Escolar Documentos
Profissional Documentos
Cultura Documentos
1. Linux Introduction
Linux is a modern, flexible, and mature operating system. Although it started life on the Intel platform, it has since
been ported to many other platforms such as Amiga, DEC Alpha, Apple Power PC, Sun workstations, and others.
Linux boasts many other features:
Multitasking - Linux is a true preemptive multitasking operating system. All processes run independently of
each other and leave processor management to the kernel.
Networking - Linux supports a multitude of networking protocols.
Interoperability - Linux can interoperate with Windows 9x/NT/NT 2000, Novell, Mac, and most other versions
of UNIX.
Multi-user - Linux can handle multiple users simultaneously logged on to one machine.
Advanced memory management Traditional UNIX systems used swapping to manage memory, where the entire
memory structure of a program was written to disk when the system began running low on memory. Linux uses
paging, a method that intelligently allocates memory, when system memory is running low, by prioritizing memory
tasks. Linux currently supports up to 64GB of RAM.
POSIX support POSIX defines a minimum interface for UNIX-type operating systems. Linux currently supports
POSIX 1003.1. This ensures that POSIX-compliant UNIX programs will port easily to Linux.
Multiple file systems Linux must be installed on Extended 2 Linux-formatted partitions, but if certain other OS file
systems already exist on the same host, Linux will support several of these file system formats as well, including
DOS/Windows, OS/2, and Novell. This is just another interoperability feature provided by Linux.
1.1.1. History
Although Linux came into being in 1991, it can trace its lineage back much further. In 1969, a Bell Labs
programmer named Ken Thompson invented the UNIX operating system. Around the same time, another
programmer, Dennis Ritchie, was working on a new computer language called C. By 1974, the two had rewritten
UNIX in the C language, and ported it to several different machines. It is this combination of UNIX and C that
Linux owes much of its heritage to.
UNIX and C are at the heart of Linux and the Open Source movement. While languages such as Purl, Python,
Java, and others make the headlines today, far more lines of open source code have been written than any other
single language.
Though many of these programs have been ported to other operating systems, such as Windows NT, UNIX and
UNIX-like operating systems have benefited from Open Source software the most.
Linux
In 1991, a student at Helsinki University in Finland posted this message to the Usenet group comp.os.minix:
From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds)
Newsgroups: comp.os.minix
Subject: Gcc-1.40 and a posix-question
Message-ID: <1991Jul3.100050.9886@klaava.Helsinki.FI>
Date: 3 Jul 91 10:00:50 GMT
Hello netlanders,
Due to a project I'm working on (in minix), I'm interested in the posix
standard definition. Could somebody please point me to a (preferably)
machine-readable format of the latest posix rules? Ftp-sites would be
nice.
It was followed up a few months later with this post:
Recall that Linux is the operating system kernel. That is, Linux is the very heart of the operating system. However,
like all operating systems, to be useful, Linux has to have utilities and programs to do the actual work. This is
where distributions come in.
All of the Linux distributions run the Linux kernel. But after that, the distributions vary from each other to some
degree. For example, the Slackware distribution looks and feels much like Berkeley UNIX, whereas the SuSE
distribution is much more System V'ish. Red Hat Linux tends to fall somewhere in between but is leaning toward
System V more and more with each new release.
Protocol Description
TCP/IP This is the protocol used by the Internet, and on most local networks
IP Version 6 This is the protocol that will eventually replace IP version 4 on the Internet.
AppleTalk The protocol used for Apple computers to communicate with each other.
Acorn Econet/AUN An older protocol, used by Acorn computers to access file and print servers.
IPX The Novell networking protocol, used to access Novell file and print servers.
Red Hat Enterprise Linux is the corporate Linux standard, already at work running some of the world’s largest
commercial, government, and academic institutions. For any deployment—from the desktop to the datacenter—
Red Hat Enterprise Linux delivers unmatched performance and cost savings, and the freedom of open source
technology. Following is a figure describes RedHat’s Network:
Server Solutions:
Red Hat Enterprise Linux AS (Advanced Server):
Red Hat Enterprise Linux AS is the top-of-the-line server operating system solution. Supporting the largest
servers, it is the ultimate solution for large departmental and datacenter server deployments.
Red Hat Enterprise Linux ES (Enterprise Server):
Red Hat Enterprise Linux ES is the perfect server operating system solution for the majority of today's business
computing needs – suitable for systems ranging from the edge-of-network to medium-scale departmental
deployments.
Client Solutions:
Red Hat Enterprise Linux WS (Work Station) and Desktop:
Red Hat Enterprise Linux WS is the desktop/client partner for Enterprise Linux AS and Enterprise Linux ES. Red
Hat Enterprise Linux WS is ideal for all desktop deployments, including office productivity applications, S/W
development environments, and targeted ISV client applications. When configured as a headless workstation,
Enterprise Linux WS is also ideally suited for use as a compute node in a High Performance Computing (HPC)
environment.
Red Hat Enterprise Linux products are based on the same core kernel, libraries, and utilities, and also share the
same major package sets. However, because Red Hat Enterprise Linux WS and Red Hat Desktop are not
designed for use in server environments, there are some differences between family members in terms of their
server package sets.
Recommended Red Hat Enterprise Red Hat Enterprise Red Hat Enterprise Red Hat Desktop
Itanium2 * Memory: 512MB 96GB 96Gb applies to HP Integrity systems. Maxmimum memory
for Intel Tiger-based systems is 32GB
CPUs: 1 8 Red Hat Enterprise Linux WS for Itanium supports up to 2
CPUs per system
AMD64 Memory: 512MB 16GB
CPUs: 1 4 Red Hat Enterprise Linux WS for AMD64 supports up to 2
CPUs per system
File system size 800MB 1TB Quoted minimum is for a custom installation. Sparse files
can be up to 4TB
At any time during the development process, there are three branches in the main directory tree - "stable",
"testing" and "unstable", the last of which is often referred to as "sid". When a new version of a package appears,
it is placed in the unstable branch for first testing. If it passes, the package moves to the testing branch, which
undergoes rigorous testing lasting many months. This branch is only declared stable after a very thorough testing.
As a result of this, the distribution is possibly the most stable and reliable, albeit not the most up-to-date, suitable
for deployment on servers.
Debian's other main claim to fame is the reputation for being hard to install, unless the user has intimate
knowledge about the computer's hardware. Compensating this failing is "apt-get", a convenient installer for
Debian packages. Many Debian users joke that their installer is so bad, because they only need it once - as soon
as Debian is up and running, all future updates of any scale can be accomplished via the apt-get utility. Take it
from a person who has tried many distributions - once you have experienced the dependency headaches while
installing software on any RPM-based distribution, you will stare in absolute disbelief at the painless and
convenient process of installing and upgrading your Debian packages. You might even think that you have just
entered paradise...
Criterion Reason
Organization structure / Funding in the Open Source world is especially difficult following 'dot-com'
description of company collapse. Many mergers, some distributions and companies have closed. Mergers,
structure etc. Any recent or while possibly helping the market in the long-run, could give
intended major changes.
Ease of installation The installation process is the first thing the end-user will normally see. The feel of
process, is it graphically this process gives a good clue to what the distribution things of their target market.
based? Some are graphical and need only a few mouse clicks, some require the skills of a
system administrator.
Is the entire distribution If parts are non-open source, few developers outside the company itself (if
itself open source? corporate) would be willing to fix / enhance. For totally open source distributions,
there will always be a migration path – if the company producing a excellent
product goes under, someone else will take up that product.
Any insistence of 'per seat' Per seat licensing means that the vendor of the distribution tries to insist on a
licensing? payment for every seat using that distribution (similar to the current Microsoft
licensing model).
Target market of distribution Different distributions have widely differing target markets – the Linux world is
extremely diverse.
Support for adding bug Users need the ability to upgrade for security fixes and new hardware. Whether
fixes and extra hardware this is free, and how easy to do, varies widely.
support.
License fee. If a license fee is required or recommended for the distribution, what is the fee,
and what are the benefits.
Caldera/SCO Relatively large public US based company, involved in Linux as well as other non-
Linux software. Some changes in that they are merging some development to
become part of UnitedLinux. May 2003 update : Caldera/SCO now neither
distribute nor support Linux
Conclusion
The Linux world has surprising variety. There are distributions made to look like Windows, distributions that only a
system administrator could install, and everything in between. There are business models everywhere between
‘it’s all free, please donated' And that's just the top 6 distributions. Take a look at www.distrowatch.com,
check out some of the smaller distributions, and you'll find an even more diverse world.
3. Linux Installation
3.1 Hardware Requirements
The following information represents the minimum hardware requirements necessary to successfully install Red
Hat Linux 9:
- Minimum: Pentium-class
- Recommended for text-mode: 200 MHz Pentium-class or better
- Recommended for graphical: 400 MHz Pentium II or better
Hard Disk Space (NOTE: Additional space will be required for user data):
Personal Desktop
A personal desktop installation, including a graphical desktop environment, requires at least 1.7GB of free space.
Choosing both the GNOME and KDE desktop environments requires at least 1.8GB of free disk space.
Workstation
A workstation installation, including a graphical desktop environment and software development tools, requires at
least 2.1GB of free space. Choosing both the GNOME and KDE desktop environments requires at least 2.2GB of
free disk space.
Server
A server installation requires 850MB for a minimal installation without X (the graphical environment), at least
1.5GB of free space if all package groups other than X are installed, and at least 5.0GB to install all packages
including the GNOME and KDE desktop environments.
Custom
A Custom installation requires 475MB for a minimal installation and at least 5.0GB of free space if every package
is selected.
Memory: -
Minimum for text-mode: 64MB
Minimum for graphical: 128MB
Recommended for graphical: 192MB
Note that the compatibility/availability of other hardware components (such as video and network cards) may be
required for specific installation modes and/or post-installation usage. For more information about hardware
compatibility, see the Red Hat Linux Hardware Compatibility List at http://hardware.redhat.com/hcl/
Before you begin a Red Hat Linux installation, you need to know what the purpose of the machine will be. Will it
be a development workstation? An FTP? A Web server? Or will it be a database server? Each of these examples
requires a different configuration.
Red Hat Linux comes conveniently bundled with an array of pre-configured software packages. Most likely, you
will not need to install all of these packages, and for security reasons (or office policy) it is a good idea not to.
Your boss might not appreciate the office network being used to serve personal Web pages from each
employee's installation of an Apache Web server. Also, every computer on your network doesn't need to run the
innd network news service.
Limit the packages you install to only the ones you need. If other packages are required later, they can be
installed easily enough with the rpm tool.
BIOS Limits
Be aware that some computers, built before 1998, may have a BIOS (Basic Input/Output System) that, at bootup
(under DOS), limits access to hard disks beyond their 1024 cylinder. A common effect of this problem is your
computer's inability to see any partitions past the first 512MB of disk space at boot time. If this limitation affects
your computer, do not place any bootable partitions after this barrier or the BIOS will not be able to access them
and your Linux operating system will not be able to load.
Also in the images/ directory is the boot.iso file. This file is an ISO image that can be used to boot the Red Hat
Linux installation program. It is a handy way to start network-based installations without having to use multiple
diskettes. To use boot.iso, your computer must be able to boot from its CD-ROM drive, and its BIOS settings must
be configured to do so. You must then burn boot.iso onto a recordable/rewriteable CD-ROM.
The rescue mode environment (accessed by booting with the "linux rescue" boot-time command) has been
enhanced. Numerous requested utilities have been added, and there is now support for activating network
interfaces. Commands needed for SCSI tape support are also available. Please test this environment and send
us your feedback.
The Red Hat Linux installation program now detects existing Red Hat products on your system, and will prompt
you to select the product you would like to upgrade. You will also have the option of performing a complete re-
installation of the system instead of upgrading. Please report any problems you may experience with this new
feature.
If the contents of your /etc/redhat-release file have been changed from the default, your Red Hat Linux
installation may not be found when attempting an upgrade to Red Hat Linux 9.
You can relax some of the checks against this file by entering the following at the boot: prompt:
boot: linux upgradeany
Use the upgradeany option only if your existing Red Hat Linux installation was not detected.
isolinux is now used for booting the Red Hat Linux installation CD. If you have problems booting from the CD, you
can write the images/bootdisk.img image to a diskette
During a graphical installation, you can now press SHIFT-Print Screen and a screenshot of the current installation
screen will be taken. These are stored in the following directory:
/root/anaconda-screenshots/
The screenshots can be accessed once the newly-installed system is rebooted.
The parted disk partition manipulation program has been upgraded to version 1.6.
Users of Red Hat Linux 6.2 that want to upgrade their system to Red Hat Linux 9 must first have all errata
updates applied before starting the upgrade process. The most straightforward way to accomplish this is to use
Red Hat Network. A Red Hat Linux 6.2 system that is not completely up-to-date will not upgrade successfully to
Red Hat Linux 9.
Text mode installations using a serial terminal work best when the terminal supports UTF-8. Under UNIX and
Linux, Kermit supports UTF-8. For Windows, Kermit '95 works well. Non-UTF-8 capable terminals will work as
long as only English is used during installation. An enhanced serial display can be used by passing "utf8" as a
boot-time option to the installation program. For example:
boot:linux console=ttyS0 utf8
4. Boot Loaders
Before Red Hat Linux can run, it must be loaded into memory by a special program called a boot loader. A
boot loader usually exists on the system's primary hard drive (or other media device) and has the sole
responsibility of loading the Linux kernel with its required files or (in some cases) other operating systems into
memory.
GRUB
GNU Grand Unified Boot loader or GRUB is a program which enables the user to select which installed
operating system or kernel to load at system boot time. It also allows the user to pass arguments to the kernel.
from a command line. While some command features are available with LILO and other x86 boot loaders, GRUB
is more feature rich.
Important: GRUB supports Logical Block Addressing (LBA) mode. LBA places the addressing
conversion used to find files in the hard drive's firmware, and is used on many IDE and all SCSI hard devices.
Before LBA, boot loaders could encounter the 1024-cylinder BIOS limitation, where the BIOS could not find a file
after that cylinder head of the disk. LBA support allows GRUB to boot operating systems from partitions beyond
the 1024-cylinder limit, so long as the system BIOS supports LBA mode. Most modern BIOS revisions support
LBA mode.
GRUB can read ext2 partitions. This functionality allows GRUB to access its configuration file,
/boot/grub/grub.conf, every time the system boots, eliminating the need for the user to write a new version of the
first stage boot loader to MBR when configuration changes are made. The only time a user would need to reinstall
GRUB on the MBR is if the physical location of the /boot partition is moved on the disk.
Installing GRUB
If GRUB was not installed during the Red Hat Linux installation process it can be installed afterward. Once
installed, it automatically becomes the default boot loader. Before installing GRUB, make sure to use the latest
GRUB package available or use the GRUB package from the Red Hat Linux installation CD-ROMs. For
instructions on installing packages, see the chapter titled Package Management with RPM in the Red Hat
Linux Customization Guide.
Once the GRUB package is installed, open a root shell prompt and run the command /sbin/grubinstall <
location>, where < location> is the location that the GRUB Stage 1 boot loader should be installed.
The following command installs GRUB to the MBR of the master IDE device on the primary IDE
bus: /sbin/grub-install /dev/had The next time the system boots, the GRUB graphical boot loader menu
will appear before the kernel loads into memory.
GRUB Terminology
One of the most important things to understand before using GRUB is how the program refers to devices, such as
hard drives and partitions. This information is particularly important when configuring GRUB to boot multiple
operating systems.
Device Names
Suppose a system has more than one hard drive. The first hard drive of the system is called (hd0) by GRUB. The
first partition on that drive is called (hd0,0), and the fifth partition on the second hard drive is called (hd1,4). In
general, the naming convention for file systems when using GRUB breaks down in this way:
(<type-of-device><bios-device-number>, <partition-number>)
The parentheses and comma are very important to the device naming conventions. The
<type-of-device> refers to whether a hard disk (hd) or floppy disk (fd) is being specified.
The <bios-device-number> is the number of the device according to the system's BIOS, starting
with 0. The primary IDE hard drive is numbered 0, while the secondary IDE hard drive is numbered 1. The
ordering is roughly equivalent to the way the Linux kernel arranges the devices by letters, where the a in hda
relates to 0, the b in hdb relates to 1, and so on.
Note: GRUB's numbering system for devices starts with 0, not 1. Failing to make this distinction is one of the
most common mistakes made by new GRUB users.
The <partition-number> relates to the number of a specific partition on a disk device. Like the
<bios-device-number>, the partition numbering starts at 0. While most partitions are specified
by numbers, if a system uses BSD partitions, they are signified by letters, such as a or c.
GRUB uses the following rules when naming devices and partitions:
It does not matter if system hard drives are IDE or SCSI. All hard drives start with hd. Floppy disks start with fd.
To specify an entire device without respect to its partitions, leave off the comma and the partition number. This is
important when telling GRUB to configure the MBR for a particular disk. For example, (hd0) specifies the MBR on
the first device and (hd3) specifies the MBR on the fourth device.
If a system has multiple drive devices, it is very important to know the drive boot order set in the BIOS. This is
rather simple to do if a system has only IDE or SCSI drives, but if there is a mix of devices, it can become
confusing.
The following shows the chainloader command with a similar blocklist designation at the GRUB command line
after setting the correct device and partition as root:
chainloader +1
GRUB Interfaces
GRUB features three interfaces, which provide different levels of functionality. Each of these interfaces allows
users to boot the Linux kernel or other operating systems.
The interfaces are as follows:
Menu Interface
www.wilshiresoft.com Wilshire Software Technologies Rev Dt: 15-Oct-08
info@wilshiresfot.com Ph: 2761-2214 / 6677-2214 / 6452-6173 Ver: 1
Linux Administration - Boot Loaders Page 19 of 167
If GRUB was automatically configured by the Red Hat Linux installation program, this is the interface shown by
default. A menu of operating systems or kernels preconfigured with their own boot commands are displayed as a
list, ordered by name. Use the arrow keys to select an option other than the default selection and press the [Enter]
key to boot it. Alternatively, a timeout period is set, so that GRUB will start loading the default option. Press the [e]
key to enter the entry editor interface or the [c] key to load a command line interface.
<stage-1> - Signifies a device, partition, and file where the first boot loader image can be found, such as
(hd0,0)/grub/stage1.
<install-disk> - Specifies the disk where the stage 1 boot loader should be installed, such as (hd0).
<stage-2> -Passes to the stage 1 boot loader the location of the stage 2 boot loader is located, such as
(hd0,0)/grub/stage2.
p <config-file> - This option tells the install command to look for the menu configuration file specified by
<config-file>. An example of a valid path to the configuration file is
(hd0,0)/grub/grub.conf.
Warning: The install command will overwrite any other information in the MBR. If executed, any information
(other than GRUB information) that is used to boot other operating systems, will be lost.
kernel <kernel-file-name> <option-1> <option-N> - Specifies the kernel file to load from GRUB's
root file system when using direct loading to boot the operating system. Options can follow the kernel command
and will be passed to the kernel when it is loaded.
For Red Hat Linux, an example kernel command looks like the following:
kernel /vmlinuz root=/dev/hda5
This line specifies that the vmlinuz file is loaded from GRUB's root file system, such as (hd0,0). An option is also
passed to the kernel specifying that when loading the root file system for the Linux kernel, it should be on hda5,
the fifth partition on the first IDE hard drive. Multiple options may be placed after this option, if needed.
root <device-and-partition> - Configures GRUB's root partition to be a specific device and partition,
such as (hd0,0), and mounts the partition so that files can be read.
rootnoverify <device-and-partition> - Performs the same functions as the root command but does
not mount the partition.
Commands other than these are available. Type info grub for a full list of commands.
splashimage - Specifies the location of the splash screen image to be used when GRUB boots.
title - Sets a title to be used with a particular group of commands used to load an operating system. The
hash mark (#) character can be used at the beginning of a line to place comments in the menu configuration file.
This file tells GRUB to build a menu with Red Hat Linux as the default operating system and sets it to autoboot
after 10 seconds. Two sections are given, one for each operating system entry, with commands specific to the
system disk partition table.
Note: The default is specified as a number. This refers to the first title line GRUB comes across. If you want
windows to be the default, change the default=0 to default=1.
4.2 LILO
LILO is an acronym for the LInux LOader and has been used to boot Linux on x86 systems for many years.
Although GRUB is now the default boot loader, some users prefer to use LILO because it is more familiar to them
and others use it out of necessity, since GRUB may have trouble booting some hardware.
The arrow keys allow a user to highlight the desired operating system and the [Enter] key begins the boot
process. To access a boot: prompt, press [Ctrl]-[X].
timeout=50 - Sets the amount of time that LILO will wait for user input before proceeding with booting the
default line entry. This is measured in tenths of a second, with 50 as the default.
message=/boot/message - Refers to the screen that LILO displays to let you select the operating system or
kernel to boot.
lba32 - Describes the hard disk geometry to LILO. Another common entry here is linear. You should not change
this line unless you are very aware of what you are doing. Otherwise, you could put your system in an unbootable
state.
default=linux - Refers to the default operating system for LILO to boot as seen in the options listed below
this line. The name linux refers to the label line below in each of the boot options.
image=/boot/vmlinuz-2.4.0-0.43.6 - Specifies which Linux kernel to boot with this particular boot option.
label=linux - Names the operating system option in the LILO screen. In this case, it is also the name referred
to by the default line.
initrd=/boot/initrd-2.4.0-0.43.6.img - Refers to the initial ram disk image that is used at boot time to
actually initialize and start the devices that makes booting the kernel possible. The initial ram disk is a collection of
machine-specific drivers necessary to operate a SCSI card, hard drive, or any other device needed to load the
kernel. You should never try to share initial ram disks between machines.
read-only - Specifies that the root partition (see the root line below) is read-only and cannot be altered during
the boot process.
root=/dev/hda5 - Specifies which disk partition to use as the root partition.
other=/dev/hda1- Specifies the partition containing DOS.
0 /etc/rc.d/rc0.d Halt
1 /etc/rc.d/rc0.d Single-user mode
2 /etc/rc.d/rc0.d Not used (user-definable)
3 /etc/rc.d/rc0.d Full multi-user mode (No GUI)
4 /etc/rc.d/rc0.d Not used (user-definable)
5 /etc/rc.d/rc0.d Full multi-user mode (With GUI)
6 Reboot
The Kernel
When the kernel is loaded, it immediately initializes and configures the computer's memory and configures the
various hardware attached to the system, including all processors, I/O subsystems, and storage devices. It then
looks for the compressed initrd image in a predetermined location in memory, decompresses it, mounts it, and
loads all necessary drivers. Next, it initializes virtual devices related to the file system, such as LVM or software
RAID before unmounting the initrd disk image and freeing up all the memory the disk image once occupied.
The kernel then creates a root device, mounts the root partition read-only, and frees any unused memory. At this
point, the kernel is loaded into memory and operational. However, since there are no user applications that allow
meaningful input to the system, not much can be done with it. In order to set up the user environment, the kernel
executes the /sbin/init program.
1. Checks for a /etc/sysconfig/network script. If it is there, the system runs it. Otherwise, it turns networking off
and sets your hostname to “localhost.”
2. Executes /etc/rc.d/init.d/functions. This file sets up some basic functions that the rest of the scripts use.
(Example: The boot daemon failure/success messages.)
3. Sets the loglevel.
4. Loads the keymap. If you have specified a default keyman file in /etc/sysconfig/console/default.kmap it will use
that, otherwise it will use /etc/sysconfig/keyboard.
5. Loads the system fonts.
6. Activates all swap partitions specified in the /etc/fstab file.
7. Sets up your hostname and your NIS domain name.
8. Runs fsck to check your filesystem if necessary. If fsck fails, it will drop you to a shell and unmount the drives
so you can work on repairing them.
9. Sets up ISA Plug-and-Play devices.
10. Remounts the root files system as read-write.
11. Checks quotas on the root partition.
All modules will now be loaded. Note that the sound and midi modules will be loaded if there is an alias listed as
sound or midi in the /etc/modules.conf. If your system requires a different module, you may need to edit the
/etc/modules.conf file.
12. Checks for a /etc/raidtab file and loads all raid devices.
13. Checks your file systems with fsck again.
14. Mounts the rest of the file systems listed in the fstab.
15. Turns quota support on if /sbin/quotaon exists and is executable.
16. Sets the system clock. It will run /etc/sysconfig/clock if it exists.
17. Initializes swap space.
18. Initializes serial ports.
19. Loads SCSI tape module if a SCSI tape was detected.
20. Reads the /etc/sysconfig/desktop file for a preferred X11 Display Manager and sets a link file as
/etc/X11/prefdm.
21. Finally it dumps the kernel ring buffer (Boot messages) to /var/log/dmesg.
Important Files:
/var/log/boot.log
/var/log/messages
/var/log/dmesg
Chkconfig Examples
You can use chkconfig to change runlevels for particular packages. Here we see Sendmail will start with a regular
startup at runlevel 3 or 5. Let's change it so that Sendmail doesn't startup at boot.
Use Chkconfig To Get A Listing Of Sendmail's Current Startup Options
[root@skynet tmp]# chkconfig --list | grep mail
sendmail 0:off 1:off 2:off 3:on 4:off 5:on 6:off
[root@skynet tmp]#
Note: We can also use the command line tool “setup” to control the services at boot time and GUI tool redhat-
config-services.
filesystems are placed in an error state. When the computer comes back up, the user is confronted with some
mildly confusing, and very intimidating, messages and choices.
Journalized filesystems are made to eliminate such error messages. The Ext3 filesystem is an Ext2 filesystem
with a journal file and some filesystem driver additions making the filesystem journalized.
tune2fs -j command, which is the primary command for converting from Ext2 to Ext3, is safe to run even on
writeable mounted partitions. However, when possible, I run the command on unmounted or read-only mounted
partitions. It might be superstitious, but I feel that is playing it safe. Nevertheless, when confronted with situations
making unmounting difficult, I run the command on writeable mounted partitions.
Note: From RedHat Linux 7.2 onwards Ext3 is used as the default File system.
/dev/hda 1 1
/dev/hdb 1 2
/dev/hdc 2 1
/dev/hdd 2 2
A typical PC has two IDE controllers, each of which can have two drives connected to it. For example, /dev/hda is
the first drive (master) on the first IDE controller and /dev/hdd is the second (slave) drive on the second controller
(the fourth IDE drive in the computer).
SCSI drives follow a similar pattern; they are represented by 'sd' instead of 'hd'. The first partition of the second
SCSI drive would therefore be /dev/sdb1. In the table above, the drive number is arbitraily chosen to be 6 to
introduce the idea that SCSI ID numbers do not map onto device names under linux.
3. The fdisk "m" command will give you a print a small help manual of valid commands. You will see that "n" is the
command to add a new partition. We'll add a new primary partition, number "1" and use the defaults to make the
partition occupy the entire disk.
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-9729, default 1):<RETURN>
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-9729, default 9729):
4. The print command will now show that you have successfully created the partition.
Command (m for help): p
Disk /dev/hdb: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders
www.wilshiresoft.com Wilshire Software Technologies Rev Dt: 15-Oct-08
info@wilshiresfot.com Ph: 2761-2214 / 6677-2214 / 6452-6173 Ver: 1
Linux Administration - File System Page 32 of 167
5. Changes won't be made to the disk's partition table until you use the "w" command to "write", or save the
changes. When finished, the "q" command will allow you to exit.
Command (m for help): w
Command (m for help): q
Add the entirs /etc/fstab file so that swap gets enabled each time we booting the systemcontains the entries:
# device directory type options fsck options
/dev/hda3 none swap sw 0 0
/swap swap swap defaults 0 0
Large packages that encompass many different sub-packages, each of which accomplish a particular task, also
go within the /opt/ directory, giving that large package a standardized way to organize itself. In this way, our
sample package may have different tools that each go in their own subdirectories, such as
/opt/sample/tool1/ and /opt/sample/tool2/, each of which can have their own bin/, man/, and other
similar directories.
System log files such as messages/ and lastlog/ go in the /var/log/ directory. The /var/lib/rpm/
directory also contains the RPM system databases. Lock files go in the /var/lock/ directory, usually in
directories particular for the program using the file. The /var/spool/ directory has subdirectories for various
systems that need to store data files.
|- named
|- netdump
|- network
|- ntpd
|- pcmcia
|- radvd
|- rawdevices
|- redhat-config-securitylevel
|- redhat-config-users
|- redhat-logviewer
|- samba
|- sendmail
|- soundcard
|- spamassassin
|- squid
|- tux
|- ups
|- vncservers
|- xinetd
Note: If some of the files listed are not present in the /etc/sysconfig/ directory, then the corresponding
program may not be installed.
8.1 GNOME
Fedora Linux is the only distribution here to include the latest 2.6 series of the GNOME Desktop. The biggest
change from the 2.4 series to the 2.6 series is that nautilus uses a "spatial" interface instead of the standard
browser type interface. The good news is that the "spatial" interface speeds up nautilus. It is reminiscent of the
way older Microsoft Windows Explorers would always "open in new window" by default. Maybe if it could be
configured to use the same window I would like it, but I guess that is what makes it "spatial"
.
Fedora's default GNOME Desktop
Overall Fedora and RedHat’s implementation of GNOME seems relatively stable, but not as stable as the 2.4
series. The interface is "themed" away from the default GNOME look into a theme that is called BlueCurve. The
BlueCurve look is a nice looking theme that includes new Window Decorations, Colors and Icons. The desktop is
also rearranged from the default GNOME look, you no longer have the top panel, and the bottom panel is overly
large for GNOME. If you remember how GNOME 1.x series looked, this is very similar.
Mandrake utilizes a very standard GNOME 2.4 series desktop. The only real change is the inclusion of a new
theme called Galaxy, and a customized "start menu" to allow organized access to applications across the different
Desktop Environments.
8.2 KDE
RedHat’s Linux's implementation of KDE strays drastically from the default KDE desktop from KDE.org. The
desktop is themed in such a way to look exactly like Fedora's GNOME desktop. Unfortunately in its default state,
the desktop is extremely not user friendly. An example is there is no easy way to open a file manager on the
Desktop, Taskbar or Menus. The only way to open a file manager is to go through the menus and find the
Konqueror web browser and once the program launches, you must hit the home icon which will bring you to the
home directory. I guess if you didn't know that Konqueror also doubles as a file manager you would be out of luck
when it came to a file manager.
If you prefer the default KDE desktop from KDE.org, it is nearly impossible to get there with Fedora's
implementation. Fedora really needs a nice wizard on startup that would ask you which theme to use for KDE, the
Bluecurve (Fedora's) theme or the default KDE theme.
Mandrake's KDE desktop is very clean, but generic looking. Mandrake's changes mostly just include a
customized "start menu", the Galaxy theme and various other settings that are changed from a default KDE
installation, such as double-clicking to launch a file instead of a single click.
9.1.2 Passwds
In more formal terms, a password provides a means of proving the authenticity of a person's claim to be the user
indicated by the username. The effectiveness of a password-based authentication scheme relies heavily on
several aspects of the password:
The secrecy of the password
The resistance of the password to guessing
The resistance of the password to a brute-force attack
Weak Passwords
Weak password fails one of these three tests:
It is secret
It is resistant to being guessed
It is resistant to a brute-force attack
Password Aging
Password aging is a feature (available in many operating systems) that sets limits on the time that a given
password is considered valid. At the end of a password's lifetime, the user is prompted to enter a new password,
which can then be used until, it too, expires.
The key question regarding password aging that many system administrators face is that of the password lifetime.
What should it be?
There are two diametrically-opposed issues at work with respect to password lifetime:
User convenience
Security
On one extreme, a password lifetime of 99 years would present very little (if any) user inconvenience. However, it
would provide very little (if any) security enhancement.
/etc/passwd
The /etc/passwd file is world-readable and contains a list of users, each on a separate line. On each line is a
colon delimited list containing the following information:
Username — The name the user types when logging into the system.
Password — Contains the encrypted password (or an x if shadow passwords are being used — more on this
later).
User ID (UID) — The numerical equivalent of the username which is referenced by the system and
applications when determining access privileges.
Group ID (GID) — The numerical equivalent of the primary group name which is referenced by the system
and applications when determining access privileges.
GECOS — Named for historical reasons, the GECOS field is optional and is used to store extra information (such
as the user's full name). Multiple entries can be stored here in a comma delimited list. Utilities such as finger
access this field to provide additional user information.
Note: GECOS stands for General Electric Comprehensive Operating Supervisor
Home directory — The absolute path to the user's home directory, such as /home/juan/.
Shell — The program automatically launched whenever a user logs in. This is usually a command interpreter
(often called a shell). Under Red Hat Linux, the default value is /bin/bash. If this field is left blank, /bin/sh is
used. If it is set to a non-existent file, then the user will be unable to log into the system.
/etc/shadow
The /etc/shadow file is readable only by the root user and contains password (and optional password aging
information) for each user. As in the /etc/passwd file, each user's information is on a separate line. Each of
these lines is a colon delimited list including the following information:
Username — The name the user types when logging into the system. This allows the login application to retrieve
the user's password (and related information).
Encrypted password — The 13 to 24 character password. The password is encrypted using either the crypt(3)
library function or the md5 hash algorithm. In this field, values other than a validly-formatted encrypted or hashed
password are used to control user logins and to show the password status. For example, if the value is ! or *, the
account is locked and the user is not allowed to log in. If the value is !! a password has never been set before
(and the user, not having set a password, will not be able to log in).
Date password last changed — The number of days since January 1, 1970 (also called the epoch) that the
password was last changed. This information is used in conjunction with the password aging fields that follow.
Number of days before password can be changed — The minimum number of days that must pass
before the password can be changed.
Number of days before a password change is required — The number of days that must pass before the
password must be changed.
Number of days warning before password change — The number of days before password expiration
during which the user is warned of the impending expiration.
Number of days before the account is disabled — The number of days after a password expires
before the account will be disabled.
Date since the account has been disabled — The date (stored as the number of days since the
epoch) since the user account has been disabled.
A reserved field — A field that is ignored in Red Hat Linux.
Here is an example line from /etc/shadow:
juan:$1$.QKDPc5E$SWlkjRWexrXYgc98F.:12825:0:90:5:30:13096:
This line shows the following information for user juan:
The password was last changed February 11, 2005
There is no minimum amount of time required before the password can be changed
The password must be changed every 90 days
The user will get a warning five days before the password must be changed
The account will be disabled 30 days after the password expires if no login attempt is made
The account will expire on November 9,2005
For more information on the /etc/shadow file, see the shadow (5) man page.
/etc/group
The /etc/group file is world-readable and contains a list of groups, each on a separate line. Each line is a four
field, colon delimited list including the following information:
Group name — The name of the group. Used by various utility programs as a human-readable identifier for the
group.
Group password — If set, this allows users that are not part of the group to join the group by using the newgrp
command and typing the password stored here. If a lower case x is in this field, then shadow group passwords
are being used.
Group ID (GID) — The numerical equivalent of the group name. It is used by the operating system and
applications when determining access privileges.
Member list — A comma delimited list of the users belonging to the group.
Here is an example line from /etc/group:
general:x:502:juan,shelley,bob
This line shows that the general group is using shadow passwords, has a GID of 502, and that juan, shelley, and
bob are members.
For more information on /etc/group, see the group(5) man page.
/etc/gshadow
The /etc/gshadow file is readable only by the root user and contains an encrypted password for each group, as
well as group membership and administrator information. Just as in the /etc/group file, each group's
information is on a separate line. Each of these lines is a colon delimited list including the following information:
Group name — The name of the group. Used by various utility programs as a human-readable identifier for the
group.
Encrypted password — The encrypted password for the group. If set, non-members of the group can join the
group by typing the password for that group using the newgrp command. If the value of this field is !, then no user
is allowed to access the group using the newgrp command. A value of !! is treated the same as a value of ! —
however, it also indicates that a password has never been set before. If the value is null, only group members can
log into the group.
Group administrators — Group members listed here (in a comma delimited list) can add or remove group
members using the gpasswd command.
Group members — Group members listed here (in a comma delimited list) are regular, non-administrative
members of the group.
Here is an example line from /etc/gshadow:
general:!!:shelley:juan,bob
This line shows that the general group has no password and does not allow non-members to join using the
newgrp command. In addition, shelley is a group administrator, and juan and bob are regular, non-administrative
members.
Application Function
/usr/sbin/useradd Adds user accounts. This tool is also used to specify primary and secondary group
membership.
/usr/sbin/userdel Deletes user accounts.
/usr/sbin/usermod Edits account attributes including some functions related to password aging. For more
fine-grained control, use the passwd command. usermod is also used to specify
primary and secondary group membership.
passwd Sets passwords. Although primarily used to change a user's password, it also controls
all aspects of password aging.
/usr/sbin/chpasswd Reads in a file consisting of username and password pairs, and updates each users'
password accordingly.
chage Changes the user's password aging policies. The passwd command can also be used
for this purpose.
Chfn Changes the user's GECOS information.
chsh Changes the user's default shell
/usr/sbin/groupadd Adds groups, but does not assign users to those groups. The useradd and usermod
programs should then be used to assign users to a given group.
/usr/sbin/groupdel Deletes groups.
/usr/sbin/groupmod Modifies group names or GIDs, but does not change group membership. The useradd
and usermod programs should be used to assign users to a given group.
gpasswd Changes group membership and sets passwords to allow non-group members who
know the group password to join the group. It is also used to specify group
administrators.
/usr/sbin/grpck Checks the integrity of the /etc/group and /etc/gshadow files.
Application Function
chgrp Changes which group owns a given file.
chmod Changes access permissions for a given file. It is also capable of assigning special
permissions.
chown Changes a file's ownership (and can also change group).
Home Directories
Another issue facing system administrators is whether or not users should have centrally-stored home directories.
The primary advantage of centralizing home directories on a network-attached server is that if a user logs into any
machine on the network, they will be able to access the files in their home directory.
The disadvantage is that if the network goes down, users across the entire organization will be unable to get to
their files. In some situations (such as organizations that make widespread use of laptops), having centralized
home directories may not be desirable. But if it makes sense for your organization, deploying centralized home
directories can make a system administrator's life much easier.
Adding Users
Adding users takes some planning, read through the steps below before starting:
Arrange your list of users into groups by function. In this example there are three groups "marketing", "production"
and "accounts".
Marketing Production Accounts
Paul Alice Accounts
Jane Derek Sales
Add the Linux groups to your server:
[root@skynet tmp]# groupadd marketing
[root@skynet tmp]# groupadd production
[root@skynet tmp]# groupadd accounts
Add the Linux users, assign them to their respective groups
[root@skynet tmp]# useradd -g marketing paul
[root@skynet tmp]# useradd -g marketing jane
[root@skynet tmp]# useradd -g production derek
[root@skynet tmp]# useradd -g production alice
[root@skynet tmp]# useradd -g accounts accounts
[root@skynet tmp]# useradd -g accounts sales
If you don't specify the group with the "-g", RedHat / RedHat Linux will create a group with the same name as the
user you just created. When each new user first logs in, they will be prompted for their new permanent password.
Note: The /etc/login.defs file contains useradd command defaults for user aging, home directory and
password policy.
Each user's personal directory will be placed in the /home directory. The directory name will be the same as their
user name.
[root@skynet tmp]# ll /home
drwxr-xr-x 2 root root 12288 Jul 24 20:04 lost+found
drwx------ 2 accounts accounts 1024 Jul 24 20:33 accounts
drwx------ 2 alice production 1024 Jul 24 20:33 alice
drwx------ 2 derek production 1024 Jul 24 20:33 derek
drwx------ 2 jane marketing 1024 Jul 24 20:33 jane
drwx------ 2 paul marketing 1024 Jul 24 20:33 paul
drwx------ 2 sales accounts 1024 Jul 24 20:33 sales
Changing Passwords
You'll need to create passwords for each account. This is done with the "passwd" command. You will be
prompted once for your old password and twice for the new one.
User "root" changing the password for user "paul"
[root@skynet root]# passwd paul
Changing password for user paul.
New password:
Retype new password:
Delete Users
The userdel command is used. The "-r" flag removes all the contents of the user's home directory
[root@skynet tmp]# userdel -r paul
How to Tell the groups to which a user belongs? Use the "groups" command with the username as the argument
[root@skynet root]# groups paul
paul : marketing
[root@skynet root]#
a user from creating an excessive number of files. By limiting the number of disk blocks a user may consume, you
limit the total amount of storage a user may have regardless of how many files they may have (i.e., either a small
number of large files, or a large number of small files).
We can use the following commands and their associated man pages:
quotaon /fs Enables quotas for the /fs file system.
quotaoff Disables quota tracking.
edquota name Edits the quota settings for user name. Can also be used to set defaults.
quota Allows users to see their current resource consumption and limits.
repquota Generates a report of disk consumption by all users for a quota-enabled file system.
quotacheck Scans a file system
Old fstab
LABEL=/home /home ext3 defaults 1 2
New fstab
LABEL=/home /home ext3 defaults,usrquota 1 2
Return to your original run state by using either the "init 3" or "init 5" commands. Continue to the next step once
the system is back to its normal state.
Create The Partition Quota Configuration Files
The topmost directory of the filesystem needs to have an aquota.user file (Defines quotas by user) and/or a
aquota.group file (Defines quotas by group). The man page for "quota" lists them at the bottom.
In this case we'll just enable "per user " quotas.
[root@skynet tmp]# touch /home/aquota.user
[root@skynet tmp]# chmod 600 /home/aquota.user
In the example below, users "peter", "bob" and "bunny" and all the users in the "operator" group are made part of
the user alias "ADMINS". All the command shell programs are then assigned to the command alias "SHELLS".
Users ADMINS are then denied the option of running any SHELLS commands and su.
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, \
/usr/bin/ksh, /usr/local/bin/tcsh, \
/usr/bin/rsh, /usr/local/bin/zsh
audiofile-0.2.3-3
...
...
[root@skynet tmp]#
You can also pipe the output of this command through the grep command if you are interested in only a specific
package. In this example we are looking for all packages containing the string "ssh" in the name, regardless of
case ("-i" meaning ignore case)
[root@skynet tmp]# rpm -qa | grep -i ssh
openssh-server-3.4p1-2
openssh-clients-3.4p1-2
openssh-askpass-gnome-3.4p1-2
openssh-3.4p1-2
openssh-askpass-3.4p1-2
Note: You could use the "rpm -q package-name" command to find an installed package as it is much faster than
using grep and the "-qa" switch, but you have to have an exact package match. If you are not sure of the package
name and its capitalization, then the method above is probably more suitable.
The "up" at the end of the command activates the interface. To make this permanent each time you boot up you'll
have to add this command in your /etc/rc.d/rc.local file.
RedHat Linux also makes life a little easier with interface configuration files located in the
/etc/sysconfig/network-scripts directory. Interface eth0 has a file called ifcfg-eth0, eth1 uses ifcfg-eth1
... etc. You can place your IP address information in these files which are then used to auto-configure your NICs
when Linux boots.
In this example, there are multiple gateways handling traffic destined for different networks on different interfaces.
After
# Enables packet forwarding
net.ipv4.ip_forward=1
This will only enable it when you reboot at which time Linux will create a file in one of the subdirectories of the
special RAM memory based /proc filesystem. To activate the feature immediately you have to force Linux to read
the /etc/sysctl.conf file with the sysctl command using the "-p" switch. Here is how it's done:
[root@skynet tmp] sysctl -p
sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
kernel.sysrq = 0
kernel.core_uses_pid = 1
Configuring Your /etc/hosts File
The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically
check this file before referencing DNS, if the name is found with a corresponding IP address then DNS won't be
queried at all. Unfortunately, if the IP address for that host changes, you'll have to also update the file. This may
not be much of a concern for a single server, but can become laborious if it has to be done companywide. For
ease of management, it is often easiest to limit entries in this file to just the loopback interface, and also the
server's own host name, and use a centralized DNS server handle most of the rest. Sometimes you may not be
the one managing the DNS server and in such cases it may be easier to add a quick /etc/hosts file entry till the
centralized change can be made.
192.168.1.101 sys1
In the example above server "sys1" has an IP address of 192.168.1.101. You can access 192.168.1.101 using
the "ping", "telnet" or any other network aware program by referring to it as "sys1" Here is an example using the
"ping" to see if "sys1" is alive and well on the network.
[root@skynet tmp]# ping sys1
PING zero (192.168.1.101) 56(84) bytes of data.
64 bytes from sys1 (192.168.1.101): icmp_seq=0 ttl=64 time=0.197 ms
64 bytes from sys1 (192.168.1.101): icmp_seq=1 ttl=64 time=0.047 ms
Starting xinetd: [ OK ]
[root@skynet tmp]#
Now you are ready to use telnet.
Now rsh and rlogin are ready to use. Just create .rhosts under user’s home directory which contains trusted Host
name and IP address (or name of trusted Host)
Eg:[root@skynet tmp]# vi /root/.rhosts
200.200.0.2 root
wq!
Here in this example we trust the host 200.200.0.2 and the user root on 200.200.0.2.
You have to restrict FTP access to certain users by adding them to the list of users in the
/etc/vsftpd.ftpusers and /etc/vsftpd.userlist file. The VSFTPD package creates this file with a
number of entries for privileged users that normally shouldn't have FTP access. As FTP doesn't encrypt
passwords, thereby increasing the risk of data or passwords being compromised, it is a good idea to let these
entries remain and add new entries for additional security
Edit the /etc/vsftpd.userlist and /etc/vsftpd.ftpusers and mention the DENY users list. If you
want to allow any user including root just comment out or remove that particular user’s entry from both of the
files.
Now you can try doing ftp from the remote machine.
[root@skynet_1 tmp]# ftp 192.168.1.100
Connected to 192.168.1.100 (192.168.1.100)
220 ready, dude (vsFTPd 1.1.0: beat me, break me)
Name (192.168.1.100:root): user1
331 Please specify the password.
Password:
230 Login successful. Have fun.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
To view and download a copy of the VSFTPD RPM located on the FTP server skynet.
ftp> ls
227 Entering Passive Mode (192,168,1,100,35,173)
150 Here comes the directory listing.
-rwxr----- 1 0 502 76288 Jan 04 17:06 vsftpd-1.1.0-1.i386.rpm
226 Directory send OK.
Figure:gftp
In the above figure left window has the Local files and right window shows the Remote ftp server
skynet.wilshiresoft.com's files. You can drag and drop the files between windows or you can select
individual files and then use the Arrow buttons to upload or download.
12. NFS
12.1 NFS Operational Overview
Linux data storage disks contain files stored in filesystems with a standardized directory structure. New disks are
added by attaching, or "mounting", the directories of their filesystems to a directory of an already existing
filesystem. This in effect makes the new hard disk transparently appear to be a sub directory of the file system to
which it is attached.
NFS was developed to allow a computer system to access directories on remote computers by mounting them on
a local filesystem as if they were just like a local disk. The systems administrator on the NFS server has to define
the directories that need to be activated or "exported" for access by the NFS clients, and administrators on the
clients need to define both the NFS server and the subset of its exported directories to use.
General NFS Rules
There are some general rules that need to be followed when configuring NFS.
1. You can only export directories beneath the "/" directory.
2. You cannot export a subdirectory of a directory that has already been exported. The exception being when the
subdirectory is on a different physical device. Likewise you cannot export the parent of a subdirectory unless it is
on a separate device too.
3. You can only export local file systems.
domains that can get access to the directory, the second part lists NFS options in brackets. In the case below we
have provided:
Read only access to the /data/files directory to all networks
Read/write access to the /home directory from all servers on the 192.168.1.0 /24 network, that is all addresses
from 192.168.1.0 to 192.168.1.255
Read/write access to the /data/test directory from servers in the my-site.com DNS domain
Read/write access to the /data/database directory from a single server 192.168.1.203.
In all cases we have used the "sync" option to ensure that file data cached in memory is automatically written to
the disk after the completion of any disk data copying operation.
#/etc/exports
/data/files *(ro,sync)
/home 192.168.1.0/24(rw,sync)
/data/test *.my-site.com(rw,sync)
/data/database 192.168.1.203/32(rw,sync)
Once you have configured your /etc/exports file, you'll need to activate the settings, but first you'll have to make
sure NFS is running correctly.
Starting NFS on the Server
Configuring an NFS server is straightforward with the easy to follow steps outlined below.
1. Use the chkconfig command to configure the required NFS and RPC portmap daemons to start at boot. You
will also have to activate NFS file locking to reduce the risk of corrupted data.
[root@skynet tmp]# chkconfig --level 35 nfs on
[root@skynet tmp]# chkconfig --level 35 nfslock on
[root@skynet tmp]# chkconfig --level 35 portmap on
2. Use the init scripts in the /etc/init.d directory to start the NFS and RPC portmap daemons. In the examples
below we're using the "start" option, but when needed, you can also stop and restart the processes with the "stop"
and "restart" options.
[root@skynet tmp]# service portmap start
[root@skynet tmp]# service nfs start
[root@skynet tmp]# service nfslock start
2. Use the init scripts in the /etc/init.d directory to start the NFS and RPC portmap daemons. In the examples
below we're using the "start" option, but when needed, you can also stop and restart the processes with the "stop"
and "restart" options.
Note: You may also need to edit the /etc/fstab file of any entries related to the mount point if you want to make
the change permanent even after rebooting.
2. Comment out the corresponding entry in the NFS server's /etc/exports file and reload the modified file as seen
below.
[root@skynet tmp]# exportfs -ua
[root@skynet tmp]# exportfs -a
The showmount Command
When run on the server, the "showmount -a" command will list all the currently exported directories. It will also
show a list of NFS clients accessing the server, in this case one client is with an IP address of 192.168.1.102.
[root@skynet tmp]# showmount -a
All mount points on skynet:
*:/home
192.168.1.102:*
2. Keep a copy of the old /home directory, and create a new directory /home on which we'll mount the NFS
server's directory.
[root@skynet tmp]# mv /home /home.save
[root@skynet tmp]# mkdir /home
[root@skynet tmp]# ll /
...
...
drwxr-xr-x 1 root root 11 Nov 16 20:22 home
drwxr-xr-x 2 root root 4096 Jan 24 2003 home.save
...
3. Make sure you can mount skynet's /home directory on the new /home directory we just created. Unmount it
once everything looks correct.
[root@skynet tmp]# mount 192.168.1.100:/home /home/
[root@skynet tmp]# ls /home
ftpinstall nisuser quotauser skynet www
[root@skynet tmp]# umount /home
4. Start configuring autofs automounting. Edit your /etc/auto.master file to refer to file /etc/auto.home for mounting
information whenever the /home directory is accessed. After five minutes, autofs will unmount the directory.
#/etc/auto.master
/home /etc/auto.home --timeout 600
5. Edit file /etc/auto.home to do the NFS mount whenever the /home directory is accessed. If the line is too long
to view on your screen, you can add a "\" at the end to continue on the next line.
#/etc/auto.home
* -fstype=nfs,soft,intr,rsize=8192,wsize=8192,nosuid,tcp \
192.168.1.100:/home:&
6. Start autofs and make sure it will start after the next reboot with the chkconfig command.
[root@skynet tmp]# chkconfig autofs on
[root@skynet tmp]# service autofs restart
Stopping automount:[ OK ]
Starting automount:[ OK ]
Note: After doing this, you won't be able to see the contents of the /home directory on skynet as user "root". This
is because by default NFS activates the root squash feature which disables this user from having privileged
access to directories on remote NFS servers. We'll be able to test this later once NIS is configured.
All newly added Linux users will now be assigned a home directory under the new remote /home directory. This
scheme will make the users feel their home directories are local, when in reality they are automatically mounted
and accessed over your network.
NISDOMAIN="DESTINY.COM"
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/DESTINY.COM'
skynet has been set up as a NIS master server.
Now you can run ypinit -s skynet on all slave server.
Note: Make sure portmapper is running before doing this or you'll get errors
like the one below. You will have to delete the /var/yp/DESTINY.COM directory
and restart portmapper, yppasswd and ypserv before you'll be able to do this
again successfully.
failed to send 'clear' to local ypserv: RPC: Port mapper failureUpdating
group.bygid...
Start The ypbind and ypxfrd Daemons
You can now start the ypbind and the ypxfrd daemons now that the NIS domain files have been created.
[root@skynet tmp]# service ypbind start
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server.
[root@skynet tmp]# service ypxfrd start
Starting YP map server: [ OK ]
[root@skynet tmp]# chkconfig ypbind on
[root@skynet tmp]# chkconfig ypxfrd on
The authconfig program also updates the /etc/nisswitch.conf file which lists
the order in which certain data sources should be searched for name lookups
like those in DNS, LDAP and NIS. Here we can see where NIS entries have been
added for the important login files.
#/etc/nisswitch.conf
passwd: files nis
shadow: files nis
group: files nis
Note: A sample NIS nsswitch.conf file can also be located in the /usr/share/doc/yp-tools* directory
Start The NIS Client Related Daemons
Start the ypbind NIS client, yppasswd and portmap daemons in the /etc/init.d directory and use the chkconfig
command to ensure they start after the next reboot. Remember to use the "rpcinfo" command to ensure they are
running correctly.
[root@skynet tmp]# service portmap start
Starting portmapper: [ OK ]
[root@skynet tmp]# service ypbind start
Binding to the NIS domain:
Listening for an NIS domain server.
[root@skynet tmp]# service yppasswdd start
Starting YP passwd service: [ OK ]
14. DNS
14.1 Introduction to DNS
Before we begin, it is best to understand a few foundation concepts in DNS on which the rest of the document is
built.
DNS Domains
Everyone in the world has a first name and a last or "family" name. DNS is similar in that a family of websites can
be closely described as being a "domain". For example the domain wilshiresoft.com has a number of production
such as www.wilshiresoft.com and mail.wilshiresoft.com for the web and mail servers respectively.
BIND
BIND is an acronym for the "Berkeley Internet Name Domain" project which maintains the DNS related software
suite that runs under Linux. The most well known program in BIND is "named", the daemon that responds to DNS
queries from remote machines.
DNS Clients
A DNS client doesn't store DNS information; it always has to refer to a DNS server to get it. The only DNS
configuration file for a DNS client is the /etc/resolv.conf file which defines the IP address of the DNS server it
should use. You shouldn't need to configure any other files.
You can learn more about the /etc/resolv.conf file in the sections that follow.
Authoritative DNS Servers
Authoritative servers provide the definitive information for your DNS domain such as the names of servers and
websites in it. They are the "last word" in information related to your domain.
The nslookup command tends to be more verbose than the host command providing the IP addresses of the DNS
servers that provided it with its information. Unlike the host command, the nslookup command is available to
Windows PCs.
Forward Lookup Example
[root@skynet tmp]# nslookup www.wilshiresoft.com
Server: 200.200.0.1
Address: 200.200.0.1#53
Non-authoritative answer:
Name: www.wilshiresoft.com
Address: 200.200.0.1
Reverse Lookup Example
[root@skynet tmp]# nslookup 65.115.71.34
Server: 200.200.0.1
Address: 200.200.0.1#53
Keyword Value
nameserver IP address of your DNS nameserver. There should be only one entry per
"nameserver" keyword. If there is more than one nameserver, you'll need to have
multiple "nameserver" lines.
Domain The local domain name to be used by default. If the server is
wstsun1.wilshiresoft.com, then the entry would just be wilshiresoft.com
Search If you refer to another server just by its name without the domain added on, DNS on
your client will append the server name to each domain in this list and do an
nslookup on each to get the remote servers' IP address. This is a handy time saving
feature to have so that you can refer to servers in the same domain by only their
servername without having to specify the domain. The domains in this list must
separated by spaces.
Configuring Nameserver
The named.conf file
The main DNS configuration is kept in the /etc/named.conf file which is used to tell BIND where to find the
configuration files for each domain you own. There are usually two zone areas in this file:
Forward zone file definitions which list files to map domains to IP addresses
Reverse zone file definitions which list files to map IP addresses to domains
In this example the forward zone for www.wilshiresoft.com is being set up by placing the following entries at the
bottom of the named.conf file. The zone file is named wilshiresoft.zone and, though not explicitly stated, the file
wilshiresoft.zone should be located in the default directory of /var/named/chroot/var/named in Fedora Core and in
/var/named in RedHat 9 and older.
zone "wilshiresoft.com" {
type master;
notify no;
allow-query { any; };
file "wilshiresoft.zone";
};
Note: The "allow-query" directive defines the networks that are allowed to query your DNS server for information
on any zone. For example, to limit queries to only our 200.200.0.0 network, you could modify the directive to state
allow-query { 200.200.0.0/24; };
The reverse zone definition below is an example of a named.conf for a reverse zone file named 200-200-0.zone
for the 200.200.0.0/24 network.
zone "0.200.200.in-addr.arpa" {
type master;
notify no;
file "200-200-0.zone";
};
Note: the reverse order of the IP address in the zone section is important as is the fact that only the first three
octets of the IP address are represented.
Configuring The Zone Files
There are a number of things to keep in mind when configuring DNS zone files. In all zone files, you can place a
comment at the end of any line by inserting a semi-colon ";" character then typing in the text of your comment.
By default, your zone files are located in the directory /var/named or /var/named/chroot/var/named.
Each zone file contains a variety of records (e.g. SOA, NS, MX, A and CNAME) which govern different areas of
BIND. Each will be explained later with examples.
$TTL 3D
Note: BIND recognizes a number of suffixes for time related values. A "D" signifies days, a "W" signifies weeks
and an "H" signifies hours. In the absence of a suffix, BIND assumes the value is in seconds.
DNS Resource Records
The rest of the records in a zone file are usually BIND resource records. They define the nature of the DNS
information in your zone files that's presented to querying DNS clients. They all have the general format:
Name Class Type Data
There are different types of record for mail (MX), forward lookups (A), reverse lookups (PTR), aliases (CNAME)
and overall zone definitions (SOA). The data portion is formatted according to the record "type" and may consist
of several values separated by spaces. Similarly, the "name" is also subject to interpretation based on this factor.
The formatting and use of each type of record will be discussed in sections to follow.
The SOA Record
The very first resource record is the Start of Authority (SOA) record which contains general administrative and
control information about the domain. It has the following format:
Name Class Type Name-Server Email-Address Serial-No Refresh Retry Expiry Minimum-TTL
The record can be long, and will sometimes wrap around on your screen. For the sake of formatting, you insert
"new line" characters between the fields as long as you insert at the beginning and end of the insertion to alert
BIND that part of the record will straddle multiple lines. You can also add comments to the end of each new line
separated by a semicolon when you do this. Here is an example:
@ IN SOA wstsun1.wilshiresoft.com. hostmaster.wilshiresoft.com. (
2004100801 ; serial #
4H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
So in this example, the primary name server has been defined as "wstsun1.wilshiresoft.com" with a contact email
address of "hostmaster@wilshiresoft.com". The serial number is "2004100801" with refresh, retry, expiry and
minimum values of 4 hours, 1 hour, 1 week and 1 day respectively.
Like the SOA record, the NS, MX, A, PTR and CNAME records each occupy a single line with a very similar
general format.
Sample Forward Zone File
Now that the key elements of a zone file have been described, it's time to examine a working example for the
domain wilshiresoft.com.
;
@ IN SOA wstsun1.wilshiresoft.com. hostmaster.wilshiresoft.com. (
200211152 ; serial#
3600 ; refresh, seconds
3600 ; retry, seconds
3600 ; expire, seconds
3600 ) ; minimum, seconds
;
The minimum TTL value ($TTL) is 3 days therefore remote DNS caching servers will store learned DNS
information from your zone for 3 days before flushing it out of their caches.
The MX record for wilshiresoft.com points to the server named mail.wilshiresoft.com
Sample Reverse Zone File
Now we need to make sure that we can do an nslookup query on all our home network's PCs and get their correct
IP addresses. This is very important if you are running a mail server on your network as sendmail typically will
only relay mail from hosts whose IP addresses resolve correctly in DNS. NFS, which is used in network based file
access, also requires valid reverse lookup capabilities.
This is an example of a zone file for the 200.200.0.x network. All the entries in the first column refer to the last
octet of the IP address for the network, so the IP address 200.200.0.1 points to the name
wstsun1.wilshiresoft.com.
Notice how the main difference between forward and reverse zone files is that the reverse zone file only has PTR
and NS records. Also the PTR records cannot have CNAME aliases.
;
; Zone file for 200.200.0.x
;
$TTL 3D
@ IN SOA www.wilshiresoft.com. hostmaster.wilshiresoft.com. (
200303301 ; serial number
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
NS www ; Nameserver Address
;
1 PTR wstsun1.wilshiresoft.com.
2 PTR wstsun2.wilshiresoft.com.
3 PTR wstsun3.wilshiresoft.com.
Loading Your New Configuration Files
Here are the steps you need to follow to load your new configuration files. Make sure your file permissions and
ownership are OK in the /var/named directory.
[root@skynet tmp]# cd /var/named
[root@wstsun1 named]# ll
total 6
-rw-r--r-- 1 named named 195 May 3 2005 localhost.zone
-rw-r--r-- 1 named named 2769 May 3 2005 named.ca
-rw-r--r-- 1 named named 433 May 3 2005 named.local
-rw-r--r-- 1 root root 763 May 2 16:23 wilshiresoft.zone
[root@wstsun1 named]# chown named *
[root@wstsun1 named]# chgrp named *
[root@wstsun1 named]# ll
total 6
-rw-r--r-- 1 named named 195 May3 2005 localhost.zone
-rw-r--r-- 1 named named 2769 May 3 2005 named.ca
-rw-r--r-- 1 named named 433 May 3 2005 named.local
-rw-r--r-- 1 named named 763 May 2 16:23 wilshiresoft.zone
The configuration files above will not be loaded until you issue the following command to restart the named
process that controls DNS.
Note: (Make sure to increment your configuration file serial number before doing this).
[root@skynet tmp]# /etc/init.d/named restart
Last, but not least, take a look at the end of your /var/log/messages file to make sure there are no errors.
Make sure your /etc/hosts and /etc/resolv.conf file is correctly updated. And test your configuration with nslookup
and dig commands.
Note: We can also use the redhat-config-bind GUI tool to configure DNS, but it’s not recommended.
15.DHCP/Bootp
DHCP (Dynamic Host Configuration Protocol) and bootp are protocols that allow a client machine to obtain
network information (such as an IP number) from a server. Many organizations are starting to use dynamic host
control because it simplifies and centralizes network administration.
default-lease-time 86400;
max-lease-time 86400;
# Set the default gateway to be used by
# the PC clients
option routers 200.200.0.1;
}
#
# List an unused interface here
#
subnet 200.200.2.0 netmask 255.255.255.0 {
}
There many more options statements you can use to configure DHCP. These include telling the DHCP clients
where to go for services such as finger and IRC. Check the dhcp-options man page after you do your install. The
command to do this follows:
[root@skynet tmp]# man dhcp-options
Lease Database
On the DHCP server, the file /var/lib/dhcp/dhcpd.leases stores the DHCP client lease database. This file should
not be modified by hand. DHCP lease information for each recently assigned IP address is automatically stored in
the lease database. The information includes the length of the lease, to whom the IP address has been assigned,
the start and end dates for the lease, and the MAC address of the network interface card that was used to retrieve
the lease.
All times in the lease database are in Greenwich Mean Time (GMT), not local time.
The lease database is recreated from time to time so that it is not too large. First, all known leases are saved in a
temporary lease database. The dhcpd.leases file is renamed dhcpd.leases~ and the temporary lease database is
written to dhcpd.leases.
The DHCP daemon could be killed or the system could crash after the lease database has been renamed to the
backup file but before the new file has been written. If this happens, the dhcpd.leases file does not exist, but it is
required to start the service. Do not create a new lease file. If you do, all old leases are lost which causes many
problems. The correct solution is to rename the dhcpd.leases~ backup file to dhcpd.leases and then start the
daemon.
The configuration file used by Apache is /etc/httpd/conf/httpd.conf. Like most Linux applications you have to
restart Apache before changes to the configuration file will take effect. Examples of how to configure this file will
follow.
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
User www
Group www
ServerAdmin admin@wilshire.com
ServerName www.wilshire.com
DocumentRoot "/home/httpd/wst"
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/home/httpd/wst">
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Files .pl>
Options None
AllowOverride None
Order deny,allow
Deny from all
</Files>
<IfModule mod_dir.c>
DirectoryIndex index.htm index.html index.php index.php3 default.html
index.cgi
</IfModule>
#<IfModule mod_include.c>
#Include conf/mmap.conf
#</IfModule>
UseCanonicalName On
<IfModule mod_mime.c>
TypesConfig /etc/httpd/conf/mime.types
</IfModule>
DefaultType text/plain
HostnameLookups Off
ErrorLog /var/log/httpd/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-
Agent}i\"" combined
SetEnvIf Request_URI \.gif$ gif-image
CustomLog /var/log/httpd/access_log combined env=!gif-image
ServerSignature Off
<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/"
<Directory "/home/httpd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</IfModuleGT;
<IfModule mod_mime.c>
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
<IfModule mod_setenvif.c>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-
1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLLog /var/log/httpd/ssl_engine_log
SSLLogLevel warn
</IfModule>
<IfDefine SSL>
<VirtualHost _default_:443>
DocumentRoot "/home/httpd/wst"
ServerName www.wilshire.com
ServerAdmin admin@wilshire.com
ErrorLog /var/log/httpd/error_log
SSLEngine on
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCACertificatePath /etc/ssl/certs
SSLCACertificateFile /etc/ssl/certs/ca.crt
SSLCARevocationPath /etc/ssl/crl
SSLVerifyClient none
SSLVerifyDepth 10
The option ResourceConfig specifies the location of the old srm.conf file that Apache read after it finished reading
the httpd.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in
httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for
simplicity.
Timeout 300
The option Timeout specifies the amount of time Apache will wait for a GET, POST, PUT request and ACKs on
transmissions. You can safely leave this option on its default values.
KeepAlive On
The option KeepAlive, if set to On, specifies enabling persistent connections on this web server. For better
performance, it's recommended to set this option to On, and allow more than one request per connection.
MaxKeepAliveRequests 0
The option MaxKeepAliveRequests specifies the number of requests allowed per connection when the KeepAlive
option above is set to On. When the value of this option is set to 0 then unlimited requests are allowed on the
server. For server performance, it's recommended to allow unlimited requests.
KeepAliveTimeout 15
The option KeepAliveTimeout specifies how much time, in seconds, Apache will wait for a subsequent request
before closing the connection. The value of 15 seconds is a good average for server performance.
MinSpareServers 16
The option MinSpareServers specifies the minimum number of idle child server processes for Apache, which is
not handling a request. This is an important tuning parameter regarding the performance of the Apache web
server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.
MaxSpareServers 64
The option MaxSpareServers specifies the maximum number of idle child server processes for Apache, which is
not handling a request. This is also an important tuning parameter regarding the performance of the Apache web
server. For high load operation, a value of 64 is recommended by various benchmarks on the Internet.
StartServers 16
The option StartServers specifies the number of child server processes that will be created by Apache on start-up.
This is, again, an important tuning parameter regarding the performance of the Apache web server. For high load
operation, a value of 16 is recommended by various benchmarks on the Internet.
MaxClients 512
The option MaxClients specifies the number of simultaneous requests that can be supported by Apache. This too
is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a
value of 512 is recommended by various benchmarks on the Internet.
MaxRequestsPerChild 100000
The option MaxRequestsPerChild specifies the number of requests that an individual child server process will
handle. This too is an important tuning parameter regarding the performance of the Apache web server.
User www
The option User specifies the UID that Apache server will run as. It's important to create a new user that has
minimal access to the system, and functions just for the purpose of running the web server daemon.
Group www
The option Group specifies the GID the Apache server will run as. It's important to create a new group that has
minimal access to the system and functions just for the purpose of running the web server daemon.
DirectoryIndex index.htm index.html index.php index.php3 default.html index.cgi
The option DirectoryIndex specifies the files to use by Apache as a pre-written HTML directory index. In other
words, if Apache can't find the default index page to display, it'll try the next entry in this parameter, if available.
To improve performance of your web server it's recommended to list the most used default index pages of your
web site first.
Include conf/mmap.conf
The option Include specifies the location of other files that you can include from within the server configuration
files httpd.conf. In our case, we include the mmap.conf file located under /etc/httpd/conf directory. This file
mmap.conf maps files into memory for faster serving.
HostnameLookups Off
The option HostnameLookups, if set to Off, specifies the disabling of DNS lookups. It's recommended to set this
option to Off in order to save the network traffic time, and to improve the performance of your Apache web server.
By default, Apache will search the DocumentRoot directory for an index or "home" page named index.html. So for
example, if you have a servername of www.my-site.com with a DocumentRoot directory of
/home/www/site1/, Apache will display the contents of the file /home/www/site1/index.html when you
enter http://www.my-site.com in your browser.
Some editors like Microsoft FrontPage will create files with an ".htm", not ".html" extension. This isn't usually a
problem if all your HTML files have hyperlinks pointing to files ending in ".htm" as FrontPage does.
The problem occurs with Apache not recognizing the topmost index.htm page. The easiest solution is to create a
symbolic link ("shortcut" for Windows users) called index.html pointing to the file index.htm. This will then allow
you to edit/copy the file index.htm with index.html being updated automatically. You'll almost never have to worry
about index.html and Apache again!
In the example below we create a symbolic link to index.html in the /home/www/site1 directory.
[root@skynet tmp]# cd /home/www/site1
[root@skynet site1]# ln -s index.htm index.html
[root@skynet site1]# ll index.*
-rw-rw-r-- 1 root root 48590 Jun 18 23:43 index.htm
lrwxrwxrwx 1 root root 9 Jun 21 18:05 index.html ->
index.htm
The "l" at the very beginning of the index.html entry signifies a link and
the "->" the link target.
3. Changing the permissions on the /home/www directory to 755 which will allow all users, including the Apache's
httpd daemon, to read the files inside.
[root@skynet tmp]# useradd -g users www
[root@skynet tmp]# chown -R www:users /home/www
[root@skynet tmp]# chmod 755 /home/www
Now we test for the new ownership with the "ll" command.
[root@skynet tmp]# ll /home/www/site1/index.*
-rw-rw-r-- 1 www users 48590 Jun 25 23:43 index.htm
lrwxrwxrwx 1 www users 9 Jun 25 18:05 index.html ->
index.htm
[root@skynet tmp]#
Note: It is also a good practice to FTP or SCP new files to your web server as this new user. This will make all
the transferred files automatically have the correct ownership.
If you browse your website after configuring Apache and get a "permissions" error on your screen, then your files
or directories under your DocumentRoot most likely have incorrect permissions.
Appendix II has a short script <http://www.siliconvalleyccie.com/linux-hn/appendix.htm> that you can use to
recursively set the file permissions in a directory to match those expected by Apache.
You may also have to use the "Directory" directive to make Apache serve the pages once the file permissions
have been correctly set. If you have your files in the default /home/www directory then this second step becomes
unnecessary.
ServerName directive doesn't match. To get consistent results, try to limit the use of your "*" <VirtualHost>
statements to the beginning of the list to cover any other IP addresses your server may have.
You can also have multiple NameVirtualHost directives, each with a single IP address, in cases where your web
server has more than one IP address
IP Based Virtual Hosting
The other virtual hosting option is to have one IP address per website which is also known as IP based virtual
hosting. In this case you will NOT have a NameVirtualHost directive for the IP address, and you must only have a
single <VirtualHost> container per IP address.
Example IP Virtual Hosting : Single Wild Card
In this example, Apache listens on all interfaces, but gives the same content. Apache will display the content in
the first <VirtualHost *> directive even if you add another right after it. Apache also seems to enforce the single
<VirtualHost> container per IP address requirement by ignoring any ServerName directives you may use inside it.
<VirtualHost *>
DocumentRoot /home/www/site1
</VirtualHost>
Example IP Virtual Hosting : Wild Card and IP addresses
In this example, Apache listens on all interfaces, but gives different content for addresses 97.158.253.26 and
97.158.253.27. Web surfers will get the "site1" content if they try to access the web server on any of its other IP
addresses.
<VirtualHost *>
DocumentRoot /home/www/site1
</VirtualHost>
<VirtualHost 97.158.253.26>
DocumentRoot /home/www/site2
</VirtualHost>
<VirtualHost 97.158.253.27>
DocumentRoot /home/www/site3
</VirtualHost>
[root@skynet tmp]# service httpd restart
The Apache Error Log Files
The /var/log/httpd/error_log file is a good source for error information. Unlike the /var/log/httpd/access_log file,
there is no standardized formatting.
The /var/log/httpd/error_log file also is the location where CGI script errors are written. Many times CGI scripts will
fail with a blank screen on your browser, the /var/log/httpd/error_log file will most likely have the cause of the
problem.
Controlling SWAT
As with all xinetd controlled applications, the chkconfig command will automatically modify the "disable" field
accordingly in the configuration file and activate the change.
Activating SWAT
[root@skynet tmp] chkconfig swat on
Deactivating SWAT
[root@skynet tmp] chkconfig swat off
Adding users to a domain has three broad phases. The first is adding a Linux user on the Samba server, the
second is creating a Samba smbpasswd that maps to the Linux user created previously, and final step is to map a
Windows drive letter to the user's Linux home directory. This is all outlined below:
Adding The Users In Linux
First go through the process of adding users in Linux just like you would normally do. Passwords won't be
necessary unless you want the users to log in to the Samba server via Telnet or SSH.
Create the user
[root@skynet tmp]# useradd -g 100 peter
Give them a Linux Password
This is only necessary if the user needs to log into the Samba server directly.
[root@skynet tmp]# passwd peter
Changing password for user peter.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Mapping The Linux Users To An smbpassword
Next you need to create Samba domain login passwords for the user
[root@skynet tmp]#/usr/bin/smbpasswd -a username password
The "-a" switch adds the user to the /etc/smbpasswd file. Use a generic password then have users change it
immediately from their workstation the usual way.
Remember the smbpasswd sets the Windows Domain login password for a user. This is different from the Linux
login password to log into the Samba box.
Create The Directory And User Group
1. Create a new Linux group marketing:
[root@skynet tmp]# /usr/sbin/groupadd marketing
2. Create a new directory for the group's files. If one user is designated as the leader, you might want to change
the chown statement to make them owner
[root@skynet tmp]# mkdir /home/parent-files
[root@skynet tmp]# chgrp marketing /home/parent-files
[root@skynet tmp]# chmod 0770 /home/parent-files
3. Next add the group members to the new group. For instance, let's add user "father" to the group.
[root@skynet tmp]# /usr/sbin/usermod -G marketing father
4. /etc/samba/smb.conf file should have an entry like this at the end:
# Marketing Shared Area
[only-marketing]
path = /home/parent-files
valid users = @marketing
Now simply restart the smb service and access the share from windows machine.
RedHat Linux allows you to install the operating system over the network using a Kickstart server. It is
comparatively much faster than using CDs and the whole install process can be automated.
What are Kickstart Installations?
Many system administrators would prefer to use an automated installation method to install Red Hat Linux on
their machines. To answer this need, Red Hat created the kickstart installation method. Using kickstart, a system
administrator can create a single file containing the answers to all the questions that would normally be asked
during a typical Red Hat Linux installation.
Kickstart files can be kept on single server system and read by individual computers during the installation. This
installation method can support the use of a single kickstart file to install Red Hat Linux on multiple machines,
making it ideal for network and system administrators.
What is required to perform Kickstart Installation?
Kickstart installations can be performed using a local CD-ROM, a local hard drive, or via NFS, FTP, or HTTP.
To use kickstart, you must:
Create a kickstart file.
Create a boot diskette with the kickstart file or make the kickstart file available on the network.
Make the installation tree available.
Start the kickstart installation.
Run the exportfs command to add this directory to the NFS database of network available directories. You should
also add this command to your /etc/rc.local file so that this is repeated after every reboot.
[root@skynet tmp]# exportfs –ra
[root@skynet tmp]# service nfs restart
[root@skynet tmp]# showmount –e ## (this command should not show any RPC
errors)
If the encryption option is selected, when the file is saved, the plain text password that you typed will be encrypted
and written to the kickstart file. Do not type an already encrypted password and select to encrypt it.
2. Installation Method:
The Installation Method screen allows you to choose whether to perform a new installation or an upgrade.
If you choose upgrade, the Partition Information and Package Selection options will be disabled. They are not
supported for kickstart upgrades.
Also choose the opropriate kickstart installation to perform from this screen. You can choose from the following
options: CD-ROM, NFS, HTTP or Hard Drive. In our example we are going to perform over the NFS so choose
NFS.
You have the option of installing GRUB or LILO as the boot loader. Its recommended that you choose defaults i.e
install a boot loader, Use GRUB for the boot loader and Install Boot loader on
Master Boot Record MBR. See the following figure:
4. Creating Partitions:
To create a partition, click the Add button. The Partition Options window shown in following figure. Choose
mount point, file system type, and partition size for the new partition.
In the Additional Size Options section, choose to make the partition a fixed size, up to a chosen size, or
fill the remaining space on the hard drive. If you selected swap as the file system type, you can select to
have the installation program create the swap partition with the recommended size instead of specifying a
size.
For each Ethernet card on the system, click Add Network Device and select the network device and network type
of the device. Select eth0 as the network device for the first Ethernet card, select eth1 for the second Ethernet
card, and so on.
6. Authentication:
In the Authentication section, select whether to use shadow passwords and MD5 encryption for user
passwords. These options are highly recommended and chosen by default.
The Authentication Configuration options allow you to configure the following methods of authentication: NIS,
LDAP, Kerberos 5, Hesiod, SMB, and Name Switch Cache.
7. Firewall Configuration:
The Firewall Configuration window is identical to the screen in the Red Hat Linux installation program and
the Security Level Configuration Tool, with the same functionality.
Note: It is strongly recommended that you choose Firewall Configuration as Disabled. RedHat recommends that
you configure the firewall settings manually after the installation. See Chapter 20 IPTABLES for more information.
8. X Configuration:
The first step in configuring X is to choose the default color depth and resolution. Select them from their
respective pull down menus. Be sure to specify a color depth and resolution that is compatible with the video card
and monitor for the system.
9. Package Selection:
The Package Selection window allows you to choose which package groups to install. There are also
options available to resolve and ignore package dependencies automatically. Currently, Kickstart
Configurator does not allow you to select individual packages.
10. Pre-Installation Script
You can add commands to run on the system immediately after the kickstart file has been parsed and before the
installation begins. If you have configured the network in the kickstart file, the network is enabled before this
section is processed. To include a pre-installation script, type it in the text area.
11. Post-Installation Script
You can also add commands to execute on the system after the installation is completed. If the network is
properly configured in the kickstart file, the network is enabled, and the script can include commands to access
resources on the network. To include a post-installation script, type it in the text area.
Now save the settings under /network-install/kickstart/ks.cfg.
You may want to then edit the configuration file and comment out certain parameters that may change from
system to system with ”#". These could include things like the system's name and IP address. During the kickstart
process you will be prompted for these unspecified values.
Configuring the Filename Automatically
1. Place your kickstart file in the /network-install/kickstart directory.
2. Edit your /etc/dhcpd.conf file and add the following lines to the section for the interface that will be serving
DHCP IP addresses.
filename "/network-install/kickstart/ks.cfg";
next-server 192.168.1.100
Note: Here 192.168.1.100 is the Kickstart server’s IP address. If you don’t setup this in /etc/dhcpd.conf file
then the installation client will ask you for the location of the Kickstart server and method of installation.
3. Now on the client side insert the boot floppy or CD into the kickstart client and at the boot: prompt
type in the following command:
boot: linux ks
Kickstart will first search for a configuration file named ks.cfg on either the boot CD / floppy. It will then
automatically attempt to get a DHCP IP address and see if the DHCP server will specify a configuration file.
Kickstart will then use NFS to get both the configuration file and the installation files. The rest should be
automatic.
20.1.1 Overview
Note: 2.4 and above kernels only.
Many benefits over ipchains:
Connection Tracking.
Rate Limiting.
Many more filtering options: All TCP flags, MAC address user, etc.
Improved logging.
Format
iptables [table] [action] [chain] [options]
[target]
iptables -t filter -A INPUT -m state --state NEW -p tcp -s
12.168.1.0/24 -j ACCEPT
Capabilities
Table - Specifies which table the chain applies to: nat, filter, or mangle/
Action –Action to be taken on specified n/w or host.
Chains - 5 Built-in chains. Names capitalized unlike IPCHAINS.
# Filter Table:
INPUT - All packets entering an interface that are destined for a local process use this chain.
FORWARD - Only packets routed from one interface to another pass through this chain.
OUTPUT - All packets leaving an interface that originated from a local process use these chains.
# Nat Table:
www.wilshiresoft.com Wilshire Software Technologies Rev Dt: 15-Oct-08
info@wilshiresfot.com Ph: 2761-2214 / 6677-2214 / 6452-6173 Ver: 1
Linux Administration – IPTABLES Page 105 of 167
PREROUTING - Rules in this chain occur before it is determined whether the packet will use the INPUT or
FORWARD chain. Destination NAT (DNAT) is configured using this chain.
POSTROUTING - Rules in this chain occur after the OUTPUT and FORWARD chains. Source NAT (SNAT) is
configured using this chain.
Options
-i = Input interface (eth0, eth1, lo)
-o = Output interface (eth0, eth1, lo)
-p = Protocol (udp,tcp,icmp, or the protocol number)
-s = Source address of packet (192.168.1.20, 192.168.1.0/24, etc.)
-d = Same as -s, only for the destination address
-m = Specify an extension module to load (e.g. -m state). This must be the
first option specified if it is used
--sport = Source port
--dport = Destination port
Targets
# 3 Default Targets
DROP = DROP the packet without returning an indication that it was dropped to the source
ACCEPT = Accept the packet
<CHAIN> = A user defined chain
# Additional Targets provided by modules:
LOG = Log the packet
REJECT = Reject the packet and send the source a user defined response (defaults to an icmp error message)
Connection Tracking
Requires state module (-m state).
Packet STATES:
NEW = A new connection
ESTABLISHED = Packet is part of an existing connection
RELATED = Packet is related to an existing connection (e.g. ICMP error messages)
INVALID = Packet doesn't belong to any other connection
Tracking FTP Connections:
Because of the nature of the FTP protocol, tracking ftp connections requires a special kernel module:
ip_conntrack_ftp. If you wish to use NAT with ftp connection tracking, you must also load the ip_nat_ftp kernel
module
Install Iptables iptables-1.2.9-1.0.i386.rpm package from 3rd CD of RedHat distribution.
Start iptables service
You can start/stop/restart iptables after booting by using the following commands:
[root@skynet tmp]# service iptables start
[root@skynet tmp]# service iptables stop
[root@skynet tmp]# service iptables restart
To get iptables configured to start at boot you can use the chkconfig command.
[root@skynet tmp]# chkconfig iptables on
IPTABLES Examples
www.wilshiresoft.com Wilshire Software Technologies Rev Dt: 15-Oct-08
info@wilshiresfot.com Ph: 2761-2214 / 6677-2214 / 6452-6173 Ver: 1
Linux Administration – IPTABLES Page 106 of 167
free
The free command displays system memory utilization. Here is an example of its output:
total used free shared
buffers cached
Mem: 255508 240268 15240 0 7592 86188
-/+ buffers/cache: 146488 109020
Swap: 530136 26268 503868
The Mem: row displays physical memory utilization, while the Swap: row displays the utilization of the system
swap space, and the -/+ buffers/cache: row displays the amount of physical memory currently devoted to system
buffers.
Since free by default only displays memory utilization information once, it is only useful for very short-term
monitoring, or quickly determining if a memory-related problem is currently in progress. Although free has the
ability to repetitively display memory utilization figures via its -s option, the output scrolls, making it difficult to
easily see changes in memory utilization.
A better solution than using free -s would be to run free using the watch command. For example, to display
memory utilization every two seconds (the default display interval), use this command:
[root@skynet tmp]#watch free
The watch command issues the free command every two seconds, after first clearing the screen. This makes it
much easier to see how memory utilization changes over time, as it is not necessary to scan continually scrolling
output. You can control the delay between updates by using the -n option, and can cause any changes between
updates to be highlighted by using the -d option, as in the following command
[root@skynet tmp]#watch -n 1 -d free
top
While free displays only memory-related information, the top command does a little bit of everything. CPU
utilization, process statistics, memory utilization — top does it all. In addition, unlike the free command, top's
default behavior is to run continuously; there is no need to use the watch command. Here is a sample display:
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
8532 ed 16 0 1156 1156 912 R 0.5 0.4 0:11 top
1520 ed 15 0 4084 3524 2752 S 0.3 1.3 0:00 gnome-
terminal
1481 ed 15 0 3716 3280 2736 R 0.1 1.2 0:01 gnome-
terminal
1560 ed 15 0 11216 10M 4256 S 0.1 4.2 0:18 emacs
1 root 15 0 472 432 416 S 0.0 0.1 0:04 init
2 root 15 0 0 0 0 SW 0.0 0.0 0:00 keventd
3 root 15 0 0 0 0 SW 0.0 0.0 0:00 kapmd
4 root 34 19 0 0 0 SWN 0.0 0.0 0:00
ksoftirqd_CPU0
5 root 15 0 0 0 0 SW 0.0 0.0 0:00 kswapd
6 root 25 0 0 0 0 SW 0.0 0.0 0:00 bdflush
7 root 15 0 0 0 0 SW 0.0 0.0 0:00 kupdated
8 root 25 0 0 0 0 SW 0.0 0.0 0:00 mdrecoveryd
12 root 15 0 0 0 0 SW 0.0 0.0 0:00 kjournald
91 root 16 0 0 0 0 SW 0.0 0.0 0:00 khubd
185 root 15 0 0 0 0 SW 0.0 0.0 0:00 kjournald
186 root 15 0 0 0 0 SW 0.0 0.0 0:00 kjournald
576 root 15 0 712 632 612 S 0.0 0.2 0:00 dhcpcd
The display is divided into two sections. The top section contains information related to overall system status —
uptime, load average, process counts, CPU status, and utilization statistics for both memory and
swap space. The lower section displays process-level statistics, the exact nature of which can be controlled while
top is running.
vmstat
For a more concise view of system performance, try vmstat. Using this resource monitor, it is possible to get an
overview of process, memory, swap, I/O, system, and CPU activity in one line of numbers:
procs memory swap io system
cpu
r b w swpd free buff cache si so bi bo in cs us
sy id
1 0 0 0 524684 155252 338068 0 0 1 6 111 114 10
3 87
The process-related fields are:
r — The number of runnable processes waiting for access to the CPU
b — The number of processes in an uninterruptible sleep state
w — The number of processes swapped out, but runnable
The memory-related fields are:
swpd — The amount of virtual memory used
free — The amount of free memory
buff — The amount of memory used for buffers
cache — The amount of memory used as page cache
The swap-related fields are:
si — The amount of memory swapped in from disk
so — The amount of memory swapped out to disk
The I/O-related fields are:
bi — Blocks sent to a block device
bo— Blocks received from a block device
The system-related fields are:
in — The number of interrupts per second
cs — The number of context switches per second
The CPU-related fields are:
us — The percentage of the time the CPU ran user-level code
sy — The percentage of the time the CPU ran system-level code
id — The percentage of the time the CPU was idle
When vmstat is run without any options, only one line is displayed. This line contains averages, calculated from
the time the system was last booted.
However, most system administrators do not rely on the data in this line, as the time over which it was collected
varies. Instead, most administrators take advantage of vmstat's ability to repetitively display resource utilization
data at set intervals. For example, the command vmstat 1 displays one new line of utilization data every second,
while the command vmstat 1 10 displays one new line per second, but only for the next ten seconds.
In the hands of an experienced administrator, vmstat can be used to quickly determine resource utilization and
performance issues. But to gain more insight into those issues, a different kind of tool is required — a tool capable
of more in-depth data collection and analysis.
pstree
Gives a hierarchical structure of all currently running processs:
processor : 0
vendorfiid : AuthenticAMD
cpu family : 5
model : 9
model name : AMD-K6(tm) 3D+ Processor
stepping : 1
cpu MHz : 400.919
cache size : 256 KB
fdivfibug : no
hltfibug : no
f00ffibug : no
comafibug : no
fpu : yes
fpufiexception : yes
cpuid level : 1
wp : yes
flags : fpu vme de pse tsc msr mce cx8 pge mmx syscall 3dnow k6fimtrr
bogomips : 799.53
When viewing different virtual files in the /proc/ file system, some of the information is easily understandable
while some is not human-readable. This is in part why utilities exist to pull data from virtual files and display it in a
useful way. Examples of these utilities include lspci, apm, free, and top.
As a general rule, most virtual files within the /proc/ directory are read only. However, some can be used to
adjust settings in the kernel. This is especially true for files in the /proc/sys/ subdirectory.
flags : fpu vme de pse tsc msr mce cx8 pge mmx syscall 3dnow k6fimtrr
bogomips : 799.53
processor - Provides each processor with an identifying number. On systems that have one processor, there
will be only a 0.
cpu family - Authoritatively identifies the type of processor you have in the system. For an Intel-based system,
place the number in front of "86" to determine the value. This is particularly helpful for those attempting to identify
the architecture of an older system such as a 586, 486, or 386. Because some RPM packages are compiled for
each of these particular architectures, this value also helps users determine which packages to install.
model name - Displays the common name of the processor, including its project name.
cpu MHz - Shows the precise speed in megahertz for the processor to the thousandth decimal point.
cache size - Displays the amount of level 2 memory cache available to the processor.
flags - Defines a number of different qualities about the processor, such as the presence of a fioating point unit
(FPU) and the ability to process MMX instructions.
/proc/devices
This file displays the various character and block devices currently configured (not include devices whose
modules are not loaded). Below is a sample output from this file:
Character devices:
1 mem
2 pty
3 ttyp
4 ttyS
5 cua
7 vcs
10 misc
14 sound
29 fb
36 netlink
128 ptm
129 ptm
136 pts
137 pts
162 raw
254 iscsictl
Block devices:
1 ramdisk
2 fd
3 ide0
9 md
22 ide1
/proc/filesystems
This file displays a list of the file system types currently supported by the kernel. Sample output from a generic
/proc/filesystems looks similar to this:
nodev rootfs
nodev bdev
nodev proc
nodev sockfs
nodev tmpfs
nodev shm
nodev pipefs
ext2
nodev ramfs
iso9660
nodev devpts
ext3
nodev autofs
nodev binfmtfimisc
The first column signifies whether the file system is mounted on a block device. Those beginning with nodev are
not mounted on a device. The second column lists the names of the file systems supported. The mount
command cycles through these file systems listed here when one is not specified as an argument.
/proc/interrupts
This file records the number of interrupts per IRQ on the x86 architecture. A standard /proc/interrupts looks
similar to this:
CPU0
0: 80448940 XT-PIC timer
1: 174412 XT-PIC keyboard
2: 0 XT-PIC cascade
8: 1 XT-PIC rtc
10: 410964 XT-PIC eth0
12: 60330 XT-PIC PS/2 Mouse
14: 1314121 XT-PIC ide0
15: 5195422 XT-PIC ide1
NMI: 0
ERR: 0
22. Backups
22.1 Introduction
Backups have two major purposes:
To permit restoration of individual files
To permit wholesale restoration of entire file systems
The first purpose is the basis for the typical file restoration request: a user accidentally deletes a file and asks that
it be restored from the latest backup. The exact circumstances may vary somewhat, but this is the most common
day-to-day use for backups.
The second situation is a system administrator's worst nightmare: for whatever reason, the system administrator
is staring at hardware that used to be a productive part of the data center. Now, it is little more than a lifeless
chunk of steel and silicon. The thing that is missing is all the software and data you and your users have
assembled over the years. Supposedly everything has been backed up. The question is: has it? And if it has, can
yourestore it?
Incremental backups
Differential backups
Tape
Tape was the first widely-used removable data storage medium. It has the benefits of low media cost and
reasonably-good storage capacity. However, tape has some disadvantages — it is subject to wear, and data
access on tape is sequential in nature.
These factors mean that it is necessary to keep track of tape usage (retiring tapes once they have reached the
end of their useful life), and that searching for a specific file on tape can be a lengthy proposition.
On the other hand, tape is one of the most inexpensive mass storage media available, and it has a long history of
reliability. This means that building a good-sized tape library need not consume a large part of your budget, and
you can count on it being usable now and in the future.
Disk
In years past, disk drives would never have been used as a backup medium. However, storage prices have
dropped to the point where, in some cases, using disk drives for backup storage does make sense.
The primary reason for using disk drives as a backup medium would be speed. There is no faster mass storage
medium available. Speed can be a critical factor when your data center's backup window is short, and the amount
of data to be backed up is large.
But disk storage is not the ideal backup medium, for a number of reasons:
Disk drives are not normally removable.
Disk drives are expensive
Disk drives are fragile. Even if you spend the extra money for removable disk drives, their fragility can be
a problem.
Disk drives are not archival media.
Network
By itself, a network cannot act as backup media. But combined with mass storage technologies, it can serve quite
well. For instance, by combining a high-speed network link to a remote data center containing large amounts of
disk storage, suddenly the disadvantages about backing up to disks mentioned earlier are no longer
disadvantages.
By backing up over the network, the disk drives are already off-site, so there is no need for transporting fragile
disk drives anywhere. With sufficient network bandwidth, the speed advantage you can get from backing up to
disk drives is maintained.
However, this approach still does nothing to address the matter of archival storage (though the same "spin off to
tape after the backup" approach mentioned earlier can be used). In addition, the costs of a remote data center
with a high-speed link to the main data center make this solution extremely expensive. But for the types of
organizations that need the kind of features this solution can provide, it is a cost they gladly pay.
Red Hat's user community; in addition, many lists are monitored by Red Hat personnel, who contribute as time
permits. Other resources are available from Red Hat's main support page at
<http://www.redhat.com/apps/support/>.
More comprehensive support options exist; information on them can be found on the Red Hat website.
tar
The tar utility is well known among UNIX system administrators. It is the archiving method of choice for sharing
ad-hoc bits of source code and files between systems. The tar implementation included with Red Hat Enterprise
Linux is GNU tar, one of the more feature-rich tar implementations.
Using tar, backing up the contents of a directory can be as simple as issuing a command similar to the following:
tar cf /mnt/backup/home-backup.tar /home/
This command creates an archive file called home-backup.tar in /mnt/backup/. The archive contains the contents
of the /home/ directory.
The resulting archive file will be nearly as large as the data being backed up. Depending on the type of data being
backed up, compressing the archive file can result in significant size reductions. The archive file can be
compressed by adding a single option to the previous command:
tar czf /mnt/backup/home-backup.tar.gz /home/
cpio
The cpio utility is another traditional UNIX program. It is an excellent general-purpose program for moving data
from one place to another and, as such, can serve well as a backup program.
The behavior of cpio is a bit different from tar. Unlike tar, cpio reads the names of the files it is to process via
standard input. A common method of generating a list of files for cpio is to use programs such as find whose
output is then piped to cpio:
find /home/ | cpio -o > /mnt/backup/home-backup.cpio
This following command creates a cpio archive file (containing the everything in /home/) called home-backup.cpio
and residing in the /mnt/backup/ directory.
find /home/ -atime +365 | cpio -o > /mnt/backup/home-backup.cpio
AMANDA
AMANDA (The Advanced Maryland Automatic Network Disk Archiver) is a client/server based backup application
produced by the University of Maryland. By having a client/server architecture, a single backup server (normally a
fairly powerful system with a great deal of free space on fast disks and configured with the desired backup device)
can back up many client systems, which need nothing more than the AMANDA client software.
This approach to backups makes a great deal of sense, as it concentrates those resources needed for backups in
one system, instead of requiring additional hardware for every system requiring backup services. AMANDA's
design also serves to centralize the administration of backups, making the system administrator's life that much
easier.
The AMANDA server manages a pool of backup media and rotates usage through the pool in order to ensure that
all backups are retained for the administrator-dictated retention period. All media is pre-formatted with data that
allows AMANDA to detect whether the proper media is available or not. In addition, AMANDA can be interfaced
with robotic media changing units, making it possible to completely automate backups.
In operation, AMANDA is normally scheduled to run once a day during the data center's backup window. The
AMANDA server connects to the client systems and directs the clients to produce estimated sizes of the backups
to be done. Once all the estimates are available, the server constructs a schedule, automatically determining the
order in which systems are to be backed up.
Once the backups actually start, the data is sent over the network from the client to the server, where it is stored
on a holding disk. Once a backup is complete, the server starts writing it out from the holding disk to the backup
media. At the same time, other clients are sending their backups to the server for storage on the holding disk.
This results in a continuous stream of data available for writing to the backup media. As backups are written to the
backup media, they are deleted from the server's holding disk.
Once all backups have been completed, the system administrator is emailed a report outlining the status of the
backups, making review easy and fast.
Should it be necessary to restore data, AMANDA contains a utility program that allows the operator to identify the
file system, date, and file name(s). Once this is done, AMANDA identifies the correct backup media and then
locates and restores the desired data. As stated earlier, AMANDA's design also makes it possible to restore data
even without AMANDA's assistance, although identification of the correct media would be a slower, manual
process.
dump/restore
The dump and restore programs are Linux equivalents to the UNIX programs of the same name. As such,
many system administrators with UNIX experience may feel that dump and restore are viable candidates for a
good backup program under Red Hat Enterprise Linux. However, one method of using dump can cause
problems.
The dump(8) and restore(8) commands have traditionally been used on the BSD systems to backup and
restore filesystems. Dump backups a filesystem as a whole into an ``archive'', and restore retrieves files from it.
Although the archive may be created as a regular file on a regular filesystem, it is usually stored on an external
backup device such as a magnetic tape. Some features are implemented in dump to support such devices.
Insert a tape (for practice purpose, if possible) into your drive. After the tape has been loaded, let us confirm the
tape status. mt status command can be used to do this. Here is an example:
% mt status
SCSI 1 tape drive:
File number=0, block number=0.
Tape block size 1024 bytes. Density code 0x0 (default).
Soft error count since last status=0
General status bits on (41010000):
BOT ONLINE IM_REP_EN
First of all, look at the bottom line. This means that the drive has a tape loaded, and the status BOT indicates that
the drive head is at the beginning of the tape. Next word "ONLINE" indicates that the tape drive is ready to be
operated (by mt). The drive status must be "ONLINE" before read / write operations. Next, see the third line. It
shows that the current file number is zero. File number zero corresponds to the beginning of the tape, and is
incremented as passing the End-Of-File (EOF) marks on the tape.
Normally, you don't have to set tape density and tape block size parameters, because these will be automatically
set to suit your drive. If you want to read/write the tape on other OS's also, you may want to set these parameters
explicitly for portability. If your drive supports compression feature and you want to use it, you have to pass the
"compression" flag explicitly to the drive by mt.
These hardware specific parameters are strongly dependent on the drive you use. Please refer to the mt(1)
manual page (items on defsetblk, setblk, defcompression, datcompression and compression), and the manual of
your drive.
If "mt status" outputs an error message as follows, chances are that the link /dev/tape doesn't point to the device
file of your drive correctly.
/dev/nst0: No such device or address
In this case, try other tape-device files by -f option. After finding the right one, fix the link to point to it.
Now you can try writing some files to your tape. Create a directory for practice in an appropriate place. Generate
six dummy files (from file-01 to file-06) by touch command.
(tcsh)% foreach num (01 02 03 04 05 06)
foreach? touch file-$num
foreach? end
(tcsh)% ls -l
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-01
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-02
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-03
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-04
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-05
-rw-r--r-- 1 fuku users 0 Nov 21 01:10 file-06
Then, write these files to the tape with tar, one by one.
% tar cf /dev/tape file-01
If you see no errors, it should have worked. Let's see mt status.
% mt status
SCSI 1 tape drive:
File number=1, block number=0.
Tape block size 1024 bytes. Density code 0x0 (default).
It is important to know that each file consists of two parts, a file content and the EOF mark. If you write a file
successfully, these two parts are generated automatically. When reading the file, set the tape head at the EOF of
the previous file so that you can read the file from the first block. And if you want to add a file to the tape, you
must set the head at the EOF of the last file in this tape. In other words, the EOF mark of the file is also a start
position of the next file. If you write data from middle of some file, of course you will lose whole contents of it.
As the next practice, let's read a certain file from the tape which contains multiple files sequentially. Firstly,
consider extracting file-03 from the tape to which we just wrote six files. You have to move the head to where the
target file is recorded. This can be done as shown below. First, rewind the tape completely, and then go to the
proper position.
% mt rewind
file-03 is written at the position of file number 2. Now the head is at the beginning of this tape (BOT), so you have
to skip two EOFs to go to file-03.
% mt fsf 2
mt fsf command skips specified numbers of EOFs and goes to the starting block of the next file. fsf 2 means that
the head should be moved to the starting position of the file, which is two files ahead of the current position.
% mt fsf 2
% mt status
SCSI 1 tape drive:
File number=2, block number=0.
Tape block size 1024 bytes. Density code 0x0 (default).
Soft error count since last status=0
General status bits on (81010000):
EOF ONLINE IM_REP_EN
Status says that the head is at the EOF of the file number 2 (where the file-02 is archived), and is also the starting
point of file-03. Let's look the content of this file by tar:
% tar tf /dev/nst0
file-03
It is file-03, as expected. Let's see tape status.
% mt status
SCSI 1 tape drive:
File number=2, block number=10.
Tape block size 1024 bytes. Density code 0x0 (default).
Soft error count since last status=0
General status bits on (1010000):
ONLINE IM_REP_EN
Note that EOF is not shown in this status. Tar program usually reads an archive until its own "end of file" mark,
and stops. This "end of file" is DIFFERENT from the EOF of the tape.
In figure-6, F (blue mark) is the tar's "end of file" mark. Note that this is still within the recorded block of the file. If
you try to read next block from this position, tar immediately finds EOF mark and silently quits without reading any
files. If you want to read the next file, do this command:
% mt fsf
to skip one EOF mark. Please remember this behavior, since it is slightly confusing.
Let's consider how to read the archive which has file-03 again, after you did "mt fsf" and the head is now at the
EOF mark of it. The answer is searching the tape backward until the second EOF mark will be found. That is the
beginning of this file.
To do this, type:
% mt bsfm 2
bsfm is an extended command of mt, and some old mt doesn't implement it. In that case, you will have to use bsf
and fsf in sequence to achieve the desired operation. The detail is somewhat cumbersome so it is omitted here.
You can go to the EOF of the last file by mt eod command. However, this command might not work with certain
drives, so you should test it beforehand. Even if it doesn't work, you can do the same by "fsf" command if you
know how many files are written in this tape by logging your operations.
Finally, rewind the tape and eject it. This operation also depends on the kind of your drive, but usually the
following command works:
% mt offline
Then the tape is rewinded if necessary, and ejected from the drive.
23. Printers
Printers and Printing
Printers are an essential resource for creating a hard copy — a physical depiction of data on paper — version of
documents and collateral for business, academic, and home use. Printers have become an indispensable
peripheral in all levels of business and institutional computing.
This chapter discusses the various printers available and compares their uses in different computing
environments. It then describes how printing is supported by Red Hat Enterprise Linux.
Function
Evaluating your organizational needs and how a printer services those needs is the essential criteria in
determining the right type of printer for your environment. The most important question to ask is "What do we
need to print?" Since there are specialized printers for text, images, or any variation thereof, you should be certain
that you procure the right tool for your purposes.
For example, if your requirements call for high-quality color images on professional-grade glossy paper, it is
recommended you use a dye-sublimation or thermal wax transfer color printer instead of a laser or impact printer.
Conversely, laser or inkjet printers are well-suited for printing rough drafts or documents intended for internal
distribution (such high-volume printers are usually called workgroup printers). Determining the needs of the
everyday user allows administrators to determine the right printer for the job.
Other factors to consider are features such as duplexing — the ability to print on both sides of a piece of paper.
Traditionally, printers could only print on one side of the page (called simplex printing). Most lower-end printer
models today do not have duplexing by default (they may, however, be capable of a manual duplexing method
that requires the user to flip the paper themselves). Some models offer add-on hardware for duplexing; such add-
ons can drive one-time costs up considerably. However, duplex printing may reduce costs over time by reducing
the amount of paper used to print documents, thus reducing the cost of consumables — primarily paper.
Another factor to consider is paper size. Most printers are capable of handling the more common paper sizes:
letter — (8 1/2" x 11")
A4 — (210mm x 297mm)
JIS B5 — (182mm x 257mm)
legal — (8 1/2" x 14")
If certain departments (such as marketing or design) have specialized needs such as creating posters or banners,
there are large-format printers capable of using A3 (297mm x 420mm) or tabloid (11" x 17") paper sizes. In
addition, there are printers capable of even larger sizes, although these are often only used for specialized
purposes, such as printing blueprints.
Additionally, high-end features such as network modules for workgroup and remote site printing should also be
considered during evaluation.
Cost
Cost is another factor to consider when evaluating printers. However, determining the one-time cost associated
with the purchase of the printer itself is not sufficient. There are other costs to consider, such as consumables,
parts and maintenance, and printer add-ons.
As the name implies, consumables is a general term used to describe the material used up during the printing
process. Consumables primarily take the form of media and ink.
The media is the material on which the text or image is printed. The choice of media is heavily dependent on the
type of information being printed.
Printer manufacturers have addressed this need by developing departmental (or workgroup) printers. These
machines are usually durable, fast, and have long-life consumables. Workgroup printers usually are attached to a
print server, a standalone device (such as a reconfigured workstation) that handles print jobs and routes output to
the proper printer when available. More recent departmental printers include built-in or add-on network interfaces
that eliminate the need for a dedicated print server.
The Printer Configuration Tool allows users to configure a printer in Red Hat Linux. This tool helps maintain the
printer configuration file, print spool directories, and print filters.
Starting with version 9 and Fedora, Red Hat Linux defaults to the CUPS printing system. The previous default
printing system, LPRng is still provided. If the system was upgraded from a previous Red Hat Linux version that
used LPRng, the upgrade process did not replace LPRng with CUPS; the system will continue to use LPRng.
If a system was upgraded from a previous Red Hat Linux version that used CUPS, the upgrade process
preserved the configured queues, and the system will continue to use CUPS. The Printer Configuration Tool
configures both the CUPS and LPRng printing system, depending on which one the system is configured to use.
When you apply changes, it configures the active printing system.
To use the Printer Configuration Tool you must have root privileges. To start the application, select Main Menu
Button (on the Panel) => System Settings => Printing, or type the command redhat-
config-printer.
This command automatically determines whether to run the graphical or text based version depending on whether
the command is executed in the graphical X Window System environment or from a text-based console.
You can also force the Printer Configuration Tool to run as a text-based application by using the command
redhat-config-printer-tui from a shell prompt.
Important
Do not edit the /etc/printcap file or the files in the /etc/cups/ directory. Each time the printer daemon (lpd
or cups) is started or restarted, new configuration files are dynamically created. The files are dynamically created
when changes are applied with Printer Configuration Tool as well.
If you are using LPRng and want to add a printer without using the Printer Configuration Tool, edit the
/etc/printcap.local file. The entries in /etc/printcap.local are not displayed in the Printer
Configuration Tool but are read by the printer daemon. If you upgraded your system from a previous version of
Red Hat Linux, your existing configuration file was converted to the new format used by this application. Each
time a new configuration file is generated, the old file is saved as /etc/printcap.old.
If you are using CUPS, the Printer Configuration Tool does not display any queues or shares not configured using
the Printer Configuration Tool; however, it will not remove them from the configuration files.
are not written to the configuration file until the printer daemon is restarted. Alternatively, you can choose Action
=> Apply.
Adding a Local Printer
To add a local printer, such as one attached through a parallel port or USB port on your computer, click the New
button in the main Printer Configuration Tool window to display the window in following Figure2. Click Forward to
proceed.
In the window shown below Figure3, enter a unique name for the printer in the Name text field. The printer name
cannot contain spaces and must begin with a letter. The printer name may contain letters, numbers, dashes (-),
and underscores (fi). Optionally, enter a short description for the printer, which can contain spaces.
After clicking Forward, Figure4 appears. Select Locally-connected from the Select a queue type menu, and select
the device. The device is usually /dev/lp0 for a parallel printer or /dev/usb/lp0 for a USB printer. If no devices
appear in the list, click Rescan devices to rescan the computer or click Custom device to specify it manually. Click
Forward to continue.
Select Networked Windows (SMB) from the Select a queue type menu, and click Forward. If the printer is
attached to a Microsoft Windows system, choose this queue type.
Queue Name
To rename a printer or change its short description, change the value in the Queue name tab. Click OK to return
to the main window. The name of the printer should change in the printer list. Click Apply to save the change and
restart the printer daemon.
Queue Type
The Queue type tab shows the queue type that was selected when adding the printer and its settings. The queue
type of the printer can be changed or just the settings. After making modifications, click OK to return to the main
window. Click Apply to save the changes and restart the printer daemon. Depending on which queue type is
chosen, different options are displayed. Refer to the appropriate section on adding a printer for a description of
the options.
Printer Driver
The Printer driver tab shows which print driver is currently being used. If it is changed, click OK to return to the
main window. Click Apply to save the change and restart the printer daemon.
Driver Options
The Driver Options tab displays advanced printer options. Options vary for each print driver. Common options
include:
Send Form-Feed (FF) should be selected if the last page of the print job is not ejected from the printer (for
example, the form feed light fiashes). If this does not work, try selecting
Send End-of-Transmission (EOT) instead. Some printers require both Send Form-Feed (FF) and Send Endof-
Transmission (EOT) to eject the last page. This option is only available with the LPRng printing system.
Send End-of-Transmission (EOT) should be selected if sending a form-feed does not work. Refer to Send Form-
Feed (FF) above. This option is only available with the LPRng printing system.
Assume Unknown Data is Text should be selected if the print driver does not recognize some of the data sent to
it. Only select this option if there are problems printing. If this option is selected, the print driver assumes that any
data that it can not recognize is text and attempts to print it as text. If this option is selected along with the Convert
Text to Postscript option, the print driver assumes the unknown data is text and then converts it to PostScript.
This option is only available with the LPRng printing system.
Prerender Postscript should be selected if characters beyond the basic ASCII set are being sent to the printer but
they are not printing correctly (such as Japanese characters). This option prerenders non-standard PostScript
fonts so that they are printed correctly.
If the printer does not support the fonts you are trying to print, try selecting this option.
For example, select this option to print Japanese fonts to a non-Japanese printer.
Extra time is required to perform this action. Do not choose it unless problems printing the correct fonts exist. Also
select this option if the printer can not handle PostScript level This option converts it to PostScript level 1
GhostScript pre-filtering allows you to select No pre-filtering, Convert to PS level 1, or Convert to PS level 2 in
case the printer can not handle certain PostScript levels. This option is only available if the PostScript driver is
used with the CUPS printing system.
Convert Text to Postscript is selected by default. If the printer can print plain text, try unselecting his when printing
plain text documents to decrease the time it takes to print. If the CUPS printing ystem is used, this is not an option
because text is always converted to PostScript.
Page Size allows the paper size to be selected. The options include US Letter, US Legal, A3, andA4. Effective
Filter Locale defaults to C.
Media Source defaults to Printer default. Change this option to use paper from a different tray. To modify the
driver options, click OK to return to the main window. Click Apply to save the change and restart the printer
daemon.
Printer Configuration
multiple systems. The file should be saved on a different system before reinstalling. To restore the configuration,
type this command as root:
/usr/sbin/redhat-config-printer-tui --Ximport < settings.xml
If you already have a configuration file (you have configured one or more printers on the system already) and you
try to import another configuration file, the existing configuration file will be overwritten. If you want to keep your
existing configuration and add the configuration in the saved file, you can merge the files with the following
command (as root):
/usr/sbin/redhat-config-printer-tui --Ximport --merge < settings.xml
Your printer list will then consist of the printers you configured on the system as well as the printers you imported
from the saved configuration file. If the imported configuration file has a print queue with the same name as an
existing print queue on the system, the print queue from the imported file will override the existing printer.
After importing the configuration file (with or without the merge command), you must restart the printer daemon. If
you are using CUPS, issue the command:
/sbin/service cups restart
If you are using LPRng, issue the command:
/sbin/service lpd restart
If you are using LPRng as the printing system, after adding the printer, use the following command to start/restart
the printer daemon:
#service lpd restart
Removing a Local Printer
A printer queue can also be removed via the command line.
As root, to remove a printer queue:
redhat-config-printer-tui --Xremove-local options
Options:
--device=node
www.wilshiresoft.com Wilshire Software Technologies Rev Dt: 15-Oct-08
info@wilshiresfot.com Ph: 2761-2214 / 6677-2214 / 6452-6173 Ver: 1
Linux Administration – Printers Page 136 of 167
Figure10:
Clicking on the printer notification icon starts the GNOME Print Manager to display a list of current print jobs. Also
located on the Panel is a Print Manager icon. To print a file from Nautilus, browse to the location of the file and
drag and drop it on to the Print Manager icon on the Panel. The window shown in Figure12 is displayed. Click OK
to start printing the file.
Sharing a Printer
The Printer Configuration Tool's ability to share configuration options can only be used if you are using the CUPS
printing system. Allowing users on a different computer on the network to print to a printer configured for your
system is called sharing the printer. By default, printers configured with the Printer Configuration Tool are not
shared.
To share a configured printer, start the Printer Configuration Tool and select a printer from the list. Then select
Action => Sharing from the pulldown menu.
Note: If a printer is not selected, Action => Sharing only shows the system-wide sharing options normally
shown under the General tab. On the Queue tab, select the option to make the queue available to other users.
After selecting to share the queue, by default, all hosts are allowed to print to the shared printer. Allowing all
systems on the network to print to the queue can be dangerous, especially if the system is directly connected to
the Internet. It is recommended that this option be changed by selecting the
All hosts entry and clicking the Edit button to display the window shown in Figure14.
If you have a firewall configured on the print server, it must be able to send and receive connections on the
incoming UDP port, 631. If you have a firewall configured on the client (the computer sending the print request), it
must be allowed to send and accept connections on port 631.
Select either the LPRng or the CUPS printing system. In Red Hat Linux 9, CUPS is the default. If you only have
one printing system installed, it is the only option shown.
If you select OK to change the printing system, the selected print daemon is enabled to start at boot time, and the
unselected print daemon is disabled so that it does not start at boot time.
Additional Resources
To learn more about printing on Red Hat Linux, refer to the following resources.
Installed Documentation
man printcap The manual page for the /etc/printcap printer configuration file.
map lpr The manual page for the lpr command that allows you to print files from the command line.
man lpd The manual page for the LPRng printer daemon.
man lprm The manual page for the command line utility to remove print jobs from the LPRng spool queue.
man mpage The manual page for the command line utility to print multiple pages on one sheet of paper.
man cupsd The manual page for the CUPS printer daemon.
man cupsd.conf The manual page for the CUPS printer daemon configuration file.
man classes.conf The manual page for the class configuration file for CUPS.
Note: If the /usr/src/linux-2.4 dose not exists, probably you don’t have linux-source-2.4.20 package
installed. You can install this package from 2nd and 3rd CD of RedHat 9 distribution. Use redhat-config-packages
and install the Kernel Development section of packages or simply use rpm command to install the package.
STEP6
Assuming you copied the appropriate kernel-2.4 config to .config, run the following which will run through
necessary questions for the 2.6 kernel. This command will backup the current kernel settings and adds to the new
one we are about to build.
oldconfig will read the defaults from an existing .config and rewrite necessary links and files. Use this option
if you've made minor changes to source files or need to script the rebuild process. Note that oldconfig will only
work within the same major version of the kernel.
#make oldconfig
The above command preserves most settings and will prompt you only for new items. You can also use “make
xconfig” command which brings up GUI window asking you to setup all the parameters that you want to enable
or disable. You can alos use “make menuconfig” which brings up a TUI
See the following figure:
#make xconfig
STEP 11:
Now it’s the time to install our new kernel. Simply run the make install command. It should automatically
update the GRUB boot loader configuration file /boot/grub/grub.conf, create initial ram disk image
(/boot/initrd-2.6.6-custom_ker-6) and place the new kernel (/boot/vmlinuz-2.6.6-
custom_ker-6) under /boot directory.
#make install
STEP 12 (CHECKING EVERYTHING):
Check the following:
The new image file should be installed on boot and there should be sym link to it. Latest kernel is 2.6.3-
custom_ker-6, and I got the "-custom_ker-6" from the values I put in the Makefile, see the following:
ls –l /boot
vmlinuz -> vmlinuz-2.6.3-custom_ker-6
System.map -> System.map-2.6.3-custom_ker-6
/boot/grub/grub.conf Should have been automatically updated from make.
In /boot/grub/grub.conf change "default=0" to boot with the new kernel. Here's an example of
grub.conf:
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making
# NOTICE: You have a /boot partition.
#boot=/dev/hda
default=0
timeout=10
splashimage=(hd0,2)/grub/splash.xpm.gz
title Red Hat Linux (2.6.3-custom_ker-6)
root (hd0,2)
kernel /vmlinuz-2.6.3-custom_ker-6 ro root=LABEL=/
initrd /initrd-2.6.3-custom_ker-6.img
You added the mount command for sys in /etc/rc.sysinit
CONFIG_EXT3_FS=y was used in the .config
Run /sbin/lsmod or cat /proc/modules to make sure a 2.4 kernel module wasn't forgotten. Also
look at "#cat /proc/iomem"
Lastly: reboot the system tryout the new kernel. Use the uname –r command to see the current kernel version.
#uname –r
2.6.6-custom_ker
Preparing To Go “Headless”
One of the advantages of this method is that you don't need a keyboard either. Unfortunately your BIOS
may halt the system during the Power On Self Test (POST) if it doesn't detect a keyboard. Make sure you
disable this feature in the BIOS setup of your PC before proceeding. This feature can usually be found on
the very first screen under the “Halt On” option.
You will also need to make sure that you have activated your COM ports in your BIOS settings.
For non-modem connectivity (PC to PC) connect a NULL modem cable to the COM port you want to test,
connect the other end to the client PC running "Hyperterm" or whatever terminal emulation software you
are using. One popular Linux equivalent to Hyperterm is “minicom”.
Configuration Steps
In RedHat Linux, the COM1 and COM2 ports are controlled by a program called "agetty", but "agetty" usually
isn't activated when you boot up unless its configuration file /etc/inittab is modified. In other versions of Linux,
"agetty" may be called just plain "getty". Here is a table that lists the physical ports to their equivalent Linux
device names.
COM1 ttyS0
COM2 ttys1
The following lines added to /etc/inittab will configure your COM ports for terminal access:
# Run COM1 and COM2 gettys in standard runlevels
S0:235:respawn:/sbin/agetty -L 9600 ttyS0 vt100
S1:235:respawn:/sbin/agetty -L 9600 ttyS1 vt100
Warning: The system will HANG if one of ttyS0 or ttyS1 is connected to Mouse or other devices are using the
particular port. In such case check the back panel of the system, find the proper port and mention only that
particular port in /etc/inittab i.e either ttyS0 or ttyS1. If the mouse is PS/2 type or both the ports are not
in use then there shouldn’t be any problem.
The next step is to restart the "init" process to re-read /etc/inittab
[root@skynet tmp]# init q
Now you need to configure the terminal client such “as Hyperterm” to match the speed settings in /etc/inittab.
Connect the console / modem cable between the client and your Linux box. Hit "enter" a couple times and you
see something like this:
Red Hat Linux release 9 (Shrike)
Kernel 2.4.18-14 on an i686
skynet login:
Note: By default, user "root" will not be able to log in from a terminal. To do this you'll have to edit the
/etc/securetty file which contains the device names of tty lines on which root is allowed to login. Just add
ttyS0 and ttyS1 to the list if you need this access.
26.1.2 RAID 1
With RAID 1, data is cloned on a duplicate disk. This RAID method is therefore frequently called "disk mirroring".
A good analogy would be telling two people the same story so that if one forgets some of the details you can ask
the other one to remind you.
When one of the disks in the RAID set fails, the other one continues to function. When the failed disk is replaced,
the data is automatically cloned to the new disk from the surviving disk. RAID 1 also offers the possibility of using
a "hot standby" spare disk which will be automatically cloned in the event of a disk failure on any of the primary
RAID devices.
RAID 1 offers data redundancy, without the speed advantages of RAID 0. A disadvantage of software based
RAID 1 is that the server has to send data twice to be written to each of the mirror disks. This can saturate data
busses and CPU utilization. With a hardware based solution, the server CPU sends the data to the RAID disk
controller once, and the disk controller then duplicates the data to the mirror disks. This makes RAID capable disk
controllers the preferred solution when implementing RAID 1.
A limitation of RAID 1 is that the total RAID size in Gigabytes is equal to that of the smallest disk in the RAID set.
Unlike RAID 0, the extra space on the larger device isn't used.
Following figure illustrates the data allocation process in RAID 1.
26.1.3 RAID 5
RAID 5 improves on RAID 4 by striping the parity data between all the disks in the RAID set, This avoids the
parity disk bottleneck while maintaining many of the speed features of RAID 0 and the redundancy of RAID 1.
Like RAID 4, RAID 5 can only survive the loss of a single disk. Linux RAID 5 requires a minimum of three disks /
partitions.
Specially built hardware based RAID disk controllers are available for both IDE and SCSI drives. They usually
have their own BIOS, so you can configure them right after your system's the power on self test (POST).
Hardware based RAID is transparent to your operating system, the hardware does all the work.
If hardware RAID isn't available then you should be aware of these basic guidelines to follow when setting up
software RAID.
It is generally a not a good idea to share RAID configured partitions with non RAID partitions. The reason for this
is obvious as a disk failure could still incapacitate a system.
If you decide to use RAID, all the partitions on each RAID disk should be part of a RAID set.
Backup Your System First
Software RAID creates the equivalent of a single RAID virtual disk drive made up of all the underlying regular
partitions used to create it. You will have to format this new RAID device before your Linux system will be able to
store files on it. This will cause all the old data on the underlying RAID partitions to be lost.
It is best to backup the data on these and any other partitions on the disk drive on which you want implement
RAID. A mistake could unintentionally corrupt valid data.
WARNING: Re-reading the partition table failed with error 16: Device or
resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
[root@skynet tmp]#
The error above will occur if any of the other partitions on the disk is mounted.
Repeat For The Other Partitions
Seps for changing the IDs for /dev/sdc1 and /dev/sdd1 are very similar.
General Guidelines
When configuring RAID 5 a "parity-algorithm" setting must be used.
The "raid-disk" parameters for each partition in the /etc/raidtab file are numbered starting at "0". For
example, if you have four partitions for RAIN, they would be numbered 0, 1, 2 & 3.
For RAID levels 1, 4 and 5 /etc/raidtab "persistent-superblock" must be set to "1" in order for the RAID
autodetect feature (partition type FD) to work.
For all RAID versions, "persistent-superblock" must be set to "0"
In our example:
We configure RAID 5 on using each of the desired partitions on the 3 disks (sdb1, sdc1 sdd1). The set of 3
RAID disks will be called /dev/md0.
#
# sample raiddev configuration file
# 'old' RAID0 array created with mdtools.
#
raiddev /dev/md0
raid-level 5
nr-raid-disks 3
persistent-superblock 1
chunk-size 32
parity-algorithm left-symmetric
device /dev/sdb1
raid-disk 0
device /dev/sdc1
raid-disk 1
device /dev/sdd1
raid-disk 2
Your new RAID device will now have to be formatted. In the example below:
We use the "-j" qualifier to ensure that a journaling file systems is created.
A block size of 4KB (4096 bytes) is used with each chunk being comprised of 8 blocks. It is very important
that the "chunk-size" parameter in the /etc/raidtab file match the value of the block size multiplied by
the stride value in the command below. Note: If the values don't match, then you will get parity errors.
[root@skynet tmp]# mke2fs -j -b 4096 -R stride=8 /dev/md0
mke2fs 1.32 (09-Nov-2002)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
516096 inodes, 1030160 blocks
51508 blocks (5.00%) reserved for the super user
First data block=0
32 block groups
32768 blocks per group, 32768 fragments per group
16128 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736
Note: It is very important that you DO NOT use labels in the /etc/fstab file for RAID devices, just use the real
device name such as "/dev/md0". On startup, the /etc/rc.d/rc.sysinit script checks the /etc/fstab file for
device entries that match RAID set names in the /etc/raidtab file. It will not automatically start the RAID set driver
for the RAID set if it doesn't find a match. Device mounting then occurs later on in the boot process. Mounting a
RAID device that doesn't have a loaded driver can corrupt your data giving the error below.
Mount The New RAID Set
The mount command can now be used to mount the RAID set.
Using the automount feature
The mount command's "-a" flag will cause Linux to mount all the devices in the /etc/fstab file that have
automounting enabled (default) and that are also not already mounted.
[root@skynet tmp]# mount -a
Manually Mounting the RAID Set
You can also mount the device manually.
[root@skynet tmp]# mount /dev/md0 /mnt/raid
(B)
Background Process – A program that is running without user input. A number of background processes can
be running on a multitasking operating system, such as UNIX/Linux, while the user is interacting with the
foreground process (for example, data entry). Some background processes–daemons, for example–never require
user input. Others are merely in the background temporarily while the user is busy with the program presently
running in the foreground.
Bash – (Bourne Again SHell) – An enhanced version of the Bourne Shell. (Also, see Korn Shell.)
BDF Fonts – A variety of bitmapped fonts for the X Window System. (Also, see PostScript Fonts and TrueType
Fonts.)
Bin – A directory containing executable programs, primarily binary files.
Binaries – Source code that has been compiled into executable programs. In the UNIX/Linux world, some
software is distributed as source code only; other packages include both source and binaries; still others are
distributed only in binary format.
Bootstrap – is using a much smaller initial program to load in the desired program (which is
usually an operating system).
Boot Disk – A diskette (floppy) containing enough of an operating system (such as Linux) to
boot up (start) the computer and run some essential programs from the command line. This
may be necessary if the system was rendered non-bootable for some reason. A boot disk can
be used to partition and format the hard drive, restore the Master Boot Record, or copy
specific files, among other things.
Bot – Short for Robot. A program designed to search for information on the Internet with little human intervention.
Bourne Shell – A popular command line shell offering many advantages over the DOS command prompt. (Also,
see Bash and Korn Shell.)
BSD – (Berkeley Software Distribution) UNIX – UNIX distribution from University of California at Berkeley (Also,
see FreeBSD.)
Bzip2 – A newer file compression program for UNIX/Linux, providing smaller file sizes than Gzip
(C)
CGI (Common Gateway Interface) – Used on Web servers to transmit data between scripts and/or
applications and then return the data to the Web page or browser. CGI scripts are often created using the Perl
language, and can generate dynamic Web content (including e-commerce shopping baskets, discussion groups,
survey forms, current news, etc.).
CHS – (Cylinder/Head/Sector) – Disk information required by FDISK during partitioning. Client – A machine that
requests services (e-mail, for example) from a server.
CLU – (Command Line Utility) – A program that is run from a command line session, or shell, such as Tar or
Mkdir
Cluster – A network of workstations (PCs or other) running Linux. (Also, see Beowulf.)
Command Line Interface (CLI) – A full-screen or windowed text-mode session where the user executes
programs by typing in commands with or without parameters. The CLI displays output text from the operating
system or program and provides a command prompt for user input.
Compiler – A program used to turn programming source code into an executable program.
Console Application – A command line program that does not require (or perhaps even
offer) a graphical user interface to run.
Cron – A Linux daemon that executes specified tasks at a designated time or interval.
CSV – Comma Separated Value file contains the values in a table as a series of ASCII text lines organized so
that each column value is separated by a comma from the next column's value and each row starts a new line.
CUPS – Common Unix Printing System provides a portable printing layer for UNIX and linux based operating
systems
(D)
Daemon – A background process of the operating system that usually has root security level permission. A
daemon usually lurks in the background until something triggers it into activity, such as a specific time or date,
time interval, receipt of e-mail, etc.
Desktop – The operating system user interface, which is designed to represent an office esk with objects on it.
Rather than physical telephones, lamps, in/out baskets, etc., the perating system desktop uses program and data
icons, windows, taskbars, and the like. here are many different desktop environments available for Linux,
including KDE, NOME, and X11, that can be installed by a user. (Also, see GUI, Window manager and X Window
System.)
Device Driver – A program that serves as an intermediary between the operating system nd a device (ports,
drives, monitors, printers, etc.) defining to the operating system what apabilities the device has and translating the
operating system commands into nstructions the device understands.
Distribution – A packaging of the Linux kernel (core) with various user interfaces, utilities, drivers, and other
software into a user deliverable. Often available as a free download or in a low-cost CD-ROM package. Popular
distributions include Caldera OpenLinux, CoreLinux, Debian, Red Hat, Slackware, SuSE, TurboLinux and others.
(E)
Emacs (Editing with MACroS) – A popular text editor.
Enlightenment – One of several user interfaces (window managers). For more on fterStep, go to
www.afterstep.org. (Also, see AfterStep, GNOME, KDE and X Window system.)
Elm – was a popular e-mail program for users of Unix or linux based operating systems that runs in a cmd line
mode (like reading email in DOS).
Errata – Redhat has lots of this stuff
EXT2 – Extended File System Version 2 is probably the most widely used filesystem in the Linux community. It
provides standard Unix file semantics and advanced features. Moreover, thanks to the optimizations included in
the kernel code, it is robust and offers excellent performance.
EXT3 – Extended File System Version 3 Ext3 support the same features as Ext2, but includes also Journaling. A
journaling file system uses a separate area called a log or journal. Before metadata changes are actually
performed, they are logged to this separate area. The operation is then performed. If the system crashes during
the operation, there is enough information in the log to "replay" the log record and complete the operation.
(F)
File System – A set of programs that tells an operating system how to access and nterpret the contents of a
disk or tape drive, or other storage medium. Common file reparing Today for Linux Tomorrow systems include:
FAT and FAT-32 (DOS/Windows), HPFS (OS/2), NFS, NTFS (Windows NT/2000), and others.
Filter – A program that reads data (from a file, program output or command line entry) as input, processes it
according to a set of predefined conditions (for example, sorted lphabetically) and outputs the processed data.
Some filters include Awk, Grep, Sed and sort.
Finger – A UNIX/Linux command that provides information about users that are logged on.
Foreground Process – In a multitasking operating system, such as UNIX/Linux, the foreground process is the
program that the user is interacting with at the present time (for example, data entry). Different programs can be
in the foreground at different times, as the user jumps between them. In a tiered windowing environment, it is the
topmost window.
FreeBSD – (Free Berkeley Software Distribution) – Similar to Linux in that it includes many GNU programs and
runs many of the same packages as Linux. However, some kernel functions are implemented differently. (Also,
see BSD UNIX.)
FTP – (File Transfer Protocol) – A method of transferring files to and from other computers–often software
repositories.
(G)
GCC – (GNU C Compiler) – A high-quality C compiler governed by the GPL.
GIMP – (GNU Image Manipulation Program) – A popular image editor/paint program for Linux.
GNOME (GNU Network Object Model Environment) – One of several user interfaces (window managers) for
Linux, built with Gtk. For more on GNOME, go to www.gnome.org. (Also, see AfterStep, Enlightenment, KDE and
X Window System.)
GNU – (GNU is Not Unix) Project – An effort of the Massachusetts Institute of Technology (MIT) Free Software
Foundation (FSF) to develop and promote alternatives to proprietary UNIX implementations. GNU software is
licensed under the GPL.
GNU/Linux – Same as Linux. So-called because many of the components included in a Linux distribution are
GNU tools.
GPL – (GNU General Public License) – A common usage and redistribution license. Visit
www.linuxdoc.org/LDP/gs/app-gpl/node1.html to see a copy of the GPL agreement.
Grep – (Global Regular Expression and Print) – A tool that searches files for a string of text and outputs any line
that contains the pattern
Grub – A linux bootloader is the first software program that runs when a computer starts. It is responsible for
loading and transferring control to the operating system kernel software. The kernel then starts the rest of the
operating system.
Gtk/Gtk+ – (GIMP ToolKit) – A powerful, fast open source graphics library for the X window System on
UNIX/Linux, used by programmers to create buttons, menus and other graphical objects. (Also, see GNOME,
Motif and Qt.)
GUI (Graphical User Interface) – The collection of icons, windows, and other onscreen graphical images that
provide the user’s interaction with the operating system. (Also, see Desktop and Window manager.)
Gzip – (GNU zip) – The original file compression program for UNIX/Linux. Recent versions produce files with a
.gz extension. (A .z or .Z extension indicates an older version of Gzip.) Compression is used to compact files to
save storage space and reduce transfer time. (When combined with Tar, the resulting file extensions may be .tgz,
.tar.gz or .tar.Z.)
(H)
Home Directory – The directory the user is placed in after logging on.
HTML – (Hyper Text Markup Language) – The standard markup language for designing Web pages. Markup
“tags,” or formatting commands, allow the Web page designer to specify highlighting, position graphics, create
hyperlinks, etc.
HTTP – (Hyper Text Transport Protocol) – The set of guidelines created for requesting and sending HTML-based
Web pages.
(I)
Init – The first process to run immediately after the operating system loads. It starts the system in single-user
mode or spawns a shell to read the startup files, and opens ports designated as login ports.
IRC Internet relay chat. A older system of chatting online using the Internet. These can be more like the wild west
days since there is usally little to no direct control or moderation of these.
(J)
Java® – An object-oriented programming language developed by Sun Microsystems® to be operating system
independent. Java is often used on Web servers. Java applications and applets are sometimes offered as
downloads to run on users’ systems. Java programming can produce applications, or smaller Java “applets.” Java
is a somewhat simplified version of the C++ language, and is normally interpreted rather than compiled.
Java Applets – Small Java programs that are embedded in a Web page and run within a browser, not as a
stand-alone application. Applets cannot access some resources on the local computer, such as files and serial
devices (modems, printers, etc.), and generally cannot communicate with other computers across a network.
JavaBeans – component architecture for the Java language. JavaBeans components are called Beans.
JavaScript – A cross-platform World Wide Web scripting language, vaguely related to Java. It can be used as a
server-side scripting language, as an embedded language in server-parsed HTML, and as an embedded
language for browsers.
JDK – (Java Development Kit) – A Java programming toolkit from Sun, IBM or others, available for UNIX/Linux
and other operating systems.
JFS – (Journaled/Journaling File System) – A file system that includes built-in backup/recovery capabilities.
Changes to the index are written to a log file before the changes take effect so that if the index is corrupted (by a
power failure during the index write, for example), the index can be rebuilt from the log, including the changes.
JVM – (Java Virtual Machine) – A Java runtime environment, required for the running of Java programs, which
includes a Java interpreter. A different JVM is required for each unique operating system (Linux, OS/2, Windows
98, etc.), but any JVM can run the same version of a Java program.
(K)
KDE – (K Desktop Environment) – One of several user interfaces (window managers) for Linux, built with Qt. For
more on KDE, go to www.kde.org. (Also, see AfterStep, Enlightenment, GNOME and X Window System.)
Kernel – The core of the operating system, upon which all other components rely. The kernel manages such
tasks as low-level hardware interaction and the sharing of resources, including memory allocation, input/output,
security, and user access.
Korn Shell – An enhanced version of the Bourne Shell, including extensive scripting support and command line
editing. It supports many scripts written for the Bourne Shell. (Also, see Bash.)
(L)
LGPL (Library GPL) – A variation of the GPL that covers program libraries.
LILO – (LInux LOader) – A popular partition boot manager utility, capable of booting to operating systems other
than Linux. It is not file system-specific.
Linux – An open source UNIX-like operating system, originally begun by Linus Torvalds. “Linux” really refers to
only the operating system kernel, or core. More than 200 people have contributed to the development of the Linux
kernel. The rest of a Linux distribution consists of various utilities, device drivers, applications, a user interface
and other tools that generally can be compiled and run on other UNIX operating systems as well.
Lindows – is a low-cost commercial Linux-based operating system with a user interface similar to the latest
Microsoft Windows operating system. Although Lindows is proprietary and is not open source like Linux, Lindows
is less expensive than Windows XP.
LISA – (Lisp-based Intelligent Software Agents) is a production-rule system heavily influenced by JESS (Java
Expert System Shell). It has at its core a reasoning (artifical intelligence) engine based on the Rete pattern
matching algorithm. LISA also provides the ability to reason over ordinary CLOS objects.
Log – To store application or system messages or errors. Also, a file that holds this information.
Lynx – A popular non-graphical (text-based) Web browser.
(M)
Macro – A set of instructions stored in an executable form. Macros may be applicationspecific (such as a
spreadsheet or word processing macro that performs specific steps within that program) or general-purpose (for
example, a keyboard macro that types in a user ID when Ctrl-U is pressed on the keyboard).
Man – The UNIX/Linux command for reading online manual pages.
MBR (Master Boot Record) – The first physical sector on a bootable disk drive. The place where the system
BIOS looks when the computer is first booted, to determine which partition is currently active (bootable), before
reading that partition’s first (boot) sector and booting from the partition.
Mesa – An implementation of the OpenGL (Open Graphics Library) API (Application Programming Interface). It
provides standard guidelines and a toolset for writing 2D and 3D hardware-assisted graphics software.
MIME (Multipurpose Internet Mail Exchange) – A communications protocol that allows text e-mail messages to
include non-textual (graphics, video or audio, for example) data.
Motif – A powerful proprietary graphics library for UNIX/Linux, developed by the Open Software Foundation
(OSF) and used by programmers to create buttons, menus and other graphical objects for the X Window System.
Mozilla – was Netscape Communication's nickname for Navigator, its Web browser, and, more recently, the
name of an open source public collaboration aimed at making improvements to Navigator.
Mount – Identify a disk drive to the file system before use.
Multitasking – The ability of an operating system to run more than one program, or task, at a time. A
cooperative multitasking OS, like Windows 95/98, requires one application to voluntarily free up resources upon
request so another application can use it. A preemptive multitasking OS, such as UNIX/Linux, Windows NT/2000
or OS/2, frees up resources when ordered to by the operating system, on a time-slice basis, or a priority basis, so
that one application is unable to hog resources when they are needed by another program.
Multithreading – The ability of an operating system to concurrently run programs that have been divided into
subcomponents, or threads. Multithreading, when done correctly, offers better utilization of processors and other
system resources. Multithreaded programming requires a multitasking/multithreading operating system, such as
UNIX/Linux, Windows NT/2000 or OS/2, capable of running many programs concurrently. A word processor can
make good use of multithreading, because it can spell check in the foreground while saving to disk and sending
output to the system print spooler in the background.
(N)
NFS (Network File System) – A file system that allows the sharing of files across a network or the Internet.
(O)
Object-Oriented – A software development methodology that offers the programmer standard reusable
software modules (components), rather than requiring the developer to write custom programming code each
time. Using standard components reduces development time (because the writing and testing of those
components has already been done by other programmers), and ensures a standard look and feel for programs
using the same components.
OO – See Object-Oriented.
Open Source – A somewhat ambiguous term that refers to software that is released with its source code. The
fact that the source code is provided does not necessarily mean that users can modify and redistribute the source
code. The term is sometimes used interchangeably with “free software,” although they are not always the same.
OSS (Open Sound System) – A device driver for accessing sound cards and other audio devices under
UNIX/Linux. It evolved from the Linux Sound Driver, and supports most popular audio chips and adapters.
OSS (Open Source Software) – See Open Source.
(P)
PAM (Pluggable Authentication Modules) – A replaceable user authentication module for system security, which
allows programs to be written without knowing which authentication scheme will be used. This allows a module to
be replaced later with a different module without requiring rewriting the software.
Panel – The name for the Linux equivalent of the Windows Taskbar.
Partition – A contiguous section of a disk drive that is treated by the operating system as a physical drive. Thus,
one disk drive can have several drive letters assigned to it.
PCF fonts – A variety of bitmapped fonts to be used with the X Window System.
PD – See Public Domain.
PDF (Portable Document Format) files – Binary files created with Adobe Acrobat or other programs capable of
producing output in this format. Used for producing operating system-independent documents, which can be
viewed using Acrobat Reader or other programs, including Web browsers equipped with an Acrobat Reader plug-
in.
Perl (Practical Extraction and Report Language) – A common scripting/programming language. It is often used
on UNIX/Linux Web servers for generating CGI scripts.
PGP (Pretty Good Privacy) – A high-security, public-key data encryption program for UNIX/Linux and other
operating systems.
PHP is a script language and interpreter that is freely available and used primarily on Linux Web servers.
Piping Symbol – The | keyboard character (the Shift-Backslash character above the Enter key on a typical 101-
key keyboard). It is often used to feed the output from one command or program to another. For example, history |
grep mcopy sends the contents of the .bash_history file (via the history command) to the grep program, searching
for the string “mcopy”. (Also, see Append Symbol and Redirection Symbol.)
Pine is a program for Internet News & Email - is a tool for reading, sending, and managing electronic messages.
PL file extension for a perl script
Port/Ported/Porting – The process of taking a program written for one operating system platform and
modifying it to run on another OS with similar functionality. There is generally little or no attempt to customize the
program to take advantage of the unique capabilities of the new operating system, as opposed to optimizing an
application for a specific operating system.
Portable – A term referring to software that is designed to be use on more than one operating system with only
minor modifications and recompilation.
POSIX (Portable Operating System Interface for uniX) – A set of programming interface standards governing
how to write application source code so that the applications are portable between operating systems. POSIX is
based on UNIX and is the basis for the X/Open specification of The Open Group.
PostScript – A page description language developed by Adobe Systems that tells a printer how to display text
or graphics on a printed page.
PostScript Fonts – A wide variety of fonts that can be used with OS/2, MS Windows and the X Window System.
Font files include those with .afm, .pfa and .pfb extensions. Sometimes called Adobe Type 1 fonts, or ATM
(Adobe Type Manager) fonts. PostScript fonts typically require a PostScript-compatible printer. (Also, see BDF
Fonts and TrueType Fonts.)
Process – An executing program. (Also, see Multitasking and Multithreading.) Public Domain – Software that is
available to be used and modified by anyone, for any purpose, and may even be incorporated for distribution in
commercial software. Public domain software is not copyrighted, and no rights are retained by the author.
Public Key Encryption – A method of data encryption that involves two separate keys: a public key and a
private key. Data encrypted with the public key can be decrypted only with the private key and vice versa.
Typically, the public key is published and can be used to encrypt data sent to the holder of the private key, and
the private key is used to sign ata.
Python – An object-oriented p-code programming language.
(Q)
Qt – A powerful, fast open source graphics library for the X Window System on UNIX/Linux, which is used by
programmers to create buttons, menus, and other graphical objects. (Also, see Gtk/Gtk+ and KDE.)
Queue – (Sometimes incorrectly spelled Que.) A list of tasks awaiting execution, as in “the print queue.”
Qmail – is one of the more popular email servers also called a SMTP server
(R)
RAID (Redundant Array of Independent/Inexpensive Disks/Devices) – A method of providing data redundancy,
improved performance and/or quick data recoverability from disk crashes, by spreading or duplicating data across
multiple disk drives. Commonly used RAID types include RAID 0 (Data Striping), RAID 1 (Disk Mirroring) and
RAID 5 (Striping with Distributed Parity). RAID configurations typically require SCSI disk drives (not IDE/EIDE)
and may require identical drives (same capacity, brand, etc.). RAID arrays appear to the operating system as a
single device.
RC File – A script file containing the startup instructions for a program (an application or even the operating
system). The file, to be executed automatically when the operating system is started, contains a list of instructions
(commands or other scripts) to run.
RCS (Revision Control System) – A suite of programs that controls shared access to files in a group environment
and tracks text file changes. Generally used for maintaining programming source code modules.
Rdev – A utility for obtaining information about a Linux system. It is used to query and set the image root device,
the video mode, the swap device and a RAM disk.
Redirection Symbol – The > keyboard character. It is often used to send the output from a
command to a text file. For example, ls -a > output.txt sends the current directory list to a file
called output.txt. Repeating the command will replace the content of the file with new data.
(Also, see Append Symbol and Piping Symbol.)
RFS (Remote File Sharing) – A program that lets the user access files on another computer as if they were on
the user’s system.
Root Operator – The user ID with authority to perform all system-level tasks. (Also called Superuser)
Root Window – The underlying session in which the Linux desktop runs.
RPM (RPM Package Manager) – A packaging and installation tool for Internet downloads, included with some
Linux distributions. It produces files with a .RPM extension. Similar to Dpkg.
(S)
Script – A set of commands stored in a file. Used for automated, repetitive, execution.
Session – A complete interaction period between the user and the operating system, from login to logoff.
Shareware – A form of commercial software, where it is offered as “try before you buy”. If the customer
continues to use the product after a short trial period, they are required to pay a specified, usually nominal, fee.
(Also, see Open Source and Public Domain.)
Shell – A text-mode window containing a command line interface to the operating system.
Shell Prompt – The user input area of a shell. Whereas in a DOS shell the command prompt is designated by a
Greater Than (>) symbol, in Linux it is usually a Percent (%) symbol, Dollar sign ($) or other special character,
depending on the shell used.
Shell Script – A script designed to be run automatically when a shell is started.
SHTTP (Secure Hyper Text Transport Protocol) – A secure, encrypted version of HTTP used for financial
transactions and other private information sent via the Internet.
Slash (/) – The symbol used in file pathnames, instead of the backslash (\) used in the DOS/Windows and OS/2
operating systems.
Source Code – Programming commands in their raw state as input by a programmer. Some programming
languages allow the commands to be executed on the fly by a program interpreter. Other languages require the
commands to be compiled into executable programs (binaries) before they can be used. In the UNIX/Linux world,
some software is distributed as source code only; other packages include both source and binaries; still others
are distributed in binary format only.
SPAM – Unsolicited email. Currently it is estimated that world wide over 50% of all email is SPAM
Spool (Simultaneous Peripheral Operation On-Line) – To send data to a program that queues up the information
for later use (for example, the print spooler).
SQL (Structured Query Language) – The language used for manipulating records and fields (rows and columns)
in a relational database. Sometimes erroneously pronounced “sequel”.
Steganography – The practice of hiding one piece of information within another. One example is putting an
invisible digital watermark in a digitized photograph.
String – A sequence of characters, as in a “search string.”
Superuser – Usually synonymous with root operator.
Swap – To temporarily move data (programs and/or data files) from random access
memory to disk storage (swap out), or back (swap in), to allow more programs and data to be processed than
there is physical memory to hold it. Also called Virtual Memory.
Swap Space – Where swapped data is temporarily stored on disk. Linux uses a dedicated disk partition for swap
space, rather than a specific swap file.
Symbolic link – An alias or shortcut to a program or file.
Sync – To force all pending input/output to the disk drive.
Syslog – The UNIX/Linux System Logger, where all system messages or errors are stored.
(T)
Tag – A command in a markup language, such as HTML, to display information in a certain way, such as bold,
centered or using a certain font.
Tar (Tape ARchive) – A file packaging tool included with UNIX/Linux for the purpose of assembling a collection of
files into one combined file for easier archiving. It was originally designed for tape backup, but today can be used
with other storage media. When run by itself, it produces files with a .tar extension. When combined with Gzip, for
data compression, the resulting file extensions may be .tgz, .tar.gz or .tar.Z.
Tarball – A file created by the Tar utility, containing one or more other archived and, optionally, compressed
files.
TeX – A popular macro-based text formatter. The basis for other such formatters, including LaTeX and teTeX.
TFTP (Trivial File Transfer Protocol) – A simplified version of FTP without authentication or many other basic
features of FTP.
Thread – A small piece of programming that acts as an independent subset of a larger program, also called a
“process”. A multithreaded program can run much faster than a monolithic, or single-threaded, program because
several, or even many, different tasks can be performed concurrently, rather than serially (sequentially). Also,
threads within a single application can share resources and pass data back and forth between themselves.
Time-sharing – A method of allowing multiple users to share a processor by allocating each user a portion of
the processor resources on a timed basis and rotating each user’s processes within those time segments. (Also,
see Multitasking.)
Torvalds, Linus – The original creator of the Linux kernel in 1991, holder of the Linux copyright, and currently
still the coordinator of the Linux development project.
Touch – A command that changes the date/time stamp of a file without affecting the contents.
TrueType Fonts – A wide variety of fonts designed to be printer-independent, unlike PostScript fonts available
for the Apple Macintosh and Windows. Not commonly used with UNIX/Linux. (Also, see BDF Fonts and
PostScript Fonts.)
Tux – The name of the fictional Linux penguin mascot.
(U)
UNIX – UNIX began as a proprietary operating system developed by Bell Laboratories in the 1960s. It eventually
spawned a number of mutually incompatible commercial versions from such companies as Apple (Mac OS X),
Digital (Digital UNIX), Hewlett-Packard (HPUX), IBM (AIX®), NeXT (NeXTSTEP) and others.
UUCP – A set of programs and protocols that have become the basis for a worldwide network of UNIX computers
named after the UNIX to UNIX Copy Program.
(V)
Virtual Desktop – A method for expanding the user’s workspace beyond the boundaries of the computer
screen. The desktop may be scrollable left and right, up and down, as if a larger desktop were positioned behind
the glass screen and moved around to reveal icons, windows and other objects that were “off-stage,” or out of
view. Alternatively, as with the KDE desktop, multiple buttons may be available, each of which displays an area of
desktop equal to the size of the glass screen and which can each contain different objects.
Virtual Machine – Virtual Machines (VMs) are features of central processor chips that isolate an area of
memory from the rest of the system. Because operating systems and applications run in a “protected mode”
environment, if a program freezes in one Virtual Machine it will not affect the operation of the programs and
operating systems running outside of that Virtual Machine.
Virtual Memory – The process of using a portion of disk space as a temporary storage area for memory
synonymous with Swap.
VRML (Virtual Reality Modeling Language) – A primarily Web-based language used for 3D effects (such as
building walk-throughs).
(W)
Widget – A graphical user interface programming object (button, scrollbar, radio button, etc.) for the X Window
System. (Also, see X Window System.)
Window Manager – The graphical user interface (GUI) that runs on top of X Window to provide the user with
windows, icons, taskbars and other desktop objects.
Wine – is a Windows compatibility layer. Wine does not require Microsoft Windows, as it is a completely
alternative implementation consisting of 100% Microsoft-free code, but it can optionally use native system DLLs if
they are available. This is what you would use if you wanted to run a windows program on a linux machine
WineX – is the equivilant of wine except it main strength is the ability to play games designed for Windows
Working Directory – Another name for the current directory, or the directory in which the user is currently
working.
(X)
X Window System – A graphical windowing environment for UNIX. The underlying programming required by
many user interfaces (Also, see Desktop, Window Manager and XFree86.)
X11 – Version 11 of the X Window System.
XDM (X Display Manager) – User-friendly login front end for the X Window System. Often used in a cyber café or
campus environment where users who are not familiar with UNIX need occasional access.
XFree86 – A version of the X Window System for Linux. Used by GNOME, KDE and other Linux user
interfaces/window managers.
XHTML (extensible Hyper Text Markup Language) – An enhanced version of HTML that supports programmer-
defined extensions like XML.
Ximian - was a company that provided open source desktop applications for Linux and UNIX based on the
GNOME platform.
XML (eXtensible Markup Language) – A powerful new markup language for designing Web pages; an alternative
to the older HTML, allowing programmers to define their own markup tags, or formatting commands.
(Y)
Y (why) – Y not? I needed something to go here….
YaST – Yest another Setup Tool same funciton and purpose as linuxconf. See linuxconf for more information.
(Z)
Zip – A popular form of file compression/archiving available on many operating system
Platforms, including DOS/Windows, OS/2 and UNIX/Linux. Popular tools include
PKZip/PKUnzip and Zip/Unzip. Not to be confused with the Iomega Zip disk, this is a removable storage
device. (Confusingly, a zipped file can be stored on a Zip disk—or not. They are unrelated.) Zipped files will have
a .zip extension.
Zone – An area of a network under administrative or other control. In a name server configuration, a domain can
be a zone. Zones can be further subdivided into subzones, each having its own administrators and servers.
Zoo – A format for compression and archiving available for UNIX/Linux. Files packaged this way sport a .zoo file
extension.
INDEX
1. Linux Introduction ...............................................................................................................................1
1.1. Open Source and Free Software ............................................................................................................. 1
1.1.1. History ............................................................................................................................................. 1
1.2. GPL and Open Source Licenses ............................................................................................................. 2
1.3. About Linux ............................................................................................................................................ 2
1.4. Current Support for Networking Services ................................................................................................. 3
1.5. Flexibility of Open Source Software ......................................................................................................... 3
2. The Linux Distribution Comparison....................................................................................................4
2.1 Red Hat Linux.......................................................................................................................................... 4
2.1.1 Fedora Linux..................................................................................................................................... 4
2.1.2 RedHat Enterprise Linux.................................................................................................................... 4
Server Solutions: ................................................................................................................................... 5
Client Solutions:..................................................................................................................................... 5
2.1.3 Red Hat Enterprise Linux system configuration limits.......................................................................... 6
2.2. Mandrake Linux ...................................................................................................................................... 7
2.3 SuSE Linux.............................................................................................................................................. 7
2.4 Debian GNU/Linux................................................................................................................................... 7
2.5 Slackware Linux ...................................................................................................................................... 8
2.6 Caldera OpenLinux.................................................................................................................................. 8
2.7. Top 6 Distributions.................................................................................................................................. 8
2.7.1 Evaluation Criteria and Description .................................................................................................... 9
2.7.2 Organizational Structure.................................................................................................................... 9
2.7.3 Ease of Installation Process............................................................................................................. 10
2.7.4 Commitment to Open Source........................................................................................................... 10
2.7.5 Per Seat Licensing .......................................................................................................................... 10
2.7.6 Target Market ................................................................................................................................. 11
2.7.7 Software Upgrades / Support........................................................................................................... 11
2.7.8 License Fee .................................................................................................................................... 11
3. Linux Installation............................................................................................................................... 12
3.1 Hardware Requirements ........................................................................................................................ 12
3.2 Planning the Installation ......................................................................................................................... 12
3.3 How Much Space Is Required? .............................................................................................................. 13
3.4 Partitioning Naming Conventions............................................................................................................ 14
3.5 Install Options........................................................................................................................................ 14
4. Boot Loaders ..................................................................................................................................... 16
4.1 Boot Loaders and System Architecture................................................................................................... 16
4.1.1 Features of GRUB........................................................................................................................... 16
4.1.2 File Names and Blocklists................................................................................................................ 18
4.1.3 GRUB's Root File System................................................................................................................ 18
4.1.4 GRUB Commands .......................................................................................................................... 19
4.1.5 GRUB Menu Configuration File........................................................................................................ 20
4.1.6 Configuration File Structure ............................................................................................................. 21
4.2 LILO...................................................................................................................................................... 21
4.2.1 LILO and the x86 Boot Process ....................................................................................................... 21
4.2.2 LILO versus GRUB ......................................................................................................................... 22
5. Linux Boot Process ........................................................................................................................... 24
5.1 Init, and Shutdown ................................................................................................................................. 24
5.1.1 Linux Run levels.............................................................................................................................. 24
5.2 System startup script /etc/rc.d/rc.sysinit .................................................................................................. 25
5.2.1 Controlling the boot time services using “chkconfig”.......................................................................... 27
Chkconfig Examples ............................................................................................................................ 27
5.2.2 The “service” command................................................................................................................... 27
6. Linux File System .............................................................................................................................. 29
6.1 Ex2 and Ext3 FIlesystem........................................................................................................................ 29
6.2 Preparing Partitions on Disks ................................................................................................................. 30
6.2.1 Device Naming Convention ............................................................................................................. 30
6.2.3 Adding a New Partition .................................................................................................................... 31
6.2.2 Verify the New Partition ................................................................................................................... 32