Oracle Linux: System Administration

solidseniorΔιακομιστές

9 Δεκ 2013 (πριν από 3 χρόνια και 11 μήνες)

327 εμφανίσεις

Oracle Linux:
System Administration
Volume I • Student Guide
D49366GC30
Edition 3.0
August 2011
D73780
Copyright © 2011,Oracle. All rights reserved.
Disclaimer
This document contains proprietary information and is protected by copyright and other intellectual property laws. You may copy and
print this document solely for your own use in an Oracle training course. The document may not be modified or altered in any way.
Except where your use constitutes "fair use" under copyright law, you may not use, share, download, upload, copy, print, display,
perform, reproduce, publish, license, post, transmit, or distribute this document in whole or in part without the express authorization of
Oracle.
The information contained in this document is subject to change without notice. If you find any problems in the document, please
report them in writing to: Oracle University, 500 Oracle Parkway, Redwood Shores, California 94065 USA. This document is not
warranted to be error-free.
Restricted Rights Notice
If this documentation is delivered to the United States Government or anyone using the documentation on behalf of the United States
Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS
The U.S. Government’s rights to use, modify, reproduce, release, perform, display, or disclose these training materials are restricted by
the terms of the applicable Oracle license agreement and/or the applicable U.S. Government contract.
Trademark Notice
Oracle, JD Edwards, PeopleSoft, and Siebel are registered trademarks of Oracle Corporation and/or its affiliates. Other names may be
trademarks of their respective owners.
Guru Labs L.C.
The contents of this course and all its modules and related materials, including handouts to audience members, are copyright ©2007
Guru Labs L.C.
No part of this publication maybe stored in a retrieval system, transmitted or reproduced in anyway, including, but not limited to,
photocopy, photograph, magnetic, electronic or other record, with out the prior written permission of Guru Labs.
This curriculum contains proprietary information which is for the exclusive use of customers of Guru Labs L.C., and is not to be shared
with personnel other than those in attendance at this course.
This instructional program, including all material provided herein, is supplied without any guarantees from Guru Labs L.C. Guru Labs
L.C. assumes no liability for damages or legal action arising from the use or misuse of contents or details contained herein.
Photocopying any part of this manual without prior written consent of Guru Labs L.C. is a violation of federal law. This manual should
not appear to be a photocopy. If you believe that Guru Labs training materials are being photocopied without permission, please email
Alert@gurulabs.com
or call 1-801-298-5227.
Guru Labs L.C. accepts no liability for any claims, demands, losses, damages, costs or expenses suffered or incurred howsoever
arising from or in connection with the use of this courseware. All trademarks are the property of their respective owners.
Version: OEL250S-O54-A00
iii
Table of Contents
Chapter 1
WHAT IS LINUX?...............................................................1
UNIX Origins and Design Principles.............................................2
Unix Timeline................................................................4
FSF and GNU................................................................6
GPL – General Public License..................................................7
The Linux Kernel..............................................................8
Linux Features...............................................................9
Popular Uses of Linux........................................................10
What is a Distribution?.......................................................11
Components of a Distribution.................................................12
Standardization..............................................................13
Oracle Linux................................................................14
Unbreakable Enterprise Kernel................................................15
Unbreakable Linux Network...................................................16
Chapter 2
LINUX ARCHITECTURE OVERVIEW..............................................1
The Linux Operating SystemComponents.......................................2
Open Standards..............................................................3
Memory Layout..............................................................4
Important Kernel Threads......................................................5
Block Devices and the Device Mapper..........................................6
File Systems with Linux.......................................................8
Cache and Write Barriers.....................................................10
Device Files in Linux.........................................................12
D-Bus Overview.............................................................13
Important Userland Daemons.................................................14
Security Model Overview.....................................................15
su and Wheel...............................................................17
sudo.......................................................................18
Lab Tasks 19
1.Switching Users With sudo.................................................20
Chapter 3
PRE-INSTALLATION CONSIDERATIONS..........................................1
Pre-Installation Considerations.................................................2
Hardware Compatibility.......................................................3
Multi-OS Booting.............................................................4
Partition Considerations.......................................................5
FilesystemPlanning...........................................................6
Selecting a Filesystem........................................................7
Cluster Filesystems...........................................................8
Optimal Flexible Architecture (OFA).............................................9
Chapter 4
INSTALLING OEL5.............................................................1
Installation Choices...........................................................2
Starting Installations fromCD/DVD or USB.......................................4
Installing Froma Network Server...............................................5
Installing Froma Local Drive...................................................7
iv
Anaconda....................................................................9
Installation Diagnostics.......................................................11
Language and Keyboard Selection.............................................12
Automatic Partitioning.......................................................14
Partitioning with Disk Druid...................................................16
Installing a Boot Loader......................................................18
Network Configuration.......................................................20
Time Zone Configuration.....................................................21
root Password Configuration..................................................22
Package Group Selection.....................................................23
Installing Packages..........................................................25
Install Finished..............................................................26
Firstboot...................................................................27
Firstboot Firewall Configuration...............................................28
Firstboot SELinux Configuration...............................................29
Firstboot Kernel Crash Dump Configuration.....................................30
Firstboot Date and Time Configuration.........................................31
Firstboot Authentication Configuration.........................................32
Lab Tasks 33
1.Linux Installation..........................................................34
Chapter 5
LINUX HARDWARE DISCOVERY,INTERACTION,AND CONTROL...................1
Hardware Discovery Tools.....................................................2
Configuring New Hardware with Kudzu..........................................4
Hardware and SystemClock...................................................5
Console.....................................................................6
Virtual Terminals..............................................................8
Serial Ports.................................................................11
SCSI Devices................................................................13
USB Devices................................................................16
USB Configuration...........................................................17
Common UNIX Printing System...............................................19
Defining a Printer............................................................20
Managing Optical Media.....................................................21
Tape Drives.................................................................24
Tape Libraries...............................................................25
I/O Elevators................................................................27
Managing Linux Device Files..................................................29
Kernel Hardware Info –/sys/..................................................32
/sys/Structure...............................................................33
udev.......................................................................34
Kernel Modules.............................................................36
Configuring Kernel Components and Modules..................................38
Handling Module Dependencies...............................................40
Configuring the Kernel via/proc/...............................................41
Lab Tasks 43
1.Adjusting Kernel Options...................................................44
2.Configuring Print Queues...................................................49
3.Introduction to Troubleshooting Labs........................................52
4.Troubleshooting Practice:Kernel Modules...................................56
v
Chapter 6
BOOT PROCESS AND SYSV INIT................................................1
Booting Linux on PCs.........................................................2
GRUB Configuration..........................................................3
Kernel Boot Parameters.......................................................5
/sbin/init.....................................................................6
SystemInit Styles............................................................7
Linux Runlevels..............................................................9
/etc/inittab..................................................................10
/etc/rc.sysinit................................................................12
Runlevel Implementation.....................................................13
SystemConfiguration Files...................................................15
Configuration Utilities........................................................16
Typical SysV Init Script.......................................................17
The/etc/rc.local File..........................................................19
Managing Daemons.........................................................20
Controlling Service Startup....................................................21
Shutdown and Reboot.......................................................23
Lab Tasks 24
1.Boot Process.............................................................25
2.GRUB Command Line......................................................28
3.Basic GRUB Security.......................................................30
4.Managing Services With chkconfig..........................................33
5.Troubleshooting Practice:Boot Process......................................36
Chapter 7
SOFTWARE MAINTENANCE....................................................1
Managing Software...........................................................2
RPMFeatures................................................................3
RPMArchitecture.............................................................4
RPMPackage Files...........................................................5
Working With RPMs..........................................................7
Querying and Verifying with rpm...............................................9
Updating the Kernel RPM.....................................................10
Managing Software Dependencies............................................11
Using the YUMcommand....................................................12
YUMpackage groups........................................................15
Configuring YUM............................................................17
YUMRepositories...........................................................19
Compiling/Installing fromSource..............................................20
Manually Installed Shared Libraries............................................22
Installing Source RPMPackages..............................................23
Lab Tasks 24
1.Managing Software with RPM..............................................25
2.Creating a CustomRPMRepository.........................................28
3.Querying the RPMDatabase................................................31
4.Installing Software via RPM& Source and Rebuilding SRPMs...................34
5.YUM.....................................................................37
vi
Chapter 8
USER/GROUP ADMINISTRATION................................................1
User and Group Concepts.....................................................2
User Administration...........................................................4
Modifying Accounts..........................................................6
Group Administration.........................................................8
Password Aging.............................................................10
Default User Files............................................................12
Controlling Logins...........................................................13
Manual DS Client Configuration...............................................14
system-config-authentication.................................................15
Lab Tasks 17
1.User and Group Administration.............................................18
2.Configure NIS Authentication...............................................20
3.Using LDAP for Centralized User Accounts...................................23
4.Troubleshooting Practice:Account Management..............................27
Chapter 9
FILESYSTEMADMINISTRATION.................................................1
Partitioning Disks with fdisk....................................................2
Partitioning Disks with parted..................................................4
FilesystemCreation...........................................................6
Mounting Filesystems.........................................................7
FilesystemMaintenance.......................................................9
Persistent Block Devices.....................................................11
Resizing Filesystems.........................................................12
Swap......................................................................13
Two Types of Disk Space.....................................................15
Determining Disk Usage With df and du........................................16
Configuring Disk Quotas......................................................18
Setting Quotas..............................................................20
Viewing and Monitoring Quotas...............................................21
FilesystemAttributes........................................................22
Backup Software............................................................23
Backup Examples............................................................25
Lab Tasks 26
1.Creating and Managing Filesystems.........................................27
2.Hot Adding Swap..........................................................31
3.Setting User Quotas.......................................................33
4.Using tar and cpio for Backups..............................................36
5.Using rsync and ssh for Backups............................................39
6.Using dump and restore for Backups........................................42
7.Creating ISO Images for Backups...........................................46
Chapter 10
LVM& RAID...................................................................1
Logical Volume Management..................................................2
Implementing LVM...........................................................3
Creating Logical Volumes......................................................4
Manipulating VGs & LVs.......................................................5
Advanced LVMConcepts......................................................7
system-config-lvm............................................................8
vii
RAID Concepts...............................................................9
Array Creation with mdadm...................................................11
Software RAID Monitoring....................................................12
Software RAID Control and Display............................................13
Lab Tasks 14
1.Creating and Managing LVMVolumes.......................................15
2.Creating and Managing a RAID-5 Array.......................................25
Chapter 11
REMOTE STORAGE ADMINISTRATION..........................................1
Remote Storage Overview.....................................................2
Remote FilesystemProtocols..................................................4
Remote Block Device Protocols................................................6
File Sharing via NFS...........................................................8
NFSv4.......................................................................9
NFS Clients.................................................................10
NFS Server Configuration.....................................................11
Implementing NFSv4.........................................................13
AutoFS.....................................................................14
AutoFS Configuration........................................................15
Accessing Windows/Samba Shares fromLinux.................................17
SAN Multipathing............................................................19
Multipath Configuration......................................................20
Multipathing Best Practices...................................................22
iSCSI Architecture...........................................................24
iSCSI Target Implementations.................................................27
iSCSI Target Configuration (tgt)................................................28
iSCSI Target LUN Configuration (tgt)...........................................31
iSCSI Target Auth Configuration (tgt)...........................................33
iSCSI Persistent Configuration (tgt)............................................34
Open-iSCSI Initiator Implementation...........................................36
iSCSI Initiator Discovery......................................................38
iSCSI Initiator Node Administration............................................40
Mounting iSCSI Targets at Boot...............................................42
iSCSI Multipathing Considerations.............................................43
Lab Tasks 45
1.NFS Server Configuration...................................................46
2.iSCSI Initiator Configuration.................................................49
Chapter 12
PLUGGABLE AUTHENTICATION MODULE (PAM).................................1
PAMOverview...............................................................2
PAMModule Types...........................................................3
PAMOrder of Processing......................................................4
PAMControl Statements......................................................5
PAMModules................................................................7
pam_unix.so.................................................................8
pam_nologin.so..............................................................9
pam_limits.so...............................................................10
pam_wheel.so..............................................................12
pam_xauth.so...............................................................13
Lab Tasks 14
viii
1.Restricting superuser access to wheel group membership.....................15
2.Using pam_nologin to Restrict Logins.......................................17
3.Setting Limits with the pam_limits Modules..................................20
4.Using pam_limits to Restrict Simultaneous Logins............................23
Chapter 13
SECURITY ADMINISTRATION...................................................1
Security Concepts............................................................2
Tightening Default Security....................................................4
Security Advisories...........................................................6
File Access Control Lists......................................................7
Manipulating FACLs..........................................................8
Viewing FACLs..............................................................10
Backing Up FACLs...........................................................11
File Creation Permissions with umask..........................................12
User Private Group Scheme...................................................14
SELinux Security Framework..................................................15
SELinux Modes.............................................................16
SELinux Commands.........................................................17
Choosing an SELinux Policy...................................................18
SELinux Booleans...........................................................19
Graphical SELinux Policy Tools................................................21
Netfilter Concepts...........................................................23
Targets.....................................................................25
Netfilter:Stateful Packet Filter Firewall.........................................27
Using the iptables Command.................................................28
Common match_specs.......................................................30
Connection Tracking.........................................................32
Lab Tasks 33
1.User Private Groups.......................................................34
2.Using FilesystemACLs.....................................................36
3.Exploring SELinux Modes..................................................43
4.SELinux File Contexts......................................................46
5.Securing Services with Netfilter.............................................47
Chapter 14
PROCESS ADMINISTRATION....................................................1
Automating Tasks............................................................2
at/batch.....................................................................3
cron.........................................................................5
/etc/cron.*/Directories........................................................6
anacron.....................................................................7
Viewing Processes...........................................................8
Managing Processes.........................................................10
Tuning Process Scheduling...................................................12
Process Accounting..........................................................13
Enabling Process Accounting.................................................14
Setting Resource Limits via ulimit.............................................16
Lab Tasks 17
1.Creating and Managing User Cron Jobs......................................18
2.Adding Systemcron Jobs..................................................21
3.Using BSD Process Accounting.............................................22
ix
Chapter 15
BASIC NETWORKING...........................................................1
IPv4 Fundamentals...........................................................2
TCP/UDP Fundamentals.......................................................4
Linux Network Interfaces......................................................6
Ethernet Hardware Tools......................................................7
Configuring Network Interfaces................................................9
Configuring Routing Tables...................................................10
IP to MAC Address Mapping with ARP.........................................12
Network Configuration with ip Command.......................................13
Starting and Stopping Interfaces..............................................14
NetworkManager............................................................16
DNS Clients.................................................................17
DHCP Clients...............................................................19
system-config-network{,-cmd}................................................20
Network Diagnostics.........................................................22
Information fromnetstat......................................................25
Managing Network-Wide Time................................................26
Continual Time Sync with NTP................................................28
Configuring NTP Clients......................................................29
Lab Tasks 31
1.Network Discovery........................................................32
2.NTP Client Configuration...................................................34
Chapter 16
ADVANCED NETWORKING.....................................................1
Multiple IP Addresses.........................................................2
Enabling IPv6................................................................4
Interface Bonding............................................................6
Interface Bridging............................................................8
802.1q VLANS...............................................................10
Tuning Kernel Network Settings...............................................12
Configuring a DHCP server...................................................13
Lab Tasks 15
1.Multiple IP Addresses Per Network Interface.................................16
2.Configuring IPv6...........................................................19
Chapter 17
THE X WINDOWSYSTEM.......................................................1
The X Window System........................................................2
X Modularity.................................................................4
X.Org Drivers................................................................5
Configuring X Manually........................................................6
Automatic X Configuration.....................................................7
Xorg and Fonts...............................................................8
The X Font Server.............................................................9
Installing Fonts for Modern Applications........................................11
Installing Fonts for Legacy Applications........................................12
The X11 Protocol and Display Names..........................................13
Display Managers and Graphical Login.........................................14
Starting X Apps Automatically.................................................16
X Access Control............................................................18
x
Remote X Access (historical/insecure approach).................................20
Remote X Access (modern/secure approach)...................................22
XDMCP....................................................................24
Remote Graphical Access With VNC and RDP...................................26
Specialized X Servers........................................................27
Lab Tasks 28
1.Remote X with XDMCP....................................................29
2.Configure X Security.......................................................32
3.Configure a VNC Server....................................................36
4.Launching X Apps Automatically............................................41
5.Secure X.................................................................45
6.Troubleshooting Practice:X11..............................................48
Chapter 18
LOG FILE ADMINISTRATION....................................................1
SystemLogging..............................................................2
/etc/syslog.conf..............................................................4
Rsyslog.....................................................................6
Log Management.............................................................7
Log Anomaly Detector........................................................9
Lab Tasks 10
1.Remote Syslog Configuration...............................................11
2.Setting up a Full Debug Logfile..............................................14
Chapter 19
MONITORING & TROUBLESHOOTING............................................1
SystemStatus – Memory......................................................2
SystemStatus – I/O...........................................................4
SystemStatus – CPU.........................................................6
Performance Trending with sar.................................................8
Troubleshooting Basics:The Process..........................................10
Troubleshooting Basics:The Tools............................................12
strace and ltrace.............................................................15
Common Problems..........................................................17
Incorrect File Permissions....................................................18
Inability to Boot.............................................................19
Typos in Configuration Files...................................................20
Corrupt Filesystems.........................................................21
Rescue Environment.........................................................22
Lab Tasks 23
1.Recovering Damaged MBR.................................................24
Appendix A
LINUX FUNDAMENTALS CHEAT SHEETS........................................1
Help fromCommands and Documentation......................................2
Getting Help with man & info...................................................3
$MANPATH,whatis and apropos...............................................5
File Ownership...............................................................6
File and Directory Permissions.................................................7
Changing File Permissions.....................................................8
Switching User Contexts.....................................................10
Pico/Nano Interface..........................................................11
xi
Pico/Nano Shortcuts.........................................................12
Learning vi..................................................................14
Basic vi.....................................................................15
Accessing Remote Shells.....................................................17