44088245 Project of RHCE

7/27/2019 44088245 Project of RHCE

1/24

Ravi Narain Reg No:-800119695

1

A PROJECT REPORT

ON

RHEL 5Submittedto

HCLCDC Patna.

RED HAT NETWORD SERVICES AND SECURITY ADMINISTRATION

Submittedby

Mr. Ravi Narain

COMBO BATCH(Pat Com 002)

Reg No:-800119695

Under theguidance

Mr. Prashant kumar chaudhary.

HCLCDC PATNA.

8th

Commercial Building NorthS.K.Puri

Near Children Park Boring Road Patna.

7/27/2019 44088245 Project of RHCE

2/24


2

ACKNOWLEDGEMENTS

Before I getintothink ofthethings w ould liketo addheartfelt words for the people

who where partofthis PROJECTREPORT innumerous ways

People whogaveunending support.

We arehighlyindebtedto Mr. Amit Kumar Center Manager ofHCLCDC Patna, for his

encouragement andfor providing all thenecessaryfacilities.

Itis withgreat pleasurethat we acknowledgetheconsolation and assistanceof

Mr. Prashant kumar chaudhary projectguide. Tohimowemorethan wecanmention.. mostly

for teachingus to seethe silver liningineverydark cloud.

Andfinallymyheartfelt appreciationtomycolleagues. no word are sufficientto

express mygratitudetomyfriend and seniors for their kindcooperation.

Mr. Ravi Narain

7/27/2019 44088245 Project of RHCE

3/24


3

CERTIFICATE

This is tocertifiedthatthe project reportonRHEL 5

submittedby Mr. Ravi Narain

as a

partial fulfillmentfor requirementofHCLCDC Patna for the academic session 2007 is the

original work carriedoutbyhimunder the supervision andguidanceofMr.Prashant kumar

chaudharytrainer ofHCLCDC PATNA.

HCLCDC Patna Center Manager

Place: Patna Guide

Date: 22/11/2008

7/27/2019 44088245 Project of RHCE

4/24


4

CONTENTS

Case Studies

01. Whatis Linux

02. Differentflavors ofLinux & Architecturedifferentfrom Windows.

03. Comparetheuser/ group managementin Linux & Windows.

04. FileSystemSupportedby Linuxincludingfile systems nativetoother OS.

05. Not all ofthenetwork driver are supportedby Linux, so searchthe Web and

getthedrivers in Rpms / binaries andmakethem work.

06. Configure Mail Server Sendmail.

Project

Add Physical memorytothe system andmodifythe swap partitiontomake

it active.

7/27/2019 44088245 Project of RHCE

5/24


5

LINUX

Linuxhas longbeen a contender inthecorporate worldto Windows . In addition,

consumer interestis onthe risefor this free, open source alternativeto Windows or the

Macintosh OS.

Inthedays beforethegraphical user interface (GUI), which was firstmade popular

byApple (Nasdaq: AAPL) andthenclonedby Microsoft., thecomputing world was ruledbythe

command-line structure. Whether theoperating system was Unixor DOS, graphics and audio

capabilities were limited. Computer users typedcommands at a promptto run programs.

Pointingdevices didnotexist andmenus were rudimentary, text-basedoptions lists.

Linuxdeveloped along similar lines as Windows interms ofGUI and performance

capabilities withonemajor distinction--upgradingfromone Windows versionto another was

fairly seamless. Not so with Linux.

"Linuxdominates the server market andis makingbiginroads intotheembedded

market (TiVo, cell phones, PDAs and routers)," Patrick Davila, co-hostof"The Linux Link Tech

Show", told LinuxInsider. "The last area for ittoconquer is onthedesktop."

All things considered, Davila sees Linux as a suitable replacementfor Windows.

"Linuxis readyfor thedesktop for themajorityofdesktop home andbusiness users. It's safer

becauseitis not vulnerableto viruses and spyware, is more stable andis cheaper than running

Windows."

Case Studies - 01

Different Flavors

Linuxis notjust a singleoperating system. Itexists in several dozen versions called

distributions. Unlike Windows, noonecompanyhas guidedthedevelopmentofLinux. Today,

the Linux OShas manyfaces andis the productofmuchfamilycross-breeding.

Its open-sourcenaturecontinues tocontributetodifferentdevelopment paths. Each

oneis controlledby a uniquecommunityofcode writers, voluntarytechnical helpers andusers.

7/27/2019 44088245 Project of RHCE

6/24


6

The look andfeel ofthe Linuxdesktop is controlledbythetypeofshell built around

the Linuxcore. Thetwomost predominant shell architectures are known as Gnome andKDE .

Theybothhave similarities to Windows.

Some Linuxdistributions aredevelopedonuser-friendly standards, butnot all ofthem

areeasytouse. Even withthedesktop shell, configuringthe policies for program access canoftenbeconfusing anduninviting.

The samecanbe saidofthe process ofinstallingthird-party software. Linux-

capable softwareis distributedin packages, mostlybydownload. Dependingonthe Linux

version, some (or a lotof) manual interventionmaybeneededfor software additions notfound

inthe pre-installed software library.

"Linux, bynatureofthedifferentusers that supporteachofthedistributions, lends

itselfwell tousers with specific requirements," said Nate Melby, aninstructor at Kaplan

University's School ofInformationSystems and Technology.

The real task is finding a distributionthat suits a potential user's needs. Live CDs thatcan

runthenewest Linux versions andharddrive partitions runningdual-boot software let

consumers usetheir hardwarefor multiple purposes, he suggested.

Thefollowing listincludes distributions that areideal for novices andothers that arefor

more advancedusers whohave access to IT support:

y Debian GNU/Linuxis a freeoperating system withmorethan 15,490 pre-compiledinstallation packages. Debian runs on almost all PCs, includingmanyolder models.

y Knoppix Linuxis a freedistributionbasedon Debian GNU/Linux. Knoppixcomes withrecent Linux software anddesktop environments thatinclude OpenOffice.org, Abiword,

Gimp, Konqueror, Firefox, Apache, PHP, MySQL andhundreds ofother open-source

programs.

y Mandriva Linuxusedtobecalled Mandrake Linux andis famous for its easeofuseforboth servers andhomeofficeuses. The Mandriva Linux PowerPack contains morethan

2,300 high-quality applications including a completeoffice suite. This freedistribution

comes with several pre-configured levels ofsecurity. Commercial supportis available.

7/27/2019 44088245 Project of RHCE

7/24


7

y Red Hat (NYSE: RHT) Enterprise Linuxis the leadingcommercial platformfor open-sourcecomputing andis soldby subscription. Itis not a goodchoicefor homeusers and

Linuxnewcomers.

y SuSE Linuxis a leading, professional-class OSthatis popular bothfor enterprise andhomecomputinguse;SuSE Linux Professional includes morethan 1,000 leadingopen-

source applications andis availableinenterprise anddesktop versions. The purchase

price varies withthe version andthenumber ofinstallations.

y Ubuntuis a free Linuxdistributionfor desktop or server use, whichincludes Live CD,regular releases, applications installedbydefault, andfastdownloads ofother software

packages. Professional technical supportis available.

y Xandros Desktop Home Edition (US$39.99) and Home Edition Premium ($79.99)arebuiltonthe Debian Linux platform andincludetheXandros SecuritySuite withtheXandros

Firewall, Anti-Virus, Xandros Networks Updates, and a rootkitchecker (anti-spyware).

Linuxis not a free versionofWindows. Thetwo systems differ notonly visually,

inthegraphical user interfacetheuser sees, but alsofunctionally, as is frequentlydiscussed,and legallytoboot, whichis constantlyemphasizedbythe Free softwarecommunity. The

differences betweenthem are sofundamental thatdrawing a comparisonbetweenthemis

nearlyimpossible. There are somanymoot points thattheycouldmakeup a very long list.

This partofmy articleconcerns the architectures ofWindows systems. The systems

themselves arebafflingones, to putitmildly, butto know themis morethan a necessity. (And a

forced necessity sometimes ) When I say Windows, I meanthe wholefamilyofoperating

systems - NT/2k/XP/Vista -butmainlyXP Professional. Many a time Iv e read anti-Microsoft

rants, wherethe authors complained about lack ofcommand linefunctionality (poor in

Windows and very advancedin Linux), or installation processes, whichcreate some problemsanderratic applicationupgrades (just atthe pointthecomparisons to Linux programs like apt-

get, emerge and rpm show up). A lotofgrumbles pertainingto wrongly set-up defaultuser and

root accounts couldbefoundthere. And soon.

Theseinconveniences aregrievous ones inmyopinion, more, they shouldbe

branded as top-level ones. Butthefact remains that somethingcanbedone withthem-more

7/27/2019 44088245 Project of RHCE

8/24


8

or less. For example, any Windows system I mtalking abouthere allows tocreate a user

account after all. Linux as well makes it possibletounlock root accountto work with. No

problem. I mustemphasizeonething it can be done. Regardless whether someone will doit

or not. I can tcontradict as well the sentencethat Windows defaultconfigurationis p olitically

incorrect

. Butthis verytextconcerns architectural solutions whichcannotbechangedone

iota, mainlydueto projects derailed

design philosophy.

I admitto a certain simplifications incomments, evendrasticones, with

premeditation. I wantthe articletobeunderstoodbyeveryone whohas a basic knowledgeof

operating systems, so I ask those who know the subject well to remember this anddonot show

the signs ofthe ROTFL syndrome

This is a collectionofrandomthoughts rather than a scientific article about

Windows architecture so keep this inmind when reading andcommenting.

As we all know, operating systems makeuseofa user notion. Wecan logintothe

user account andthen run amok withinthe computer space

the accountis definedby. With

theexceptionofa group ofsystemfunctions which are restrictedfor a uniqueuser calledthe

s ystem administrator . This factis common knowledge. Itcanbe a Unixs r oot

, a NetWares

s upervisor , or another a dmin

. Thedistinctivefeatureofthis peculiarityis thefactthatthe

user is a real Master ofhis system as Zeus was for the ancient Greeks.

Providedthat wedonottalk about Microsoft Windows systems, otherwisethe

matter wouldbecomemorecomplex. Namely, the Microsofts flagship producthas at leasttwo

distinct administrators, as someofyou know (and some of you dont). Oneofthemis called

ADMINISTRATOR user, theother is namedSYSTEM user. The standardSYSTEM accountis likean a gent

fromthe Wachowskibrothers Ma trixtrilogy. Ifwe look atthe process listinTask

Managerwell s eethatmostofthembelongtoSYSTEM user. Itis alsotheowner ofthe

technical files liketheSystem Volume Information (SVI) directory andits files. Our electronic

friend, theSYSTEM user, is the onlydefaultowner ofthefile, soifwe wanttocheck the spaceit

takes we will haveto addthe ADMINISTRATOR user tothe listofpermissibleusers. (Other users

canbe addedtoo, but I donot recommendthis option.)

I will trytoexplaininthenextchapters why I think that T houghthis bemadness,

yetthereis methodinit

, andthattheSYSTEM user is indispensablefor the Windows systems

functionality. Butnow, a short afterthoughtonits existencetaken as a whole. Itis commonknowledgethatevery probleminthe IT worldcanbe resolvedinmany ways. Are all ofthem

equally simple? Decidedlyno. Butthe Kiss, K eep ItSimple, Stupid

, rulehas provedto work in

real life. As I have written above, all operating systems haveonlyone administrator in principle,

andthats a s imple solution. Thats for sure, thattheexistenceofanother administrator would

automaticallycreatecertaincomplications, to putitmildly. A trivial example:nearly all common

Windows users donot know how togetintoSVI directory (sotheydon tneedthe a dvanced

users at all).

7/27/2019 44088245 Project of RHCE

9/24


9

IfI wantedto write a dirtytrick whichgathers a Windows users passw ords,

projects andeveryday agenda, I d putthedatajustthere. Firstofall, theSVI directoryis not

visited at all. Whats more, mostoftheusers donot know aboutits existence. Secondly, the

directoryevinces a magicfeatureofchanging sizeinflushes byup to several hundreds ofMB -

bothup anddown. (Failover informationis storedthere). Theideal place. Whatis important, a

computer virus is moreefficientifitis abletoinfectexecutablefiles withthehighestpermissions. Oncemore, theSYSTEM user is thebestfor thesetypes oftasks. For sure, the

SYSTEM user will notmake a hue andcry, as itisn t Artificially Intelligent.

Making an analysis ofa Windows architecture, itmight appear thatthe

implementationofthe a gent

was vitaltothe system R eally? Ill a nswer in a while.

Lets v ote, which system- Windows or Linux- starts faster. Most IT users would

votefor the Windows systems. Itis a solid prooffor a thesis thatone shoulddeal with a

democracy withutmostcare. I suggestto run a test. Lets measurethe startingtimes ofthetwo

systems withthehelp ofa stopwatch. Lets s tart with Windows first. We switchonthecomputer, weobserve POST messages or a BIOSmanufacturers l ogo, and at last weface a boot

manager (GRUB, LILO, etc.) or we see a systems l oading process. Here weturnonthe

stopwatch. Boringmoments pass. Boredomfillingour limbs T he systemcrunches andminces

somedata, but we are still lazilyyawning O nemoretime andthe login window appears. Most

oftheusers would stop the stopwatchnow. Unrecoverableerror! The system loadingis still

goingon! Wetypein a password and we seehow thegraphical environmentemerges. Begyour

pardon. Thegraphical environmentandthe system. Windows systemfinishes loading-

dependingonconfiguration- after several dozens ofseconds after user actually logs in!

Toexaminethe reasons thatthe systembooting process was solvedin a particular

way, wemust startfromthegroundup, or seetothenotionofthe systems kernel. Its funny-buteveryoneuses OperatingSystems names, butonly a few know whatit reallyis. Ifa precise

definitioncannotbedelivered, itis advisabletocreate a listoffeatures which will describethe

idea. However, eventheoperating systems sp ecialistcannot agreehow todefineoperating

systems. Nearly all features arethe same, butthereis always a small but

. Eventheoperating

systems bible-Silberschatzs book (A. Silberschatz, P. Galvin Operating System Concepts )

names twodefinitions. Generally, itis consideredthattheoperating systemis a program, which

runs incessantlyinthecomputer fromthebeginning (whentheoperating systemhas been

started, notthecomputer!) until thecomputer is turnedoff(or restarted). All other programs

arecalled appl ications .

Anoperating system resembles a government. It provides means to proper usage

ofcomputer resources. And similar tothegovernmentitdoesn tmakeuseofanyuseful

functions. It simplycreates anenvironmentin whichother programs mightfacilitatetheuseful

functions.

Inthis view theoperating systems definitionis tantamountto a kerneldefinition. In

other words, onecould place anequality signbetweenthe word k ernel andthetechnical

7/27/2019 44088245 Project of RHCE

10/24


10

conceptofanoperating system. Generally, the phrase operating system

is usedtodenote all

those programs which are providedby a manufacturer to satisfythedemandfor such a working

environment. Thats w hythe Linuxnameis oftenusedtodefinethe whole system, althoughthe

namedenotes the kernel only. Lets ass umethat when I write about kernel I will use a full name

-operating system. However, I say s ystem

when I wanttodescribe all the programs as a

whole, together withthe kernel.

Now, thedifficulties appear. The kernel tasks aredefined very loosely. Noone

knows ifmanagement refers toblocking access to system resources or to allowingthemtobe

accessible (e.g. a network card), or ithas todeliver a handler (evenifa partial one). In practice,

the solutionis not a simpleone, as tomaster the resources, their specifications mustbe known.

Inother words, the problemboils downtoonequestion: whether the kernel shouldbe a

programcontainingcomplete solutions, however basic, or the program shouldbefocusedon

only onething- administration, leaving all the works todoto external (to kernel)

applications?

Withthefirstexample weget a reallybig programcalled a monolithic kernel. The

secondexampledefines a small andfastmicrokernel, which looks like an underdeveloped

versionoffullyfledged kernel. Monolithic kernels areusedby Linux systems (sometimes called

Linuxdistros). Microkernels, for examplethe Machmicrokernel, arefoundations to Mac OSX

operating systems (attachedto Applecomputers) and GNU/Hurdoperating system whichis still

inits infancy (whichis thecasefor almosttwodecades).

And another importantmatter. Anoperating system, or everyoperating system, is

build like a cake (or gteau). As we know thebottom partconsists ofa layer ofbiscuit, thenits

covered with sweetfudge, then another biscuitdisk, letitbe a coffee-flavoredone, andonce

more a fudge layer covered withjelly. As far as programmingis concerned, such a layeredstructureis alsousedbutits called abstraction layers. And so as wehavethefirstbiscuit level

(layer) in a cake which l ies on a hardware

(on a table), so wehave a kernel inoperating

systems whichmanagethehardware (all operations dependonthe layer). Next levels arethen

buildontop ofthe kernel. For example-first wehaveX Window System, thenontop ofit a

graphical environment (e.g. KDE), then window manager (e.g. kWin), andonlythen, ontop of

all the la yers , a Firefox webbrowser. Itdoes matter thatevery layer sends messages onlyto

its directneighbors. When ajellydribbles downonto a tableitis hightimeto layoffthecook.

7/27/2019 44088245 Project of RHCE

11/24


11

Operating System Architecture

Keepinginmindthe layeredmodel we will comeback to Windows systems

booting. Firstofall wehavetoemphasizethatthe Windows systems k ernel is similar to a

microkernel. (To be more precise, the kernel is called a hybrid kernel - it can be placed between

monolithic and microkernels. None the less, it needs many helpers ).

After startingthecomputer, thefirstthing whichis loadedis a kernel indeed

(ntoskrnl.exe). Nextcomes its best friend

, namelyHALmodule-H

ardware Abstraction Layerwhichmanages drivers neededfor system loading. Whentheenvironmentis ready, a Session

Manager is putintomotion (smss.exe - Session Manager Subsystem) which starts identification

and authentication programs -or using simpleterms - which shows the login screen. A user

satisfiedthathis Windows is ready

touse, mayenter a password, whichmakes the system

load system permissiondata (Group Policy) andthenhaveup and runningthetasks definedin

Runonce andRun keys placedin Windows Registry (e.g.

HKLM\SOFTWARE\Microsoft\CurrentVersion\Runonce). Attheend, Autostart (fromStart Menu)

applications are loaded.

Linux systems present a different approachtowards this problem. After the

monolithic kernel has been loaded, theinitprocess is started, whichinturninvokes otherprocesses (I suggesttoissue apstreecommandin a console whilethis happens). Practically, all

thenecessary system processes are startedduringthe system start. So when a user sees login

window (or screen) theonlything lefttodois to attendtothe KDE or GNOME graphical

environments. Anythingbeyondthatis readytouse. (Ubuntuteam works at presentto replace

theinitscript with anupstartscript. Butitdoesn t affectour reasoning.)

7/27/2019 44088245 Project of RHCE

12/24


12

Thequestion- which solutionis better -mustbe left without an answer. However, a

shortdigressionmustbe addedtotheend. Microsoftuses thetrick notoriously. As psychology

teaches, themostfrustratingis a mans inabilityto act andhis lack ofinfluenceon any

processes, somovingthe login phaseintothemiddleofstarting sequenceofevents, will give

theuser psychological comfort andit will be receivedbetter. Andeventhoughthemonitor has

displayedthefamous task bar andicons, noone will be ableto load an advanced spreadsheetapplicationor a game. Mostoftheusers are awaretheymust wait a whileyet. Such solutionis

a better onethan previous ones interms ofmarketingbutitbacklashes in lesser stabilityor the

systems sa fety and leads sometimes tothefrustrationofinexperiencedusers.

Takingintoconsiderationthewhole start sequence- Linuxdoesn t load slower than

Windows systems. Thefoundationofoperating systems, thatis, all whatis hiddenbehindthe

nameis knownfor years. Theres no wizardryinthis world.

Operating System

Whytheopinionthat Linux systems are safer thanthe Windows systems is so

prevalent? Perhaps duetothefactthatitis true. But why? Lets goback tothe previous point.

As I wrote, anoperating system resembles a cake. Youll findits kernel atthebottom, andits

applications placedontop. Accordingtothecake, picturethe kernel together with associated

programs creating a socalled kernel layer. The restofthe runningtasks makeup a user layer. Inother words -the kernel layer creates anenvironmentin whichtheuser layer is ran. The system

is dividedintotwo-upper and lower parts.

Wecan simplifythematter ifwe areto write aboutthe Linux, Mach (Mac OS X

kernel), Solaris or BSD systems. Safetytasks are run withinthe kernel layer. Basically, inthe

kernel alone. The Machmicrokernel has additional safetymodules which runinthe kernel layer

7/27/2019 44088245 Project of RHCE

13/24


13

as auxiliary programs. Protectionin Unix systems is always on, moreover, itis simpleinterms of

design andduetothat statisticallytougher tocrack.

The samecannotbe said about Windows systems. The protection subsystems are

morecomplex andthey run withintheuser layer. The logic lyingbehindis screwedup. The

operating systemis deafandblind. Itcreates anenvironment. The programs whichcan talk totheenvironment are startedintheuser layer, sothe protection which works onthe same level

shouldbeefficient. Readfrom a paper, itis true, but lifeis not so rosy. Firstofall, any program

runningintheuser layer (protectionis implemented as another program) is more vulnerableor

proneto disarmament

than protectionimplementedinthe kernel layer. For second, oneof

themost popular computer protection systems, not playing withdetails, is a firewall. As it

works intheuser layer, itmustbedesignedin such a waythatit shouldn tfinditselfnot

startinginthe systems l oading process. At last, itis a program, andcontrarytothe kernel itself,

itdoesn thaveto work.

A small digression. I have writtenearlier aboutthe SYSTEM user . This SYSTEM isneededbythe Windows systems to start programs intheuser layer, amongothers. After all, we

mustn t waitto launch a firewall until JohnSmithis logged-in (after several hours in whichhis

computer has beenup and running). SotheSYSTEM user is used. Butit suffices, likeinthe

Machexample, to placethe protection subsystemin lower layer andhavethe problemoffofa

head.

Lets ass ume something likethis. I have loggedinto a Windows system as a

commonuser. Lets check whatdisks havebeen attachedtomy systemor speaking precisely-

whatdisks havebeenmappedtomy system. I havefound, as a normal user, a few network

disks fromtwo servers. Mycomputer runs several programs. Youll find amongthem local ones,

onefromthefirst server, and another onefromthe second server. All the applications makeuseofseveral dozenfiles atonce, someofthem placedonthetwo servers.

Lets ass umenow that atonetime I havedecidedto readthedata from a fileowned

by a server administrator (and it has just happened to be me). Oh, Lord! How I didyearnto

work with any Unix systemin suchconditions! Any attemptto attach admin resources will end

up withthemessage: Multiple links to server or to shared resources by the same user, making

use of the users name more than once, is not allowed. Disconnect all previous server

connections and try to reconnect. Marvelous!

IfI was workingunder Linuxor OSX

I dbe abletomounttheneededdevice andtomakeuseofa file, using a nice and simple programcalledsmbmount. The programtreats every

connection as a uniqueone and pa ys no attention

to suchconditions where another copyof

itselfhasjustmade a connectiontothe samedeviceunder thenameofanother user. This is

thedirect resultofconceptuallycomplexdesignoftheuser layer, which I describedearlier in

this article. Itcanbecommentedonlyone way: another prooffor superiorityofsimplicityover

complexity.

7/27/2019 44088245 Project of RHCE

14/24


14

Itis notthe authors intentionto rekindle another flame war between Windows

and Linuxusers. The author asks both sides interestedinthis topicto refrainfromdarting

names ontoeachother. Ifonefeels necessitytocommentthe article, please write itis bador

not

, or point whereit shouldbe rewrittenin a broader perspective- whatdoesn tmeanit

should show superiorityofoneofthe systems over theother. Such a statement wouldbehighly

subjective. And whenI reckon Windows ar chitectureinferior to Linuxone, itdoesn tmeanitisinferior. Theydiffer. Writingoperating systemis a complexmatter andtoomanytimes the

chosen solutionis socalled a s olutionoflesser evil . Oneis ableto write a similar l ist

of

architectural items pertainingto Linux systems, butit wouldhavenothingtodo with Photoshop

runningor notoneveryofthetwo systems.

Case Studies - 02

Users and Groups Management in Linux

Control ofusers andgroupsis a coreelementofRed Hat Linux system

administration.

Userscanbeeither people, meaning accounts tiedto physical users, or accounts which

existfor specific applications touse.

Groups are logical expressions oforganization, tyingusers together for a common

purpose. Users withinthe samegroup can read, write, or executefiles ownedbythegroup.

Eachuser andgroup have a uniquenumerical identificationnumber called a userid

(UID) and a groupid(GID) respectively.

When a fileis created, itis assigned a user andgroup owner. Itis also assigned

separate read, write, andexecute permissions for theowner, thegroup, andeveryoneelse. The

user andthegroup to which a filebelongs, as well as the access permissions onthefile, canbe

changedbythe rootuser or, inmostcases, bythecreator ofthefile.

Proper managementofusers andgroups, andeffectivemanagementoffile

permissions are amongthemostimportanttasks a system administrator undertakes. For a

detailed look at strategies for managingusers andgroups, refer tothechapter titledManaging

Accounts and GroupintheRed Hat Linux System Administration Primer.

7/27/2019 44088245 Project of RHCE

15/24


15

User and Group Management in Windows

Thegroup is is one area where win.mit.edu, or WIN, diverges from a typical Windows

Domain. WIN users andgroups aredefined andmaintainedinthe MIT systemofrecord, Moira.

There are a varietyoftools availableto add anexistinguser to anexistinggroup.

Theseincludethe Moira listmanagement webinterface, moira commands likeblanche, andthe

WIN machine Moira MMC snap-in.

On a WIN machineyoumay runmoira or blanchefromthecommand lineor the run

menu. Youmay also startthe Moira MMC snap-infromthemenuitem "Start-> Programs->

Administrative Tools-> Moira Account Management."

Moira MMC Procedure

To add a user to a group usingthe Moira MMC:

1. SelectList Managementfromthe left panel and rightclick onthe selection.2. SelectFind Lists.3. Click onName, enter the listname andhitSearch.4. Selectthe listname andhitDisplay.5. Rightclick onthe listname and selectProperties.6. Click ontheMemberstab.7. Ifyouhavethe permission, theAddbutton will be sensitized, soclick onit.8. Choosethetypeofobjectyou wishto add andenter its name.9. Click OK.

Case Studies - 03

File System

It keep thedata inorganized. It allocates the spacetothe anddirectories andit assign

attributes tothefiledirectories.

Linuxusedext2 & ext3

It arrange all thefile anddirectories inhighrical way

7/27/2019 44088245 Project of RHCE

16/24


16

/ This is toplabledirectoryinthehighrical whichis called root. Itis thetop ofthefile

system structure . All thedirectory aremountedunder it.

7/27/2019 44088245 Project of RHCE

17/24


17

7/27/2019 44088245 Project of RHCE

18/24


18

This is a layoutfrom a RedHat system. Dependingonthe system admin, the

operating system andthemissionofthe UNIXmachine, the structuremay vary, anddirectories

maybe leftoutor added at will. Thenames arenoteven required;they areonly a convention.

Thetreeofthefile system starts atthetrunk or slash, indicatedby a forward slash

(/). This directory, containing all underlyingdirectories andfiles, is alsocalledtheroot directoryor "the root" ofthefile system.

Directories that areonlyone level below the rootdirectory areoften precededby a

slash, toindicatetheir position and preventconfusion withother directories thatcouldhave

the samename. When starting with a new system, itis always a goodidea totake a look inthe

rootdirectory. Let's see whatyoucould runinto:

Directory Content

/bin Common programs, sharedbythe system, the system administrator andtheusers.

/boot

The startup files andthe kernel, vmlinuz. In some recentdistributions alsogrubdata.

Grubis the GRand Unified Boot loader andis an attempttoget ridofthemany

differentboot-loaders we know today.

/devContains references to all the CPU peripheral hardware, which are represented as files

with special properties.

/etcMostimportant systemconfigurationfiles arein /etc, this directorycontains data

similar tothoseinthe Control Panel in Windows

/home Homedirectories ofthecommonusers.

/initrd (on somedistributions) Informationfor booting. Donot remove!

/libLibraryfiles, includes files for all kinds ofprograms neededbythe system andthe

users.

/lost+foundEvery partitionhas a lost+foundinits upper directory. Files that were savedduring

failures arehere.

/misc For miscellaneous purposes.

/mnt Standardmount pointfor external file systems, e.g. a CD-ROM or a digital camera.

/net Standardmount pointfor entire remotefile systems

/opt Typicallycontains extra andthird party software.

7/27/2019 44088245 Project of RHCE

19/24


19

Directory Content

/proc

A virtual file systemcontaininginformation about system resources. Moreinformation

aboutthemeaningofthefiles in procis obtainedbyenteringthecommandmanproc

in a terminal window. Thefile proc.txtdiscusses the virtual file systemindetail.

/rootThe administrativeuser's homedirectory. Mindthedifferencebetween /, the root

directory and /root, thehomedirectoryoftherootuser.

/sbin Programs for usebythe system andthe system administrator.

/tmpTemporary spacefor usebythe system, cleanedupon reboot, sodon'tusethis for

saving any work!

/usr Programs, libraries, documentationetc. for all user-related programs.

/var

Storagefor all variablefiles andtemporaryfiles createdbyusers, such as logfiles, the

mail queue, the print spooler area, spacefor temporary storageoffiles downloaded

fromthe Internet, or to keep animageofa CD beforeburningit.

Case Studies - 04

Software project site Oftenindividual software project will offer their own setof

RPM packages for their own project. This is particularlyuseful for projectunder continuous

development. Ifthe projectdoesn toffer RPMs, they will typicallyoffer codein whatis called a

tarball. Thetarball mayincludebinarycodeor moreoften, sourcecodeyoucanbuildfor your

environment.

Mostfedora repositories are lightondescriptions ofthe packages theyoffer. The

following list summarizes someother Web sites thatyoucanbrowsetofinddetailed

information about softwarethat runs in Linux. Thenyoucan search Fedora repositories for

Fedora-or RHEL-specific versions ofthose packages

*Freshment(www.freshmeat.net) this sitemaintains a massive indexof

LinuxSoftware. Youcando keyword searches for software projects or browsefor softwareby

category.

*SourceForge (www.sourceforge.net) This sitehosts thousands ofopen

source software projects. Youcandownload software anddocumentationfromthose projects

throughtheSourceForge site.

*Rpmfind (www.rpmfingd.net) This sitehosts thousands ofopen source

softwarethatis packageinthe RPM Package Management(RPM) format across a varietyof

repositories. Youcando a keyword searchfromthis Website.

7/27/2019 44088245 Project of RHCE

20/24


20

Wecanjustdownload a single software packagetogetthe

softwareinthat packageto word. Many packagedepends onother packages. For example

software packagefor playing audio & videotypically relyonother software packages for

decodingdifferent kinds ofcontent.

Case Studiesb - 05

Sendmail shouldbe installedbydefault whenyou install Red Hat Linux. If it is not

thenyouneedtoinstall theSendmail RPM's withthe Red Hatdistribution.

Download the Sendmail RPM's from the RedHat website, from a mirroror from

your Red Hatinstallation CD.

These RPM's are required:

sendmail-{ver}.i386.rpm

sendmail-cf-{ver}.i386.rpm

sendmail-devel-{ver}.i386.rpm

Configuring Sendmail

1). Editfile "/etc/mail/sendmail.mc" - Look for the line:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

Changethis lineto:

dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

Savethefile.

2). Makethe sendmail configurationfile:

$>m4 /etc/mail/sendmail.mc> /etc/sendmail.cf

3).RestartSendmail:

$> /etc/rc.d/init.d/sendmail restart

7/27/2019 44088245 Project of RHCE

21/24


21

PROJECT ON RHEL 5

All about Linux swap space

Whenyour computer needs to run programs that arebigger thanyour available

physical memory, mostmodernoperating systems use a techniquecalled swapping, in which

chunks ofmemory aretemporarily storedontheharddisk whileother data is movedinto

physical memory space. Here are sometechniques thatmayhelp youbetter manage swapping

on Linux systems andgetthebest performancefromthe Linux swapping subsystem.

Linuxdivides its physical RAM (random access memory) intochucks ofmemory

called pages. Swappingis the process whereby a pageofmemoryis copiedtothe preconfigured

spaceontheharddisk, called swap space, tofreeup that pageofmemory. Thecombined sizes

ofthe physical memory andthe swap spaceis the amountofvirtual memory available.

Swappingis necessaryfor twoimportant reasons. First, whenthe system requires

morememorythanis physically available, the kernel swaps out less used pages andgives

memorytothecurrent application (process) thatneeds thememoryimmediately. Second, a

significantnumber ofthe pages usedby an applicationduringits startup phasemayonlybe

usedfor initialization andthennever used again. The systemcan swap outthose pages andfree

thememoryfor other applications or evenfor thedisk cache.

However, swappingdoes have a downside. Comparedtomemory, disks are veryslow. Memory speeds canbemeasuredinnanoseconds, whiledisks aremeasuredin

milliseconds, so accessingthedisk canbetens ofthousands times slower than accessing

physical memory. Themore swappingthatoccurs, the slower your system will be. Sometimes

excessive swappingor thrashingoccurs where a pageis swappedout andthen very soon

swappedin andthen swappedout again and soon. In such situations the systemis strugglingto

findfreememory and keep applications running atthe sametime. Inthis caseonly addingmore

RAM will help.

Linuxhas twoforms ofswap space:the swap partition andthe swap file. The swap

partitionis anindependent sectionoftheharddisk used solelyfor swapping;noother files can

residethere. The swap fileis a special fileinthefilesystemthat resides amongstyour system

anddata files.

To see what swap spaceyouhave, usethecommandswapon-s. Theoutput will look

something likethis:

Filename Type Size Used Priority

7/27/2019 44088245 Project of RHCE

22/24


22

/dev/sda5 partition 859436 0 -1

Each line lists a separate swap spacebeingusedbythe system. Here, the'Type'field

indicates thatthis swap spaceis a partition rather than a file, andfrom'Filename' we seethatit

is onthedisk sda5. The'Size'is listedin kilobytes, andthe'Used'fieldtells us how many

kilobytes ofswap spacehas beenused (inthis casenone). 'Priority'tells Linux which swap spacetousefirst. Onegreatthing aboutthe Linux swapping subsystemis thatifyoumounttwo (or

more) swap spaces (preferablyontwodifferentdevices) withthe same priority, Linux will

interleaveits swapping activitybetweenthem, whichcangreatlyincrease swapping

performance.

To add anextra swap partitiontoyour system, youfirstneedto prepareit. Step one

is toensurethatthe partitionis marked as a swap partition and step twois tomakethe swap

filesystem. Tocheck thatthe partitionis markedfor swap, run as root:

fdisk -l /dev/hdb

Replace /dev/hdb withthedeviceoftheharddisk onyour system withthe swap

partitiononit. You should seeoutputthat looks likethis:

Device Boot Start End Blocks Id System

/dev/hdb1 2328 2434 859446 82 Linux swap / Solaris

Ifthe partitionisn'tmarked as swap you will needto alter itby runningfdisk and

usingthe't'menuoption. Becareful when working with partitions --youdon't wanttodelete

important partitions bymistakeor changetheidofyour system partitionto swap bymistake.

All data on a swap partition will be lost, sodouble-check everychangeyoumake. Alsonotethat

Solaris uses the same ID as Linux swap spacefor its partitions, sobecareful notto kill your

Solaris partitions bymistake.

Once a partitionis marked as swap, youneedto prepareitusingthemkswap (make

swap) command as root:

mkswap /dev/hdb1

Ifyou seenoerrors, your swap spaceis readytouse. To activateitimmediately, type:

swapon /dev/hdb1

Youcan verifythatitis beingusedby runningswapon-s. Tomountthe swap space

automatically atboottime, youmust add anentrytothe /etc/fstabfile, whichcontains a listof

filesystems and swap spaces thatneedtobemounted atbootup. Theformatofeach lineis:

7/27/2019 44088245 Project of RHCE

23/24


23

Since swap spaceis a special typeoffilesystem, manyofthese parameters aren't applicable.

For swap space, add:

/dev/hdb1 none swap sw 0 0

where /dev/hdb1 is the swap partition. Itdoesn'thave a specificmount point,hencenone. Itis oftypeswap withoptions ofsw, andthe lasttwo parameters aren'tused so

they areentered as 0.

Tocheck thatyour swap spaceis being automaticallymounted withouthaving

to reboot, youcan runtheswapoff-acommand (whichturns offall swap spaces) andthenswapon

-a (whichmounts all swap spaces listedinthe /etc/fstabfile) andthencheck it withswapon-s.

Swap file

As well as the swap partition, Linux also supports a swap filethatyoucancreate,prepare, andmountin a fashion similar tothatofa swap partition. The advantageofswap files

is thatyoudon'tneedtofind anempty partitionor repartition a disk to add additional swap

space.

Tocreate a swap file, usetheddcommandtocreate anemptyfile. Tocreate a 1GB file, type:

ddif=/dev/zeroof=/swapfilebs=1024 count=1048576

/swapfileis thenameofthe swap file, andthecountof1048576 is the sizein kilobytes

(i.e. 1GB).

Preparethe swap fileusingmkswapjust as you would a partition, butthis timeusethe

nameofthe swap file:

mkswap /swapfile

And similarly, mountitusingthe swaponcommand:swapon /swapfile.

The /etc/fstabentryfor a swap file would look likethis:

/swapfile none swap sw 0 0

How big should my swap space be?

Itis possibleto run a Linux system without a swap space, andthe system will run well

ifyouhave a large amountofmemory--butifyou runoutofphysical memorythenthe system

7/27/2019 44088245 Project of RHCE

24/24


24

will crash, as ithas nothingelseitcando, soitis advisabletohave a swap space, especially

sincedisk spaceis relativelycheap.

The keyquestionis how much? Older versions ofUnix-typeoperating systems (such

as Sun OS and Ultrix) demanded a swap spaceoftwotothreetimes thatofphysical memory.

Modernimplementations (such as Linux) don't requirethatmuch, buttheycanuseitifyouconfigureit. A ruleofthumbis as follows: 1) for a desktop system, use a swap spaceofdouble

systemmemory, as it will allow youto run a largenumber ofapplications (manyofwhichmay

will beidle andeasily swapped), makingmore RAM availablefor the active applications; 2) for a

server, have a smaller amountofswap available (sayhalfofphysical memory) sothatyouhave

someflexibilityfor swapping whenneeded, butmonitor the amountofswap spaceused and

upgradeyour RAM ifnecessary; 3) for older desktop machines (with sayonly 128MB), use as

much swap space as youcan spare, evenup to 1GB.

The Linux 2.6 kernel added a new kernel parameter calledswappinessto let

administrators tweak the way Linux swaps. Itis a number from 0 to 100. Inessence, highervalues leadtomore pages being swapped, and lower values leadtomore applications being

keptinmemory, evenifthey areidle. Kernel maintainer Andrew Mortonhas saidthathe runs

his desktop machines with a swappiness of100, statingthat "My pointis thatdecreasingthe

tendencyofthe kernel to swap stuffoutis wrong. You reallydon't wanthundreds ofmegabytes

ofBloatyApp's untouchedmemoryfloating aboutinthemachine. Getitoutonthedisk, usethe

memoryfor somethinguseful."

Onedownsideto Morton's idea is thatifmemoryis swappedouttooquicklythen

application responsetimedrops, because whenthe application's window is clickedthe system

has to swap the applicationback intomemory, which will makeitfeel slow.

Thedefault valuefor swappiness is 60. Youcan alter ittemporarily (until younext

reboot) bytyping as root:

echo 50 > /proc/sys/vm/swappiness

Ifyou wantto alter it permanentlythenyouneedtochangethevm.swappiness

parameter inthe /etc/sysctl.conffile.

Conclusion

Managing swap spaceis anessential aspectofsystem administration. Withgood

planning and proper use swappingcan providemanybenefits. Don'tbe afraidtoexperiment,

and always monitor your systemtoensureyou aregettingthe results youneed.

Documents

44088245 Project of RHCE