Linux Bible 9th Edition. Wiley

Christopher Negus

Ninth Ed

Published by
John Wiley & Sons, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256
www.wiley.com

e-books shop
Linux Bible 9th Edition


About the Author
Chris Negus is a Red Hat Certifi ed Instructor (RHCI), Red Hat Certifi ed Examiner (RHCX),
Red Hat Certifi ed Architect (RHCA), and Principal Technical Writer for Red Hat Inc. In more
than six years with Red Hat, Chris has taught hundreds of IT professionals aspiring to
become Red Hat Certifi ed Engineers (RHCE).

 In his current position at Red Hat, Chris produces articles for the Red Hat Customer Portal.
The projects he works on include Red Hat Enterprise Linux 7, Red Hat Enterprise OpenStack
Platform, Red Hat Enterprise Virtualization and Linux containers in Docker format.
Besides his RHCA certifi cation, Chris is a Red Hat Certifi ed Virtualization Administrator
(RHCVA) and Red Hat Certifi ed Datacenter Specialist (RHCDS). He also has certifi cates of
expertise in Deployment and Systems Management, Clustering and Storage Management,
Cloud Storage, and Server Hardening.

 Before joining Red Hat, Chris wrote or co-wrote dozens of books on Linux and UNIX, including
Red Hat Linux Bible (all editions), CentOS Bible, Fedora Bible, Linux Troubleshooting Bible,
Linux Toys and Linux Toys II. Chris also co-authored several books for the Linux Toolbox
series for power users: Fedora Linux Toolbox, SUSE Linux Toolbox, Ubuntu Linux Toolbox, Mac
OS X Toolbox, and BSD UNIX Toolbox.

 For eight years Chris worked with the organization at AT&T that developed UNIX before
moving to Utah to help contribute to Novell’s UnixWare project in the early 1990s. When
not writing about Linux, Chris enjoys playing soccer and just hanging out with his wife,
Sheree, and son, Seth.
About the Technical Editor
Richard Blum, LPIC-1, has worked in the IT industry for more than 20 years as both a
systems and network administrator and has published numerous Linux and open source
books. He has administered UNIX, Linux, Novell, and Microsoft servers, as well as helped
design and maintain a 3,500-user network utilizing Cisco switches and routers. He has used
Linux servers and shell scripts to perform automated network monitoring and has written
shell scripts in most of the common Linux shell environments. Rich is an online instructor
for an Introduction to Linux course that is used by colleges and universities across the
United States. When he isn’t being a computer nerd, Rich plays electric bass in a couple of
different church worship bands, and enjoys spending time with his wife, Barbara, and two
daughters, Katie Jane and Jessica.
Acknowledgments
Since I was hired by Red Hat Inc. more than six years ago, I have been exposed to
many of the best Linux developers, testers, support professionals and instructors in
the world. Since I can’t thank everyone individually, I instead salute the culture of
cooperation and excellence that serves to improve my own Linux skills every day.

I don’t speak well of Red Hat because I work there; I work at Red Hat because it lives up
to the ideals of open source software in ways that match my own beliefs. There are a few
people at Red Hat I would like to acknowledge particularly. Discussions with Victor Costea,
Andrew Blum, and other Red Hat instructors have helped me adapt my ways of thinking
about how people learn Linux. I’m able to work across a wide range of technologies because
of the great support I get from my supervisor, Adam Strong, and my senior manager, Sam
Knuth, who both point me toward cool projects but never hold me back.

In this edition, particular help came from Ryan Sawhill Aroha, who helped me simplify my
writing on encryption technology. For the new content I wrote in this book on Linux cloud
technologies, I’d like to thank members of OpenStack, Docker, and RHEV teams, who help
me learn cutting-edge cloud technology every day.

As for the people at Wiley, thanks for letting me continue to develop and improve this book
over the years. Marty Minner has helped keep me on task through a demanding schedule.
Mary Beth Wakefi eld and Ken Brown have been there to remind me at the times I forgot it
was a demanding schedule. Thanks to Richard Blum for his reliably thorough job of tech
editing. Thanks to Margot Maley Hutchison from Waterside Productions for contracting the
book for me with Wiley and always looking out for my best interests.

Finally, thanks to my wife, Sheree, for sharing her life with me and doing such a great job
raising Seth and Caleb.


Introduction

You can’t learn Linux without using it.
I’ve come to that conclusion over more than a decade of teaching people to learn Linux. You
can’t just read a book; you can’t just listen to a lecture. You need someone to guide you and
you need to jump in and do it.

In 1999, Wiley published my Red Hat Linux Bible. The book’s huge success gave me the opportunity to become a full-time, independent Linux author. For about a decade, I wrote dozens of Linux books and explored the best ways to explain Linux from the quiet of my small home office. In 2008, I hit the road. I was hired by Red Hat, Inc., as a full-time instructor, teaching Linux to professional system administrators seeking Red Hat Certifi ed Engineer (RHCE) certifi cation. In my three years as a Linux instructor, I honed my teaching skills in front of live people whose Linux experience ranged from none to experienced professional.

In the previous edition, I turned my teaching experience into text to take a reader from someone who has never used Linux to someone with the skills to become a Linux professional. In this edition, I set out to extend those skills into the cloud. The focus of this ninth edition of the Linux
Bible can be summed up in these ways:
■ Beginner to certified professional: As long as you have used a computer, mouse, and
keyboard, you can start with this book. I tell you how to get Linux, begin using it, step
through critical topics, and ultimately excel at administering and securing it.
■ System administrator–focused: When you are fi nished with this book, you will know how
to use Linux and how to modify and maintain it. All the topics needed to become a Red Hat
Certifi ed Engineer are covered in this book. That said, many software developers have also
used this book to understand how to work on a Linux system as a development platform or
target for their applications.
■ Emphasis on command-line tools: Although point-and-click interfaces for managing
Linux have improved greatly in recent years, many advanced features can only be utilized
by typing commands and editing confi guration fi les manually. I teach you how to become
profi cient with the Linux command-line shell and occasionally compare shell features with
graphical tools for accomplishing the same tasks.
■ Aimed at fewer Linux distributions: In previous editions, I described about 18 different
Linux distributions. With only a few notable exceptions, most popular Linux distributions
are either Red Hat–based (Red Hat Enterprise Linux, Fedora, CentOS, and so on) or Debianbased
(Ubuntu, Linux Mint, KNOPPIX, and so on). Although this book most thoroughly covers
Red Hat distributions, I have increased coverage of Ubuntu throughout in this edition
(because that’s what many of the biggest Linux fans start with).
■ Many, many demos and exercises: Instead of just telling you what Linux does, I
actually show you what it does. Then, to make sure you got it, you have the opportunity
to try exercises yourself. Every procedure and exercise has been tested to
work in Fedora or Red Hat Enterprise Linux. Most work in Ubuntu as well.
■ Lead into cloud technologies: Linux is at the heart of most technological advances
in cloud computing today. That means you need a solid understanding of Linux
to work effectively in tomorrow’s data centers. Learn Linux basics in the front of
this book. Then in the last few chapters, I demonstrate how you can try out Linux
systems as hypervisors, cloud controllers, and virtual machines, as well as manage
virtual networks and networked storage.

How This Book Is Organized
The book is organized to enable you to start off at the very beginning with Linux and grow
to become a professional Linux system administrator and power user.
Part I, “Getting Started,” includes two chapters designed to help you understand what
Linux is and get you started with a Linux desktop:
■ Chapter 1, “Starting with Linux,” covers topics such as what the Linux operating
system is, where it comes from, and how to get started using it.
■ Chapter 2, “Creating the Perfect Linux Desktop,” provides information on how you
can create a desktop system and use some of the most popular desktop features.
Part II, “Becoming a Linux Power User,” provides in-depth details on how to use the Linux
shell, work with fi lesystems, manipulate text fi les, 
manage processes, and use shell scripts:
■ Chapter 3, “Using the Shell,” includes information on how to access a shell, run
commands, recall commands (using history), and do tab completion. The chapter
also describes how to use variables, aliases, and man pages (traditional Linux command reference pages).
■ Chapter 4, “Moving around the Filesystem,” includes commands for listing, creating,
copying, and moving fi les and directories. More advanced topics in this chapter
include fi lesystem security, such as fi le ownership, permissions, and access control lists.
■ Chapter 5, “Working with Text Files,” includes everything from basic text editors to
tools for fi nding fi les and searching for text within fi les.
■ Chapter 6, “Managing Running Processes,” describes how to see what processes are
running on your system and change those processes. Ways of changing processes
include killing, pausing, and sending other types of signals.
■ Chapter 7, “Writing Simple Shell Scripts,” includes shell commands and functions
you can gather together into a fi le to run as a command itself.
In Part III, “Becoming a Linux System Administrator,” 
you learn how to administer Linux systems:
■ Chapter 8, “Learning System Administration,” provides information on basic
graphical tools, commands, and confi guration fi les for administering Linux systems.
■ Chapter 9, “Installing Linux,” covers common installation tasks, such as disk
partitioning and initial software package selection, as well as more advanced
installation tools, such as installing from kickstart fi les.
■ Chapter 10, “Getting and Managing Software,” provides an understanding
of how software packages work and how to get and manage software packages.
■ Chapter 11, “Managing User Accounts,” discusses tools for adding and deleting
users and groups, as well as how to centralize user account management.
■ Chapter 12, “Managing Disks and Filesystems,” provides information on adding
partitions, creating fi lesystems, and mounting fi lesystems, as well as working with
logical volume management.
In Part IV, “Becoming a Linux Server Administrator,” you learn to create powerful network
servers and the tools needed to manage them:
■ Chapter 13, “Understanding Server Administration,” covers remote logging,
monitoring tools, and the Linux boot process.
■ Chapter 14, “Administering Networking,” discusses how to confi gure networking.
■ Chapter 15, “Starting and Stopping Services,” provides information on starting and
stopping services.
■ Chapter 16, “Confi guring a Print Server,” describes how to confi gure printers to use
locally on your Linux system or over the network from other computers.
■ Chapter 17, “Confi guring a Web Server,” describes how to confi gure an Apache Web server.
■ Chapter 18, “Confi guring an FTP Server,” covers procedures for setting up a vsftpd FTP
server that can be used to enable others to download fi les from your Linux system over the network.
■ Chapter 19, “Confi guring a Windows File Sharing (Samba) Server,” covers Windows file server confi guration with Samba.
■ Chapter 20, “Confi guring an NFS File Server,” describes how to use
Network File System features to share folders of fi les among systems over a network.
■ Chapter 21, “Troubleshooting Linux,” covers popular tools for troubleshooting your Linux system.
In Part V, “Learning Linux Security Techniques,” 
you learn how to secure your Linux systems and services:
■ Chapter 22, “Understanding Basic Linux Security,” covers basic security concepts
and techniques.
■ Chapter 23, “Understanding Advanced Linux Security,” provides information on
using Pluggable Authentication Modules (PAM) and cryptology tools to tighten system security and authentication.
■ Chapter 24, “Enhancing Linux Security with SELinux,” shows you how to enable
Security Enhanced Linux (SELinux) to secure system services.
■ Chapter 25, “Securing Linux on the Network,” covers network security features,
such as firewalld and iptables fi rewalls, to secure system services.
Part VI, “Extending Linux into the Cloud,” 
takes you into cutting-edge cloud technologies:
■ Chapter 26, “Using Linux for Cloud Computing,” introduces concepts of cloud computing
in Linux by describing how to set up hypervisors, build virtual machines, and share resources across networks.
■ Chapter 27, “Deploying Linux to the Cloud,” describes how to deploy Linux images
to different cloud environments, including OpenStack, Amazon EC2, or a local Linux
system confi gured for virtualization.
Part VII contains two appendixes to help you get the most from your exploration of Linux.
Appendix A, “Media,” provides guidance on downloading Linux distributions. Appendix B,
Exercise Answers,” provides sample solutions to the exercises included in chapters 2 through 26.


Screenshot

e-books shop

Purchase Now !
Just with Paypal



Product details
 Price
 File Size
 27,487 KB
 Pages
  914 p
 File Type
  PDF format
 ISBN
 978-1-118-99987-5
 978-1-118-99989-9 (ebk)
 978-1-118-99988-2 (ebk)
 Copyright
 2015 by John Wiley & Sons, Inc 



Table of Contents
Acknowledgments . . . . . . . . . . . . . . . . . . xi
Introduction . . . . . . . .. . . . . . . . xxxiii
Part I: Getting Started
Chapter 1: Starting with Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Understanding What Linux Is ................................................................................ 4
Understanding How Linux Differs from Other Operating Systems .............................. 6
Exploring Linux History ........................................................................................ 6
Free-fl owing UNIX culture at Bell Labs ........................................................... 7
Commercialized UNIX ................................................................................... 9
Berkeley Software Distribution arrives .................................................. 9
UNIX Laboratory and commercialization .............................................. 10
GNU transitions UNIX to freedom .................................................................11
BSD loses some steam ................................................................................. 13
Linus builds the missing piece .................................................................... 13
OSI open source defi nition .......................................................................... 14
Understanding How Linux Distributions Emerged .................................................. 16
Choosing a Red Hat distribution .................................................................. 17
Using Red Hat Enterprise Linux .......................................................... 17
Using Fedora...................................................................................... 18
Choosing Ubuntu or another Debian distribution .......................................... 19
Finding Professional Opportunities with Linux Today ............................................ 20
Understanding how companies make money with Linux ................................ 21
Becoming Red Hat certifi ed ......................................................................... 22
RHCSA topics ..................................................................................... 23
RHCE topics ....................................................................................... 24
Summary ............................................................................................................ 26
Chapter 2: Creating the Perfect Linux Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Understanding Linux Desktop Technology ............................................................ 30
Starting with the Fedora GNOME Desktop
Live image ..................................................................................................... 32
Using the GNOME 3 Desktop ................................................................................. 33
After the computer boots up ....................................................................... 33
Navigating with the mouse ................................................................. 34
Navigating with the keyboard ............................................................. 38
Setting up the GNOME 3 desktop ...................................................................41
Extending the GNOME 3 desktop .................................................................. 42
Using GNOME shell extensions ............................................................. 42
Using the GNOME Tweak Tool ............................................................... 44
Starting with desktop applications .............................................................. 45
Managing fi les and folders with Nautilus ............................................. 45
Installing and managing additional software ....................................... 46
Playing music with Rhythmbox .......................................................... 48
Stopping the GNOME 3 desktop .................................................................... 49
Using the GNOME 2 Desktop ................................................................................. 49
Using the Metacity window manager ............................................................ 50
Changing GNOME’s appearance ..................................................................... 52
Using the GNOME panels .............................................................................. 53
Using the Applications and System menus ........................................... 54
Adding an applet ............................................................................... 54
Adding another panel ........................................................................ 55
Adding an application launcher .......................................................... 55
Adding a drawer ................................................................................ 56
Changing panel properties .................................................................. 57
Adding 3D effects with AIGLX ..................................................................... 58
Summary ............................................................................................................ 60
Exercises .............................................................................................................61
Part II: Becoming a Linux Power User
Chapter 3: Using the Shell . . . . . . . . . . . . . . . . . . . . . . . . . . 65
About Shells and Terminal Windows ..................................................................... 66
Using the shell prompt ................................................................................ 67
Using a terminal window ............................................................................ 68
Using virtual consoles ................................................................................ 69
Choosing Your Shell ............................................................................................. 69
Running Commands ............................................................................................ 70
Understanding command syntax .................................................................. 71
Locating commands .....................................................................................74
Recalling Commands Using Command History.........................................................76
Command-line editing ................................................................................ 77
Command-line completion ........................................................................... 79
Command-line recall ................................................................................... 80
Connecting and Expanding Commands .................................................................. 82
Piping between commands .......................................................................... 82
Sequential commands ................................................................................. 83
Background commands ............................................................................... 83
Expanding commands ................................................................................. 84
Expanding arithmetic expressions ............................................................... 84
Expanding variables ................................................................................... 85
Using Shell Variables ........................................................................................... 85
Creating and using aliases ........................................................................... 87
Exiting the shell ......................................................................................... 88
Creating Your Shell Environment .......................................................................... 88
Confi guring your shell ................................................................................ 88
Setting your prompt ................................................................................... 89
Adding environment variables ..................................................................... 91
Getting Information about Commands .................................................................. 92
Summary ............................................................................................................ 94
Exercises ............................................................................................................ 95
Chapter 4: Moving around the Filesystem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Using Basic Filesystem Commands .......................................................................100
Using Metacharacters and Operators ....................................................................102
Using fi le-matching metacharacters ............................................................102
Using fi le-redirection metacharacters .........................................................103
Using brace expansion characters ...............................................................105
Listing Files and Directories ...............................................................................105
Understanding File Permissions and Ownership ....................................................109
Changing permissions with chmod (numbers) .............................................. 111
Changing permissions with chmod (letters) ................................................. 111
Setting default fi le permission with umask .................................................112
Changing fi le ownership.............................................................................113
Moving, Copying, and Removing Files ..................................................................114
Summary ...........................................................................................................115
Exercises ...........................................................................................................115
Chapter 5: Working with Text Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Editing Files with vim and vi ..............................................................................117
Starting with vi ........................................................................................119
Adding text ......................................................................................119
Moving around in the text .................................................................120
Deleting, copying, and changing text .................................................121
Pasting (putting) text .......................................................................122
Repeating commands ........................................................................122
Exiting vi .........................................................................................122
Skipping around in the fi le ........................................................................123
Searching for text .....................................................................................124
Using ex mode ...........................................................................................124
Learning more about vi and vim .................................................................124
Finding Files......................................................................................................125
Using locate to fi nd fi les by name ...............................................................125
Searching for fi les with fi nd .......................................................................127
Finding fi les by name ........................................................................127
Finding fi les by size ..........................................................................128
Finding fi les by user..........................................................................128
Finding fi les by permission ................................................................129
Finding fi les by date and time ...........................................................130
Using ‘not’ and ‘or’ when fi nding fi les .................................................131
Finding fi les and executing commands ...............................................131
Searching in fi les with grep........................................................................132
Summary ...........................................................................................................134
Exercises ...........................................................................................................134
Chapter 6: Managing Running Processes . . . . . . . . . . . . . . . . . . . . . 137
Understanding Processes ....................................................................................137
Listing Processes ...............................................................................................138
Listing processes with ps ...........................................................................138
Listing and changing processes with top .....................................................140
Listing processes with System Monitor ........................................................142
Managing Background and Foreground Processes ..................................................144
Starting background processes ...................................................................144
Using foreground and background commands ..............................................145
Killing and Renicing Processes ............................................................................146
Killing processes with kill and killall ..........................................................146
Using kill to signal processes by PID ...................................................147
Using killall to signal processes by name ............................................148
Setting processor priority with nice and renice ...........................................148
Limiting Processes with cgroups..........................................................................149
Summary ...........................................................................................................151
Exercises ...........................................................................................................151
Chapter 7: Writing Simple Shell Scripts . . . . . . . . .  . . . . . . . . . . . . . . . . . . . 153
Understanding Shell Scripts ................................................................................153
Executing and debugging shell scripts ........................................................154
Understanding shell variables ....................................................................154
Special shell positional parameters .....................................................156
Reading in parameters ......................................................................157
Parameter expansion in bash .............................................................157
Performing arithmetic in shell scripts .........................................................158
Using programming constructs in shell scripts.............................................159
The “if…then” statements .................................................................159
The case command ............................................................................162
The “for…do” loop ............................................................................163
The “while…do” and “until…do” loops ...............................................164
Trying some useful text manipulation programs ..........................................164
The general regular expression parser .................................................165
Remove sections of lines of text (cut) .................................................165
Translate or delete characters (tr) ......................................................165
The stream editor (sed) .....................................................................166
Using simple shell scripts ...........................................................................167
Telephone list ...................................................................................167
Backup script ...................................................................................168
Summary ...........................................................................................................168
Exercises ...........................................................................................................169
Part III: Becoming a Linux System Administrator
Chapter 8: Learning System Administration . . . . . . . . . . . . . . . . . . . . . . . 173
Understanding System Administration ................................................................173
Using Graphical Administration Tools ..................................................................175
Using system-confi g-* tools ........................................................................175
Using browser-based admin tools ................................................................177
Using the root user account ................................................................................177
Becoming root from the shell (su command) ................................................178
Allowing administrative access via the GUI .................................................180
Gaining administrative access with sudo .....................................................180
Exploring Administrative Commands, Confi guration Files, and Log Files ................182
Administrative commands .........................................................................182
Administrative confi guration fi les ..............................................................183
Administrative log fi les and systemd journal ...............................................188
Using journalctl to view the systemd journal ......................................188
Managing log messages with rsyslogd .................................................189
Using Other Administrative Accounts ..................................................................189
Checking and Confi guring Hardware ....................................................................190
Checking your hardware ............................................................................191
Managing removable hardware ...................................................................194
Working with loadable modules ..................................................................197
Listing loaded modules ......................................................................197
Loading modules ...............................................................................198
Removing modules ............................................................................198
Summary ...........................................................................................................199
Exercises ...........................................................................................................199
Chapter 9: Installing Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Choosing a Computer ..........................................................................................202
Installing Fedora from Live media .......................................................................203
Installing Red Hat Enterprise Linux from
Installation Media .........................................................................................208
Understanding Cloud-Based Installations .............................................................211
Installing Linux in the Enterprise .......................................................................211
Exploring Common Installation Topics .................................................................213
Upgrading or installing from scratch ...........................................................213
Dual booting .............................................................................................214
Installing Linux to run virtually ................................................................216
Using installation boot options ..................................................................216
Boot options for disabling features ....................................................217
Boot options for video problems .........................................................217
Boot options for special installation types ..........................................218
Boot options for kickstarts and remote repositories .............................218
Miscellaneous boot options ................................................................219
Using specialized storage ...........................................................................219
Partitioning hard drives ............................................................................220
Understanding different partition types .............................................221
Reasons for different partitioning schemes .........................................222
Tips for creating partitions ................................................................222
Using the GRUB boot loader ........................................................................224
Using GRUB Legacy (version 1) ...........................................................225
Using GRUB 2 ...................................................................................229
Summary ...........................................................................................................231
Exercises ...........................................................................................................231
Chapter 10: Getting and Managing Software . . .. . . . . . . . . . . . . . . . . . 233
Managing Software on the Desktop .....................................................................233
Going Beyond the Software Window ....................................................................235
Understanding Linux RPM and DEB Software Packaging ........................................236
Understanding DEB packaging ....................................................................237
Understanding RPM packaging ...................................................................238
What is in an RPM? ...........................................................................238
Where do RPMs come from? ................................................................239
Installing RPMs ................................................................................239
Managing RPM Packages with YUM ......................................................................240
Understanding how yum works ...................................................................241
1. Checking /etc/yum.conf ................................................................242
2. Checking /etc/sysconfi g/rhn/up2date (RHEL only) ..........................242
3. Checking /etc/yum.repos.d/*.repo fi les ...........................................243
4. Downloading RPM packages and metadata from a YUM repository .....243
5. RPM packages installed to Linux fi le system ....................................244
6. Store YUM repository metadata to local RPM database ......................244
Using YUM with third-party software repositories........................................244
Managing software with the YUM command ................................................245
Searching for packages ......................................................................246
Installing and removing packages ......................................................247
Updating packages ............................................................................249
Updating groups of packages .............................................................250
Maintaining your RPM package database and cache .............................251
Downloading RPMs from a yum repository ..........................................252
Installing, Querying, and Verifying Software
with the rpm Command ..................................................................................252
Installing and removing packages with rpm ................................................253
Querying rpm information .........................................................................254
Verifying RPM packages .............................................................................255
Managing Software in the Enterprise ...................................................................256
Summary ...........................................................................................................257
Exercises ...........................................................................................................258
Chapter 11: Managing User Accounts . . . . . .. . . . . . . . . . . . . . . . . . . . 259
Creating User Accounts .......................................................................................259
Adding users with useradd .........................................................................262
Setting user defaults .................................................................................265
Modifying users with usermod ...................................................................266
Deleting users with userdel ........................................................................268
Understanding Group Accounts ...........................................................................268
Using group accounts .................................................................................269
Creating group accounts .............................................................................270
Managing Users in the Enterprise ........................................................................270
Setting permissions with Access Control Lists .............................................271
Setting ACLs with setfacl ..................................................................272
Setting default ACLs .........................................................................273
Enabling ACLs...................................................................................274
Adding directories for users to collaborate ..................................................276
Creating group collaboration directories (set GID bit) ...........................276
Creating restricted deletion directories (sticky bit) .............................278
Centralizing User Accounts .................................................................................278
Using the Users window .............................................................................279
Using the Authentication Confi guration window ..........................................279
Summary ...........................................................................................................281
Exercises ...........................................................................................................281
Chapter 12: Managing Disks and Filesystems . . . . . . . . . . . . . . . . . . . . . . . . 283
Understanding Disk Storage ................................................................................283
Partitioning Hard Disks ......................................................................................285
Understanding partition tables ...................................................................286
Viewing disk partitions ..............................................................................286
Creating a single-partition disk ..................................................................288
Creating a multiple-partition disk ...............................................................292
Using Logical Volume Management Partitions .......................................................295
Checking an existing LVM ..........................................................................296
Creating LVM logical volumes .....................................................................299
Growing LVM logical volumes ......................................................................300
Mounting Filesystems .........................................................................................301
Supported fi lesystems ................................................................................301
Enabling swap areas ..................................................................................303
Disabling a swap area ................................................................................304
Using the fstab fi le to defi ne mountable fi le systems ....................................305
Using the mount command to mount fi le systems ........................................307
Mounting a disk image in loopback .............................................................308
Using the umount command .......................................................................309
Using the mkfs Command to Create a Filesystem ..................................................310
Summary ...........................................................................................................311
Exercises ...........................................................................................................311
Part IV: Becoming a Linux Server Administrator
CHAPTER 13: Understanding Server Administration . . . . . . . . . . . . . . . . 315
Starting with Server Administration ...................................................................316
Step 1: Install the server ............................................................................316
Step 2: Confi gure the server .......................................................................318
Using confi guration fi les ...................................................................318
Checking the default confi guration ....................................................319
Step 3: Start the server ..............................................................................319
Step 4: Secure the server............................................................................321
Password protection ..........................................................................321
Firewalls ..........................................................................................321
TCP Wrappers ....................................................................................322
SELinux ...........................................................................................322
Security settings in confi guration fi les ...............................................322
Step 5: Monitor the server ..........................................................................322
Confi gure logging..............................................................................322
Run system activity reports ...............................................................323
Keep system software up to date ........................................................323
Check the fi lesystem for signs of crackers ...........................................323
Managing Remote Access with the Secure Shell Service ........................................323
Starting the openssh-server service ............................................................324
Using SSH client tools ................................................................................326
Using ssh for remote login .................................................................326
Using ssh for remote execution ..........................................................328
Copying fi les between systems with scp and rsync ..............................329
Interactive copying with sftp ............................................................332
Using key-based (passwordless) authentication ............................................332
Confi guring System Logging ...............................................................................334
Enabling system logging with rsyslog .........................................................334
Understanding the rsyslog.conf fi le ....................................................335
Understanding the messages log fi le ...................................................337
Setting up and using a loghost with rsyslogd ......................................337
Watching logs with logwatch ......................................................................339
Checking System Resources with sar ....................................................................340
Checking System Space.......................................................................................341
Displaying system space with df .................................................................342
Checking disk usage with du ......................................................................342
Finding disk consumption with fi nd ...........................................................343
Managing Servers in the Enterprise .....................................................................344
Summary ...........................................................................................................344
Exercises ...........................................................................................................345
Chapter 14: Administering Networking . . . . . .. . . . . . . . . . . . . . . . . 347
Confi guring Networking for Desktops...................................................................348
Checking your network interfaces ...............................................................350
Checking your network from NetworkManager ....................................350
Checking your network from the command line ..................................352
Confi guring network interfaces ..................................................................355
Setting IP addresses manually ...........................................................355
Setting IP address aliases ..................................................................356
Setting routes ..................................................................................357
Confi guring a network proxy connection .....................................................358
Confi guring Networking from the Command Line ..................................................360
Editing a connection .................................................................................360
Understanding networking confi guration fi les .............................................362
Network interface fi les ......................................................................363
Other networking fi les.......................................................................365
Setting alias network interfaces .................................................................367
Setting up Ethernet channel bonding .........................................................368
Setting custom routes ................................................................................370
Confi guring Networking in the Enterprise ............................................................371
Confi guring Linux as a router .....................................................................371
Confi guring Linux as a DHCP server ............................................................372
Confi guring Linux as a DNS server ..............................................................372
Confi guring Linux as a proxy server ............................................................373
Summary ........................................................................................................... 374
Exercises ........................................................................................................... 374
Chapter 15: Starting and Stopping Services . . .. . . . . . . . . . . . . . . . . . . . . 377
Understanding the Initialization Daemon (init or systemd) ...................................378
Understanding the classic init daemons ......................................................380
Understanding the Upstart init daemon ......................................................386
Learning Upstart init daemon basics ..................................................386
Learning Upstart’s backward compatibility to SysVinit ........................388
Understanding systemd initialization .........................................................392
Learning systemd basics ....................................................................392
Learning systemd’s backward compatibility to SysVinit........................397
Checking the Status of Services ..........................................................................399
Checking services for SysVinit systems .......................................................400
Checking services for Upstart systems ........................................................401
Checking services for systemd systems .......................................................402
Stopping and Starting Services ...........................................................................403
Stopping and starting SysVinit services ......................................................403
Stopping and starting Upstart services .......................................................405
Stopping and starting systemd services ......................................................406
Stopping a service with systemd ........................................................406
Starting a service with systemd .........................................................406
Restarting a service with systemd ......................................................407
Reloading a service with systemd .......................................................407
Enabling Persistent Services ...............................................................................408
Confi guring persistent services for SysVinit .................................................408
Confi guring persistent services for Upstart ..................................................409
Confi guring persistent services for systemd .................................................410
Enabling a service with systemd ........................................................410
Disabling a service with systemd ....................................................... 411
Confi guring a Default Runlevel or Target Unit ......................................................412
Confi guring the SysVinit default runlevel ....................................................412
Confi guring the default runlevel in Upstart .................................................413
Confi guring the default target unit for systemd ...........................................413
Adding New or Customized Services .....................................................................414
Adding new services to SysVinit .................................................................414
Step 1: Create a new or customized service script fi le ..........................415
Step 2: Add the service script to /etc/rc.d/init.d .................................416
Step 3: Add the service to runlevel directories .................................... 417
Adding new services to Upstart .................................................................. 417
Adding new services to systemd .................................................................419
Step 1: Create a new or customized service confi guration unit fi le ........419
Step 2: Move the service confi guration unit fi le ..................................420
Step 3: Add the service to the Wants directory ....................................420
Summary ...........................................................................................................422
Exercises ...........................................................................................................422
Chapter 16: Confi guring a Print Server . . . . . . . . . . . . . . . . . . . . . . . . . 423
Common UNIX Printing System ...........................................................................423
Setting Up Printers ............................................................................................425
Adding a printer automatically ...................................................................425
Using web-based CUPS administration ........................................................426
Using the Print Settings window ................................................................428
Confi guring local printers with the Print Settings window ...................429
Confi guring remote printers ...............................................................432
Adding a remote CUPS printer ............................................................433
Adding a remote UNIX (LDP/LPR) printer ............................................433
Adding a Windows (SMB) printer ........................................................434
Working with CUPS Printing ...............................................................................435
Confi guring the CUPS server (cupsd.conf) ....................................................436
Starting the CUPS server ............................................................................437
Confi guring CUPS printer options manually .................................................438
Using Printing Commands ...................................................................................439
Printing with lpr .......................................................................................440
Listing status with lpc ...............................................................................440
Removing print jobs with lprm ...................................................................441
Confi guring Print Servers ...................................................................................441
Confi guring a shared CUPS printer ..............................................................442
Confi guring a shared Samba printer ............................................................443
Understanding smb.conf for printing ................................................. 444
Setting up SMB clients ......................................................................445
Summary ...........................................................................................................446
Exercises ...........................................................................................................446
Chapter 17: Confi guring a Web Server . . . . . . . . . . . . . . . . . . . . . . . 449
Understanding the Apache Web Server .................................................................449
Getting and Installing Your Web Server ...............................................................450
Understanding the httpd package ...............................................................450
Installing Apache ......................................................................................453
Starting Apache .................................................................................................454
Securing Apache .......................................................................................455
Apache fi le permissions and ownership ...............................................455
Apache and iptables ..........................................................................455
Apache and SELinux ..........................................................................456
Understanding the Apache confi guration fi les .............................................457
Using directives ................................................................................457
Understanding default settings ..........................................................460
Adding a virtual host to Apache .................................................................462
Allowing users to publish their own web content .........................................464
Securing your web traffi c with SSL/TLS ......................................................465
Understanding how SSL is confi gured .................................................467
Generating an SSL key and self-signed certifi cate ................................469
Generating a certifi cate signing request .............................................470
Troubleshooting Your Web Server ........................................................................471
Checking for confi guration errors ...............................................................472
Accessing forbidden and server internal errors ............................................ 474
Summary ...........................................................................................................475
Exercises ...........................................................................................................475
Chapter 18: Confi guring an FTP Server . . . . . . . . .  . . . . . . . . . . . . 477
Understanding FTP .............................................................................................477
Installing the vsftpd FTP Server ..........................................................................479
Starting the vsftpd Service.................................................................................480
Securing Your FTP Server ....................................................................................483
Opening up your fi rewall for FTP .................................................................483
Allowing FTP access in TCP wrappers ...........................................................486
Confi guring SELinux for your FTP server .....................................................486
Relating Linux fi le permissions to vsftpd ....................................................488
Confi guring Your FTP Server ...............................................................................488
Setting up user access ...............................................................................488
Allowing uploading ...................................................................................489
Setting up vsftpd for the Internet ..............................................................491
Using FTP Clients to Connect to Your Server .........................................................492
Accessing an FTP server from Firefox ..........................................................493
Accessing an FTP server with the lftp command ..........................................493
Using the gFTP client .................................................................................495
Summary ...........................................................................................................496
Exercises ...........................................................................................................497
Chapter 19: Confi guring a Windows File Sharing (Samba) Server . .. . . . . . . 499
Understanding Samba ........................................................................................499
Installing Samba ................................................................................................500
Starting and Stopping Samba ..............................................................................502
Starting the Samba (smb) service ...............................................................503
Starting the NetBIOS (nmbd) name server ...................................................505
Stopping the Samba (smb) and NetBIOS (nmb) services .................................506
Securing Samba .................................................................................................506
Confi guring fi rewalls for Samba ..................................................................507
Confi guring SELinux for Samba ...................................................................508
Setting SELinux Booleans for Samba...................................................508
Setting SELinux fi le contexts for Samba .............................................510
Confi guring Samba host/user permissions ...................................................510
Confi guring Samba ............................................................................................. 511
Using system-confi g-samba ........................................................................ 511
Choosing Samba server settings ......................................................... 511
Confi guring Samba user accounts .......................................................512
Creating a Samba shared folder ..........................................................513
Checking the Samba share .................................................................514
Confi guring Samba in the smb.conf fi le .......................................................516
Confi guring the [global] section .........................................................516
Confi guring the [homes] section ........................................................518
Confi guring the [printers] section ......................................................519
Creating custom shared directories ....................................................519
Accessing Samba Shares .....................................................................................521
Accessing Samba shares in Linux ................................................................522
Accessing Samba shares in Windows ...........................................................524
Using Samba in the Enterprise ............................................................................525
Summary ...........................................................................................................525
Exercises ...........................................................................................................526
Chapter 20: Confi guring an NFS File Server . . . . . . . . . . . . . . . . 527
Installing an NFS Server .....................................................................................529
Starting the NFS service .....................................................................................530
Sharing NFS Filesystems .....................................................................................531
Confi guring the /etc/exports fi le ................................................................532
Hostnames in /etc/exports ................................................................533
Access options in /etc/exports ...........................................................534
User mapping options in /etc/exports ................................................534
Exporting the shared fi lesystems ................................................................535
Securing Your NFS Server ...................................................................................536
Opening up your fi rewall for NFS ................................................................537
Allowing NFS access in TCP wrappers ...........................................................539
Confi guring SELinux for your NFS server .....................................................539
Using NFS Filesystems ........................................................................................540
Viewing NFS shares ....................................................................................540
Manually mounting an NFS fi lesystem .........................................................541
Mounting an NFS fi lesystem at boot time ....................................................542
Mounting noauto fi lesystems .............................................................543
Using mount options .........................................................................543
Using autofs to mount NFS fi lesystems on demand .......................................545
Automounting to the /net directory ...................................................546
Automounting home directories .........................................................547
Unmounting NFS fi lesystems ...............................................................................549
Summary ...........................................................................................................549
Exercises ...........................................................................................................550
Chapter 21: Troubleshooting Linux . . . . . . . . . . . . . . . . . . . . . . . . . . 551
Boot-Up Troubleshooting ....................................................................................551
Understanding Startup Methods .................................................................552
Starting with System V init scripts ....................................................552
Starting with systemd .......................................................................553
Starting with Upstart ........................................................................554
Starting from the fi rmware (BIOS or UEFI) ..................................................554
Troubleshooting BIOS setup ...............................................................555
Troubleshooting boot order ................................................................556
Troubleshooting the GRUB boot loader ........................................................557
Starting the kernel ....................................................................................559
Troubleshooting the initialization system .........................................560
Troubleshooting System V initialization .............................................560
Troubleshooting rc.sysinit .................................................................561
Troubleshooting runlevel processes ....................................................562
Troubleshooting systemd initialization ..............................................566
Troubleshooting Software Packages .....................................................................568
Fixing RPM databases and cache .................................................................572
Troubleshooting Networking ...............................................................................573
Troubleshooting outgoing connections ........................................................573
View network interfaces .................................................................... 574
Check physical connections ............................................................... 574
Check routes .....................................................................................575
Check hostname resolution ................................................................576
Troubleshooting incoming connections .......................................................577
Check if the client can reach your system at all...................................577
Check if the service is available to the client ......................................578
Check the fi rewall on the server .........................................................578
Check the service on the server .........................................................579
Troubleshooting Memory ....................................................................................580
Uncovering memory issues .........................................................................581
Checking for memory problems ..........................................................583
Dealing with memory problems ..........................................................584
Troubleshooting in Rescue Mode .........................................................................585
Summary ...........................................................................................................587
Exercises ...........................................................................................................587
Part V: Learning Linux Security Techniques
Chapter 22: Understanding Basic Linux Security . . . . .  . . . . . . . . . . . 591
Understanding Security Basics ............................................................................591
Implementing physical security ..................................................................591
Implementing disaster recovery..................................................................592
Securing user accounts ..............................................................................593
One user per user account ..................................................................593
Limit access to the root user account .................................................594
Setting expiration dates on temporary accounts .................................594
Removing unused user accounts.........................................................595
Securing passwords ...................................................................................596
Choosing good passwords...................................................................597
Setting and changing passwords ........................................................598
Enforcing best password practices ......................................................599
Understanding the password fi les and password hashes .......................601
Securing the fi lesystem .............................................................................603
Managing dangerous fi lesystem permissions .......................................603
Securing the password fi les ...............................................................604
Locking down the fi lesystem .............................................................606
Managing software and services .................................................................607
Updating software packages ..............................................................607
Keeping up with security advisories ...................................................607
Advanced implementation ..........................................................................608
Monitoring Your Systems ....................................................................................608
Monitoring log fi les ...................................................................................608
Monitoring user accounts ...........................................................................612
Detecting counterfeit new accounts and privileges ..............................612
Detecting bad account passwords .......................................................614
Monitoring the fi lesystem ..........................................................................615
Verifying software packages ..............................................................615
Scanning the fi lesystem ....................................................................616
Detecting viruses and rootkits ...........................................................618
Auditing and Reviewing Linux ............................................................................622
Conducting compliance reviews ..................................................................623
Conducting security reviews ......................................................................623
Summary ...........................................................................................................624
Exercises ...........................................................................................................624
Chapter 23: Understanding Advanced Linux Security . . . . . . . . . . . . . 627
Implementing Linux Security with Cryptography .................................................627
Understanding hashing ..............................................................................628
Understanding encryption/decryption ........................................................630
Understanding cryptographic ciphers .................................................630
Understanding cryptographic cipher keys ...........................................631
Understanding digital signatures .......................................................637
Implementing Linux cryptography ..............................................................639
Ensuring fi le integrity .......................................................................639
Encrypting a Linux fi lesystem ...........................................................640
Encrypting a Linux directory .............................................................642
Encrypting a Linux fi le......................................................................645
Encrypting Linux with miscellaneous tools .........................................645
Using Encryption from the Desktop ....................................................646
Implementing Linux Security with PAM ...............................................................648
Understanding the PAM authentication process ...........................................649
Understanding PAM contexts .............................................................650
Understanding PAM control fl ags ........................................................651
Understanding PAM modules ..............................................................652
Understanding PAM system event confi guration fi les ...........................653
Administering PAM on your Linux system ...................................................654
Managing PAM-aware application confi guration fi les ...........................654
Managing PAM system event confi guration fi les ..................................655
Implementing resources limits with PAM ............................................657
Implementing time restrictions with PAM ...........................................658
Enforcing good passwords with PAM ...................................................660
Encouraging sudo use with PAM .........................................................664
Locking accounts with PAM ...............................................................665
Obtaining more information on PAM ...........................................................667
Summary ...........................................................................................................668
Exercises ...........................................................................................................668
Chapter 24: Enhancing Linux Security with SELinux . . .  . . . . . . . . . . . . . . 669
Understanding SELinux Benefi ts .........................................................................669
Understanding How SELinux Works .....................................................................671
Understanding type enforcement ................................................................671
Understanding multi-level security .............................................................672
Implementing SELinux security models .......................................................673
Understanding SELinux operational modes .........................................673
Understanding SELinux security contexts ...........................................674
Understanding SELinux policy types ..................................................677
Understanding SELinux policy rule packages ......................................678
Confi guring SELinux ..........................................................................................679
Setting the SELinux mode ..........................................................................680
Setting the SELinux policy type .................................................................682
Managing SELinux security contexts ...........................................................683
Managing the user security context ...................................................684
Managing the fi le security context .....................................................684
Managing the process security context ...............................................685
Managing SELinux policy rule packages ......................................................686
Managing SELinux via booleans ..................................................................688
Monitoring and Troubleshooting SELinux .............................................................689
Understanding SELinux logging ..................................................................689
Reviewing SELinux messages in the audit log......................................690
Reviewing SELinux messages in the messages log ................................690
Troubleshooting SELinux logging ................................................................691
Troubleshooting common SELinux problems ................................................692
Using a nonstandard directory for a service ........................................692
Using a nonstandard port for a service ...............................................693
Moving fi les and losing security context labels ...................................693
Booleans set incorrectly ....................................................................694
Putting It All Together .......................................................................................694
Obtaining More Information on SELinux ..............................................................695
Summary ...........................................................................................................695
Exercises ...........................................................................................................696
Chapter 25: Securing Linux on a Network . . . . . . . . . . . . . . . . . . . . 699
Auditing Network Services ..................................................................................699
Evaluating access to network services with nmap ........................................701
Using nmap to audit your network services advertisements ..........................704
Controlling access to network services ........................................................708
Working with Firewalls .......................................................................................710
Understanding fi rewalls .............................................................................710
Implementing fi rewalls ..............................................................................711
Starting with fi rewalld ......................................................................712
Understanding the iptables utility .....................................................713
Using the iptables utility...................................................................716
Summary ...........................................................................................................724
Exercises ...........................................................................................................724
Part VI: Extending Linux into the Cloud
Chapter 26: Using Linux for Cloud Computing . . . . . . . . . .  . . . . . . . . . . 729
Overview of Linux and Cloud Computing ..............................................................729
Cloud hypervisors (a.k.a. compute nodes) ....................................................730
Cloud controllers .......................................................................................730
Cloud storage ............................................................................................731
Cloud authentication .................................................................................731
Cloud deployment and confi guration ...........................................................732
Cloud platforms .........................................................................................732
Trying Basic Cloud Technology ............................................................................732
Setting Up a Small Cloud ....................................................................................734
Confi guring hypervisors .............................................................................735
Step 1: Get Linux software ................................................................735
Step 2: Check your computers ............................................................735
Step 3: Install Linux on hypervisors ...................................................736
Step 4: Start services on the hypervisors ............................................737
Step 5: Edit /etc/hosts or set up DNS ..................................................738
Confi guring storage ...................................................................................738
Step 1: Install Linux software ............................................................738
Step 2: Confi gure NFS share ...............................................................739
Step 3: Start the NFS service ..............................................................739
Step 4: Mount the NFS share on the hypervisors ..................................740
Creating virtual machines ..........................................................................740
Step 1: Get images to make virtual machines ...................................... 741
Step 2: Check the network bridge ....................................................... 741
Step 3: Start Virtual Machine Manager (virt-manager) ......................... 741
Step 4: Check connection details ........................................................742
Step 5: Create a new virtual machine .................................................743
Managing virtual machines ........................................................................744
Migrating virtual machines ........................................................................745
Step 1: Identify other hypervisors......................................................745
Step 2: Migrate running VM to another hypervisor ..............................746
Summary ........................................................................................................... 747
Exercises ........................................................................................................... 747
Chapter 27: Deploying Linux to the Cloud. . . . . . .. . . . . . . . . . . . . . . . . 749
Getting Linux to Run in a Cloud .......................................................................... 749
Creating Linux Images for Clouds ........................................................................751
Confi guring and running a cloud-init cloud instance ....................................751
Investigating the cloud instance ................................................................753
Cloning the cloud instance .........................................................................754
Trying an Ubuntu cloud image ...................................................................756
Expanding your cloud-init confi guration .....................................................757
Adding ssh keys with cloud-init .........................................................757
Adding network interfaces with cloud-init ..........................................758
Adding software with cloud-init ........................................................758
Using cloud-init in enterprise computing ....................................................759
Using OpenStack to Deploy Cloud Images .............................................................760
Starting from the OpenStack Dashboard ...................................................... 761
Confi guring your OpenStack virtual network ...................................... 761
Confi guring keys for remote access .....................................................763
Launching a virtual machine in OpenStack .........................................764
Accessing the virtual machine via ssh ................................................765
Using Amazon EC2 to Deploy Cloud Images ...........................................................765
Summary ...........................................................................................................766
Part VII: Appendixes
Appendix A: Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771
Appendix B: Exercise Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839
  ●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●

═════ ═════

Tags:
Previous Post Next Post