Beruflich Dokumente
Kultur Dokumente
Introduction
Introduction
RH133-RHEL5u4 -en-7-20090928/d096429atitle
Copyright
Copyright
The contents of this course and all its modules and related materials,
including handouts to audience members, are Copyright 2009 Red
Hat, Inc.
No part of this publication may be stored in a retrieval system,
transmitted or reproduced in any way, including, but not limited to,
photocopy, photograph, magnetic, electronic or other record, without
the prior written permission of Red Hat, Inc.
This instructional program, including all material provided herein, is
supplied without any guarantees from Red Hat, Inc. Red Hat, Inc.
assumes no liability for damages or legal action arising from the use or
misuse of contents or details contained herein.
If you believe Red Hat training materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or
phone toll-free (USA) +1 866 626 2994 or +1 919 754 3700.
1
RH133-RHEL5u4 -en-7-20090928/216f53f8
Welcome
Welcome
Please let us know if you need any special assistance while
visiting our training facility.
Please introduce yourself to the rest of the class!
2
RH133-RHEL5u4 -en-7-20090928/a8aa45c4
3
RH133-RHEL5u4 -en-7-20090928/9b4b75ae
4
RH133-RHEL5u4 -en-7-20090928/47a77a3d
5
RH133-RHEL5u4 -en-7-20090928/f98c808c
6
RH133-RHEL5u4 -en-7-20090928/c12d09d3
7
RH133-RHEL5u4 -en-7-20090928/93398b3e
http://www.redhat.com/products/
8
RH133-RHEL5u4 -en-7-20090928/649b8772
9
RH133-RHEL5u4 -en-7-20090928/8744dbe2
10
RH133-RHEL5u4 -en-7-20090928/7bfc7df0
Objectives
Objectives
Control administrative access to Red Hat Enterprise Linux
Manage software packages with yum and rpm
Set up core system services and security
Understand system and service initialization
Monitor the kernel and configure kernel parameters
Set up IPv4 networking
Maintain existing filesystems and integrate new
filesystems
Perform local user and group administration
Enhance user management with SetGID, ACLs, and
quotas
Enable centralized authentication with NIS and LDAP
Implement partitioning with Software RAID and LVM
Install virtual systems with Kickstart
Troubleshoot boot process with rescue mode
11
RH133-RHEL5u4 -en-7-20090928/2698ef4d
Pre/Post-Assessments
Pre/Post-Assessments
Some units begin with a pre-assessment
3-5 simple questions about the unit's subject
Just leave blank if you don't know the answer
12
RH133-RHEL5u4 -en-7-20090928/25ef6d50
Lab Exercises
Lab Exercises
Labs
Fundamental exercise providing basic goals, reinforcing the
lecture
Lab Solutions
Offers step-by-step detailed methodology
Found for all exercises that do not have specific steps
themselves
Challenge Labs
Advanced exercise, reinforcing more advanced topics from the
lecture
Not all students may have the time to complete
Optional Labs
Optional exercise that may depend on classroom specific
environment
13
RH133-RHEL5u4 -en-7-20090928/1549fbcf
Classroom Network
Classroom Network
example.com network (192.168.0.0/24)
instructor.example.com (192.168.0.254)
Main classroom server: Provides DHCP, DNS, routing and other services
stationX.example.com (192.168.0.X)
Student systems
serverX.example.com (192.168.0.X+100)
Virtual server hosted on student stations (Not used in all classes)
14
RH133-RHEL5u4 -en-7-20090928/dba1a63a
Notes on Internationalization
Notes on Internationalization
Red Hat Enterprise Linux supports nineteen languages
Default system-wide language can be selected
During installation
With system-config-language (System->Administration>Language)
15
RH133-RHEL5u4 -en-7-20090928/8a224f80
Lecture 1
Lecture 1
Administrative Access
RH133-RHEL5u4 -en-7-20090928/0ce6e3f0title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Access and administer text and graphical consoles
Remotely access the system for administration
Gain administrative privilege
Access virtualized systems
RH133-RHEL5u4 -en-7-20090928/0ce6e3f0objectives
Console Access
Console Access
Direct administrative access is obtained through
consoles:
Physical Console
Virtual Console
mingetty
prefdm
Serial Console
agetty
System Console
11
RH133-RHEL5u4 -en-7-20090928/dd7963e0
Client configuration:
Default in /etc/sysconfig/desktop
Runlevel 3: startx
Runlevel 5: prefdm
12
RH133-RHEL5u4 -en-7-20090928/9e0e8949
13
RH133-RHEL5u4 -en-7-20090928/9be59077
Test:
$ ssh user@host
14
RH133-RHEL5u4 -en-7-20090928/280427f5
Remote X Clients
Remote X Clients
X protocol communication is unencrypted
Host-based sessions through xhost expose to all users
User-based sessions implemented through xauth
ssh -X host 'Xclientapp'
May automatically install xauth keys on remote machine
Can tunnel X protocol in secure encrypted ssh connection
Sets DISPLAY environment variable
15
RH133-RHEL5u4 -en-7-20090928/171d6d0d
Highly configurable
16
RH133-RHEL5u4 -en-7-20090928/4dbe0a23
Be on a list: sudo
$ sudo command
17
RH133-RHEL5u4 -en-7-20090928/306c3b47
Configuring sudo
Configuring sudo
Configure (as root):
# visudo
KILL = /usr/bin/kill
ALL=(ALL) ALL
ALL=(ALL) NOPASSWD: ALL
localhost=(ALL) KILL
18
RH133-RHEL5u4 -en-7-20090928/856898c1
19
RH133-RHEL5u4 -en-7-20090928/05753c44
Monitoring
virsh console domain
virsh list [--all|domain]
110
RH133-RHEL5u4 -en-7-20090928/ecfaeb1f
End of Lecture 1
End of Lecture 1
Questions and Answers
Summary
The X Server can be configured with system-config-display
For CLI remote-access, use ssh user@host
Include -X to enable remote-execution of GUI applications
RH133-RHEL5u4 -en-7-20090928/0ce6e3f0summary
Lecture 2
Lecture 2
Package Management
RH133-RHEL5u4 -en-7-20090928/60c26cfdtitle
Objectives
Objectives
Upon completion of this unit, you should be able to:
Add, remove, and manage software using yum
Configure yum to connect to a private repository
Connect to and use the Red Hat Network
Create a private yum repository
Perform advanced tasks with rpm
RH133-RHEL5u4 -en-7-20090928/60c26cfdobjectives
Software as Packages
Software as Packages
package-version-release.arch.rpm
version - upstream developer version
release - packager changes (fixes/backports documented in
changelog)
arch - processor architecture of binaries
Contains:
Files Archive: Binaries, Documentation, Default Config
Summary, Description, Changelog
Instructions: Dependencies, Pre/Post Install/Uninstall
Signature
21
RH133-RHEL5u4 -en-7-20090928/703b4685
About yum
About yum
Command-line front-end to rpm
Introduced with Fedora and Red Hat Enterprise Linux 5
Replacement for up2date
22
RH133-RHEL5u4 -en-7-20090928/eeac61a8
23
RH133-RHEL5u4 -en-7-20090928/15b36764
24
RH133-RHEL5u4 -en-7-20090928/52d59cec
Removing:
yum remove package...
25
RH133-RHEL5u4 -en-7-20090928/2d62dcb9
26
RH133-RHEL5u4 -en-7-20090928/c54c73a8
Interactive usage
yum uses plug-in for RHN communication
Already configured in /etc/yum/pluginconf.d/rhnplugin.conf
Remote management
Actions queued on RHN server
rhnsd polls RHN every four hours
rhn_check polls immediately
27
RH133-RHEL5u4 -en-7-20090928/bdc39cd4
28
RH133-RHEL5u4 -en-7-20090928/7786da96
Advanced options:
Reinstall: --replacepkgs
Downgrade: --oldpackage
Ignore conflicts: --replacefiles
Ignore dependencies: --nodeps
29
RH133-RHEL5u4 -en-7-20090928/e117b1c6
210
RH133-RHEL5u4 -en-7-20090928/383d31a0
211
RH133-RHEL5u4 -en-7-20090928/dec172a6
212
RH133-RHEL5u4 -en-7-20090928/5317c18a
End of Lecture 2
End of Lecture 2
Questions and Answers
Summary
yum installs packages and their dependencies from remote
repositories
Repositories are configured in yum.conf and
/etc/yum.repos.d/
Red Hat distributes updates via the Red Hat Network
Systems must be registered to access RHN
Usually done during installation or post-install with rhn_register
RH133-RHEL5u4 -en-7-20090928/60c26cfdsummary
Lecture 3
Lecture 3
RH133-RHEL5u4 -en-7-20090928/f9757bb4title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Monitor and configure system logs
Automate tasks with cron
Configure printing
Understand the importance of time synchronization
Describe SELinux service security features
RH133-RHEL5u4 -en-7-20090928/f9757bb4objectives
31
RH133-RHEL5u4 -en-7-20090928/ff94a96f
Configuring syslogd:
/etc/syslog.conf
facility.priority
log_location
32
RH133-RHEL5u4 -en-7-20090928/9884cb30
33
RH133-RHEL5u4 -en-7-20090928/af02b4eb
34
RH133-RHEL5u4 -en-7-20090928/b95b894d
logrotate
Keeps log files from getting too large
Configuration in: /etc/logrotate.conf and
/etc/logrotate.d/
logwatch
Provides a summary about system activity
Reports suspicious messages
Configuration in: /etc/logwatch/
35
RH133-RHEL5u4 -en-7-20090928/d4d80c40
36
RH133-RHEL5u4 -en-7-20090928/faec00ed
Configuration files
/etc/cups/cupsd.conf
/etc/cups/printers.conf
37
RH133-RHEL5u4 -en-7-20090928/2ba4c1c2
38
RH133-RHEL5u4 -en-7-20090928/a58abd8e
SELinux
SELinux
Mandatory Access Control -vs- Discretionary Access
Control
Any action not explicitly allowed is denied by default
39
RH133-RHEL5u4 -en-7-20090928/357f91f4
Runtime
getenforce and setenforce 0 | 1
Kernel arguments: selinux=0 | 1 or enforcing=0 | 1
Logs: /var/log/{messages,audit/audit.log}
General advice
man -k selinux
setroubleshootd, sealert -b and sealert -a
Advises how to avoid errors, not ensure security!
310
RH133-RHEL5u4 -en-7-20090928/95dcaa4d
End of Lecture 3
End of Lecture 3
Questions and Answers
Summary
Most system logs are stored in /var/log/
Automated jobs can be scheduled with crontab -e
Syntax documented in man 5 crontab
RH133-RHEL5u4 -en-7-20090928/f9757bb4summary
Lecture 4
Lecture 4
System Initialization
RH133-RHEL5u4 -en-7-20090928/d1f5685etitle
Objectives
Objectives
Upon completion of this unit, you should be able to:
Check your current system state
Start, stop and check services
Change to different runlevels
Understand the boot sequence
RH133-RHEL5u4 -en-7-20090928/d1f5685eobjectives
41
RH133-RHEL5u4 -en-7-20090928/ac8c2018
Runlevels
Runlevels
init defines runlevels 0-6, S, and emergency
Defines sets of services to auto-start
42
RH133-RHEL5u4 -en-7-20090928/425374e8
Controlling Services
Controlling Services
Graphical: system-config-services
Standalone Services
service servicename start|stop|restart|status
chkconfig --list servicename
chkconfig servicename on|off|reset
Transient Services
chkconfig --list servicename
chkconfig servicename on|off
43
RH133-RHEL5u4 -en-7-20090928/6c6818ba
44
RH133-RHEL5u4 -en-7-20090928/b500c19a
Argument passing
Change an existing stanza in menu editing mode
Issue boot commands interactively on the GRUB command line
Password protection
Can block image selection
Can block menu editing mode
45
RH133-RHEL5u4 -en-7-20090928/9ccb1955
2nd Stage
Loaded from filesystem containing /boot
Configured in /boot/grub/grub.conf
46
RH133-RHEL5u4 -en-7-20090928/90d7471d
Kernel Initialization
Kernel Initialization
Kernel boot time functions
Device detection
Device driver initialization (modules loaded from initrd<version>.img)
Mounts root filesystem read only
Loads initial process (init, PID 1)
Logged to /var/log/dmesg
47
RH133-RHEL5u4 -en-7-20090928/03283c0c
init Initialization
init Initialization
init reads its config: /etc/inittab
Initial runlevel
System initialization scripts
Runlevel specific script directories
Trap certain key sequences
Define UPS power fail / restore scripts
Spawn gettys on virtual consoles
Initialize X in runlevel 5
48
RH133-RHEL5u4 -en-7-20090928/56efac20
System Initialization
System Initialization
/etc/rc.d/rc.sysinit
Activate udev and selinux
Sets kernel parameters in /etc/sysctl.conf
Sets the system clock
Loads keymaps
Enables swap partitions
Sets hostname
Root filesystem check and remount read-write
Activate RAID and LVM devices
Enable disk quotas
Check and mount other local filesystems
Cleans up stale locks and PID files
49
RH133-RHEL5u4 -en-7-20090928/96e6b7ef
410
RH133-RHEL5u4 -en-7-20090928/80a6c1ac
Non-Service Startup
Non-Service Startup
/etc/rc.d/rc.local
Runs near the end of the runlevel specific scripts (S99local)
Common place for custom modification
Better practice:
Create a System V init script
Existing /etc/rc.d/init.d/ scripts can be used as a starting
point
411
RH133-RHEL5u4 -en-7-20090928/24249dc4
Transient Services
Transient Services
xinetd manages on-demand services
Less-frequently needed services
Host-based authentication
Service statistics and logging
Service IP redirection
Configuration files:
/etc/xinetd.conf
/etc/xinetd.d/service
412
RH133-RHEL5u4 -en-7-20090928/85a7f343
End of Lecture 4
End of Lecture 4
Questions and Answers
Summary
Understand system runlevels and kernels
Manage system services
Change runlevels
Understand the boot sequence
Use the GRUB bootloader
Access virtualization consoles
RH133-RHEL5u4 -en-7-20090928/d1f5685esummary
Lecture 5
Lecture 5
RH133-RHEL5u4 -en-7-20090928/35efbaa5title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Understand the purpose and organization of the kernel
Know how to configure the kernel using /proc and
sysctl
Explore hardware devices available on the system
Understand how to load and configure kernel modules
RH133-RHEL5u4 -en-7-20090928/35efbaa5objectives
Kernel Components
Kernel Components
Multiple kernels may be installed at the same time
Different variants have different features, allows easier version
upgrades
/boot/initrd-version.img
Initial RAM disk providing critical kernel modules at boot
/lib/modules/version/
Kernel modules (drivers and extensions) matching a particular
kernel binary
52
RH133-RHEL5u4 -en-7-20090928/18d2993d
53
RH133-RHEL5u4 -en-7-20090928/fbe8c43f
54
RH133-RHEL5u4 -en-7-20090928/47534075
55
RH133-RHEL5u4 -en-7-20090928/7ed18921
56
RH133-RHEL5u4 -en-7-20090928/62d68590
57
RH133-RHEL5u4 -en-7-20090928/93c12b3d
Review of /dev
Review of /dev
Files under /dev are used to access drivers
Three file attributes determine which driver to access:
Device type (character or block)
Major number
Minor number
Block devices:
/dev/sda, /dev/sdb - SCSI, SATA, or USB storage
/dev/md0, /dev/md1 - Software RAID
Character devices:
/dev/null, /dev/zero - Software devices
/dev/random, /dev/urandom - Random numbers
58
RH133-RHEL5u4 -en-7-20090928/928a814a
Kernel Modules
Kernel Modules
Small kernel extensions
May be loaded and unloaded at will
Can implement drivers, filesystems, firewall, and more
Provided with the kernel RPM
Are located under /lib/modules/$(uname -r)/
Compiled for a specific kernel version
510
RH133-RHEL5u4 -en-7-20090928/336394fa
511
RH133-RHEL5u4 -en-7-20090928/b7faceca
End of Lecture 5
End of Lecture 5
Questions and Answers
Summary
Different kernel variants based on processor and features
Persistently configure kernel tunables in /etc/sysctl.conf
Hardware and /dev managed through udev and HAL
Currently loaded kernel modules can be listed with lsmod
Modules needed to mount "/" are loaded from initrd
RH133-RHEL5u4 -en-7-20090928/35efbaa5summary
Lecture 6
Lecture 6
Network Configuration
RH133-RHEL5u4 -en-7-20090928/5be9f76btitle
Objectives
Objectives
Upon completion of this unit, you should be able to:
Configure TCP/IP network interfaces and routing
Configure DNS name resolution
Do basic monitoring and filtering of network traffic
Describe how interfaces could be bonded
RH133-RHEL5u4 -en-7-20090928/5be9f76bobjectives
61
RH133-RHEL5u4 -en-7-20090928/ef3454bc
system-config-network-tui
Device and Gateway
62
RH133-RHEL5u4 -en-7-20090928/fc8c85f8
63
RH133-RHEL5u4 -en-7-20090928/f3878596
Device Aliases
Device Aliases
Useful for virtual hosting
Bind multiple IP addresses to a single NIC
<device>:<alias>, i.e. eth1:0, eth1:1 ...
64
RH133-RHEL5u4 -en-7-20090928/4da924e4
65
RH133-RHEL5u4 -en-7-20090928/68f9a1ab
Verifying IP Connectivity
Verifying IP Connectivity
ping
Network packet loss and latency measurement tool
traceroute
Displays network path to a destination
mtr
Combines the functionality of traceroute and ping in a single
tool
66
RH133-RHEL5u4 -en-7-20090928/946d0776
Hostnames
Hostnames
System hostname set in /etc/sysconfig/network
If not explicitly set, DHCP or DNS will be used
localhost.localdomain
localhost6.localdomain6 localdomain6
testmachine1.lab.example.com
67
RH133-RHEL5u4 -en-7-20090928/1d931e2b
DNS Configuration
DNS Configuration
DNS servers resolve names not in /etc/hosts
Precedence controlled by /etc/nsswitch.conf
Configured in /etc/resolv.conf
search example.com
nameserver 192.168.0.254
nameserver 10.0.0.254
68
RH133-RHEL5u4 -en-7-20090928/10a51ef7
69
RH133-RHEL5u4 -en-7-20090928/8b4addc5
610
RH133-RHEL5u4 -en-7-20090928/97975493
Configuration steps:
Load bonding module in /etc/modprobe.conf
Configure bond0 interface and its slave interfaces
/proc/net/bond0/info
611
RH133-RHEL5u4 -en-7-20090928/cdd47f47
End of Lecture 6
End of Lecture 6
Questions and Answers
Summary
system-config-network provides GUI or TUI networkconfiguration
Network configuration is stored in:
/etc/sysconfig/network-scripts/ifcfg-* (interface-specific
settings)
/etc/sysconfig/network-scripts/routes-* (non-standard routes)
/etc/resolv.conf (DNS servers)
/etc/sysconfig/network (other global settings)
RH133-RHEL5u4 -en-7-20090928/5be9f76bsummary
Lecture 7
Lecture 7
Filesystem Administration
RH133-RHEL5u4 -en-7-20090928/764d17a8title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Monitor filesystems
Access removable media
Access data from remote systems using NFS
Mount NFS filesystems on demand
RH133-RHEL5u4 -en-7-20090928/764d17a8objectives
71
RH133-RHEL5u4 -en-7-20090928/d40210a3
72
RH133-RHEL5u4 -en-7-20090928/3ac1e82c
73
RH133-RHEL5u4 -en-7-20090928/74b2da34
/pub
nfs
soft
0 0
74
RH133-RHEL5u4 -en-7-20090928/cf0f81c4
75
RH133-RHEL5u4 -en-7-20090928/fb411586
End of Lecture 7
End of Lecture 7
Questions and Answers
Summary
Disks are divided into partitions, which contain filesystems
Filesystems are associated with mountpoints using mount
df -h displays a usage summary for each mounted filesystem
Removable media is mounted under /media
To mount an nfs share, run mount nfsserver:/share
/mntpoint
To list shares on an NFS server, run showmount -e nfsserver
NFS shares can be auto-mounted with /etc/fstab or /net
RH133-RHEL5u4 -en-7-20090928/764d17a8summary
Lecture 8
Lecture 8
Additional Storage
RH133-RHEL5u4 -en-7-20090928/5b177302title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Add new partitions/filesystems
Troubleshoot filesystems
Add virtual memory
RH133-RHEL5u4 -en-7-20090928/5b177302objectives
81
RH133-RHEL5u4 -en-7-20090928/3346f175
Update /proc/partitions
# partprobe /dev/sda
82
RH133-RHEL5u4 -en-7-20090928/3b2c7cf3
Making Filesystems
Making Filesystems
Make the filesystem with a label
# mkfs -t ext3 -L guest_data /dev/sda5
83
RH133-RHEL5u4 -en-7-20090928/951e21c9
84
RH133-RHEL5u4 -en-7-20090928/76188a1b
/mnt/data
ext3
defaults
1 2
85
RH133-RHEL5u4 -en-7-20090928/71945f5d
Unmounting Filesystems
Unmounting Filesystems
umount [options] device | mount_point
Cannot unmount a filesystem that is in use
Use fuser to check and/or kill processes
86
RH133-RHEL5u4 -en-7-20090928/005aa956
e2label /dev/sda5
e2label /dev/sda5 new_label
blkid -s LABEL
findfs LABEL=new_label
87
RH133-RHEL5u4 -en-7-20090928/e6331d68
swap
swap
defaults 0 0
End of Lecture 8
End of Lecture 8
Questions and Answers
Summary
To create a new filesystem:
1.
2.
3.
4.
Run
Run
Add
Run
Run
Run
Add
Run
RH133-RHEL5u4 -en-7-20090928/5b177302summary
Lecture 9
Lecture 9
User Administration
RH133-RHEL5u4 -en-7-20090928/b862a9d9title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Manage user and group accounts
Set up filesystem quotas
RH133-RHEL5u4 -en-7-20090928/b862a9d9objectives
91
RH133-RHEL5u4 -en-7-20090928/c8c69acd
92
RH133-RHEL5u4 -en-7-20090928/ccb9c36e
93
RH133-RHEL5u4 -en-7-20090928/6c92294e
94
RH133-RHEL5u4 -en-7-20090928/4bf07712
95
RH133-RHEL5u4 -en-7-20090928/385bb9e8
Initialization
Partition mount options: usrquota, grpquota
Initialize database: quotacheck -cugm /filesystem
Start or stop quotas: quotaon, quotaoff
96
RH133-RHEL5u4 -en-7-20090928/464ba9be
Managing Quotas
Managing Quotas
Implementation
Edit quotas directly: edquota username
From a shell: setquota username 4096 5120 40 50 /foo
Define prototypical users: edquota -p user1 user2
Reporting
User inspection: quota
Quota overviews: repquota
Miscellaneous utilities: warnquota
97
RH133-RHEL5u4 -en-7-20090928/ce800e7d
End of Lecture 9
End of Lecture 9
Questions and Answers
Summary
system-config-users provides GUI user and group management
useradd, usermod and userdel provide CLI user management
userdel leaves home directory and mail unless -r is provided
4. Run quotaon -a
5. Define quotas with edquota and/or setquota
RH133-RHEL5u4 -en-7-20090928/b862a9d9summary
Lecture 10
Lecture 10
RH133-RHEL5u4 -en-7-20090928/88a9a6b5title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Manage file security
Create collaborative directories using SetGID
Extend filesystem security with ACLs
RH133-RHEL5u4 -en-7-20090928/88a9a6b5objectives
Change permissions:
$ chmod ugo+x filename
$ chmod 775 filename
101
RH133-RHEL5u4 -en-7-20090928/ce1927b2
102
RH133-RHEL5u4 -en-7-20090928/827416a8
103
RH133-RHEL5u4 -en-7-20090928/da58ce2e
104
RH133-RHEL5u4 -en-7-20090928/5f6747fc
105
RH133-RHEL5u4 -en-7-20090928/b424c0cc
Removing (Expunging):
$ setfacl -x u:gandalf filename
106
RH133-RHEL5u4 -en-7-20090928/5373192c
107
RH133-RHEL5u4 -en-7-20090928/18ce0827
108
RH133-RHEL5u4 -en-7-20090928/2432d270
End of Lecture 10
End of Lecture 10
Questions and Answers
Summary
chmod g+sw dir creates a fully-collaborative environment
Members of the group that owns dir can create, delete an modify all
files in it
RH133-RHEL5u4 -en-7-20090928/88a9a6b5summary
Lecture 11
Lecture 11
RH133-RHEL5u4 -en-7-20090928/552a371ctitle
Objectives
Objectives
Upon completion of this unit, you should be able to:
Describe how Red Hat Enterprise Linux accesses user
information
Configure system to use centralized authentication
services
RH133-RHEL5u4 -en-7-20090928/552a371cobjectives
Components of Authentication
Components of Authentication
Two types of information are required to log in
Account information: Who is this user?
UID number, default shell, home directory, groups, etc
111
RH133-RHEL5u4 -en-7-20090928/68f23321
Supplemental Media
112
RH133-RHEL5u4 -en-7-20090928/187a7489
113
RH133-RHEL5u4 -en-7-20090928/3f042508
114
RH133-RHEL5u4 -en-7-20090928/7cf7c83d
115
RH133-RHEL5u4 -en-7-20090928/47a9c83e
116
RH133-RHEL5u4 -en-7-20090928/af3d628d
117
RH133-RHEL5u4 -en-7-20090928/1fed6861
118
RH133-RHEL5u4 -en-7-20090928/12316b4f
Supplemental Media
119
RH133-RHEL5u4 -en-7-20090928/5ddea6b6
1110
RH133-RHEL5u4 -en-7-20090928/bc2f339f
Authentication Review
Authentication Review
1111
RH133-RHEL5u4 -en-7-20090928/f10e8921
End of Lecture 11
End of Lecture 11
Questions and Answers
Summary
Authentication is configured using system-configauthentication
User and authentication information are accessed via PAM and
NSS
Information can be stored locally or on a central server
Supported centralized mechanisms include NIS, LDAP and
Kerberos
RH133-RHEL5u4 -en-7-20090928/552a371csummary
Lecture 12
Lecture 12
Software RAID
RH133-RHEL5u4 -en-7-20090928/c4a86305title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Configure high-availability storage with RAID
Recover a degraded software RAID array
RH133-RHEL5u4 -en-7-20090928/c4a86305objectives
121
RH133-RHEL5u4 -en-7-20090928/febf917e
/mountpoint
ext3
defaults
1 2
122
RH133-RHEL5u4 -en-7-20090928/cf177c50
123
RH133-RHEL5u4 -en-7-20090928/b921501f
124
RH133-RHEL5u4 -en-7-20090928/c4a2635a
End of Lecture 12
End of Lecture 12
Questions and Answers
Summary
RAID coordinates multiple disks to work as one
Spare disks can be designated for auto-recovery in most RAID
levels
RAID devices are created and managed with mdadm
RH133-RHEL5u4 -en-7-20090928/c4a86305summary
Lecture 13
Lecture 13
RH133-RHEL5u4 -en-7-20090928/43bbab7etitle
Objectives
Objectives
Upon completion of this unit, you should be able to:
Use storage more efficiently with logical volumes
Back up logical volumes with minimal risk and
downtime
RH133-RHEL5u4 -en-7-20090928/43bbab7eobjectives
131
RH133-RHEL5u4 -en-7-20090928/d3fefa7b
LVM Tools
LVM Tools
system-config-lvm provides GUI control
System->Administration->Logical Volume Management
Physical View manages PVs in selected volume group
Logical View manages LVs in selected volume group
132
RH133-RHEL5u4 -en-7-20090928/3ba9f3d7
133
RH133-RHEL5u4 -en-7-20090928/e58489b4
134
RH133-RHEL5u4 -en-7-20090928/49b3eb2a
135
RH133-RHEL5u4 -en-7-20090928/cd4f1508
136
RH133-RHEL5u4 -en-7-20090928/b0d3cfac
2. Mount snapshot
# mkdir -p /mnt/datasnap
# mount -o ro /dev/vg0/datasnap /mnt/datasnap
3. Perform backup
4. Remove snapshot
# umount /mnt/datasnap
# lvremove /dev/vg0/datasnap
137
RH133-RHEL5u4 -en-7-20090928/76376063
End of Lecture 13
End of Lecture 13
Questions and Answers
Summary
LVM organizes space into logical groups independent of device
boundaries
LVM components can be managed with lvm or system-configlvm
LVM Snapshots allow backing up of read-only filesystems with
minimal downtime
RH133-RHEL5u4 -en-7-20090928/43bbab7esummary
Lecture 14
Lecture 14
RH133-RHEL5u4 -en-7-20090928/7005d523title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Define virtualization
Interactively install virtual machine
Create and utilize Kickstart files
Set up an anaconda server
RH133-RHEL5u4 -en-7-20090928/7005d523objectives
Xen Architecture
Hypervisor runs on hardware directly
Hypervisor boots privileged RHEL 5 domain (Dom0)
xend and other supporting services run in Dom0
User Domains (DomU) managed by Dom0
141
RH133-RHEL5u4 -en-7-20090928/d3606ba1
Preparing Domain-0
Preparing Domain-0
Ensure that hardware supports virtualization
Perform a normal installation of the machine
Ensure that kernel-xen, xen, and virt-manager are
installed
Select Virtualization component at install-time
Verify subscribed to RHN "RHEL Virtualization" channel, install
with yum
142
RH133-RHEL5u4 -en-7-20090928/6e8cd1be
143
RH133-RHEL5u4 -en-7-20090928/7b41fb0f
144
RH133-RHEL5u4 -en-7-20090928/8c700fc0
145
RH133-RHEL5u4 -en-7-20090928/86a85abc
Packages section
%packages selects packages and groups for installation
Dependencies are always resolved
Scripts section(s)
Optional section(s) to customize the system
%pre scripts are run before installation
%post scripts are run after installation
146
RH133-RHEL5u4 -en-7-20090928/878e019c
Installation Method:
cdrom
url --url url
nfs --server host --path directory
harddrive --partition=device --dir=/path/to/install_tree
Media Sets
Two available: Client and Server
May contain packages from additional layered products
key defines the Installation Number to access additional
content
147
RH133-RHEL5u4 -en-7-20090928/6c5dd313
Optional Directives
Network: network [options]
Security: firewall, selinux, services
Installer behavior: firstboot, poweroff|reboot, interactive,
text
148
RH133-RHEL5u4 -en-7-20090928/9dcd9a8f
149
RH133-RHEL5u4 -en-7-20090928/68e06ece
1410
RH133-RHEL5u4 -en-7-20090928/b29c2d23
1411
RH133-RHEL5u4 -en-7-20090928/de147035
End of Lecture 14
End of Lecture 14
Questions and Answers
Summary
Virtualization allows for more efficient use of hardware
resources
virt-manager provides GUI management of virtual machines
virsh and virt-install provide CLI management of virtual
machines
Kickstart files allow for automation of Red Hat Enterprise Linux
installation
Installation leaves a template kickstart in /root/anacondaks.cfg
system-config-kickstart can be used to create new kickstart
files
ksvalidator can be used to check kickstart file syntax
Network installation can be performed via HTTP, FTP, and NFS
RH133-RHEL5u4 -en-7-20090928/7005d523summary
Lecture 15
Lecture 15
RH133-RHEL5u4 -en-7-20090928/9e12a361title
Objectives
Objectives
Upon completion of this unit, you should be able to:
Develop a strategy for troubleshooting
Use the rescue environment
Access virtualized disks from Domain-0
RH133-RHEL5u4 -en-7-20090928/9e12a361objectives
151
RH133-RHEL5u4 -en-7-20090928/569b2e74
152
RH133-RHEL5u4 -en-7-20090928/b82d3507
/sbin/init
/etc/rc.d/rc.sysinit
Entering runlevel [0-6]
/etc/rc.d/rc, /etc/rc.d/rc[0-6].d/
/etc/rc.d/rc.local
Virtual Consoles
X Display Manager
153
RH133-RHEL5u4 -en-7-20090928/b66db28d
Recovery Runlevels
Recovery Runlevels
Pass runlevel to init
On boot from GRUB splash screen
kernel line
module line (Xen)
Runlevel 1
Process rc.sysinit and rc1.d scripts
Runlevel s, S, or single
Process only rc.sysinit
emergency
Run sulogin only
154
RH133-RHEL5u4 -en-7-20090928/d41a13ea
155
RH133-RHEL5u4 -en-7-20090928/ccb93c5a
Rescue Environment
Rescue Environment
Required when root filesystem is unavailable
Non-system specific
Boot from installer kernel/initrd
boot: linux rescue
156
RH133-RHEL5u4 -en-7-20090928/80d921ea
Networking Utilities
Miscellaneous Utilities
Logging:
/tmp/syslog
/tmp/anaconda.log
157
RH133-RHEL5u4 -en-7-20090928/89192dc9
Filesystem nodes
System-specific device files provided
mknod knows major/minor #'s
158
RH133-RHEL5u4 -en-7-20090928/234c0a01
End of Lecture 15
End of Lecture 15
Questions and Answers
Summary
Remember the order of events in the boot sequence:
BIOS
Grub
Kernel
/sbin/init (reading /etc/inittab)
/etc/rc.d/rc.sysinit
/etc/rc.d/rc runlevel
mingetty/prefdm
RH133-RHEL5u4 -en-7-20090928/9e12a361summary
Appendix A
Appendix A
RH133-RHEL5u4 -en-7-20090928/4d3c8f4dtitle
Restore a previously saved domain running state from a virsh save file.
Using virsh to monitor domains
Note that if you add any kernel arguments at boot time, and you soft reboot the machine (e.g., typing
reboot at the command line) the same kernel arguments will be used when the virtual machine boots.
The Ctrl-Alt-Del button