Linux Final Notes

Linux Administration Notes (MSc-IT) By: Nabeel
1

Set Multiple IP to Single Ethernet

First go to following directory:
cd /etc/sysconfig/network-scripts
create another copy and rename the following file:
cp ifcfg-eth0 ifcfg-eth0:1
open the ifcfg-eth0:1 file and change in the following line and save the file.
Device = eth0:1
Now you can assign the ip address to eth0:1 using
ifconfig eth0:1 192.168.0.30
restart the network service
service network restart
Remote Login:

We can login Remotely to Different Machine using telnet or SSH(Secure Shell) service. Using SSH first
disable firewall using setup command. The ssh command is as following.
# ssh 172.168.0.1
FTP Client Login:

Type the FTP command when enter new prompt ftp> is shown type the open and ip address of ftp server:
# ftp
ftp>open 172.16.1.110
Init Levels Or Run Levels

The init default entry in the /etc/inittab file tells init what run level to bring the system to Set initdefault to 3
to cause the system to present a text login message when it boots; set initdefault to 5 to present a graphical
login screen (default).

To start or stop a service or in different run level simply rename script file

2

# cd /etc/rc2.d
# rename K20nfs S20nfs
Configure Apache Server:

I Divide it into three step
First Step: Install the Apache Server
Second Step: Start the httpd Service
Third Step: Create another html page and Browersing.
Step 1: If Apache Server is not Installed. Install it .Go to
System Setting ->Add Remove Application and Check the Web Server option Now Apache Server is
installed. You can also Installed using RPM command.
Step 2: Start the Apache Server. Two ways to start the Apache Server
(i) first way to start the Apache Server using this command.
# service httpd start
(ii) Second way is goto the directory where all service script are occurred.
# cd /etc/rc.d/init.d
Now we are in init.d directory type the following command
# ./httpd start
Now httpd script is started.
To check your server running you opens the web browser (Mozilla browser by Default) and type in Url
address bar the following address.
http://localhost
Now one test page is open which indicate that server is running
Step 3: Now last step is to create your own html page and open it in browser.
go to /var/www/html directory using following command.
# cd /var/www/html
Now create a html file using vi editor. The command is
# vi page1.html
Now we create html file
Page1 file is open and Type the following html code in file.
<html>
<body>
Computer Science
</body>
</html>
Now press Esc. And type :wq! to save and exit the editor.

3

Once again open the Browser and Type in URL Address bar the following address
http://localhost/page1.html

NFS
Linux provides several tools for accessing files on remotes systems connected to a network. The Network
File System (NFS) enables you to connect to and directly access resources such as files or devices like CD-
ROMs that reside on another machine.
Network File Systems: NFS and /etc/exports
NFS enables you to mount a file system on a remote computer as if it were local to your own system. You
can then directly access any of the files on that remote file system. This has the advantage of allowing
different systems on a network to access the same files directly, without each having to keep its own copy.
Only one copy would be on a remote file system, which each computer could then access.
It does so by exporting the file system, which entails making entries in an NFS configuration file called
/etc/exports, as well as by running several daemons to support access by other systems.
The NFS daemons are listed here.
rpc.nfsd receives NFS requests from remote systems and translates them into requests
for the local system.
rpc.mountd performs requested mount and unmount operations.
rpc.portmapper maps remote requests to the appropriate NFS daemon.
rpc.rquotad provides user disk quote management.
rpc.statd provides locking services when a remote host reboots.
rpc.lockd handles lock recovery for systems that have gone down.
On Red Hat, you start up and shut down the NFS daemons using the /etc/rc.d/init.d/nfs script. You can
access this script directly or use the service command as shown here:
# service nfs start
The nfs script will start up the portmapper, nfsd, mountd, and rquotad daemons. To enable
NFS locking, you use the nfslock script. This will start up the statd and lockd daemons. NFS
locking provides for better recovery from interrupted operations that can occur from system
crashes on remote hosts.
# service nfslock start
NFS Configuration: /etc/exports
Open the file and enter the directory which you want to share.
/home/foodstuff lizard.mytrek.com(rw)
/mnt/cdrom rabbit.mytrek.com(ro)
NFS Clients Side setting
You can also use the mount command with the -t nfs option to mount an NFS file system
explicitly. To mount the previous entry explicitly, use the following command:
# mount -t nfs -o soft,intr,timeo=20 rabbit.mytrek.com:/home/projects /home/dylan/projects
You can, of course, unmount an NFS directory with the umount command. You can specify
either the local mountpoint or the remote host and directory, as shown here:
# umount /home/dylan/projects
# umount rabbit.mytrek.com:/home/projects

4

THE SHELL:
Before graphical user interfaces came into vogue, the only way to interact with an operating system was via
the command line shell (often known simply as the shell). The shell allows users to type in commands for
the operating system and the operating system to display the output that results from the execution of these
commands.The shell is a declarative and parameterized mechanism for executing common tasks. A shell
script is a sequence of commands and operators listed one after another, stored in a file, and executed as a
single entity.
Two type of shell variable:
1: User-Defined variable 2: System Variable
for example $USERNAME is system define variable. See the USERNAME value using echo
# echo $USERNAME
Bash shell script files start with the command interpreter, in this case bash itself:
#!/bin/bash or # !/bin/sh
Program 1:
In root directory create test1.sh file using vi edition. The sh is file extension of scripting file. And write
following code.
#!/bin/bash
echo This is a Program

ESC and :wq!
For execution the script file two methods are used.
i) # bash test1.sh (ii) ./test.sh
# chmod 777 test1.sh // change the permission for file execution
Program 2:
# vi test2.sh
# ./bin/bash
echo any script $1

echo any script $2

NUMBER1 = 333
NUMBER2 = 222
let NUMBER3 = $NUMBER1 + $NUMBER2
echo $NUMBER3

Save the file and run it
Run the script, YOU is argument1 and COMPUTER is argument 2
# bash test2.sh YOU COMPUTER

5

Integer Comparisons Function
-gt Greater-than
-lt Less-than
-ge Greater-than-or-equal-to
-le Less-than-or-equal-to
-eq Equal
-ne Not-Equal
Program 3: Tell the Number pass in argument is POSITIVE OR NEGATIVE
#!/bin/bash
if [ $#

eq 0 ]
then
echo $0: No argument is entered

exit 1
fi
if [ $1 ge 0 ]
then
echo $1 NUMBER is POSITIVE

else
echo $1 NUMBER is NEGATIVE

fi
Program 4: While Loop to tell about user space
i=1
while [ $i le 10 ]
do
du s
du s root
let i=$i+1
done
Program 5: Write a script in which user want to execute command his directory path is home path and
argument are sent as a username.
!/bin/bash
cd /home
du s $1
echo USER NAME: $1


6

IPV6:
IPV6 addressing uses a very different approach designed to provide more flexibility and support for very
large address space. There are three different types of IPv6 addresses, unicast, multicast, and anycast, of
which unicast is the most commonly used. A unicast address is directed to a particular interface. There are
several kinds of unicast addresses, depending on how the address is used. For example, you can have a
global unicast address for access through the Internet or a site-level unicast address for private networks.
Although consisting of 128 bits in eight segments (16 bits, 2 bytes per segment), an IPv6 address is
made up of several fields that conform roughly to the segments and capabilities of an IPv4 address,
networking information, subnet information and the interface identifier(host ID). The network information
includes a format prefix indicating the type of network connection. The interface ID is a 64 bit (four
segments) Extended Unique Identifier generated from a network device s Media Access Control (MAC)
address. IP addresses are written in hexadecimal numbers, Each segment is separated by a colon.
Advantages of IPv6:

Features simplified headers that allow for faster processing

Provides support for encryption and authentication along with VPN using the integrated IPSEC
protocol.

Extends the address space to cover 2 to the power of 128 possible hosts (billions of billions). This
extends far beyond the 4.2 billion supported by IPv4.

Supports stateless auto configuration of addresses for hosts. Bypassing the need for DHCP to
configure such addresses. Addresses can be generated directly using MAC hardware address of an
interface.

Supports Quality of Service operations, providing sufficient response times for services like
multimedia and telecom tasks.

Multicast capabilities built in the protocol, providing direct support for multimedia tasks. Multicast
addressing also provides that same function as IPv4 broadcast addressing.

Better access for mobile nodes, like PDAs, notebooks, and phones.
Would increased use of NATs be adequate?
No NAT enforces a client-server application model where the server has topological constraints.
o They won t work for peer-to-peer or devices that are called by others (e.g., IP phones)
o They inhibit deployment of new applications and services, because all NATs in the path have
to be upgraded BEFORE the application can be deployed.

NAT compromises the performance, robustness, and security of the Internet.

NAT increases complexity and reduces manageability of the local network.

Public address consumption is still rising even with current NAT deployments.

7

The IPv4 Header
20 octets + options : 13 fields, including 3 flag bits

IPV 6 Header:
40 Octets, 8 fields

Summary of Header Changes between IPv4 & IPv6

Streamlined

Fragmentation fields moved out of base header

IP options moved out of base header

Header Checksum eliminated

Header Length field eliminated

Length field excludes IPv6 header

8

Alignment changed from 32 to 64 bits

Revised

Time to Live Hop Limit

Protocol Next Header

Precedence & TOS Traffic Class

Addresses increased 32 bits 128 bits

Extended

Flow Label field added
IPv6 Address Format:
In the following example the first four segments represent the network part of the IPv6 address, and the
following four segments present the interface (host) address.
FEC0:0000:0000:0000:0008:0800:200C:417A
write in compress format:
FEC0::0008:0800:200C:417A
You can also cut any preceding zeros. Like
FEC0:0:0:0:8:800:200C:417A
The loopback address 0000000000000001 can be reduced to just the following.
::1
To ease the transition from IPv4 addressing to IPv6, a form of addressing incorporating IPv4 addresses is
also supported.
FEC0::192.168.0.3
IPv6 Addresses Format Prefixes and Reserved Addresses.
3 Unicast Global Addresses
FE8 Unicast link-local addresses, used for physically connected hosts on
on a network
FEC Unicast Site-local addresses, comparable to IPv4 private addresses
0000000000000001 Unicast Loopback address
0000000000000000 Unspecified address
FF Multicast Addresses.
CREATE IPV 6 NETWORK:
First open the /etc/sysconfig/network-scripts/ifcfg-eth0
Type following text the file:
DEVICE=eth0

9

BOOTPROTO=static
IPADDR=193.166.3.23
NETMASK=255.255.255.240
IPV6INIT=yes
IPV6ADDR=3ffe:2620:1:3::3/64
IPV6TO4INIT=yes
Open the file /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
NETWORKING_IPV6=yes
IPV6INIT=yes
PING Command in IPV6

# PING6 3ffe:2620:1:3::3
FTP Server:

The File Transfer Protocol (FTP) is designed to transfer large files across a network from one system to
another. Like most Internet operations, FTP works one a client/server mode. FTP client programs can enable
users to transfer files to and from a remote system running an FTP server program.
There are a number of FTP servers available for Red Hat Linux 9 For example:
vsftpd is a simplified FTP server implementation. It is designed to be a very secure FTP server, and can
also be configured to allow anonymous access. We'll explore vsftpd in this section.
TUX is a kernel-based, threaded, extremely high performance HTTP server, which also has FTP
capabilities. TUX is perhaps the best in terms of performance, but offers less functionality than other FTP
server software. TUX is installed by default with Red Hat Linux 9.
wu-ftpd is a highly configurable and full-featured FTP daemon, which was popular in earlier versions of
Red Hat Linux but has since given way to the more security-conscious vsftpd.
gssftpd is a kerberized FTP daemon, which means that it is suitable for use with the Kerberos authentication
system.
Red Hat FTP server Directory:
The ftp directory is placed in different directories by different distributions. On Red Hat , the ftp directory is
placed in the /var directory, /var/ftp. Place the files you want to allow access to in the /var/ftp/pub
directory. You can also create subdirectories and place files there. By default, under Red Hat Linux vsftpd
allows local and anonymous users to log in on the server and does not set up a guest account. When
someone logs in as an anonymous user, that person is working in the /var/ftp directory.
Testing the Setup
Make sure vsftpd is working by logging in from the system running the server. You can refer to the server as
localhost or by using its hostname on the command line. Log in as anonymous; use any password.
$ ftp localhost
If you are not able to connect to the server, first make sure the server is running:
$ /sbin/service vsftpd status

10

vsftpd (pid 3091) is running...
# nmap //to test ftp
vsftpd.conf: The vsftpd Configuration File
The configuration file for vsftpd, /etc/vsftpd/vsftpd.conf, lists Boolean, numeric, and string name-value
pairs of configuration parameters, called directives. Each name-value pair is joined by an equal sign with no
SPACEs on either side.Here is the options you can set in /etc/vsftpd/vsftpd.conf:
_ anon_mkdir_write_enable=YES enables anonymous FTP users to create new directories. This is a risky
option and you may want to set this to NO, even if you allow anonymous users to upload files.
_ anon_upload_enable=YES means anonymous FTP users can upload files. This option takes effect only if
write_enable is already set to YES and the directory has write permissions for everyone. Remember that
allowing anonymous users to write on your system can be very risky because someone could fill up the disk
or use your disk for their personal storage.
_ anonymous_enable=YES enables anonymous FTP (so users can log in with the user name anonymous
and provide their email address as password). Comment out this line if you do not want anonymous FTP.
_ ascii_download_enable=YES enables file downloads in ASCII mode.
Unfortunately, a malicious remote user can issue the SIZE command with the name of a huge file and
essentially cause the FTP server to waste huge amounts of resources opening that file and determining its
size. This can be used by malicious users as a denial of service attack.
_ ascii_upload_enable=YES enables file uploads in ASCII mode (for text files).
_ async_abor_enable=YES causes vsftpd to recognize ABOR (abort) requests that arrive at any time. You
may need to enable it to allow older FTP clients to work with vsftpd.
_ banned_email_file=/etc/vsftpd/banned_emails specifies the file with the list of banned email addresses
(used only if deny_email_enable is set to YES).
_ chown_uploads=YES causes uploaded anonymous files to be owned by a different user specified by the
chown_username option. Don t enable this, unless absolutely necessary and don t make the
chown_username be root.
_ chown_username=name specifies the user name that would own files uploaded by anonymous FTP users.
_ chroot_list_enable=YES causes vsftpd to confine all users except those on a list specified by the
chroot_list_file to their home directories when they log in for FTP service. This prevents these users from
getting to any other files besides what s in their home directories.
_ chroot_list_file=/etc/vsftpd/chroot_list is the list of users who are either confined to their home directories
or not, depending on the setting of chroot_local_user.
_ chroot_local_user=YES confines local users to their home directory (in other words, their home directory
becomes their root directory /).
_ connect_from_port_20=YES causes vsftpd to make sure that data transfers
occur through port 20 (the FTP data port).
_ data_connection_timeout=120 is the time in seconds after which an inactive
data connection is timed out.
_ deny_email_enable=YES causes vsftpd to check a list of banned email addresses
and denies access to anyone who tries to log in anonymously with a banned
email address as password.
_ dirmessage_enable=YES causes vsftpd to display messages when FTP users
change to certain directories.
ftpd_banner=Welcome to my FTP service sets the banner that vsftpd displays
when a user logs in. You can change the message to anything you want.
_ idle_session_timeout=600 is the time (in seconds) after which an idle session
(refers to the situation where someone connects and does not do anything) times
out and vsftpd logs the user out.
_ listen=YES causes vsftpd to listen for connection requests and, consequently,

11

run in standalone mode. Set this to NO if you want to run vsftpd under xinetd.
_ local_enable=YES causes vsftpd to grant local users access to FTP.
_ local_umask=022 means whatever files FTP writes will have a permission of 644 (read access for
everyone, but write access for owner only). You can set it to any file permission mask setting you want. For
example, if you want no permissions for anyone but the owner, change this to 077.
_ ls_recurse_enable=YES enables FTP users to recursively traverse directories using the ls -R command.
_ nopriv_user=ftp identifies an unprivileged user that the FTP server can use.
_ pam_service_name=vsftpd is the name of the Pluggable Authentication Module
(PAM) configuration file that is used when vsftpd needs to authenticate a user.
By default the PAM configuration files are in /etc/pam.d directory. That means
vsftpd s PAM configuration file is /etc/pam.d/vsftpd.
_ tcp_wrappers=YES enables support for access control through the TCP wrapper that consults the files
/etc/hosts.allow and /etc/hosts.deny.
_ userlist_deny=YES causes vsftpd to deny access to the users listed in the /etc/vsftpd.user_list file. These
users are not even prompted for a password.
_ write_enable=YES causes vsftpd to allow file uploads to the host.
_ xferlog_enable=YES turns on the logging of file downloads and uploads (always a good idea, but takes
disk space).
_ xferlog_file=/var/log/vsftpd.log specifies the full pathname of the vsftpd log file. The default is
/var/log/vsftpd.log.
_ xferlog_std_format=YES causes vsftpd to generate log files in a standard format used by other FTP
daemons.
This basically says that anyone listed in the /etc/vsftpd.ftpusers file should be denied login. If you want to
deny FTP access to any other user names, simply add those names to the /etc/vsftpd.ftpusers file.
Understanding the /etc/vsftpd.user_list File
If the userlist_deny option is set to YES, vsftpd does not allow users listed in the /etc/vsftpd.user_list file
any access to FTP services. It does not even prompt them for a password. However, if userlist_deny is set to
NO, the meaning is reversed and these users are the only ones allowed access (but the PAM configuration
still denies anyone on the /etc/vsftpd.user_list).
Using Anonymous FTP
Anonymous FTP refers to the use of the user name anonymous, which anyone can use with FTP to transfer
files from a system. Anonymous FTP is a common way to share files on the Internet
The key features of an anonymous FTP setup are as follows:
There is a user named ftp whose home directory is /var/ftp. The user does not have a shell assigned. Here is
what you get when you search for ftp in the /etc/passwd file:
# grep ftp /etc/passwd
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
Or another command to configure already account if output return
# getend passwd ftp
if not return create ftp user using this command
# useraddd c FTPuser d /var/ftp r s /sbin/nologin ftp
restart ftp service.
Configuring an Anonymous FTP Server for File Upload
There are four steps here. We'll need to create the folder, set the appropriate permissions, and then enable
uploading in the FTP server configuration:

12

First, we need to create a writeable directory. Again, you'll need the root account for this. Let's create a
directory called /upload (in the /var/ftp/pub directory):
# cd /var/ftp/pub
# mkdir upload
1. Next, we need to set the permission of the upload directory so that it allows write only access to
anonymous FTP users (so that they can write to the directory but not to download from it this restricts file
sharing among FTP users). To do this, we'll first use the chgrp command to change the group associated
with the upload directory:
# chgrp ftp upload
Now, the owner of the folder is still root, but the directory's group is ftp . the set of FTP users. Now we'll use
the chmod command to assign read/write/execute access to the owner, read/write/access only to the group,
and deny access to other users:
# chmod R u=rwx, g=rwx, o=rxw upload
2. Finally, we must configure the vsftpd server to allow anonymous upload. To do this, we simply edit the
configuration file, /etc/vsftpd/vsftpd.conf. Open this file using gedit (or your favorite text editor), and
locate the following lines:
# Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above
global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
Just remove the leading # character in the last line, and save the file:
anon_upload_enable=YES
3. Finally, restart the vsftpd service by using the Restart button in the Server Configuration dialog, or
typing the following at the command line:
# service vsftpd restart
Create FTP USERS:

Create a new file
# vi plain-vsftpd.txt
and add some users and their in this file for example.
ftp-user1
user1
ftp-user2
user2
Save this file and then include into ftp Database using this command
# db_load -T t hash f plain-vsftpd.txt /etc/hash_vsftpd.db
User Authentication

The vsftpd server makes use of the PAM service to authenticate local users that are remotely accessing their
accounts through FTP. Pluggable Authentication Modules (PAM) is an authentication service that lets a
system determine the method of authentication to be performed for users.
Open the /etc/pam.d/vsftpd file. And add the following lines.
Auth required /lib/security/pam_userdb.so db=/etc/hash_vsftpd
Account required /lib/security/pam_userdb.so db=/etc/hash_vsftpd
Save the file.
DNS
The Domain Name Service (DNS) is an Internet service that converts domain names into their
corresponding IP addresses. As you may recall, all computers connected to the Internet are addressed using

13

an Internet Protocol (IP) address. Any computer on the Internet can maintain a file that manually associates
IP addresses withdomain names. On Linux and Unix systems, this file is called the /etc/hosts file.
The Internet is composed of many connected subnets called domains, each with its own Domain Name
Service (DNS) servers that keep track of all the fully qualified domain names and IP addresses for all the
computers on its network. The section of a network for which a given DNS server is responsible is called a
zone. Although a zone may correspond to a domain, many zones may, in fact, be within a domain, each with
its own name server. The names of the DNS servers that service a host's network are kept in the host's
/etc/resolv.conf file. When setting up an Internet connection, the name servers provided by
your Internet service provider (ISP) were placed in this file.
Configuring DNS

Verifying that DNS is installed
If DNS was installed successfully, the following startup script should exist
more /etc/rc.d/init.d/named
Configuring DNS / BIND

The main configuration file of DNS is /etc/named.conf and should look, by default, something like
this:
// generated by named-bootconf.pl
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
We will now change it to support our domain organicbrownsugar.com which is NOT connected to
the internet by typing:
vi /etc/named.conf
And the file should look like this when we are done:
// generated by named-bootconf.pl
options {
directory "/var/named";
/*

14

* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
zone "." IN {
type master;
file "db.root";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
type master;
file "named.local";
};
zone "organicbrownsugar.com" IN {
type master;
file "organicbrownsugar.com.zone";
};
type master;
file "organicbrownsugar.com.zone.rev";
};
zone "us.organicbrownsugar.com" IN {
type master;
file "us.organicbrownsugar.com.zone";
};
This tells the DNS service which domains we are hosting here. The first paragraph adds our domain
while not allowing remote servers to send our server updates of any kind. The second paragraph
creates a so called Reverse Lookup Zone to later map IP addresses to hostnames.
After creating the config file, we now have to set up the two zone files we are pointing to. For this we
type
vi /var/named/organicbrownsugar.zone
and add the following lines (remember, you can save some typing by downloading this from
www.netikus.net):

15


16


17


18

Setting up a Mail Server
For many of us, email has become an essential part of life. When you send an email, it is a mail server that
is responsible for dispatching that mail to its intended destination.
A mail server can be configured to handle small home network emails, or large complex networks with
hundreds of users. Many home users tend to use the mail server provided by their ISP. Many medium to
large organizations host their own mail servers.
A mail server is a collection of applications that provide the functionality to manage the tasks of sending and
receiving of email, and delivering email to user's mailboxes. A mail server uses a number of different
protocols to transfer email from one system to other. Here's a brief description of these protocols:
The Internet Message Access Protocol (IMAP) is a protocol used by an email client application to access
the remote email mailbox. The main advantage of IMAP is that users can manage the email messages on
remote mailboxes instead of downloading the messages on to local machine. For more information about
IMAP, take a look at http://www.imap.org/.
The Post Office Protocol (POP) is used by email clients to download email messages from a remote
server and save it on their local machine. For more information about POP,
The Simple Mail Transfer Protocol (SMTP) is used to send emails (this is in contrast with IMAP and
POP, which are used to receive emails). Each email message is transferred between remote email servers
using SMTP. Red Hat Linux 9 uses sendmail as its default SMTP software.
E mail Application Types
E mail applications fall into the following three class:

Mail User Agents (MUAs). An MUA is an e mail client a program that is used to retrieve
and manage e mail messages via POP or IMAP protocols. Examples of MUAs on Linux systems
include pine, mutt, Ximian's Evolution, and Mozilla Mail. Microsoft's Outlook is also an MUA.
Mail Transfer Agents (MTAs). An MTA transfers e mail messages between different machines
using SMTP. During the course of its journey from source to destination, an e mail message may
transfer between several MTAs, hosted on different platforms. On Linux systems, sendmail, postfix,
exim, and qmail are four different MTA applications. Red Hat Linux 9 uses sendmail as its default
MTA.
Mail Delivery Agents (MDAs). An MDA is used to deliver email messages to users' mailboxes. An
MTA delivers messages to an MDA, which is then responsible for delivering it to the specified mailbox.
Some MTAs (such as sendmail) can also act as MDA. On Linux systems, example MDAs include
sendmail, procmail, and /bin/mail. MDAs are sometimes also known as LDAs (local delivery agents).
On Red Hat Linux 9, Sendmail is both the MTA and MDA by default.
Installing Sendmail
installing Sendmail is straightforward when you do it through the RPM GUI tool. Once
you've started the tool (for example, by selecting Main Menu | System Settings | Add/Remove Applications),
you need to select the Mail Server package group (which you'll find under the Servers category). The
sendmail package is selected by default as a standard package. Under the Extra Packages, you should also
select the imap and sendmail cf packages. The sendmail package will install the sendmail MTA (the SMTP
server), while the imap package installs the POP and IMAP services, and sendmail cf provides the facilities
for reconfiguring sendmail. You can deselect all other packages. Click on Close, and then on Update to start
the installation.
Configuring Sendmail
Sendmail is very flexible and provides a lot of options for handling e mail. The default installation of sendmail places
the sendmail executable in the /usr/sbin (that is, /usr/sbin/sendmail). It also creates a symbolic link,
/usr/lib/sendmail, which points to /usr/sbin/sendmail.

19

Configuration File Purpose
sendmail.cf : This lengthy and complex file is the default main file used by Sendmail. Although you can read this
document, you're not supposed to edit it; rather, you edit the source sendmail.mc file found in the same directory and
then compile using the m4 utility.
access: This file specifies which systems can use Sendmail for relaying email. It allows us to restrict the access to the
mail server by individual domains l
local host names: This file specifies all aliases for your machine
domaintable: This file specifies domain name mappings
virtusertable: This file allows a domain specific form of aliasing. It allows multiple virtual domains to be hosted on
one machine.
If you look in the /etc/mail directory, you'll see that some of these files are stored in two formats:
Configuring Sendmail
By default, Sendmail listens for incoming mails only on the loopback IP address, 127.0.0.1 and this only
allows SMTP connections between the Sendmail server and the local machine. In fact, this is sufficient for
this example, because it involves only senders and recipients whose accounts are on the local machine.
However, while we're considering this, I'll show you the part of the sendmail.mc configuration file that you'd
need to change if you wanted to open up your Sendmail server to listen for incoming mails on other
addresses.
The line in question, in sendmail.mc, is this:
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS('Port=smtp, Addr=127.0.0.1, Name=MTA')dnl
Here, the Port parameter specifies the port on which the Sendmail server, acting as MTA, is to listen for
messages (the default is smtp, which is port 25). If you wanted to make Sendmail listen for messages
coming in from the Internet or across an intranet, then you remove the Addr restriction:
DAEMON_OPTIONS('Port=smtp, Name=MTA')dnl
Alternatively, you can specify a specific IP address on which Sendmail should listen. For example:
DAEMON_OPTIONS('Port=smtp, Addr=192.168.0.99, Name=MTA')dnl
If you make changes to sendmail.mc, you must then compile them into the sendmail.cf file that Sendmail
uses. To do this, you simply employ the m4 utility like this:
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Then Start the mail service.
/etc/rc.d/init.d/sendmail restart
Or
# Service sendmail restart
Testing the Configuration
We telnet to port 25 (SMTP) of our machine and try to send our test user testuser (created during
installation) an email. Let's type
# telnet localhost 25
and we should see something like
220 email.organicbrownsugar.com ESTMP Sendmail 8.11.0/8.11.0; Mon, 30 Oct 2000
16:56:36 0500
Type in the following lines:
mail from: root@organicbrownsugar.com
rcpt to: testuser@organicbrownsugar.com

20

data
subject: I love the world and the world loves me!
Cool, I just installed and configured sendmail. Wow!!
.
and you should now see something like
250 2.0.0 e9UmxRw01218 Message accepted for delivery
Now enter
Quit
Now log in as testuser on a different console (by pressing ALT+F2 for example) and type
mail
At the command prompt. You should see something like
Mail version 8.1 6/6/92. Type ? for help.
"/var/spool/mail/testuser": 1 message 1 new
>N 1 root@organicbrownsugar.com Mon Oct 30 16:59 13/571 "Hello from telnet"
& _
Now simply type 1 and enter to read the message. q exits from the mail application.

Linux Final Notes

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Linux Final Notes

Hochgeladen von

Copyright:

Verfügbare Formate

Linux Administration Notes (MSc-IT) By: Nabeel

Das könnte Ihnen auch gefallen