Product SiteDocumentation Site

Fedora Documentation 12

Deployment Guide

Deployment, configuration and administration of Fedora 12

Edition 0

Legal Notice

Copyright © 2010 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
All other trademarks are the property of their respective owners.
Abstract
The Deployment Guide documents relevant information regarding the deployment, configuration and administration of Fedora 13.
Preface
1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. We Need Feedback!
2.1. Technical Review Requests
3. Acknowledgements
Introduction
I. Package Management
1. Yum
1.1. Checking For and Updating Packages
1.1.1. Checking For Updates
1.1.2. Updating Packages
1.1.3. Updating Security-Related Packages
1.1.4. Preserving Configuration File Changes
1.2. Packages and Package Groups
1.2.1. Searching, Listing and Displaying Package Information
1.2.2. Installing
1.2.3. Removing
1.3. Configuring Yum and Yum Repositories
1.3.1. Setting [main] Options
1.3.2. Setting [repository] Options
1.3.3. Using Yum Variables
1.3.4. Creating a Yum Repository
1.4. Yum Plugins
1.4.1. Enabling, Configuring and Disabling Yum Plugins
1.4.2. Installing More Yum Plugins
1.4.3. Plugin Descriptions
1.5. Additional Resources
2. PackageKit
2.1. Updating Packages with Software Update
2.2. Using Add/Remove Software
2.2.1. Refreshing Software Sources (Yum Repositories)
2.2.2. Finding Packages with Filters
2.2.3. Installing and Removing Packages (and Dependencies)
2.2.4. Installing and Removing Package Groups
2.2.5. Viewing the Transaction Log
2.3. PackageKit Architecture
2.4. Additional Resources
3. RPM
3.1. RPM Design Goals
3.2. Using RPM
3.2.1. Finding RPM Packages
3.2.2. Installing
3.2.3. Uninstalling
3.2.4. Upgrading
3.2.5. Freshening
3.2.6. Querying
3.2.7. Verifying
3.3. Checking a Package's Signature
3.3.1. Importing Keys
3.3.2. Verifying Signature of Packages
3.4. Practical and Common Examples of RPM Usage
3.5. Additional Resources
3.5.1. Installed Documentation
3.5.2. Useful Websites
3.5.3. Related Books
II. Network-Related Configuration
4. Network Interfaces
4.1. Network Configuration Files
4.2. Interface Configuration Files
4.2.1. Ethernet Interfaces
4.2.2. Channel Bonding Interfaces
4.2.3. Alias and Clone Files
4.2.4. Dialup Interfaces
4.2.5. Other Interfaces
4.3. Interface Control Scripts
4.4. Configuring Static Routes
4.5. Network Function Files
4.6. Additional Resources
4.6.1. Installed Documentation
5. Network Configuration
5.1. The NetworkManager Daemon
5.2. Interacting with the NetworkManager Applet
5.2.1. System and User Connections
5.3. Establishing Connections
5.3.1. Establishing a Wired (Ethernet) Connection
5.3.2. Establishing a Wireless Connection
5.3.3. Establishing a Mobile Broadband Connection
5.3.4. Establishing a VPN Connection
5.3.5. Establishing a DSL Connection
5.3.6. Establishing Routes
5.4. Configuring NetworkManager Connection Settings
5.4.1. Configuring the Wired Tab
5.4.2. Configuring the 802.1x Security Tab
5.4.3. Configuring the Wireless Tab
5.4.4. Configuring the Wireless Security Tab
5.4.5. Configuring the Mobile Broadband Tab
5.4.6. Configuring the PPP Settings Tab
5.4.7. Configuring the VPN Tab
5.4.8. Configuring the DSL Tab
5.4.9. Configuring the IPv4 Settings Tab
5.4.10. Configuring the IPv6 Settings Tab
5.5. NetworkManager Architecture
6. Controlling Access to Services
6.1. Runlevels
6.2. TCP Wrappers
6.2.1. xinetd
6.3. Services Configuration Tool
6.4. ntsysv
6.5. chkconfig
6.6. Additional Resources
6.6.1. Installed Documentation
6.6.2. Useful Websites
7. The BIND DNS Server
7.1. Introduction to DNS
7.1.1. Nameserver Zones
7.1.2. Nameserver Types
7.1.3. BIND as a Nameserver
7.2. /etc/named.conf
7.2.1. Common Statement Types
7.2.2. Other Statement Types
7.2.3. Comment Tags
7.3. Zone Files
7.3.1. Zone File Directives
7.3.2. Zone File Resource Records
7.3.3. Example Zone File
7.3.4. Reverse Name Resolution Zone Files
7.4. Using rndc
7.4.1. Configuring /etc/named.conf
7.4.2. Configuring /etc/rndc.conf
7.4.3. Command Line Options
7.5. Advanced Features of BIND
7.5.1. DNS Protocol Enhancements
7.5.2. Multiple Views
7.5.3. Security
7.5.4. IP version 6
7.6. Common Mistakes to Avoid
7.7. Additional Resources
7.7.1. Installed Documentation
7.7.2. Useful Websites
7.7.3. Related Books
8. OpenSSH
8.1. Features of SSH
8.1.1. Why Use SSH?
8.2. SSH Protocol Versions
8.3. Event Sequence of an SSH Connection
8.3.1. Transport Layer
8.3.2. Authentication
8.3.3. Channels
8.4. Configuring an OpenSSH Server
8.4.1. Requiring SSH for Remote Connections
8.5. OpenSSH Configuration Files
8.6. Configuring an OpenSSH Client
8.6.1. Using the ssh Command
8.6.2. Using the scp Command
8.6.3. Using the sftp Command
8.7. More Than a Secure Shell
8.7.1. X11 Forwarding
8.7.2. Port Forwarding
8.7.3. Generating Key Pairs
8.8. Additional Resources
8.8.1. Installed Documentation
8.8.2. Useful Websites
9. Samba
9.1. Introduction to Samba
9.1.1. Samba Features
9.2. Samba Daemons and Related Services
9.2.1. Samba Daemons
9.3. Connecting to a Samba Share
9.3.1. Command Line
9.3.2. Mounting the Share
9.4. Configuring a Samba Server
9.4.1. Graphical Configuration
9.4.2. Command Line Configuration
9.4.3. Encrypted Passwords
9.5. Starting and Stopping Samba
9.6. Samba Server Types and the smb.conf File
9.6.1. Stand-alone Server
9.6.2. Domain Member Server
9.6.3. Domain Controller
9.7. Samba Security Modes
9.7.1. User-Level Security
9.7.2. Share-Level Security
9.8. Samba Account Information Databases
9.9. Samba Network Browsing
9.9.1. Domain Browsing
9.9.2. WINS (Windows Internetworking Name Server)
9.10. Samba with CUPS Printing Support
9.10.1. Simple smb.conf Settings
9.11. Samba Distribution Programs
9.12. Additional Resources
9.12.1. Installed Documentation
9.12.2. Related Books
9.12.3. Useful Websites
10. Dynamic Host Configuration Protocol (DHCP)
10.1. Why Use DHCP?
10.2. Configuring a DHCP Server
10.2.1. Configuration File
10.2.2. Lease Database
10.2.3. Starting and Stopping the Server
10.2.4. DHCP Relay Agent
10.3. Configuring a DHCP Client
10.4. Configuring a Multihomed DHCP Server
10.4.1. Host Configuration
10.5. Additional Resources
10.5.1. Installed Documentation
11. The Apache HTTP Server
11.1. Apache HTTP Server 2.2
11.1.1. Features of Apache HTTP Server 2.2
11.2. Migrating Apache HTTP Server Configuration Files
11.2.1. Migrating Apache HTTP Server 2.0 Configuration Files
11.2.2. Migrating Apache HTTP Server 1.3 Configuration Files to 2.0
11.3. Starting and Stopping httpd
11.4. Apache HTTP Server Configuration
11.4.1. Basic Settings
11.4.2. Default Settings
11.5. Configuration Directives in httpd.conf
11.5.1. General Configuration Tips
11.5.2. Configuration Directives for SSL
11.5.3. MPM Specific Server-Pool Directives
11.6. Adding Modules
11.7. Virtual Hosts
11.7.1. Setting Up Virtual Hosts
11.8. Apache HTTP Secure Server Configuration
11.8.1. An Overview of Security-Related Packages
11.8.2. An Overview of Certificates and Security
11.8.3. Using Pre-Existing Keys and Certificates
11.8.4. Types of Certificates
11.8.5. Generating a Key
11.8.6. How to configure the server to use the new key
11.9. Additional Resources
11.9.1. Useful Websites
12. FTP
12.1. The File Transfer Protocol
12.1.1. Multiple Ports, Multiple Modes
12.2. FTP Servers
12.2.1. vsftpd
12.3. Files Installed with vsftpd
12.4. Starting and Stopping vsftpd
12.4.1. Starting Multiple Copies of vsftpd
12.5. vsftpd Configuration Options
12.5.1. Daemon Options
12.5.2. Log In Options and Access Controls
12.5.3. Anonymous User Options
12.5.4. Local User Options
12.5.5. Directory Options
12.5.6. File Transfer Options
12.5.7. Logging Options
12.5.8. Network Options
12.6. Additional Resources
12.6.1. Installed Documentation
12.6.2. Useful Websites
13. Email
13.1. Email Protocols
13.1.1. Mail Transport Protocols
13.1.2. Mail Access Protocols
13.2. Email Program Classifications
13.2.1. Mail Transport Agent
13.2.2. Mail Delivery Agent
13.2.3. Mail User Agent
13.3. Mail Transport Agents
13.3.1. Sendmail
13.3.2. Postfix
13.3.3. Fetchmail
13.4. Mail Transport Agent (MTA) Configuration
13.5. Mail Delivery Agents
13.5.1. Procmail Configuration
13.5.2. Procmail Recipes
13.6. Mail User Agents
13.6.1. Securing Communication
13.7. Additional Resources
13.7.1. Installed Documentation
13.7.2. Useful Websites
13.7.3. Related Books
14. Lightweight Directory Access Protocol (LDAP)
14.1. Why Use LDAP?
14.1.1. OpenLDAP Features
14.2. LDAP Terminology
14.3. OpenLDAP Daemons and Utilities
14.3.1. NSS, PAM, and LDAP
14.3.2. PHP4, LDAP, and the Apache HTTP Server
14.3.3. LDAP Client Applications
14.4. OpenLDAP Configuration Files
14.5. The /etc/openldap/schema/ Directory
14.6. OpenLDAP Setup Overview
14.6.1. Editing /etc/openldap/slapd.conf
14.7. Configuring a System to Authenticate Using OpenLDAP
14.7.1. PAM and LDAP
14.7.2. Migrating Old Authentication Information to LDAP Format
14.8. Migrating Directories from Earlier Releases
14.9. Additional Resources
14.9.1. Installed Documentation
14.9.2. Useful Websites
14.9.3. Related Books
15. Authentication Configuration
15.1. The System Security Services Daemon (SSSD)
15.1.1. What is SSSD?
15.1.2. SSSD Features
15.1.3. Setting Up SSSD
15.1.4. Configuring Services
15.1.5. Configuring Domains
III. System Configuration
16. Console Access
16.1. Disabling Shutdown Via Ctrl+Alt+Del
16.2. Disabling Console Program Access
16.3. Defining the Console
16.4. Making Files Accessible From the Console
16.5. Enabling Console Access for Other Applications
16.6. The floppy Group
17. The sysconfig Directory
17.1. Files in the /etc/sysconfig/ Directory
17.1.1. /etc/sysconfig/arpwatch
17.1.2. /etc/sysconfig/authconfig
17.1.3. /etc/sysconfig/autofs
17.1.4. /etc/sysconfig/clock
17.1.5. /etc/sysconfig/desktop
17.1.6. /etc/sysconfig/dhcpd
17.1.7. /etc/sysconfig/firstboot
17.1.8. /etc/sysconfig/i18n
17.1.9. /etc/sysconfig/init
17.1.10. /etc/sysconfig/ip6tables-config
17.1.11. /etc/sysconfig/keyboard
17.1.12. /etc/sysconfig/named
17.1.13. /etc/sysconfig/network
17.1.14. /etc/sysconfig/ntpd
17.1.15. /etc/sysconfig/radvd
17.1.16. /etc/sysconfig/samba
17.1.17. /etc/sysconfig/selinux
17.1.18. /etc/sysconfig/sendmail
17.1.19. /etc/sysconfig/spamassassin
17.1.20. /etc/sysconfig/squid
17.1.21. /etc/sysconfig/system-config-users
17.1.22. /etc/sysconfig/vncservers
17.1.23. /etc/sysconfig/xinetd
17.2. Directories in the /etc/sysconfig/ Directory
17.3. Additional Resources
17.3.1. Installed Documentation
18. Date and Time Configuration
18.1. Time and Date Properties
18.2. Network Time Protocol (NTP) Properties
18.3. Time Zone Configuration
19. Keyboard Configuration
20. The X Window System
20.1. The X11R7.1 Release
20.2. Desktop Environments and Window Managers
20.2.1. Desktop Environments
20.2.2. Window Managers
20.3. X Server Configuration Files
20.3.1. xorg.conf
20.4. Fonts
20.4.1. Fontconfig
20.4.2. Core X Font System
20.5. Runlevels and X
20.5.1. Runlevel 3
20.5.2. Runlevel 5
20.6. Additional Resources
20.6.1. Installed Documentation
20.6.2. Useful Websites
21. Users and Groups
21.1. User and Group Configuration
21.1.1. Adding a New User
21.1.2. Modifying User Properties
21.1.3. Adding a New Group
21.1.4. Modifying Group Properties
21.2. User and Group Management Tools
21.2.1. Command Line Configuration
21.2.2. Adding a User
21.2.3. Adding a Group
21.2.4. Password Aging
21.2.5. Explaining the Process
21.3. Standard Users
21.4. Standard Groups
21.5. User Private Groups
21.5.1. Group Directories
21.6. Shadow Passwords
21.7. Additional Resources
21.7.1. Installed Documentation
22. Printer Configuration
22.1. Adding a Local Printer
22.2. Adding an IPP Printer
22.3. Adding a Samba (SMB) Printer
22.4. Adding a JetDirect Printer
22.5. Selecting the Printer Model and Finishing
22.5.1. Confirming Printer Configuration
22.6. Printing a Test Page
22.7. Modifying Existing Printers
22.7.1. The Settings Tab
22.7.2. The Policies Tab
22.7.3. The Access Control Tab
22.7.4. The Printer and Job OptionsTab
22.8. Managing Print Jobs
22.9. Additional Resources
22.9.1. Installed Documentation
22.9.2. Useful Websites
23. Automated Tasks
23.1. Cron
23.1.1. Configuring Cron Tasks
23.1.2. Controlling Access to Cron
23.1.3. Starting and Stopping the Service
23.2. At and Batch
23.2.1. Configuring At Jobs
23.2.2. Configuring Batch Jobs
23.2.3. Viewing Pending Jobs
23.2.4. Additional Command Line Options
23.2.5. Controlling Access to At and Batch
23.2.6. Starting and Stopping the Service
23.3. Additional Resources
23.3.1. Installed Documentation
24. Log Files
24.1. Locating Log Files
24.2. Viewing Log Files
24.3. Adding a Log File
24.4. Monitoring Log Files
IV. System Monitoring
25. Gathering System Information
25.1. System Processes
25.2. Memory Usage
25.3. File Systems
25.4. Hardware
25.5. Additional Resources
25.5.1. Installed Documentation
26. OProfile
26.1. Overview of Tools
26.2. Configuring OProfile
26.2.1. Specifying the Kernel
26.2.2. Setting Events to Monitor
26.2.3. Separating Kernel and User-space Profiles
26.3. Starting and Stopping OProfile
26.4. Saving Data
26.5. Analyzing the Data
26.5.1. Using opreport
26.5.2. Using opreport on a Single Executable
26.5.3. Getting more detailed output on the modules
26.5.4. Using opannotate
26.6. Understanding /dev/oprofile/
26.7. Example Usage
26.8. Graphical Interface
26.9. Additional Resources
26.9.1. Installed Docs
26.9.2. Useful Websites
27. ABRT
27.1. Overview
27.2. Installing and Running ABRT
27.3. Configuring ABRT
27.4. Plugins and Sending Crash Reports
27.5. Using the Command Line Interface
27.5.1. Viewing Crashes
27.5.2. Reporting Crashes
27.5.3. Deleting Crashes
V. Kernel and Driver Configuration
28. Manually Upgrading the Kernel
28.1. Overview of Kernel Packages
28.2. Preparing to Upgrade
28.3. Downloading the Upgraded Kernel
28.4. Performing the Upgrade
28.5. Verifying the Initial RAM Disk Image
28.6. Verifying the Boot Loader
28.6.1. Configuring the GRUB Boot Loader
28.6.2. Configuring the OS/400® Boot Loader
28.6.3. Configuring the YABOOT Boot Loader
29. General Parameters and Modules
29.1. Kernel Module Utilities
29.2. Persistent Module Loading
29.3. Specifying Module Parameters
29.4. Storage parameters
29.5. Ethernet Parameters
29.5.1. Using Multiple Ethernet Cards
29.5.2. The Channel Bonding Module
29.6. Additional Resources
A. Revision History
Index