Foundations of CentOS Linux - Mirror STISI Telkom

solidseniorServers

Dec 9, 2013 (4 years and 5 months ago)

1,277 views

this print for content only—size & color not accurate trim = 7.5" x 9.25" spine = 0.000" 000 page count
  CYAN
  MAGENTA
  YELLOW
  BLACK
Foundations of CentOS Linux
ThE ExpErT’s VOiCE
®
 iN LiNux
Foundations of

CentOS Linux

Enterprise Linux On the Cheap
Ryan Baclit, Chivas Sicam,

Peter Membrey,
and
John Newbigin
Companion
eBook Available
A truly free enterprise alternative

to Red Hat Enterprise Linux
Baclit

Sicam

Membrey
Newbigin
BOOKs fOr prOfEssiONALs BY prOfEssiONALs
®
US $42.99
Shelve in

Linux
User level:

Beginning
Companion eBook

See last page for details

on $10 eBook version
Foundations of CentOS Linux:
Enterprise Linux On the Cheap
Dear Reader,
I’ve been using Linux for years for software development, for personal enter
-
tainment, and to create servers to be deployed on the network. But when asked
on which distribution I always use when creating and deploying network serv
-
ers, I always say CentOS. With CentOS, I have all the tools that I need to do tasks
with Linux, from command-line shell scripting to graphical systems adminis
-
tration with virtualization.
The book you are holding now contains expert advice that will help you
learn Linux administration with the CentOS distribution. You will be able to
write shell scripts, schedule automated tasks and use the GNOME desktop.
For network servers, you will learn how to properly install and configure file
sharing and print servers, combine servers with directory services for unified
authentication, and use virtualization to save on hardware costs.
With this book, you have a concrete starting guide to learning Linux with
CentOS. You will spend less time asking questions and more time to build
-
ing whatever you need with CentOS as you learn about it with this book. If
you have plans of becoming an RHCE (Red Hat Certified Engineer), what you
have learned here will give you a boost in studying review materials for the
RHCE exam.
I hope that you will enjoy learning Linux with CentOS and use it to create
masterpiece servers with this book.
Ryan Baclit
THE
APRESS RO
ADMAP
The Definitive
Guide to SUSE
Linux Enterprise Ser
ver
Pro Linux System
Administration
The Definitive Guide

to CentOS
Pro Ubuntu Ser
ver
Beginning the Linux
Command Line
Beginning Ubuntu Linux,

4th edition
Beginning SUSE Linux
F
oundations of
CentOS Linux
Beginning Ubuntu
L
TS Ser
ver
Administration
)3".    







Ryan Baclit
Chivas Sicam
Peter Membrey
John Newbigin
Download at WoweBook.Com
Foundations of CentOS
Linux
Enterprise Linux On the Cheap











■ ■ ■
Ryan Baclit, Chivas Sicam,
Peter Membrey, and
John Newbigin

Download at WoweBook.Com
ii

Foundations of CentOS Linux: Enterprise Linux On the Cheap

Copyright © 2009 by Ryan Baclit, Chivas Sicam, Peter Membrey, and John Newbigin
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage or retrieval
system, without the prior written permission of the copyright owner and the publisher.
The Evolution Mail Client logo is a copyright of Evolution project and was printed with permission.
ISBN-13 (pbk): 978-1-4302-1964-4
ISBN-13 (electronic): 978-1-4302-1965-1
Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1
Trademarked names may appear in this book. Rather than use a trademark symbol with every
occurrence of a trademarked name, we use the names only in an editorial fashion and to the benefit of
the trademark owner, with no intention of infringement of the trademark.
President and Publisher: Paul Manning
Lead Editor: Frank Pohlmann
Technical Reviewers: Peter Membrey and Ann Tan-Pohlmann
Editorial Board: Clay Andres, Steve Anglin, Mark Beckner, Ewan Buckingham, Tony Campbell, Gary
Cornell, Jonathan Gennick, Michelle Lowman, Matthew Moodie, Jeffrey Pepper, Frank Pohlmann,
Ben Renow-Clarke, Dominic Shakeshaft, Matt Wade, Tom Welsh
Coordinating Editor: Debra Kelly
Copy Editors: James A. Compton, Heather Lang, Patrick Meader, and Sharon Terdeman
Compositor: Bob Cooper
Indexer: BIM Indexing and e-Services
Artist: April Milne
Cover Designer: Anna Ishchenko
Distributed to the book trade worldwide by Springer-Verlag New York, Inc., 233 Spring Street, 6th Floor,
New York, NY 10013. Phone 1-800-SPRINGER, fax 201-348-4505, e-mail orders-ny@springer-sbm.com, or
visit http://www.springeronline.com.
For information on translations, please e-mail info@apress.com, or visit http://www.apress.com.
Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use.
eBook versions and licenses are also available for most titles. For more information, reference our
Special Bulk Sales—eBook Licensing web page at http://www.apress.com/info/bulksales.
The information in this book is distributed on an “as is” basis, without warranty. Although every
precaution has been taken in the preparation of this work, neither the author(s) nor Apress shall have
any liability to any person or entity with respect to any loss or damage caused or alleged to be caused
directly or indirectly by the information contained in this work.
The source code for this book is available to readers at http://www.apress.com.

Download at WoweBook.Com

I dedicate this book to all current and future users of Linux.
—Ryan Baclit

To Anna. May all your dreams come true.
—Chivas Sicam

For my granddad, Bill “Pappy” Membrey. Without his unwavering support and guidance (not
to mention patience), I would not be where I am today.
—Peter Membrey

To my fiancée, Jenna.
—John Newbigin
Download at WoweBook.Com
iv

Contents at a Glance

■About the Authors ................................................................................................... xvii
■About the Technical Reviewer .................................................................................. xx
■Acknowledgments ................................................................................................... xxi
■Introduction ............................................................................................................ xxii
■Chapter 1: Installation ................................................................................................ 1
■Chapter 2: BASH ....................................................................................................... 31
■Chapter 3: Client/Host Configuration ........................................................................ 55
■Chapter 4: Data Storage Management ...................................................................... 71
■Chapter 5: User Management ................................................................................... 87
■Chapter 6: X Window System ................................................................................. 105
■Chapter 7: Package Management .......................................................................... 133
■Chapter 8: Basic Linux Security ............................................................................. 153
■Chapter 10: Network Security ................................................................................ 203
■Chapter 11: Network Services ................................................................................ 227
■Chapter 12: Open Source Databases ...................................................................... 261
■Chapter 13: Linux Web Services ............................................................................. 289
■Chapter 14: File Sharing Services .......................................................................... 313
■Chapter 15: Linux Mail Servers .............................................................................. 335
■Chapter 16: Directory Services ............................................................................... 373
■Chapter 17: The Linux Kernel ................................................................................. 415
■Chapter 18: Linux Virtualization ............................................................................. 435
■Chapter 19: Linux Troubleshooting ......................................................................... 457
■Index ....................................................................................................................... 471

Download at WoweBook.Com
■ CONTENTS

v

Contents
■About the Authors ................................................................................................... xvii
■About the Technical Reviewer .................................................................................. xx
■Acknowledgments ................................................................................................... xxi
■Introduction ............................................................................................................ xxii
■Chapter 1: Installation ................................................................................................ 1
Preinstallation Steps ......................................................................................................................................... 1
Installation ......................................................................................................................................................... 3
Troubleshooting ............................................................................................................................................... 29
Summary ......................................................................................................................................................... 30
■Chapter 2: BASH ....................................................................................................... 31
Working with the Command-Line Interface ..................................................................................................... 31
Identifying the Working User ...................................................................................................................... 32
The Linux Filesystem .................................................................................................................................. 33
Directory Management ............................................................................................................................... 35
Listing the Contents of a Directory ............................................................................................................. 36
Traversing Directories ................................................................................................................................ 39
Absolute and Relative Paths .................................................................................................................. 39
Creating Directories .................................................................................................................................... 40
Renaming and Moving Files ....................................................................................................................... 40
Deleting Directories and Files ..................................................................................................................... 41
Creating and Viewing Text Files ................................................................................................................. 42
Viewing the Contents of a File .................................................................................................................... 44
Text Processing ............................................................................................................................................... 45
Standard I/O Devices .................................................................................................................................. 46
Redirection ................................................................................................................................................. 47
Piping .......................................................................................................................................................... 47
Getting Help ..................................................................................................................................................... 48
Environment Variables ..................................................................................................................................... 51
Creating and Running Your Own Script ........................................................................................................... 52
Summary ......................................................................................................................................................... 54
■Chapter 3: Client/Host Configuration ........................................................................ 55
The Boot Process ............................................................................................................................................. 55
The Boot Loader .......................................................................................................................................... 55
Download at WoweBook.Com
■ CONTENTS

vi

Kernel, Init, and Runlevels .......................................................................................................................... 60
Services ...................................................................................................................................................... 62
Keyboard Settings ........................................................................................................................................... 63
Language Settings ........................................................................................................................................... 64
Date and Time Settings ................................................................................................................................... 65
Network Settings ............................................................................................................................................. 67
Graphics Settings ............................................................................................................................................ 68
Printer Settings ................................................................................................................................................ 69
Summary ......................................................................................................................................................... 70
■Chapter 4: Data Storage Management ...................................................................... 71
Provisioning a New Hard Drive ........................................................................................................................ 71
Partitioning a Disk Using RAID ......................................................................................................................... 77
Understanding RAID Types and Levels ....................................................................................................... 78
RAID 0 .................................................................................................................................................... 78
RAID 1 .................................................................................................................................................... 78
RAID 5 .................................................................................................................................................... 79
Checking on RAID ....................................................................................................................................... 81
Partitioning with LVM ...................................................................................................................................... 81
Understanding How LVM Works ................................................................................................................. 82
Volume Groups ...................................................................................................................................... 83
Physical Volumes ................................................................................................................................... 83
Logical Volumes .......................................................................................................................................... 84
Making Sure Your Volumes Work ............................................................................................................... 85
Finding More Information on LVM .............................................................................................................. 85
Summary ......................................................................................................................................................... 85
■Chapter 5: User Management ................................................................................... 87
Managing Users and Groups with the Graphical Interface .............................................................................. 87
Adding a User ............................................................................................................................................. 87
Changing User Properties ........................................................................................................................... 89
Deleting a User ........................................................................................................................................... 91
Adding a Group ........................................................................................................................................... 91
Changing Group Properties ......................................................................................................................... 92
Deleting a Group ......................................................................................................................................... 93
User Management on the Command Line ....................................................................................................... 93
Adding a User ............................................................................................................................................. 94
Changing User Properties ........................................................................................................................... 94
Deleting a User ........................................................................................................................................... 95
Adding a Group ........................................................................................................................................... 96
Changing Group Properties ......................................................................................................................... 96
Deleting a Group ......................................................................................................................................... 96
Implementing Disk Quotas .............................................................................................................................. 98
Enabling User and Group Quotas on a Filesystem ...................................................................................... 99
Setting Up the Quota Files .......................................................................................................................... 99
Download at WoweBook.Com
■ CONTENTS

vii

Setting Up Quotas ..................................................................................................................................... 100
Setting Grace Periods .......................................................................................................................... 101
Managing Quotas for Groups ............................................................................................................... 101
Enabling Quotas ........................................................................................................................................ 101
Reporting on Quotas ................................................................................................................................. 101
Setting Resource Limits ................................................................................................................................ 102
Summary ....................................................................................................................................................... 103
■Chapter 6: X Window System ................................................................................. 105
X.Org .............................................................................................................................................................. 106
xorg.conf ................................................................................................................................................... 106
The Keyboard Section .......................................................................................................................... 107
The Device Section .............................................................................................................................. 108
The Screen Section ............................................................................................................................. 108
The ServerLayout Section .................................................................................................................... 110
Making a New xorg.conf File .................................................................................................................... 111
The GNOME Desktop ...................................................................................................................................... 111
Top Panel .................................................................................................................................................. 112
Applications ......................................................................................................................................... 113
Places .................................................................................................................................................. 115
System ................................................................................................................................................. 117
Customizing Menus ............................................................................................................................. 118
Launchers ............................................................................................................................................ 120
Separator, Update, Clock, and Sound Applet ....................................................................................... 121
Bottom Panel ............................................................................................................................................ 121
XDMCP Remote Connections ......................................................................................................................... 122
GDM Configuration .................................................................................................................................... 123
Reloading Options with gdmflexiserver ............................................................................................... 125
Using XDMCP with GDM ................................................................................................................................ 125
Requesting an X Session with XDMCP ...................................................................................................... 126
XDMCP with X Query............................................................................................................................ 126
XDMCP with Xnest .................................................................................................................................... 128
X with SSH ..................................................................................................................................................... 130
Summary ....................................................................................................................................................... 131
■Chapter 7: Package Management .......................................................................... 133
RPM ............................................................................................................................................................... 133
The RPM Filename Convention ...................................................................................................................... 134
The rpm Command ........................................................................................................................................ 135
Installing a Package ................................................................................................................................. 135
Signed Packages ...................................................................................................................................... 136
Importing Keys .......................................................................................................................................... 136
Verifying Packages ................................................................................................................................... 137
Adding More Output .................................................................................................................................. 137
Package Dependencies ............................................................................................................................ 138
Download at WoweBook.Com
■ CONTENTS

viii

Upgrading a Package ................................................................................................................................ 139
Removing a Package ................................................................................................................................ 140
Querying a Package .................................................................................................................................. 141
Information and File Contents of a Package ............................................................................................. 141
Source RPMs ............................................................................................................................................ 142
The Spec File ....................................................................................................................................... 143
The rpmbuild Command ...................................................................................................................... 144
Building a Binary Package from a Source Package ............................................................................ 144
YUM ............................................................................................................................................................... 145
Installing Packages with YUM .................................................................................................................. 146
Removing Packages with YUM ................................................................................................................. 146
Updating Packages with YUM ................................................................................................................... 147
Searching Packages with YUM ................................................................................................................. 148
Adding Sources for YUM ........................................................................................................................... 148
Creating Repositories for YUM .................................................................................................................. 150
Summary ....................................................................................................................................................... 151
■Chapter 8: Basic Linux Security ............................................................................. 153
System Logger............................................................................................................................................... 153
Using syslog.conf ...................................................................................................................................... 154
Selectors .............................................................................................................................................. 155
Actions ................................................................................................................................................. 157
Detecting Intruders with the System Logger ............................................................................................ 158
Automating Tasks with cron .......................................................................................................................... 160
Using crontab ........................................................................................................................................... 161
Using cron.allow and cron.deny ............................................................................................................... 161
Working with the crontab File .................................................................................................................. 161
The crontab Task ................................................................................................................................. 161
Browsing Available Tasks .................................................................................................................... 163
Removing Tasks .................................................................................................................................. 163
Pluggable Authentication Modules ................................................................................................................ 163
Understanding PAM Rules and Configuration Files .................................................................................. 165
servicename ........................................................................................................................................ 166
Management Groups ........................................................................................................................... 167
Control ................................................................................................................................................. 167
modulepath .......................................................................................................................................... 168
Testing PAM .............................................................................................................................................. 168
Testing pam_time.so with crond ......................................................................................................... 169
Finding Other PAM Modules ..................................................................................................................... 170
Summary ....................................................................................................................................................... 170
■Chapter 9: Advanced Security ................................................................................ 171
Using Digital Certificates ............................................................................................................................... 171
Creating Certificates ...................................................................................................................................... 172
Deploying Certificates ................................................................................................................................... 176
Download at WoweBook.Com
■ CONTENTS

ix

Configuration Files .................................................................................................................................... 176
Intermediate Certificates .......................................................................................................................... 178
Certificate File Formats ............................................................................................................................ 178
Signing Your Own Certificates .................................................................................................................. 179
Go Wild...................................................................................................................................................... 181
Intrusion Detection ........................................................................................................................................ 181
Monitoring the filesystem with RPM ......................................................................................................... 182
Monitoring the Filesystem with AIDE ........................................................................................................ 185
Monitoring the Network with Netfilter ...................................................................................................... 188
Security Enhanced Linux ............................................................................................................................... 191
Why Use SELinux ...................................................................................................................................... 192
Enabling and Disabling SELinux ............................................................................................................... 192
SELinux Policy .......................................................................................................................................... 193
Drilling Down on Context .......................................................................................................................... 194
Booleans ................................................................................................................................................... 196
Access Vectors ......................................................................................................................................... 199
Interactive Users ....................................................................................................................................... 200
Summary ....................................................................................................................................................... 201
■Chapter 10: Network Security ................................................................................ 203
The Firewall ................................................................................................................................................... 203
A Basic Firewall ........................................................................................................................................ 203
An Advanced Firewall ............................................................................................................................... 207
How netfilter Works ............................................................................................................................. 207
Viewing the Current Firewall ............................................................................................................... 209
Building netfilter Rules ........................................................................................................................ 211
Using CentOS as a Router ......................................................................................................................... 216
Using netfilter for IP Masquerading .......................................................................................................... 217
Handling Complex Protocols with netfilter ............................................................................................... 218
tcp_wrappers ................................................................................................................................................ 218
Centralized Logging ....................................................................................................................................... 222
Configuring the Server to Receive Logs ................................................................................................... 225
Configuring the Client to Send Logs ......................................................................................................... 225
Summary ....................................................................................................................................................... 226
■Chapter 11: Network Services ................................................................................ 227
OpenSSH........................................................................................................................................................ 227
The OpenSSH Configuration File.................................................................................................................... 227
Connecting to the OpenSSH Server .......................................................................................................... 228
Copying Files Securely with scp ............................................................................................................... 229
OpenSSH Keys .......................................................................................................................................... 229
OpenSSH Fingerprints .............................................................................................................................. 230
Getting the Fingerprint Value .................................................................................................................... 230
The known_hosts File ............................................................................................................................... 231
Making Your Own Keys ............................................................................................................................. 231
Download at WoweBook.Com
■ CONTENTS

x

The DHCP Server ........................................................................................................................................... 231
Setting Up the DHCP Server ...................................................................................................................... 232
The DHCP Configuration File ..................................................................................................................... 233
Assigning Fixed Addresses ....................................................................................................................... 234
Organizing with Groups ............................................................................................................................ 235
The NTP Server .............................................................................................................................................. 236
Client-Server Mode ................................................................................................................................... 238
Symmetric Active/Passive Mode .............................................................................................................. 238
Broadcast Mode ........................................................................................................................................ 239
ntpq .......................................................................................................................................................... 240
DNS ................................................................................................................................................................ 240
Name Servers and Zones .......................................................................................................................... 242
Name Resolution ...................................................................................................................................... 242
BIND Utilities ............................................................................................................................................. 243
rndc-confgen ....................................................................................................................................... 243
rndc ..................................................................................................................................................... 243
named .................................................................................................................................................. 243
BIND Configuration Files ........................................................................................................................... 243
The Contents of rndc.conf ........................................................................................................................ 245
The Contents of named.conf ..................................................................................................................... 246
Caching DNS ............................................................................................................................................. 246
The hints File ....................................................................................................................................... 246
dig ........................................................................................................................................................ 247
nslookup .............................................................................................................................................. 248
Configuring a Caching DNS ................................................................................................................. 248
Configuring a Forwarder ...................................................................................................................... 251
Configuring a Slave DNS ...................................................................................................................... 251
Configuring a Master DNS ................................................................................................................... 252
Reverse Lookup ................................................................................................................................... 255
The Squid Web Caching Server ..................................................................................................................... 256
Installing Squid ......................................................................................................................................... 256
The Squid Main Configuration File ............................................................................................................ 256
The visible_hostname directive ........................................................................................................... 256
The cache_dir directive ....................................................................................................................... 257
ACLs and ACL-operators ........................................................................................................................... 258
Adding ACLs and ACL-operators ............................................................................................................... 258
How ACL-operators Work ......................................................................................................................... 259
Talking to Squid Peers .............................................................................................................................. 259
More Squid ............................................................................................................................................... 260
Summary ....................................................................................................................................................... 260
■Chapter 12: Open Source Databases ...................................................................... 261
ACID ............................................................................................................................................................... 261
MySQL ........................................................................................................................................................... 262
Setting Up MySQL ..................................................................................................................................... 263
Download at WoweBook.Com
■ CONTENTS

xi

Running the MySQL Server ....................................................................................................................... 264
MySQL Users ............................................................................................................................................ 264
MySQL Monitor ......................................................................................................................................... 264
Securing the MySQL Root User ............................................................................................................ 265
Creating a Database ................................................................................................................................. 266
Removing a Database ............................................................................................................................... 267
Adding a User ........................................................................................................................................... 267
Removing a User ....................................................................................................................................... 267
Granting Privileges ................................................................................................................................... 268
Removing Privileges ................................................................................................................................. 269
Getting a List of Available Databases ....................................................................................................... 269
Creating Database Backups...................................................................................................................... 269
Restoring Databases Using Backups ........................................................................................................ 270
Restoring the toys Database ................................................................................................................ 271
Customizing the MySQL Server Configuration .......................................................................................... 271
PostgreSQL .................................................................................................................................................... 272
Setting up PostgreSQL .............................................................................................................................. 272
Starting PostgreSQL ................................................................................................................................. 273
PostgreSQL Interactive Terminal .............................................................................................................. 273
Using the Interactive Terminal ............................................................................................................. 273
PostgreSQL Roles ..................................................................................................................................... 274
Creating a Role ......................................................................................................................................... 274
Removing a User ....................................................................................................................................... 275
Creating a Database ................................................................................................................................. 275
Dropping a Database ................................................................................................................................ 275
PostgreSQL Privileges............................................................................................................................... 275
Granting Privileges to Objects .................................................................................................................. 276
Revoking Privileges on Objects ................................................................................................................ 276
Changing Role Attributes .......................................................................................................................... 277
Getting the List of Databases .................................................................................................................... 277
Creating Database Backups...................................................................................................................... 278
Restoring a Database ............................................................................................................................... 278
Configuring PostgreSQL ............................................................................................................................ 279
pg_hba.conf .............................................................................................................................................. 279
CRUD and Databases ..................................................................................................................................... 280
Creating .................................................................................................................................................... 281
Verifying the Newly Created Tables ..................................................................................................... 282
Viewing the Structures of the Tables .................................................................................................. 283
Adding Entries to the Table ................................................................................................................. 283
Reading ..................................................................................................................................................... 284
Updating ................................................................................................................................................... 285
Dropping Entries from a Table .................................................................................................................. 286
Summary ....................................................................................................................................................... 287
■Chapter 13: Linux Web Services ............................................................................. 289
Download at WoweBook.Com
■ CONTENTS

xii

The Role of a Web Server .............................................................................................................................. 289
Apache Web Server ....................................................................................................................................... 290
Setting Up Apache ......................................................................................................................................... 290
Testing Apache .............................................................................................................................................. 290
Apache Server Directories ............................................................................................................................. 291
The Apache Configuration File ....................................................................................................................... 293
Apache Configuration File Sections .......................................................................................................... 293
Commonly Used Directives ....................................................................................................................... 294
Section 1: Global Environment ............................................................................................................ 294
Section 2: Main Server Configuration .................................................................................................. 295
Distributed Configuration Files ...................................................................................................................... 297
DirectoryIndex ..................................................................................................................................... 298
Alias ..................................................................................................................................................... 298
ScriptAlias ........................................................................................................................................... 298
Creating Another Document and cgi-bin Directory ................................................................................... 299
Virtual Hosts .................................................................................................................................................. 302
IP-Based and Name-Based Virtual Hosting .............................................................................................. 303
The VirtualHost Directive ..................................................................................................................... 304
Configuring Name-Based Virtual Hosting ................................................................................................. 304
Adding PHP to Apache ................................................................................................................................... 308
Secure Apache with SSL ............................................................................................................................... 309
Securing with OpenSSL ............................................................................................................................ 310
Startup Without a Passphrase .................................................................................................................. 311
Summary ....................................................................................................................................................... 312
■Chapter 14: File Sharing Services .......................................................................... 313
Very Secure FTP Daemon .............................................................................................................................. 313
Configuring vsftpd .................................................................................................................................... 313
vsftpd.conf ........................................................................................................................................... 313
ftpusers ............................................................................................................................................... 314
user_list ............................................................................................................................................... 314
Testing vsftpd ........................................................................................................................................... 314
NFS ................................................................................................................................................................ 315
Configuring NFS ........................................................................................................................................ 316
Sharing a Directory Using NFS ................................................................................................................. 317
Sharing Directories Using NFS Daemons ............................................................................................ 318
Mounting a Shared Directory As the Client ............................................................................................... 318
Unmounting a Shared Directory as the Client ........................................................................................... 319
Using exportfs ........................................................................................................................................... 319
Mounting Shared Directories at Boot Time ............................................................................................... 320
Setting Up a Samba Server ........................................................................................................................... 321
Installing Samba ....................................................................................................................................... 322
Configuring Samba ................................................................................................................................... 322
lmhosts ................................................................................................................................................ 322
smbusers ............................................................................................................................................. 322
Download at WoweBook.Com
■ CONTENTS

xiii

smb.conf .............................................................................................................................................. 323
Configuring Stand-Alone Server Options .................................................................................................. 323
server string ........................................................................................................................................ 323
netbios name ....................................................................................................................................... 324
passdb backend .................................................................................................................................. 324
Adding a Samba User ............................................................................................................................... 324
Testing the Samba Stand-Alone Server .................................................................................................... 325
Adding Shares .......................................................................................................................................... 326
Sharing a Printer ....................................................................................................................................... 328
Preparing the Printer to Pass Print Data in Raw Form .............................................................................. 329
Configuring Samba to Share a Printer ...................................................................................................... 332
Installing the Samba Printer to the Windows Client ................................................................................. 333
Summary ....................................................................................................................................................... 334
■Chapter 15: Linux Mail Servers .............................................................................. 335
Basic Email Concepts .................................................................................................................................... 335
The Mail User Agent ................................................................................................................................. 336
Mail Transfer Agent .................................................................................................................................. 336
Mail Delivery Agent ................................................................................................................................... 337
POP3 and IMAP ......................................................................................................................................... 337
Sendmail ....................................................................................................................................................... 338
Sending Email with Sendmail ................................................................................................................... 339
Checking Mail with the mail Command .................................................................................................... 339
sendmail.mc ............................................................................................................................................. 342
sendmail.cf ............................................................................................................................................... 344
The Sendmail Administrative Configuration Files ..................................................................................... 345
local-host-names ................................................................................................................................ 345
aliases ................................................................................................................................................. 345
access ................................................................................................................................................. 346
The trusted-users File ......................................................................................................................... 348
The virtusertable File ........................................................................................................................... 348
mailertable .......................................................................................................................................... 349
Postfix ............................................................................................................................................................ 349
Installing Postfix ....................................................................................................................................... 350
Switching MTAs ........................................................................................................................................ 350
Sending Email with Postfix ....................................................................................................................... 351
The Postfix Main Configuration File .......................................................................................................... 351
Postfix Administrative Configuration Files ................................................................................................ 354
access ................................................................................................................................................. 354
aliases ................................................................................................................................................. 355
virtual .................................................................................................................................................. 356
transport .............................................................................................................................................. 356
generic ................................................................................................................................................. 356
canonical ............................................................................................................................................. 357
relocated .............................................................................................................................................. 357
Download at WoweBook.Com
■ CONTENTS

xiv

Mail Servers and DNS .................................................................................................................................... 358
Dovecot .......................................................................................................................................................... 359
Installing Dovecot ..................................................................................................................................... 359
The dovecot.conf Configuration File ......................................................................................................... 359
Configuration Options ............................................................................................................................... 360
protocols .............................................................................................................................................. 360
ssl_cert_file ......................................................................................................................................... 360
ssl_key_file ......................................................................................................................................... 360
ssl_key_password ............................................................................................................................... 361
mail_location ....................................................................................................................................... 361
Configuring Dovecot for Maildir ................................................................................................................ 361
Configuring an Email Client to Send and Receive Email Using IMAP ........................................................ 362
Checking the IMAP Maildir contents ......................................................................................................... 366
Receiving Email with POP3 ....................................................................................................................... 367
Checking the POP3 Maildir contents ........................................................................................................ 369
Dovecot and OpenSSL .............................................................................................................................. 370
Using Evolution with OpenSSL ............................................................................................................. 370
Troubleshooting Tactics ...................................................................................................................... 372
Summary ....................................................................................................................................................... 372
■Chapter 16: Directory Services ............................................................................... 373
The Need for Unified Authentication .............................................................................................................. 373
Network Information System ......................................................................................................................... 375
Setting up NIS ........................................................................................................................................... 375
The NIS Server ..................................................................................................................................... 375
Creating Your First Domain ....................................................................................................................... 376
ypserv.conf .......................................................................................................................................... 377
The NIS Client ...................................................................................................................................... 378
Binding to an NIS Domain .................................................................................................................... 379
yp.conf ................................................................................................................................................. 379
nsswitch.conf ...................................................................................................................................... 379
Testing the Setup ...................................................................................................................................... 380
Maps .................................................................................................................................................... 381
NIS Utilities ............................................................................................................................................... 382
ypwhich ............................................................................................................................................... 382
ypcat .................................................................................................................................................... 383
ypmatch ............................................................................................................................................... 383
yppasswd ............................................................................................................................................ 383
NIS with NFS ............................................................................................................................................. 384
Using NIS with NFS .............................................................................................................................. 384
OpenLDAP ...................................................................................................................................................... 385
Setting up OpenLDAP ................................................................................................................................ 385
slapd .................................................................................................................................................... 386
ldap.conf .............................................................................................................................................. 386
slapd.conf ............................................................................................................................................ 386
Download at WoweBook.Com
■ CONTENTS

xv

Modules .................................................................................................................................................... 387
Schemas ................................................................................................................................................... 388
Your First Database .................................................................................................................................. 390
Using the my-domain.com database ................................................................................................... 391
LDIF Format .............................................................................................................................................. 392
Starting OpenLDAP ................................................................................................................................... 393
Adding Entries with ldapadd ..................................................................................................................... 393
Searching Entries with ldapsearch ........................................................................................................... 396
Changing Entries with ldapmodify ............................................................................................................ 397
Removing Entries Using ldapdelete .......................................................................................................... 398
Creating a Backup .................................................................................................................................... 399
OpenLDAP and Samba .............................................................................................................................. 399
Installing Perl Modules ............................................................................................................................. 400
nss_ldap ................................................................................................................................................... 402
The nss_ldap Configuration File ............................................................................................................... 403
ldap.secret ................................................................................................................................................ 404
nsswitch.conf ........................................................................................................................................... 404
OpenLDAP ................................................................................................................................................. 405
OpenLDAP Client Configuration File .......................................................................................................... 405
Samba....................................................................................................................................................... 406
Smbldap-tools .......................................................................................................................................... 408
smbldap.conf ....................................................................................................................................... 408
smbldap_bind.conf .............................................................................................................................. 408
Installing and Configuring smbldap-tools ............................................................................................ 409
Joining the DCTOYS Domain Controller .................................................................................................... 411
Testing the Samba and OpenLDAP Setup ................................................................................................. 412
Troubleshooting Tactics ........................................................................................................................... 413
Pitfall #1: Cannot log into the domain controller ................................................................................. 413
Pitfall #2: Cannot start the Samba server properly because only the nmbd process is running ......... 413
Summary ....................................................................................................................................................... 413
■Chapter 17: The Linux Kernel ................................................................................. 415
History of the Linux Kernel ............................................................................................................................ 415
Types of Linux Kernels .................................................................................................................................. 415
Kernel Modules .............................................................................................................................................. 417
Loading Kernel Modules ................................................................................................................................ 418
insmod ...................................................................................................................................................... 418
modprobe ................................................................................................................................................. 418
modprobe.conf ......................................................................................................................................... 419
Unloading Kernel Modules ............................................................................................................................. 421
rmmod ...................................................................................................................................................... 421
modprobe ................................................................................................................................................. 422
blacklist .................................................................................................................................................... 422
When to Recompile the Kernel ...................................................................................................................... 422
Getting a New Linux Kernel ........................................................................................................................... 423
Download at WoweBook.Com
■ CONTENTS

xvi

Preparing to Configure the New Linux Kernel........................................................................................... 423
Ways to Configure the Kernel Sources .......................................................................................................... 424
Configuring the Kernel with the Command Line ....................................................................................... 424
Configuring the Kernel Graphically ........................................................................................................... 426
Configuring the Kernel with menuconfig .................................................................................................. 428
Preparing for Kernel Compilation .................................................................................................................. 430
Building the Kernel ........................................................................................................................................ 431
Building the Kernel Modules ......................................................................................................................... 432
Making the Boot Loader Initialized RAM Disk ................................................................................................ 432
Adding the New Kernel into the GRUB Boot Loader....................................................................................... 432
Your Turn ....................................................................................................................................................... 434
Summary ....................................................................................................................................................... 434
■Chapter 18: Linux Virtualization ............................................................................. 435
Understanding Virtualization ......................................................................................................................... 435
Deciding to Use Virtualization ................................................................................................................... 436
Xen ............................................................................................................................................................ 437
Exploring Virtualization Technologies ....................................................................................................... 437
Full Virtualization ................................................................................................................................. 437
Hardware-Assisted Virtualization ........................................................................................................ 437
Operating System Virtualization .......................................................................................................... 437
Paravirtualization ................................................................................................................................. 438
Hardware Requirements ........................................................................................................................... 439
Installing Xen ............................................................................................................................................ 440
The xend Daemon .......................................................................................................................................... 441
The xend Configuration Files .................................................................................................................... 441
xend-config.sxp ................................................................................................................................... 441
xend-pci-permissive.sxp and xend-pci-quirks.sxp ............................................................................. 442
qemu-ifup ............................................................................................................................................ 442
The xend Network Configuration Scripts Directory ....................................................................................... 443
Checking Dom-0 ............................................................................................................................................ 443
Making a Guest with virt-install .................................................................................................................... 444
Preparing the Installation Media ............................................................................................................... 446
Using the virt-install Command ................................................................................................................ 446
Understanding the Guest Configuration File .................................................................................................. 448
Xen Guest Example Configuration Files ......................................................................................................... 450
Connecting to a Guest ................................................................................................................................... 450
Using xm ................................................................................................................................................... 450
Using virt-viewer ...................................................................................................................................... 451
Using vncviewer ....................................................................................................................................... 452
Shutting Down a Guest .................................................................................................................................. 453
Starting a Guest ............................................................................................................................................. 453
Cloning a Guest ............................................................................................................................................. 453
Cleaning Up ................................................................................................................................................... 454
Summary ....................................................................................................................................................... 455
Download at WoweBook.Com
■ CONTENTS

xvii

■Chapter 19: Linux Troubleshooting ......................................................................... 457
The CentOS Rescue Environment .................................................................................................................. 457
Exploring the Rescue Environment ................................................................................................................ 460
Troubleshooting Checklist ............................................................................................................................. 461
Changed the Root Password ..................................................................................................................... 461
Bootloader Was Overwritten ..................................................................................................................... 462
You’re Experimenting with the Files in /etc .............................................................................................. 463
Skipping /mnt/sysimage ........................................................................................................................... 463
Finding the Affected System’s Root (/) Directory ................................................................................ 464
Mounting Logical Volumes ............................................................................................................................ 464
Mounting Logical Volumes .................................................................................................................. 465
Single-User Mode .......................................................................................................................................... 466
Booting into Single-User Mode ............................................................................................................ 466
My New Kernel Is Stuck! ............................................................................................................................... 467
Creating the Required Device Files ........................................................................................................... 468
Summary ....................................................................................................................................................... 469
■Index ....................................................................................................................... 471


Download at WoweBook.Com
■ CONTENTS

xviii

About the Authors
■Ryan Baclit started to use Linux during his college days at De La Salle
University. His natural interest in computer technology prompted him to study
the operating system and its tools. Knowing that he needed to learn more about
open source technology to advance in Linux and the proper use of open source
tools, he enrolled in Bluepoint Institute of Higher Technology’s Total Linux
course in 2005. After graduating, he eventually became an instructor T that
institute. As an instructor, he usually teaches open source programming tools like
Bash shell scripting and software analysis and design with UML. When not
playing with Linux, he studies manga illustration, reads manga, and collects
anime toys.


■Chivas Sicam works as an entrepreneur and IT consultant. Chivas takes pride in
being part of the DOST-ASTI (Department of Science and Technology Advanced
Science and Technology Institute) Bayanihan Linux project. His team has
advocated the use of open source software for the computing needs of government
agencies, schools, and small and medium-size enterprises in the Philippines. He
also scored 100% in his RHCE exam in March 2005. He enjoys technology, road
trips, and keeping up-to-date on news of the Utah Jazz.



■Peter Membrey lives in Hong Kong and is actively promoting open source in all
its various forms and guises, especially in education. He has had the honor of
working for Red Hat and received his first RHCE at the tender age of 17. He is now
a Chartered IT Professional and one of the world’s first professionally registered
ICT Technicians. Currently studying for a master’s degree in IT, he hopes to study