GL250 ENTERPRISE LINUX SYSTEMS ADMINISTRATION Course Outline |
|
| Section 1 Linux Installation |
|
- Pre-Installation Considerations
- Hardware Compatibility
- Multi-OS Booting
- Partition Considerations
- Partition Planning
- Filesystem Considerations
- Journaled Filesystems
- Installation Choices
- CD-ROM Installation
- Network Installation
- Local Hard Drive Installation
- FC Personal Desktop Class
- FC Workstation Class
- FC Server Class
- FC Custom Class
- Install Program Interface
- Installation Diagnostics
- Language Selection
- Keyboard Configuration
- Fedora Install Options
- Automatic Partitioning
- Partitioning with Disk Druid
- Installing a Boot Loader
- Network Configuration
- Security Configuration
- Language Support Selection
- Root Password Configuration
- Time Zone Configuration
- Package Group Selection
- Installing Packages
- Install Finished
- First Boot
- Finalizing GUI Configuration
- Video Card Configuration
- Monitor Configuration
- Authentication Configuration
- Lab 1 - Installation
- Perform a GUI network NFS based workstation install
- Configure LVM and Software RAID at installation time
|
|
| Section 2 PC Hardware and Linux |
|
- Kudzu
- PC System Hardware
- USB Devices and Configuration
- Linux Device Files
- Configuring New Hardware
- Kernel Modules
- Handling Module Dependencies
- Configuring Kernel via /proc
- Kernel Hardware Info - /sys/ /sys/ structure
- Lab 2 - PC Hardware and Linux
- Enable the Magic-SysReq key
- Use system-config-proc to disable ICMP broadcast
|
|
| Section 3 Post-Install System Configuration |
|
- Configuration Utilites and Files
- Network Services
- Managing System Time and Network-Wide Time
- Continual Time Sync – NTP
- Configuring NTP Clients
- Managing Software
- RPM Features, Architecture, and Package Files
- Working With RPMs
- Querying and Verifying with RPM
- Package Dependencies
- Intro to YUM
- Using the YUM command
- Configuring YUM
- YUM Repositories and Resources
- Configuring Printers
- Common UNIX Printing System
- Defining a Printer
- Kickstart
- Creating Kickstart Files
- Using Kickstart files
- Lab 3 - Post-Install Config
- Answer some questions about the system using RPM queries
- Install zsh using RPM
- Troubleshoot and repair a package using RPM verification
- Upgrade the kernel using RPM
- Install the XFCE desktop environment using YUM
- Create and test a custom YUM repository
- Crate a custom YUM repository for installing software
- Setup CUPS print queues using: system-config-printer, lpadmin, and the CUPS web interface
- Modify a kickstart file using a text editor
- Create a kickstart file using ksconfig
- Start an install using a pre made kickstart file
|
|
| Section 4 Boot Process and SysV Init |
|
- Booting Linux on PCs
- LILO Options
- GRUB ConfigurationKernel Boot Parameters
- /sbin/init
- System init Style
- /etc/inittab
- rc.sysinit
- /etc/init.d and /etc/rcX.d
- rc
- Typical SysV Init Script
- The rc.local file
- Managing Daemons
- Controlling Startup Services
- Shutdown and Reboot
- Lab 4 - Boot Process
- Use GRUB to boot into single user mode
- Modify kernel/init parameters in GRUB
- Explore the GRUB interface
- Attach to the /boot filesystem and display the contents of the grub/grub.conf file
- Set a GRUB password
- Modify the lilo.conf creating a new stanza that passes kernel parameters
|
|
| Section 5 User/Group Administration and NFS |
|
- User Private Group Scheme
- User Administration
- Modifying Accounts
- Group Administration
- Password Aging
- Default User Files
- Controlling Logins
- PAM, PAM Services, and PAM Control Statements
su, Wheel, and sudo
- DS Client Configuration
- File Sharing via NFS
- NFS Server Configuration
- NFS Clients
- Automounting Filesystems
- Lab 5 - User Administration
- Customize /etc/skel
- Add new users and manage password aging
- Set up wheel group behavior for su
- Configure a project directory to take advantage of the user private group scheme
- Configure autofs to access an NFS export
- Configure NIS client as part of the domain
- Configure autofs to mount home directories
- Switch to using LDAP for authentication
- Setup an NFS server and export directories
|
|
| Section 6 Filesystem Administration |
|
- Partition Tables
- File System Creation
- Mounting File Systems
- Filesystem Maintenance
- Persistent Block Devices
udev
- Resizing Filesystems
- File Deletion and Undeletion
- Swap
- Disk Usage
- Configuring Disk Quotas
- Checking Disk Quotas
- Filesystem Attributes
- File Access Control Lists
- Manipulating FACLs
- Viewing FACLs
- Backing Up FACLs
- Backup Hardware, Software, and Examples
- Tape Libraries
- Lab 6 - Filesystem Admin
- Create and activate additional swap space
- Configure and test disk quotas on the /tmp filesystem
- Backup files using tar and cpio over ssh
- Backup files using rsync over ssh
- Backup and restore files with dump and restore
- Create and test an ISO9660 image
-
|
|
| Section 7 - LVM and Raid |
|
- Logical Volume Management
- Implementing LVMs
- Manipulating VGs and LVs
- Advanced LVM Concepts
- Graphical LVM Tool
- RAID Concepts, Tools, and Implementation
- RAID Monitoring/Control
-
- Lab 7 - RAID and LVM
- Use command line tools to partition free space
- Configure software RAID-5 with a hot spare
- Fail a member device of the array, examine the automatic recovery using the hot-spare
- Fail another member device testing RAID-5
- Remove failed member devices, add new devices to array, examine the recovery of array
- Partition the drive and create LVM Physical Volumes
- Create a LVM Volume Group and Logical Volume to hold website content
- Verify the operation of LVM snapshots
- Extend and grow the Logical Volume and the ext3 filesytem
|
|
| Section 8 Task Automation & Process Accounting |
|
- Automating Tasks
- at / batch
- at Access Control
- cron, crontab, and crontab Format
- /etc/cron.* Directories
- anacron
- Viewing Processes
- Managing Processes
- System Logging
- /etc/syslog.conf
- Log Management
- Log Anomaly Detector
- Process Accounting
- Using Process Accounting
- Limiting System Resources
- System Status - Memory, I/O, and, CPU
sar
- Lab 8 - Cron & Process Admin
- Create and edit user cron jobs
- Add a system-wide cron task to /etc/cron.hourly
- Install and configure process accounting
- Enable and set process limits
- Remove cron jobs created in previous tasks
|
|
| Section 9 Client Networking |
|
- Linux Network Interfaces
- Ethernet Hardware Tools
- Runtime configuration change
- Configuring Routing Tables
- ARP
- Advanced Configuration
- Starting and Stopping Interfaces
- Virtual IP Interfaces
- Enabling IPv6
- Interface Bonding
- 802.1q VLANS
- Network Profiles and ifup
- IP Stack Configuration
- DNS Clients
- Network Services via DHCP
- DHCP Clients
- dhcpd.conf Syntax
- Red Hat Configuration Tools
- Network Diagnostics
- Point-to-Point Protocol
- PPP Configuration Files, Chat, and Secrets Files
-
- Lab 9 - Client Networking
- Enable static configuration
- Configure a virtual interface and verify connectivity through the new interface
- Verify Link-Local IPv6 connectivity
- Configure and test Site-Local connectivity
|
|
| Section 10 The X Window System |
|
- The X Window System
- Xorg
- Configuring X
- X Fonts
- Using Fonts
- Display Manager Selection
- XDMCP
- Using Unix Remotely
- X Security
- Specialized X Servers
- Starting X Apps Automatically
-
- Lab 10 - X
- Change your display manager to gdm
- Enable XDMCP to support remote desktop login
- Configure VNC to accept incoming connections
- Launch a program by creating a script in the /etc/X11/xinit/xinitrc.d/ directory
- Start a custom X session by modifying the ~/.xinitrc file
- Secure X for use in a public kiosk
- Test and verify that the special key sequences are disabled
|
|
| Section 11 Security Concepts |
|
- Security Concepts
- Tightening Default Security
- Staying Current
- Using up2date
- Security Advisories
- SELinux Secuity Framework
- Choosing a SELinux Policy
- SELinux Commands
- Booleans
- Graphical Policy Tools
- inetd / xinetd
- Xinetd Features
- TCP Wrappers
- hosts.allow & hosts.deny
- hosts.* Syntax Shortcuts
- Advanced TCP Wrappers
- Basic Firewall Activation
- Stateful Packet Filter: iptables
- Netfilter Rule Syntax
- Targets
- Common match_specs
- Stateless Firewall Example
- Connection Tracking
- Stateful Firewall Example
- Lab 11 - Security Lab
- Examine current system
- Configure Xinetd to provide a variety of limits for connecting to services
- Configure a sensor to log connection attempts
- Use TCP Wrappers to secure various services
- Use the Netfilter stateful packet filtering to better protect the system
|
|
| Section 12 Linux Kernel Compilation |
|
- Why Compile?
- Getting Kernel Source
- Preparing to Compile
- Configuring the Kernel
- General Options
- Disk Configuration
- Network Configuration
- Expansion Port Configuration
- Multimedia Configuration
- Kernel Documentation
- RH 2.4 Kernel Extensions
- Compiling the Kernel
- Compile and Install Modules
- Installing the Kernel
- Tips and Tricks
- Lab 12 - Kernel Compilation
- Build, test, and install a new driver for the currently running kernel
- Patch the Linux kernel source to add support for a new device
- Compile and install a custom Linux kernel
|
|
| Section 13 Troubleshooting |
|
- Basic Troubleshooting
- Gathering Information
- Information from df and mount
- Information from Log Files
- Information Regarding Network Settings
- Information from ps, chkconfig, dmesg, w, and netstat
- Useful Debugging Aids
- Common Problems
- Incorrect File Permissions
- Inability To Boot
- Corrupt File Systems
- Typos in Configuration Files
- Disks Full?
- Runaway Processes
- Shared Libraries
- The Rescue Environment
- Lab 13 - Troubleshooting
- Explore troubleshooting and disaster recovery on non-mission-critical machines
- Practive troubleshooting common system and daemon errors
|
|
