Upload
d357390
View
235
Download
0
Embed Size (px)
Citation preview
8/12/2019 RHEL Advanced Training
1/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 1
Redhat Enterprise Linux 5Advanced Sys Admin
Vinodh Kombissan (RHCE)
Lead Consultant Sys Mgmt
February 01, 2010
redhat
8/12/2019 RHEL Advanced Training
2/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 2
Schedule
Day 1
Welcome
Pre-Quiz
Linux Basics - Summary
Package Management (RPM/YUM)
LAB - Activity
Day 2
Boot Sequence
GRUB Kernel/Initrd
Advanced File Permission
Disk Quota / ACL
LAB - Activity
Day 3
RAID
LVM
DHCP Master/Client
LAB - Activity
Day 4
NFS Master/Client
NIS Master/Client
HTTP Server
Mail Server (POP3/IMAPS)
Squid Proxy
LAB - ActivityDay 5
Kickstart Server
LABActivity
Post Quiz
8/12/2019 RHEL Advanced Training
3/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 3
Introduction
Name Short ID
Role
Responsibility
Experience
Area of interest
Any previous experience in any UNIX flavors Current rating on Linux knowledge (1-10)
Expectations from the program?
8/12/2019 RHEL Advanced Training
4/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 4
Ground Rules
In order to ensure the productivity of our training, we will need to be.
Pagers and mobile phones off
Full participation
Be Interactive but only one speaker at a time
Respect the views of others
Silence indicates agreement
Punctual
Keep to the break times agreed
8/12/2019 RHEL Advanced Training
5/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 5
Pre Quiz
Write your Name and Employee ID without fail.
20 questions, multiple choices in 30 minutes
Use the pre-quiz columns for writing your answers
Do not discuss
A question can have more than one correct answer, but choose the
best one.
Please encircle your guessed answers to find how good you are at
guessing
Chocolates will be distributed for:
1. Pre-quiz highest scorer
2. Post-quiz highest scorer
3. One with maximum difference
8/12/2019 RHEL Advanced Training
6/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 6
Course Objective
Minimize time and resources spent managing systems.
Maximize productivity, reliability, and performance.
Provide remote system management solutions. Trainees ready for RHCE certification
Pre-requisite: RHEL Basics training or equivalent (RH-033) or (RH-133)
VI editor knowledge
http://www.redhat.com/8/12/2019 RHEL Advanced Training
7/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 7
Role of Administrator
Pre-installation planning of:
User accounts/groupsStorage allocation/paging space
Subsystem (printing, networks...)
Standard naming conventions
Determine system policies
Install and configure hardware
Configure the software
Configure the network
System backup
Create/manage user accounts
Define and manage subsystems
Manage system resources (for example, disk space) Performance monitoring
Capacity planning
Managing licenses for products
Document system configuration and keep it current
8/12/2019 RHEL Advanced Training
8/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 8
Package Management (RPM)
The RPM Package Manager (RPM) is an open packaging system, which
runs on Red Hat Enterprise Linux as well as other Linux and UNIX systems.
RPM has five basic modes of operation installing,
uninstalling,
upgrading, querying
Verifying
RPM database is maintained in /var/lib/rpm
RPM Packages are available at The Red Hat Enterprise Linux CD-ROMs
Red Hat Network
RPM package naming conventionpackagename-version-release.arch.rpm
xinetd-2.3.14-10.el5.rpm
8/12/2019 RHEL Advanced Training
9/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 9
Single letter Fullword
-q --query
-i --install
-V --verify
-U --upgrade
-e --erase
-v --verbose
-h --hash
-l --list
-f --find
-K --checksig--import
--force
--replacepkgs
-R --requires
Description
Query rpm database for installed rpm
install a rpm package
Verify Installed rpm packages consistency
Upgrade a rpm version
remove a rpm package
verbose output
Shows progress % in hashes
lists files created by package
find the package name of missing file
Verify package genuinityImport rpm checksum keys
force re-install
force re-install
Shows dependency
RPM command options
8/12/2019 RHEL Advanced Training
10/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 10
RPM - Verification
Installed package file verification# rpmV package
# rpmVp rpmfile
# rpm
Va
Signature verification BEFORE package
install# rpmimport /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
# rpmK package.rpm
8/12/2019 RHEL Advanced Training
11/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 11
YUM Yellowdog Updater Modified
repofile
(Path to repo directory)
repo directory
(RPM package repository )
2 1
repo file is to be created in local machine under/etc/yum.repos.d with
.repo extension
repo directory could be on local machine or on a remote server
Sample repo file
# cat /etc/yum.repos.d/myrepo.repo
[myrepo]name=Server1 repository
baseurl=ftp://server1/pub/server
enabled=1
gpgcheck=0
8/12/2019 RHEL Advanced Training
12/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 12
YUM command options
# yum clean all clean yum cache# yum list list package information from repo
# yum install install package with dependency
# yum provides list files created by package
# yum whatprovides find the package name of given file
# yum remove uninstall package# yum update updates an installed package
Creating a yum repo directoryCreate a repo directory # mkdir /myrepo
Copy the rpm packages # cp *.rpm /myrepo
Install createrepo package # rpm ivh createrepo*.rpm
Run createrepo command # createrepov /myrepo
Create a repo file # vi /etc/yum.repos.d/myrepo.repo
Clean yum cache # yum clean all
Create new yum cache # yum list
8/12/2019 RHEL Advanced Training
13/65
8/12/2019 RHEL Advanced Training
14/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 14
BIOS
POST
Select boot device
Master Boot Record (512 bytes)
GRUB (446 bytes) Partition Table (66 bytes)
kernel initrd
Detect hardware and install driver modules
Mount root filesystem as Read-Only
Start init process (PID 1) read /etc/inittab
Gotoinitdefault runlevelRun rc.sysinit script
Run rc?.d/* script
Run rc.local script
Start Virtual consoles
Start X11
Create device files (udev)
Enable SELinux
Enable SWAP and set hostname, IP address
Mount root as Read-Write read /etc/fstab
Start RAID or LVM & mount other filesystem
Enable quota
Set Kernel parameters (/etc/sysctl.conf)
Boot Sequence
http://upload.wikimedia.org/wikipedia/commons/d/d0/Compact_disc.svg8/12/2019 RHEL Advanced Training
15/65Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 15
Boot Loader Components Boot Loader
1st Stage - small, resides in MBR or boot sector2nd Stage - loaded from boot partition
Minimum specifications for Linux:
Label, kernel location, OS root filesystem and location of theinitial ramdisk (initrd)
GRUB the GRand Unified Bootloader Command-line interface available at boot prompt
Boot from ext2/ext3, ReiserFS, JFS, FAT, minix, or FFS file systems
Configurtion file is/boot/grub/grub.conf
Changes to grub.conf take effect immediately
If MBR on /dev/hda is corrupted, reinstall the first stage bootloaderwith:
# /sbin/grub-install
8/12/2019 RHEL Advanced Training
16/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 16
Boot Loader (GRUB)Sample/etc/grub/grub.conf
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/hda2
# initrd /initrd-version.img
#boot=/dev/hda
default=1
timeout=10
splashimage=(hd0,0)/grub/splash.xpm.gz
title Red Hat Enterprise Linux (2.6.9-5.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-5.EL ro root=LABEL=/
initrd /initrd-2.6.9-5.EL.img
title Red Hat Enterprise Linux (2.6.9-1.906_EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-1.906_EL ro root=LABEL=/
initrd /initrd-2.6.9-1.906_EL.img
8/12/2019 RHEL Advanced Training
17/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 17
Initial RAM Disk Image
The initial RAM disk allows a modular kernel to have access to
modules that it might need to boot from before the kernel has
access to the device where the modules normally reside.
The initial RAM disk image is placed under /boot filesystem as
initrd-.img
To Create a new initrd image with an updated SCSI driver# cp p /boot/initrd-.img /boot/initrd-.img.old
# mkinitrd --with=
Eg:# mkinitrd initrd_new.img $(uname r) with=SCSI
8/12/2019 RHEL Advanced Training
18/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 18
RHEL Kernel Manage major activity in linux environment
Detects hardware
Loads respective modules
Process scheduling
Memory management
Security and permission management Modify system performance by changing kernel parameters
(/etc/sysctl.conf)
To know the kernel Version
# unamer
To list all kernel modules
# lsmod
To add or remove hernel modules
# modprobe
8/12/2019 RHEL Advanced Training
19/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 19
RHEL Kernel
Red Hat Enterprise Linux contains the following kernel packages
kernel Contains the kernel for multi-processor systems. For x86 system,
only the first 4GB of RAM is used. As such, x86 systems with over 4GB of
RAM should use the kernel-PAE.
kernel-PAE (only for i686 systems) This package offers the following keyconfiguration options Support for over 4GB of RAM (up to 16GB for the x86)
PAE (Physical Address Extension) or 3-level paging on x86 processors that support PAE
4GB/4GB split: 4GB of virtual address space for the kernel and almost 4GB for each user
process on x86 systems
kernel-xen Includes a version of the Linux kernel which is needed to runVirtualization.
8/12/2019 RHEL Advanced Training
20/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 20
Boot Process Kernel boot time functions
Device detection
Device driver initializationMounts root file system read only
Loads initial process (init)
init reads its configuration file /etc/inittab and start other processes as configured.
Run Levelsinit defines run levels 0-6, S, emergencyThe run level is selected by either
the default in /etc/inittab at boot passing an argument from the boot loader using the command init
To check current and previous run levels
runlevelDefault run level is specifies in/etc/inittabid:3:initdefault
Run level defines which services to startEach run level has a corresponding directory:
/etc/rc.d/rcX.dThe System V init scripts reside in:
/etc/rc.d/init.d
8/12/2019 RHEL Advanced Training
21/65
8/12/2019 RHEL Advanced Training
22/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 22
System Startup and Shutdown
inittab
The inittab file describes which processes are started at bootup and during normal
operation. An entry in the inittab file has the following format:
id:runlevels:action:process
8/12/2019 RHEL Advanced Training
23/65
8/12/2019 RHEL Advanced Training
24/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 24
Who Has Access to a File/Directory?
The UNIX system incorporates a three-tier structure to define who has access
to each file and directory:
user The owner of the filegroup A group that may have access to the file
other Everyone else
The ls -l command displays the owner and group who has access to the file.
$ ls -l-rw-r--r-- 1 user3 class 37 Jul 24 11:06 f1-rwxr-xr-x 1 user3 class 37 Jul 24 11:08 f2drwxr-xr-x 2 user3 class 1024 Jul 24 12:03 memo
| |
owner group
8/12/2019 RHEL Advanced Training
25/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 25
File permissions
Types of usersOwner, Group, Others
Types of file permissions
(-) no permission
(r) read permission - ( 4 ) (w) write permission - (2)
(x) execute permission - (1)
First character shows file types
(-) ordinary file
(d) directory ( l) symbolic/soft link
( c ) character device file
( b ) block device file
( p ) named pipe
8/12/2019 RHEL Advanced Training
26/65
8/12/2019 RHEL Advanced Training
27/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 27
Security & User Administration
Security Concepts
User Accounts
Each user has a unique name, numeric ID and password
File ownership is determined by a numeric ID
The owner is usually the user who created the file, but ownership can be transferred
by root
Default users:
root Super user adm,sys,bin, IDs that own system files but cannot be used for login
Groups
A group is a set of users, all of whom need access to a given set of files
Every user is a member of atleast one group and can be a member of several groupsThe user has access to files in their groupset. To list the groupset use groups
The users primary group is used for file ownership on creation. To change the
primary group use the newgrp
Default groups:
System administrators
Staff ordinary users
8/12/2019 RHEL Advanced Training
28/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 28
Security & User Administration
Reading Permissions
Changing Permissions
8/12/2019 RHEL Advanced Training
29/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 29
ACLAccess Control List
To set ACL permissions the filesystem has to be mounted with ACL settings
# mount o remount,acl
To get ACL information of file
# getfacl # file: filename
# owner: john
# group: john
user::rw-
group::r
other::r
To Set ACL permission for a file for user student
# setfacl m u:student:rw
To remove ACL permission
# setfacl x u:student
8/12/2019 RHEL Advanced Training
30/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 30
Disk Quota
Restrictions
By size in bytes
By number of files
Disk quota is used to limit the users from
over using the given space and burden the
filesystem
8/12/2019 RHEL Advanced Training
31/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 31
Disk Quota
Step 1: To Set quota the filesystem should be mounted with usrquota option
# mount o remount,usrquota
Step 2: Create quota database
# quotacheck c
Step 3: enable quota
# quotaon
Step 4: Setquota for users
# setquota u 600 900 0 0
Step 5: Check quota using quota or repquota command
# repquota a (or)
# quota
8/12/2019 RHEL Advanced Training
32/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 32
RAID Redundant Array of Independent Disks
Different RAID Levels
RAID 0
RAID 1
RAID 3
RAID 5
RAID 10
RAID 01
RAID 0
8/12/2019 RHEL Advanced Training
33/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 33
RAID 0
A RAID 0 (also known as a stripe set or striped
volume) splits data evenly across two or more
disks (striped) with no parity information forredundancy.
+ More data storage space
+ Good write performance
- Low read performance- No redundancy
RAID 1
http://upload.wikimedia.org/wikipedia/commons/9/9b/RAID_0.svg8/12/2019 RHEL Advanced Training
34/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 34
RAID 1
A RAID 1 creates an exact copy (or mirror) of a
set of data on two or more disks. This is useful
when read performance or reliability are moreimportant than data storage capacity.
- Less data storage space
- Low write performance
+ High read performance+ High redundancy
RAID 3
http://upload.wikimedia.org/wikipedia/commons/b/b7/RAID_1.svg8/12/2019 RHEL Advanced Training
35/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 35
RAID 3
A RAID 3 uses byte-level striping with adedicated parity disk.
+ ~ increased data storage space
+ ~ increased write performance
+ ~ increased read performance
+ ~ increased redundancy
- One disk is heavily loaded with
Parity
RAID 5
8/12/2019 RHEL Advanced Training
36/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 36
RAID 5
A RAID 5 uses byte-level striping with arotating parity .
+ ~ increased data storage space
+ ~ increased write performance
+ ~ increased read performance
+ ~ increased redundancy+ All disks is loaded with Parity
http://upload.wikimedia.org/wikipedia/commons/6/64/RAID_5.svg8/12/2019 RHEL Advanced Training
37/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 37
RAID commands
Create Partitions using fdisk utility
Change the partition type to fdAutomated RAID Array
Create RAID devices
# mdadmC /dev/md0 -level 1 n 2 /dev/had{5,6}
Check RAID detail
# mdadm --detail /dev/md0
To verify by failing a drive
# mdadmfail /dev/hda6
To remove a RAID device
# mdadmremove /dev/hda6
8/12/2019 RHEL Advanced Training
38/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 38
LVM useful facts: A disk must be first initialized into a physical volume
One or more Physical Volume pools to form a Volume group
One PV can be part of One VG only
A volume group may contain one to 255 physical volumes
Disk space from the Volume group is allocated into logical volumes, A volume group
can contain 255 logical volumes.
A logical volume can exists on one disk or can reside on portions of many disks.
The disk space within a logical volume can be used for swap, dump, raw data, or can
create a filesystem on it.
LVM divides physical disk into addressable units called physical extents. Default PE
size is 4 MB, can be varied from 1MB to 256MB
The basic allocation unit for logical volume is called logical extents, the size of logical
extent will be the same as physical extent size.
8/12/2019 RHEL Advanced Training
39/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 39
LVM Disk Partitioning
logical volume 1
logicalvolume 3
logical volume 2
logical volume 2
logicalvolume 1
logical
volume 3
Physical
Volume 2PhysicalVolume 1
Physical
Volume 3Volume
Group 01
Volume
Group 00
8/12/2019 RHEL Advanced Training
40/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 40
LVM Device Files
/dev
hda
hdb
vg01
lvol1
lvol2
block
pv
device
files
block lv
device files
8/12/2019 RHEL Advanced Training
41/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 41
LVM Extents
LEs for lvol1
LE0
LE1
LE2
LE3
LEs for lvol2
LE0
LE1
LE2
LE3
PEs for c0tld0
PE0
PE1
PE2
PE3
PE4
PE5
PE6
PE7
PE8
PE9
8/12/2019 RHEL Advanced Training
42/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 42
LVM Data structure:
LVM Data Structure contains:
PVRA (Physical Volume Reserve Area)
Created by pvcreate command and contains physical volume information
VGRA (Volume Group Reserve Area)
Created by the vgcreate command and contains the volume group status area (VGSA) and
volume group descriptor area (VGDA), which contains device driver information used for the vg.
BBRA (Bad Block Relocation Area )
An area at the end of the disk used by LVM whenever a physical defect is seen on the phys
volume. This area is created by the pvcreate command
8/12/2019 RHEL Advanced Training
43/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 43
Creating Physical Volumes
PVRA/VGRA
BBRA
PVRA/VGRA
BBRA
/dev/hda /dev/hdb
pvcreate /dev/hdapvcreate /dev/hdb
A disk managed by LVM is known as a physical volume. Several special datastructures must be created on a disk before it can be used by LVM. Once
these data structures have been created, the disk is considered to be a
physical volume, and may be added to a volume group.
8/12/2019 RHEL Advanced Training
44/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 44
Creating Volume Groups
PVRA/VGRA PVRA/VGRA
/dev/hda /dev/hdb
Create: # vgcreate vg01 /dev/hda /dev/hdb
vg01
A volume group is a group of one or more physical volumes. The physicalvolumes in a volume group form a pool of disk space which may be allocated
to one or more logical volumes
C ti L i l V l
8/12/2019 RHEL Advanced Training
45/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 45
Creating Logical Volumes
c0t3d0
/dev/hdc
vg01
myswap
myfs1
myfs2
Create: lvcreate -L 16 -n myswap vg01lvcreate -L 16 -n myfs1 vg01lvcreate -L 16 -n myfs2 vg01
Disk space from a volume group may be allocated to one or more logical
volumes. A logical volume is analogous to a partition, and may contain a file
system, swap area, or raw partition
Logical Volume Manager
8/12/2019 RHEL Advanced Training
46/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 46
Logical Volume Manager
Why have a Filesystem?
Logical Volume Manager
8/12/2019 RHEL Advanced Training
47/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 47
Logical Volume Manager
Objectives
Monitor filesystem growth and control growing files
Manage filesystem disk space usageImplement basic filesystem integrity checks
Space Management
Filesystems expand upon notice, NOT automatically
To keep from running into problems:
Monitor filesystem growth
Determine causes
Control growing files
Manage filesystem space usage
Control user disk usage
Defragment filesystem
NFS M t
8/12/2019 RHEL Advanced Training
48/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 48
NFS MasterStep 1: Edit /etc/exports file
# vi /etc/exports/export_dir *(rw,sync)
Step 2: Start portmap and nfs service# service portmap start
# service nfs start
# chkconfig portmap on# chkconfig nfs on
Step 3: Run exportfs command# exportfs -va
Step 4: Verify exports using showmount command
# showmount -eStep 5: Mount the filesystem remotely
Client # mount Server_IP://export_dir /export_mnt
Step 6: verify remote mounts using showmount command# showmount -a
8/12/2019 RHEL Advanced Training
49/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 49
Advanced User Management
In this section we deal with users on network
NIS User
LDAP User
User Management
Password restrictions Authentication
Setting Disk quota
Advanced file permissions
Roaming user profile using NFS
8/12/2019 RHEL Advanced Training
50/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 50
NIS User Administration
Create NIS Master Step 1: Install ypbind, ypserv and yp-tools package
Step 2: Edit /etc/yp.conf and add the following entrydomain example.com server 192.168.0.254
ypserver 127.0.0.1
Step 3: Add the following entry to /etc/sysconfig/networkNISDOMAIN=example.com
Step 4: Set NIS domain name also update /etc/hosts with FQDN# domainname example.com
# ypdomainname example.com
Step 5: Start portmap, ypbind, ypserv and ypxfrd services and make
sure to enable it using chkconfig Step 6: Check if ports are listening
# rpcinfo -u localhost ypserv
Step 7: Initialize the maps# /usr/lib/yp/ypinit -m
8/12/2019 RHEL Advanced Training
51/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 51
NIS User Administration
On Clinet: system-config-authentication
8/12/2019 RHEL Advanced Training
52/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 52
DHCP
DHCP Dynamic Host Configuration Protocol
- Used to provide dynamic IP address to clients
Step 1 : Install dhcp RPM# rpm ivh dhcp*.rpm
Step 2 : copy-paste the default config file to /etc/dhcpd.conf# cp /usr/share/doc/dhcp-/dhcpd.conf.sample /etc/dhcpd.conf
Step 3 : Edit the dhcp configuration accordingly
Step 4 : Start dhcp server service and turn it on# service dhcpd start
# chkconfig dhcpd on
8/12/2019 RHEL Advanced Training
53/65
8/12/2019 RHEL Advanced Training
54/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 54
Mail Services
Understand electronic mail operation
Use the alternatives system to select a mail server
Perform basic configuration of a mail server
Configure postfix
Configure Dovecot for encrypted and unencrypted protocols Debug email services
8/12/2019 RHEL Advanced Training
55/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 55
Dovecot Configuration
Dovecot is an open source IMAP and POP3 server for
Linux/UNIX-like systems, written with security primarily in
mind.
Step 1 : Install dovecot RPM# rpm ivh dovecot-*.rpm
Step 2 : Find and remove dovecot.pem default permission file# find /etc name dovecot.pem exec rm {} \;
Step 3 : Create a new dovecot.pem file# make c /etc/pki/tls/certs dovecot.pem
Step 4 : Add the entries to /etc/dovecot.conf file with the updated
dovecot.pem file and enable required imap/pop protocol
Edit protocol and ssl_certs line in /etc/dovecot.conf file
http://www.dovecot.org/doc/COPYINGhttp://www.dovecot.org/doc/COPYING8/12/2019 RHEL Advanced Training
56/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 56
Configure Postfix
Step 1: Install postfix RPM# rpm ivh postfix-*.rpm
Step 2: Stop sendmail service and turn it off# service sendmail stop
# chkconfig sendmail off
Step 3: Change the default MTA from sendmail to postfix# alternatives - - config mta
Step 4: Edit /etc/postfix/main.cf file and modify the inet_interfaces entryinet_interfaces
Step 5: add apropriate entries in /etc/aliases for aliasing.
sysadmin: trainer,student1,student3
Step 6: Start postfix service and turn it on# service postfix start
# chkconfig postfix on
8/12/2019 RHEL Advanced Training
57/65
IMAPS
8/12/2019 RHEL Advanced Training
58/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 58
IMAPS
Depending on the security setup it is recommended to add specific
IPTABLE rules to restrict access to domains
Eg: # iptables A INPUT s ! 192.168.0.0/24 p tcp dport 993 j REJECT
Will deny access to any network other than 192.168.0.0/24 network
Send a mail to the group called sysadmin and check if users receive mail intheir mailbox
# echo testmail | mail s Subject: testmail [email protected]
Verify mail# mail imaps://[email protected]
Default IMAPS port is 993
mailto:[email protected]8/12/2019 RHEL Advanced Training
59/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 59
SQUID
Step 1: Install Squid rpm# rpm ivh squid*.rpm
Step 2: Edit the squid configuration file# vi /etc/squid/squid.conf
Change the following:
http_port from default 3128 to 8080Change Recommendedand INSERT lines in the file
Step 3: Start postfix service and turn it on# service squid start
# chkconfig squid on
Step 4: change the proxy setting in firefox
Kickstart Server
8/12/2019 RHEL Advanced Training
60/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 60
Kickstart Server
Kickstart server is used to build RedHat clients in network
It is an un-attended installation and holds the installation files
Supports installation via local CDROM/HDD/NFS/HTTP/FTP
Kickstart Config file
Command Section
Package Section
Pre and Post scripts section
Kickstart can be configured using ksconfig
system-config-kickstart provides a simple method of creating a
kickstart file that can be used to automate the installation process on
Red Hat Linux.
System-config-kickstart
8/12/2019 RHEL Advanced Training
61/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 61
System-config-kickstart
8/12/2019 RHEL Advanced Training
62/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 62
Install client
Boot the system using boot media and at
the boot prompt
boot: linux ks=nfs:server:/kickstart/ks.cfg
boot: linux ks=http:///
boot: linux ks=ftp:///
Post Quiz
8/12/2019 RHEL Advanced Training
63/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 63
Post Quiz
Write your Name and Employee ID without fail.
20 questions, multiple choices in 30 minutes
Use the post-quiz columns for writing your answers Do not discuss
A question can have more than one correct answer, but choose the
best one.
Please encircle your guessed answers to find how good you are at
guessing
Chocolates will be distributed for:
1. Pre-quiz highest scorer
2. Post-quiz highest scorer
3. One with maximum difference
Post Quiz
8/12/2019 RHEL Advanced Training
64/65
Prepared By Vinodh Kombissan Date Feb 1, 2010 Page 64
Post Quiz
Score Card
Sl no Trainee Name Pre-quiz Post-quiz Difference
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Please provide your valuable feedback and suggestions!!!
8/12/2019 RHEL Advanced Training
65/65
Thank You
Vinodh Kombissan
Mobile: 9940041817
Nortel : +91 44 43721227
Extn 1227
Computer Sciences Corporation,
7th Floor , DLF IT Park, Tower 1B,
Manapakkam, Chennai - 600 086.
Please provide your valuable feedback and suggestions!!!
RHCE Certificate number: 805010021746212
mailto:[email protected]:[email protected]