An LPI Level 1 Crash Course

by Jeff Dean
06/27/2001

1. Package Management Tools

   Most Linux distributions use some form of package management tool to handle the installation and removal of software. Software is distributed in "packages," which contain binary data, documentation, and other information. In addition, the management tools handle package dependencies: the reliance of one package on one or more other packages. For example, any dynamically linked program will be dependent upon the prior installation of required libraries. The two major package-management tools in popular use on Linux systems are:

   • Red Hat's Redhat Package Manager or rpm
   • Debian's APT suite or dpkg

   While you may only use one or the other in routine operations, it's a working knowledge of both that can go a long way toward your success on Exam 102.

   Check out Sample Chapter 4, Linux Installation and Package Management from my book for more details on dpkg and rpm.

2. Building a Custom Kernel and Modules

   To build a kernel, you need the compiler, assembler, linker, make, kernel source, and kernel headers. These are typical kernel compilation steps, done in /usr/src/linux:

   1. Make a configuration using make oldconfig (existing setup), make config (basic interactive text program), make menuconfig (interactive text menu program), or make xconfig (graphical program). Each method creates the .config file containing kernel options.
   2. Modify EXTRAVERSION in Makefile, if desired.
   3. Build dependencies using make dep.
   4. Clean old results with make clean.
   5. Create the kernel with make bzImage.
   6. Create modules with make modules.
   7. Install the modules with make modules_install.
   8. Copy the new image to /boot.
   9. Update /etc/lilo.conf for the new image.
   10. Update the boot loader by running the lilo command.

Related Reading LPI Linux Certification in a Nutshell Covers General Linux Exams 101 and 102 By Jeff Dean

3. The Command Line

   You should be comfortable working on the command line. Make sure you understand the command structure and how shell sessions work.

   • A shell provides the command prompt and interprets commands.
   • A shell variable holds a value that is accessible to shell programs.
   • PATH is a shell variable that contains a listing of directories that hold executable programs.
   • Commands must be bash built-ins, found in the PATH, or explicitly defined in order to succeed.
   • When shell variables are exported they become part of the environment.

   Entering Commands

   Commands are comprised of a valid command, with or without one or more options and arguments, followed by a carriage return. Interactive commands can include looping structures more often used in shell scripts.

   Shell sessions can be viewed as a conversation. History, expansion, and editing make that dialogue more productive. Commands can be reissued, modified, and edited. Command substitution allows the result of a command to be placed into a shell variable.

   Many commands contain a -r or a -R option for recursive execution through a directory hierarchy. The find command is inherently recursive and is intended to descend through directories looking for files with certain attributes or executing commands.

   In particular, check the man pages for the following programs (they modify or manipulate text from files and standard input):

   • cut: removes selected columns or fields from one or more files
   • expand: converts tabs to spaces in files
   • fmt: formats text in files to a specified width by filling lines and removing newline characters
   • head: prints the first few lines of files
   • join: prints a line for each pair of input lines, one each from file1 and file2, that have identical join fields
   • nl: numbers the lines of files, which are concatenated in the output
   • od: dumps files in octal, hexadecimal, ASCII, and other formats
   • paste: pastes together corresponding lines of one or more files into vertical columns
   • pr: converts a text file into a paginated, columnar version, with headers and page fills
   • split: splits infile into a specified number of line groups; the output will go into a succession of files of outfileaa, outfileab, and so on
   • tac: prints file to standard output in reverse line order
   • tail: prints the last few lines of one or more files
   • tr: translates characters by mapping from string1 to the corresponding character in string2
   • wc: prints count of characters, words, and lines for files
   • sed: a popular text-filtering program found on nearly every Unix system

4. Filesystem Management

   Filesystem creation is called formatting; it prepares a disk partition for use. Linux usually uses the native ext2 (second extended) filesystem.

   The Linux filesystem is arranged into a hierarchical structure anchored at the root directory, or /. Beneath this is a tree of directories and files.

   Identification information for a filesystem object is stored in its inode, which holds location, modification, and security information. Filesystems are created with a finite number of inodes.

   File- and Directory-Management Commands

   The following commands are essential for the management of files and directories. Check out their man pages:

   • cp: copies file1 to file2, or copy files to directory
   • mkdir: creates one or more directories
   • mv: moves or rename files and directories
   • rm: deletes one or more files from the filesystem; when used recursively (with the -r option), rm also removes directories
   • rmdir: deletes directories, which must be empty
   • touch: changes the access and/or modification times of files by default to the present time

   Disk Drives and Partitions

   IDE disks are known as /dev/hda, /dev/hdb, /dev/hdc, and /dev/hdd. SCSI disks are known as /dev/sda, /dev/sdb, /dev/sdc, and so on. There are three types of partitions:

   1. Primary: A filesystem container. At least one must exist, and up to four can exist on a single physical disk. They are identified with numbers 1 to 4, such as /dev/hda1, /dev/hda2, and so on.

   2. Extended: A variant of a primary partition but cannot contain a filesystem. Instead, it contains one or more logical partitions. Only one extended partition may exist, and it takes one of the four possible spots for primary partitions.

   3. Logical: Created within the extended partition. From 1 to 12 logical partitions may be created. They are numbered from 5 to 16, such as /dev/hda5, /dev/hda10, and so on. Up to 15 partitions with filesystems may exist on a single physical disk.

   The Root Filesystem and Mount Points

   The top of the filesystem tree is occupied by the root filesystem. Other filesystems are mounted under it, creating a unified filesystem. /etc, /lib, /bin, /sbin, and /dev must be part of the root filesystem. These commands are commonly used to repair and manage filesystems:

   • fdisk: manipulates or displays the partition table for device using a command-driven interactive text interface. Device is a physical disk such as /dev/hda, not a partition such as /dev/hda1.
   • mkfs: makes a filesystem on device.
   • mkswap: prepares a partition for use as swap space.

   Filesystem Integrity

   These commands are commonly used in day-to-day filesystem maintenance:

   • df: displays overall disk-utilization information for mounted filesystems on directories.
   • du: displays disk-utilization information for directories
   • fsck: checks filesystems for errors and optionally correct them

   Mounting and Unmounting

   /etc/fstab contains mount information for filesystems. Each line contains a single filesystem entry made up of six fields. See the fstab man page for details.

   The following commands are used to mount and unmount filesystems:

   • mount: mounts filesystems onto the hierarchy. The first and second forms consult /etc/fstab for additional information
   • umount: unmounts the filesystem on device or mounted on directory

   Filesystem Types

   Common filesystem types compatible with Linux include:

   • ext2: The standard Linux filesystem
   • iso9660: The standard CD-ROM format
   • msdos: The MS-DOS FAT filesystem
   • nfs: Remote servers
   • proc: A system abstraction for access to kernel parameters
   • swap: Swaps partitions
   • vfat: Virtual FAT, used instead of msdos, supports "long" filenames)

   File Permissions

   Access control is implemented using a set of properties called the access mode, stored in the inode. Three classes of user are defined:

   • User/Owner: The user that owns the file
   • Group: The group that owns the file
   • Other: All other users on the system

   Three permissions are either granted or not granted to each class of user:

   • Read: (r) Allows access to file contents and listing of directory contents
   • Write: (w) Allows writing a file or creating files in a directory
   • Execute: (x) Allows execution of a file and read/write files in a directory

   These comprise nine bits in the mode, User rwx, Group rwx, and Other rwx. Three additional mode bits are defined:

   • SUID: To grant processes the rights of an executable file's owner
   • SGID: To grant processes the rights of an executable file's group
   • Sticky bit: Prohibits file deletion by nonowners

   These 12 mode bits are often referred to in octal notation as well as with mnemonic constructs. Mode bits are displayed using such commands as ls and stat.

   Setting Access Modes

   New files receive initial access mode as described by the umask. The umask strips specified bits from the initial mode settings. Typical umasks are 002 and 022. Existing file modes are changed using chmod with either symbolic or octal mode specifications.

   Symbolic: [ugoa][-+=][rwxXst]

   Octal bits: user r, w, x, group r, w, x, other r, w, x

   rwxrwxrwx = 111111111 = 777
   rwxr-xr-- = 111101100 = 754
   

   • chmod: modifies the access mode on files using a symbolic or octal mode

   File Ownership

   Access modes are tied to file ownership. Files have both individual and group ownership. These commands modify ownership:

   • chown user-owner.group-owner files: change the owner and/or group of files to user-owner and/or group-owner

   • chgrp group-owner files: change the group ownership of files to group-owner. chgrp functionality is included in chown.

   Hard and Symbolic Links

   A link is a pseudonym for another file. Links take very little space in the filesystem. A symbolic link is a tiny file that contains a pointer to another file. Symbolic links can span filesystems. A hard link is a copy of a file's directory entry. Both directory entries point to the same inode and thus the same data, ownership, and permissions. ln has this syntax:

   • ln: creates link to file or in directory for all files. Symbolic links are created with the -s option)

   Disk Layout

   Keep / small by distributing larger parts of the directory tree to other file systems. Separate a small /boot partition below cylinder 1024 for kernels. Separate /var into its own partition to prevent runaway logs from filling /. Separate /tmp. Separate /usr if it is to be shared read-only among other systems via NFS. Set swap size to be about the size of main memory.

5. bash

   Wildcards (also called file globs) allow the specification of many files at once. Check the bash man page for wildcards.

   A central concept for Linux and Unix systems is that everything is a file. Many system devices are represented in the filesystem using a device file, such as /dev/ttyS0 for a serial port.

   Standard I/O

   The shell provides the standard I/O capability, offering three default file descriptors to running programs. Standard input (stdin) is a text input stream, by default attached to the keyboard. Standard output (stdout) is an output stream for normal program output. Standard error (stderr) is an additional output stream meant for error messages.

   It is possible to tie the output of one program to the input of another. This is known as a pipe and is created by joining commands using the pipe symbol, |. Pipes are a special form of redirection, which allows you to manage the origin of input streams and the destination of output streams. Redirection syntax for various shells differs slightly.

   A shell presents an interactive Textual User Interface, an operating environment, a facility for launching programs, and a programming language. Shells can generally be divided into those derived from the Bourne shell, sh (including bash), and the C-shells, such as tcsh. Shells are distinct from the kernel and run as user programs. Shells can be customized by manipulating variables. Shells use configuration files at startup. Shells pass environment variables to child processes, including other shells. bash is a descendant of sh.

   Shell Variables

   Shell variables are known only to the local shell and are not passed on to other processes. Environment variables are passed on to other processes. A shell variable is made into an environment variable when it is exported. This sets a shell variable:

   # PI=3.14
   

   This turns it into an environment variable:

   # export PI
   

   This definition does both at the same time:

   # export PI=3.14
   

   Shell aliases conveniently create new commands or modify existing commands:

   # alias more='less'
   

   Functions are defined for and called in scripts. This line creates a function named lsps:

   # lsps () { ls -l; ps; }
   

   Configuration Scripts

   The bash shell uses system-wide configuration scripts, such as /etc/profile and /etc/bashrc when it starts. Commands in /etc/profile are executed at login time. Commands in /etc/bashrc are executed for each invocation of bash. Changes to these system-wide files affect all users on the system.

6. Processes

   Understanding processes will help you do well on the LPI exams. You should have a good grasp of the process monitoring commands, job control, and process execution priorities.

   Process Monitoring Commands

   • ps: generates a one-time snapshot of the current processes on standard output
   • pstree: displays a hierarchical list of processes in a tree format)
   • top: generates a continuous, formatted, real-time process activity display on a terminal or in a terminal window)
   • kill: sends sigspec to pids

   Job Control

   Shells can run processes in the background, where they execute on their own, or in the foreground, attached to a terminal. Each process handled in this way is known as a job. Jobs are manipulated using job control commands:

   • bg [jobspec]: places jobspec in the background as if it had been started with &
   • fg [jobspec]: places jobspec in the foreground, making it the current job
   • jobs [jobspecs]: lists jobspecs on standard output

   Execution Priority

   A process's execution priority is managed by the kernel. You can bias the execution priority by specifying a nice number in the range of -20 to +19 (default is 0). Positive nice numbers reduce priority; negative nice numbers increase priority and are reserved for the superuser.

   • nice -adjustment [command]: applies nice number adjustment to the process created to run command

   • renice [+|-]nicenumber targets: alters the nicenumber, and thus the scheduling priority, of one or more running target processes

7. Regular Expressions

   Regular expressions are used to match text. The term is used to describe the loosely defined text-matching language as well as the patterns themselves. A regular expression is often called a regex or a regexp. Regular expressions are made up of metacharacters (with special meaning) and literals (everything that is not a metacharacter).

   Position Anchors

   These operators match line position:

   • ^: Match the beginning of a line
   • $: Match the end of a line

   Character Sets

   Match any single character from among listed characters or from among the characters comprising a range:

   • [abc]
   • [a-z]

   Match any single character not among listed characters or ranges:

   • [^abc]
   • [^a-z]

   Match words bounded by whitespace:

   • \<word\>

   Match any single character except a newline:

   • . (A single period, or dot)

   Turn off (escape) the special meaning of a metacharacter that follows:

   • \

   Modifiers

   • *: Match zero or more of the character that precedes it
   • ?: Match zero or one instance of the preceding regex
   • +: Match one or more instances of the preceding regex
   • \{n,m\}: Match a range of occurrences of the single character or regex that precedes this construct
   • |: Match the character or expression to the left or right of the vertical bar

8. Finding Things

   The Filesystem Hierarchy Standard (FHS) is used by Linux distributions to standardize filesystem layout. It defines two categories of data use, each with opposing subtypes:

   • Data sharing: Sharable data can be used by multiple host systems on a network. Non- sharable data is unique to one particular host system.

   • Data modification: Variable data is changed continually by naturally occurring (i.e., frequent) processes. Static data is left alone, remaining unchanged over extended periods of time.

   Various methods can be used to locate files in the file system:

   • which: Determine the location of command and display the full pathname of the executable program that the shell would launch to execute it.

   • find: Search for files that match expression starting at paths and continuing recursively

   • locate: Locate files whose names match one or more patterns by searching an index of files previously created

   • updatedb: Refresh (or create) the slocate database, usually via cron

   • whatis: Search the whatis database for keywords, finds only exact matches

   • apropos: Search the whatis database for keywords, finds partial word matches

9. Booting and Running

   Booting up and running Linux will be covered in the LPI exams. You should be familiar with LILO, kernel parameters and module configuration, and the different runlevels.

   LILO, the Linux Loader

   LILO is a utility designed to load a Linux kernel (or another operating system) into memory and launch it. It has two parts. The boot loader is a two-stage program intended to find and load a kernel. The first stage resides in the disk boot sector and is started by the system BIOS. It locates and launches a second, larger stage residing elsewhere on disk.

   The lilo command, also called The map installer, is used to install and configure the LILO boot loader. It reads /etc/lilo.conf and writes a corresponding map file.

   The /etc/lilo.conf file contains options and kernel image information. Popular directives are:

   • boot: The name of the hard disk partition that contains the boot sector
   • image: Refers to a specific kernel file
   • install: The file installed as the new boot sector
   • label: Provides a label, or name, for each image
   • map: Directory where the map file is located
   • prompt: Prompt the user for input (such as kernel parameters or runlevels) before booting and without a keystroke from the user
   • read-only: The root filesystem should initially be mounted read-only
   • root: Used following each image, specifies the device that should be mounted as root
   • timeout: The amount of time, in tenths of a second, the system waits for user input

   Kernel Parameters and Module Configuration

   LILO can pass kernel parameters using name=value pairs. Linux kernels are modular, with portions of kernel functionality compiled as modules to be used as needed. Parameters to modules can be specified in /etc/conf.modules.

   The kernel gives detailed status information as it boots. This information can also be found in system logs such as /var/log/messages and from the dmesg command.

   Runlevels

   Runlevels specify how a system is used by controlling which services are running. Runlevels are numbered 0 through 6, as well as with a few single characters. Runlevel 0 implies system shutdown. Runlevel 6 implies system reboot. The intermediate runlevels differ in meaning among distributions. Runlevel 1 (also s or S) is usually single-user (maintenance) mode. Runlevels 2 through 5 usually define some kind of multiuser state, including an X login screen.

   Runlevel 1 is a bare-bones operating environment intended for maintenance. Remote logins are disabled, networking is disabled, and most daemons are shut down. Single-user mode can be entered with the single or simply 1 parameter at the LILO prompt. Switching to single-user mode is done using init 1.

   The /etc/rc.d file contains initialization scripts and links controlling the boot process for many Linux distributions. rc.sysinit is the startup script launched by init at boot time. rc.local is a script for local startup customizations, started automatically after the system is running. The rc script is used to change runlevels. Directory init.d contains scripts to start and stop system services. Directories rc0.d through rc6.d hold links to scripts in init.d. These links are named:

   [K|S][nn][init.d_name]
   

   K and S prefixes mean kill and start, respectively. nn is a sequence number controlling startup or shutdown order. init.d_name is the name of the script being linked.

   The default runlevel is located in /etc/inittab on the line containing initdefault:

   id:n:initdefault:
   

   n is a valid runlevel number such as 3. Runlevel is determined by the runlevel command, which displays the previous and current runlevels. An N for previous runlevel indicates that the runlevel has not changed since startup. Runlevels can be changed using init n to change to runlevel n.

   System shutdown can also be initiated using the shutdown command to bring the system down in a secure, organized fashion. Time is mandatory, in the form of hh:mm, now, or +n for n minutes.

10. Users

    User account information is stored in /etc/passwd. Each line in /etc/passwd contains a username, password, UID, GID, user's name, home directory, and default shell. Group information is stored in /etc/group. Each line in /etc/group contains a group name, group password, GID, and group member list. passwd and group are world-readable.

    Shadow Files

    To prevent users from obtaining encrypted passwords from passwd and group shadow files are implemented. Encrypted passwords are moved to a new file, which is readable only by root. The shadow file for /etc/passwd is /etc/shadow. The shadow file for /etc/group is /etc/gshadow.

    The following commands are commonly used for manual user and group management:

    • useradd: Create the account user
    • usermod: Modify the user account
    • userdel: Delete the user account
    • groupadd: Add group
    • groupmod: Modify the parameters of group
    • groupdel: Delete group
    • passwd: Interactively set the password for username
    • gpasswd: Interactively set the password for groupname
    • pwconv: Convert a standard password file to a shadow configuration
    • pwunconv: Revert from a shadow password configuration
    • grpconv: Convert a standard group file to a shadow configuration
    • grpunconv: Revert from a shadow group configuration
    • chage: Modify password aging and expiration settings for user
    
    

11. System Administration

    Syslog displays and records messages describing system events. Messages can be placed on the console, in log files, and on the text screens of users. Syslog is configured by /etc/syslog.conf in the form facility.level action:

    • facility: The creator of the message, selected from among auth, authpriv, cron, daemon, kern, lpr, mail, mark, news, syslog, user, or local0 through local7

    • level: Specifies a severity threshold beyond which messages are logged and is one of (from lowest to highest severity) debug, info, notice, warning, err, crit, alert, or emerg. The special level none will disable a facility

    • action: The destination for messages that correspond to a given selector. It can be a filename, @hostname, a comma-separated list of users, or an asterisk, meaning all logged-in users. Together, facility.level comprise the message selector

    Most syslog messages go to /var/log/messages.

    Most system log files are rotated to expire old information and prevent disks from filling. logrotate accomplishes log rotation and is configured using /etc/logrotate.conf.

    Files in /var/log (such as messages) and elsewhere can be examined using utilities such as tail, less, and grep. Information in syslog log files includes date, time, origin hostname, message sender, and descriptive text. To debug problems using log file information, first look at the hostname and sender, then at the message text.

    Automate

    Both cron and at can be used to schedule jobs in the future. Scheduled jobs can be any executable program or script.

    The cron facility consists of crond, the cron daemon, and crontab files containing job-scheduling information. cron is intended for the execution of commands on a periodic basis. crond examines all crontab files every minute. Each system user has access to cron through a personal crontab file. The crontab command allows the crontab file to be edited and viewed. View, or with -e, edit crontab files.

    Entries in the crontab file are in the form of:

    minute  hour  day  month  dayofweek  command
    

    Asterisks in any of the time fields match all possible values.

    In addition to personal crontab files, the system has its own crontab files: /etc/crontab and files in /etc/cron.d.

    The at facility is for setting up one-time future command execution. The at command enters an interactive session, where commands may be entered. Time is of the form hh:mm, midnight, noon, and so on.

    Access to cron can be controlled using lists of users in cron.allow and cron.deny. Access to at can be controlled using lists of users in at.allow and at.deny.

12. Compiling

    Software often comes in a tarball, a compressed tar archive file. Larger source code packages include a configure script to verify that everything is in order to compile the software. make is then used to build the software. make is also often used to install the software into directories such as /usr/local/bin.

    Shared Libraries

    System libraries provide many of the functions required by a program. A program that contains executable code from libraries is statically linked, because it stands alone and contains all necessary code to execute. Since static linking leads to larger executable files and more resource consumption, system libraries can be shared among many executing programs at the same time. A program that contains references to external, shared libraries is dynamically linked at runtime by the dynamic linker, ld.so.

    New locations for shared libraries can be added to the LD_LIBRARY_PATH variable. As an alternative, the locations can be added to /etc/ld.so.conf, which lists library file directories. This file is translated into the binary index /etc/ld.so.cache using ldconfig.

    Kernel Modules

    The Linux kernel is modular, and device driver software is inserted into the running kernel as needed. Module files are objects, stored under /lib/modules. Kernel modules can be managed using:

    • lsmod: List modules
    • insmod: Insert a module into the kernel
    • rmmod: Remove a module from the kernel
    • modinfo: Get information about a module
    • modprobe: Insert modules along with their prerequisites

    Modules are configured in /etc/conf.modules or /etc/modules.conf. modprobe determines module dependencies using a file called modules.dep. This file is usually created at boot time using depmod.

13. The X GUI

    X is a client-server GUI system. XFree86 is the X implementation used for Linux. An X server is software or hardware that renders graphical output on a display device. An X client is software whose output is displayed by an X server and is usually managed by a window manager. An X window manager is a client that applies frames and controls to other client windows.

    XFree86 configuration depends on the software version, the video chipset in use, and the monitor's capabilities. XFree86 can be installed from Linux distribution packages (.rpm, .deb), precompiled binaries, or compiled from source. Configuration of XFree86 is done in the XF86Config file. XF86Config contains sections that define input devices, monitors, graphics modes, and so on. XF86Config files differ between XFree86 Versions 3.x and 4.x.

    The X server uses X fonts to satisfy font requests from X clients. Fonts are enumerated either through a static list presented in /etc/X11/XF86Config or through a font server such as xfs. xfs is configured using its configuration file, /etc/X11/fs/config.

    X resource settings in the .Xresources file control client program parameters. For example, this line defines a black background for an xterm:

    xterm*background: Black
    

    xdm, the X Display Manager, handles X sessions on physical displays both locally and across the network. xdm handles authentication and is configured by a series of files in /etc/X11/xdm. xdm is typically started automatically in runlevel 5 by making the appropriate settings in /etc/inittab. xdm may be personalized by changing the resources in /etc/X11/xdm/Xresources.

    Command-line options for the X server can be added to the /etc/X11/xdm/Xservers file.

    An X server doesn't supply a working user environment. Starting X usually involves launching not only the X server but also a window manager and other clients. A default window manager, such as the basic twm, is started by a combination of the startx script and xinit. xinit also calls scripts that include a window manager and default clients. Default system X configuration can be overridden by files in the user's home directory.

    Window Managers

    Each window manager and desktop environment has its own style of configuration. twm uses .twmrc in the user's home directory. If that file doesn't exist, it uses the systemwide /etc/X11/twm/system.twmrc. Window manager configuration files can contain font and color selections, bindings between actions (such as mouse clicks) and responses, and menu definitions.

    A terminal emulator is a program that offers a command-line interface in a GUI window. xterm is the standard terminal emulator; there are many others. xterm can be configured in /usr/lib/X11/app-defaults/XTerm.

    X applications are dependent upon shared X libraries. Various graphical toolkits such as GTK or Qt can be used to develop X client applications. Software that depends on a particular library will not run unless that library is installed. You can determine which libraries an executable requires with ldd.

    X clients can be displayed on remote X servers. The DISPLAY environment variable is used to indicate the destination for X client displays. DISPLAY has the format [host]:display[.screen] where host is a remote hostname or IP address, display is the display target (starting with 0), and screen is the screen to use on multiheaded displays. DISPLAY must be exported.

14. Networking Services

    inetd is the Internet super daemon; it listens on multiple inbound ports and launches the appropriate child daemon to service the requests. inetd uses TCP Wrappers (tcpd) to add access security to services. inetd is configured in /etc/inetd.conf. You can eliminate an inbound service managed by inetd simply by commenting out its declaration in /etc/inetd.conf and restarting or signaling inetd. TCP Wrappers allow the administrator to define access rules for hosts. The configuration files are /etc/hosts.allow and /etc/hosts.deny.

    sendmail

    sendmail is a Mail Transfer Agent (MTA). sendmail is configured in /etc/sendmail.cf. This file is generally regarded as difficult to configure. The smart host parameter is used to configure a local sendmail daemon to transfer mail to a site's official mail system. /etc/aliases is a file that stores aliases for inbound mail addresses; it can redirect mail to one or more users. Whenever /etc/aliases is modified, newaliases must be executed. Each user can forward her own mail using a .forward file, containing the forwarding email address, in her home directory. Outbound mail that is trapped due to a network or other problem will remain queued; it can be examined using the mailq command.

    Apache

    The Apache Web server is configured using httpd.conf, srm.conf, and access.conf. On some installations, these may all be combined into httpd.conf. The configuration files contain configuration directives, one per line, consisting of a keyword and an argument list. For example:

    DocumentRoot /home/httpd/html
    

    sets the root directory for HTML files on the system. Apache is typically started at boot time using the system's startup methods.

    NFS

    Traditional Unix file-sharing is done with NFS, originally developed by Sun Microsystems. NFS is a client-server package, and any system can hold both roles simultaneously. Exporting (sharing) a local filesystem with NFS is done by including a line in the /etc/exports file, consisting of a directory and list of allowed systems, along with NFS options. For example:

    /usr    (ro) orion.mydomain.com(rw)
    /home   *.mydomain.com(rw)
    

    Remote NFS filesystems are mounted using the mount command:

    # mount -t nfs server1:/home /mnt/server1 

    NFS is typically started at boot time using the system's startup methods.

    Samba

    The Samba suite implements Server Message Block (SMB) protocols used on Microsoft and IBM LANs. smbd handles file and printer sharing and authentication. nmbd implements the WINS service. Samba is configured in /etc/smb.conf. The file consists of sections, each with a series of keyword = value pairs. Samba 2.0 and later comes with a Web-based configuration tool called SWAT; it is usually configured to be monitored by inetd.

    Basic DNS

    DNS is the distributed database of name-to-IP-address translations. The resolver is a library used by networked applications when a domain name needs to be translated into an IP address. The resolver uses local files, NIS, and DNS to resolve hostnames as directed by /etc/resolv.conf. Domain names are assigned through a registration process with one of the domain name registrars on the Internet. The DNS server daemon is named, part of the BIND package. named can be configured to speed up a local system by acting as a non-authoritative caching-only name server. named is configured using /etc/named.conf.

    The nslookup, host, and dig utilities can be used to retrieve information from DNS servers.

    BIND Version 4 and Version 8 have significantly different configuration file formats, although the information contained in the files is similar.

15. Security

    Configuring TCP wrappers (tcpd) using /etc/hosts.allow and /etc/hosts.deny can enhance security for daemons controlled by inetd. tcpd is often configured to deny access to all systems for all services (a blanket deny), then specific systems are specified for legitimate access to services (limited allow). tcpd logs using syslog, commonly go to /var/log/secure.

    Finding Executable SUID Files

    find can perform searches for file attributes such as SUID using the -perm option.

    Verifying Packages

    RPM packages are verified using the Verify mode, enabled using the -V (capital) option. The output for each package contains a string of eight characters that are set to dots when the attribute has not changed. The columns represent each of eight different attributes: MD5 checksum, file size, symlink attributes, the file's mtime, device file change, user/owner change, group change, and mode change.

---

Jeffrey Dean is a freelance author, editor, and consultant in Philadelphia, Pennsylvania. He has professional experience in IT management, training delivery, and system administration of Linux, Solaris, VMS, AS/400, and Windows NT/2000. Jeffrey holds an undergraduate degree in electrical engineering from the University of Pittsburgh and a master's in engineering with emphasis in computer design from Penn State. He holds Linux Professional Institute Level 1 (LPIC-1) and Red Hat Certified Engineer (RHCE) certifications.

---

O'Reilly & Associates recently released (May 2001) LPI Linux Certification in a Nutshell.

• Sample Chapter 4, Linux Installation and Package Management, is available free online.

• You can also look at the Table of Contents, the Index, and the Full Description of the book.

• For more information, or to order the book, click here.