Linux Administration: A Beginner’s Guide Fifth Edition WALE SOYINKA New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto Copyright © 2009 by The McGraw-Hill Companies. All rights reserved. Manufactured in the United States of America. Except as per- mitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher. 0-07-154625-1 The material in this eBook also appears in the print version of this title: 0-07-154588-3. All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps. McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate train- ing programs. For more information, please contact George Hoare, Special Sales, at [email protected] or (212) 904- 4069. TERMS OF USE This is a copyrighted work and The McGraw-Hill Companies, Inc. (“McGraw-Hill”) and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms. THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, spe- cial, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise. DOI: 10.1036/0071545883 “W ith the right knowledge, Linux can be clear and simple to understand. This book presents the core fundamentals of Linux in a manner that is very logical and easy to follow.” —Greg Kurtzer, CTO, Infiscale, Inc. “ Wale continues to do a great job explaining complex information in a straightfor- ward manner. All newcomers should start their Linux library with this book.” —Ron Hudson, Senior Field Support Engineer, Intervoice, Inc. “ Wale Soyinka did a stellar job in the fourth edition and he was up for the chal- lenge of making the fifth edition his own. It is with great pleasure I present the fifth edition of Linux Administration: A Beginners Guide by Wale Soyinka. This book barely resembles the 500-odd pages written nine years ago in the first edi- tion, and it is without hesitation that I say his new words are for the better.” —From the Foreword by Steve Shah, original author of Linux Administration: A Beginner’s Guide ABOUT THE AUTHOR Wale Soyinka (Canada) is a systems/network engineering consultant with several years experience in the field. He has written an extensive library of Linux administration train- ing materials. In addition to being a co-author of the fourth edition of Linux Administration: A Beginner’s Guide, he is the author of a projects lab manual—Microsoft Windows 2000 Man- aging Network Environments, which is part of the Microsoft certification series published by Prentice Hall. Wale participates in several open source discussions and projects. His latest project is at caffe*nix (www.caffenix.com) where he usually hangs out. caffe*nix is possibly the world’s first (or only existing) brick-and-mortar store committed and dedi- cated to prompting and showcasing open source technologies and culture. ABOUT THE CONTRIBUTING AUTHOR Steve Shah (San Jose, California) is the chief technology officer (CTO) and co-founder of Asyncast, where he leads the product strategy and engineering groups. Prior to start- ing Asyncast, Steve was the founder and principal of RisingEdge Consulting where he provided strategic marketing services for a number of Silicon Valley infrastructure com- panies. To earn his chops, Steve grew to be a prominent player in network load balanc- ing, application delivery controllers, and Secure Sockets Layer-virtual private network (SSL-VPN) markets as the director of product management at NetScaler (acquired by Citrix) and Array Networks. Before turning into a marketing droid who is eerily com- fortable at a Unix command prompt, Steve was a senior software engineer and systems administrator at numerous companies. Steve holds a bachelor of science (BS) in com- puter science with a minor in creative writing and a master in science (MS) in computer science from University of California Riverside. ABOUT THE TECHNICAL EDITOR Dr. Ibrahim Haddad is director of technology at Motorola, Inc. and is responsible for defining and developing the requirements for Motorola’s open source initiatives. Prior to Motorola, Dr. Haddad managed the carrier-grade Linux and Mobile Linux Initiatives at the Open Source Development Lab (OSDL), which included promoting the develop- ment and adoption of Linux and open source software in the communications industry. Prior to joining OSDL, Dr. Haddad was a senior researcher at the Research & Innova- tion Department of Ericsson’s Corporate Unit of Research. He is a contributing editor for Linux Journal and Enterprise Open Source magazines. Haddad received his BS and MS degrees in computer science from the Lebanese American University, and his PhD in computer science from Concordia University in Montreal, Canada. In 2000, he was awarded by Concordia University both the J.W. McConnell Memorial Graduate Fel- lowship, and the Concordia University 25th Anniversary Fellowship, in recognition for academic excellence. In 2007, he was the winner of the Big Idea Innovation Award in Recognition of Leadership and Vision at Motorola, Inc. Copyright © 2009 by The McGraw-Hill Companies. Click here for terms of use. For more information about this title, click here CONTENTS Foreword ................... ..... .......... ... ...... xx Acknowledgments................... ..... .......... .. xxi Introduction ................... ..... .......... ... ... xxii Part I Installing Linux as a Server ▼ 1 Technical Summary of Linux Distributions . . . . . . . . . . . . . . . . . . . . . . . . 3 Linux—The Operating System ....................... ..... 4 What Is Open Source Software and GNU All About? ...... 5 What Is the GNU Public License? ..................... 7 The Advantages of Open Source Software ................... 8 Understanding the Differences Between Windows and Linux ... 9 Summary ....................... ..... ......... ..... . 14 ▼ 2 Installing Linux in a Server Configuration . . . . . . . . . . . . . . . . . . . . . . . 15 Hardware and Environmental Considerations .............. 16 Server Design ....................... ..... ......... ... 16 Uptime....................... ..... ......... .... 18 Dual-Booting Issues ....................... ..... ....... 18 v vi Linux Administration: A Beginner’s Guide Methods of Installation ....................... ..... ..... 19 Installing Fedora ....................... ..... ......... . 20 Project Prerequisites ....................... ..... ... 20 Carrying Out the Installation ....................... . 21 Initial System Configuration ....................... . 36 Installing Ubuntu Server ....................... ..... ... 37 Summary ....................... ..... ......... ..... . 41 ▼ 3 Managing Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 The RPM Package Manager ....................... ..... . 44 The Debian Package Management System .................. 47 APT .................. ..... ........... ..... .... 47 Managing Software Using RPM ....................... .... 48 Querying for Information the RPM Way (Getting to Know One Another) ..................... 48 Installing with RPM (Moving In Together) ............. 51 Uninstalling Software with RPM (Ending the Relationship) .. 54 Other Things You Can Do with RPM ................. 55 Software Management in Ubuntu ....................... . 58 Querying for Information ....................... ... 58 Installing Software in Ubuntu ....................... 59 Removing Software in Ubuntu ...................... 59 GUI RPM Package Managers ....................... 60 Compile and Install GNU Software ....................... 62 Getting and Unpacking the Package .................. 62 Looking for Documentation (Getting to Know Each Other—Again) ................ 64 Configuring the Package ....................... .... 64 Compiling the Package ....................... ..... 65 Installing the Package ....................... ..... . 66 Testing the Software ....................... ..... ... 66 Cleanup....................... ..... ......... ... 67 Common Problems when Building from Source Code ........ 67 Problems with Libraries ....................... ..... 68 When There Is No configure Script ................... 68 Broken Source Code ....................... ..... ... 68 Summary ....................... ..... ......... ..... . 69 Part II Single-Host Administration ▼ 4 Managing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 What Exactly Constitutes a User?....................... .. 74 Where User Information Is Kept ..................... 74 The /etc/passwd File ....................... ..... . 75 vii Contents The /etc/shadow File ................. ........... . 79 The /etc/group File ................. ........... .. . 80 User Management Tools ................. ........... .. .. 81 Command-Line User Management ................... 81 GUI User Managers ....................... ..... ... 85 Users and Access Permissions ....................... .... 88 Understanding SetUID and SetGID Programs .......... 88 Pluggable Authentication Modules (PAM) ................. 89 How PAM Works ....................... ..... ..... 89 PAM’s Files and Their Locations ..................... 90 Configuring PAM ....................... ..... .... 90 The “Other” File....................... ..... ...... 95 “DOH! I Can’t Log In!” ....................... ..... 95 Debugging PAM ....................... ..... ..... 95 A Grand Tour ....................... ..... ......... ... 96 Creating Users with useradd ....................... . 96 Creating Groups with groupadd ..................... 97 Modifying User Attributes with usermod .............. 98 Modifying Group Attributes with groupmod ........... 99 Deleting Groups and Users with groupdel and userdel ... 99 Summary ....................... ..... ......... ..... 100 ▼ 5 The Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 An Introduction to BASH ................. ........... .. 102 Job Control ................. ........... .. ....... 103 Environment Variables ................. .......... 104 Pipes................. ........... .. ............ 106 Redirection ................. ........... .. ....... 107 Command-Line Shortcuts ................. ........... . 107 Filename Expansion ................. ........... .. 108 Environment Variables as Parameters ................ 108 Multiple Commands ....................... ..... . 108 Backticks ....................... ..... ......... . 109 Documentation Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 The man Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 The texinfo System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Files, File Types, File Ownership, and File Permissions . . . . . . . . 112 Normal Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Hard Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Symbolic Links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Block Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Character Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 Named Pipes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 viii Linux Administration: A Beginner’s Guide Listing Files: ls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 Change Ownership: chown . . . . . . . . . . . . . . . . . . . . . . . . . 115 Change Group: chgrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 Change Mode: chmod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 File Management and Manipulation . . . . . . . . . . . . . . . . . . . . . . 119 Copy Files: cp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 Move Files: mv ....................... ..... ...... 120 Link Files: ln....................... ..... ........ 120 Find a File: find ....................... ..... ..... 121 File Compression: gzip ....................... .... 121 bzip2 ....................... ..... ......... .... 122 Create a Directory: mkdir ....................... .. 122 Remove a Directory: rmdir ....................... . 123 Show Present Working Directory: pwd ............... 123 Tape Archive: tar ....................... ..... .... 123 Concatenate Files: cat ....................... ..... . 125 Display a File One Screen at a Time: more............. 126 Disk Utilization: du ....................... ..... .. 126 Show the Directory Location of a File: which .......... 127 Locate a Command: whereis ....................... 127 Disk Free: df ....................... ..... ........ 127 Synchronize Disks: sync ....................... ... 128 Moving a User and Its Home Directory ................... 128 List Processes: ps ....................... ..... .... 131 Show an Interactive List of Processes: top ............. 133 Send a Signal to a Process: kill ...................... 134 Miscellaneous Tools ....................... ..... ...... 135 Show System Name: uname ....................... 135 Who Is Logged In: who ....................... .... 136 A Variation on who: w ....................... ..... 136 Switch User: su ....................... ..... ..... 136 Editors ....................... ..... ......... ..... .. 137 vi .................... ..... ........... ..... ... 137 emacs....................... ..... ......... .... 138 joe.................... ..... ........... ..... ... 138 pico ....................... ..... ......... ..... 139 Standards ....................... ..... ......... ..... 139 Summary ....................... ..... ......... ..... 140 ▼ 6 Booting and Shutting Down. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Boot Loaders ....................... ..... ......... ... 142 GRUB....................... ..... ......... .... 142 LILO....................... ..... ......... ..... 152 Bootstrapping ....................... ..... ...... 152 ix Contents The init Process ................. ........... .. ........ 153 rc Scripts ................. ........... .. ............ . 154 Writing Your Own rc Script ....................... . 155 Enabling and Disabling Services ....................... . 159 Disabling a Service ....................... ..... ... 162 Odds and Ends of Booting and Shutting Down ............. 162 fsck! ....................... ..... ......... ..... 163 Booting into Single-User (“Recovery”) Mode .......... 163 Summary ....................... ..... ......... ..... 164 ▼ 7 File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 The Makeup of File Systems ................. ........... 166 i-Nodes ................. ........... .. ......... 166 Superblocks................. ........... .. ...... 167 ext3 and ReiserFS ................. ........... .. .. 168 Which File System to Use? ....................... . 169 Managing File Systems ....................... ..... .... 169 Mounting and Unmounting Local Disks .............. 169 Using fsck ....................... ..... ......... 176 Adding a New Disk ....................... ..... ...... 177 Overview of Partitions ....................... ..... 178 Traditional Disk- and Partition-Naming Conventions ... 178 Volume Management ....................... ..... ..... 179 Creating Partitions and Logical Volumes ............. 180 Creating File Systems ....................... ..... ..... 190 Summary ....................... ..... ......... ..... 192 ▼ 8 Core System Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 The init Daemon ................. ........... .. ....... 194 upstart: Die init. Die Now! ................. ........ 195 The /etc/inittab File ................. ........... . 196 xinetd and inetd ................. ........... .. ....... 198 The /etc/xinetd.conf File ................. ........ 200 Examples: A Simple Service Entry and Enabling/Disabling a Service ...................... 205 The Logging Daemon ....................... ..... ..... 208 Invoking rsyslogd ....................... ..... ... 208 Configuring the Logging Daemon ....................... 208 Log Message Classifications ....................... 210 Format of /etc/rsyslog.conf . . . . . . . . . . . . . . . . . . . . . . . . 211 The cron Program ....................... ..... ........ 216 The crontab File ....................... ..... ..... 216 Editing the crontab File ....................... .... 218 Summary ....................... ..... ......... ..... 218 x Linux Administration: A Beginner’s Guide ▼ 9 Compiling the Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 What Exactly Is a Kernel? ....................... ..... .. 222 Finding the Kernel Source Code ....................... .. 224 Getting the Correct Kernel Version .................. 224 Unpacking the Kernel Source Code .................. 225 Building the Kernel ....................... ..... ...... 225 Preparing to Configure the Kernel .................. 227 Kernel Configuration ....................... ..... . 228 Compiling the Kernel ....................... ..... 231 Installing the Kernel ....................... ..... . 233 Booting the Kernel ....................... ..... ... 235 The Author Lied—It Didn’t Work! .................. 235 Patching the Kernel ....................... ..... ...... 236 Downloading and Applying Patches ................. 237 Summary ....................... ..... ......... ..... 239 ▼ 10 Knobs and Dials: proc and SysFS File Systems . . . . . . . . . . . . . . . . . . 241 What’s Inside the /proc Directory? ...................... 242 Tweaking Files Inside of /proc ..................... 243 Some Useful /proc Entries ....................... ..... . 244 Enumerated /proc Entries ....................... .. 246 Common proc Settings and Reports ...................... 247 SYN Flood Protection ....................... ..... 248 Issues on High-Volume Servers ..................... 249 Debugging Hardware Conflicts ..................... 249 SysFS....................... ..... ......... ..... .... 249 Summary ....................... ..... ......... ..... 252 Part III Security and Networking ▼ 11 TCP/IP for System Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 The Layers ....................... ..... ......... .... 256 TCP/IP Model and the OSI Model .................. 259 Headers ....................... ..... ......... ..... . 263 Ethernet....................... ..... ......... .. 264 IP (IPv4) ....................... ..... ......... .. 265 TCP .................. ..... ........... ..... ... 268 UDP ........... ....... ..... ........... ..... ... 272 A Complete TCP Connection ....................... .... 273 Opening a Connection ....................... ..... 273 Transferring Data ....................... ..... .... 274 Closing the Connection ....................... .... 275