Red Hat Enterprise Linux 4

System Administration Guide

For Red Hat Enterprise Linux 4

Edition 2

Copyright © 2008 Red Hat, Inc

Legal Notice

Copyright © 2008 Red Hat, Inc.
This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.

Abstract

The System Administrator's Guide documents relevant information regarding the deployment, configuration and administration of Red Hat Enterprise Linux 4. It is oriented towards system administrators with a basic understanding of the system.
Introduction
1. Changes To This Manual
2. Document Conventions
2.1. Typographic Conventions
2.2. Pull-quote Conventions
2.3. Notes and Warnings
3. More to Come
3.1. Send in Your Feedback
I. Installation-Related Information
1. Kickstart Installations
1.1. What are Kickstart Installations?
1.2. How Do You Perform a Kickstart Installation?
1.3. Creating the Kickstart File
1.4. Kickstart Options
1.4.1. Advanced Partitioning Example
1.5. Package Selection
1.6. Pre-installation Script
1.6.1. Example
1.7. Post-installation Script
1.7.1. Examples
1.8. Making the Kickstart File Available
1.8.1. Creating Kickstart Boot Media
1.8.2. Making the Kickstart File Available on the Network
1.9. Making the Installation Tree Available
1.10. Starting a Kickstart Installation
2. Kickstart Configurator
2.1. Basic Configuration
2.2. Installation Method
2.3. Boot Loader Options
2.4. Partition Information
2.4.1. Creating Partitions
2.5. Network Configuration
2.6. Authentication
2.7. Firewall Configuration
2.7.1. SELinux Configuration
2.8. Display Configuration
2.8.1. General
2.8.2. Video Card
2.8.3. Monitor
2.9. Package Selection
2.10. Pre-Installation Script
2.11. Post-Installation Script
2.11.1. Chroot Environment
2.11.2. Use an Interpreter
2.12. Saving the File
3. PXE Network Installations
3.1. Setting up the Network Server
3.2. PXE Boot Configuration
3.2.1. Command Line Configuration
3.3. Adding PXE Hosts
3.3.1. Command Line Configuration
3.4. Adding a Custom Boot Message
3.5. Performing the PXE Installation
4. Diskless Environments
4.1. Configuring the NFS Server
4.2. Finish Configuring the Diskless Environment
4.3. Adding Hosts
4.4. Booting the Hosts
5. Basic System Recovery
5.1. Common Problems
5.1.1. Unable to Boot into Red Hat Enterprise Linux
5.1.2. Hardware/Software Problems
5.1.3. Root Password
5.2. Booting into Rescue Mode
5.2.1. Reinstalling the Boot Loader
5.3. Booting into Single-User Mode
5.4. Booting into Emergency Mode
II. File Systems
6. The ext3 File System
6.1. Features of ext3
6.2. Creating an ext3 File System
6.3. Converting to an ext3 File System
6.4. Reverting to an ext2 File System
7. Logical Volume Manager (LVM)
7.1. What is LVM?
7.2. What is LVM2?
7.3. Additional Resources
7.3.1. Installed Documentation
7.3.2. Useful Websites
8. LVM Configuration
8.1. Automatic Partitioning
8.2. Manual LVM Partitioning
8.2.1. Creating the /boot/ Partition
8.2.2. Creating the LVM Physical Volumes
8.2.3. Creating the LVM Volume Groups
8.2.4. Creating the LVM Logical Volumes
9. Redundant Array of Independent Disks (RAID)
9.1. What is RAID?
9.2. Who Should Use RAID?
9.3. Hardware RAID versus Software RAID
9.3.1. Hardware RAID
9.3.2. Software RAID
9.4. RAID Levels and Linear Support
10. Software RAID Configuration
10.1. Creating the RAID Partitions
10.2. Creating the RAID Devices and Mount Points
11. Swap Space
11.1. What is Swap Space?
11.2. Adding Swap Space
11.2.1. Extending Swap on an LVM2 Logical Volume
11.2.2. Creating an LVM2 Logical Volume for Swap
11.2.3. Creating a Swap File
11.3. Removing Swap Space
11.3.1. Reducing Swap on an LVM2 Logical Volume
11.3.2. Removing an LVM2 Logical Volume for Swap
11.3.3. Removing a Swap File
11.4. Moving Swap Space
12. Managing Disk Storage
12.1. Standard Partitions using parted
12.1.1. Viewing the Partition Table
12.1.2. Creating a Partition
12.1.3. Removing a Partition
12.1.4. Resizing a Partition
12.2. LVM Partition Management
13. Implementing Disk Quotas
13.1. Configuring Disk Quotas
13.1.1. Enabling Quotas
13.1.2. Remounting the File Systems
13.1.3. Creating the Quota Database Files
13.1.4. Assigning Quotas per User
13.1.5. Assigning Quotas per Group
13.1.6. Assigning Quotas per File System
13.2. Managing Disk Quotas
13.2.1. Enabling and Disabling
13.2.2. Reporting on Disk Quotas
13.2.3. Keeping Quotas Accurate
13.3. Additional Resources
13.3.1. Installed Documentation
13.3.2. Related Books
14. Access Control Lists
14.1. Mounting File Systems
14.1.1. NFS
14.2. Setting Access ACLs
14.3. Setting Default ACLs
14.4. Retrieving ACLs
14.5. Archiving File Systems With ACLs
14.6. Compatibility with Older Systems
14.7. Additional Resources
14.7.1. Installed Documentation
14.7.2. Useful Websites
III. Package Management
15. Package Management with RPM
15.1. RPM Design Goals
15.2. Using RPM
15.2.1. Finding RPM Packages
15.2.2. Installing
15.2.3. Uninstalling
15.2.4. Upgrading
15.2.5. Freshening
15.2.6. Querying
15.2.7. Verifying
15.3. Checking a Package's Signature
15.3.1. Importing Keys
15.3.2. Verifying Signature of Packages
15.4. Impressing Your Friends with RPM
15.5. Additional Resources
15.5.1. Installed Documentation
15.5.2. Useful Websites
15.5.3. Related Books
16. Red Hat Network
IV. Network-Related Configuration
17. Network Configuration
17.1. Overview
17.2. Establishing an Ethernet Connection
17.3. Establishing an ISDN Connection
17.4. Establishing a Modem Connection
17.5. Establishing an xDSL Connection
17.6. Establishing a Token Ring Connection
17.7. Establishing a Wireless Connection
17.8. Managing DNS Settings
17.9. Managing Hosts
17.10. Working with Profiles
17.11. Device Aliases
17.12. Saving and Restoring the Network Configuration
18. Firewalls
18.1. Netfilter and IPTables
18.1.1. IPTables Overview
18.2. Basic Firewall Configuration
18.2.1. Security Level Configuration Tool
18.2.2. Enabling and Disabling the Firewall
18.2.3. Trusted Services
18.2.4. Other Ports
18.2.5. Saving the Settings
18.2.6. Activating the IPTables Service
18.3. Using IPTables
18.3.1. IPTables Command Syntax
18.3.2. Basic Firewall Policies
18.3.3. Saving and Restoring IPTables Rules
18.4. Common IPTables Filtering
18.5. FORWARD and NAT Rules
18.5.1. Postrouting and IP Masquerading
18.5.2. Prerouting
18.5.3. DMZs and IPTables
18.6. Malicious Software and Spoofed IP Addresses
18.7. IPTables and Connection Tracking
18.8. IPv6
18.9. Additional Resources
18.9.1. Installed Documentation
18.9.2. Useful Websites
18.9.3. Related Documentation
19. Controlling Access to Services
19.1. Runlevels
19.2. TCP Wrappers
19.2.1. xinetd
19.3. Services Configuration Tool
19.4. ntsysv
19.5. chkconfig
19.6. Additional Resources
19.6.1. Installed Documentation
19.6.2. Useful Websites
19.6.3. Related Books
20. OpenSSH
20.1. Why Use OpenSSH?
20.2. Configuring an OpenSSH Server
20.3. Configuring an OpenSSH Client
20.3.1. Using the ssh Command
20.3.2. Using the scp Command
20.3.3. Using the sftp Command
20.3.4. Generating Key Pairs
20.4. Additional Resources
20.4.1. Installed Documentation
20.4.2. Useful Websites
20.4.3. Related Books
21. Network File System (NFS)
21.1. Why Use NFS?
21.2. Mounting NFS File Systems
21.2.1. Mounting NFS File Systems using /etc/fstab
21.2.2. Mounting NFS File Systems using autofs
21.2.3. Using TCP
21.2.4. Preserving ACLs
21.3. Exporting NFS File Systems
21.3.1. Command Line Configuration
21.3.2. Hostname Formats
21.3.3. Starting and Stopping the Server
21.4. Additional Resources
21.4.1. Installed Documentation
21.4.2. Useful Websites
21.4.3. Related Books
22. Samba
22.1. Why Use Samba?
22.2. Configuring a Samba Server
22.2.1. Graphical Configuration
22.2.2. Command Line Configuration
22.2.3. Encrypted Passwords
22.2.4. Starting and Stopping the Server
22.3. Connecting to a Samba Share
22.3.1. Command Line
22.3.2. Mounting the Share
22.4. Additional Resources
22.4.1. Installed Documentation
22.4.2. Useful Websites
23. Dynamic Host Configuration Protocol (DHCP)
23.1. Why Use DHCP?
23.2. Configuring a DHCP Server
23.2.1. Configuration File
23.2.2. Lease Database
23.2.3. Starting and Stopping the Server
23.2.4. DHCP Relay Agent
23.3. Configuring a DHCP Client
23.4. Additional Resources
23.4.1. Installed Documentation
24. Apache HTTP Server Configuration
24.1. Basic Settings
24.2. Default Settings
24.2.1. Site Configuration
24.2.2. Logging
24.2.3. Environment Variables
24.2.4. Directories
24.3. Virtual Hosts Settings
24.3.1. Adding and Editing a Virtual Host
24.4. Server Settings
24.5. Performance Tuning
24.6. Saving Your Settings
24.7. Additional Resources
24.7.1. Installed Documentation
24.7.2. Useful Websites
24.7.3. Related Books
25. Apache HTTP Secure Server Configuration
25.1. Introduction
25.2. An Overview of Security-Related Packages
25.3. An Overview of Certificates and Security
25.4. Using Pre-Existing Keys and Certificates
25.5. Types of Certificates
25.6. Generating a Key
25.7. Generating a Certificate Request to Send to a CA
25.8. Creating a Self-Signed Certificate
25.9. Testing The Certificate
25.10. Accessing The Server
25.11. Additional Resources
25.11.1. Useful Websites
25.11.2. Related Books
26. Authentication Configuration
26.1. User Information
26.2. Authentication
26.3. Command Line Version
V. System Configuration
27. Console Access
27.1. Disabling Shutdown Via Ctrl+Alt+Del
27.2. Disabling Console Program Access
27.3. Defining the Console
27.4. Making Files Accessible From the Console
27.5. Enabling Console Access for Other Applications
27.6. The floppy Group
28. Date and Time Configuration
28.1. Time and Date Properties
28.2. Network Time Protocol (NTP) Properties
28.3. Time Zone Configuration
29. Keyboard Configuration
30. Mouse Configuration
31. X Window System Configuration
31.1. Display Settings
31.2. Display Hardware Settings
31.3. Dual Head Display Settings
32. Users and Groups
32.1. User and Group Configuration
32.1.1. Adding a New User
32.1.2. Modifying User Properties
32.1.3. Adding a New Group
32.1.4. Modifying Group Properties
32.2. User and Group Management Tools
32.2.1. Command Line Configuration
32.2.2. Adding a User
32.2.3. Adding a Group
32.2.4. Password Aging
32.2.5. Explaining the Process
32.3. Standard Users
32.4. Standard Groups
32.5. User Private Groups
32.5.1. Group Directories
32.6. Shadow Passwords
32.7. Additional Resources
32.7.1. Installed Documentation
33. Printer Configuration
33.1. Adding a Local Printer
33.2. Adding an IPP Printer
33.3. Adding a Samba (SMB) Printer
33.4. Adding a JetDirect Printer
33.5. Selecting the Printer Model and Finishing
33.5.1. Confirming Printer Configuration
33.6. Printing a Test Page
33.7. Modifying Existing Printers
33.7.1. The Settings Tab
33.7.2. The Policies Tab
33.7.3. The Access Control Tab
33.7.4. The Printer and Job OptionsTab
33.8. Managing Print Jobs
33.9. Additional Resources
33.9.1. Installed Documentation
33.9.2. Useful Websites
34. Automated Tasks
34.1. Cron
34.1.1. Configuring Cron Tasks
34.1.2. Controlling Access to Cron
34.1.3. Starting and Stopping the Service
34.2. At and Batch
34.2.1. Configuring At Jobs
34.2.2. Configuring Batch Jobs
34.2.3. Viewing Pending Jobs
34.2.4. Additional Command Line Options
34.2.5. Controlling Access to At and Batch
34.2.6. Starting and Stopping the Service
34.3. Additional Resources
34.3.1. Installed Documentation
35. Log Files
35.1. Locating Log Files
35.2. Viewing Log Files
35.3. Adding a Log File
35.4. Examining Log Files
36. Manually Upgrading the Kernel
36.1. Overview of Kernel Packages
36.2. Preparing to Upgrade
36.3. Downloading the Upgraded Kernel
36.4. Performing the Upgrade
36.5. Verifying the Initial RAM Disk Image
36.6. Verifying the Boot Loader
36.6.1. x86 Systems
36.6.2. Itanium Systems
36.6.3. IBM S/390 and IBM eServer zSeries Systems
36.6.4. IBM eServer iSeries Systems
36.6.5. IBM eServer pSeries Systems
37. Kernel Modules
37.1. Kernel Module Utilities
37.2. Persistent Module Loading
37.3. Additional Resources
37.3.1. Installed Documentation
37.3.2. Useful Websites
38. Mail Transport Agent (MTA) Configuration
VI. System Monitoring
39. Gathering System Information
39.1. System Processes
39.2. Memory Usage
39.3. File Systems
39.4. Hardware
39.5. Additional Resources
39.5.1. Installed Documentation
40. OProfile
40.1. Overview of Tools
40.2. Configuring OProfile
40.2.1. Specifying the Kernel
40.2.2. Setting Events to Monitor
40.2.3. Separating Kernel and User-space Profiles
40.3. Starting and Stopping OProfile
40.4. Saving Data
40.5. Analyzing the Data
40.5.1. Using opreport
40.5.2. Using opreport on a Single Executable
40.5.3. Using opannotate
40.6. Understanding /dev/oprofile/
40.7. Example Usage
40.8. Graphical Interface
40.9. Additional Resources
40.9.1. Installed Docs
40.9.2. Useful Websites
VII. Appendix
A. Revision History
Index