1. Trang chủ
  2. » Công Nghệ Thông Tin

Beginning Red Hat Linux 9 phần 8 pdf

46 342 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 46
Dung lượng 454,51 KB

Nội dung

Let's have a look at the settings in this example: The first two lines of the configuration file instruct the DHCP server not to accept dynamic DNS−updates. • The next line defines a subnet and netmask that will is used to supply the DHCP information. After that we defined all the options: Option Description routers Specifies the default gateway subnet−mask Specifies the default netmask domain−name Specifies the default domain−name domain−name−servers Specifies the name−servers for our network range dynamic−bootp Specifies the range of IP addresses that the DHCP server is allowed to allocate to clients. In our example, all allocated IP addresses will lie in the range 192.168.0.128−192.168.0.254. default−lease−time Defines the default lease time, after which the client's DHCP configuration will expire, and the client must request a new DHCP configuration from the DHCP server. In this example, the DHCP lease will expire after 6 hours, unless the client asks for a specific time frame. max−lease−time Defines the maximum lease allowed to the client. • Note There are other options in the sample configuration file, /usr/share/doc/dhcp−3.0pl1/dhcpd.conf.sample, that we won't discuss here. There's more about these options at the dhcpd.conf man page. The DHCP Lease Database How does the DHCP server keep track of the IP addresses it has leased out? In Red Hat Linux 9 systems, this information is stored in the database file /var/lib/dhcp/dhcpd.leases. The data stored here includes a client identifier used by the client that requested the lease, the time and date of both the start and end of the lease, and the address of the Ethernet network interface card that was used to retrieve the lease. Note DHCP can recognize a server by the address of its Ethernet network interface card, which is unique. This address is also known as the MAC address. DHCP server stores lease information for each recently assigned IP address automatically in the lease database, and you should not modify it by hand. Starting the dhcpd Service You can start the dhcpd service in the usual ways − using Service Configuration GUI tool, or the /etc/rc.d/init.d/dhcpd command line script. In the Service Control GUI tool (Main Menu | System Settings | Server Settings | Services), the service we're interested in is called dhcpd: The Benefits of DHCP 315 It's typical to check the checkbox so that the service starts automatically on startup. Don't forget to save your new settings using File | Save Changes. Alternatively, you can use the service command to control the dhcpd script: # service dhcpd Usage: /etc/init.d/dhcpd {start|stop|restart|condrestart|status} # service dhcpd start Starting dhcpd: [OK] Assign Static IP Address Using DHCP It's not always the best thing to have DHCP assign IP addresses dynamically. If your had a production server like a web server or e−mail server whose IP address changed every time its lease expired, then it would be impossible for other machines on the network to find them. So, for servers and other machines like this, there are two alternatives: We can either configure the machine with its own static IP address and TCP/IP information• Alternatively, we can configure the DHCP server to reserve fixed IP addresses for specific servers.• The second of these options is generally preferable because it means it's still easy to make global network configurations (like changing the DNS server) in a single location (the DHCP server configuration). To allocate a static IP address a production server, we can add a host clause to the /etc/dhcpd.conf as shown below: host emailserver { option host−name "test.linux4biz.net"; hardware ethernet 00−20−18−8B−3F−9E; fixed−address 192.168.0.10; } Here, the first line defines the declaration for a single computer: host is a configuration option, and emailserver is a reference name for the computer that will be allocated a static IP address. You can use any reference name here, and we usually use a name that reflects the purpose of the machine in question. The second line specifies the hostname of the machine (test.linux4biz.net), and the third line defines the Ethernet hardware address. The Benefits of DHCP 316 Note You can find the Ethernet hardware address of a Linux machine by executing the following command on that machine: $ /sbin/ifconfig Check the first line of output, it should look something like this: eth0 Link encap:Ethernet HWaddr 00:D0:B7:0A:E7:41 You can find the Ethernet hardware address on a Windows machine by executing this command at the on command prompt: > ipconfig /all In this case, search for the line starts with thee string Physical Address, under your Ethernet card description: Physical Address. . . . . . . . . : 00−20−18−8B−3F−9E The fourth line defines the static IP address to be assigned to the server whose hardware Ethernet address matches the one given. It is recommended that you back up the /etc/dhcpd.conf file when you've finished your initial configuration, and keep it safe − just in case it gets corrupted or changed accidentally. Installing and Configuring a DHCP Client We've talked about how to configure the DHCP server, but what about the DHCP client? In fact, there is a default DHCP client software installed on all on Red Hat Linux 9 installations, and if you've configured your Linux machine to be a DHCP client, then it's using that DHCP client program now. If you want to configure a Linux machine to be a DHCP client, then you can set this configuration either at installation or subsequently via the Network Configuration tool. To launch the Network Configuration tool, select Main Menu | System Settings | Network or type the following command at the command line: $ redhat−config−network Under the Devices tab, select the Ethernet device and click on Edit. Make sure the Activate device when computer starts option is enabled, and select the Automatically obtain IP address settings with dhcp option: The Benefits of DHCP 317 Click on OK when you're finished, then on Apply to apply the changes. The changes will take effect from the next reboot. Configuring a Windows 2000 Machine to Use a DHCP Server If you've got a Windows 2000 machine (for example, a Win2K laptop that you use both at home and at work), here's how to configure it to get its network settings from a DHCP server: Click on Start | Settings | Control Panel to open the Control Panel window.1. Double click on Network and Dial−up Connections and then on Local Area Connection.2. Click the Properties button. In the resulting Local Area Connection Properties dialog, highlight Internet Protocol (TCP/IP) and click on Properties. 3. In the resulting Internet Protocol (TCP/IP) Properties dialog, select Obtain an IP Address automatically and Obtain DNS server address automatically. 4. Click on OK to confirm the changes, and then on OK again to implement the changes. At this point, the DHCP client program will try to get address information from DHCP server. 5. If you like, you can check the new IP address allocated by the DHCP server by executing the ipconfig/all command on the command prompt: C:\>ipconfig /all Windows 2000 IP Configuration Host Name . . . . . . . . . . : my−win2k−laptop Primary DNS Suffix . . . . . : Node Type . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . : No WINS Proxy Enabled. . . . . . : No DNS Suffix Search List. . . . : linux4biz.net Ethernet adapter Local Area Connection: Connection−specific DNS Suffix: linux4biz.net Description . . . . . . . . . : Xircom CreditCard Ethernet 10/100 + Modem 56 The Benefits of DHCP 318 Physical Address. . . . . . . : 00−80−C7−8B−C2−E3 DHCP Enabled. . . . . . . . . : Yes Autoconfiguration Enabled . . : Yes IP Address. . . . . . . . . . : 192.168.0.129 Subnet Mask . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . : 192.168.0.99 DNS Servers . . . . . . . . . : 192.168.0.1 Lease Obtained. . . . . . . . : 19 February 2003 09:01:21 Lease Expires . . . . . . . . : 22 February 2003 09:01:21 This allows you to see the TCP/IP information that the Windows DHCP client has acquired from the DHCP server. In the above output, the DHCP Enabled property is set to Yes, indicating that the Windows client machine is configured to get IP information from a DHCP server. The physical address of this machine (its MAC address, taken from its Ethernet card) is 00−80−C7−8B−C2−E3; the DHCP server has leased the IP address 192.168.0.129 to the machine, and the lease will expire three days from when it was obtained. Summary We've covered six common services in this chapter. It's unlikely that you'll need them all in a home environment, and it's certainly unlikely that you'll ever install all of these services onto a single machine, except to experiment with them! Most medium−size office environments will have at least some of these services, and in a production situation you would often assign at least one dedicated machine to any of these services. There are so many configuration options for all these services that we can't possible cover them all here. There is a mass on useful information on the web, both in formal documentation and on newsgroups, and you have the man pages too. Here are just a few sites that provide more documentation and developments on some of the services here: www.sendmail.org − the official sendmail web site• www.redhat.com − the official site for Red Hat Linux• www.samba.org − the official web site for SAMBA• http://www.rfc−editor.org a searchable Collection of all RFCs• http://www.isc.org/products/DHCP/ − the official site for DHCP• http://www.tldp.org/ − the Linux documentation Project site• http://www.linux4biz.net/writing.htm − contains useful articles on Linux• http://www.linuxsecurity.com/ − a security news site for Linux• In the next chapter we will delve further into the realms of systems administration, by looking at system configuration, logs, backups and archives, and a closer look at the Linux kernel. Summary 319 Chapter 10: Advanced System Administration Overview We have dealt exclusively with the Personal Desktop version of RedHat Linux in this book, but we still need to perform a number of administrative tasks to keep our system running well; system administration is not limited to full multi−user servers. We have already discussed how to install the operating system and how to use it for day−to−day operations. So, our next goal is to discuss some of the more advanced administrative aspects of managing a Linux system. More specifically, we will focus on the following tasks in this chapter: Examining important configuration files and the information they contain• Analyzing system log files to track problems• Backing up and archiving• Installing new applications from source code• Building and customizing the Linux kernel• By understanding the rationale for performing these tasks, as well as how to actually implement them, we will get a better feel for how the operating system works and how to manage it properly. As you will see, Linux provides us with the ability to control and administer nearly all aspects of its operation, including the core part of the system, the kernel. We will start by looking at the system configuration, including how to find the information we need and then to modify it to suit our requirements. System Configuration What do you think of when you hear the term system configuration? If you were to pose that exact same question to a group of people, you would, most likely, get entirely different responses. System configuration encompasses such a broad area of system administration that it is very difficult to cover all aspects. And so, we will concentrate on configuration related to users and login, hardware, booting up and startup services, networking, and security. Even though there are numerous applications that will allow you to manipulate system configuration through a graphical interface, you will have better control of the system if you know where the configuration information is stored and how to modify it manually when necessary. Depending on the operating system, the configuration information is stored in different locations. For example, Microsoft Windows stores most configuration data in the Registry, while the Mac OS stores it in separate binary files in a special Preferences folder. How about Linux? Where does it store the configuration details? For the most part, Linux, by which I mean the core components as well as individual applications, stores the information in plain text files in the /etc directory or in one of its subdirectories. This gives us a number of advantages over the other operating systems, namely: We can read and edit the information easily with an text editor.• We can back up the files consistently.• We can maintain version control, thereby keeping track of all changes.• Unfortunately, since each component or application stores its configuration information individually in a separate file, there are bound to be differences in syntax between them. However, a majority of the files have 320 a syntax that is easy to understand, as you will see in a moment. Example: Finding the DNS Server For example, perhaps you entered a DNS server address when you were installing the operating system back in Chapter 1. That DNS server address forms part of the system's configuration, and its value is stored in the appropriate configuration file under the /etc directory hierarchy. If you take a look at the /etc directory, you'll see that there are quite a lot of configuration files there. Which one contains DNS server configuration? If you know the DNS server address, then one way to find out is to use the grep command to search for the file that contains that address. For example, if you used the primary nameserver address 192.168.1.1, then you can find the correct configuration file via the following command: # grep −ri 192.168.1.1 /etc /etc/resolv.conf:nameserver 192.168.1.1 The output from this command points us in the direction of the file /etc/resolv.conf − in fact, it is this file that holds all the DNS server information. You can take a look at this file, using a text editor such as gedit: # gedit /etc/resolv.conf You'll see that it is simply a text file with the following format: nameserver 192.168.1.1 ## primary nameserver 192.168.1.2 ## secondary, etc. Let's take a look at some more configuration files. Configuration Files We mentioned that there are a large number of configuration files contained in the /etc directory hierarchy. They're stored in a tree structure; the diagram below gives you an idea of the common ones you might find: Example: Finding the DNS Server 321 We can't possibly mention them all here, but over the next few pages we will discuss some of the configuration files that you're most likely to find important. You should take some time to explore these files to see what information they contain, either using the cat, more or less commands, or an editor of some sort; just be careful not to accidentally modify or delete any information. /etc/XF86Config The XF86Config configuration file controls specific aspects of the X Window System (X11) server, from keyboard and mouse to monitor. This file is essential if X11 is to work properly on your system. Note While it is generally possible to modify configuration files by hand, we recommend that you don't try it with this one, because its configuration is quite difficult. It is best to use the following Red Hat GUI applications to manipulate the information in this file: redhat−config−xfree86 (Applications | System Settings | Display)• redhat−config−keyboard (Applications | System Settings | Keyboard)• redhat−config−mouse (Applications | System Settings | Mouse).• /etc/aliases The aliases configuration file contains aliases for mail users and is used by the sendmail application that we met in Chapter 9. For example, you can set up an alias such that all mail sent to the alias mickeymouse is forwarded to the system administrator: Configuration Files 322 mickeymouse: root Whenever you modify this file manually, you must also run the newaliases application (located in /usr/bin) for the changes to take effect. Note The postfix mail transport application, an alternative to sendmail, has a similar configuration file which is located at /etc/postfix/aliases. /etc/bashrc and /etc/csh.cshrc These two configuration files set the defaults (file creation masks/ permissions, shell prompts, and so on) that are used by all bash and csh shell users upon starting a new shell. /etc/crontab This file is a configuration file for the cron daemon, crond, which allows us to execute automated tasks − tasks that run unattended at specified times. Once a minute, the cron daemon checks for changes in the crontab file (and also in the /etc/cron.d directory, and the /var/spool/cron directory), and reloads them into memory as necessary. Here is an example. The following is a crontab entry that records the system load averages into a file every hour from 8:00 pm until 11:00 pm on Mondays: min hour day mon weekday command 00 20−23 * * 01 /usr/bin/uptime >> /data/load.txt You don't need root privileges to set up automated tasks using the crontab application. Any user can edit their own crontab entries, via the command crontab −e. There's more about the cron daemon in Chapter 6. /etc/default/useradd This file sets the default parameters that are used whenever a new user is created. For example, if you want all new users to have the C shell by default, then you would change the SHELL directive in the useradd configuration file, so that it reads thus: SHELL=/bin/csh /etc/fstab The fstab file contains the file system table, which is a table of all disk partitions, and their mount points and default mount options. You can use this file to tell Linux about any and all file systems to which the machine has access. /etc/group This configuration file lists the group names and group IDs (GIDs) of all the groups of users known to the system. Groups are important in Red Hat Linux 9 − indeed, every user must be associated with at least one group. We discussed the subject of users and groups in Chapter 8. If you don't want to deal with this file directly, you can use the redhat−config−users GUI application (Applications | System Settings | Users and Groups). Configuration Files 323 /etc/grub.conf The grub.conf configuration file is used at the time you start your system (unless you specified LILO) − when you start your system, the first program that runs is the grand unified bootloader (GRUB). The GRUB is responsible for transferring control to the Linux kernel. The grub.conf file found in the /etc directory is, in fact, a symbolic link to the file /boot/grub/grub.conf − which in turn specifies the path to the kernel and the root partition. Here is an example of what you might find in a grub.conf file: title Red Hat Linux (2.4.20−2.48) root (hd0, 0) kernel /boot/vmlinuz−2.4.20−2.48 ro root=/dev/hdal initrd /boot/initrd−2.4.20−2.48.img Later in this chapter, when we build our own custom kernel, we will modify the grub.conf file to point to our new kernel. /etc/hosts The hosts file allows us to set up aliases for local and remote hosts. This is a very powerful feature that can simplify host name lookups. For example, if you wanted to force all of your users to go to www.google.com when they enter google, simply add this record to the hosts file: 216.239.57.101 google The IP address 216.239.57.101 is one of many IP addresses assigned to www.google.com. We can use the ping command to verify that the alias has taken effect: $ ping google PING www.google.com (216.239.57.101) from 192.168.254.2: 56(84) bytes of data. 64 bytes from www.google.com (216.239.57.101): icmp_seq=1 ttl=45 time=72.5 ms Note Note that this will not work properly with network applications that perform their own DNS lookups, such as the Lynx text browser. /etc/hosts.allow and /etc/hosts.deny The hosts.allow file specifies (by name or IP address) the hosts that are allowed access to local TCP/IP services. By default, all other hosts are denied access. Or, we can specifically list the hosts for which we want to deny access in the hosts.deny file. Suppose you want to control access to your server through the telnet protocol. Specifically, suppose you wanted to allow access only to remote users from the host www.wrox.com and to local users. To achieve this, you would specify this line in hosts.allow: telnetd: LOCAL, 192.168.1., www.wrox.com and this line in hosts.deny: telnetd: ALL All entries listed in hosts.allow take precedence over any entries in hosts.deny. Configuration Files 324 [...]... (bhcompile@stripples.devel.redhat.com) (gcc version 3.2 2002 090 3 (Red Hat Linux 8. 1 3.2−7)) #1 Wed Sep 4 13:35:50 EDT 2002 Feb 18 19: 25:15 localhost kernel: BIOS−provided physical RAM map: Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000000000000 − 000000000009f800 (usable) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 000000000009f800 − 00000000000a0000 (reserved) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 00000000000e7400 − 0000000000100000... an example: 3 29 Viewing Logs # more /var/log/messages Feb 18 19: 25:15 localhost syslogd 1.4.1: restart Feb 18 19: 25:15 localhost syslog: syslogd startup succeeded Feb 18 19: 25:15 localhost syslog: klogd startup succeeded Feb 18 19: 25:15 localhost kernel: klogd 1.4.1, log source = /proc/kmsg started Feb 18 19: 25:15 localhost kernel: Linux version 2.4.20−2. 48 (bhcompile@stripples.devel.redhat.com) (gcc... 0000000000100000 (reserved) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000000100000 − 0000000007ef0000 (usable) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000007ef0000 − 0000000007effc00 (ACPI data) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000007effc00 − 0000000007f00000 (ACPI NVS) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000007f00000 − 00000000 080 00000 (reserved) We can also... http://www.gftp.org/gftp−2.0.14.tar.gz −− 19: 07:51−− http://www.gftp.org/gftp−2.0.14.tar.gz => 'gftp−2.0.14.tar.gz' Resolving www.gftp.org done Connecting to www.gftp.org[ 18. 244.0. 188 ] :80 connected HTTP request sent, awaiting response 200 OK Length: 1,136 ,93 0 [application/x−tar] 100%[===================================>] 1,136 ,93 0 28. 47K/s ETA 00:00 19: 08: 30 ( 28. 47 KB/s) − 'gftp−2.0.14.tar.gz' saved [113 693 0/113 693 0] 4 The next... Authentication failure Feb 18 20:06:53 localhost xinetd[ 491 ]: pmap_set failed service=sgi_fam program= 391 002 version=2 Feb 18 20: 18: 00 localhost login(pam_unix) [82 7]: authentication failure; logname=LOGIN uid=0 euid=0 tty=ttyl ruser= rhost= user=johnson Feb 18 20: 18: 03 localhost login [82 7]: FAILED LOGIN 1 FROM (null) FOR johnson, Authentication failure Feb 21 12:21:25 localhost xinetd[ 492 ]: pmap_set failed... 14:30:00 2003 DUMP: Date of last level 0 dump: Sat Jan 11 14:30:00 2003 DUMP: Dumping /dev/hda2 (/home) to /data/backup/hda2−20020112 9. dmp Here are a few examples of sequences of dump levels that you may choose to follow: [0] [0] [0] 9 9 3 8 9 [2] 7 9 5 6 9 [4] [5] [9] [5] You would need to restore only the incremental backups represented by the brackets Why, you ask? Let's examine the third sequence:... example that you can use to search the messages log file for all occurrences of the string fail: # grep −i fail /var/log/messages 331 Understanding the Logging Process Feb 18 20:01:36 localhost kernel: ohci1 394 : pci_module_init failed Feb 18 20:04:21 localhost login(pam_unix) [8 79] : authentication failure; logname=LOGIN uid=0 euid=0 tty=ttyl ruser= rhost= Feb 18 20:04:23 localhost login [8 79] : FAILED... kernel modules, that can be loaded and unloaded as needed In summary, the Linux kernel is modular in nature, and is not one large monolithic entity Why Rebuild the Kernel? So, if the Linux kernel is modular, why would we ever need to rebuild or configure it? After all, the fact that it is modular means that modules that are not required will not be loaded Well, there are three reasons that stand out:... 14:30:36 2003 DUMP: Volume 1 43 190 tape blocks (42.18MB) DUMP: Volume 1 took 0:00:30 DUMP: Volume 1 transfer rate: 14 39 kB/s DUMP: 43 190 tape blocks (42.18MB) on 1 volume(s) DUMP: finished in 30 seconds, throughput 14 39 kBytes/sec DUMP: Date of this level 0 dump: Fri Jan 10 14:30:00 2003 DUMP: Date this dump completed: Fri Jan 10 14:30:36 2003 DUMP: Average transfer rate: 14 39 kB/s DUMP: DUMP IS DONE This... these various situations, so please refer to Professional Linux Programming for more details Now that we have learned how to compile source code, we will modify and build the ultimate application, the Linux kernel, in the next section 347 Rebuilding the Linux Kernel Rebuilding the Linux Kernel The Linux kernel, as you know, is at the core of the Linux operating system One of the main responsibilities . Gateway . . . . . . . : 192 .1 68. 0.1 DHCP Server . . . . . . . . . : 192 .1 68. 0 .99 DNS Servers . . . . . . . . . : 192 .1 68. 0.1 Lease Obtained. . . . . . . . : 19 February 2003 09: 01:21 Lease Expires. version 3.2 2002 090 3 (Red Hat Linux 8. 1 3.2−7)) #1 Wed Sep 4 13:35:50 EDT 2002 Feb 18 19: 25:15 localhost kernel: BIOS−provided physical RAM map: Feb 18 19: 25:15 localhost kernel: BIOS−e820: 0000000000000000. 0000000000000000 − 000000000009f800 (usable) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 000000000009f800 − 00000000000a0000 (reserved) Feb 18 19: 25:15 localhost kernel: BIOS−e820: 00000000000e7400

Ngày đăng: 13/08/2014, 04:21

TỪ KHÓA LIÊN QUAN

w