years Currently, he manages a group of

systems/network administrators for a privately owned retail company and also authors related material in his spare time He has written over fifty articles, eight practice tests and has co-authored one book His certifications include: IBM Certified Professional-AIX Support, MCSE + Internet, Sun Certified Solaris Admin (SCSA), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Wireless Network Administrator (CWNA), Cisco CCNA, CCDA, CCNP and CCIE #9369

IT-Train Signal, Inc

400 West Dundee Road

Copyright and other Intellectual Property Information

© Train Signal, Inc., 2002-2005 All rights are reserved No part of this publication, including written work, videos and on-screen demonstrations (together called “the Information” or “THE INFORMATION”) may be reproduced or distributed in any form

or by any means without the prior written permission of the copyright holder

Products and company names, including but not limited to, Microsoft, Novell and Cisco, are the trademarks, registered trademarks and service marks of their respective owners

Disclaimer and Limitation of Liability

Although the publishers and authors of the Information have made every effort to ensure that the information within it was correct at the time of publication, the publishers and the authors do not assume and hereby disclaim any liability to any party for any loss or damage caused by errors, omissions, or misleading information

SIGNAL, INC NOR ANY OF ITS SUPPLIERS MAKES ANY WARRANTY OF ANY KIND, EXPRESS OR IMPLIED TRAIN SIGNAL, INC AND ITS SUPPLIERS SPECIFICALLY DISCLAIM THE IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THERE IS NO WARRANTY OR GUARANTEE THAT THE OPERATION

OF THE INFORMATION WILL BE UNINTERRUPTED, ERROR-FREE, FREE, OR THAT THE INFORMATION WILL MEET ANY PARTICULAR CRITERIA OF PERFORMANCE OR QUALITY YOU ASSUME THE ENTIRE RISK

VIRUS-OF SELECTION, INSTALLATION AND USE VIRUS-OF THE INFORMATION

IN NO EVENT AND UNDER NO LEGAL THEORY, INCLUDING WITHOUT LIMITATION, TORT, CONTRACT, OR STRICT PRODUCTS LIABILITY, SHALL TRAIN SIGNAL, INC OR ANY OF ITS SUPPLIERS BE LIABLE TO YOU OR ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER MALFUNCTION, OR ANY OTHER KIND OF DAMAGE, EVEN IF TRAIN SIGNAL, INC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN NO EVENT SHALL TRAIN SIGNAL, INC BE LIABLE FOR DAMAGES IN EXCESS OF TRAIN SIGNAL, INC.'S LIST PRICE FOR THE INFORMATION

To the extent that this Limitation is inconsistent with the locality where you use the Software, the Limitation shall be deemed to be modified consistent with such local law

Choice of Law:

You agree that any and all claims, suits or other disputes arising from your use of the Information shall be determined in accordance with the laws of the State of Illinois, in the event Train Signal, Inc is made a party thereto You agree to submit to the jurisdiction of the state and federal courts in Cook County, Illinois for all actions, whether in contract or in tort, arising from your use or purchase of the Information

TABLE OF CONTENTS

INTRODUCTION 7

LAB SETUP 9

SETTING UP THE LAB 10

COMPUTER 1 12

COMPUTER 2 12

LAB SCENARIO 14

LAB 1 15

SELECT THE VERSION OF LINUX TO USE 16

DOWNLOAD AND CREATE CD MEDIA 17

INSTALLING FEDORA LINUX 20

LAB 2 35

LAB SCENARIO 36

INSTALLING DNS 37

CONFIGURING LINUX DNS SERVER 40

LAB 3 55

LAB SCENARIO 56

INSTALLING LINUX DHCP SERVER 57

CONFIGURING LINUX DHCP SERVER 59

TEST LINUX DHCP SERVER WITH WINDOWS CLIENT 64

LAB 4 69

LAB SCENARIO 70

CONFIGURING SAMBA 71

TESTING SAMBA 80

LAB 5 85

LAB SCENARIO 86

START APACHE WEB SERVER AND SET TO START AUTOMATICALLY 87

CONFIGURE APACHE AND CREATE A NEW VIRTUAL SERVER 91

TESTING THE NEW VIRTUAL SERVER 103

LAB 6 104

LAB SCENARIO 105

ADDING LINUX USERS AND GROUPS 106

SETTING PERMISSIONS ON FILES AND FOLDERS 111

TESTING LINUX SECURITY 117

LAB 7 132

LAB SCENARIO 133

CREATING A SPREADSHEET WITH OPENOFFICE CALC 134

CREATING A DOCUMENT WITH OPENOFFICE WRITER 138

TEST SHARING A FILE BETWEEN MS WORD AND OPENOFFICE WRITER 139

LAB 8 146

LAB SCENARIO 147

INSTALLING KDAR 148

PERFORMING A BACKUP WITH KDAR 162

RESTORING A FILE WITH KDAR 168

LAB 9 171

LAB SCENARIO 172

USING YUM 173

INSTALLING YUMEX (YUM GUI INTERFACE) 174

USING YUMEX TO PERFORM AN UPDATE 176

LAB 10 183

LAB SCENARIO 184

CONFIGURING THE FTP SERVER 185

STARTING THE FTP SERVER 188

TESTING OUR FTP SERVER CONFIGURATION 189

Introduction

Welcome to Train Signal!

This series of labs on Red Hat Linux is designed to give you detailed, hands-on experience of working with the Linux Operating System Train Signal’s Audio-Visual Lab courses are targeted towards the serious learner, those who want to know more than just the answers to the test questions We have gone to great lengths to make this series appealing to both those who are seeking the Red Hat Certified Technician (RHCT) or Linux+ certifications and to those who want an excellent overall knowledge of the Linux Operating System

Each of our courses puts you in the driver’s seat, working for different fictitious companies, deploying complex configurations and then modifying them as your company grows They are not designed to be a “cookbook lab,” where you follow the steps of the “recipe” until you have completed the lab and have learned nothing Instead, you recommend that you perform each step and then analyze the results of your actions in detail

To complete these labs yourself, you will need two computers equipped as described in the Lab Setup section You also need to have a foundation in Networking and TCP/IP concepts You should be comfortable with navigating through a graphical operating system Basic networking skills will also be very helpful These labs will start from a default installation of Red Hat Linux From there, you will be run through the basic configurations and settings for a variety of standard Linux services and applications It is very important

that you follow these guidelines exactly, in order to get the best results from this course

The course also includes a CD-ROM that features an audio-visual walk-through of all of the labs in the course In the walk-through, you will be shown all of the details from start to finish on each step, for every lab in the course During the instruction, you will also benefit from live training that discusses the current topic in great detail, making you aware of many

of the associated fine points

Thanks for choosing Train Signal!

Scott Skinger

Owner

Lab Setup

Setting up the Lab

1 Computer Equipment Needed

Networked connection to the Internet required to download and install many packages in these labs A high-speed Internet connection (i.e DSL, Cable, T1, etc) would be ideal

Enterprise Linux 3 or 4, Fedora, or clones will all work)

Red Hat Fedora Linux Version 5 Microsoft Office Suite

You are strongly urged to acquire all of the recommended equipment in the list above It can all be easily purchased from eBay or another source, for around $500 (less if you already have some of the equipment) This same equipment is used over and over again in all of Train Signal’s labs and will also work great in all sorts of other network configurations that you may want to set up in the future It will be an excellent investment in your education

equipment Two other products that you may also want to look into are a KVM Video-Mouse) switch and a disk-imaging product, such as Norton Ghost The KVM switch will allow you to run all of your computers using a single keyboard/monitor/mouse set A button allows you to quickly control which PC you are managing Disk imaging software will save you a tremendous amount of time when it comes to reinstalling operating systems for future labs Many vendors offer trial versions or personal versions of their products that are very inexpensive

(Keyboard-2 Computer Configuration Overview

IP Address Subnet 255.255.255.0 IP 192.168.1.10 Subnet 255.255.255.0 IP 192.168.1.100

http://www.trainsignal.com/legalinfo.html

3 Detailed Lab Configuration

Computer 1

Computer 1 will be named Client1 and the operating system on this computer will be Windows XP Pro You should also install Service Pack 2 or later to avoid any unforeseen problems Have Microsoft Word installed as well as we will use it to test file sharing between Word and the Linux freeware version of Word

Client1 will have one NIC with a static IP address of 192.168.1.10 and a 255.255.255.0

subnet mask You are also welcome to use DHCP for both Client and Server as long as you keep in mind that you will have to substitute the proper DHCP IP address for the static addresses defined in this lab book If you use the static IP addresses, make sure that these addresses do not overlap with any existing IP addresses already on your LAN (assuming you connect these machines to your LAN) The default gateway will be your local router that connects to your Internet Service Provider Initially, you should match the DNS server of your Client and Server to match the DNS server information from your ISP Many times, this DNS server information will be obtained from your Router/AP Later in these labs, you will be configuring a Linux server using Red Hat and configuring your client’s DNS to be that Red Hat Linux DNS server The Client is in a workgroup named WORKGROUP but will soon be moved to a domain when we configure the Linux Samba server See figure 1, next page

Computer 2

Computer 2 will be named Server1 and the operating system on this computer will be Red

Hat Linux Fedora Core Version 5 However, most exercises will work on Red Hat Version

9, Enterprise Linux, or another version of Fedora Linux The NIC in Server1 will have a

static IP address of 192.168.1.100 and a subnet mask of 255.255.255.0 The default gateway should be set to 192.168.1.1 The DNS server information should match that of your

Internet Service Provider See figure 1, next page

Router Internal IP - 192.168.1.1 Internal SM - 255.255.255.0

External IP, SM, DG, and DNS via ISP’s DHCP

Client 1

IP - 192.168.1.10

SM - 255.255.255.0

DG - 192.168.1.1 DNS - match ISP’s

Red Hat Fedora Core Version 5

(figure 1)

***Important Note***

This lab should NOT be performed on a live production network You should only use computer equipment that is not part of a business network AND that is not connected to a business network Train Signal Inc is not responsible for any damages Refer to the full disclaimer and limitation of liability which appears at the beginning of this document and on our Web site at:

www.trainsignal.com

Lab Scenario

Big Sky Fishing Supply (www.bigskkyfishingsupply.com) in Bozeman, Montana, sells fishing supplies They sell rods, reels and anything else related to fishing through their retail locations and through their e-commerce website Big Sky is also a wholesaler to many different fishing stores and other retail outlets around the country

Big Sky Fishing Supply is converting their retail outlet in Bozeman, Montana to Linux They will use Linux for the following services: file sharing, web serving, FTP, DHCP and DNS This will be a pilot test of the Linux operating system for Big Sky Fishing If this test is successful, they plan to convert all retail stores, the corporate office and their e-commerce web servers to Linux They could save thousands of dollars in licensing fees and maintenance by doing this Because of the potential cost savings and the high profile of this pilot, the CIO considers this Linux implementation very critical

As a contractor, you will be solely responsible for implementing the new Big Sky Fishing Supply Linux server implementation During this process, you will start by installing a new Linux server From there you will install, configure and test a variety of critical Linux infrastructure applications You will have a Windows client that you use for testing

Before starting any of the labs you should ensure that you have setup your network according to the lab setup section which can be found earlier in this lab

Lab 1

Fedora Linux Installation You will learn how to:

• Select the version of Linux to use

• Download Linux and create CD Media

• Install Fedora Linux

Select the version of Linux to use

Red Hat offers a variety of Linux versions Here is a short breakdown of them:

Server

Red Hat Enterprise Linux AS – for high-end servers

Red Hat Enterprise Linux ES – for mid-range servers

Workstation

Red Hat Enterprise Linux WS – for technical workstations and power desktops

Red Hat Enterprise Linux Desktop – for volume client deployments

• Support services included for that version of Red Hat

• Platforms that that version is available for

• Number of CPUs and amount of RAM supported

• Packages included Specifically, the packages that are not in Enterprise Linux WS or Red Hat Desktop include: amanda-server, arptables_jf, bind, caching-nameserver, dhcp, freeradius, inews, inn, krb5-server, netdump-server, openldap-servers, pxe, quagga, radvd, rarpd, redhat-config-bind, redhat-config-netboot, tftp-server, tux, vsftpd and ypserv

• However, Fedora includes most all packages included in the server versions of Enterprise Linux

The server and workstation versions must be bought The WS version starts at $179 but is available as a 30 day evaluation For the purpose of installing Red Hat Linux on this Big Sky

Fishing Supply server, you should use the free version of Red Hat Linux, called Fedora

This way, you get all applications we will practice on and there is no cost or time limit for use However, if you are preparing for the RHCT exam, you may want to download the evaluation version of Red Hat Enterprise Linux WS to practice with

Download and create CD media

1 To obtain Red Hat Fedora, go to www.redhat.com and click on Download

2 Next, click on the Download link, under the Fedora section

3 Read through the download and installation instructions to familiarize yourself with

Fedora’s download process

4 Click on the Download link

5 Next, choose your platform, i386 (unless you are using a 64-bit machine)

If you have trouble getting here, you can go to:

http://download.fedoraproject.org/pub/fedora/linux/core/5/i386/iso/

You will be taken to a random download mirror site for Fedora Linux Thus, it may look like this or it may look different Either way, the files you want to download are the same

Download each of these FC-5-i386-discX.iso files where X is 1, 2, 3, 4 and 5 As these

files are about 600MB each, they will take some time to download

Once downloaded, you need to create 5 CDs out of these 5 CD images (the ISO files

that you have downloaded) This can be done with just about any CD recording software and a CD-R drive Once you have the 5 CDs created, move on to installing the software

http://www.daemon-tools.cc/) to just mount the ISO CDs directly, without ever having to burn them to a

CD

Another option, available on some mirrors, is to download a 3+GB DVD file and to burn a DVD of the entire Fedora distribution on a single DVD

Installing Fedora Linux

1 To install Red Hat Linux, insert CD #1 in your CD drive and power on your Server1

system The server should find the CD in the drive and boot from it You should see a screen that looks like the one below

2 You can press F2 to see the boot loader options, like this:

3 Normally, you will just press the Enter key to begin the boot, with the default settings,

in graphical mode After pressing enter, you will see a lot of text information scroll by quickly This is the Red Hat system starting up

You will now see a colorful text menu screen, asking if you want to test the CD media

for errors Note that your mouse doesn’t work here You need to either use tab or the

right arrow to move over to the skip button Once there, either press the space bar or enter to select

4 Now, Anaconda, the Fedora Linux Installer, will start up and the screen resolution will change from 640x480 to 800x600 Here is what you will see:

5 Your mouse should now function Use it to click Next On the language selection, take the English default by clicking Next (assuming that is your choice) On the keyboard selection, take the default of US English by clicking Next (assuming that is your

choice).Assuming you have a blank hard drive, you will be told that the partition table is unreadable and you will be asked if you want to initialize the drive and erase all data

6 Click Yes You are now in the Disk Partitioning Setup section The simplest choice here

is to take the defaults However, if you have some more advanced knowledge, you can

review and modify the partition layout using that option

7 Click Next On a new installation, like this one, you will get a message that says that the

partition table on device sda was unreadable and you must initialize the drive to continue

8 This is required so click Yes Now you are at the networking configuration screen It is

here that you either take the default of configuring the Linux system’s IP address information via DHCP (from a DHCP server on your network) or using static IP address information In most cases, DHCP works fine, just as you would on a Windows workstation However, in our case, we have some specific static information we want to configure

9 Click Edit on the Network Device section A window will come up In that window, uncheck the Configure using DHCP option and fill in the static IP address and subnet

mask, like this:

10 Back on the main network configuration screen, put in a hostname for this Linux

system The hostname should be Server1.BigSkyFishingSupply.com Enter the

gateway from the setup section of 192.168.1.1 (or whatever your local router’s gateway

is) Enter the primary and secondary DNS IP addresses that are provided by your

Internet Service Provider or this information for already existing DNS servers on your LAN When you are done, the screen should look similar to this:

11 Click Next to continue On the next screen, set the time zone to North Dakota /

Central because that is where the Big Sky Fishing Supply Company is located

12 Click Next On the next screen, type in the root password The root password is the

administrator and “super-user” for this computer Because root has unlimited power on

this Linux system you should choose a secure root password For the purposes of this lab, type in Fishing123 in both blanks and click Next

13 You are now at the package group selection screen As we chose a custom install, you

must choose your list of packages to be installed Click Customize Now Click Next

14 On the next screen, use the sections on the left to choose the following additional packages (in addition to what is already checked):

15 The next screen says that you are about to install the operating system Click Next

16 The file systems will be formatted and the installation process will begin Assuming you are installing from CDs, at various points in the installation, you will be asked to insert the remaining installation CDs This whole copying process can take about 45 minutes, depending on the speed of the machine, CD drive and Disk Once the copy process is completed, you should see a screen that looks like this:

17 Click Reboot and the system will restart The boot will go through various phases Once the boot is successful, you will see this, “Welcome to Fedora” message

18 Click Forward Now click Yes, and Forward to accept the license agreement You are

now at the firewall configuration screen I recommend disabling the firewall for these labs, to prevent any problems If this machine moves from being a test machine to a production machine, you should test enabling the firewall at that point to protect your

production machine Change the Firewall option from Enabled to Disabled Click

Forward and then click Yes to continue without enabling the firewall

19 You are now asked about SeLinux (Security Enhanced Linux) SeLinux provides

additional security over regular Linux Security Choose the Permissive setting for SeLinux as we don’t want to begin enforcing at this time Click Forward

20 In the next screen, you will be asked to either set the date and time or to use a network time protocol (NTP) server If you don’t have a NTP server on your network already, Red Hat Linux offers some of the standard Internet NTP server domain names In our case, let’s say that Big Sky Fishing Supply wants this server to use the Internet NTP

servers to obtain its date and time information So click on the Network Time Protocol tab On this window, check the checkbox to Enable Network Time Protocol You will

be using the default servers Your window should look like this:

21 Click Forward and the system will attempt to contact the NTP servers on the Internet

On the next screen, you will be asked for the resolution and color depth for the Linux

console monitor The default is fine

22 Click Forward You will be prompted to create a regular user login (non-superuser) Create a user called testuser and set the password to bigskyfishing

23 Click Forward Click Finish on the soundcard screen that appears

24 Some flashes of the screen will happen and you will be asked to login to the system Login as root with the password you configured

25 You should now see the screen below and be logged on to Fedora Linux

The installation process and Lab 1 are now complete

At this point, I highly recommend opening the web browser on the newly installed

server and testing browsing to the Internet Assuming this is successful, you have proved that you have a network connection and valid network settings

Lab 2

Using Linux as a DNS Server

You will learn how to:

• Install the DNS Management Tool

• Configure DNS

• Test DNS

Lab Scenario

When installing your Linux server, you used the DNS IP addresses from your Internet Service Provider This was so your Linux server could have Internet access for registration and network time protocol

However, at Big Sky Fishing Supply, your goal is to replace your existing Windows DNS server with the new Linux DNS Server This Linux DNS Server will provide local DNS name resolution When this local DNS server cannot resolve the name requested (such as an Internet DNS name), it will forward that request to the Internet DNS servers, located at your ISP

To accomplish this, we will:

1 Install the DNS management tool on the Linux server

2 Configure DNS to provide local name resolution

3 Test name resolution from your Client1 (Windows XP Client) to the Linux DNS Server Please note that DNS Server in Linux is called BIND BIND stands for Berkley Internet Name Domain

Installing DNS

We installed the DNS server when we installed Linux However, we did not install the DNS graphical management tool Of course, DNS can be administered and fully configured from the command line However, configuring Linux DNS from the command line is challenging, even for an experienced Linux user

1 To install the DNS GUI management tool, go to Applications Æ Add/Remove

Software

2 The Package Manager window will appear Click on the Servers section on the left hand

side

3 Click on the Server Configuration Tools section and then click Optional Packages

4 Check the checkbox next to system-config-bind This is the DNS graphical configuration tool Once this is checked, click Close, then click Apply back on the

Package Manager window You will see this window:

5 Click Continue The package will be downloaded from the Internet

6 When you are asked if you want to import the key, click Import Key The DNS

management utility files will be copied and your update is complete

Click OK The Package Manager application will then automatically close The

installation of the DNS GUI tool is complete