index [link.springer.com]978-1-4302-1913-2/1.pdf · backup and recovery backup process, 623–624...
Post on 11-Feb-2020
2 Views
Preview:
TRANSCRIPT
1025
Index
# (hash mark), 355$ (dollar sign), 131$ arguments, 159$ symbol, 71<%= value %> syntax, 983%CPU column header, 835–836&& (double ampersand), 629* symbol, 83_ variable, 131_netdev option, 589+2G command, 339! modifier, 876? symbol, 83/ volume, 22
Numerics250 response code, 4462048 option, 678
Aa class abbreviation, 89-A flag, 78-a option, 179-A option, 227-a option, 485, 865a2dismod command, 533a2enmod command, 533a2ensite utility, 530abi directory, 867ACCEPT policy, 225ACCEPT target, 228access control lists (ACLs)
LDAP, 778–783, 794–795Squid, 558
access restriction, Apache web server, 531–532AccessFileName directive, 529Accessories tab, 68account management group, 135accounts group, 77, 117acl directive, 559ACLs. See access control lists (ACLs)action key-value pair, 893action line, 894action2 line, 896actions, syslog, 876–877activationkey option, 284Active Directory LDAP server, 564Active Directory Service (ADS), 583activeTypes section, 799AD (Microsoft Active Directory) file, 565add machine script, 571
--add option, 162, 368add user script, 571addr object, 204address books, Zimbra, 749–757address object, 203address parameter, 200adduser package, 119, 303admin account, 726ADMIN alias, 141Admin Password setting, 707Admin type, 642Admin user, 600, 707, 709, 720, 780, 856Administration Console, Zimbra, 712–713, 729ADS (Active Directory Service), 583adsl-setup, 241–245adsl-setup command, 241Advanced Network Configuration button, 38Advanced Packaging Tool (APT), 310–311Advanced Policy Firewall (APF), 265advanced tools
CPU and memory use, 834–844disk access, 845–847overview, 834swap space use, 844–845
agents, 847AH (Authentication Header), 230alert priority, 876alias attribute, 906, 910alias command, 104, 132alias_maps option, 460aliases
CNAME entries and, 408command, 132–133distribution lists and, 725–728overview, 460
ALIASES section, 133all flag, 297ALL keyword, 542ALL option, 140all view, 849allow,deny parameter, 529allow directive, 946allow statement, 970AllowOverride directive, 530–531allow-update option, 428ANONYMOUS mechanism, 480Anonymous mode, 766anonymous read access, 781ANSWER SECTION command, 220antispam. See spamantivirus. See viruses
INDEX1026
Apache web serveraccess restriction, 531–532authentication, 821–824configuring for provisioning, 950file and directory permissions, 533–534installation and configuration, 517–518, 527–530modules, 532–533virtual host, adding for LDAP Account Manager,
800–807apache2 package, 517, 530, 944apache2-common package, 530apache2ctl command, 530, 533apache2ctl configtest command, 530apache2-mpm-prefork package, 517apachectl command, 527, 531, 533APF (Advanced Policy Firewall), 265Application Data directories, 573application packages, 268approx index type, 774apropos command, 76APT (Advanced Packaging Tool), 310–311apt-cache command, 312apt-cacher utility, 309apt-file command, 311–312apt-get command, 311aptitude
command, 192, 452noninteractive mode, 308–309property, 701removing packages, 309–310tool, 302–312updating packages, 311–312
Aptitude source packages, 310--arch option, 939archive mirrors, 48$ARG1$ macro, 914, 917argsfile attribute, 770$ARGx$ macro, 914arp tool, 222arrays, 362–369Asterix PBX Integration Zimlet, 749atime, 94atomic method, 960attach directory, 554audit command, 502auth access, 795auth access privileges, 778AUTH command, 485auth default configuration option, 479auth directive, 955auth facility, 875auth management group, 135, 818auth service, 479auth type, 137auth_debug option, 514auth_debug_password option, 514auth_verbose option, 514AuthBasicProvider directive, 532AuthBasicProvider ldap command, 823auth-client-config utility, 769authconfig command, 134
AuthConfig option, 531authentication
OpenVPN, 675–679overview, 476–477PAM, 133Postfix, 465SASL, 477–482SMTP AUTH, 477–478testing Postfix authentication, 483–485
Authentication Header (AH), 230AuthName directive, 532, 923authoritative DNS servers, 405–420
forward lookup zones, 407–408reverse lookup zones, 408–410security, 417slave servers, adding, 417–420using system-config-bind tool on Red Hat, 410–417zoning, 406–407
authorized_keys file, 627, 918auth-priv facility, 875auth-priv messages, 877–878AuthType directive, 531, 923AuthUserFile directive, 532auth-user-pass option, 690AuthzLDAPAuthoritative on command, 823auto parameter, 200autolearn=spam message, 493automating mounts, 355–357autopart, 958, 964AUXILIARY object, 776–777
Bb file type, 85-b option, 142, 382, 788backing up, LDAP directory, 796–797backports, Ubuntu, 326backup and recovery
backup process, 623–624Bacula
acquiring, 638–641backing up databases with,
658–661Bat console, 661–666configuring, 641–653managing with bconsole command, 654–658
disaster recover planning (DRP), 621–622network backups, 624–625overview, 621rsync
overview, 625–626using with SSH, 626, 636
Backup job type, 642--backup-file option, 369BackupPC tool, 636Bacula
acquiring, 638–641backing up databases with, 658–661Bat console, 661–666configuring, 641–653
testing syntax, 653managing with bconsole command, 654–658overview, 636–637
INDEX 1027
Bacula backup server, 621bacula-dir.conf file, 641–650bacula-fd.conf file, 652–653bacula-sd.conf file, 651–652baddomain.com network, 266bare metal installs, 13BASE field, 785baseurl option, 294–295bash scripts, 880Bash shell, 69, 130–131.bash_profile file, 130, 132basic input/output system (BIOS), 145–146bastion firewall
filter table, 253–255, 259–264nat table, 258–259overview, 249–252
Bat console, 661–666Bayesian spam filtering, 488BCM (business continuity management), 621bconsole command, 637, 654–658bconsole.conf file, 653bdb database, 772Berkeley Internet Name Domain (BIND), 399, 401BFD (Brute Force Detection), 265/bin directory, 82, 140, 141/bin/bash command, 128, 293, 298BIND (Berkeley Internet Name Domain), 399, 401bind mount, 383--bind option, 950bind timelimit setting, 819bind-utils package, 397/bin/extra/ directory, 140/bin/false file, 126, 128/bin/groupadd file, 141/bin/mail command, 126/bin/userdel file, 139BIOS (basic input/output system), 145–146blkid utility, 356blocks, 334, 347bo column, 846bond0 setting, 568bonded interface, 179boot, starting and stopping services at, 160–163/boot/ directory, 82boot loader, 22–23, 146–148/boot partition, 22, 49, 356, 958#boot=/dev/sda file, 149bootargs parameter, 1005/boot/grub directory, 998/boot/grub/grub.conf file, 149, 276/boot/grub/menu.lst file, 149boot.img.gz file, 947booting, 145, 153–156booting kernel, 148bootloader directive, 954, 955, 1005BOOTP protocol, 186BOOTPROTO, 196, 197bootstrapping, 145, 931both method, 737brace expansion, 464Braille, 44
break control option, 782bridged VPN, 674bridge-utils package, 1011bridging mode, 240Briefcase feature, 738, 756broadcast-address option, 422browseable directive, 572–573Brute Force Detection (BFD), 265buffers column, 833builder parameter, 1005business continuity management (BCM), 621
C-c | --contents option, 321c file type, 85-c N option, 349-c option, 113, 531, 909, 923-C option, 544ca option, 473, 679, 682, 725cabling, 176ca-bundle.crt file, 609, 772cacert.pem CA certificate file, 681cacert.pem file, 609cache, APT, 309cache_dir directive, 560cached column, 833caching DNS servers, 401–405Cacti
adding hosts to, 856–863configuration, 854–856installation on Red Hat, 852–854installation on Ubuntu, 850–852settings and defaults, 863–864
/cacti subdirectory, 853Calendar rule type, 895, 898calendars, 751cancel command, 655Cancel Selected Events button, 289CAs. See certificate authorities (CAs)cat command, 95, 102cat /proc/mdstat command, 369cd command, 80, 86, 681CD/DVDs, 146cdrom directive, 955CentOS, 5, 11, 64, 271cert option, 679, 682certificate authorities (CAs)
commercial, 466creating certificates from, 468creating own, 470–472defined, 465noncommercial, 466–467securing VPNs, 676self-managed, 467signing certificates with own, 472–474
Certificate File, 552Certificate Key File, 552certificate signing request (CSR), 468, 676certificates
choosing type of, 467creating, 468–470
INDEX1028
creating own CAs, 470–472from noncommercial CAs, 466–467self-signed certificates, 467See also certificate authorities
certname option, 969cfg_dir option, 904cfg_file option, 904CGI scripts, 523cgi.cfg configuration file, 924chage command, 124–125chain loading, 149chains, Netfilter, 224chcon command, 550Check SMTP service, 916check-host-alive attribute, 908checkpoint directive, 775check-update option, 290chgrp command, 93chkconfig --add xendomains command, 1010chkconfig command, 159–160, 162–163, 165, 536, 608, 672chkconfig --list command, 166, 938chmod command, 88, 91, 462chown command, 93, 462, 546chroot command, 383, 627chsh command, 115CIFS (Common Internet File System), 564Citadel, 698ClamAV
configuring, 502defined, 488help resources, 506installing, 500–502testing SpamAssassin with, 504–505
clamscan command, 506class directive, 974Class of Service (CoS), Zimbra, 713–719classes directory, 968clean all option, 291clearpart directive, 954client configuration, Squid cache, 560–561Client daemon, 639Client directive, 643client option, 682Client resource, 647Client Run After Job script, 796Client Run Before Job script, 658, 796client-cert-not-required option, 689clone file, 199clustering, 28cmd.php file, 863Cmnd_Alias command, 141cn command, 774cn=admin setting, 779CNAME command, 221CNAME record, 703cobbler command, 939cobbler package, 933cobbler profile command, 941cobbler profile list command, 941cobbler system command, 957
CodeWeavers, 564Collaborative Services
migrating from existing e-mail service, 757–758Zimbra, 698–757. See also specific services under Zimbra
collections, 966com_zimbra_emailquotes file, 730combining multiple selectors, 877–878command aliases, 132–133COMMAND column header, 835command history, 72command line, 67–72command prompt, 68command_line attribute, 908, 914command_name attribute, 908command-line shell, 68comment directive, 572commercial certificate authorities, 466Common Gateway Interface, 523Common Internet File System (CIFS), 564common-account file, 137, 818common-auth file, 818common-password file, 818common-session file, 818compare access privileges, 778compiling software from source, 326–328
configure command, 328–330installing, 331make command, 330–331uninstalling, 331
comp-lzo file, 675compress option, 881Computer Name tab, 576-conf option, 887, 889conf.d directory, 529-config . /openssl.cnf option, 472–473--config option, 1021config.cfg file, 798config.php file, 556configuration management
overview, 931provisioning
Kickstart and Preseed, 953–965overview, 932with Red Hat Cobbler, 932–944with Ubuntu, 944–953
Puppet, 965–986. See also PuppetConfiguration Reference, 987configure command, 103, 328–330configuring
GRUB boot loader, 149–151init, 154–155Pluggable Authentication Modules (PAM),
133–137shell and environment, 130–133sudo command, 144
configuring sudo, 139confirm directive, 960confirm subkey, 960confirm_write_new_label subkey, 960Connection Timeout setting, 520CONNMARK target, 228
INDEX 1029
console, Nagiosauthentication, 921–925functions, 926–928overview, 921
console output option, 169Console service, 650Contact field, 406contact_groups attribute, 910contact_name directive, 924$CONTACTEMAIL$ macro, 912contactgroup object, 910contactgroup_name attribute, 910container-based approach, 992content attribute, 982content_filter option, 491continue line, 891continue option, 782, 892continuous performance monitoring
Cacti, 850–864SNMP, 847–850
control flag, 135–136copy command, 941copying files, 100–103core.schema file, 775, 786correlation, 883CoS (Class of Service), Zimbra, 713–719cp command, 100–101cpu group, 845CPU usage, 831–832, 834–844CRAM-MD5 mechanism, 480create command, 1021CREATE DATABASE statement, 541create mask directive, 572create mode, 364create mode owner group option, 881Create New Logical Volume dialog box, 378Create New Virtual Disk Wizard, 996createrepo package, 933crit priority, 876CRITICAL plug-in status, 909, 915, 919cron, scheduling services and commands, 170–173cron command, 854cron facility, 875–876cron messages, 876crontab command, 170–173CSR (certificate signing request), 468, 676CUPS
configuring, 609installing printer management tools, 610–617overview, 609–610
cups options directive, 572
D-d -1 option, 783-d days option, 125d file type, 85-d homedir option, 113-D option, 114, 227, 788-d option, 497, 883DAC (discretionary access control), 34daemon facility, 875
DAEMON_ARGS line, 888daemons, 74. See also individual daemon by namedaily option, 881DAP (Directory Access Protocol), 762DATA command, 446, 459, 489data directory, 554, 591data retention periods, 623data volumes, 623database directive, 773, 775date, files, 94–95date command, 94, 893DB_CONFIG file, 774dbconfig settings, 774dbconfig-common framework, 851dc=com setting, 779dcObject object class, 776, 786dd command, 370, 846, 1013debconf command, 808Debian distribution, 5, 11, 43, 888, 1020debug directory, 867debug logging option, 824--debug option, 971debug priority, 876default file, 949default gateway, 191default kernel, 148default keyword, 392default node, 973default route, 182, 208default value, 980Default Virtual Host, 520default-lease-time directive, 421defaults option, 167Default-Start keyword, 160Default-Stop keyword, 160definitions, Puppet, 983–984del command, 204--del option, 162deleting
entries from LDAP directory, 792files, 104users, 118–119
delivery mode, 497deluser.ldif file, 792demand option, 785Demilitarized Zones (DMZs), 986Denial of Service attacks (DoS), 263DENIED_COMMANDS command, 141Deny from all directive, 529deny statement, 970dependencies, 270desc key-value pair, 893Description keyword, 160Desktop directory, 573destination network address translation (DNAT), 251destination parameter, 264-detach option, 887, 889–890--detail option, 365/dev/ directory, 82, 334–335, 867/dev file, 383, 610/dev/cdrom directory, 1013
INDEX1030
/dev/disk/by-uuid file, 357/dev/dvd device, 85Development packages, 269Device Down Detection method, 863DEVICE option, 196device_remove_lvm directive, 960devices, 333–335, 856Devices tab, 191/dev/md0 device, 372dev.raid.speed_limit_max variable, 868df command, 94, 353, 358df -i command, 358df tool, 834dhclient utility, 431DHCP. See Dynamic Host Configuration Protocoldhcp3-server package, 944dhcp-client package, 961differential backups, 623Diffie-Hellman parameters, 677dig command, 219–221, 397–400DIGEST-MD5 mechanism, 480Dimdim Web Meeting, 749dir_index option, 869, 870Director configuration file, 641Director daemon, 636Directory Access Protocol (DAP), 762directory directive, 402Directory Information Tree (DIT), 762directory mask directive, 572Directory Page Search List, 551directory permissions, 533–534directory services. See Lightweight Directory Access
Protocol (LDAP)Directory tag, 530Dirvish tool, 636--disable option, 961disable_plaintext_auth option, 509disable_vrfy_command option, 489disabled option, 956DISABLE-NBT option, 694disabling users, 126disaster recover planning (DRP)
boot loader problems, 383–384disk failure, 384–386overview, 380–383, 621–622
disclose access privileges, 778discretionary access control (DAC), 34disk access, 845–847disk drivers, 14disk group, 334disk parameter, 1005disks
Kickstart, 958–960monitoring space, 834Preseed, 958–960
DISPLAY option, 948distinguished name (DN), 762distribution lists, Zimbra, 725–728distributions
CentOS, 5choosing, 6–7
Debian Linux, 5Fedora Project, 5Gentoo, 6overview, 3–4Red Hat Enterprise Linux (RHEL), 4–5Ubuntu, 5–6
DistroWatch, 6DIT (Directory Information Tree), 762dmesg command, 335–336, 341, 344, 353, 834DMS (document management systems)
adding and checking out documents, 602–608KnowledgeTree DMS, 590–591, 602–609using, 590
dms user account, 596dmsctl.sh command, 608DMZs (Demilitarized Zones), 986DN (distinguished name), 762dn: cn=config option, 784DNAT (destination network address translation),
251DNAT target, 562DNS. See Domain Name System (DNS) serverDNS option, 196dns-nameserver parameter, 201dnssec-keygen tool, 426dnsutils package, 397document management system (DMS), 563
adding and checking out documents, 602–608KnowledgeTree DMS, 590–591, 602–609using, 590
Document Root Directory setting, 521Documentation/sysctl directory, 868DocumentRoot, 530, 553documents, Zimbra, 749–757dollar sign ($), 131domain master = yes line, 569DOMAIN name option, 694Domain Name System (DNS) server
address, 694authoritative
forward lookup zones, 407–408overview, 405reverse lookup zones, 408–410security, 417slave servers, adding, 417–420using system-config-bind tool on Red Hat,
410–417zoning, 406–407
caching DNS servers, 401–405dynamic, 420–426IP addresses and, 26overview, 394querying name servers, 396–401root servers, 394–396
$domain variables, 984domain-name option, 422done command, 657DontCont option, 891DoS (Denial of Service attacks), 263dosfstools package, 351double ampersand (&&), 629Double Reverse Lookup, 523
INDEX 1031
Dovecot, 507–515configuring, 508–509configuring for SASL, 478–482defined, 443help resources, 515testing, 509–514troubleshooting, 514
#dovecot channel, 515down command, 203Downed Device Detection option, 859dpkg
commands, 309, 323–325defined, 302examining package details/contents, 323–324file searches, 325installing packages, 325overview, 320–323removing packages, 325–326
dpkg-reconfigure command, 455dport 25 command, 259DPT port, 262driftfile directive, 391Drop Box for Windows, 596DROP chain, 255DROP DATABASE statement, 542DROP policy, 225, 580DROP target, 228DRP. See disaster recover planning (DRP)drsync tool, 636Drupal installer, 547dst directive, 559du command, 93, 94, 834dual boot, 22dumpe2fs tool, 382dump-file directive, 404duplex setting, 205Dynamic Host Configuration Protocol (DHCP)
address assignment, 182configuring, 421–423dynamic DNS updates, 425–426, 430–433installing, 421–423manually changing DNS entries, 433overview, 24, 421static lease assignments, 423–425
E-e | --erase option, 296e argument, 491-e date option, 115-E date option, 125-e option, 455e2fsck utility, 381–382echo command, 131edit command, 957EHLO command, 444, 458, 489e-mail, 757–758. See also mail servicesemailquotes command, 732emerg priority, 875–877Enable Network Time Protocol option, 35Enable SSL support box, 551enabled option, 294ENABLED=0 option, 490
enablemd5 value, 954Encapsulating Security Payload (ESP), 230encryption
certificates, 465–474TLS, 465–466, 474–476
End User License Agreement, 596endscript option, 883ensure attribute, 974, 980enterprise monitoring, 899env command, 130envelope, 445environments
configuring, 130–133Puppet, 986
epel-release RPM, 853, 933, 967eq index type, 774erase option, 293--erase option, 300err priority, 876error_check() subroutine, 634errors.sh script, 195ESMTP (Extended SMTP), 445ESP (Encapsulating Security Payload),
230esp rule, 229–230ESTABLISHED,RELATED state, 264ESTABLISHED chain, 262ESTABLISHED connection state, 238ESTABLISHED packet state, 254eth0 interface, 181, 568ethtool command, 205ETHTOOL_OPTS option, 196event, defined, 168event [time] [event text] action, 898exampleActive attribute, 777exampleActive property, 764exampleClient object class, 777example.com.schema file, 770, 775, 778exbackup home directory, 626exbackup.pub key, 628--exclude option, 632.exe postfix, 739ExecCGI option, 524–525Executive directory, 602Expire field, 406EXPIRE option, 114--expiredate option, 126ext2, ext3, ext4 file system options, 347–348Extended SMTP (ESMTP), 445-extensions v3_ca option, 472extents option, 870external nodes, Puppet, 986extra parameter, 1005eZ Publish, 544
F-f $sender option, 492-F | --freshen option, 296-F 32 option, 352-f days option, 115-f filename option, 786
INDEX1032
-f option, 167, 453, 788, 883-F option, 227facilities, syslog, 874–875facter package, 967fakeroot package, 865fdisk utility, 336, 337–338Fedora Project, 5, 11, 61, 64, 271file command, 327File daemon, 636file permissions, 533–534file resource, 974, 981File: :Scan: :ClamAV package, 501file serving, Puppet, 969–970file sharing
DMS, 590, 602–609with NFS, 563–564, 587–589with Samba, 563–564, 575–576, 580–587
file systemsadditional systems, 352automating mounts, 355–357checking usage, 358–359creating, 344–346tweaking ext2, ext3, and ext4 file system options,
347–348XFS and JFS file systems, 349–352
File["/etc/ssh/sshd_config"] resource, 981filebucket command, 976filegen directive, 391filename option, 936–938, 946files
copying, 100–103date and time, 94–95deleting, 104editing, 107linking, 105links to, 92moving and renaming, 103–104permissions, 86–92reading, 95–98searches, 325searching for, 98–100size and space, 93–94types, 85–86users, groups, and ownership, 92–93
files directory, 968fileserver.conf file, 975FileSet, 643–644Filesystem state flag, 354filter rules, 259filter table, 224, 228–230, 235–236, 250, 253–264find / -user UID -o -group GID command, 118find command, 99–100, 304Firestarter, 265firewall
bastion, 249–264Kickstart, 957Netfilter, 222–239OpenVPN, 686–687Preseed, 957Puppet, 970Ubuntu, 950Zimbra, 711–712
firewall option, 957
firstboot directive, 961fixed-address option, 423folders, Zimbra, 749–757FollowSymLinks option, 524for loop function, 635force create mode directive, 572force directory mode directive, 572force group directive, 572force user directive, 572fork bomb, 832forking, 157FORWARD chain, 224–226, 234, 237, 252, 259forward lookup zones, 407–408forward_order_big_client.doc document, 604, 606ForwardAgent yes option, 438–439forwarding packets, 205–211ForwardX11 yes directive, 438fping package, 902FQDNs (fully qualified domain names), 407, 569free command, 345, 833, 835freshclam update daemon, 502-fromstart option, 889fs directory, 867fstab file, 356–357fstab manual page, 356full virtualization, 991fully qualified domain names (FQDNs), 407, 569Fully Virtualized option, 1015function keys, 14Function Reference, 987
G-g GID option, 117-g group option, 115-G option, 117GAL (global address list), 738gateway, defined, 241gateway parameter, 201gateway server, 673–675gateway$ command, 679gateway.conf file, 673–674, 679, 682, 685gateway.conf VPN tunnel, 688gateway.ks file, 943GatewayPorts directive, 439gedit command, 106generate function, 985generic class, 979Generic Text printer drivers, 619generic-host template, 907generic-service template, 916--genkey option, 675Genome, 933Gentoo distributions, 6get_sales function, 634getent passwd tool, 820Getting Started guide, 987GID (group ID), 116global address list (GAL), 738Global Settings, Zimbra, 738–741[global] configuration, 567[global] service, 572
INDEX 1033
Gnome (network-manager-openvn Package), 692Gnome desktop, 17, 67–68, 75Gnome System Monitor, 838–844Gnome Terminal, 68gnome-app-install package, 312GNU GPL license, 671GoTo option, 891gpasswd command, 118gpgcheck option, 294gpgkey option, 294gpm package, 358gpm utility, 358Grand Unified Bootloader. See GRUB (Grand Unified
Bootloader)GRANT OPTION statement, 542GRANT statement, 542Graph Export tab, 864Graph Grouping Style, 861graph tree, 861graphical user interface. See GUI (Graphical User
Interface)grep command, 96, 98, 103, 291, 297, 337group file, 129group ID (GID), 116GROUP option, 114group option, 481, 675, 689group setting, 682groupadd command, 110, 117, 119groupdel command, 110, 118groupmod command, 110groupOfNames object class, 787groups
deleting, 118–119managing via GUIs, 120–123overview, 115–118storing group data, 127–130users, ownership and, 92–93users and, 77volumes and, 370–373
groups.ldif file, 786groupware, 697grow mode, 369--grow option, 959GRUB (Grand Unified Bootloader)
BIOS, 146configuring, 149–151overview, 148–149securing, 152–153using menu, 151–152
grub command, 153/grub directory, 150GRUB menu screen, 31grub.conf file, 149, 152–153, 998grub-md5-crypt command, 153, 956GSSAPI mechanism, 480guest ok directive, 572GUI (graphical user interface)
configuring network interfaces fromRed Hat, 182–192Ubuntu, 192–194
desktop, 66–67managing groups and users via, 120–123
managing LVM via, 375–380xDSL setup, 245–249
GUI Services Configuration, 160–162gunzip command, 888
H\h hostname, 131-h option, 358-H option, 919-h switch, 93half duplex, 205halt process, 158ham, defined, 488hard disks, 146, 624Hard links, 92hard state, 916hardware, choosing, 8Hardware Compatibility Lists (HCLs), 8hardware ethernet option, 423has_journal option, 870hash mark (#), 355--hash option, 300HCLs (Hardware Compatibility Lists), 8hdb database, 772head command, 158head office resources, exposing, 684–687HEAD utility, 529headless installation, 11HELO command, 445help argument, 608--help option, 328, 919–920help resources
ClamAV, 506Dovecot, 515finding, 75–77Postfix, 487SpamAssassin, 494–495
--help switch, 76, 284hi status code, 322hiddenmenu instruction, 150history command, 72home directory, 66/home/ directory, 70, 82, 99, 127HOME option, 114/home partition, 960HOME variable, 130, 170home_mailbox option, 461hop, 210Horde, 698host configuration, Nagios, 905–913Host Detail screen, 926host key fingerprint, 434host object, 905host utility, 222, 397Host_Alias alias, 141host_name attribute, 914$HOSTADDRESS$ macro, 908, 912, 917$HOSTALIAS$ macro, 906hostname fact, 978$hostname variable, 978$HOSTNAME$ macro, 906, 912
INDEX1034
$HOSTOUTPUT$ macro, 912hosts
adding to Cacti, 856–863controlling access to, 133–137downloading and preparing, 702–703
hosts allow option, 569hosts deny option, 569Hosts tab, 184, 190$HOSTSTATE$ macro, 912hosts.txt file, 394hot backups, 623.htaccess files, 525, 529–531html directory, 850, 852–853htpasswd command, 531, 923HTTP (WWW) option, 526http method, 737http_access directive, 559http_port directive, 561http_port file, 558httpd daemon, 78, 157, 162httpd package, 517httpd server, 984httpd.conf file, 529HTTPS (Hypertext Transfer Protocol over Secure Socket
Layer) protocol, 465https method, 737HUP signal, 838Hypertext Transfer Protocol over Secure Socket Layer
(HTTPS) protocol, 465
I-i | --install option, 296, 321I command, 230-I days option, 125-i option, 217-I option, 227IANA (Internet Assigned Numbers Authority), 776ibdata file, 540ICANN (Internet Corporation for Assigned Names and
Numbers), 395ICMP (Internet Control Message Protocol), 223Id command, 116, 820id_dsa file, 918id_dsa.pub file, 918IdentityFile directive, 438idle timelimit setting, 819iface bond0 inet static file, 202ifcfg-eth? files, 195ifcfg-ppp0 file, 243ifconfig command, 198, 202, 423ifconfig eth0 down command, 203ifdown command, 181ifempty option, 882ifenslave command, 202IfModule statement, 553IfModule tags, 529ifup command, 181ii status code, 322IMAP (Internet Message Access Protocol), 443, 506–507IMAP tab, 740imapsync command, 758
import option, 939import statement, 968INACTIVE option, 114-iname option, 100include directive, 402, 973Include directives cause, 529include directory, 882include option, 137, 524--include option, 632include statement, 137, 770, 775, 985IncludesNOEXEC option, 524incremental backups, 623Indexes option, 524index.php file, 551index.txt file, 470inet parameter, 200inet_interfaces option, 455inet_protocols option, 457inet6 parameter, 200inetutils-inetd package, 944-infiles option, 473info command, 77info ls command, 77info option, 291--info option, 298info priority, 874, 876infrastructure services
DNS server, 394–396, 401–405, 420–421Dynamic Host Configuration Protocol (DHCP),
421–425, 433Network Time Protocol (NTP), 389–394overview, 389Secure Shell (SSH), 433–440
init, configuring, 154–155init command, 156init mechanism, 164init process, 157, 168, 836init program, 148, 153init script, 163–164, 847, 886, 970, 980initctl command, 168init.d directories, 526init.d script, 157–159, 162–163, 167, 173initdefault line, 155initrd.img file, 148, 151inittab file, 154, 157inittab man page, 154InnoDB, 537–540Inodes, 347INPUT chain, 224–225, 230–231, 234, 236–237, 252, 259, 580-input option, 887, 889, 890, 891INPUT rule, 235-input=file pattern[=context] option, 889insmod command, 198, 238install command, 501install directive, 955INSTALL file, 554install option, 290, 951, 954--install option, 300/install/ subdirectory, 854Installation Number screen, 18installation splash screen, 12, 14
INDEX 1035
installingClamAV, 500–502compiling software from source, 331Dynamic Host Configuration Protocol (DHCP),
421–423KnowledgeTree DMS, 591, 602LAM, 798–799LDAP, 768–769Linux
LiveCDs, 12overview, 11–12Red Hat, 13, 42troubleshooting, 60–61Ubuntu, 42, 60virtual machines, 12–13
Nagios, 901–902OpenVPN, 671packages, 291–292, 299–300, 325Postfix, 449–452printer management tools, 610–617Puppet, 967Red Hat Cobbler, 933Simple Event Correlator (SEC), 886Zimbra, 703–706
install/netboot directory, 947install.sh script, 702–703interfaces, network
configuring from GUI, 182, 192–194overview, 179–181
interfaces = eth0 service, 568interfaces option, 568Internet Assigned Numbers Authority (IANA), 776Internet Control Message Protocol (ICMP), 223Internet Corporation for Assigned Names and Numbers
(ICANN), 395Internet Message Access Protocol (IMAP), 443, 506–507Internet Printing Protocol (IPP), 238-intevents option, 887INVALID state, 238INVOCATION section, 130invoke-rc.d command, 164–165, 233, 452, 490, 576, 617,
672, 970ip addr show command, 198ip command, 181, 202, 204–205, 1021ip link show command, 203IPADDR option, 196$ipaddress variable, 984ipaddress_eth0 fact, 983$ipaddress_eth0 variable, 983IP-based virtual hosts, 519ipconfig command, 179IPP (Internet Printing Protocol), 238IPsec tab, 184ipt_conntrack Netfilter kernel module, 238iptables, 222–224, 227–233, 580iptables command, 222–223, 225, 228, 233, 237, 674, 712iptables configuration, 250iptables filters, 257iptables firewall, 33, 457iptables interface, 175iptables man page, 232iptables management tools, 233iptables rules, 223, 252, 580, 695, 938, 950
iptables service, 158iptables-restore command, 232iptables-save command, 232IPtools2 package, 202–205ipv6 kernel module, 864IPV6INIT=no protocol, 196--iscrypted option, 956issue file, 129issue.net file, 129
J-j option, 349-j target option, 227JFS file systems, 349–352jfsutils package, 350Job Options tab, 617JobPlot window, 664Joomla!, 544journaled file system, 344.js postfix, 739Jump rule, 895jwhois package, 395
KK parameter, 543KDE (KVpnc), 692KDE GUI interface, 68keepalive option, 675KeePass, 28Kerberos, 564kern facility, 874–875kernel, 3, 184, 277kernel binary, 148kernel directory, 867Kernel Log daemon, 872kernel parameters, 23kernel-package package, 865key directive, 961key option, 679, 682keyboard, 955–956key-chain tool, 627-keyout option, 469keys, SSH, 434–435Kickstart
complete configurations, 963–965disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956Kickstart Configurator, 962–963language, 955–956network configuration, 957package management, 961partitions, 958–960postinstallation, 962preinstallation, 962time zone, 955–956user management, 956
kickstart option, 941kickstarting, 931kill command, 838
INDEX1036
killall program, 158, 169klogd daemon, 872KnowledgeTree DMS
help resources, 609installing, 591, 602integrating LDAP, 824–828securing with SSL, 608–609starting and stopping, 608
Knumber> prefix, 158kod keyword, 392Konsole, 68ks option, 951ks.cfg file, 951kubuntu-desktop package, 312KVM
installing Virtual Machines withinstalling Ubuntu Server as Guest Operating
System, 1013–1014installing Windows as Guest Operating System,
1012–1013managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012
overview, 992kvm command, 1013–1014kvm kernel module, 1012KVpnc (KDE), 692
L-l | --list option, 321-L | --listfiles option, 321l file type, 85-L label option, 349-l option, 142, 349, 919, 946-L option, 142, 227-l switch, 84label command, 655LABEL option, 948LAM (LDAP Account Manager). See LDAP Account
Manager (LAM)lam.conf file, 799lang directive, 955LANG variable, 130language
Kickstart, 955–956Preseed, 955–956
Language Tutorial, 987last command, 143lastb command, 143lastlog command, 144lcd command, 681LDAP (Lightweight Directory Access Protocol), 761, 829
backing up, 796–797configuring
access control lists, 778–783overview, 770–775schemas, creating, 775–778setting up LDAP client, 785slapd daemon, running, 783–784
considerations, 765–767defined, 762–765deleting entries from, 792implementing, 767–768
installing, 768–769integrating
Apache authentication, 821–824centralized Linux authentication, 808–817KnowledgeTree DMS, 824–828Pluggable Authentication Modules (PAM),
817–820management and tools
access control lists, testing, 794–795backing up directory, 796–797deleting entries from directory, 792LAM, 797–807LDIF files, 786–791password policy overlay, 793–794searching LDAP tree, 791–792users, adding, 786–791
LDAP Account Manager (LAM)Apache virtual host, adding for, 800–807configuring, 798–799installing, 798–799overview, 797
ldap admin dn file, 571ldapadd command, 787–788, 790–791, 792ldap-auth-client utility, 769ldap-auth-config tool, 808ldap.conf file, 785, 825ldapdelete command, 792, 788ldapmodify tool, 784, 788ldapsam option, 570ldapsearch command, 788, 791–792, 795LDAPTrustedMode TLS file, 822ldap-utils package, 769LDIF files, 786–791less command, 96, 462--level option, 162lftp command, 947/lib/ directory, 82libpcre3 package, 305, 316Library packages, 268/lib/security directory, 136libtool-ltdl package, 901libvirtd group, 1012Lightweight Directory Access Protocol (LDAP). See LDAP
(Lightweight Directory Access Protocol)LILO boot loader, 148limits module, 866limits.conf file, 866link object, 203link src address, 208linking files, 105link-local IPv6 address, 180Linode, 8Linux
authentication, centralized, 808–817distributions, 3–8files
copying, 100–103deleting, 104editing, 105–107links, 92–95moving and renaming, 103–104overview, 80–85reading, 95–98
INDEX 1037
searching, 98–100types and permissions, 85–92
getting help, 75–77hardware, 8installing
LiveCDs, 12overview, 11–12Red Hat, 13, 42troubleshooting, 60–61Ubuntu, 42, 60virtual machines, 12–13
logging in, 64–66vs. Microsoft Windows, 66–72mounting Samba shares on, 581overview, 3, 63packages, 79remote access, 73–75services and processes, 79shutting down and rebooting host, 169software, 9support, 9–10users and groups, 77
Linux Standard Base (LSB), 82Linux-image packages, 323list available option, 291list option, 290, 943--list option, 162, 299, 972list updates option, 291Listen directive, 553ListenAddress directive, 436listen-on-v6 option, 403LiveCDs, 12, 63ln command, 92, 105, 530lo setting, 568load printers directive, 572LoadModule directive, 532local facility, 874local option, 695local0-local7 facility, 875LocalForward directive, 439localhost hostname, 262localhost interface, 559localinstall option, 291LocalityName attribute, 762local-link network, 207local-service template, 915–916localtime parameter, 1005lock file, 519log analysis, 883log correlation
overview, 883–884Simple Event Correlator (SEC)
installing, 886running, 886–890troubleshooting, 899using, 890–899
log management, 881–883-log option, 887log rotation, 881–883LOG target, 228log_archive_path option, 904log_bin variable, 540log_file option, 904
log_rotation_method option, 904log-append option, 675logd daemon, 168log-facility, 421logfile command, 795logger command, 880logging
log correlation, 883–884Simple Event Correlator (SEC), 884–899syslog
actions, 876–877combining multiple selectors, 877–878facilities, 874–875overview, 872–874priorities, 876
syslog daemonconfiguring, 878–880starting, 878–880
testing with logger utility, 880logging in, 64–66, 109–110Logging tab, 523logical volume management (LVM)
expanding logical volume, 373–374groups and volumes, 370–373managing via GUI, 375–380shrinking logical volume, 374
login application, 109LOGIN authentication, 480, 485login file, 137loglevel command, 795LogLevel directive, 824Loglevel setting, 771, 829logon script directive, 570logonly action, 898logrotate command, 881, 883logrotate man file, 881logrotate.conf file, 882–883logrotate.d directory, 881–882logs, monitoring, 834long term support (LTS), 7$LONGDATETIME$$ macro, 912lost+found directory, 353, 382Lotus Domino, 698lpr facility, 875ls command, 76, 77, 83, 334ls /dev/usblp file, 611LS_COLORS variable, 130LSB (Linux Standard Base), 82lsof command, 354, 844LTS (long term support), 7lvcreate command, 372, 374lvdisplay / lvs command, 374lvdisplay command, 371lvextend command, 373–374LVM (logical volume management). See logical volume
management (LVM)lvreduce command, 374lvremove command, 374lvs command, 371
M-m 0 option, 346
INDEX1038
-M days option, 125-m days option, 125m limit -limit 3/s file, 254-m mins option, 878-m N option, 349-m option, 113, 833-M option, 113, 124m tcp command, 259MAC (mandatory access control), 34MAC (Media Access Control) address, 180maddress object, 203magnetic tapes, 624mail address option, 882mail clients, 499–500mail command, 457, 459Mail Delivery Agents (MDAs), 443mail facility, 874–875MAIL FROM command, 446mail services
authentication, 476–485Dovecot, 507–515encryption, 465–466, 474–476IMAP, 506–507life cycle, 444–448overview, 443POP3, 506–507Postfix, 449–464, 487spam, 488–490, 495–500virtual domains and users, 515viruses, 488, 500–506
Mail Transfer Agents (MTAs), 443Mail Transport Agent Switcher, 450Mail User Agents (MUAs), 443MAIL variable, 130mailbox format, Postfix, 461–464mailbox_command option, 462, 464, 496, 497mailcommand command, 650Maildir directory, 461–462Maildir mailboxes, 508Maildir/.Spam folder, 499maildrop command, 462, 497–498, 505maildrop MDA, 495–499maildrop package, 463.mailfilter file, 505mail.info file, 874maillog file, 874mail.log file, 874MAILTO variable, 170main.cf configuration file, 454–455, 460, 475, 482, 488, 496maintenance mode, 151major number, 334make command, 81, 330–331make gconfig command, 865make menuconfig command, 865make test commands, 103make xconfig command, 865Makefile command, 331maldirmake command, 464man page, 75, 84, 181, 296, 470, 483, 570, 695, 790, 886manage access privileges, 778manage mode, 368Management Information Bases (MIBs), 849
mandatory access control (MAC), 34mangle table, 224manifests, 968Manual option, 49mapped network drive, 564mark command, 657mark facility, 875, 878mark message, 878MASQUERADE chain, 259MASQUERADE target, 228master boot record (MBR), 22, 146master browser, 570master configuration, 420master daemon, 78Master field, 406MASTER option, 196master.cf file, 453, 491masters, Puppet, 965Max Number of Connections box, 520max_check_attempts attribute, 907–908, 916Maximum Volume Bytes limit, 648mbox format, 459MBR (master boot record), 22, 146MDAs (Mail Delivery Agents), 443mechanisms service, 479Media Access Control (MAC) address, 180/media/ directory, 82/media/cdrom directory, 950members attribute, 910memory parameter, 1005memory use
CPU and, 834–844Gnome System Monitor, 838–844overview, 834–838
performance monitoring, 832–834memtest86 utility, 44menu.lst file, 149mess command, 655meta users, 781MIBs (Management Information Bases), 849Microsoft Active Directory (AD) file, 565Microsoft Exchange server, 740Microsoft Windows, 564. See also Windows operating
systemMicrosoft Windows Recovery Console, 151miimon command, 198mini.iso file, 947, 1014minor number, 334--mirror option, 939mirroring, 360–361MISSING statement, 704missingok option, 882mkdir command, 102, 464, 496, 526mkfs.ext3 utility, 345–346mkfs.jfs utility, 350mkfs.vfat format, 352mkfs.vfat utility, 351mkfs.xfs tool, 349–350mkntfs tool, 352mkswap command, 344/mnt directory, 82, 352
INDEX 1039
/mnt/data file, 352, 354mobile connections, OpenVPN, 687–695mobileclient.conf file, 690, 694mobile.conf configuration file, 688, 692, 695mobileuser.conf file, 672mod_ssl package, 550mode option, 481mods-enabled/*.load file, 529modulepath /usr/lib/ldap file, 771modules
Apache web server, 532–533Puppet, 985
monitoringNagios
configuring, 903–921console, 921–928installing, 901–902starting, 902troubleshooting, 928
overview, 871, 899Monitoring Overview screen, 926monthly option, 881more command, 321mount command, 353, 357, 581, 589, 655, 869moving files, 103–104mroute object, 203MTAs (Mail Transfer Agents), 443mtime, defined, 94mtr command, 211, 213–214MTU option, 180MUAs (Mail User Agents), 443multiboot loader, 148Multiuser mode, 154mv command, 101, 104MX records, 447, 703My Documents folder/directory, 70, 573mydb database, 541, 543mydestination option, 455–456, 482myfile file, 88, 93mynetworks option, 456, 476, 482MyROGroup group, 848–849MySQL database
basic administration, 541–543basic tuning for InnoDB, 537–540installation, 534–536testing server, 537
MySQL database server, 517MySQL installation, 56mysql_backup script, 658mysql_secure_installation utility, 535mysqladmin command, 535mysqld daemon, 78mysql-server package, 534
N\n code, 131-n option, 167, 352, 866-N option, 227Nagios
configuringhost configuration, 905–913nagios.cfg file, 904–905
plug-ins, 920–921service configuration, 914–920
consoleauthentication, 921–925functions, 926–928
package, installing, 901–902overview, 899–901starting, 902troubleshooting, 928
/nagios directory, 921nagios script, 902name attribute, 907, 980name option, 294--name option, 939name parameter, 1005Name-based virtual hosting, 519named daemon, 140named.conf.options file, 402nameservers command, 221NAT (network address translation), 225nat chain, 259nat table, 258–259, 561NBDD address option, 694nc command, 211, 218, 457, 483Negative Cache TTL field, 401, 406neighbour object, 203net directory, 867netbios name option, 568netboot directory, 947netboot.tar.gz file, 947netcat, 218–219Netfilter
chains, 224default firewall rules on Red Hat hosts, 233–239iptables, 227–233network address translation (NAT), 225overview, 222–224policies, 225tables, 224
netlogon directory, 570[netlogon] share service, 570–573NETMASK option, 196netmask parameter, 201NETRX parameter, 1010NETS parameter, 1010net-snmp package, 847net-snmp-utils package, 847netstat command, 218, 222netstat -ltup command, 568NETTX parameter, 1010network address translation (NAT), 225Network authentication, 40network backups, 624–625network booting host, Ubuntu, 951–952network configuration files, 194–205network configuration, Kickstart, 957network configuration, Preseed, 957Network Configuration tool, 190–191Network File System (NFS), 563–564, 587–589Network ID button, 576Network Identification Wizard, 576Network Information Center (NIC), 394
INDEX1040
network interface, 179network interface card (NIC), 252network mount, 588NETWORK option, 196network option, 957Network Time Protocol (NTP), 35, 257, 389–394network_config snippet, 958network-admin command, 193network-functions scripts, 195networking, 1011–1012network-manager-openvn Package (Gnome), 692networks
example, 239–249Firewall Configuration Tools, 264–265forwarding packets, 205–211interfaces, 179–182, 194Netfilter
chains, 224default firewall rules on Red Hat hosts, 233–239iptables, 227–233network address translation (NAT), 225overview, 222–224policies, 225tables, 224
network configuration files, 194, 202–205overview, 175–179routes, adding, 205–211TCP Wrappers, 265–266troubleshooting, 211–222
New button, 190NEW connection, 238new directory, 461NEW state, 257, 263new subdirectory, 461new_vhost definition, 984newaliases command, 460newcerts directory, 470newfile file, 105-newkey rsa:4096 option, 469news facility, 875next_server file, 934$next_server option, 936next-server option, 936–937, 946NFS (Network File System), 563–564, 587–589nfs-kernel-server package, 588nfs-utils package, 588NI column header, 835NIC (Network Information Center), 394NIC (network interface card), 252-j LOG target, 262nmap command, 305, 313, 316, 326, 331, 675nmap package, 277, 279, 292, 300, 311nmbd service, 569No Reverse Lookup, 523no_subtree_check option, 588noatime option, 869nobody option, 675--no-daemonize option, 971node directive, 973--nodeps option, 300nodes, 965
nodes directory, 968-nodes option, 469-nodetach option, 890-nofromstart option, 889nogroup option, 675, 682nomail option, 882nomissingok option, 882nomodify keyword, 392noncommercial certificate authorities, 466–467none access privileges, 778none action, 898none wildcard selector, 875noninteractive mode, 308–309--noop option, 976nopeer keyword, 392noquery keyword, 392-noquoting option, 889normal_check_interval attribute, 915--noscripts option, 300NOT FOUND statement, 704-notail option, 889-notestonly option, 890notice function, 985notice priority, 876notification_interval attribute, 910notification_options attribute, 910$NOTIFICATIONTYPE$ macro, 912notify metaparameter, 982notrap keyword, 392Novell Groupwise, 698Novell Virtualization Driver Pack, 991now/knowledgetree_open_source_download command,
591NPerlFunc pattern, 892-r argument, 169NRegExp[number] pattern, 892nslookup utility, 397nss_ldap file, 785nsswitch.conf files, 818NSubStr[number] pattern, 892-t: 5 argument, 169ntfsprogs package, 352NTLM mechanism, 480NTP (Network Time Protocol), 35, 257,
389–394NTP address option, 694ntpdate utility, 390ntpq command, 393nullok argument, 136number portion, 892
O-O feat option, 349Object Identifier (OID), 776, 849objectIdentifierMatch rule, 793octal notation, 89OID (Object Identifier), 776, 849OK plug-in, 909on_crash parameter, 1005on_poweroff parameter, 1005
INDEX 1041
on_reboot parameter, 1005ONBOOT option, 196, 243ONBOOT variable, 199ONBOOT=yes protocol, 196–197--ondisk option, 959one-time passwords, 133, 477ONPARENT variable, 199open relays, 476OpenLDAP, 564openldap command, 773OpenLDAP directory, 761OpenSSH application, 73openssl-devel package, 330OpenVPN application
configuring, 672–684connections for mobile users, 687–695exposing head office resources with, 684–687installing, 671starting and stopping, 672troubleshooting, 695
openvpn command, 675OpenVZ Virtual Machines
overview, 992virtualization with
Basic OpenVZ Virtual Machine Management, 1024creating OpenVZ Virtual Machines, 1021–1023installation, 1020–1021overview, 1019–1020
OpenXchange, 698$operatingsystem fact, 979–980operatorcommand command, 650opportunistic TLS, 475/opt directory, 82, 701optional control flag, 136Optional packages button, 29options field, 869OPTIONS line, 946Options rule, 895Order directive, 529organizational units, 764organizationalUnit object class, 786$ORIGIN field, 406OTP mechanism, 480ou attribute, 786ou=meta setting, 779our $CLAMD_SOCK command, 504-out option, 473OUTPUT chain, 224–225, 234, 255, 259–260--owner option, 959ownership, file, 92–93
P-p | --print-avail option, 321-P | --purge option, 321p esp protocol, 230p file type, 85-P option, 227-p option, 381, 464, 526, 537, 917p parameter, 880-p switch, 101p tcp command, 259
package managementcompiling software from source, 326–331Kickstart, 961overview, 267–269Preseed, 961Red Hat Linux, 269–271, 277–280, 290–295, 301tools, 4Ubuntu, 301–302, 312, 320–326
Package Manager, 270, 277–279, 769package resource, 974, 981package type, 974Package Updater program, 271–277packages, 4, 79, 267packages directory, 702Packet shaping, 222packets, forwarding, 205–211packet-sniffing software, 216PAE (Physical Address Extension), 1020Page Options tab, 521Pair rule type, 895PairWithWindow rule, 895–896PAM (Pluggable Authentication Modules). See Pluggable
Authentication Modules (PAM)panic argument, 232parameters syntax, 228paranoid name, 848paravirtualization, 990Paravirtualized option, 1015part directive/option, 955, 958parted utility, 342partitions
Kickstart, 958–960overview, 335–342Preseed, 958–960
partman key, 960partman/choose_recipe key, 960passdb backend = tdbsam setting, 570passdb backend package, 571passdb pam store, 480passwd command, 91, 112, 123, 126, 134, 1023passwd entries, 127passwd file, 128–129, 689password management group, 135password option, 284password policy overlay, LDAP, 793–794passwords, 123–126patch command, 888path = /var/spool/samba directive, 573path definition, 572path directive, 572$PATH variable, 73PATH variable, 130, 170paths, defined, 80pattern line, 892–893, 896–897pattern2 line, 896PDC (primary domain controller),
568PEERDNS option, 196PEERDNS=yes protocol, 196PEN (private enterprise number), 776people.ldif file, 786
INDEX1042
performance monitoringadvanced tools
CPU and memory use, 834–844disk access, 845–847swap space use, 844–845
continuousCacti, 850, 864overview, 847Simple Network Management Protocol (SNMP),
847–850CPU usage, 831–832disk space, 834logs, 834memory usage, 832–834
performance optimizationfile system tweaks, 869–870overview, 864–865resource limits, 865–867storage devices, 868sysctl and proc file system, 867–868
Performance tab, 524PerlFunc pattern, 892perl-libwww-perl package, 529Perl-Net-SNMP package, 902permissions, 86–92permit_mynetworks option, 482permit_sasl_authenticated option, 482persist-key option, 675persist-tun option, 675person object, 787PHP support, installing on Apache web server, 533php.ini file, 798Physical Address Extension (PAE), 1020physical volume (PV), 370PID (Process ID), 78PID column header, 835pid file, 519-pid option, 887-pid=pidfile option, 889pidfile attribute, 770ping command, 211, 212–213, 684ping connection, 208pipe daemon, 491pipelining, 489piping, 102pirut application, 277PLAIN command, 485PLAIN mechanism, 479, 480Pluggable Authentication Modules (PAM)
configuring, 133–137integrating LDAP, 817–820
plugin configuration option, 689plug-ins, Nagios, 920–921Point-to-Point Protocol (PPP). See PPP (Point-to-Point
Protocol)point-to-point VPN, 672policies, Netfilter, 225Pool = Full definition, 643Pool definition, 647pools, 637POP3 (Post Office Protocol), 443, 506–507popularity-contest utility, 318
port directive, 559port mapping, 251Port option, 436ports, defined, 74ports.conf file, 529posixGroup object class, 787POST (power-on self-test), 146Post Office Protocol (POP3), 443, 506–507postconf command, 455–456, 461, 478postconf -n command, 455post-down command, 232Postfix
configuration of, 453–457configuring, 474–476configuring for antispam, 488–490configuring for SASL, 482configuring for SpamAssassin, 491–492encryption, 465–466init script, 159installing, 449–452mailbox format, choosing, 461–464script, 158starting, 452–453testing, 457–460testing authentication, 483–485
Postfix TLS/SSL encryption, 476Postinstallalation Configuration Menu, Zimbra, 707–711postmap command, 486postmaster e-mail addresses, 726postrotate command, 883POSTROUTING chain, 224, 258post-up parameter, 201power-on self-test (POST), 146PPP (Point-to-Point Protocol)
configuring networks, 192connection
overview, 241xDSL setup, 241–249
ppp parameter, 200PPPoE connection, 178PR column header, 835Preboot Execution Environment (PXE), 932pre-down parameter, 201prerotate command, 883PREROUTING chain, 224, 258–259, 561pres index type, 774Preseed
disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956language, 955–956network configuration, 957overview, 953–955package management, 961partitions, 958–960time zone, 955–956user management, 956
preseed directive, 965preseeding, 931preshared keys, 675pre-up command, 232
INDEX 1043
primary domain controller (PDC), 568primary group, 92, 115print sharing
overview, 563printer servers, 609–610, 617, 619
printable directive, 572printcap name = cups line, 572printer management tools, 610–617printer servers
adding printers to desktop, 617–619CUPS, 609–617overview, 609
[printer] service, 572, 617[printers] section, 573printing group, 117priorities, syslog, 876private directory, 470–471private enterprise number (PEN), 776private keys, 433privileges, 542–543/proc directory, 82, 206/proc file, 367, 383, 842proc file system, 867–868/proc/cpuinfo file, 991Process ID (PID), 78processes, 79procmail command, 462, 495–497, 505.procmailrc file, 497–505/proc/mdstat file, 367–369, 384/proc/sys directory, 367, 867/proc/sys/dev/raid directory, 868/proc/sys/fs/file-max file, 868/proc/sys/net/ipv4/ip_forward file, 206/proc/sys/vm/swappiness file, 867profile, defined, 66.profile file, 130[profile] share service, 570profilename option, 284[profiles] directory, 573PROMPT option, 949PROMPTING section, 131proto udp option, 674protocols configuration option, 508provider, 974Provides keyword, 160provides option, 291provisioning
Kickstart and Preseedcomplete Kickstart configurations,
963–965disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956Kickstart Configurator, 962–963language, 955–956network configuration, 957package management, 961partitions, 958–960postinstallation, 962preinstallation, 962
time zone, 955–956user management, 956
overview, 932with Red Hat Cobbler
building host with, 941–943configuring, 934–939installing, 933troubleshooting, 944using, 939–941web interface, 943
with Ubuntuconfiguring Apache for provisioning, 950DHCP server, 945–946firewall, 950installing boot files, 947installing packages, 944network booting host, 951–952PXE boot loader, 947–949specifying Kickstart file, 950–951TFTP server, 946troubleshooting network booting, 952–953
proxy, 704Proxy server, 37ps command, 78PS1 variable, 131pseudo-tty, 629PSTN (Public Switched Telephone Network) phone line,
186ptype2 line, 896public key encryption, 465public keys, 433Public Switched Telephone Network (PSTN) phone line,
186pup application, 272Puppet
configurationapplying, 975–977creating, 972–975documenting, 986specifying for multiple hosts, 977–980
configuring, 968–970file serving, 969–970firewall, 970starting server, 970
definitions, 983–984environments, 986external nodes, 986functions, 985installing, 967modules, 985overview, 965–967relating resources, 980–982reports, 985templates, 982–983troubleshooting, 986–987
puppetca binary, 971puppetca --sign --all command, 972puppet.conf configuration file, 970puppetd command, 970, 976[puppetd] section, 969puppet-master package, 967[puppetmasterd] section, 969puppets, 965
INDEX1044
$puppetserver variable, 968, 975purge option, 316--purge option, 326push option, 692–693put command, 681PuTTY client, 74PV (physical volume), 370pvcreate command, 370, 374pvdisplay command, 371, 374pvremove command, 374pvs command, 371pwd command, 80pwdAttribute attribute, 793PXE (Preboot Execution Environment), 932PXE boot loader, Ubuntu, 947–949pxelinux.0 file, 951pxelinux.cfg directory, 947–948python-cheetah package, 933
Q-q | --query option, 296qemu-img command, 1013query flag, 297query mode, 365--query option, 299QueryFile directive, 642querying
name serversdig utility, 397–400host utility, 397zone metadata, 400–401
packages with RPM, 296–299QuickAdd Appointment window, 753quiet setting, 152QUIT command, 446QUIT signal, 838-quoting option, 889
R-r | --remove option, 321-r N option, 349r now command, 384-r option, 117-r switch, 101Rackspace, 8RAID (Redundant Array of Inexpensive Disks)
controller, 335creating array, 362–369overview, 359–360processor to rescue, 361–362RAID 1 redundancy, 361RAID level 5, 361striping and mirroring, 360–361
range directive, 422range file, 199raw table, 224rc status code, 322rc script, 157RCPT TO command, 446, 482rc.sysinit script, 155RDN (relative distinguished name), 762RDP (Remote Desktop Protocol), 73
read access privileges, 778read_buffer_size variable, 540read_rnd_buffer_size variable, 540readonly directive, 572readonly security name, 848reboot command, 384reboot directive, 962reboot entry, 143reboot program, 169recipes, 497${recipient} option, 492Recycle = Yes setting, 649Recycle Oldest Volume = Yes setting, 649Red Hat
configuring network interfaces from GUI, 182–192default firewall rules, 233–239installation and configuration of Apache web server,
518–527installing Cacti on, 852–854installing LDAP, 769installing Linux, 13, 42installing MySQL database, 534–536installing Nagios on, 901–902installing Postfix, 449–451installing Puppet on, 967network configuration files for, 194overview, 158–160package management, 269–271, 277–280, 290–295, 301running Simple Event Correlator (SEC) on, 887–888slave servers, adding, 417–419starting and stopping running services, 163–164starting and stopping services at boot and shutdown,
160–163using system-config-bind tool on, 410–417webmail, 550–552xDSL setup using GUI, 245
Red Hat Cobblerbuilding host with, 941–943configuring
DHCP, 934–938overview, 934starting, 938TFTP, 938–939
installing, 933troubleshooting, 944using, 939–941web interface, 943
Red Hat Enterprise Linux (RHEL), 4–5, 11, 149Red Hat Network (RHN), 33, 280–290Red Hat Package Management (RPM)
building from source, 301installing packages, 299–300overview, 295–296querying packages, 296–299removing packages, 300
Redundant Array of Inexpensive Disks (RAID). See RAID (Redundant Array of Inexpensive Disks)
Refresh field, 406regex style, 779RegExp pattern types, 892RegExp[number] pattern, 892region-city-OS type-number, 25register attribute, 912
INDEX 1045
registrars, 396regular expressions, 885REJECT rule, 225, 262, 580REJECT target, 237reject_unauth_destination option, 482reject_unknown_sender_domain option, 489RELATED chain, 262RELATED packet state, 254RELATED state, 238realtime option, 356relationships, 980relative distinguished name (RDN), 762relay_domains option, 482relayhost configuration option, 486$releasever variable, 295remote access, 73–75Remote Desktop Protocol (RDP), 73remote option, 682RemoteForward directive, 439remove command, 941, 943remove option, 167, 291, 293removing
packages, 292–293, 300, 309–310, 325–326software, 316
renaming files, 103–104renice utility, 838[repo-id] option, 294report option, 939, 943Report Reference, 987reports, Puppet, 985repositories, 292, 316–319require metaparameter, 981Require valid-user command, 532required control flag, 136requisite control flag, 136RES column header, 835resize2fs utility, 373resolv.conf file, 219resource limits, 865–867resource_file option, 904, 908resource.cfg file, 908restart argument, 608restore command, 655Restore type, 642restrict keyword, 392Retry field, 406retry_check_interval attribute, 915Reverse DNS Lookup option, 523reverse lookup zones, 408–410reverse proxy, 558rewrite module, 533RHEL (Red Hat Enterprise Linux), 4–5, 11, 61, 149RHEL installation section, 55rhgb setting, 152RHN (Red Hat Network), 33, 280–290RHN Proxy server, 280RHN Satellite server, 280rhnreg_ks command, 284rm command, 101, 104rm -I shell, 132rndc reload command, 410
root access, 34root certificate, 465root column, 171root directory, 80/root directory, 82, 132, 473root group, 92root option, 150root partition, 49root privileges, 193, 227, 290root servers, 394–396, 541root user, 53, 79, 88, 127–128, 137, 139, 460, 538, 542, 576,
812, 867, 964root user password, 27, 534, 596root user privileges, 703root volume, 22root zone, 394root_squash option, 588/root/anaconda-ks.cfg file, 955rootdn command, 773rootpw command, 773rootpw directive, 955–956, 965rotate count option, 882route object, 203Route tab, 191routed VPN, 674route-eth0 file, 192router, 210router option, 422routes, 182, 205–211routing, OpenVPN, 685–686, 692–695RPM (Red Hat Package Management). See Red Hat
Package Management (RPM)rpm command, 295–296, 300rpm --install --verbose --hash command,
299rpm package, 268rpm -ql package, 853rpm tool, 269, 296,rp-pppoe package, 241rsync
overview, 625–626using with SSH, 626–636
rule object, 203run command, 655RUN_DAEMON option, 888, 946runinterval option, 977runlevel command, 156runlevels, 154, 156running services, 163–164run-parts option, 171
S-S | --search option, 321S column header, 835s file type, 85-s option, 358, 788, 946-s shell option, 113–115-s sub option, 791-s switch, 93Safe_ports interface, 559safe-upgrade package, 311
INDEX1046
Sales directory, 565, 573, 604, 606sales folder, 746sales group, 110[sales] share service, 572–573Salesforce.com, 749Samba
adding printers to desktop, 617–619file sharing with, 563–564, 575–576, 580–587product suite, 625
samba-common package, 565SASL (Simple Authentication and Security Layer)
configuring Dovecot for, 478–482configuring Postfix for, 482overview, 477–478
Satellite server, 37save argument, 232/sbin/ directory, 82/sbin/init tool, 154/sbin/ip addr show command, 198/sbin/ip link set up eth0 file, 204/sbin/nologin file, 126, 128Scalix, 698Schedule resource, 643schema, 764schema directory, 775schemas, LDAP, 775–778scope setting, 819scp command, 680SCSI (Small Computer System Interface), 334/scsi file, 335sd prefix, 334sda disk, 337sda prefix, 334sdb command, 363sdb disk, 337sdb1 disk, 384search access privileges, 778search option, 290–291SEC (Simple Event Correlator)
installing, 886overview, 884–885running, 886–890troubleshooting, 899using, 890–899
sec binary, 886sec daemon, 888sec package, 886, 888SEC_ARGS line, 887sec.default file, 888sec.init file, 888sec.pl script, 886--secret option, 676secret.key file, 676Secure, 508Secure Shell daemon, 78Secure Shell (SSH). See SSH (Secure Shell)security = user setting, 570self keyword, 781self write access, 781self-managed certificate authorities, 467self-signed certificates, 467SELinux, 34
selinux --disabled option, 957send host-name option, 431Sendmail, 449sendmail command, 492Sent folder, 463, 716Serial field, 406serial file, 470–471server file, 934Server header, 529Server Message Block (SMB), 564server option, 675server string option, 568Server tab, 519ServerAdmin class, 553ServerAlias directives, 530ServerName class, 553ServerName tag, 530SERVERS alias, 141Servers tab, 29ServerSignature On directive causes, 529ServerTokens class, 529service command, 164, 173, 481, 490, 527, 535, 576, 617,
672, 970service configuration
Nagios, 914–920overview, 914–917simple remote monitoring, 917–920
Service Detail links, 926service iptables status command, 234service job definition, 168service resource, 980–981service_description attribute, 914service_notification attribute, 911services, 79, 168
managing, 156–158, 164–169scheduling with cron, 173shutting down and rebooting your Linux host, 169
session management group, 135set_cachesize setting, 774sftp command, 680shadow file, 128shadow passwords, 128shadowLastChange attribute, 780shared column, 833shared mode package, 573sharedscripts command, 882, 883SHELL option, 114, 131, 170shellcmd action, 898shellcmd command, 896, 898shorewall package, 265Should-Start keyword, 160Should-Stop keyword, 160showmount command, 588SHR column header, 835shutdown command, 169shutdown directive, 962Shuttleworth, Mark, 5si column, 845--sign option, 972Simple Authentication and Security Layer (SASL). See SASL
(Simple Authentication and Security Layer)
INDEX 1047
Simple Event Correlator (SEC). See SEC (Simple Event Correlator)
Simple Mail Transfer Protocol (SMTP), 443Simple Network Management Protocol (SNMP), 705,
847–850simple_bind operations, 772Single rule, 891single setting, 152single-user mode, 151site.pp file, 968, 975sites-enabled directory, 529size size[M,k] option, 882SKEL option, 114SKEY mechanism, 480--skip option, 961–962slapacl command, 794slapacl tool, 794–795slapadd command, 797slapcat command, 796slappasswd command, 773SLAVE option, 196slave servers
defined, 406Red Hat, 417–419Ubuntu, 419–420
Small Computer System Interface (SCSI), 334smarthost, 486SMB (Server Message Block), 564smb.conf files, 565, 573smb.conf workgroup definition, 578smbfs package, 581smbldap-tools package, 571smbldap-useradd script, 571smbpasswd option, 570, 575SMTP (Simple Mail Transfer Protocol), 443SMTP AUTH, 477–478smtp service, 454, 491SNMP (Simple Network Management Protocol), 705,
847–850snmp package, 847snmpconf configuration wizard, 850snmpd command, 849snmpd package, 847SNMPDOPTS variable, 847snmpwalk utility, 860Snumber prefix, 158so column, 845SOA (Start of Authority), 400, 406socket directive, 481sockets, 214soft state, 916software, 9Software Development, 28SOHO routers, 186solid-state drive (SSD), 344sort command, 103source attribute, 974, 979, 982source value, 975SourceForge Bacula page, 638SourceForge site, 885Spacewalk, 37, 933
spamconfiguring Postfix for antispam, 488–490moving to special folder, 495–500
SpamAssassinconfiguring, 502configuring Postfix for, 491–492help resources, 494–495overview, 490testing, 492–494testing with ClamAV, 504–505
spamassassin command, 495spamassassin daemon, 491spamassassin filter, 491spamassassin package, 490spamc command, 491spamc package, 490spamd daemon, 490sparse_super option, 870spawn shellcmd action, 898spec file, 269speed, 864splash.xpm.gz file, 150SPT port, 262Squid cache
client configuration, 560–561configuration, 558, 560transparency, 561–562
squid package, 558SquirrelMail, 554–556src directive, 559/srv/ directory, 82SSD (solid-state drive), 344ssf command, 772SSH (Secure Shell)
agent, 435–436configuration, 436–439keys, creating and distributing, 434–435overview, 433remote access using, 73–75secure file transfers, 439–440service, 389SSH agent, 435–436using rsync with, 626–636
ssh class, 981ssh command, 74.ssh directory, 918ssh mechanism, 625ssh_limiter.sh script, 629, 632$SSH_ORIGINAL_COMMAND variable, 628–629ssh/config file, 437, 633sshd daemon, 78, 157ssh-keygen, 434, 627, 918SSL Certificate
securing KnowledgeTree DMS with, 608–609Zimbra, 732–738
SSL tab, 522SSL VPN application, 671ssl_cert_file option, 508ssl_key_file option, 508SSLEngine on directive, 553start argument, 608Start of Authority (SOA), 400, 406
INDEX1048
start option, 165, 167STARTTLS command, 476, 482, 485startup, 145–148
BIOS, 145–146boot loader, 146–148after booting, 153–156GRUB boot loader, 148–153Nagios, 902OpenVPN, 672operating system, 148Red Hat Cobbler, 938
stat client command, 655stat dir command, 654–655stat storage command, 655stateful firewall, 223stateless autoconfiguration, 180stateless packet-filtering firewall, 223static addresses, 24static lease assignments, 423–425static VPN, 672statistics reporting, 391statistics-file, 405statsdir option, 391status all command, 654status argument, 232status option, 675stop argument, 608stop on configuration, 169stop option, 165, 167, 782Storage Clustering, 28Storage configuration file, 651Storage daemon, 636Storage definition, 647storage devices, 868storage management
devices, 333–335file systems, 342–352logical volume management (LVM), 370–380partitions, 335–342RAID, 359–369using file system, 352–359
Storage resource, 643strata, 390striping, 360–361STRUCTURAL object, 777su command, 92, 109, 918sub index type, 774submission service, 454subnet directive, 946subnetting, 191substitute user, 137SubStr pattern type, 892SubStr[number] pattern, 892subtree attribute, 782subtree_check option, 588sudoers file, 139–140, 142, 975sufficient directive, 135–136, 818suffix command, 773sunrpc directory, 867SUP top class, 776supplementary groups, 92, 115Suppress rule, 895, 897
swaks command, 483, 492, 504swap group, 845swap space use, 844–845swap volume, 22swapon command, 344switch user, 137switches, 76, 176SymLinksIfOwnerMatch option, 524SYN packet, 217Synaptic
adding software, 313–315managing repositories, 316–318overview, 312–313removing software, 316Update Manager, 319–320updating repositories, 318–319upgrading repositories, 318–319
/sys file system, 610, 842syscontact variable, 850sysctl and proc file system, 867–868sysctl command, 868sysctl fs.file-max command, 868sysctl -p command, 206, 868sysctl parameters, 1020sysctl utility, 868sysctl vm.swappiness file, 867sysctl.conf file, 206sysklogd init script, 878syslocation variable, 850syslog
actions, 876–877combining multiple selectors, 877–878facilities, 874–875overview, 872–874priorities, 876
syslog communications protocol, 872syslog daemon, 128, 514, 871, 878–880, 883syslog facility, 875syslog init script, 878syslog.conf file, 872, 874, 877syslogd daemons, 876, 879system command, 943system cron jobs, 170System Events Pending page, 288System Monitor Preferences dialog, 842System Settings tab, 17System Software Errata page, 289system view, 849system-auth default PAM authentication file, 689system-auth file, 134–135system-auth-config utility, 769SystemImager tool, 636
T\T code, 131-t dsa option, 918t filter -A INPUT chain, 231-t filter option, 229-t type option, 221tables, Netfilter, 224tail command, 453, 611-tail option, 889
INDEX 1049
TakeNext option, 891tar application, 327tarball, 327target, 223tasks, 168, 170TCP (Transmission Control Protocol), 223tcpdump command, 211, 216–218, 477, 675, 944, 952TCP/IP, 214–216tdbsam option, 570teamed interface, 179technical support, 7telinit commands, 156, 158telnet command, 219, 222template function, 982, 985templates, Puppet, 982–983TERM signal, 838terminal emulator, 68Test memory option, 44--test option, 300testing
configurations using iptools2, 202–205Dovecot, 509–514logging with logger, 880OpenVPN tunnel, 682–684Postfix, 457–460Postfix authentication, 483–485SpamAssassin, 492–494SpamAssassin with ClamAV, 504–505
-testonly option, 890text-based installation mechanism, 14TFTP (Trivial File Transfer Protocol)
Red Hat Cobbler, 938–939Ubuntu, 946
tftp service, 938tftpd service, 946tftpd-hpa package, 946tftp-hpa package, 946thresh option, 894thunderbird package, 509time command, 893time to live (TTL), 210, 399time zone, 955–956TIME+ column header, 835TIMEOUT options, 949timeperiod_name attribute, 908timezone directive, 955title option, 150$title variable, 984TLDs (top-level domains), 394TLS (Transport Layer Security)
configuring email, 448configuring Postfix for, 474–476overview, 465–466
-tls option, 485TLS_REQCERT field, 785TLSVerifyClient class, 772tmp/test_sync.txt file, 631to_localhost interface, 559to-destination parameter, 562tokens, 133tool-threads directive, 772top command, 78, 832, 834, 1010
top object class, 787top-level domains (TLDs), 394.toprc file, 837Torvalds, Linus, 3touch command, 106traceroute tool, 213Transmission Control Protocol (TCP), 223transparency, Squid cache, 561–562transparent proxy, 561Transport Layer Security (TLS). See TLS (Transport Layer
Security)Trivial File Transfer Protocol (TFTP). See TFTP (Trivial
File Transfer Protocol)troubleshooting
Dovecot, 514Linux installations, 60–61Nagios, 928OpenVPN, 695Puppet, 986–987Red Hat Cobbler, 944Simple Event Correlator (SEC), 899Ubuntu network booting, 952–953
troubleshooting networksdig, 219–221miscellaneous tools, 222mtr, 213–214netcat, 218–219overview, 211ping, 212–213tcpdump, 216–218TCP/IP, 214–216
trunk device, 197try_first_pass module, 136tshark command, 944, 952–953TTL (time to live), 210, 399$TTL field, 406tune2fs -e command, 356tune2fs utility, 347tunnel, OpenVPN, 682–684tunnel object, 203Tunnelblick, 692tunneldown.sh script, 694tunneling, SSH, 438–439tunnels, 669tunnelup.sh script, 694type field, 960-type option, 100Type Reference, 987TYPE=Ethernet protocol, 196types, 974
U-U | --upgrade option, 296-u ldap -g ldap option, 783-u openldap option, 783-u option, 537, 866-U option, 788-u user option, 142\u username, 131-u username -e option, 173-u username option, 173Ubuntu class, 979–980
INDEX1050
Ubuntu Serverconfiguring Apache for provisioning, 950configuring network interfaces from GUI, 192–194DHCP server, 945–946distributions, 5–6firewall, 950installation and configuration of Apache web server,
527–530installing as guest operating system, 1013–1014installing boot files, 947installing Cacti on, 850–852installing LDAP, 769installing Linux, 42, 60installing MySQL database, 536installing Nagios on, 902installing packages, 944installing Postfix, 452installing Puppet on, 967managing services, 164–168network booting host, 951–952network configuration files for, 202overview, 944package management, 301–302, 312, 320–326password, 66PXE boot loader, 947–949running Simple Event Correlator (SEC) on,
888–889slave servers, adding, 419–420specifying Kickstart file, 950–951TFTP server, 946troubleshooting network booting, 952–953Virtual Machines and, 1012webmail, 553xDSL setup using GUI, 248–249
udev service, 334, 357udevd daemon, 610udf DVD file system, 355UDP (User Datagram Protocol), 223ufs format, 560ufw service, 233UID (user ID), 116uid attributes, 787, 791UID_MAX range, 116UID_MIN range, 116ulimit command, 832, 865–866ulimit section, 866umask command, 91umount command, 353–354un status code, 322unalias command, 133uname -r command, 296UNATHORIZED COMMAND, 632unattended installation, 11Unauthenticated mode, 766uninit_bg option, 870uniq command, 103Universally Unique Identifiers (UUIDs), 345UNKNOWN status, 909unlimit attribute, 772unmount command, 655UNREACHABLE status, 909up command, 203
up state, 196Update Manager, 319–320update option, 290update volume command, 655update-rc.d command, 164, 166–168, 608updating
packages, 311–312repositories, 292, 318–319
UPG (user private group) scheme, 115upgrade directive, 954, 955upgrading repositories, 318–319Upstart, 168–169upstream RPMs, 301uptime command, 831URI field, 785url option, 951USB keys, 146Use Network Login button, 40use_syslog option, 904USER column header, 835User Datagram Protocol (UDP), 223user facility, 875user ID (UID), 116user management, 956user option, 481, 675, 689user private group (UPG) scheme, 115${USER} variable, 497$USER1$ macro, 914useradd command, 77, 110, 112–113, 116, 119, 139USERCTL option, 196USERCTL=no protocol, 196–197userdel command, 110, 118, 139, 325usermod command, 110–111, 116–117, 126username option, 284username-as-common-name option, 689Username/Password authentication, 766userPassword attribute, 767, 780, 793, 794users
adding, 786–791configuring shell and environment,
130–133controlling access to host, 133–137creating, 112–114default settings, 113–114deleting, 118–119disabling, 126groups and, 77groups and ownerships, 92–93managing via GUIs, 120–123passwords, 123–126privileges and, 542–543storing user data, 127–130and sudo command, 111–112, 137–144
users.ldif file, 790, 792user-space program, 223users.sh script, 725users.txt file, 720-useshadow value, 954uucp facility, 875, 876uuid parameter, 1005UUIDs (Universally Unique Identifiers), 345
INDEX 1051
V-V | --verify option, 296-v option, 788, 883v parameter, 327valid users directive, 572valid users setting, 573value field, 960/var/ directory, 82variables
environment, 130–132substitutions, 570
vboxusers group, 993vcpus parameter, 1005VCS (version control system), 904verb option, 675--verbose option, 300, 971Verify type, 642version control system (VCS), 904vfb parameter, 1005vgcreate command, 372, 374vgdisplay command, 371, 374vgextend command, 371, 374vgreduce command, 372, 374vgremove command, 374vgs command, 371–372vif parameter, 1005vim command, 105vimtutor command, 106VIRT column header, 835virt-manager command, 999virt-manager interface, 1014, 1019virtual appliances, 13virtual domains, 515virtual facilities, 159Virtual Host Name, 521Virtual Host Properties dialog, 520, 524virtual hosting, 519Virtual Hosts tab, 524Virtual Machine Manager, 999, 1006–1007Virtual Machines
creating with VirtualBox, 994–998installing with KVM
installing Ubuntu Server as Guest Operating System, 1013–1014
installing Windows as Guest Operating System, 1012–1013
managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012
installing with Xenautomatically starting, 1010–1011creating, 999–1005managing with the xm Comman, 1007–1010managing with Virtual Machine Manager,
1006–1007preparing computer for Xen usage, 998–999
LiveCDs and, 12–13Virtual Network Computing (VNC), 73virtual private networks (VPNs), 669, 696
example, 669–670OpenVPN, 671–672, 684–687, 695
virtual users, 515VirtualBox
creating Virtual Machines with, 994–998installing, 993
VirtualBox command, 994VirtualHost tag, 530, 550, 553<VirtualHost> tag, 801, 822virtualization
installing Virtual Machines with KVMinstalling Ubuntu Server as Guest Operating
System, 1013–1014installing Windows as Guest Operating System,
1012–1013managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012
installing Virtual Machines with Xenautomatically starting, 1010–1011creating, 999–1005managing with the xm Command, 1007–1010managing with Virtual Machine Manager,
1006–1007preparing computer for Xen usage, 998–999
OpenVZBasic OpenVZ Virtual Machine Management, 1024creating OpenVZ Virtual Machines, 1021–1023installation, 1020–1021
software, 13solutions
KVM, 992OpenVZ, 992VirtualBox, 989VMware, 990Xen, 990–992
VirtualBoxcreating Virtual Machines with, 994–998installing, 993
virtual-manager interface, 1014viruses
ClamAV, 500–506moving infected e-mail to special folder, 505overview, 488, 500SpamAssassin, 502–505
visudo command, 111, 138–139vm directory, 867vmstat command, 835, 844–845, 846VMware, 12, 990VNC (Virtual Network Computing), 73Volume Retention, 649volumes, 370–373VPN networks, 177VPNs (virtual private networks). See virtual private
networks (VPNs)VRFY command, 490--vv option, 300vzctl command, 1021vzctl enter command, 1023vzlist -a command, 1024
W-W days option, 125-W option, 788
INDEX1052
-w option, 868, 909wa column, 845--waitforcert option, 971WARNING plug-in, 909warning priority, 876WARNING status, 909, 915, 919wc command, 103web accelerator, 558web services, Squid cache, 558–562webadmin attribute, 780–781webadmin user, 781Webex Zimlet, 749webmail
configuring SquirrelMail, 554–556overview, 549–550Red Hat, 550–552Ubuntu, 553
websites, installing, 543–544, 549, 556–557weekly option, 881wget command, 299, 327, 702, 1020wget utility, 326, 544whatis command, 76wheel group, 142who command, 143whois tool, 395–396wiki user, 720Windows operating system
installing as guest operating system, 1012–1013vs. Linux, 66–72
Windows Small Business Server, 176Windows XP host, 69windows.img file, 1013Wine, 564WINS address option, 694Wireshark, 477workgroups, 567workhours time, 910writable directive, 572–573write access, 781–782write access privileges, 778write action, 894, 898write list directive, 572WWW (HTTP) option, 526www group, 544www-data directory, 546
X-X option, 227, 788-x option, 788X Window System, 15xDSL setup
using adsl-setup, 241–245using GUI, 245–249
Xeninstalling Virtual Machines with, 998–1011overview, 990–992
xendomains service, 1010XFS file systems, 349–352xfs_grow /srv/www command, 374xfsprogs package, 349xinetd package, 433xinetd service, 938xm <option> help element, 1007xm Command, 1007–1010
Y-Y option, 788Yum (Yellowdog Updater Modified)
additional tasks, 293configuring, 294–295installing packages, 291–292overview, 290–291removing packages, 292–293updating repositories, 292
yum command, 299, 450, 902yum property, 701
Z-Z option, 788Zimbra
adding new users, 719–725adding resources, 728–729adding SSL Certificate, 732–738adding Zimlets, 729–732Administration Console, 712–713, 741aliases and distribution lists, 725–728Class of Service, 713–719downloading and preparing the hosts, 702–703e-mail, 744–747firewall changes, 711–712Global Settings, 738–741installing, 703–706monitoring, 741–743Postinstallalation Configuration Menu, 707–711prerequisites, 701–702sharing folders, address books, documents, 749–757
Zimlets, 698, 717, 729–732, 747–749zmcontrol command, 711, 738zmprov command, 725zmtlsctl command, 737zombie, 836zone files, 406zones, defined, 394zoning
authoritative DNS servers, 406–407forward lookup zones, 407–408querying name servers, 400–401reverse lookup zones, 408–410
top related