Linux: The Complete Reference, Sixth Edition

Linux:

The Complete Reference,

Sixth Edition

About the Author

Richard Petersen, MLIS, teaches Unix and C/C++

courses at the University of California at Berkeley. He is the author of Linux: The Complete Reference (all six editions), Red Hat Enterprise and Fedora Linux: The Complete Reference, Red Hat Linux, Linux Programming, Red Hat Linux Administrator's Reference, Linux

Programmer's Reference, Introductory C with C++, Introductory Command Line Unix for Users, and many other books. He is a contributor to linux.sys-con.com (Linux World Magazine) with articles on IPv6, the Fedora operating system, Yum, Fedora repositories, the Global File System (GFS), udev device

management, and the Hardware Abstraction Layer (HAL).

About the Technical Editor

Dean Henrichsmeyer has served as technical editor for a previous edition of Linux: The Complete Reference and for several editions of another book, Red Hat Linux: The Complete Reference. He holds a B.S. in Computer Science and has been working with Linux for more than a decade. He is currently a site director for SourceForge, Inc., the media group responsible for websites such as SourceForge.net, Linux.com,

Slashdot.org, freshmeat.net, and ThinkGeek.com.

Linux:

The Complete Reference, Sixth Edition

Richard Petersen

New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto

Copyright © 2008 by The McGraw-Hill Companies. All rights reserved. Manufactured in the United States of America. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher.

0-07-159664-X

The material in this eBook also appears in the print version of this title: 0-07-149247-X.

All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps.

McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs. For more information, please contact George Hoare, Special Sales, at [email protected] or (212) 904-4069.

TERMS OF USE

This is a copyrighted work and The McGraw-Hill Companies, Inc. (“McGraw-Hill”) and its licensors reserve all rights in and to the work.

Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, dis- tribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms.

THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUD- ING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill and its licensors do not war- rant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, conse- quential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise.

We hope you enjoy this McGraw-Hill eBook! If you’d like more information about this book, its author, or related books and websites, please click here.

Professional

Want to learn more?

To my nieces, Aleina and Larisa

This page intentionally left blank

Contents at a Glance

Part I Introduction

1 Introduction to Linux . . . 3

2 Getting Started . . . 17

Part II The Linux Shell and File Structure

3 The Shell . . . 35

4 The Shell Scripts and Programming . . . 65

5 Shell Confi guration . . . 89

6 Linux Files, Directories, and Archives . . . 115

Part III Desktop

7 The X Window System, Xorg, and Display Managers . . . 145

8 GNOME . . . 169

9 KDE . . . 197

Part IV Linux Software

10 Software Management . . . 219

11 Offi ce and Database Applications . . . 237

12 Graphics Tools and Multimedia . . . 255

13 Mail and News Clients . . . 265

14 Web, FTP, and Java Clients . . . 281

15 Network Tools . . . 301

Part V Security

16 Encryption, Integrity Checks, and Signatures . . . 313

17 Security-Enhanced Linux . . . 327

18 IPsec and Virtual Private Networks . . . 349

19 Secure Shell and Kerberos . . . 359

20 Firewalls . . . 373

vii

viii

L i n u x : T h e C o m p l e t e R e f e r e n c e

Part VI Internet and Network Services

21 Managing Services . . . 401

22 FTP Servers . . . 423

23 Web Servers . . . 443

24 Proxy Servers . . . 467

25 Mail Servers . . . 477

26 Print, News, Search, and Database Servers . . . 503

Part VII System Administration

27 Basic System Administration . . . 523

28 Managing Users . . . 551

29 File Systems . . . 583

30 RAID and LVM . . . 615

31 Devices and Modules . . . 639

32 Kernel Administration . . . 671

33 Backup Management . . . 693

Part VIII Network Administration Services

34 Administering TCP/IP Networks . . . 707

35 Network Autoconfi guration with IPv6, DHCPv6, and DHCP . . . 745

36 NFS and NIS . . . 761

37 Distributed Network File Systems . . . 777

A Where to Obtain Linux Distributions . . . 785

Index . . . 787

Contents

Acknowledgments . . . xxix

Introduction . . . xxxi

Part I Introduction

1 Introduction to Linux . . . 3

Linux Distributions . . . 4

Operating Systems and Linux . . . 6

History of Linux and Unix . . . 6

Unix . . . 7

Linux . . . 7

Linux Overview . . . 8

Open Source Software . . . 9

Linux Software . . . 10

Software Repositories . . . 10

Third-Party Linux Software Repositories . . . 11

Linux Offi ce and Database Software . . . 11

Internet Servers . . . 12

Development Resources . . . 13

Online Linux Information Sources . . . 13

Linux Documentation . . . 13

2 Getting Started . . . 17

Install Issues . . . 17

Accessing Your Linux System . . . 19

The Display Managers: GDM and KDM . . . 19

Switching Users . . . 20

Accessing Linux from the Command Line Interface . . . 20

The GNOME and KDE Desktops . . . 22

KDE . . . 22

XFce4 . . . 22

GNOME . . . 22

GNOME and KDE Applets . . . 23

Starting a GUI from the Command Line . . . 24

Desktop Operations . . . 24

Desktop Themes . . . 24

Fonts . . . 25

Confi guring Your Personal Information . . . 26

Sessions . . . 27

Using Removable Devices and Media . . . 27

Installing Multimedia Support: MP3, DVD, and DivX . . . 27

Command Line Interface . . . 27

ix

For more information about this title, click here

x

L i n u x : T h e C o m p l e t e R e f e r e n c e

Help Resources . . . 28

Context-Sensitive Help . . . 29

Application Documentation . . . 29

The Man Pages . . . 29

The Info Pages . . . 29

Software Repositories . . . 30

Windows Access and Applications . . . 30

Setting Up Windows Network Access: Samba . . . 30

Running Windows Software on Linux: Wine . . . 31

Part II The Linux Shell and File Structure

3 The Shell . . . 35

The Command Line . . . 35

Command Line Editing . . . 37

Command and Filename Completion . . . 38

History . . . 40

History Events . . . 40

History Event Editing . . . 42

Confi guring History: HISTFILE and HISTSAVE . . . 43

Filename Expansion: *, ?, [ ] . . . 43

Matching Multiple Characters . . . 45

Matching Single Characters . . . 45

Matching a Range of Characters . . . 46

Matching Shell Symbols . . . 46

Generating Patterns . . . 47

Standard Input/Output and Redirection . . . 47

Redirecting the Standard Output: > and >> . . . 48

The Standard Input . . . 50

Pipes | . . . 50

Redirecting and Piping the Standard Error: >&, 2> . . . 51

Jobs: Background, Kills, and Interruptions . . . 52

Running Jobs in the Background . . . 53

Referencing Jobs . . . 54

Job Notifi cation . . . 54

Bringing Jobs to the Foreground . . . 54

Canceling Jobs . . . 55

Suspending and Stopping Jobs . . . 55

Ending Processes: ps and kill . . . 55

The C Shell: Command Line Editing and History . . . 56

C Shell Command Line Editing . . . 57

C Shell History . . . 57

The TCSH Shell . . . 62

TCSH Command Line Completion . . . 62

TCSH History Editing . . . 62

The Z-shell . . . 63

4 The Shell Scripts and Programming . . . 65

Shell Variables . . . 66

Defi nition and Evaluation of Variables: =, $, set, unset . . . 66

Variable Values: Strings . . . 67

Values from Linux Commands: Back Quotes . . . 70

Shell Scripts: User-Defi ned Commands . . . 70

Executing Scripts . . . 71

Script Arguments . . . 71

Environment Variables and Subshells: export and setenv . . . 73

Shell Environment Variables . . . 75

TCSH/C Shell Environment Variables . . . 76

Control Structures . . . 77

Test Operations . . . 77

Conditional Control Structures . . . 78

Loop Control Structures . . . 81

TCSH/C Shell Control Structures . . . 81

Test Expressions . . . 82

TCSH Shell Conditions: if-then, if-then-else, switch . . . 82

TCSH Shell Loops: while and foreach . . . 86

5 Shell Confi guration . . . 89

Shell Initialization and Confi guration Files . . . 90

Confi guration Directories and Files . . . 90

Aliases . . . 91

Aliasing Commands and Options . . . 92

Aliasing Commands and Arguments . . . 92

Aliasing Commands . . . 93

Controlling Shell Operations . . . 93

Environment Variables and Subshells: export . . . 94

Confi guring Your Shell with Shell Parameters . . . 94

Shell Parameter Variables . . . 95

Confi guring Your Login Shell: .bash_profi le . . . 101

Confi guring the BASH Shell: .bashrc . . . 105

The BASH Shell Logout File: .bash_logout . . . 106

The TCSH Shell Confi guration . . . 107

TCSH/C Aliases . . . 107

TCSH/C Shell Feature Variables: Shell Features . . . 108

TCSH/C Special Shell Variables for Confi guring Your System . . . 109

TCSH/C Shell Initialization Files: .login, .tcshrc, .logout . . . 111

6 Linux Files, Directories, and Archives . . . 115

Linux Files . . . 116

The File Structure . . . 117

Home Directories . . . 118

Pathnames . . . 118

System Directories . . . 119

Listing, Displaying, and Printing Files: ls, cat, more, less, and lpr . . . 119

Displaying Files: cat, less, and more . . . 120

Printing Files: lpr, lpq, and lprm . . . 121

Managing Directories: mkdir, rmdir, ls, cd, and pwd . . . 121

Creating and Deleting Directories . . . 122

Displaying Directory Contents . . . 123

Moving Through Directories . . . 123

Referencing the Parent Directory . . . 124 C o n t e n t s

xi

xii

L i n u x : T h e C o m p l e t e R e f e r e n c e

File and Directory Operations: fi nd, cp, mv, rm, and ln . . . 124

Searching Directories: fi nd . . . 124

Copying Files . . . 126

Moving Files . . . 129

Copying and Moving Directories . . . 129

Erasing Files and Directories: The rm Command . . . 130

Links: The ln Command . . . 130

The mtools Utilities: msdos . . . 132

Archiving and Compressing Files . . . 133

Archiving and Compressing Files with File Roller . . . 133

Archive Files and Devices: tar . . . 134

File Compression: gzip, bzip2, and zip . . . 138

Part III Desktop

7 The X Window System, Xorg, and Display Managers . . . 145

The X Protocol . . . 146

Xorg . . . 147

Xorg Confi guration: /etc/X11/xorg.conf . . . 149

Screen . . . 150

Files, Modules, and ServerFlags . . . 151

Input Device . . . 152

Monitor . . . 153

Device . . . 154

ServerLayout . . . 154

Multiple Monitors . . . 155

X Window System Command Line Arguments . . . 155

X Window System Commands and Confi guration Files . . . 156

XFS Fonts . . . 158

X Resources . . . 158

X Commands . . . 160

Display Managers: XDM, GDM, and KDM . . . 160

Xsession . . . 162

The X Display Manager (XDM) . . . 163

The GNOME Display Manager . . . 164

The K Display Manager (KDM) . . . 166

X Window System Command Line Startup: startx, xinit, and xinitrc . . . 167

8 GNOME . . . 169

GNOME 2.x Features . . . 170

GTK+ . . . 171

The GNOME Interface . . . 171

GNOME Components . . . 173

Quitting GNOME . . . 173

GNOME Help . . . 173

The GNOME Desktop . . . 174

Drag and Drop Files to the Desktop . . . 174

Applications on the Desktop . . . 175

GNOME Desktop Menu . . . 175

Window Manager . . . 175

The GNOME Volume Manager . . . 176

The GNOME File Manager: Nautilus . . . 178

Nautilus Window . . . 178

Nautilus Sidebar: Tree, History, and Notes . . . 180

Displaying Files and Folders . . . 180

Nautilus Menu . . . 181

Navigating Directories . . . 181

Managing Files . . . 182

Application Launcher . . . 184

File and Directory Properties . . . 184

Nautilus Preferences . . . 186

Nautilus as a FTP Browser . . . 186

The GNOME Panel . . . 187

Panel Properties . . . 187

Panel Objects . . . 189

Special Panel Objects . . . 191

GNOME Applets . . . 191

Workspace Switcher . . . 192

GNOME Window List . . . 192

GNOME Confi guration . . . 193

GNOME Directories and Files . . . 193

GNOME User Directories . . . 194

The GConf Confi guration Editor . . . 194

9 KDE . . . 197

The Qt Library . . . 198

Confi guration and Administration Access with KDE . . . 199

The KDE Desktop . . . 199

KDE Menus . . . 200

Quitting KDE . . . 201

KDE Desktop Operations . . . 201

Accessing System Resources from the File Manager . . . 202

Confi guring Your Desktop . . . 203

Desktop Link Files and URL Locations . . . 203

KDE Windows . . . 204

Virtual Desktops: The KDE Desktop Pager . . . 205

KDE Panel: Kicker . . . 205

The KDE Help Center . . . 206

Applications . . . 207

Mounting Devices from the Desktop . . . 208

KDE File Manager and Internet Client: Konqueror . . . 208

Konqueror Window . . . 209

Navigation Panel . . . 210

Search . . . 211

Navigating Directories . . . 211

Copy, Move, Delete, Rename, and Link Operations . . . 212

Web and FTP Access . . . 213

Confi guring Konqueror . . . 213

KDE Confi guration: KDE Control Center . . . 214

.kde and Desktop User Directories . . . 215 C o n t e n t s

xiii

xiv

L i n u x : T h e C o m p l e t e R e f e r e n c e

MIME Types and Associated Applications . . . 215

KDE Directories and Files . . . 216

Part IV Linux Software

10 Software Management . . . 219

Software Package Types . . . 219

Downloading ISO and DVD Distribution Images with BitTorrent . . . 220

Red Hat Package Manager (RPM) . . . 221

The rpm Command . . . 222

Querying Information from RPM Packages and Installed Software 224

Installing and Updating Packages with rpm . . . 226

Removing RPM Software Packages . . . 226

RPM: Verifying an RPM Installation . . . 226

Rebuilding the RPM Database . . . 227

Debian . . . 227

Installing Software from Compressed Archives: .tar.gz . . . 228

Decompressing and Extracting Software in One Step . . . 228

Decompressing Software Separately . . . 229

Selecting an Install Directory . . . 230

Extracting Software . . . 230

Compiling Software . . . 231

Confi gure Command Options . . . 232

Development Libraries . . . 232

Shared and Static Libraries . . . 232

Makefi le File . . . 233

Command and Program Directories: PATH . . . 233

/etc/profi le . . . 234

.bash_profi le . . . 234

Subversion and CVS . . . 235

Packaging Your Software with RPM . . . 235

11 Offi ce and Database Applications . . . 237

Running Microsoft Offi ce on Linux: CrossOver . . . 238

OpenOffi ce.org . . . 239

KOffi ce . . . 241

KOffi ce Applications . . . 241

KParts . . . 242

GNOME Offi ce . . . 243

Document Viewers (PostScript, PDF, and DVI) . . . 244

PDA Access . . . 245

Database Management Systems . . . 245

SQL Databases (RDMS) . . . 245

Xbase Databases . . . 248

Editors . . . 248

GNOME Editor: Gedit . . . 248

K Desktop Editors: Kate, KEdit, and KJots . . . 248

The Emacs Editor . . . 249

The Vi Editor: Vim and Gvim . . . 250

12 Graphics Tools and Multimedia . . . 255

Graphics Tools . . . 255

Photo Management Tools: F-Spot and digiKam . . . 256

KDE Graphics Tools . . . 257

GNOME Graphics Tools . . . 257

X Window System Graphic Programs . . . 257

Multimedia . . . 258

GStreamer . . . 259

Sound Applications . . . 260

CD Burners and Rippers . . . 261

Video Applications . . . 262

13 Mail and News Clients . . . 265

Mail Clients . . . 265

MIME . . . 266

Evolution . . . 267

Thunderbird . . . 268

GNOME Mail Clients: Evolution, Balsa, and Others . . . 269

The K Desktop Mail Client: KMail . . . 270

SquirrelMail Web Mail Client . . . 270

Emacs . . . 271

Command Line Mail Clients . . . 271

Notifi cations of Received Mail . . . 273

Accessing Mail on Remote POP Mail Servers . . . 274

Mailing Lists . . . 275

Usenet News . . . 275

Newsreaders . . . 277

News Transport Agents . . . 278

14 Web, FTP, and Java Clients . . . 281

Web Clients . . . 281

URL Addresses . . . 282

Web Browsers . . . 282

Creating Your Own Website . . . 286

Java for Linux . . . 287

Sun, Java-like, JPackage, and Blackdown . . . 287

Installing the Java Runtime Environment: JRE . . . 289

Enabling the Java Runtime Environment for Mozilla/Firefox . . . 289

The Java Applications . . . 289

The Java 2 Software Development Kit . . . 289

FTP Clients . . . 290

Network File Transfer: FTP . . . 290

Web Browser–Based FTP: Firefox . . . 291

The K Desktop File Manager: Konqueror . . . 292

GNOME Desktop FTP: Nautilus . . . 292

gFTP . . . 292

wget . . . 293

curl . . . 293

ftp . . . 293

Automatic Login and Macros: .netrc . . . 297 C o n t e n t s

xv

xvi

L i n u x : T h e C o m p l e t e R e f e r e n c e

lftp . . . 298

NcFTP . . . 299

15 Network Tools . . . 301

Network Information: ping, fi nger, traceroute, and host . . . 301

GNOME Network Tools: gnome-nettool . . . 301

ping . . . 302

fi nger and who . . . 303

host . . . 303

traceroute . . . 303

Network Talk and Messenger Clients: VoIP, ICQ, IRC, AIM, and Talk . . . . 304

Ekiga . . . 304

ICQ . . . 305

Instant Messenger . . . 305

Telnet . . . 306

RSH, Kerberos, and SSH Remote Access Commands . . . 307

Remote Access Information . . . 308

Remote Access Permission: .k5login . . . 308

rlogin, slogin, rcp, scp, rsh, and ssh . . . 309

Part V Security

16 Encryption, Integrity Checks, and Signatures . . . 313

Public Key Encryption, Integrity Checks, and Digital Signatures . . . 313

Public-Key Encryption . . . 314

Digital Signatures . . . 314

Integrity Checks . . . 314

Combining Encryption and Signatures . . . 315

GNU Privacy Guard . . . 316

GnuPG Setup: gpg . . . 318

Using GnuPG . . . 321

Checking Software Package Digital Signatures . . . 323

Importing Public Keys . . . 323

Validating Public Keys . . . 324

Checking RPM Packages . . . 324

Intrusion Detection: Tripwire and AIDE . . . 325

Encrypted File Systems . . . 326

17 Security-Enhanced Linux . . . 327

Flask Architecture . . . 327

System Administration Access . . . 328

Terminology . . . 329

Identity . . . 329

Domains . . . 330

Types . . . 330

Roles . . . 330

Security Context . . . 331

Transition: Labeling . . . 331

Policies . . . 331

Multi-Level Security (MLS) and Multi-Category Security (MCS) . . . 331

Management Operations for SELinux . . . 332

Turning Off SELinux . . . 332

Checking Status and Statistics . . . 332

Checking Security Context . . . 333

SELinux Management Tools . . . 333

semanage . . . 334

The Security Policy Analysis Tool: apol . . . 334

Checking SELinux Messages: seaudit . . . 334

Allowing Access: chcon and audit2allow . . . 334

The SELinux Reference Policy . . . 335

Multi-Level Security (MLS) . . . 336

Multi-Category Security (MCS) . . . 336

Policy Methods . . . 336

Type Enforcement . . . 336

Role-Based Access Control . . . 336

SELinux Users . . . 336

Policy Files . . . 337

SELinux Confi guration . . . 337

SELinux Policy Rules . . . 337

Type and Role Declarations . . . 338

File Contexts . . . 339

User Roles . . . 339

Access Vector Rules: allow . . . 339

Role Allow Rules . . . 340

Transition and Vector Rule Macros . . . 340

Constraint Rules . . . 340

SELinux Policy Confi guration Files . . . 340

Compiling SELinux Modules . . . 341

Using SELinux Source Confi guration . . . 341

Interface Files . . . 342

Types Files . . . 343

Module Files . . . 343

Security Context Files . . . 343

User Confi guration: Roles . . . 343

Policy Module Tools . . . 343

Application Confi guration: appconfi g . . . 344

Creating an SELinux Policy: make and checkpolicy . . . 344

SELinux: Administrative Operations . . . 345

Using Security Contexts: fi xfi les, setfi les, restorecon, and chcon . . . 345

Adding New Users . . . 345

RuntimeSecurity Contexts and Types: contexts . . . 346

18 IPsec and Virtual Private Networks . . . 349

IPsec Protocols . . . 349

IPsec Modes . . . 350

IPsec Security Databases . . . 350

IPsec Tools . . . 351

Confi guring Connections with setkey . . . 351

Security Associations: SA . . . 351

Security Policy: SP . . . 352

Receiving Hosts . . . 352

Two-Way Transmissions . . . 353 C o n t e n t s

xvii

xviii

L i n u x : T h e C o m p l e t e R e f e r e n c e

Confi guring IPsec with racoon: IKE . . . 354

Certifi cates . . . 355

Connection Confi guration with racoon . . . 355

IPsec and IP Tables: Net Traversal . . . 355

IPsec Tunnel Mode: Virtual Private Networks . . . 356

19 Secure Shell and Kerberos . . . 359

The Secure Shell: OpenSSH . . . 359

SSH Encryption and Authentication . . . 360

SSH Tools . . . 361

SSH Setup . . . 362

SSH Clients . . . 365

Port Forwarding (Tunneling) . . . 367

SSH Confi guration . . . 368

Kerberos . . . 368

Kerberos Servers . . . 369

Authentication Process . . . 369

Kerberized Services . . . 371

Confi guring Kerberos Servers . . . 371

20 Firewalls . . . 373

Firewalls: IPtables, NAT, and ip6tables . . . 373

IPtables . . . 374

ip6tables . . . 374

Modules . . . 375

Packet Filtering . . . 375

Chains . . . 375

Targets . . . 376

Firewall and NAT Chains . . . 376

Adding and Changing Rules . . . 376

IPtables Options . . . 379

Accepting and Denying Packets: DROP and ACCEPT . . . 379

User-Defi ned Chains . . . 380

ICMP Packets . . . 381

Controlling Port Access . . . 382

Packet States: Connection Tracking . . . 383

Specialized Connection Tracking: ftp, irc, Amanda, tftp . . . 384

Network Address Translation (NAT) . . . 384

Adding NAT Rules . . . 384

NAT Targets and Chains . . . 385

NAT Redirection: Transparent Proxies . . . 386

Packet Mangling: The Mangle Table . . . 386

IPtables Scripts . . . 387

An IPtables Script Example: IPv4 . . . 387

IP Masquerading . . . 395

Masquerading Local Networks . . . 395

Masquerading NAT Rules . . . 396

IP Forwarding . . . 396

Masquerading Selected Hosts . . . 396

Part VI Internet and Network Services

21 Managing Services . . . 401

System Startup Files: /etc/rc.d . . . 401

rc.sysinit and rc.local . . . 401

/etc//init.d . . . 402

SysV Init: init.d Scripts . . . 403

Starting Services: Standalone and xinetd . . . 404

Starting Services Directly . . . 405

Starting and Stopping Services with Service Scripts . . . 406

Starting Services Automatically . . . 406

Service Management: chkconfi g, services-admin, rrconf, sysv-rc-conf, and update-rc.d . . . 407

chkconfi g . . . 407

rcconf, services-admin, sysv-rc-conf, and update-rc.d . . . 410

Service Scripts: /etc/init.d . . . 412

Service Script Functions . . . 412

Service Script Tags . . . 413

Service Script Example . . . 414

Installing Service Scripts . . . 415

Extended Internet Services Daemon (xinetd) . . . 415

Starting and Stopping xinetd Services . . . 416

xinetd Confi guration: xinetd.conf . . . 416

xinetd Service Confi guration Files: /etc/xinetd.d Directory . . . 417

Confi guring Services: xinetd Attributes . . . 418

Disabling and Enabling xinetd Services . . . 418

TCP Wrappers . . . 421

22 FTP Servers . . . 423

FTP Servers . . . 423

Available Servers . . . 424

FTP Users . . . 424

Anonymous FTP: vsftpd . . . 425

The FTP User Account: anonymous . . . 425

FTP Group . . . 425

Creating New FTP Users . . . 426

Anonymous FTP Server Directories . . . 426

Anonymous FTP Files . . . 427

Using FTP with rsync . . . 427

Accessing FTP Sites with rsync . . . 427

Confi guring an rsync Server . . . 428

rsync Mirroring . . . 429

The Very Secure FTP Server . . . 429

Running vsftpd . . . 429

Confi guring vsftpd . . . 430

vsftpd Access Controls . . . 433

vsftpd Virtual Hosts . . . 434

vsftpd Virtual Users . . . 435

Professional FTP Daemon: ProFTPD . . . 436

Install and Startup . . . 436 C o n t e n t s

xix

xx

L i n u x : T h e C o m p l e t e R e f e r e n c e

Authentication . . . 436 proftpd.confi g and .ftpaccess . . . 436 Anonymous Access . . . 438 Virtual FTP Servers . . . 440 23 Web Servers . . . 443 Tux . . . 443 Alternate Web Servers . . . 444 Apache Web Server . . . 444 Java: Apache Jakarta Project . . . 445 Linux Apache Installations . . . 446 Apache Multiprocessing Modules: MPM . . . 447 Starting and Stopping the Web Server . . . 447 Apache Confi guration Files . . . 448 Apache Confi guration and Directives . . . 448 Global Confi guration . . . 449 Server Confi guration . . . 451 Directory-Level Confi guration: .htaccess and <Directory> . . . 452 Access Control . . . 453 URL Pathnames . . . 453 MIME Types . . . 454 CGI Files . . . 455 Automatic Directory Indexing . . . 455 Authentication . . . 456 Log Files . . . 457 Virtual Hosting on Apache . . . 458 IP-Based Virtual Hosting . . . 459 Name-Based Virtual Hosting . . . 459 Dynamic Virtual Hosting . . . 459 Server-Side Includes . . . 462 PHP . . . 463 Apache Confi guration Tool . . . 463 Web Server Security: SSL . . . 464 24 Proxy Servers . . . 467 Confi guring Client Browsers . . . 468 The squid.conf File . . . 469 Security . . . 470 Caches . . . 473 Connecting to Caches . . . 473 Memory and Disk Confi guration . . . 474 Administrative Settings . . . 474 Logs . . . 474 Web Server Acceleration: Reverse Proxy Cache . . . 474 25 Mail Servers . . . 477 Mail Transport Agents . . . 477 Received Mail: MX Records . . . 478 Postfi x . . . 479 Postfi x Commands . . . 479 Postfi x Confi guration: main.cf . . . 480

Postfi x Greylisting Policy Server . . . 482 Controlling User and Host Access . . . 483 Sendmail . . . 484 Aliases and LDAP . . . 485 Sendmail Confi guration . . . 487 Sendmail Masquerading . . . 491 Confi guring Mail Servers and Mail Clients . . . 493 Confi guring Sendmail for a Simple Network Confi guration . . . 494 Confi guring Sendmail for a Centralized Mail Server . . . 494 Confi guring a Workstation with Direct ISP Connection . . . 495 The Mailer Table . . . 495 Virtual Domains: virtusertable . . . 496 Security . . . 496 POP and IMAP Server: Dovecot . . . 498 Dovecot . . . 499 Other POP and IMAP Servers . . . 499 Spam: SpamAssassin . . . 500 26 Print, News, Search, and Database Servers . . . 503 Printer Servers: CUPS . . . 503 Printer Devices and Confi guration . . . 504 Printer Device Files . . . 504 Spool Directories . . . 505 Installing Printers with CUPS . . . 505 Confi guring CUPS on GNOME . . . 505 Confi guring CUPS on KDE . . . 505 CUPS Web Browser-Based Confi guration Tool . . . 506 Confi guring Remote Printers on CUPS . . . 507 CUPS Printer Classes . . . 507 CUPS Confi guration . . . 508 cupsd.conf . . . 508 CUPS Directives . . . 508 CUPS Command Line Print Clients . . . 509 lpr . . . 509 lpc . . . 510 lpq and lpstat . . . 510 lprm . . . 510 CUPS Command Line Administrative Tools . . . 510 lpadmin . . . 511 lpoptions . . . 511 enable and disable . . . 512 accept and reject . . . 512 lpinfo . . . 512 News Servers . . . 512 News Servers: INN . . . 513 Newsreader Access . . . 514 Overviews . . . 514 INN Implementation . . . 515 Database Servers: MySQL and PostgreSQL . . . 515 Relational Database Structure . . . 516 SQL . . . 516

C o n t e n t s

xxi

xxii

L i n u x : T h e C o m p l e t e R e f e r e n c e

MySQL . . . 517 PostgreSQL . . . 520

Part VII System Administration

27 Basic System Administration . . . 523 Superuser Control: The Root User . . . 523 Root User Password . . . 524 Root User Access: su . . . 524 Controlled Administrative Access: sudo . . . 525 System Time and Date . . . 526 Scheduling Tasks: cron . . . 527 crontab Entries . . . 527 Environment Variables for cron . . . 528 The cron.d Directory . . . 528 The crontab Command . . . 529 Editing in cron . . . 529 Organizing Scheduled Tasks . . . 529 Running cron Directory Scripts . . . 530 cron Directory Names . . . 531 Anacron . . . 531 System Runlevels: telinit, initab, and shutdown . . . 531 Runlevels . . . 531 Runlevels in initab . . . 533 Changing Runlevels with telinit . . . 533 The runlevel Command . . . 534 Shutdown . . . 534 System Directories . . . 536 Program Directories . . . 537 Confi guration Directories and Files . . . 537 Confi guration Files: /etc . . . 537 System Logs: /var/log and syslogd . . . 537 syslogd and syslog.conf . . . 537 Entries in syslog.conf . . . 539 Priorities . . . 540 Actions and Users . . . 540 An Example for /etc/syslog.conf . . . 541 The Linux Auditing System: auditd . . . 541 Performance Analysis Tools and Processes . . . 542 GNOME System Monitor . . . 543 The ps Command . . . 543 vmstat, top, free, Xload, iostat, and sar . . . 544 System Tap . . . 544 Frysk . . . 544 GNOME Power Manager . . . 545 GKrellM . . . 545 KDE Task Manager and Performance Monitor (KSysguard) . . . 546 Grand Unifi ed Bootloader (GRUB) . . . 547

28 Managing Users . . . 551 GUI User Managment Tools: users-admin and KUser . . . 551 User Confi guration Files . . . 552 The Password Files . . . 553 /etc/passwd . . . 553 /etc/shadow and /etc/gshadow . . . 554 Password Tools . . . 554 Managing User Environments . . . 554 Profi le Scripts . . . 554 /etc/skel . . . 555 /etc/login.defs . . . 555 /etc/login.access . . . 555 Controlling User Passwords . . . 556 Adding and Removing Users with useradd, usermod, and userdel . . . 557 useradd . . . 558 usermod . . . 559 userdel . . . 559 Managing Groups . . . 559 /etc/group and /etc/gshadow . . . 559 User Private Groups . . . 560 Group Directories . . . 560 Managing Groups Using groupadd, groupmod, and groupdel . . . . 561 Controlling Access to Directories and Files: chmod . . . 561 Permissions . . . 561 chmod . . . 563 Ownership . . . 563 Changing a File’s Owner or Group: chown and chgrp . . . 565 Setting Permissions: Permission Symbols . . . 566 Absolute Permissions: Binary Masks . . . 566 Directory Permissions . . . 568 Ownership Permissions . . . 569 Sticky Bit Permissions . . . 569 Permission Defaults: umask . . . 570 Disk Quotas . . . 571 Quota Tools . . . 571 edquota . . . 571 quotacheck, quotaon, and quotaoff . . . 572 repquota and quota . . . 572 Lightweight Directory Access Protocol . . . 573 LDAP Clients and Servers . . . 573 LDAP Confi guration Files . . . 574 Confi guring the LDAP server: /etc/slapd.conf . . . 574 LDAP Directory Database: ldif . . . 575 LDAP Tools . . . 579 LDAP and PAM . . . 580 LDAP and the Name Service Switch Service . . . 580 Pluggable Authentication Modules . . . 580 PAM Confi guration Files . . . 581 PAM Modules . . . 581

C o n t e n t s

xxiii

xxiv

L i n u x : T h e C o m p l e t e R e f e r e n c e

29 File Systems . . . 583 File Systems . . . 584 File System Hierarchy Standard (FHS) . . . 584 Root Directory: / . . . 584 System Directories . . . 585 The /usr Directory . . . 587 The /media Directory . . . 587 The /mnt Directory . . . 587 The /home Directory . . . 588 The /var Directory . . . 588 The /proc File System . . . 589 The sysfs File System: /sys . . . 589 Device Files: /dev, udev, and HAL . . . 590 Mounting File Systems . . . 593 File System Information . . . 593 Journaling . . . 594 ext3 Journaling . . . 595 ReiserFS . . . 595 Mounting File Systems Automatically: /etc/fstab . . . 596 HAL and fstab . . . 596 fstab Fields . . . 596 Auto Mounts . . . 598 mount Options . . . 598 Boot and Disk Check . . . 598 fstab Sample . . . 599 Partition Labels: e2label . . . 600 Windows Partitions . . . 600 Linux Kernel Interfaces . . . 601 noauto . . . 601 Mounting File Systems Manually: mount and umount . . . 601 The mount Command . . . 602 The umount Command . . . 603 Mounting Floppy Disks . . . 604 Mounting CD-ROMs . . . 604 Mounting Hard Drive Partitions: Linux and Windows . . . 605 Creating File Systems: mkfs, mke2fs, mkswap, parted, and fdisk . . . 606 fdisk . . . 606 parted . . . 608 mkfs . . . 609 mkswap . . . 610 CD-ROM and DVD-ROM Recording . . . 610 mkisofs . . . 611 cddrecord . . . 612 DVD+RW Tools . . . 613 Mono and .NET Support . . . 613 30 RAID and LVM . . . 615 Logical Volume Manager (LVM) . . . 616 LVM Structure . . . 616 Creating LVMs During Installation . . . 617

Distribution Confi guration Tools . . . 617 LVM Tools: Using the LVM Commands . . . 617 Using LVM to Replace Drives . . . 622 LVM Example for Partitions on Different Hard Drives . . . 623 LVM Snapshots . . . 625 Confi guring RAID Devices . . . 625 Motherboard RAID Support: dmraid . . . 626 Linux Software RAID Levels . . . 627 RAID Devices and Partitions: md and fd . . . 629 Booting from a RAID Device . . . 629 RAID Administration: mdadm . . . 629 Creating and Installing RAID Devices . . . 630 Corresponding Hard Disk Partitions . . . 635 RAID Example . . . 636 31 Devices and Modules . . . 639 The sysfs File System: /sys . . . 639 The proc File System: /proc . . . 641 udev: Device Files . . . 641 udev Confi guration . . . 642 Device Names and udev Rules: /etc/udev/rules.d . . . 643 Symbolic Links . . . 645 Program Fields, IMPORT{program} keys, and /lib/udev . . . 648 Creating udev Rules . . . 648 SYMLINK Rules . . . 649 Persistent Names: udevinfo . . . 650 Hardware Abstraction Layer: HAL . . . 652 The HAL Daemon and hal-device-manager (hal-gnome) . . . 653 HAL Confi guration: /etc/hal/fdi, and /usr/share/hal/fdi . . . 653 Device Information Files: fdi . . . 654 Properties . . . 654 Device Information File Directives . . . 656 Manual Devices . . . 657 Device Types . . . 658 MAKEDEV . . . 658 mknod . . . 659 Installing and Managing Terminals and Modems . . . 660 Serial Ports . . . 660 mingetty, mgetty, and agetty . . . 661 termcap and inittab Files . . . 661 tset . . . 661 Input Devices . . . 662 Installing Sound, Network, and Other Cards . . . 662 Sound Devices . . . 662 Video and TV Devices . . . 663 PCMCIA Devices . . . 664 Modules . . . 664 Kernel Module Tools . . . 664 Module Files and Directories: /lib/modules . . . 665 Managing Modules with modprobe . . . 666

C o n t e n t s

xxv

xxvi

L i n u x : T h e C o m p l e t e R e f e r e n c e

The depmod Command . . . 666 The modprobe Command . . . 666 The insmod Command . . . 667 The rmmod Command . . . 667 modprobe confi guration . . . 667 Installing New Modules from Vendors: Driver Packages . . . 669 Installing New Modules from the Kernel . . . 670 32 Kernel Administration . . . 671 Kernel Versions . . . 671 References . . . 672 Kernel Tuning: Kernel Runtime Parameters . . . 673 Installing a New Kernel Version . . . 673 CPU Kernel Packages . . . 674 Installing Kernel Packages: /boot . . . 674 Precautionary Steps for Modifying a Kernel of the Same Version . . . 675 Boot Loader . . . 675 Compiling the Kernel from Source Code . . . 676 Installing Kernel Sources: Kernel Archives and Patches . . . 677 Confi guring the Kernel . . . 677 Kernel Confi guration Tools . . . 677 Important Kernel Confi guration Features . . . 679 Compiling and Installing the Kernel . . . 681 Installing the Kernel Image Manually . . . 682 Kernel Boot Disks . . . 683 Boot Loader Confi gurations: GRUB . . . 684 Module RAM Disks . . . 684 Virtualization . . . 685 Virtual Machine Manager: virt-manager (Red Hat) . . . 686 Kernel-Based Virtualization Machine (KVM): Hardware

Virtualization . . . 687 Xen Virtualization Kernel . . . 688 33 Backup Management . . . 693 Individual Backups: archive and rsync . . . 693 BackupPC . . . 694 Amanda . . . 695 Amanda Commands . . . 695 Amanda Confi guration . . . 695 Enabling Amanda on the Network . . . 697 Using Amanda . . . 697 Backups with dump and restore . . . 698 The dump Levels . . . 698 Recording Backups . . . 700 Operations with dump . . . 700 Recovering Backups . . . 701

Part VIII Network Administration Services

34 Administering TCP/IP Networks . . . 707 TCP/IP Protocol Suite . . . 707

Confi guring Networks on GNOME and KDE . . . 710 Zero Confi guration Networking (zeroconf): Avahi and Link

Local Addressing . . . 710 IPv4 and IPv6 . . . 711 TCP/IP Network Addresses . . . 712 IPv4 Network Addresses . . . 712 Class-Based IP Addressing . . . 712 Netmask . . . 713 Classless Interdomain Routing (CIDR) . . . 714 Obtaining an IP Address . . . 717 Broadcast Addresses . . . 719 Gateway Addresses . . . 719 Name Server Addresses . . . 719 IPv6 Addressing . . . 720 IPv6 Address Format . . . 720 IPv6 Interface Identifi ers . . . 721 IPv6 Address Types . . . 721 IPv6 and IPv4 Coexistence Methods . . . 723 TCP/IP Confi guration Files . . . 723 Identifying Hostnames: /etc/hosts . . . 723 /etc/resolv.conf . . . 725 /etc/services . . . 725 /etc/protocols . . . 725 Domain Name Service (DNS) . . . 725 host.conf . . . 726 /etc/nsswitch.conf: Name Service Switch . . . 727 Network Interfaces and Routes: ifconfi g and route . . . 729 ifconfi g . . . 729 Routing . . . 731 Wireless Networking . . . 733 Network Manager: GNOME . . . 733 Manual Wireless Confi gurations . . . 735 Command Line PPP Access: wvdial . . . 737 Monitoring Your Network: ping, netstat, tcpdump, EtherApe,

Ettercap, and Wireshark . . . 739 ping . . . 739 Ettercap . . . 739 Wireshark . . . 739 tcpdump . . . 741 netstat . . . 742 IP Aliasing . . . 742 Infi niBand Support . . . 743 35 Network Autoconfi guration with IPv6, DHCPv6, and DHCP . . . 745 IPv6 Stateless Autoconfi guration . . . 745 Generating the Local Address . . . 746 Generating the Full Address: Router Advertisements . . . 746 Router Renumbering . . . 746 IPv6 Stateful Autoconfi guration: DHCPv6 . . . 748 Linux as an IPv6 Router: radvd . . . 749

C o n t e n t s

xxvii

xxviii

L i n u x : T h e C o m p l e t e R e f e r e n c e

DHCP for IPv4 . . . 750 Confi guring DHCP IPv4 Client Hosts . . . 750 Confi guring the DHCP IPv4 Server . . . 751 Dynamic IPv4 Addresses for DHCP . . . 754 DHCP Dynamic DNS Updates . . . 755 DHCP Subnetworks . . . 757 DHCP Fixed Addresses . . . 759 36 NFS and NIS . . . 761 Network File Systems: NFS and /etc/exports . . . 761 NFSv4 . . . 761 NFS Daemons . . . 762 Starting and Stopping NFS . . . 762 NFS Confi guration: /etc/exports . . . 762 NFS File and Directory Security with NFS4 Access Lists . . . 766 Controlling Accessing to NFS Servers . . . 766 Mounting NFS File Systems: NFS Clients . . . 768 Network Information Service: NIS . . . 770 NIS Servers . . . 771 Netgroups . . . 774 NIS Clients . . . 774 37 Distributed Network File Systems . . . 777 Parallel Virtual File System (PVFS) . . . 777 Coda . . . 778 Red Hat Global File System (GFS and GFS 2) . . . 779 GFS 2 Packages (Fedora Core 6 and On) . . . 780 GFS 2 Service Scripts . . . 780 Implementing a GFS 2 File System . . . 781 GFS Tools . . . 781 GFS File System Operations . . . 783 GFS 1 . . . 784 A Where to Obtain Linux Distributions . . . 785 Index . . . 787

Acknowledgments

I

would like to thank all those at McGraw-Hill who made this book a reality, particularly Jane Brownlow, sponsoring editor, for her continued encouragement and analysis as well as management of such a complex project; Dean Henrichsmeyer, the technical editor, whose analysis and suggestions proved very insightful and helpful; Jennifer Housh, acquisitions coordinator, who provided needed resources and helpful advice; Sally

Engelfried, copy editor, for her excellent job editing as well as insightful comments; project manager, Sam RC who, along with editorial manager, Patty Mon, incorporated the large number of features found in this book as well as coordinated the intricate task of generating the final version. Thanks also to Scott Rogers, who initiated the project.

Special thanks to Linus Torvalds, the creator of Linux, and to those who continue to develop Linux as an open, professional, and effective operating system accessible to anyone.

Thanks also to the academic community whose special dedication has developed Unix as a flexible and versatile operating system. I would also like to thank professors and students at the University of California, Berkeley, for the experience and support in developing new and different ways of understanding operating system technologies.

I would also like to thank my parents, George and Cecelia, and my brothers, George, Robert, and Mark, for their support and encouragement of such a difficult project. Also Valerie and Marylou and my nieces and nephews, Aleina, Larisa, Justin, Christopher, and Dylan, for their support and deadline reminders.

xxix

This page intentionally left blank

Introduction

T

he Linux operating system has become one of the major operating systems in use today, bringing to the PC all the power and flexibility of a Unix workstation as well as a complete set of Internet applications and a fully functional desktop interface.

This book is designed not only to be a complete reference on Linux, but also to provide clear and detailed explanations of Linux features. No prior knowledge of Unix is assumed; Linux is an operating system anyone can use.

With the large number of Linux distributions available, it is easy to lose sight of the fact that most of their operations are the same. They all use the same desktops, shell, file systems, servers, administration support, and network configurations. Many distributions provide their own GUI tools, but these are just front ends to the same underlying Linux commands.

This book is distribution independent, providing a concise and detailed explanation of those tasks common to all Linux systems. As much as 95 percent of a Linux system involves operations that are the same for all distributions. You can use this book no matter what particular Linux distribution you are using.

Linux distributions include features that have become standard, like the desktops; Unix compatibility; network servers; and numerous software applications such as office,

multimedia, and Internet applications. GNOME and the K Desktop Environment (KDE) have become standard desktop Graphical User Interfaces (GUI) for Linux, noted for their power, flexibility, and ease of use. Both have become integrated components of Linux, with applications and tools for every kind of task and operation.

Linux is also a fully functional Unix operating system. It has all the standard features of a powerful Unix system, including a complete set of Unix shells such as BASH, TCSH, and the Z shell. Those familiar with the Unix interface can use any of these shells, with the same Unix commands, filters, and configuration features.

A wide array of applications operate on Linux. Numerous desktop applications are continually released on the distribution repositories. The GNU General Public License (GPL) software provides professional-level applications such as programming development tools, editors, and word processors, as well as numerous specialized applications such as those for graphics and sound.

How to Use This Book

This book identifies seven major Linux topics: shell environments, desktops, applications, security, servers, system administration, and network administration. It is really several books in one—a desktop book, a shell-user book, a security book, a server book, and an administration book—how you choose to use it depends upon how you want to use your

xxxi

xxxii

L i n u x : T h e C o m p l e t e R e f e r e n c e

Linux system. Almost all Linux operations can be carried out using either the GNOME or KDE interface. You can focus on the GNOME and KDE chapters and their corresponding tools and applications in the different chapters throughout the book. On the other hand, if you want to delve deeper into the Unix aspects of Linux, you can check out the shell chapters and the corresponding shell-based applications in other chapters. If you only want to use Linux for its applications and Internet clients, then concentrate on the applications section. If you want to use Linux as a multiuser system servicing many users or integrate it into a local network, you can use the detailed system, file, and network administration information provided in the administration chapters. None of these tasks are in any way exclusive. If you are working in a business environment, you will probably make use of all three aspects. Single users may concentrate more on the desktops and applications, whereas administrators may make more use of the security and networking features.

Part Topics

The first part of this book provides a general overview and covers some startup topics that users may find helpful. It provides an introduction to Linux listings of resources, software sites, documentation sites, newsgroups and Linux news and development sites. Distributions are covered briefly. The next chapter covers startup topics such as general install issues, GNOME and KDE basics, as well as Windows access.

Part II of this book deals with Linux shell environments, covering the BASH and TCSH shells, shell scripts, shell configuration, and the Linux file system. All these chapters operate from a command line interface, letting you access and manage files and shells directly.

Part III of this book covers desktops and their GUI support tools like the X Window System and display managers. Here you are introduced to the KDE and GNOME desktops.

Different features such as applets, the Panel, and configuration tools are described in detail.

Part IV of this book discusses in detail the many office, multimedia, and Internet applications you can use on your Linux system, beginning with office suites like OpenOffice .org and KOffice. The different database management systems available are also discussed, along with the website locations where you can download them. Linux automatically installs mail, news, FTP, and web browser applications, as well as FTP and web servers. Both KDE and GNOME come with a full set of mail, news, FTP clients and web browsers.

Part V demonstrates how to implement security precautions using encryption,

authentication, and firewalls. Coverage of the GNU Privacy Guard (GPG) shows you how to implement public- and private key-based encryption. With Luks (Linux Unified Key Setup) you can easily encrypt file systems. SE Linux provides comprehensive and refined control of all your network and system resources. IPsec tools let you use the IPSEC protocol to encrypt and authentication network transmissions. Network security topics cover firewalls and encryption using Netfilter (IPtables) to protect your system, the Secure Shell (SSH) to provide secure remote transmissions, and Kerberos to provide secure authentication.

Part VI discusses Internet servers you can run on Linux, including FTP, web, and mail servers. The Apache web server chapter covers standard configuration directives like those for automatic indexing as well as the newer virtual host directives. Sendmail, Postfix, IMAP, and POP mail servers are also covered, and the INN news server, the CUPS print server, the MySQL database server, and the Squid proxy server are examined.

Part VII discusses system administration topics including user, software, file system, system, device, and kernel administration. There are detailed descriptions of the configuration files used in administration tasks and how to make entries in them. First, basic system

administration tasks are covered, such as selecting runlevels, monitoring your system, and scheduling shutdowns. Then, aspects of setting up and controlling users and groups are discussed. Different methods of virtualization are covered, such as full (KVM) and para- virtualizaton (Xen). Different file system tasks are covered, such as mounting file systems, managing file systems with HAL and udev, and configuring RAID devices and LVM volumes.

Devices are automatically detected with udev and the Hardware Abstraction Layer (HAL).

Part VIII covers network administration topics such as configuring network interfaces and IP addressing.You also learn how to implement your own IPv4 Dynamic Host

Configuration Protocol (DHCP) server to dynamically assign hosts IP addresses and how IPv6 automatic addressing and renumbering operates. The various network file system (NFS) interfaces and services such as GFS version 2, NFS for Unix, and NIS networks are presented.

I n t r o d u c t i o n

xxxiii

This page intentionally left blank

I

Introduction ^C

^{HAPTER 1}

Introduction to Linux

C

HAPTER 2 Getting Started

PART

This page intentionally left blank

1

Introduction to Linux

L

inux is a fast and stable open source operating system for personal computers (PCs) and workstations that features professional-level Internet services, extensive development tools, fully functional graphical user interfaces (GUIs), and a massive number of applications ranging from office suites to multimedia applications. Linux was developed in the early 1990s by Linus Torvalds, along with other programmers around the world. As an operating system, Linux performs many of the same functions as Unix, Macintosh, Windows, and Windows NT. However, Linux is distinguished by its power and flexibility, along with being freely available. Most PC operating systems, such as Windows, began their development within the confines of small, restricted PCs, which have only recently become more versatile machines. Such operating systems are constantly being upgraded to keep up with the ever-changing capabilities of PC hardware. Linux, on the other hand, was developed in a different context. Linux is a PC version of the Unix

operating system that has been used for decades on mainframes and minicomputers and is currently the system of choice for network servers and workstations. Linux brings the speed, efficiency, scalability, and flexibility of Unix to your PC, taking advantage of all the capabilities that PCs can now provide.

Technically, Linux consists of the operating system program, referred to as the kernel, which is the part originally developed by Linus Torvalds. But it has always been distributed with a massive number of software applications, ranging from network servers and security programs to office applications and development tools. Linux has evolved as part of the open source software movement, in which independent programmers joined together to provide free, high-quality software to any user. Linux has become the premier platform for open source software, much of it developed by the Free Software Foundation’s GNU project.

Many of these applications are bundled as part of standard Linux distributions. Currently, thousands of open source applications are available for Linux from sites like SourceForge, Inc.’s sourceforge.net, K Desktop Environment’s (KDE’s) kde-apps.org, and GNU Network Object Model Environment’s (GNOME’s) gnomefiles.org. Most of these applications are also incorporated into the distribution repository, using packages that are distribution compliant.

Along with Linux’s operating system capabilities come powerful networking features, including support for Internet, intranets, and Windows networking. As a norm, Linux distributions include fast, efficient, and stable Internet servers, such as the web, File Transfer Protocol (FTP), and DNS servers, along with proxy, news, and mail servers. In other words, Linux has everything you need to set up, support, and maintain a fully functional network.

3

CHAPTER

4

P a r t I : I n t r o d u c t i o n

With both GNOME and KDE, Linux also provides GUIs with that same level of flexibility and power. Unlike Windows and the Mac, Linux enables you to choose the interface you want and then customize it further, adding panels, applets, virtual desktops, and menus, all with full drag-and-drop capabilities and Internet-aware tools.

Linux does all this at the right price. Linux is free, including the network servers and GUI desktops. Unlike the official Unix operating system, Linux is distributed freely under a GNU general public license as specified by the Free Software Foundation, making it available to anyone who wants to use it. GNU (the acronym stands for “GNUs Not Unix”) is a project initiated and managed by the Free Software Foundation to provide free software to users, programmers, and developers. Linux is copyrighted, not public domain. However, a GNU public license has much the same effect as the software’s being in the public domain.

The GNU GPL is designed to ensure Linux remains free and, at the same time,

standardized. Linux is technically the operating system kernel—the core operations—and only one official Linux kernel exists. People sometimes have the mistaken impression that Linux is somehow less than a professional operating system because it is free. Linux is, in fact, a PC, workstation, and server version of Unix. Many consider it far more stable and much more powerful than Windows. This power and stability have made Linux an operating system of choice as a network server.

To appreciate Linux completely, you need to understand the special context in which the Unix operating system was developed. Unix, unlike most other operating systems, was developed in a research and academic environment. In universities, research laboratories, data centers, and enterprises, Unix is the system most often used. Its development has paralleled the entire computer and communications revolution over the past several decades. Computer professionals often developed new computer technologies on Unix, such as those developed for the Internet. Although a sophisticated system, Unix was designed from the beginning to be flexible. The Unix system itself can be easily modified to create different versions. In fact, many different vendors maintain different official versions of Unix. IBM, Sun, and Hewlett- Packard all sell and maintain their own versions of Unix. The unique demands of research programs often require that Unix be tailored to their own special needs. This inherent flexibility in the Unix design in no way detracts from its quality. In fact, this flexibility attests to the ruggedness of Unix, allowing it to adapt to practically any environment. This is the context in which Linux was developed. Linux is, in this sense, one other version of Unix—

a version for the PC. The development of Linux by computer professionals working in a researchlike environment reflects the way Unix versions have usually been developed. Linux is publicly licensed and free—and reflects the deep roots Unix has in academic institutions, with their sense of public service and support. Linux is a top-rate operating system accessible to everyone, free of charge.

Linux Distributions

Although there is only one standard version of Linux, there are actually several different distributions. Different companies and groups have packaged Linux and Linux software in slightly different ways. Each company or group then releases the Linux package, usually on a CD-ROM. Later releases may include updated versions of programs or new software.

Some of the more popular distributions are Red Hat, Ubuntu, Mepis, SUSE, Fedora, and Debian. The Linux kernel is centrally distributed through kernel.org. All distributions use this same kernel, although it may be configured differently.

C h a p t e r 1 : I n t r o d u c t i o n t o L i n u x

5

PA RT I PA RT I PA RT I

Linux has spawned a great variety of distributions. Many aim to provide a comprehensive solution providing support for any and all task. These include distributions like SUSE, Red Hat, and Ubuntu. Some are variations on other distributions, like Centos, which is based on Red Hat Enterprise Linux, and Ubuntu, which derives from Debian Linux. Others have been developed for more specialized tasks or to support certain features. Distributions like Debian provide cutting edge developments. Some distributions provide more commercial versions, usually bundled with commercial applications such as databases or secure servers.

Certain companies like Red Hat and Novell provide a commercial distribution that corresponds to a supported free distribution. The free distribution is used to develop new features, like the Fedora Project for Red Hat. Other distributions like Knoppix and Ubuntu specialize in Live-CDs, the entire Linux operating system on single CD.

Currently, distrowatch.com lists numerous Linux distributions. Check this site for details about current distributions. Table 1-1 lists the websites for several of the more popular Linux distributions. The FTP sites for these distributions use the prefix ftp instead of www, as in ftp.redhat.com. Also listed in Table 1-1 is the Linux kernel site where the newest releases of the official Linux kernel are provided. These sites have corresponding FTP sites where you can download updates and new releases.

NOTE

NOTE Distributions will use their own software install and update programs. Check your distribution documentation for details.

URL Site Description

redhat.com Red Hat Linux

fedoraproject.org Fedora Linux

centos.org Centos Linux

opensuse.com openSUSE Linux

debian.org Debian Linux

ubuntu.com Ubuntu Linux

mepis.org Mepis Linux

gentoo.org Gentoo Linux

turbolinux.com Turbo Linux

knoppix.org Knoppix Linux

linuxiso.com CD-ROM ISO images of Linux distributions distrowatch.com Detailed information about Linux distributions

kernel.org Linux kernel

TABLE 1-1 Linux Distribution and Kernel Sites

6

P a r t I : I n t r o d u c t i o n

Operating Systems and Linux

An operating system is a program that manages computer hardware and software for the user. Operating systems were originally designed to perform repetitive hardware tasks, which centered around managing files, running programs, and receiving commands from the user. You interact with an operating system through a user interface, which allows the operating system to receive and interpret instructions sent by the user. You need only send an instruction to the operating system to perform a task, such as reading a file or printing a document. An operating system’s user interface can be as simple as entering commands on a line or as complex as selecting menus and icons on a desktop.

An operating system also manages software applications. To perform different tasks, such as editing documents or performing calculations, you need specific software applications. An editor is an example of a software application that enables you to edit a document, making changes and adding new text. The editor itself is a program consisting of instructions to be executed by the computer. For the program to be used, it must first be loaded into computer memory, and then its instructions are executed. The operating system controls the loading and execution of all programs, including any software applications. When you want to use an editor, simply instruct the operating system to load the editor application and execute it.

File management, program management, and user interaction are traditional features common to all operating systems. Linux, like all versions of Unix, adds two more features.

Linux is a multiuser and multitasking system. As it is a multitasking system, you can ask the system to perform several tasks at the same time. While one task is being done, you can work on another. For example, you can edit a file while another file is being printed. You do not have to wait for the other file to finish printing before you edit. As it is a multiuser system, several users can log in to the system at the same time, each interacting with the system through his or her own terminal.

As a version of Unix, Linux shares that system’s flexibility, a flexibility stemming from Unix’s research origins. Developed by Ken Thompson at AT&T Bell Laboratories in the late 1960s and early 1970s, the Unix system incorporated many new developments in operating system design. Originally, Unix was designed as an operating system for researchers. One major goal was to create a system that could support the researchers’ changing demands. To do this, Thompson had to design a system that could deal with many different kinds of tasks. Flexibility became more important than hardware efficiency. Like Unix, Linux has the advantage of being able to deal with the variety of tasks any user may face. The user is not confined to limited and rigid interactions with the operating system. Instead, the operating system is thought of as making a set of highly effective tools available to the user. This user- oriented philosophy means you can configure and program the system to meet your specific needs. With Linux, the operating system becomes an operating environment.

History of Unix and Linux

As a version of Unix, the history of Linux naturally begins with Unix. The story begins in the late 1960s, when a concerted effort to develop new operating system techniques occurred. In 1968, a consortium of researchers from General Electric, AT&T Bell Laboratories, and the Massachusetts Institute of Technology carried out a special operating system research project called MULTICS (the Multiplexed Information and Computing Service). MULTICS

incorporated many new concepts in multitasking, file management, and user interaction.