IT training hill fedora core 7 and red hat enterprise linux the complete reference jun 2007

He is the author of Linux: The Complete Reference all six editions, Red Hat Enterprise and Fedora Linux: The Complete Reference, Red Hat Linux, Linux Programming, Red Hat Linux Administr

Date: 2007.12.30 18:22:57 +02'00'

Linux: The Complete Reference

The material in this eBook also appears in the print version of this title: 0-07-148642-9.

All trademarks are trademarks of their respective owners Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trade- mark Where such designations appear in this book, they have been printed with initial caps

McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs For more information, please contact George Hoare, Special Sales, at george_hoare@mcgraw-hill.com or (212) 904-4069 TERMS OF USE

This is a copyrighted work and The McGraw-Hill Companies, Inc (“McGraw-Hill”) and its licensors reserve all rights in and to the work Use of this work is subject to these terms Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy

of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, tribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior consent You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited Your right to use the work may be terminated

dis-if you fail to comply with these terms

THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUD- ING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WAR- RANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE McGraw-Hill and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom McGraw-Hill has no responsibility for the content of any information accessed through the work Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, conse- quential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibili-

ty of such damages This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise

DOI: 10.1036/0071486429

We hope you enjoy this McGraw-Hill eBook! If you’d like more information about this book, its author, or related books and websites,

please click here.

Want to learn more?

He is the author of Linux: The Complete Reference (all six editions), Red Hat Enterprise and Fedora Linux: The

Complete Reference, Red Hat Linux, Linux Programming, Red Hat Linux Administrator’s Reference, Linux

Programmer’s Reference, Introductory C with C++, Introductory Command Line Unix for Users, and many

other books He is a contributor to the

linux.sys-con.com (LinuxWorld Magazine) with articles on IPv6,

Fedora operating system, Yum, Fedora repositories, the Global File System (GFS), udev device

management, and the Hardware Abstraction Layer (HAL)

About the Technical Editor

Dr Ibrahim Haddad is currently Director of Embedded & Open Source Technology at Motorola

In this role he is responsible for defining and developing the requirements for Motorola Software Group’s open source initiatives Prior to Motorola,

Dr Haddad managed the Carrier Grade Linux and Mobile Linux Initiatives at the Open Source Development Lab (OSDL) which included promoting the development and adoption of Linux and Open Source software in the communications industry He

is the co-author of two books on Red Hat Linux and

Fedora, a contributing editor of the Linux Journal,

Linux Planet, and Enterprise Open Source Magazine,

and a featured speaker and panelist at industry conferences such as Linux World, GlobalComm, Ottawa Linux Symposium, and at academic conferences hosted by IEEE, ACM, and USENIX He received his B.Sc and M.Sc in Computer Science from the Lebanese American University, and his Ph.D in Computer Science from Concordia University in Montreal, Canada

Copyright © 2007 by The McGraw-Hill Companies C lick here for terms of use.

Acknowledgments xxix

Introduction xxxi

Part I Getting Started 1 Introduction to Red Hat and Fedora Linux 3

Red Hat and Fedora Linux 5

The Fedora Project 6

Red Hat Enterprise Linux 6

CENTOS: Community Enterprise Operating System 7

Red Hat and Fedora Documentation 7

Fedora 7 9

Fedora Live CD 11

Operating Systems and Linux 12

History of Linux and Unix 13

Unix 13

Linux 14

Linux Overview 15

Open Source Software 16

Linux Software 17

Fedora Software Repositories 17

Third-Party Linux Software Repositories 18

Linux Offi ce and Database Software 19

Internet Servers 19

Development Resources 21

Online Linux Information Sources 21

Linux Documentation 21

2 Installing Fedora 25

Key Feature of Fedora Installation 25

Minimal Install Strategy with Desktop Spins: Making Use of Repositories 26

Minimal Install Strategy with Fedora Live CD: First Time Installs 26

Obtaining the CDs and DVDs 27

Installation Overview 28

Install Sources 29

Install Confi gurations 29

Install Procedures 29

Installing Dual-Boot Systems 30

Simple Graphical Direct Install with DVD/CD-ROMs 30

Hardware, Software, and Information Requirements 32

Hardware Requirements 32

Hard Drive Confi guration 33

Information Requirements 33

v

CD-ROM, Hard Disk, and Mouse Information 33

Network Confi guration Information 34

Boot Source Options 34

Install Methods 35

Virtual Network Computing 36

Automating Installation with Kickstart 36

Installing Linux 37

Starting the Installation Program 38

Install Hardware Detection 39

Initial Setup: Upgrade or Install 39

Partitions, RAID, and Logical Volumes 39

Partition 40

Custom and Review Partitioning 40

Boot Loaders 43

Network Confi guration 43

System Confi guration 44

Software Installation 44

Finishing Installation 46

GRUB on Restart 46

Setup 47

Firewall and SELinux 47

Date and Time 47

Hardware Profi le Reporting 48

Create User 48

Sound Confi guration 48

Login and Logout 48

Boot Disks 49

Rescue 49

Re-installing the Boot Loader 50

Creating Your Own Fedora Install Spins with Pungi 50

3 Interface Basics: Login, Desktop, Help, Repositories, Multimedia, and Spins 55

User Accounts 55

Accessing Your Linux System 56

The Display Manager: GDM 56

The User Switcher 57

Accessing Linux from the Command Line Interface 58

Shutting Down Linux from the Command Line 59

The GNOME and KDE Desktops 59

Fedora Desktop 60

GNOME 60

GNOME Preferences 63

GNOME Applets 65

KDE 65

Starting a GUI from the Command Line 66

Desktop Operations 66

Desktop Font Sizes 66

Confi guring Your Personal Information 66

Sessions 67

Beagle: Searching fi les 67

Accessing File Systems, Devices, and Remote Hosts 69

Using Removable Devices and Media 70

Burning DVD/CDs with GNOME 71

Installing Multimedia Support: MP3, DVD, and DivX 71

Command Line Interface 72

Help Resources 73

Context-Sensitive Help 73

Application Documentation 73

The Man Pages 74

The Info Pages 75

Web Resources 75

Using Fedora Software Repositories 75

Using Repositories to Complete Your Installation 76

Repository Incompatibilities 77

Pirut 77

Yum Extender: yumex 77

Fedora Repository 79

Livna 79

Freshrpms 80

Installing Some Popular Packages 81

Java Applications: jpackage.org 83

Windows Access and Applications 84

Setting Up Windows Network Access: Samba 84

Running Windows Software on Linux: Wine 85

4 System Confi guration 89

Fedora Administrative Tools 90

Editing Confi guration Files Directly 90

Simple Administrative Tasks 92

Login Screen 93

Confi guring Users 93

Printer Confi guration 94

New Printers 95

Editing Printers 96

Remote Printers 98

X Window System Confi guration: system-confi g-display and Vendor Drivers 99

system-confi g-display 99

Video Graphics Card Driver Support: ATI, NVIDIA, and Livna 100

Updating Fedora and Enterprise Linux: PUP and RHN 102

Installing Software Packages 103

Installing with Yum 104

Pirut Package Manager: A Repository Model of Software Management 105

Third-Party Kernel Module Updates 106

Installing Packages Manually with the rpm Command 107

Package Security Check 109

Installing Source Code Applications 110

Security Confi guration 111

Security Services 112

Authentication Confi guration 113

Unsupported Drivers 114

Installing Access for Local Windows NTFS File Systems 115

NTFS Read/Write Access: ntfs-3g 115

NTFS Project Read-Only: Livna 116

DKMS 117

Bluetooth 117

Bluetooth Confi guration 117

Personal Area Networks: PAN 118

5 Network Confi guration 119

Network Information: Dynamic and Static 119

Network Manager 121

Network Confi guration with Fedora Network Tools 122

system-confi g-network 123

Confi guring New Network Devices Manually 126

Virtual Private Networks 128

Interface Confi guration Scripts: /etc/sysconfi g/network-scripts 128

Command Line PPP Access: wvdial 129

Manual Wireless Confi gurations 131

iwconfi g 131

iwpriv 132

iwspy 133

iwlist 133

linux-wlan 133

Setting Up Your Firewall: system-confi g-securitylevel 133

Infi niBand Support 134

Confi guring a Local Area Network 135

Part II Environments 6 GNOME 139

Fedora Desktop Look and Feel 140

GNOME 2.x Features 141

GNOME 2.x Desktop Features 141

GNOME 2.x File Manager Features 143

GTK+ 143

The GNOME Interface 144

GNOME Components 145

Quitting GNOME 146

GNOME Help 146

The GNOME Desktop 146

Drag and Drop Files to the Desktop 146

Applications on the Desktop 147

GNOME Desktop Menu 148

Window Manager 148

The GNOME Volume Manager 149

The GNOME File Manager: Nautilus 150

Nautilus Window 151

Nautilus Sidebar: Tree, History, and Notes 152

Displaying Files and Folders 153

Nautilus Menu 153

Navigating Directories 153

Managing Files 154

Application Launcher 157

File and Directory Properties 157

Nautilus Preferences 158

Nautilus as a FTP Browser 159

The GNOME Panel 159

Panel Properties 160

Panel Objects 162

Special Panel Objects 164

GNOME Applets 164

Workspace Switcher 165

GNOME Window List 165

GNOME Confi guration 165

GNOME Directories and Files 166

GNOME User Directories 166

The GConf Confi guration Editor 166

7 The K Desktop Environment: KDE 171

The Qt Library 173

Confi guration and Administration Access with KDE 173

The KDE Desktop 174

KDE Menus 175

Quitting KDE 175

KDE Desktop Operations 176

Accessing System Resources from the File Manager 176

Confi guring Your Desktop 177

Desktop Link Files and URL Locations 178

KDE Windows 178

Virtual Desktops: The KDE Desktop Pager 179

KDE Panel: Kicker 180

The KDE Help Center 181

Applications 181

Application Standard Links 182

Application Desktop Links 182

Mounting Devices from the Desktop 183

KDE File Manager and Internet Client: Konqueror 183

Konqueror Window 184

Navigation Panel 185

Search 185

Navigating Directories 186

Copy, Move, Delete, Rename, and Link Operations 187

Web and FTP Access 187

Confi guring Konqueror 188

KDE Confi guration: KDE Control Center 189

.kde and Desktop User Directories 191

MIME Types and Associated Applications 191

KDE Directories and Files 191

8 The Shell 193

The Command Line 193

Command Line Editing 195

Command and Filename Completion 196

History 197

History Events 198

History Event Editing 200

Confi guring History: HISTFILE and HISTSAVE 201

Filename Expansion: *, ?, [ ] 201

Matching Multiple Characters 203

Matching Single Characters 203

Matching a Range of Characters 204

Matching Shell Symbols 204

Generating Patterns 205

Standard Input/Output and Redirection 205

Redirecting the Standard Output: > and >> 206

The Standard Input 208

Pipes: | 209

Redirecting and Piping the Standard Error: >&, 2> 210

Jobs: Background, Kills, and Interruptions 211

Running Jobs in the Background 212

Referencing Jobs 212

Job Notifi cation 212

Bringing Jobs to the Foreground 213

Canceling Jobs 213

Suspending and Stopping Jobs 213

Ending Processes: ps and kill 214

Shell Variables 214

Defi nition and Evaluation of Variables: =, $, set, unset 215

Values from Linux Commands: Back Quotes 216

Shell Scripts: User-Defi ned Commands 217

Executing Scripts 217

Script Arguments 218

Control Structures 219

Test Operations 219

Conditional Control Structures 221

Loop Control Structures 223

Filters and Regular Expressions 224

Searching Files: grep 225

Regular Expressions 225

9 Shell Confi guration 227

Aliases 228

Aliasing Commands and Options 228

Aliasing Commands and Arguments 229

Aliasing Commands 229

Controlling Shell Operations 230

Environment Variables and Subshells: export 230

Confi guring Your Shell with Shell Parameters 231

Shell Parameter Variables 233

Confi guring Your Login Shell: bash_profi le 238

Confi guring the BASH Shell: bashrc 242

The BASH Shell Logout File: bash_logout 243

Initialization and Confi guration Files 244

Confi guration Directories and Files 245

10 Managing Linux Files and Directories: Directories, Archives, and Compression 247

Linux Files 248

The File Structure 250

Home Directories 250

Pathnames 251

System Directories 252

Listing, Displaying, and Printing Files: ls, cat, more, less, and lpr 252

Displaying Files: cat, less, and more 254

Printing Files: lpr, lpq, and lprm 254

Managing Directories: mkdir, rmdir, ls, cd, and pwd 255

Creating and Deleting Directories 256

Displaying Directory Contents 256

Moving Through Directories 256

Referencing the Parent Directory 257

File and Directory Operations: fi nd, cp, mv, rm, and ln 257

Searching Directories: fi nd 258

Copying Files 259

Moving Files 262

Copying and Moving Directories 263

Erasing Files and Directories: the rm Command 263

Links: the ln Command 263

The mtools Utilities: msdos 265

Archiving and Compressing Files 266

Archiving and Compressing Files with File Roller 266

Archive Files and Devices: tar 267

File Compression: gzip, bzip2, and zip 272

Part III Applications 11 Offi ce and Database Applications 277

Running Microsoft Offi ce on Linux: CrossOver 278

OpenOffi ce 279

KOffi ce 280

KOffi ce Applications 281

KParts 282

GNOME Offi ce 282

Document Viewers (PostScript, PDF, and DVI) 284

PDA Access 284

Database Management Systems 285

SQL Databases (RDMS) 286

Xbase Databases 287

Editors 288

GNOME Editor: Gedit 289

K Desktop Editors: Kate, KEdit, and KJots 289

The Emacs Editor 289

The Vi Editor: Vim and Gvim 290

12 Graphics Tools and Multimedia 295

Graphics Tools 295

Photo Management Tools: F-Spot and digiKam 295

KDE Graphics Tools 297

GNOME Graphics Tools 297

X Window System Graphic Programs 297

Multimedia 298

GStreamer 299

Sound Applications 301

CD Burners and Rippers 302

Video Applications 302

13 Mail and News Clients 307

Mail Clients 307

MIME 308

Evolution 309

Thunderbird 310

GNOME Mail Clients: Evolution, Balsa, and Others 311

The K Desktop Mail Client: KMail 312

SquirrelMail Web Mail Client 313

Emacs 313

Command Line Mail Clients 313

Notifi cations of Received Mail 316

Accessing Mail on Remote POP Mail Servers 316

Mailing Lists 317

Usenet News 318

Newsreaders 319

News Transport Agents 320

14 Web, FTP, and Java Clients 323

Web Clients 323

URL Addresses 324

Web Browsers 325

Creating Your Own Web Site 329

Java for Linux 329

jpackage, Sun, and Java-like (java-gcj-compat) 330

Installing the Java Runtime Environment: JRE 331

Enabling the Java Runtime Environment for Mozilla/Firefox 331

The Java Applications 332

The Java 2 Software Development Kit 332

FTP Clients 332

Network File Transfer: FTP 333

Web Browser–Based FTP: Firefox 334

The K Desktop File Manager: Konqueror 334

GNOME Desktop FTP: Nautilus 334

gFTP 335

wget 335

curl 335

ftp 336

Automatic Login and Macros: netrc 339

lftp 341

NcFTP 342

15 Network Tools 343

Network Information: ping, fi nger, traceroute, and host 343

GNOME Network Tools: gnome-nettool 343

ping 344

fi nger and who 345

host 345

traceroute 345

Network Talk and Messenger Clients: VoIP, ICQ, IRC, AIM, and Talk 346

Ekiga 346

ICQ 347

Instant Messenger 347

Telnet 348

RSH, Kerberos, and SSH Remote Access Commands 349

Remote Access Information 350

Remote Access Permission: k5login 350

rlogin, slogin, rcp, scp, rsh, and ssh 351

Part IV Security 16 Encryption, Integrity Checks, and Signatures: GNU Privacy Guard 355

Public Key Encryption, Integrity Checks, and Digital Signatures 355

Public-Key Encryption 356

Digital Signatures 356

Integrity Checks 356

Combining Encryption and Signatures 357

GNU Privacy Guard 358

GnuPG Setup: gpg 358

Using GnuPG 363

Checking Software Package Digital Signatures 365

Importing Public Keys 365

Validating Public Keys 366

Checking RPM Packages 366

Intrusion Detection: Tripwire and AIDE 367

Encrypted File Systems: luks 367

17 Security-Enhanced Linux: SELinux 369

Flask Architecture 370

SELinux Policy Packages 371

System Administration Access 372

Terminology 372

Identity 373

Domains 373

Types 374

Roles 374

Security Context 374

Transition: Labeling 374

Policies 375

Multilayer Security (MLS) and Multicategory Security (MCS) 375

Management Operations for SELinux 375

Turning Off SELinux 375

Checking Status and Statistics 376

Checking Security Context 376

SELinux Management Tools 376

Confi guration with system-confi g-selinux 377

SELinux Troubleshooting and audit2allow 380

semanage 381

The Security Policy Analysis Tool: apol 382

Checking SELinux Messages: seaudit 382

The SELinux Reference Policy 382

Multilayer Security (MLS) 382

Multicategory Security (MCS) 383

Policy Methods 383

Type Enforcement 383

Role-Based Access Control 383

SELinux Users 383

Policy Files 383

SELinux Confi guration 384

SELinux Policy Rules 384

File Contexts 386

User Roles 386

Access Vector Rules: allow 386

Role Allow Rules 387

Transition and Vector Rule Macros 387

Constraint Rules 387

SELinux Policy Confi guration Files 387

Compiling SELinux Modules 388

Using SELinux Source Confi guration 388

InterfaceFiles 390

Types Files 390

Module Files 390

Security Context Files 390

User Confi guration: Roles 390

Policy Module Tools 391

Application Confi guration: appconfi g 391

Creating an SELinux Policy: make and checkpolicy 391

SELinux: Administrative Operations 392

Using Security Contexts: fi xfi les, setfi les, restorecon, and chcon 392

Adding New Users 392

RuntimeSecurity Contexts and Types: Contexts 393

18 Internet Protocol Security: IPsec 395

IPsec Protocols 396

IPsec Modes 396

IPsec Security Databases 397

IPsec Tools 397

Confi guring IPsec with system-confi g-network 397

Confi guring Connections with setkey 399

Security Associations: SA 399

Security Policy: SP 399

Receiving Hosts 400

Two-Way Transmissions 400

Confi guring IPsec with racoon: IKE 401

Certifi cates 402

Connection Confi guration with racoon 403

IPsec and IP Tables: Net Traversal 403

IPsec Tunnel Mode: Virtual Private Networks 403

19 Secure Shell and Kerberos 405

The Secure Shell: OpenSSH 405

SSH Encryption and Authentication 406

SSH Tools 407

SSH Setup 408

SSH Clients 411

Port Forwarding (Tunneling) 413

SSH Confi guration 414

Kerberos 414

Kerberos Servers 415

Authentication Process 416

Kerberized Services 417

Confi guring Kerberos Servers 417

20 Network Firewalls: Netfi lter 419

Firewalls: IPtables, NAT, and ip6tables 419

IPtables 420

ip6tables 421

Modules 421

Packet Filtering 421

Chains 422

Targets 422

Firewall and NAT Chains 423

Adding and Changing Rules 423

IPtables Options 424

Accepting and Denying Packets: DROP and ACCEPT 424

User-Defi ned Chains 427

ICMP Packets 427

Controlling Port Access 428

Packet States: Connection Tracking 429

Specialized Connection Tracking: ftp, irc, Amanda, tftp 430

Network Address Translation (NAT) 431

Adding NAT Rules 431

Nat Targets and Chains 431

Nat Redirection: Transparent Proxies 433

Packet Mangling: the Mangle Table 433

IPtables Scripts 433

Red Hat and Fedora IPtables Support 434

Red Hat and Fedora ip6tables Support 437

An IPtables Script Example: IPv4 437

IP Masquerading 445

Masquerading Local Networks 446

Masquerading NAT Rules 446

IP Forwarding 447

Masquerading Selected Hosts 447

Part V Red Hat and Fedora Servers 21 Managing Services 451

System Startup Files: /etc/rc.d and /etc/sysconfi g 451

rc.sysinit and rc.local 451

/etc/rc.d/init.d 452

SysV Init: init.d Scripts 453

Starting Services: Stand-Alone and xinetd 455

Starting Services Directly 455

Starting and Stopping Services with Service Scripts 456

Starting Services Automatically 456

Service Management Tools: chkconfi g and system-confi g-services 457

system-confi g-services 457

chkconfi g 458

Service Scripts: /etc/init.d 461

Service Script Functions 461

Service Script Tags 462

Service Script Example 463

Installing Service Scripts 465

Extended Internet Services Daemon (xinetd) 465

Starting and Stopping xinetd Services: system-confi g-services On Demand 465

xinetd Confi guration: xinetd.conf 466

xinetd Service Confi guration Files: /etc/xinetd.d Directory 469

Confi guring Services: xinetd Attributes 469

Disabling and Enabling xinetd Services 470

TCP Wrappers 471

22 FTP Servers 473

FTP Servers 473

Available Servers 474

Fedora and Red Hat FTP Server Directories 474

FTP Users 475

Anonymous FTP: vsftpd 475

The FTP User Account: anonymous 476

FTP Group 476

Creating New FTP Users 476

Anonymous FTP Server Directories 477

Anonymous FTP Files 477

Using FTP with rsync 478

Accessing FTP Sites with rsync 478

Confi guring an rsync Server 478

rsync Mirroring 479

The Very Secure FTP Server 480

Running vsftpd 480

Confi guring vsftpd 480

vsftpd Access Controls 484

vsftpd Virtual Hosts 485

vsftpd Virtual Users 486

23 Web Servers: Apache 487

Tux 487

Alternate Web Servers 488

Apache Web Server 489

Java: Apache Jakarta Project 489

Linux Apache Installations 490

Apache Multiprocessing Modules: MPM 490

Starting and Stopping the Web Server 490

Apache Confi guration Files 492

Apache Confi guration and Directives 493

Global Confi guration 494

Server Confi guration 496

Directory-Level Confi guration: htaccess and <Directory> 497

Access Control 498

URL Pathnames 498

MIME Types 499

CGI Files 499

Automatic Directory Indexing 500

Authentication 500

Log Files 501

Virtual Hosting on Apache 503

IP-Based Virtual Hosting 503

Name-Based Virtual Hosting 503

Dynamic Virtual Hosting 504

Server-Side Includes 506

PHP 507

Apache Confi guration Tool 508

Web Server Security: SSL 508

24 Proxy Servers: Squid 513

Confi guring Client Browsers 514

The squid.conf File 516

Security 516

Caches 519

Connecting to Caches 519

Memory and Disk Confi guration 520

Administrative Settings 520

Logs 520

Web Server Acceleration: Reverse Proxy Cache 520

25 Mail Servers: SMTP, POP, and IMAP 523

Mail Transport Agents 523

Received Mail: MX Records 524

Postfi x 525

Postfi x Commands 526

Postfi x Confi guration: main.cf 526

Postfi x Greylisting Policy Server 528

Controlling User and Host Access 528

Sendmail 530

Aliases and LDAP 532

Sendmail Confi guration 533

Sendmail Masquerading 537

Confi guring Mail Servers and Mail Clients 539

Confi guring Sendmail for a Simple Network Confi guration 540

Confi guring Sendmail for a Centralized Mail Server 540

Confi guring a Workstation with Direct ISP Connection 541

The Mailer Table 541

Virtual Domains: virtusertable 542

Security 542

POP and IMAP Server: Dovecot 544

Dovecot 545

Other POP and IMAP Servers 546

Spam: SpamAssassin 546

26 Print, News, and Database Servers: CUPS, INN, and MySQL 549

Printer Devices and Confi guration 550

Printer Device Files 550

Spool Directories 551

Starting the CUPS Server 551

Installing Printers with CUPS 551

Confi guring Remote Printers on CUPS 552

Confi guring a Shared CUPS Printer 553

CUPS Printer Classes 553

CUPS Confi guration 553

cupsd.conf 554

CUPS Directives 554

CUPS Command Line Print Clients 554

lpr 555

lpc 555

lpq and lpstat 556

lprm 556

CUPS Command Line Administrative Tools 556

lpadmin 557

lpoptions 558

enable and disable 558

accept and reject 558

lpinfo 558

News and Search Servers 558

News Servers: INN 559

Newsreader Access 560

Overviews 560

INN Implementation 561

Database Servers: MySQL and PostgreSQL 561

Relational Database Structure 562

SQL 562

MySQL 563

PostgreSQL 566

Part VI System Administration

27 Basic System Administration 569

Superuser Control: the Root User 569

Root User Password 570

Root User Access: su 570

Controlled Administrative Access: sudo 572

System Time and Date 573

Using the system-confi g-date Utility 573

Using the date Command 574

Scheduling Tasks: cron 574

The crond Service 574

crontab Entries 575

Environment Variables for cron 575

The cron.d Directory 576

The crontab Command 576

Editing in cron 576

Organizing Scheduled Tasks 576

Running cron Directory Scripts 577

Cron Directory Names 578

Anacron 578

System Runlevels: telinit, initab, and shutdown 578

Runlevels 578

Runlevels in initab 580

Changing Runlevels with telinit 580

The runlevel Command 581

Shutdown 581

Managing Services 582

chkconfi g 582

The service Command 583

system-confi g-services 583

Fedora Administration Tools 583

System Directories 584

Program Directories 584

Confi guration Directories and Files 585

Confi guration Files: /etc 585

/etc/sysconfi g 587

System Logs: /var/log and syslogd 588

syslogd and syslog.conf 589

Entries in syslogd.conf 589

Priorities 589

Actions and Users 591

An Example for /etc/syslog.conf 591

The Linux Auditing System: auditd 592

Performance Analysis Tools and Processes 593

GNOME System Monitor 594

The ps Command 594

vmstat, free, top, iostat, Xload, and sar 595

System Tap 595

Frysk 595

GNOME Power Manager 595GKrellM 596KDE Task Manager and Performance Monitor (KSysguard) 597Grand Unifi ed Bootloader (GRUB) 597

28 Managing Users 601

User Confi guration Files 601The Password Files 601/etc/passwd 602/etc/shadow and /etc/gshadow 603Password Tools 603Managing User Environments 604Profi le Scripts 604/etc/skel 604/etc/login.defs 604/etc/login.access 605Controlling User Passwords 605Adding and Removing Users with useradd, usermod, and userdel 606useradd 607usermod 608userdel 609Managing Groups 609/etc/group and /etc/gshadow 609User Private Groups 609Group Directories 610Managing Groups with the system-confi g-users 610Managing Groups Using groupadd, groupmod, and groupdel 610Controlling Access to Directories and Files: chmod 611Permissions 611chmod 612Ownership 614Changing a File’s Owner or Group: chown and chgrp 614Setting Permissions: Permission Symbols 615Absolute Permissions: Binary Masks 616Directory Permissions 617Ownership Permissions 618Sticky Bit Permissions 619Permission Defaults: umask 619Disk Quotas 620Quota Tools 620edquota 621quotacheck, quotaon, and quotaoff 621repquota and quota 622Lightweight Directory Access Protocol 622LDAP Clients and Servers 622LDAP Confi guration Files 623Confi guring the LDAP server: /etc/slapd.conf 623LDAP Directory Database: ldif 624LDAP Tools 629LDAP and PAM 629

LDAP and the Name Service Switch Service 629Pluggable Authentication Modules 630PAM Confi guration Files 630PAM Modules 630

29 Software Management 633

Software Repositories 634Software Package Types 635Downloading ISO and DVD Distribution Images with BitTorrent 635Updating Using yum and PUP 636PUP 637Update with the yum Command 637Automatic Yum Update 637Installing Fedora Packages with YUM 638Yum Confi guration 638/etc/yum.conf 639Repository Files:/etc/yum.repos.d 639Fedora 640Livna 640Freshrpms 641jpackage 641Creating Local Yum Repositories 642Managing YUM Caches 642APT 642Red Hat Package Manager (RPM) 643RPM Tools 643RPM Packages 644Installing from the Desktop: rpm 644Command Line Installation: rpm 644The rpm Command 644Querying Information from RPM Packages

and Installed Software 647Installing and Updating Packages with rpm 648Installation Example 649Removing RPM Software Packages 650RPM: Verifying an RPM Installation 650Rebuilding the RPM Database 651Installing Software from RPM Source Code Files: SRPMs 651Source Code RPM Directories 651Building the Source Code 651Installing Software from Compressed Archives: tar.gz 652Decompressing and Extracting Software in One Step 652Decompressing Software 652Selecting an Install Directory 653Extracting Software 653Compiling Software 654Confi gure Command Options 655Development Libraries 655Shared and Static Libraries 656Makefi le File 656

Command and Program Directories: PATH 657/etc/profi le 657.bash_profi le 658Subversion and CVS 658Packaging Your Software with RPM 659

30 File System Management 661

File Systems 662Filesystem Hierarchy Standard 662Root Directory: / 662System Directories 664The /usr Directory 665The /media Directory 665The /mnt Directory 666The /home Directory 666The /var Directory 666The /proc File System 666The sysfs File System: /sys 666Device Files: /dev, udev, and HAL 668Mounting File Systems 671File System Information 671Journaling 673ext3 Journaling 673ReiserFS 674Mounting File Systems Automatically: /etc/fstab 674Hal and fstab 674fstab Fields 675Auto Mounts 676mount Options 676Boot and Disk Check 677fstab Sample 677Partition Labels: e2label 678Windows Partitions 679Linux Kernel Interfaces 679noauto 680Mounting File Systems Manually: mount and umount 680The mount Command 680The umount Command 682Mounting Floppy Disks 682Mounting DVD/CD-ROMs 683Mounting Hard Drive Partitions: Linux and Windows 684Creating File Systems: mkfs, mke2fs, mkswap, parted, and fdisk 684fdisk 686parted 687mkfs 687mkswap 689CD-ROM and DVD ROM Manual Recording 689mkisofs 689dvdrecord 691dvd+rw Tools 691

31 RAID and LVM 693

Logical Volume Manager 694LVM Structure 694Creating LVMs During Installation 695system-confi g-lvm 695LVM Tools: Using the LVM Commands 697LVM Example for Multiple Hard Drives 700Using LVM to Replace Drives 703LVM Example for Partitions on Different Hard Drives 703Confi guring RAID Devices 705Hardware RAID Support: dmraid 705Linux Software RAID Levels 706RAID Devices and Partitions: md and fd 708Booting from a RAID Device 708RAID Administration: mdadm 708Creating and Installing RAID Devices 709Corresponding Hard Disk Partitions 715RAID Example 716

32 Devices and Modules: udev, HAL, and MAKEDEV 719

Hardware Device Installation: Kudzu 720Device Information: /sys, /proc, and /etc/sysconfi g/hwconf 720The sysfs File System: /sys 721The proc File System: /proc 721udev: Device Files 722udev Confi guration 723Device Names and udev Rules: /etc/udev/rules.d 724Symbolic Links 726Program Fields and /lib/udev 728Creating udev Rules 728SYMLINK Rules 729Persistent Names: udevinfo 730Permission Fields: MODE, GROUP, OWNER 731Hardware Abstraction Layer: HAL 732The HAL Daemon and hal-device-manager (hal-gnome) 733HAL Confi guration: /etc/hal/fdi, and /usr/share/hal/fdi 733Device Information Files: fdi 733Properties 734Device Information File Directives 735Manual Devices 737Device Types 738MAKEDEV 738mknod 739Mono and NET Support 740Installing and Managing Terminals and Modems 740Serial Ports 741mingetty, mgetty, and agetty 741termcap and inittab Files 741tset 742Input Devices 742Installing Sound, Network, and Other Cards 742

Sound Devices 743Video and TV Devices 743PCMCIA Devices 744Modules 744Kernel Module Tools 745Module Files and Directories: /lib/modules 745Managing Modules with /etc/moprobe.conf 746The depmod Command 746The modprobe Command 746The insmod Command 747The rmmod Command 748The /etc/modprobe.conf File 748Installing New Modules from Vendors: Driver Packages 749Kernel Header Files: /lib/modules/version/source 750Installing New Modules from the Kernel 751

33 Kernel Administration: Virtualization 753

Kernel Versions 753References 754Kernel Tuning: Kernel Runtime Parameters 755Installing a New Kernel Version 755CPU Kernel Packages 756Installing Kernel Packages: /boot 756Precautionary Steps for Modifying a Kernel of the Same Version 757Boot Loader 758Boot Disk 758Compiling the Kernel from Source Code 759Installing Kernel Sources with Fedora Core SRPM 759Installing Kernel Sources: Kernel Archives and Patches 760Confi guring the Kernel 760Kernel Confi guration Tools 761Important Kernel Confi guration Features 762Compiling and Installing the Kernel 764Installing the Kernel Image Manually 766Kernel Boot Disks 767Boot Loader Confi gurations: GRUB 767Module RAM Disks 768Virtualization 769Virtual Machine Manager: virt-manager 770Kernel-based Virtualization Machine (KVM):

Hardware Virtualization 771Xen Virtualization Kernel 773

34 Backup Management: rsync, Amanda, and dump/restore 779

Individual Backups: archive and rsync 779Amanda 781Amanda Commands 781Amanda Confi guration 782Enabling Amanda on the Network 783Using Amanda 783Backups with dump and restore 784

The dump Levels 784Recording Backups 786Operations with dump 786Recovering Backups 787

Part VII Network Administration

35 Administering TCP/IP Networks 793

TCP/IP Protocol Suite 793IPv4 and IPv6 796TCP/IP Network Addresses 797IPv4 Network Addresses 797Class-Based IP Addressing 797Netmask 798Classless Interdomain Routing (CIDR) 799Obtaining an IP Address 802Broadcast Addresses 804Gateway Addresses 804Name Server Addresses 805IPv6 Addressing 805IPv6 Address Format 805IPv6 Interface Identifi ers 806IPv6 Address Types 806IPv6 and IPv4 Coexistence Methods 808TCP/IP Confi guration Files 808Identifying Hostnames: /etc/hosts 809/etc/resolv.conf 810/etc/sysconfi g/network-scripts 810/etc/sysconfi g/networking 810/etc/services 811/etc/protocols 811/etc/sysconfi g/network 811Domain Name Service (DNS) 811host.conf 812/etc/nsswitch.conf: Name Service Switch 813Network Interfaces and Routes: ifconfi g and route 815Network Startup Script: /etc/rc.d/init.d/network 815Interface Confi guration Scripts:

/etc/sysconfi g/network-scripts 816ifconfi g 817Routing 818Monitoring Your Network: ping, netstat, tcpdump, EtherApe, Ettercap,

and Wireshark 820ping 820Ettercap 821Wireshark 821tcpdump 823netstat 823

IP Aliasing 824

36 Domain Name System 825

DNS Address Translations 825Fully Qualifi ed Domain Names 825IPv4 Addresses 826IPv6 Addressing 826Manual Translations: /etc/hosts 826DNS Servers 826DNS Operation 827DNS Clients: Resolvers 827Local Area Network Addressing 828IPv4 Private Networks 828IPv6 Private Networks 828Local Network Address Example Using IPv4 829BIND 830Alternative DNS Servers 830BIND Servers and Tools 831Starting and Stopping the BIND Server 832Domain Name Service Confi guration 832DNS Zones 832DNS Servers Types 833Location of Bind Server Files: /etc/named/chroot 834named.conf 834The zone Statement 835Confi guration Statements 836The options Statement 837The directory Option 837The forwarders Option 838The notify Option 838

An IPv4 named.conf Example 838

An IPv6 named.conf Example 839Caching-Only Server 840Resource Records for Zone Files 840Resource Record Types 841Time To Live Directive and Field: $TTL 841Start of Authority: SOA 842Name Server: NS 843Address Record: A and A6 843Mail Exchanger: MX 844Aliases: CNAME 845Pointer Record: PTR 845Host Information: HINFO, RP, MINFO, and TXT 846Zone Files 846Zone Files for Internet Zones 846IPv6 Zone File Example 850Reverse Mapping File 850Localhost Reverse Mapping 853Subdomains and Slaves 854Subdomain Zones 854Subdomain Records 854Slave Servers 854

IP Virtual Domains 856

Cache File 857Dynamic Update: DHCP and Journal Files 857TSIG Signatures and Updates 858Manual Updates: nsupdate 858DNS Security: Access Control Lists, TSIG, and DNSSEC 859Access Control Lists 859Secret Keys 860DNSSEC 860TSIG Keys 862Split DNS: Views 863Internal and External Views 864Confi guring Views 864Split View Example 865

37 Network Autoconfi guration: IPv6, DHCPv6, and DHCP 867

IPv6 Stateless Autoconfi guration 867Generating the Local Address 868Generating the Full Address: Router Advertisements 868Router Renumbering 868IPv6 Stateful Autoconfi guration: DHCPv6 870Linux as an IPv6 Router: radvd 871DHCP for IPv4 872Confi guring DHCP IPv4 Client Hosts 872Confi guring the DHCP IPv4 Server 873Dynamic IPv4 Addresses for DHCP 876DHCP Dynamic DNS Updates 878DHCP Subnetworks 880DHCP Fixed Addresses 881

38 NFS, NIS, and GFS 885

Network File Systems: NFS and /etc/exports 885NFSv4 885NFS Daemons 886Starting and Stopping NFS 886Confi guring NFS with the NFS Confi guration Tool 886NFS Confi guration: /etc/exports 887NFS File and Directory Security with nfs4 Access Lists 891Controlling Accessing to NFS Serves 891Mounting NFS File Systems: NFS Clients 893Network Information Service: NIS 896NIS Servers 896Netgroups 899NIS Clients 900Distributed Network File Systems 901Parallel Virtual File System (PVFS) 902Coda 903Red Hat Global File System (GFS and GFS 2) 903system-confi g-cluster 904GFS 2 Packages (Fedora Core 6 and on) 905GFS 2 Service Scripts 905

Implementing a GFS 2 File System 905GFS Tools 906GFS File System Operations 906GFS 1 Packages (Red Hat Enterprise Linux 4, Fedora Core 4/5) 908

39 Samba 909

Samba Documentation 909Samba Applications 910Starting Up Samba 911Firewalls 912Testing Samba from Linux 912Confi guring Samba Access from Windows 912Samba Confi guration File and Tools 913User Level Security 913Samba Passwords: smbpasswd 915Confi guring Samba with system-confi g-samba 916Server Confi guration with system-confi g-samba 917Adding Samba Users with system-confi g-samba 917Specifying Samba Shares with system-confi g-samba 917The Samba smb.conf Confi guration File 917SWAT and smb.conf 919Activating SWAT 919Accessing SWAT 920SWAT Confi guration Pages 921Creating a New Share with SWAT 922

A SWAT-Generated smb.conf Example 922Global Section 923Passwords 925Homes Section 925Printer Section 925Shares 926Printers 927Variable Substitutions 928Testing the Samba Confi guration 929Domain Logons 929Accessing Samba Services with Clients 930Accessing Windows Samba Shares from GNOME 930smbclient 930mount.cifs: mount -t cifs 932Sharing Windows Directories and Printers with Samba Clients 933Windows Clients 934

Index 935

I would like to thank everyone at McGraw-Hill who made this book a reality, particularly

Jane Brownlow, sponsoring editor, for her continued encouragement and analysis as well as management of such a complex project; Dr Ibrahim Haddad, the technical editor, whose analysis and suggestions proved very insightful and helpful; Jennifer Housh, acquisitions coordinator, who provided needed resources and helpful advice; Robert Campbell, copy editor, for his excellent job of editing the book, as well as his insightful comments; project editor Patty Mon who, with project managers Sam RC and Vasundhara Sawhney, incorporated the large number of features found in this book as well as

coordinating the intricate task of generating the final version Thanks also to Scott Rogers who initiated the project

Special thanks to Linus Torvalds, the creator of Linux, and to those who continue to develop Linux as an open, professional, and effective operating system accessible to anyone Thanks also to the academic community whose special dedication has developed Unix as a flexible and versatile operating system I would also like to thank professors and students at the University of California, Berkeley, for the experience and support in developing new and different ways of understanding operating system technologies

I would also like to thank my parents, George and Cecelia, and my brothers, George, Robert, and Mark, for their support and encouragement with such a difficult project Also Valerie and Marylou and my nieces and nephews, Aleina, Larisa, Justin, Christopher, and Dylan, for their support and deadline reminders

xxix

Copyright © 2007 by The McGraw-Hill Companies C lick here for terms of use.

The Red Hat Linux and Fedora distributions have become one of the major Linux

distributions, bringing to the PC all the power and flexibility of a Unix workstation as well as a complete set of Internet applications and a fully functional desktop

interface This book is designed not only to be a complete reference on Linux, but also to provide clear and detailed explanations of Linux features No prior knowledge of Unix is assumed; Linux is an operating system anyone can use

Fedora and Red Hat Enterprise

Red Hat has split its Linux development into two lines: Red Hat Enterprise Linux and the Fedora Project The Red Hat Enterprise Linux product line consists of Red Hat Enterprise Linux WS (workstation), Red Hat Enterprise Linux ES (entry/mid server), and the Red Hat Enterprise Linux AS (advanced server) As a result, the enterprise family products are controlled releases from Red Hat for commercial deployments with new releases issued every two years or so The second development line falls within the Fedora Project, an Open Source initiative supported by Red Hat The Fedora releases will be issued every six months

on average, incorporating the most recent development in the Linux kernel, as well as supported applications

The Fedora release consists entirely of Open Source software Developers from around the globe can contribute to the project following Open Source processes giving them

freedom in promoting enhancements, new features, and new applications, while

maintaining fast pace releases with the course of rapid online development Unlike Red Hat Enterprise Linux, the Fedora version of Linux is entirely free and it is not a supported Red Hat product You can download the most current version, including test betas, from

fedoraproject.org The Fedora Project release will replace the original standard Red Hat Linux distribution

The Red Hat Enterprise line of products is designed for corporate, research, and

business applications These products focus on reliability, stability, and performance, in addition to supporting multiple processor architectures They are released on a much more controlled schedule than the Fedora Project versions

This book covers the current Fedora release, while maintaining compatibility with Red Hat Enterprise Linux This book identifies seven major Linux topics: Basic setup,

environments, applications, security, servers, administration, and network administration Whereas the book details the latest Red Hat tools, desktops, and kernel features in the Fedora project, it also covers in depth the network servers, administrative tasks, and applications featured in Red Hat Enterprise Linux

xxxi

Copyright © 2007 by The McGraw-Hill Companies C lick here for terms of use.

Important Features with Fedora 7

With Fedora, several key features are incorporated as standardized and stable components

of the Linux operations system These include changes to distribution methods, device detection, security support, and desktop use Some of these are listed here, with a complete listing in Chapter 1

• Fedora features automatic detection and configuration of removable devices like USB printers, digital cameras, and card readers, treating CD/DVD disks as removable devices, as well as fully detecting IDE CD/DVD devices

• Fedora software is easily downloaded and updated from the Fedora software repository (formerly Core and Extras)

• Fedora is distributed using different spins (install disks) to perform an initial installation You can then use the Fedora repository to install additional software

You can even create your own install spin

• Fedora Red Hat provides full IPv6 network protocol support, including automatic addressing and renumbering

• SE Linux is now a integral component of Fedora and Red Hat, providing wide security You can set different levels of control and create your own policies

system-• Extensive and simple virtualization support (full and para), using Xen, KVM, and the Virtual Machine Manager

• The PUP software updater automatically updates your Fedora system and all its installed applications from the Yum Fedora online repositories

• GFS version 2 support for a network distributed file system

Linux Features

Fedora 4 includes features that have become a standard part of any Linux distribution, like the desktops, Unix compatibility, network servers, and numerous software applications like Office, multimedia, and Internet applications GNOME and the K Desktop Environment (KDE) have become standard desktop Graphical User Interfaces (GUI) for Linux, noted for their power, flexibility, and ease-of-use These are complete desktop environments that are more flexible than either Windows or the Mac/OS KDE and GNOME have become the standard GUI interface for Linux systems You can install both, run applications from either, and easily switch from one to the other Both have become integrated components of Linux, with applications and tools for every kind of task and operation Instead of treating GNOME and KDE as separate entities, GNOME and KDE tools and applications are presented throughout the book

Linux is also a fully functional Unix operating system It has all the standard features of

a powerful Unix system, including a complete set of Unix shells such as BASH, TCSH, and the Z-shell Those familiar with the Unix interface can use any of these shells, with the same Unix commands, filters, and configuration features

For the Internet, Linux has become a platform for very powerful network applications

With Linux, you can become a part of the Internet by creating your own Web and FTP sites

Other users can access your Linux systems, several at the same time, using different services You can also use very powerful GNOME, KDE, and Unix clients for mail and news

Linux systems are not limited to the Internet You can use them on any local intranet, setting

up an ftp or Web site for your network Red Hat Linux comes equipped with a variety of fully functional servers already installed and ready to use

A wide array of applications operate on Red Hat and Fedora Linux Numerous desktop applications are continually released on the Fedora repository, as well as on third-party Fedora-compliant repositories The GNU general public licensed software provides professional-level applications such as programming development tools, editors and word processors, as well as numerous specialized applications such as those for graphics and sound

How to Use This Book

The first two sections of the book are designed to cover tasks you would need to perform

to get your system up and running After an introduction to the working environment, including both GNOME and KDE desktops, you learn how to quickly update your system, manage users, groups, and set up your printer using the Red Hat and Fedora administrative tools The software management is nearly automatic, letting you install software on your system with just a couple of mouse clicks Internet access can be set up for modems, DSL, wireless, and Ethernet networks with easy-to-use administrative tools that guide you every step of the way All these topics are covered in greater detail later in the book

Since this book is really several books in one—a user interface book, a security book, a server book, and an administration book—how you choose to use it depends upon how you want to use your Fedora Linux system Almost all Linux operations can be carried out using either the GNOME or KDE interface You can focus on the GNOME and KDE sections and their corresponding tools and applications in the different chapters throughout the book

On the other hand, if you want to delve deeper into the Unix aspects of Linux, you can check out the shell chapters and the corresponding shell-based applications in other chapters If you only want to use Linux for its Internet services, then concentrate on the Internet clients and servers If you want to use Linux as a multiuser system servicing many users or integrate it into a local network, you can use the detailed system, file, and network administration information provided in the administration chapters None of these tasks are

in any way exclusive If you are working in a business environment, you will probably make use of all three aspects Single users may concentrate more on the desktops and the Internet features, whereas administrators may make more use of the security and networking features

described in the administration chapters that is unnecessary for basic operation Basic network configuration tasks are discussed such as setting up a LAN connection You learn how to update and install new software easily using Fedora Yum repositories With the Pirut software installer you can install the latest versions directly from a repository with a few clicks The software updater (PUP) automatically detects updates and lets you perform all updates with a single click

Part II of this book deals with Fedora Linux environments Here you are introduced to the different kinds of user environments available for Linux, starting with KDE and GNOME

Different features such as applets, the Panel, and configuration tools are described in detail

With either of these interfaces, you can run all your applications using icons, menus, and windows At any time, you can open up a terminal window through which you can enter standard Linux commands on a command line You can also choose to use just the standard Unix command line interface to run any of the standard Unix commands Next the BASH shell and its various file, directory, and filter commands are examined

Part III of this book discusses in detail the many office, multimedia, and Internet applications you can use on your Linux system, beginning with Office suites like OpenOffice and KOffice The different database management systems available are also discussed, along with the Web site locations where you can download them A variety of different text editors are also available, including several GNOME and KDE editors, as well as the Vim (enhanced VI) Linux automatically installs mail, news, FTP, and Web browser applications, as well as FTP and Web servers Both KDE and GNOME come with a full set of mail, news, FTP clients, and Web browsers There are also many independent mail clients, newsreaders, and Internet tools that you can easily install from the Fedora repository

Part IV demonstrates how to implement security precautions using encryption, authentication, and firewalls Coverage of the General Public License Privacy Guard (GPG) shows you how to implement public and private key-based encryption With Luks (Linux Unified Key Setup) you can easily encrypt file systems SELinux provides comprehensive and refined control of all your network and system resources IPsec tools let you use the IPSEC protocol to encrypt and authenticate network transmissions Network security topics cover firewalls and encryption using netfilter (iptables) to protect your system, the Secure Shell (SSH) to provide secure remote transmissions, and Kerberos to provide secure authentication

Part V discusses Internet servers you can run on Red Hat Linux, including FTP, Web, and Mail servers The Apache Web server chapter covers standard configuration directives like those for automatic indexing, as well as the newer virtual host directives Sendmail, Postfix, IMAP, and POP mail servers are covered The INN news server, CUPS print server, MySQL database server, and the Squid proxy server are also examined

Part VI discusses system administration topics, including user, software, file system, system, device, and kernel administration There are detailed descriptions of the configuration files used in administration tasks and how to make entries in them First, basic system

administration tasks are covered, such as selecting runlevels, monitoring your system, and scheduling shutdowns Then aspects of setting up and controlling users and groups are discussed Presentations include both the GUI tools you can use for these tasks and the underlying configurations files and commands Software installation has been simplified with package management systems, like the Red Hat Package Manager (RPM) and Pirut and Pup software manager and updater, as well as Yum supported repositories like the Fedora repository Using, updating, and configuring the Linux kernel with its modules is covered in detail along with procedures for installing new kernels Different methods of virtualization

are covered, like full (KVM) and para-virtualizaton (Xen) With the Virtual Machine Manager, both can be used to easily install and run guest operation systems Different file system tasks are covered, such as mounting file systems, managing file systems with HAL and udev, and configuring RAID devices and LVM volumes Devices are automatically detected with udev and the Hardware Abstraction Layer (HAL) Fedora uses a hotplug model for managing all its devices The udev utility automatically generates device interfaces, managing both fixed and removable devices using its own rules HAL provides hotplug information about devices to applications, affording them direct access

Part VII covers network administration, dealing with topics such as configuring remote file system access and setting up firewalls Configuration files and features for the Domain Name System (DNS) and its BIND server are examined in detail, along with features like virtual domains and IP aliases IPv6 support for Internet addressing and DNS configuration

is discussed in detail, showing the new IPv6 formats replacing the older IPv4 versions You also learn how to implement your own IPv4 Dynamic Host Configuration Protocol (DHCP) server to dynamically assign hosts IP addresses or how IPv6 automatic addressing and renumbering operate The various network file system interfaces and services like GFS version 2, NFS for Unix, and NIS networks are presented The chapter on Samba shows how

to access Windows file systems and printers

xxxv

Introduction to Red Hat and Fedora Linux

CHAPTER 2Installing Fedora

CHAPTER 3Interface Basics: Login, Desktop, Help, Repositories, Multimedia, and Spins

CHAPTER 4System Confi guration

CHAPTER 5Network Confi guration

PART

Copyright © 2007 by The McGraw-Hill Companies C lick here for terms of use.