Sumário Itens Encontrados: 532Chapter 1: Installation 1Chapter 2: BASH 31Chapter 3: Client/Host Configuration 55Chapter 4: Data Storage Management 71Chapter 5: User Management 87Chapter 6: X Window System 105Chapter 7: Package Management 133Chapter 8: Basic Linux Security 153Chapter 10: Network Security 203Chapter 11: Network Services 227Chapter 12: Open Source Databases 261Chapter 13: Linux Web Services 289Chapter 14: File Sharing Services 313Chapter 15: Linux Mail Servers 335Chapter 16: Directory Services 373Chapter 17: The Linux Kernel 415Chapter 18: Linux Virtualization 435Chapter 19: Linux Troubleshooting 457Index 471Introduction Preinstallation Steps 1Installation 3Troubleshooting 29Summary 30Working with the Command-Line Interface 31Identifying the Working User 32The Linux Filesystem 33Directory Management 35Listing the contents of a Directory 36Traversing Directories 39Absolute and Relative Paths 39Creating Directories 40Renaming and Moving Files 40Deleting Directories and Files 41Creating and Viewing Text Files 42Viewing the contents of a File 44Text Processing 45Standard I/O Devices 46Redirection 47Piping 47Getting Help 48Environment Variables 51Creating and Running Your Own Script 52Summary 54The Boot Process 55The Boot Loader 55viKernel, Init, and Runlevels 60Services 62Keyboard Settings 63Language Settings 64Date and Time Settings 65Network Settings 67Graphics Settings 68Printer Settings 69Summary 70Provisioning a New Hard Drive 71Partitioning a Disk Using RAID 77Understanding RAID Types and Levels 78RAID 0 78RAID 1 78RAID 5 79Checking on RAID 81Partitioning with LVM 81Understanding How LVM Works 82Volume Groups 83Physical Volumes 83Logical Volumes 84Making Sure Your Volumes Work 85Finding More Information on LVM 85Summary 85Managing Users and Groups with the Graphical Interface 87Adding a User 87Changing User Properties 89Deleting a User 91Adding a Group 91Changing Group Properties 92Deleting a Group 93User Management on the Command Line 93Adding a User 94Changing User Properties 94Deleting a User 95Adding a Group 96Changing Group Properties 96Deleting a Group 96Implementing Disk Quotas 98Enabling User and Group Quotas on a Filesystem 99Setting Up the Quota Files 99viiSetting Up Quotas 100Setting Grace Periods 101Managing Quotas for Groups 101Enabling Quotas 101Reporting on Quotas 101Setting Resource Limits 102Summary 103X.Org 106xorg.conf 106The Keyboard Section 107The Device Section 108The Screen Section 108The ServerLayout Section 110Making a New xorg.conf File 111The GNOME Desktop 111Top Panel 112Applications 113Places 115System 117Customizing Menus 118Launchers 120Separator, Update, Clock, and Sound Applet 121Bottom Panel 121XDMCP Remote Connections 122GDM Configuration 123Reloading Options with gdmflexiserver 125Using XDMCP with GDM 125Requesting an X Session with XDMCP 126XDMCP with X Query 126XDMCP with Xnest 128X with SSH 130Summary 131RPM 133The RPM Filename Convention 134The rpm Command 135Installing a Package 135Signed Packages 136Importing Keys 136Verifying Packages 137Adding More Output 137Package Dependencies 138Upgrading a Package 139Removing a Package 140Querying a Package 141Information and File contents of a Package 141Source RPMs 142The Spec File 143The rpmbuild Command 144Building a Binary Package from a Source Package 144YUM 145Installing Packages with YUM 146Removing Packages with YUM 146Updating Packages with YUM 147Searching Packages with YUM 148Adding Sources for YUM 148Creating Repositories for YUM 150Summary 151System Logger 153Using syslog.conf 154Selectors 155Actions 157Detecting Intruders with the System Logger 158Automating Tasks with cron 160Using crontab 161Using cron.allow and cron.deny 161Working with the crontab File 161The crontab Task 161Browsing Available Tasks 163Removing Tasks 163Pluggable Authentication Modules 163Understanding PAM Rules and Configuration Files 165servicename 166Management Groups 167Control 167modulepath 168Testing PAM 168Testing pam_time.so with crond 169Finding Other PAM Modules 170Summary 170Chapter 9: Advanced Security 171Using Digital Certificates 171Creating Certificates 172Deploying Certificates 176ixConfiguration Files 176Intermediate Certificates 178Certificate File Formats 178Signing Your Own Certificates 179Go Wild 181Intrusion Detection 181Monitoring the filesystem with RPM 182Monitoring the Filesystem with AIDE 185Monitoring the Network with Netfilter 188Security Enhanced Linux 191Why Use SELinux 192Enabling and Disabling SELinux 192SELinux Policy 193Drilling Down on Context 194Booleans 196Access Vectors 199Interactive Users 200Summary 201The Firewall 203A Basic Firewall 203An Advanced Firewall 207How netfilter Works 207Viewing the Current Firewall 209Building netfilter Rules 211Using CentOS as a Router 216Using netfilter for IP Masquerading 217Handling Complex Protocols with netfilter 218tcp_wrappers 218Centralized Logging 222Configuring the Server to Receive Logs 225Configuring the Client to Send Logs 225Summary 226OpenSSH 227The OpenSSH Configuration File 227Connecting to the OpenSSH Server 228Copying Files Securely with scp 229OpenSSH Keys 229OpenSSH Fingerprints 230Getting the Fingerprint Value 230The known_hosts File 231Making Your Own Keys 231xThe DHCP Server 231Setting Up the DHCP Server 232The DHCP Configuration File 233Assigning Fixed Addresses 234Organizing with Groups 235The NTP Server 236Client-Server Mode 238Symmetric Active/Passive Mode 238Broadcast Mode 239ntpq 240DNS 240Name Servers and Zones 242Name Resolution 242BIND Utilities 243rndc-confgen 243rndc 243named 243BIND Configuration Files 243The contents of rndc.conf 245The contents of named.conf 246Caching DNS 246The hints File 246dig 247nslookup 248Configuring a Caching DNS 248Configuring a Forwarder 251Configuring a Slave DNS 251Configuring a Master DNS 252Reverse Lookup 255The Squid Web Caching Server 256Installing Squid 256The Squid Main Configuration File 256The visible_hostname directive 256The cache_dir directive 257ACLs and ACL-operators 258Adding ACLs and ACL-operators 258How ACL-operators Work 259Talking to Squid Peers 259More Squid 260Summary 260ACID 261MySQL 262Setting Up MySQL 263xiRunning the MySQL Server 264MySQL Users 264MySQL Monitor 264Securing the MySQL Root User 265Creating a Database 266Removing a Database 267Adding a User 267Removing a User 267Granting Privileges 268Removing Privileges 269Getting a List of Available Databases 269Creating Database Backups 269Restoring Databases Using Backups 270Restoring the toys Database 271Customizing the MySQL Server Configuration 271PostgreSQL 272Setting up PostgreSQL 272Starting PostgreSQL 273PostgreSQL Interactive Terminal 273Using the Interactive Terminal 273PostgreSQL Roles 274Creating a Role 274Removing a User 275Creating a Database 275Dropping a Database 275PostgreSQL Privileges 275Granting Privileges to Objects 276Revoking Privileges on Objects 276Changing Role Attributes 277Getting the List of Databases 277Creating Database Backups 278Restoring a Database 278Configuring PostgreSQL 279pg_hba.conf 279CRUD and Databases 280Creating 281Verifying the Newly Created Tables 282Viewing the Structures of the Tables 283Adding Entries to the Table 283Reading 284Updating 285Dropping Entries from a Table 286Summary 287The Role of a Web Server 289Apache Web Server 290Setting Up Apache 290Testing Apache 290Apache Server Directories 291The Apache Configuration File 293Apache Configuration File Sections 293Commonly Used Directives 294Section 1: Global Environment 294Section 2: Main Server Configuration 295Distributed Configuration Files 297DirectoryIndex 298Alias 298ScriptAlias 298Creating Another Document and cgi-bin Directory 299Virtual Hosts 302IP-Based and Name-Based Virtual Hosting 303The VirtualHost Directive 304Configuring Name-Based Virtual Hosting 304Adding PHP to Apache 308Secure Apache with SSL 309Securing with OpenSSL 310Startup Without a Passphrase 311Summary 312Very Secure FTP Daemon 313Configuring vsftpd 313vsftpd.conf 313ftpusers 314user_list 314Testing vsftpd 314NFS 315Configuring NFS 316Sharing a Directory Using NFS 317Sharing Directories Using NFS Daemons 318Mounting a Shared Directory As the Client 318Unmounting a Shared Directory as the Client 319Using exportfs 319Mounting Shared Directories at Boot Time 320Setting Up a Samba Server 321Installing Samba 322Configuring Samba 322lmhosts 322smbusers 322smb.conf 323Configuring Stand-Alone Server Options 323server string 323netbios name 324passdb backend 324Adding a Samba User 324Testing the Samba Stand-Alone Server 325Adding Shares 326Sharing a Printer 328Preparing the Printer to Pass Print Data in Raw Form 329Configuring Samba to Share a Printer 332Installing the Samba Printer to the Windows Client 333Summary 334Basic Email Concepts 335The Mail User Agent 336Mail Transfer Agent 336Mail Delivery Agent 337POP3 and IMAP 337Sendmail 338Sending Email with Sendmail 339Checking Mail with the mail Command 339sendmail.mc 342sendmail.cf 344The Sendmail Administrative Configuration Files 345local-host-names 345aliases 345access 346The trusted-users File 348The virtusertable File 348mailertable 349Postfix 349Installing Postfix 350Switching MTAs 350Sending Email with Postfix 351The Postfix Main Configuration File 351Postfix Administrative Configuration Files 354access 354aliases 355virtual 356transport 356generic 356canonical 357relocated 357Mail Servers and DNS 358Dovecot 359Installing Dovecot 359The dovecot.conf Configuration File 359Configuration Options 360protocols 360ssl_cert_file 360ssl_key_file 360ssl_key_password 361mail_location 361Configuring Dovecot for Maildir 361Configuring an Email Client to Send and Receive Email Using IMAP 362Checking the IMAP Maildir contents 366Receiving Email with POP3 367Checking the POP3 Maildir contents 369Dovecot and OpenSSL 370Using Evolution with OpenSSL 370Troubleshooting Tactics 372Summary 372The Need for Unified Authentication 373Network Information System 375Setting up NIS 375The NIS Server 375Creating Your First Domain 376ypserv.conf 377The NIS Client 378Binding to an NIS Domain 379yp.conf 379nsswitch.conf 379Testing the Setup 380Maps 381NIS Utilities 382ypwhich 382ypcat 383ypmatch 383yppasswd 383NIS with NFS 384Using NIS with NFS 384OpenLDAP 385Setting up OpenLDAP 385slapd 386ldap.conf 386slapd.conf 386Modules 387Schemas 388Your First Database 390Using the my-domain.com database 391LDIF Format 392Starting OpenLDAP 393Adding Entries with ldapadd 393Searching Entries with ldapsearch 396Changing Entries with ldapmodify 397Removing Entries Using ldapdelete 398Creating a Backup 399OpenLDAP and Samba 399Installing Perl Modules 400nss_ldap 402The nss_ldap Configuration File 403ldap.secret 404nsswitch.conf 404OpenLDAP 405OpenLDAP Client Configuration File 405Samba 406Smbldap-tools 408smbldap.conf 408smbldap_bind.conf 408Installing and Configuring smbldap-tools 409Joining the DCTOYS Domain Controller 411Testing the Samba and OpenLDAP Setup 412Troubleshooting Tactics 413Pitfall #1: Cannot log into the domain controller 413Pitfall #2: Cannot start the Samba server properly because only the nmbd process is running 413Summary 413History of the Linux Kernel 415Types of Linux Kernels 415Kernel Modules 417Loading Kernel Modules 418insmod 418modprobe 418modprobe.conf 419Unloading Kernel Modules 421rmmod 421modprobe 422blacklist 422When to Recompile the Kernel 422Getting a New Linux Kernel 423Preparing to Configure the New Linux Kernel 423Ways to Configure the Kernel Sources 424Configuring the Kernel with the Command Line 424Configuring the Kernel Graphically 426Configuring the Kernel with menuconfig 428Preparing for Kernel Compilation 430Building the Kernel 431Building the Kernel Modules 432Making the Boot Loader Initialized RAM Disk 432Adding the New Kernel into the GRUB Boot Loader 432Your Turn 434Summary 434Understanding Virtualization 435Deciding to Use Virtualization 436Xen 437Exploring Virtualization Technologies 437Full Virtualization 437Hardware-Assisted Virtualization 437Operating System Virtualization 437Paravirtualization 438Hardware Requirements 439Installing Xen 440The xend Daemon 441The xend Configuration Files 441xend-config.sxp 441xend-pci-permissive.sxp and xend-pci-quirks.sxp 442qemu-ifup 442The xend Network Configuration Scripts Directory 443Checking Dom-0 443Making a Guest with virt-install 444Preparing the Installation Media 446Using the virt-install Command 446Understanding the Guest Configuration File 448Xen Guest Example Configuration Files 450Connecting to a Guest 450Using xm 450Using virt-viewer 451Using vncviewer 452Shutting Down a Guest 453Starting a Guest 453Cloning a Guest 453Cleaning Up 454Summary 455The CentOS Rescue Environment 457Exploring the Rescue Environment 460Troubleshooting Checklist 461Changed the Root Password 461Bootloader Was Overwritten 462Youâre Experimenting with the Files in /etc 463Skipping /mnt/sysimage 463Finding the Affected Systemâs Root (/) Directory 464Mounting Logical Volumes 464Mounting Logical Volumes 465Single-User Mode 466Booting into Single-User Mode 466My New Kernel Is Stuck! 467Creating the Required Device Files 468Summary 469