—Ron McCarty, instructor and program chair, Computer Science, Penn State Erie

"This book takes a very unique approach and is very flexible. It offers a great deal to the home user, students, small businesses—all the way to any Linux sys admin that needs a handy reference. I found it very refreshing in terms of style, stated goals, presentation, ease of use, direction, and the "present and future" value of the content. In other words the author is very current and knowledgeable. I would recommend this book to every level from programmer to manager."

—Joe Brazeal, Information Technician III, Southwest Power Pool

"This book is an excellent resource for new Linux administrators. I was impressed with the comprehensive set of 35 topic chapters, making this book a very useful reference. I know of no other work like this."

—George Vish II, Linux curriculum program manager and senior education consultant, Hewlett-Packard Education

"I would recommend this book to novice Linux users and administrators. It covers a lot of topics, and makes it easy for readers to follow along."

—Bret Strong, education consultant, Hewlett-Packard Company

"Linux Quick Fix Notebook is a well-written guide to designing, installing, and maintaining Linux servers. Many Linux reference texts are just simple rewrites of Linux ¨man¨ and ¨info¨ pages, but this book addresses the real issues that systems administrators encounter when working with Linux. The author provides a pedagogical guide to learning Linux server administration. In addition, the book includes step-by-step information so that users can quickly take advantage of the best that open source software has to offer today. I would recommend this book to both beginning and intermediate users of Linux."

—Joseph Naberhaus, Professor of Networking, Universidad Del Mar

An indispensable guide for every Linux administrator

Instant access to precise, step-by-step solutions for every essential Linux administration task

From basic configuration and troubleshooting to advanced security and optimization

If you're responsible for delivering results with Linux, Linux® Quick Fix Notebook brings together all the step-by-step instructions, precise configuration commands, and real-world guidance you need. This distilled, focused, task-centered guide was written for sysadmins, netadmins, consultants, power users...everyone whose livelihood depends on making Linux work, and keeping it working.

This book's handy QandA format gives you instant access to specific answers, without ever forcing you to wade through theory or jargon. Peter Harrison addresses virtually every aspect of Linux administration, from software installation to security, user management to Internet services—even advanced topics such as software RAID and centralized LDAP authentication. Harrison's proven command-line examples work quickly and efficiently, no matter what Linux distribution you're using. Here's just some of what you'll learn how to do:

• Build Linux file/print servers and networks from scratch

• Troubleshoot Linux and interpret system error messages

• Control every step of the boot process

• Create, manage, secure, and track user accounts

• Install, configure, and test Linux-based wireless networks

• Protect your network with Linux iptables firewalls

• Set up Web, e-mail, DNS, DHCP, and FTP servers

• And much more...

© Copyright Pearson Education. All rights reserved.

Peter Harrison has been fascinated by computers since the early 1980s. He was the founding president of PCJAM, Jamaica's first computer user group, and was the principal systems engineer responsible for the computerization of the island's tax collection and social security systems.

He then sought new opportunities as the western Caribbean representative for a Fortune 500 pharmaceuticals firm and later became the international sales manager for a West Indian rum company. Before moving to Silicon Valley he ran Trinidad and Tobago's first industrial trade office to Latin America.

Peter has since worked extensively in the Internet sector deploying large-scale data centers and Web sites. Extensive use of Linux in this environment combined with his varied business background has helped him create this highly readable book for the newbie, the techie, and their bosses.

In his quieter moments, Peter enjoys the art and literature of the Caribbean and Latin America. Long rides on his bicycle provide another guilty pleasure. Peter likes to relax with his family on short weekend trips to the many attractions of the San Francisco Bay Area.

© Copyright Pearson Education. All rights reserved.

Preface.

Acknowledgments.

About the Author.

I. THE LINUX FILE SERVER PROJECT.

1. Why Host Your Own Site?

    In This Chapter.

    Our Network.

    Alternatives to In-House Web Hosting.

      Virtual Hosting.

      Dedicated Hosting.

    Factors to Consider Before Hosting Yourself.

      Is In-House Hosting Preferred?

    How to Migrate From an External Provider.

    In-House Server Considerations.

    Conclusion.

2. Introduction to Networking.

    In This Chapter.

    The OSI Networking Model.

    An Introduction to TCP/IP.

      TCP Is a Connection-Oriented Protocol.

      How TCP Establishes a Connection.

      UDP, TCP’s “Connectionless” Cousin.

      TCP and UDP Ports.

      The TCP/IP Time to Live Feature.

      The ICMP Protocol and Its Relationship to TCP/IP.

    How IP Addresses Are Used to Access Network Devices.

      Private IP Addresses.

      The localhost IP Address.

      Network Address Translation (NAT) Makes Private IPs Public.

      Port Forwarding with NAT Facilitates Home-Based Web Sites.

      DHCP.

      How DNS Links Your IP Address to Your Web Domain.

      IP Version 6 (IPv6).

    How Subnet Masks Group IP Addresses into Networks.

      Calculating the Number of Addresses Assigned to a Subnet.

      Calculating the Range of Addresses on Your Network.

      Subnet Masks for the Typical Business DSL Line.

    The Physical and Link Layers.

    Networking Equipment Terminology.

      Network Interface Cards.

      The Two Broad Types of Networking Equipment.

      Connectivity Using Hubs.

      Using Switches as a Faster Alternative to Hubs.

      Local Area Networks.

      How Routers Interconnect LANs.

      How Simple Routing Works.

      Default Gateways, the Routers of Last Resort.

      Firewalls Help Provide a Secure Routing Environment.

    Additional Introductory Topics.

      The File Transfer Protocol.

      Linux Help.

    Conclusion.

3. Linux Networking.

    In This Chapter.

    How to Configure Your NIC’s IP Address.

      Determining Your IP Address.

      Changing Your IP Address.

      Multiple IP Addresses on a Single NIC.

      IP Address Assignment for a Direct DSL Connection.

      IP Address Assignment for a Cable Modem Connection.

    How to Activate/Shut Down Your NIC.

    How to View Your Current Routing Table.

    How to Change Your Default Gateway.

    How to Configure Two Gateways.

      Adding Routes from the Command Line.

      Adding Routes with /etc/sysconfig/network-scripts/ Files.

    How to Delete a Route.

    Changing NIC Speed and Duplex.

      Using mii-tool.

      Using ethtool.

    How to Convert Your Linux Server into a Router.

      Configuring IP Forwarding.

      Configuring Proxy ARP.

    Configuring Your /etc/hosts File.

      The loopback Interface’s localhost Entry.

    Conclusion.

4. Simple Network Troubleshooting.

    In This Chapter.

      Sources of Network Slowness.

      Sources of a Lack of Connectivity.

    Doing Basic Cable and Link Tests.

    Testing Your NIC.

      Viewing Your Activated Interfaces.

      Viewing All Interfaces.

      Testing Link Status from the Command Line.

      Viewing NIC Errors.

    How to See MAC Addresses.

    Using ping to Test Network Connectivity.

    Using telnet to Test Network Connectivity.

    Linux telnet  Troubleshooting.

      Successful Connection.

      Connection Refused Messages.

      telnet Timeout or Hanging.

    telnet Troubleshooting Using Windows.

      Screen Goes Blank–Successful Connection.

      Connect Failed Messages.

      telnet Timeout or Hanging.

    Testing Web Sites with the curl and wget Utilities.

      Using curl.

      Using wget.

    The netstat Command.

    The Linux iptables Firewall.

      Determining Whether iptables Is Running.

      How to Stop iptables.

      How to Configure iptables Rules.

    Using traceroute to Test Connectivity.

      Sample traceroute Output.

      Possible traceroute Messages.

      traceroute Time Exceeded False Alarms.

      traceroute Internet Slowness False Alarm.

      traceroute Dies at the Router Just Before the Server.

      Always Get a Bidirectional traceroute.

      ping and traceroute Troubleshooting Example.

      traceroute Web Sites.

      Possible Reasons for a Failed traceroute.

    Using MTR to Detect Network Congestion.

    Viewing Packet Flows with tcpdump.

      Analyzing tcpdump files.

      Common Problems with tcpdump.

    Viewing Packet Flows with tethereal.

    Basic DNS Troubleshooting.

      Using nslookup to Test DNS.

      Using the host Command to Test DNS.

    Using nmap.

    Determining the Source of an Attack.

    Who Has Used My System?

      The last Command.

      The who Command.

    Conclusion.

5. Troubleshooting Linux with syslog.

    In This Chapter.

    syslog.

      The /etc/syslog.conf File.

      Activating Changes to the syslog Configuration File.

      How to View New Log Entries as They Happen.

      Logging syslog Messages to a Remote Linux Server.

      syslog Configuration and Cisco Network Devices.

      syslog and Firewalls.

    logrotate.

      The /etc/logrotate.conf File.

      Sample Contents of /etc/logrotate.conf.

      The /etc/logrotate.d Directory.

      Activating logrotate.

      Compressing Your Log Files.

    Conclusion.

6. Installing RPM Software.

    In This Chapter.

    Where to Get Commonly Used RPMs.

      RPMs on Your Installation CDs.

      RPMs Downloaded from Fedora.

      RPMs Downloaded from rpmfind.net.

    Getting RPMs Using Web-Based FTP.

      Using the Fedora Web site.

      Using the rpmfind Web site.

    Getting RPMs Using Command-Line Anonymous FTP.

    Getting RPMs Using wget.

    Automatic Updates with yum.

      Configuring yum.

      Creating Your Own yum Server.

      Before You Start.

      Keeping Your System Current with yum.

      Example of a yum Package Installation.

    How to Install RPMs Manually.

      Using Downloaded Files.

      Using CD-ROMs.

    How to Install Source RPMs.

    RPM Installation Errors.

      Failed Dependencies.

      Signature Keys.

    How to List Installed RPMs.

    Listing Files Associated with RPMs.

      Listing Files for Already Installed RPMs.

      Listing Files in RPM Files.

      Listing the RPM to Which a File Belongs.

    Uninstalling RPMs.

    Which RPMs Start at Boot Time?

    Installing Software Using tar Files.

    Conclusion.

7. The Linux Boot Process.

    In This Chapter.

    The Fedora Boot Sequence.

    Determining the Default Boot runlevel.

    Getting a GUI Console.

    Get a Basic Text Terminal Without Exiting the GUI.

      Using a GUI Terminal Window.

      Using Virtual Consoles.

    System Shutdown and Rebooting.

      Halt/Shut Down the System.

      Reboot the System.

      Entering Single-user Mode.

    How to Set Programs to Run at Each runlevel.

      chkconfig Examples.

      Using chkconfig to Improve Security.

      Final Tips on chkconfig.

    Conclusion.

8. Configuring the DHCP Server.

    In This Chapter.

    Download and Install the DHCP Package.

    The /etc/dhcpd.conf File.

    How to Get DHCP Started.

    DHCP Servers with Multiple NICs.

      Temporary Solution.

      Permanent Solution.

    Configuring Linux Clients to Use DHCP.

    Configuring Windows Clients to Use DHCP.

    Simple DHCP Troubleshooting.

      DHCP Clients Obtaining 169.254.0.0 Addresses.

    Conclusion.

9. Linux Users and sudo.

    In This Chapter.

    Adding Users.

      Who Is the Super User?

      How to Add Users.

      How to Change Passwords.

      How to Delete Users.

      How to Tell the Groups to Which a User Belongs.

      How to Change the Ownership of a File.

    Using sudo.

      Example of a User Using sudo.

      Downloading and Installing the sudo Package.

      Simple /etc/sudoers Examples.

    Conclusion.

10. Windows, Linux, and Samba.

    In This Chapter.

    Download and Install Packages.

    How to Get Samba Started.

    The Samba Configuration File.

    How SWAT Makes Samba Simpler.

      Basic SWAT Setup.

      Controlling SWAT.

      Encrypting SWAT.

      How to Make SWAT Changes Immediate.

    Creating a Starter Configuration.

      The [global] Section.

      The [homes] Section.

      The [netlogon] and [profiles] Share Sections.

      The [printers] Share Section.

      Shares for Specific Groups of Users.

    Samba Passwords.

    How to Create a Samba PDC Administrator User.

      Home Environment.

      Corporate Environment.

    How to Add Workstations to Your Samba Domain.

      Create Samba Trust Accounts for Each Workstation.

      Make Your PC Clients Aware of Your Samba PDC.

    How to Add Users to Your Samba Domain.

      Adding the Users in Linux.

      Mapping the Linux Users to an smbpassword.

      Mapping a Private Windows Drive Share.

    Domain Groups and Samba.

    How to Delete Users from Your Samba Domain.

    How to Modify Samba Passwords.

    Conclusion.

11. Sharing Resources Using Samba.

    In This Chapter.

    Adding a Printer to a Samba PDC.

      Adding the Printer to Linux.

      Make Samba Aware of the Printer.

      Configure the Printer Driver on the Workstations.

    Creating Group Shares in Samba.

      Create the Directory and User Group.

      Configure the Share in SWAT.

      Map the Directory Using My Computer.

    Sharing Windows Drives Using a Linux Samba Client.

      Windows Setup.

      Test Your Windows Client Configuration.

      Create a CD-ROM Drive Mount Point on Your Samba Server.

    Automating Mounting with Linux Samba Clients.

    Conclusion.

12. Samba Security and Troubleshooting.

    In This Chapter.

    Testing the smb.conf File.

    Samba and Firewall Software.

      Linux iptables.

      Windows-based Zone Alarm.

      The Windows XP Built-In Firewall.

    Testing Basic Client/Server Network Connectivity.

    Testing Samba Client/Server Network Connectivity.

    Checking the Samba Logs.

    Samba Network Troubleshooting.

    Basic Samba Security.

    Conclusion.

13. Linux Wireless Networking.

    In This Chapter.

    Wireless Linux-Compatible NICs.

    Common Wireless Networking Terms.

      Wireless Access Points.

      Extended Service Set ID.

      Encryption Keys.

    Networking with Linux Wireless Tools.

      Using iwconfig for Wireless Tools Configuration.

      Permanent Wireless Tools Configuration.

      Wireless Tools Encryption.

    Networking with Linux-WLAN.

      Linux-WLAN Preparation.

      Identifying the Correct RPMs.

      Installing the RPMs.

      Linux-WLAN Post Installation Steps.

      Start Linux-WLAN.

      Testing Linux-WLAN.

      Linux-WLAN Encryption for Security.

    Troubleshooting Your Wireless LAN.

      Check the NIC Status.

      Check for Interrupt Conflicts.

      Kernel Log Errors.

      Can’t Ping Default Gateway.

      Unknown Device Errors.

      A Common Problem with Linux-WLAN and Fedora Core 1.

    Wireless Networks In Businesses.

    Conclusion.

II. THE LINUX WEB SITE PROJECT

14. Linux Firewalls Using iptables.

    In This Chapter.

    What Is iptables?

    Download and Install the iptables Package.

    How to Start iptables.

    Determining the Status of iptables.

    Packet Processing in iptables.

    Targets and Jumps.

    Important iptables Command Switch Operations.

    Using User-Defined Chains.

    Saving Your iptables Scripts.

    Fedora’s iptables Rule Generator.

    Recovering from a Lost Script.

    Loading Kernel Modules Needed by iptables.

    Sample iptables Scripts.

      Basic Operating System Defense.

      Basic iptables Initialization.

      Advanced iptables Initialization.

      Allowing DNS Access to Your Firewall.

      Allowing WWW and SSH Access to Your Firewall.

      Allowing Your Firewall to Access the Internet.

      Allow Your Home Network to Access the Firewall.

      Masquerading (Many to One NAT).

      Port Forwarding Type NAT (DHCP DSL).

      Static NAT.

    Troubleshooting iptables.

      Checking the Firewall Logs.

      iptables Won’t Start.

    Conclusion.

15. Linux FTP Server Setup.

    In This Chapter.

    FTP Overview.

      Types of FTP.

    Problems with FTP and Firewalls.

      Client Protected by a Firewall Problem.

      Server Protected by a Firewall Problem.

    How to Download and Install VSFTPD.

    How to Get VSFTPD Started.

    Testing the Status of VSFTPD.

    The vsftpd.conf File.

      Other vsftpd.conf Options.

    FTP Security Issues.

      The /etc/vsftpd.ftpusers File.

      Anonymous Upload.

      FTP Greeting Banner.

      Using SCP as Secure Alternative to FTP.

    Troubleshooting FTP.

    Tutorial.

      FTP Users with Read-Only Access to a Shared Directory.

      Sample Login Session to Test Functionality.

    Conclusion.

16. Telnet, TFTP, and xinetd.

    In This Chapter.

    Managing xinetd Programs.

      Controlling xinetd.

      Controlling xinetd-Managed Applications.

    TELNET.

      Using The TELNET Client.

      Installing the TELNET Server Software.

      Setting Up a TELNET Server.

      Stopping a TELNET Server.

      Basic TELNET Security.

    TFTP.

      Installing the TFTP Server Software.

      Configuring the TFTP Server.

      Saving Cisco Configurations to the TFTP Server.

      Uploading Cisco Configurations from the TFTP Server.

      Using TFTP to Restore Your Router Configuration.

    Conclusion.

17. Secure Remote Logins and File Copying.

    In This Chapter.

    A Quick Introduction to SSH Encryption.

    Starting OpenSSH.

    Testing the Status of SSH.

    The /etc/ssh/sshd_config File.

      SSH Versions 1 and 2.

      Change the TCP Port on Which SSH Listens.

    Using SSH to Log Into a Remote Machine.

    What to Expect with Your First Login.

      SSH Failures Due to Linux Reinstallations.

    Deactivating TELNET After Installing SSH.

    Executing Remote Commands on Demand with SSH.

    SCP: A Secure Alternative to FTP.

      Copying Files to the Local Linux Box.

      Copying Files to the Remote Linux Box.

    SFTP: Another Secure Alternative to FTP.

    Using SSH and SCP Without a Password.

      Configuration: Client Side.

      Configuration: Server Side.

    Conclusion.

18. Configuring DNS.

    In This Chapter.

    Introduction to DNS.

      DNS Domains.

      BIND.

      DNS Clients.

      Authoritative DNS Servers.

      How DNS Servers Find Your Site Information.

      When to Use a DNS Caching Name Server.

      When to Use a Static DNS Server.

      When To Use A Dynamic DNS Server.

      How to Get Your Own Domain. 

      Basic DNS Testing of DNS Resolution.

    Downloading and Installing the BIND Packages.

    Starting BIND.

    The /etc/resolv.conf File.

    Configuring a Caching Name Server.

    Important File Locations.

    Configuring a Regular Name Server.

      Configuring resolv.conf.

      Configuring named.conf.

      Configuring the Zone Files.

      Sample Forward Zone File.

      Sample Reverse Zone File.

      What You Need to Know About NAT and DNS.

      Loading Your New Configuration Files.

      Make Sure Your /etc/hosts File is Correctly Updated.

      Configure Your Firewall.

      Fix Your Domain Registration.

    Troubleshooting BIND.

      General Troubleshooting Steps.

    Migrating Your Web Site In-House.

    DHCP Considerations for DNS.

    Simple DNS Security.

      Zone Transfer Protection.

      Naming Convention Security.

    Conclusion.

19. Dynamic DNS.

    In This Chapter.

    Dynamic DNS Preparation.

      Testing ISP Connectivity for Your Web Site.

      Registering DDNS.

      Install a DDNS Client on Your Server.

    Dynamic DNS and NAT Router/Firewalls.

    DDNS Client Software: SOHO Router/Firewalls.

    DDNS Client Software: Linux DDclient.

      The /etc/ddclient.conf File.

      How to Get DDclient Started.

      Finding DDclient Help.

    Testing Your Dynamic DNS.

    Conclusion.

20. The Apache Web Server.

    In This Chapter.

    Downloading and Installing the Apache Package.

    Starting Apache.

    Configuring DNS for Apache.

    DHCP and Apache.

    General Configuration Steps.

      Where to Put Your Web Pages.

      Named Virtual Hosting.

      IP-Based Virtual Hosting.

      Virtual Hosting and SSL.

    Configuration: Multiple Sites and IP Addresses.

      Testing Your Web Site Before DNS Is Fixed.

      Disabling Directory Listings.

      Handling Missing Pages.

    Using Data Compression on Web Pages.

      Compression Configuration Example.

    Apache Running on a Server Behind a NAT Firewall.

      Step 1: Configure Virtual Hosting on Multiple IPs.

      Step 2: Configure DNS Views.

    Protecting Web Page Directories with Passwords.

    The /etc/httpd/conf.d Directory.

    Troubleshooting Apache.

      Testing Basic HTTP Connectivity.

      Browser 403 Forbidden Messages.

      Only the Default Apache Page Appears.

      Incompatible /etc/httpd/conf/http.conf Files When Upgrading.

      Server Name Errors.

      The Apache Status Log Files.

      The Apache Error Log Files.

    Conclusion.

21. Configuring Linux Mail Servers.

    In This Chapter.

    Configuring sendmail.

      How sendmail Works.

      Installing sendmail.

      Starting sendmail.

      How to Restart sendmail After Editing Your Configuration Files.

      The /etc/mail/sendmail.mc File.

      Configuring DNS for sendmail.

      How to Configure Linux sendmail Clients.

      Converting From a Mail Client to a Mail Server.

      The /etc/mail/relay-domains File.

      The /etc/mail/access File.

      The /etc/mail/local-host-names File.

      Which User Should Really Receive the Mail?

      sendmail Masquerading Explained.

      Using sendmail to Change the Sender’s E-mail Address. 

      Troubleshooting sendmail.

    Fighting Spam.

      Using Public Spam Blacklists with sendmail.

      spamassassin.

      A Simple PERL Script to Help Stop Spam.

    Configuring Your POP Mail Server.

      Installing Your POP Mail Server.

      Starting Your POP Mail Server.

      How to Configure Your Windows Mail Programs.

      Configuring Secure POP Mail.

      How to Handle Overlapping E-mail Addresses.

      Troubleshooting POP Mail.

    Conclusion.

22. Monitoring Server Performance.

    In This Chapter.

    SNMP.

      OIDs and MIBs.

      SNMP Community Strings.

      SNMP Versions.

      Doing SNMP Queries.

      Basic SNMP Security.

      Simple SNMP Troubleshooting.

    MRTG.

      MRTG Download and Installation.

      Configuring MRTG.

      Getting MRTG to Poll Multiple Devices.

      Configuring Apache to Work with MRTG.

      How to View the MRTG Graphs in Your Web Browser.

      Using MRTG to Monitor Other Subsystems.

      Troubleshooting MRTG.

    Webalizer.

      How to View Your Webalizer Statistics.

      The Webalizer Configuration File.

    The top Command.

    The vmstat Command.

    The free Utility.

    Conclusion.

23. Advanced MRTG for Linux.

    In This Chapter.

    Locating and Viewing the Contents of Linux MIBs.

    Testing Your MIB Value.

    Differences in MIB and MRTG Terminology.

    The CPU and the Memory Monitoring MIB.

    The TCP/IP Monitoring MIB.

    Manually Configuring Your MRTG File.

      Parameter Formats.

      Legend Parameters.

      Options Parameters.

      Title Parameters.

      Scaling Parameters.

      Defining The MIB Target Parameters.

      Defining Global Variables.

    Implementing Advanced Server Monitoring.

      A Complete Sample Configuration.

      Testing the Configuration.

      Creating a New MRTG Index Page to Include this File.

      Configuring CRON to Use the New MRTG File.

    Monitoring Non-Linux MIB Values.

      Scenario.

      Find the OIDs.

      Testing The OIDs.

    Troubleshooting.

    Conclusion.

24. The NTP Server.

    In This Chapter.

    Download and Install the NTP Package.

    The /etc/ntp.conf File.

    How to Get NTP Started.

    Testing and Troubleshooting NTP.

      Verifying NTP is Running.

      Doing an Initial Synchronization.

      Determining If NTP Is Synchronized Properly.

      Your Linux NTP Clients Cannot Synchronize Properly.

      Fedora Core 2 File Permissions.

    Configuring Cisco Devices to Use an NTP Server.

      Cisco IOS.

      CAT OS.

    Firewalls and NTP.

    Configuring a Windows NTP Client.

    Conclusion.

III. ADVANCED TOPICS.

25. Network-Based Linux Installation.

    In This Chapter.

    Setting Up the Installation Server.

      Basic Preparation.

      Set Up Your Web Server.

      Set Up Your FTP Server.

      Create a Special FTP User.

      Set Up Your NFS Server.

      Configure Your DHCP Server.

    Creating a Boot CD.

    The Network Installation.

    Troubleshooting the Network Installation.

    Differences Between Fedora and Red Hat Installation.

    Automating Installation with Kickstart.

      How to Create New Kickstart Configuration Files.

      How to Run a Kickstart Installation.

      Booting With Your Kickstart Files.

    Conclusion.

26. Linux Software RAID.

    In This Chapter.

    RAID Types.

      Linear Mode RAID.

      RAID 0.

      RAID 1.

      RAID 4.

      RAID 5.

    Before You Start.

      IDE Drives.

      Serial ATA Drives.

      SCSI Drives.

      Should I Use Software RAID Partitions or Entire Disks?

      Back up Your System First.

      Configure RAID in Single-User Mode.

    Configuring Software RAID.

      RAID Partitioning.

      Edit the RAID Configuration File.

      Create the RAID Set.

      Confirm RAID Is Correctly Initialized.

      Format the New RAID Set.

      Load the RAID Driver for the New RAID Set.

      Create a Mount Point for the RAID Set.

      Edit the /etc/fstab File.

      Start the New RAID Set’s Driver.

      Mount the New RAID Set.

      Check the Status of the New RAID.

    Conclusion.

27. Expanding Disk Capacity.

    In This Chapter.

    Adding Disks to Linux.

      Scenario.

      Determining the Disk Types.

      Preparing Partitions on New Disks.

      Verifying Your New Partition.

      Putting a Directory Structure on Your New Partition.

      Migrating Data to Your New Partition.

    Expanding Partitions with LVM.

      LVM Terms.

      Configuring LVM Devices.

    Conclusion.

28. Managing Disk Usage with Quotas.

    In This Chapter.

    Setting Up Quotas.

      Enter Single-User Mode.

      Edit Your /etc/fstab File.

      Remount the Filesystem.

      Get Out of Single-User Mode.

      Create the Partition Quota Configuration Files.

            Initialize the Quota Table.

      Edit the User’s Quota Information.

      Testing.

    Other Quota Topics.

      Editing Grace Periods.

      Editing Group Quotas.

      Getting Quota Reports.

    Conclusion.

29. Remote Disk Access With NFS.

    In This Chapter.

    NFS Operation Overview.

      General NFS Rules.

      Key NFS Concepts.

      Important NFS Daemons.

    Installing nfs.

    Scenario.

    Configuring NFS on the Server.

      The /etc/exports File.

      Starting NFS on the Server.

    Configuring NFS on the Client.

      Starting NFS on the Client.

      NFS and DNS.

      Making NFS Mounting Permanent.

    Activating Modifications to the /etc/exports File.

      New Exports File.

      Adding a Shared Directory To An Existing Exports File.

      Deleting, Moving, or Modifying a Share.

    The NFS automounter.

      automounter Map Files.

      The Structure of Direct and Indirect Map Files.

      Wildcards in Map Files.

      Starting automounter.

      automounter Examples.

    Troubleshooting NFS.

      The showmount Command.

      The df Command.

      The nfsstat Command.

    Other NFS Considerations.

      Security.

      NFS Hanging.

      File Locking.

      Nesting Exports.

      Limiting root Access.

      Restricting Access to the NFS Server.

      File Permissions.

    Conclusion.

30. Centralized Logins Using NIS.

    In This Chapter.

    Scenario.

    Configuring the NFS Server.

    Configuring the NFS Client.

    Configuring the NIS Server.

      Edit Your /etc/sysconfig/network File.

      Edit Your /etc/yp.conf File.

      Start the Key NIS Server-Related Daemons.

      Initialize Your NIS Domain.

      Start the ypbind and ypxfrd Daemons.

      Make Sure the Daemons Are Running.

    Adding New NIS Users.

    Configuring the NIS Client.

      Run authconfig.

      Start the NIS Client-Related Daemons.

      Verify Name Resolution.

      Test NIS Access to the NIS Server.

      Test Logins via the NIS Server.

    NIS Slave Servers.

      Configuring NIS Slave Servers.

      Configuring NIS Clients with Slaves.

    Changing Your NIS Passwords.

      When There Is Only an NIS Master.

      When There Is a NIS Master and Slave Pair.

      Possible Password Errors.

    Considerations for a Non-NFS Environment.

    NIS Troubleshooting.

    Conclusion.

31. Centralized Logins Using LDAP and RADIUS.

    In This Chapter.

    The LDAP Directory Structure.

    Scenario.

    Downloading and Installing the LDAP Packages.

      Required LDAP Server RPMs.

      Required LDAP Client RPMs.

    Configuring the LDAP Server.

      Create a Database Directory.

      Create an LDAP Root Password.

      Edit the slapd.conf File.

      Start the ldap Daemon.

      Convert the /etc/passwd File to LDIF Format.

      Modify the LDIF Files.

      Import the LDIF Files into the Database.

      Test the LDAP Database.

    Configuring the LDAP Client.

      Edit the ldap.conf Configuration File.

      Edit the /etc/nsswitch File.

      Create Home Directories on the LDAP Client.

      Testing.

    Configuring Encrypted LDAP Communication.

      Configuring the stunnel LDAP Client.

      Configuring the stunnel LDAP Server.

    Troubleshooting LDAP Logins.

      Test Using ldapsearch.

      Use SSH or the Linux Console.

      Use the tcpdump Command.

      Test Basic Connectivity.

      LDAP Works But Is Not Using LDAPS.

      stunnel Doesn’t Appear to Work.

      LDAP bind Errors.

      Possible stunnel Errors in Fedora Core 2.

    Common LDAP Administrative Tasks.

      Starting and Stopping LDAP.

      LDAP Users Changing Their Own Passwords.

      Modifying LDAP Users by User root.

      Adding New LDAP Users.

      Deleting LDAP Users.

      LDAP Web Management Tools.

    Configuring RADIUS for LDAP.

      Download and Install the FreeRADIUS Packages.

      Starting and Stopping FreeRADIUS.

      Configuring the /etc/raddb/radiusd.conf File.

      Configuring the /etc/raddb/users File.

      Configuring the /etc/raddb/clients.conf File.

      Troubleshooting and Testing RADIUS.

    Conclusion.

32. Controlling Web Access with Squid.

    In This Chapter.

    Download and Install the Squid Package.

    Starting Squid.

    The /etc/squid/squid.conf File.

      The Visible Host Name.

      Access Control Lists.

      Restricting Web Access by Time.

      Restricting Web Access by IP Address.

      Password Authentication Using NCSA.

    Forcing Users to Use Your Squid Server.

      Making Your Squid Server Transparent to Users.

      Manually Configuring Web Browsers to Use Your Squid Server.

    Squid Disk Usage.

    Troubleshooting Squid.

    Conclusion.

33. Modifying the Linux Kernel to Improve Performance.

    In This Chapter.

      The Pros and Cons of Kernel Upgrades.

    Download and Install the Kernel Sources Package.

    Kernel Modules.

      Reasons for Kernel Modules.

      How Kernel Modules Load When Booting.

      Loading Kernel Modules on Demand.

    Creating a Custom Kernel.

      Make Sure Your Source Files Are in Order.

      The.config File.

      Customizing the.config File.

      Configure Dependencies.

      Edit the Makefile to Give the Kernel a Unique Name.

      Compile a New Kernel.

      Build the Kernel’s Modules.

      Install the Kernel Modules.

      Copy the New Kernel to the /boot Partition.

    Updating GRUB.

      Kernel Crash Recovery.

      How to Create a Boot CD.

    Updating the Kernel Using RPMs.

    Conclusion.

34. Basic MySQL Configuration.

    In This Chapter.

    Preparing MySQL for Applications.

    Installing MySQL.

    Starting MySQL.

    The /etc/my.cnf File.

    The Location of MySQL Databases.

    Creating a MySQL Root Account.

    Accessing the MySQL Command Line.

    Creating and Deleting MySQL Databases.

    Granting Privileges to Users.

    Running MySQL Scripts to Create Data Tables.

    Viewing Your New MySQL Databases.

      Listing the Data Tables in Your MySQL Database.

      Viewing Your MySQL Database’s Table Structure.

      Viewing the Contents of a Table.

    Configuring Your Application.

    Recovering and Changing Your MySQL Root Password.

    MySQL Database Backup.

    MySQL Database Restoration.

    Very Basic MySQL Network Security.

    Basic MySQL Troubleshooting.

      Connectivity Testing.

      Test Database Access.

      A Common Fedora Core 1 MySQL Startup Error.

    Conclusion.

35. Configuring Linux VPNs.

    In This Chapter.

    VPN Guidelines.

    Scenario.

    Download and Install the Openswan Package.

    How to Get Openswan Started.

    Get the Status of the Openswan Installation.

      How to Fix Common Status Errors.

    VPN Configuration Steps Using RSA Keys.

      The /etc/ipsec.conf File.

      Obtaining RSA Keys.

      Edit the /etc/ipsec.conf Configuration File.

      Restart Openswan.

      Initialize the New Tunnel.

      Testing the New Tunnel.

    Possible Changes to IP Tables NAT/Masquerade Rules.

    How to Ensure Openswan Starts When Rebooting.

    Using Pre-Shared Keys (PSK).

    Troubleshooting Openswan.

      Determine the Tunnel Status.

      Testing VPN Connectivity.

      Check the Routes.

      Using tcpdump.

      Check syslog Error Messages.

      Invalid Key Messages.

    Conclusion.

Appendix I. Miscellaneous Linux Topics.

    Fedora Core 3.

    Linux Security with TCP Wrappers.

      The TCP Wrappers File Format.

      Determining the TCP Daemon’s Name.

    Adjusting Kernel Parameters.

    Running Linux Without a Monitor.

      Preparing to Go Headless.

      Configuration Steps.

    Make Your Linux Box Emulate a VT100 Dumb Terminal.

      Configuration Steps.

    VPN Terms and Methods.

      Authentication and Encryption Methods.

      Internet Key Exchange (IKE).

      IKE’s Role in Creating Security Associations.

      VPN Security and Firewalls.

      VPN User Authentication Methods for Temporary Connections.

    TCP/IP Packet Format.

    ICMP Codes.

Appendix II.  Codes, Scripts, and Configurations.

    Apache File Permissions Script.

    sendmail Spam Filter Script.

      The mail-filter.accept File.

      The mail-filter.reject File.

      The mail-filter Script.

    iptables Scripts.

      FTP Client Script.

      FTP Server Script.

      NTP Server Script.

      Home/Small Office Protection Script.

    Sample DNS Zone Files: Using BIND Views.

      The /etc/named.conf File.

      Zone File for my-web-site.org (External View).

      Zone File for my-web-site.org (Internal View).

      Reverse Zone File for a Home Network Using NAT.

    sendmail Samples.

      Sample /etc/mail/access File.

      Sample /etc/mail/local-host-names File.

      Sample /etc/mail/sendmail.mc File.

      Sample /etc/mail/virtusertable File.

Appendix III. Fedora Version Differences.

    FTP Differences.

    DHCP Differences.

    DNS Differences.

    Routing Differences.

    iptables Differences.

    Software Installation Differences.

    Wireless Networking Differences.

      Linux-WLAN File Locations Using Red Hat 8.0 RPMs.

    MRTG Differences.

      File Locations.

      indexmaker MRTG_LIB Errors with Red Hat 9 and 8.0.

      Precedence Bitwise Error with Red Hat 9.

    Webalizer Differences.

Appendix IV. syslog Configuration and Cisco Devices.

    Cisco Routers.

    Catalyst CAT Switches Running CATOS.

    Cisco Local Director.

    Cisco PIX Firewalls.

    Cisco CSS11000 (Arrowpoints).

    The Sample Cisco syslog.conf File.

Index.