Upload
agung-budi
View
222
Download
0
Embed Size (px)
Citation preview
7/27/2019 44088245 Project of RHCE
1/24
Ravi Narain Reg No:-800119695
1
A PROJECT REPORT
ON
RHEL 5Submittedto
HCLCDC Patna.
RED HAT NETWORD SERVICES AND SECURITY ADMINISTRATION
Submittedby
Mr. Ravi Narain
COMBO BATCH(Pat Com 002)
Reg No:-800119695
Under theguidance
Mr. Prashant kumar chaudhary.
HCLCDC PATNA.
8th
Commercial Building NorthS.K.Puri
Near Children Park Boring Road Patna.
7/27/2019 44088245 Project of RHCE
2/24
Ravi Narain Reg No:-800119695
2
ACKNOWLEDGEMENTS
Before I getintothink ofthethings w ould liketo addheartfelt words for the people
who where partofthis PROJECTREPORT innumerous ways
People whogaveunending support.
We arehighlyindebtedto Mr. Amit Kumar Center Manager ofHCLCDC Patna, for his
encouragement andfor providing all thenecessaryfacilities.
Itis withgreat pleasurethat we acknowledgetheconsolation and assistanceof
Mr. Prashant kumar chaudhary projectguide. Tohimowemorethan wecanmention.. mostly
for teachingus to seethe silver liningineverydark cloud.
Andfinallymyheartfelt appreciationtomycolleagues. no word are sufficientto
express mygratitudetomyfriend and seniors for their kindcooperation.
Mr. Ravi Narain
7/27/2019 44088245 Project of RHCE
3/24
Ravi Narain Reg No:-800119695
3
CERTIFICATE
This is tocertifiedthatthe project reportonRHEL 5
submittedby Mr. Ravi Narain
as a
partial fulfillmentfor requirementofHCLCDC Patna for the academic session 2007 is the
original work carriedoutbyhimunder the supervision andguidanceofMr.Prashant kumar
chaudharytrainer ofHCLCDC PATNA.
HCLCDC Patna Center Manager
Place: Patna Guide
Date: 22/11/2008
7/27/2019 44088245 Project of RHCE
4/24
Ravi Narain Reg No:-800119695
4
CONTENTS
Case Studies
01. Whatis Linux
02. Differentflavors ofLinux & Architecturedifferentfrom Windows.
03. Comparetheuser/ group managementin Linux & Windows.
04. FileSystemSupportedby Linuxincludingfile systems nativetoother OS.
05. Not all ofthenetwork driver are supportedby Linux, so searchthe Web and
getthedrivers in Rpms / binaries andmakethem work.
06. Configure Mail Server Sendmail.
Project
Add Physical memorytothe system andmodifythe swap partitiontomake
it active.
7/27/2019 44088245 Project of RHCE
5/24
Ravi Narain Reg No:-800119695
5
LINUX
Linuxhas longbeen a contender inthecorporate worldto Windows . In addition,
consumer interestis onthe risefor this free, open source alternativeto Windows or the
Macintosh OS.
Inthedays beforethegraphical user interface (GUI), which was firstmade popular
byApple (Nasdaq: AAPL) andthenclonedby Microsoft., thecomputing world was ruledbythe
command-line structure. Whether theoperating system was Unixor DOS, graphics and audio
capabilities were limited. Computer users typedcommands at a promptto run programs.
Pointingdevices didnotexist andmenus were rudimentary, text-basedoptions lists.
Linuxdeveloped along similar lines as Windows interms ofGUI and performance
capabilities withonemajor distinction--upgradingfromone Windows versionto another was
fairly seamless. Not so with Linux.
"Linuxdominates the server market andis makingbiginroads intotheembedded
market (TiVo, cell phones, PDAs and routers)," Patrick Davila, co-hostof"The Linux Link Tech
Show", told LinuxInsider. "The last area for ittoconquer is onthedesktop."
All things considered, Davila sees Linux as a suitable replacementfor Windows.
"Linuxis readyfor thedesktop for themajorityofdesktop home andbusiness users. It's safer
becauseitis not vulnerableto viruses and spyware, is more stable andis cheaper than running
Windows."
Case Studies - 01
Different Flavors
Linuxis notjust a singleoperating system. Itexists in several dozen versions called
distributions. Unlike Windows, noonecompanyhas guidedthedevelopmentofLinux. Today,
the Linux OShas manyfaces andis the productofmuchfamilycross-breeding.
Its open-sourcenaturecontinues tocontributetodifferentdevelopment paths. Each
oneis controlledby a uniquecommunityofcode writers, voluntarytechnical helpers andusers.
7/27/2019 44088245 Project of RHCE
6/24
Ravi Narain Reg No:-800119695
6
The look andfeel ofthe Linuxdesktop is controlledbythetypeofshell built around
the Linuxcore. Thetwomost predominant shell architectures are known as Gnome andKDE .
Theybothhave similarities to Windows.
Some Linuxdistributions aredevelopedonuser-friendly standards, butnot all ofthem
areeasytouse. Even withthedesktop shell, configuringthe policies for program access canoftenbeconfusing anduninviting.
The samecanbe saidofthe process ofinstallingthird-party software. Linux-
capable softwareis distributedin packages, mostlybydownload. Dependingonthe Linux
version, some (or a lotof) manual interventionmaybeneededfor software additions notfound
inthe pre-installed software library.
"Linux, bynatureofthedifferentusers that supporteachofthedistributions, lends
itselfwell tousers with specific requirements," said Nate Melby, aninstructor at Kaplan
University's School ofInformationSystems and Technology.
The real task is finding a distributionthat suits a potential user's needs. Live CDs thatcan
runthenewest Linux versions andharddrive partitions runningdual-boot software let
consumers usetheir hardwarefor multiple purposes, he suggested.
Thefollowing listincludes distributions that areideal for novices andothers that arefor
more advancedusers whohave access to IT support:
y Debian GNU/Linuxis a freeoperating system withmorethan 15,490 pre-compiledinstallation packages. Debian runs on almost all PCs, includingmanyolder models.
y Knoppix Linuxis a freedistributionbasedon Debian GNU/Linux. Knoppixcomes withrecent Linux software anddesktop environments thatinclude OpenOffice.org, Abiword,
Gimp, Konqueror, Firefox, Apache, PHP, MySQL andhundreds ofother open-source
programs.
y Mandriva Linuxusedtobecalled Mandrake Linux andis famous for its easeofuseforboth servers andhomeofficeuses. The Mandriva Linux PowerPack contains morethan
2,300 high-quality applications including a completeoffice suite. This freedistribution
comes with several pre-configured levels ofsecurity. Commercial supportis available.
7/27/2019 44088245 Project of RHCE
7/24
Ravi Narain Reg No:-800119695
7
y Red Hat (NYSE: RHT) Enterprise Linuxis the leadingcommercial platformfor open-sourcecomputing andis soldby subscription. Itis not a goodchoicefor homeusers and
Linuxnewcomers.
y SuSE Linuxis a leading, professional-class OSthatis popular bothfor enterprise andhomecomputinguse;SuSE Linux Professional includes morethan 1,000 leadingopen-
source applications andis availableinenterprise anddesktop versions. The purchase
price varies withthe version andthenumber ofinstallations.
y Ubuntuis a free Linuxdistributionfor desktop or server use, whichincludes Live CD,regular releases, applications installedbydefault, andfastdownloads ofother software
packages. Professional technical supportis available.
y Xandros Desktop Home Edition (US$39.99) and Home Edition Premium ($79.99)arebuiltonthe Debian Linux platform andincludetheXandros SecuritySuite withtheXandros
Firewall, Anti-Virus, Xandros Networks Updates, and a rootkitchecker (anti-spyware).
Linuxis not a free versionofWindows. Thetwo systems differ notonly visually,
inthegraphical user interfacetheuser sees, but alsofunctionally, as is frequentlydiscussed,and legallytoboot, whichis constantlyemphasizedbythe Free softwarecommunity. The
differences betweenthem are sofundamental thatdrawing a comparisonbetweenthemis
nearlyimpossible. There are somanymoot points thattheycouldmakeup a very long list.
This partofmy articleconcerns the architectures ofWindows systems. The systems
themselves arebafflingones, to putitmildly, butto know themis morethan a necessity. (And a
forced necessity sometimes ) When I say Windows, I meanthe wholefamilyofoperating
systems - NT/2k/XP/Vista -butmainlyXP Professional. Many a time Iv e read anti-Microsoft
rants, wherethe authors complained about lack ofcommand linefunctionality (poor in
Windows and very advancedin Linux), or installation processes, whichcreate some problemsanderratic applicationupgrades (just atthe pointthecomparisons to Linux programs like apt-
get, emerge and rpm show up). A lotofgrumbles pertainingto wrongly set-up defaultuser and
root accounts couldbefoundthere. And soon.
Theseinconveniences aregrievous ones inmyopinion, more, they shouldbe
branded as top-level ones. Butthefact remains that somethingcanbedone withthem-more
7/27/2019 44088245 Project of RHCE
8/24
Ravi Narain Reg No:-800119695
8
or less. For example, any Windows system I mtalking abouthere allows tocreate a user
account after all. Linux as well makes it possibletounlock root accountto work with. No
problem. I mustemphasizeonething it can be done. Regardless whether someone will doit
or not. I can tcontradict as well the sentencethat Windows defaultconfigurationis p olitically
incorrect
. Butthis verytextconcerns architectural solutions whichcannotbechangedone
iota, mainlydueto projects derailed
design philosophy.
I admitto a certain simplifications incomments, evendrasticones, with
premeditation. I wantthe articletobeunderstoodbyeveryone whohas a basic knowledgeof
operating systems, so I ask those who know the subject well to remember this anddonot show
the signs ofthe ROTFL syndrome
This is a collectionofrandomthoughts rather than a scientific article about
Windows architecture so keep this inmind when reading andcommenting.
As we all know, operating systems makeuseofa user notion. Wecan logintothe
user account andthen run amok withinthe computer space
the accountis definedby. With
theexceptionofa group ofsystemfunctions which are restrictedfor a uniqueuser calledthe
s ystem administrator . This factis common knowledge. Itcanbe a Unixs r oot
, a NetWares
s upervisor , or another a dmin
. Thedistinctivefeatureofthis peculiarityis thefactthatthe
user is a real Master ofhis system as Zeus was for the ancient Greeks.
Providedthat wedonottalk about Microsoft Windows systems, otherwisethe
matter wouldbecomemorecomplex. Namely, the Microsofts flagship producthas at leasttwo
distinct administrators, as someofyou know (and some of you dont). Oneofthemis called
ADMINISTRATOR user, theother is namedSYSTEM user. The standardSYSTEM accountis likean a gent
fromthe Wachowskibrothers Ma trixtrilogy. Ifwe look atthe process listinTask
Managerwell s eethatmostofthembelongtoSYSTEM user. Itis alsotheowner ofthe
technical files liketheSystem Volume Information (SVI) directory andits files. Our electronic
friend, theSYSTEM user, is the onlydefaultowner ofthefile, soifwe wanttocheck the spaceit
takes we will haveto addthe ADMINISTRATOR user tothe listofpermissibleusers. (Other users
canbe addedtoo, but I donot recommendthis option.)
I will trytoexplaininthenextchapters why I think that T houghthis bemadness,
yetthereis methodinit
, andthattheSYSTEM user is indispensablefor the Windows systems
functionality. Butnow, a short afterthoughtonits existencetaken as a whole. Itis commonknowledgethatevery probleminthe IT worldcanbe resolvedinmany ways. Are all ofthem
equally simple? Decidedlyno. Butthe Kiss, K eep ItSimple, Stupid
, rulehas provedto work in
real life. As I have written above, all operating systems haveonlyone administrator in principle,
andthats a s imple solution. Thats for sure, thattheexistenceofanother administrator would
automaticallycreatecertaincomplications, to putitmildly. A trivial example:nearly all common
Windows users donot know how togetintoSVI directory (sotheydon tneedthe a dvanced
users at all).
7/27/2019 44088245 Project of RHCE
9/24
Ravi Narain Reg No:-800119695
9
IfI wantedto write a dirtytrick whichgathers a Windows users passw ords,
projects andeveryday agenda, I d putthedatajustthere. Firstofall, theSVI directoryis not
visited at all. Whats more, mostoftheusers donot know aboutits existence. Secondly, the
directoryevinces a magicfeatureofchanging sizeinflushes byup to several hundreds ofMB -
bothup anddown. (Failover informationis storedthere). Theideal place. Whatis important, a
computer virus is moreefficientifitis abletoinfectexecutablefiles withthehighestpermissions. Oncemore, theSYSTEM user is thebestfor thesetypes oftasks. For sure, the
SYSTEM user will notmake a hue andcry, as itisn t Artificially Intelligent.
Making an analysis ofa Windows architecture, itmight appear thatthe
implementationofthe a gent
was vitaltothe system R eally? Ill a nswer in a while.
Lets v ote, which system- Windows or Linux- starts faster. Most IT users would
votefor the Windows systems. Itis a solid prooffor a thesis thatone shoulddeal with a
democracy withutmostcare. I suggestto run a test. Lets measurethe startingtimes ofthetwo
systems withthehelp ofa stopwatch. Lets s tart with Windows first. We switchonthecomputer, weobserve POST messages or a BIOSmanufacturers l ogo, and at last weface a boot
manager (GRUB, LILO, etc.) or we see a systems l oading process. Here weturnonthe
stopwatch. Boringmoments pass. Boredomfillingour limbs T he systemcrunches andminces
somedata, but we are still lazilyyawning O nemoretime andthe login window appears. Most
oftheusers would stop the stopwatchnow. Unrecoverableerror! The system loadingis still
goingon! Wetypein a password and we seehow thegraphical environmentemerges. Begyour
pardon. Thegraphical environmentandthe system. Windows systemfinishes loading-
dependingonconfiguration- after several dozens ofseconds after user actually logs in!
Toexaminethe reasons thatthe systembooting process was solvedin a particular
way, wemust startfromthegroundup, or seetothenotionofthe systems kernel. Its funny-buteveryoneuses OperatingSystems names, butonly a few know whatit reallyis. Ifa precise
definitioncannotbedelivered, itis advisabletocreate a listoffeatures which will describethe
idea. However, eventheoperating systems sp ecialistcannot agreehow todefineoperating
systems. Nearly all features arethe same, butthereis always a small but
. Eventheoperating
systems bible-Silberschatzs book (A. Silberschatz, P. Galvin Operating System Concepts )
names twodefinitions. Generally, itis consideredthattheoperating systemis a program, which
runs incessantlyinthecomputer fromthebeginning (whentheoperating systemhas been
started, notthecomputer!) until thecomputer is turnedoff(or restarted). All other programs
arecalled appl ications .
Anoperating system resembles a government. It provides means to proper usage
ofcomputer resources. And similar tothegovernmentitdoesn tmakeuseofanyuseful
functions. It simplycreates anenvironmentin whichother programs mightfacilitatetheuseful
functions.
Inthis view theoperating systems definitionis tantamountto a kerneldefinition. In
other words, onecould place anequality signbetweenthe word k ernel andthetechnical
7/27/2019 44088245 Project of RHCE
10/24
Ravi Narain Reg No:-800119695
10
conceptofanoperating system. Generally, the phrase operating system
is usedtodenote all
those programs which are providedby a manufacturer to satisfythedemandfor such a working
environment. Thats w hythe Linuxnameis oftenusedtodefinethe whole system, althoughthe
namedenotes the kernel only. Lets ass umethat when I write about kernel I will use a full name
-operating system. However, I say s ystem
when I wanttodescribe all the programs as a
whole, together withthe kernel.
Now, thedifficulties appear. The kernel tasks aredefined very loosely. Noone
knows ifmanagement refers toblocking access to system resources or to allowingthemtobe
accessible (e.g. a network card), or ithas todeliver a handler (evenifa partial one). In practice,
the solutionis not a simpleone, as tomaster the resources, their specifications mustbe known.
Inother words, the problemboils downtoonequestion: whether the kernel shouldbe a
programcontainingcomplete solutions, however basic, or the program shouldbefocusedon
only onething- administration, leaving all the works todoto external (to kernel)
applications?
Withthefirstexample weget a reallybig programcalled a monolithic kernel. The
secondexampledefines a small andfastmicrokernel, which looks like an underdeveloped
versionoffullyfledged kernel. Monolithic kernels areusedby Linux systems (sometimes called
Linuxdistros). Microkernels, for examplethe Machmicrokernel, arefoundations to Mac OSX
operating systems (attachedto Applecomputers) and GNU/Hurdoperating system whichis still
inits infancy (whichis thecasefor almosttwodecades).
And another importantmatter. Anoperating system, or everyoperating system, is
build like a cake (or gteau). As we know thebottom partconsists ofa layer ofbiscuit, thenits
covered with sweetfudge, then another biscuitdisk, letitbe a coffee-flavoredone, andonce
more a fudge layer covered withjelly. As far as programmingis concerned, such a layeredstructureis alsousedbutits called abstraction layers. And so as wehavethefirstbiscuit level
(layer) in a cake which l ies on a hardware
(on a table), so wehave a kernel inoperating
systems whichmanagethehardware (all operations dependonthe layer). Next levels arethen
buildontop ofthe kernel. For example-first wehaveX Window System, thenontop ofit a
graphical environment (e.g. KDE), then window manager (e.g. kWin), andonlythen, ontop of
all the la yers , a Firefox webbrowser. Itdoes matter thatevery layer sends messages onlyto
its directneighbors. When ajellydribbles downonto a tableitis hightimeto layoffthecook.
7/27/2019 44088245 Project of RHCE
11/24
Ravi Narain Reg No:-800119695
11
Operating System Architecture
Keepinginmindthe layeredmodel we will comeback to Windows systems
booting. Firstofall wehavetoemphasizethatthe Windows systems k ernel is similar to a
microkernel. (To be more precise, the kernel is called a hybrid kernel - it can be placed between
monolithic and microkernels. None the less, it needs many helpers ).
After startingthecomputer, thefirstthing whichis loadedis a kernel indeed
(ntoskrnl.exe). Nextcomes its best friend
, namelyHALmodule-H
ardware Abstraction Layerwhichmanages drivers neededfor system loading. Whentheenvironmentis ready, a Session
Manager is putintomotion (smss.exe - Session Manager Subsystem) which starts identification
and authentication programs -or using simpleterms - which shows the login screen. A user
satisfiedthathis Windows is ready
touse, mayenter a password, whichmakes the system
load system permissiondata (Group Policy) andthenhaveup and runningthetasks definedin
Runonce andRun keys placedin Windows Registry (e.g.
HKLM\SOFTWARE\Microsoft\CurrentVersion\Runonce). Attheend, Autostart (fromStart Menu)
applications are loaded.
Linux systems present a different approachtowards this problem. After the
monolithic kernel has been loaded, theinitprocess is started, whichinturninvokes otherprocesses (I suggesttoissue apstreecommandin a console whilethis happens). Practically, all
thenecessary system processes are startedduringthe system start. So when a user sees login
window (or screen) theonlything lefttodois to attendtothe KDE or GNOME graphical
environments. Anythingbeyondthatis readytouse. (Ubuntuteam works at presentto replace
theinitscript with anupstartscript. Butitdoesn t affectour reasoning.)
7/27/2019 44088245 Project of RHCE
12/24
Ravi Narain Reg No:-800119695
12
Thequestion- which solutionis better -mustbe left without an answer. However, a
shortdigressionmustbe addedtotheend. Microsoftuses thetrick notoriously. As psychology
teaches, themostfrustratingis a mans inabilityto act andhis lack ofinfluenceon any
processes, somovingthe login phaseintothemiddleofstarting sequenceofevents, will give
theuser psychological comfort andit will be receivedbetter. Andeventhoughthemonitor has
displayedthefamous task bar andicons, noone will be ableto load an advanced spreadsheetapplicationor a game. Mostoftheusers are awaretheymust wait a whileyet. Such solutionis
a better onethan previous ones interms ofmarketingbutitbacklashes in lesser stabilityor the
systems sa fety and leads sometimes tothefrustrationofinexperiencedusers.
Takingintoconsiderationthewhole start sequence- Linuxdoesn t load slower than
Windows systems. Thefoundationofoperating systems, thatis, all whatis hiddenbehindthe
nameis knownfor years. Theres no wizardryinthis world.
Operating System
Whytheopinionthat Linux systems are safer thanthe Windows systems is so
prevalent? Perhaps duetothefactthatitis true. But why? Lets goback tothe previous point.
As I wrote, anoperating system resembles a cake. Youll findits kernel atthebottom, andits
applications placedontop. Accordingtothecake, picturethe kernel together with associated
programs creating a socalled kernel layer. The restofthe runningtasks makeup a user layer. Inother words -the kernel layer creates anenvironmentin whichtheuser layer is ran. The system
is dividedintotwo-upper and lower parts.
Wecan simplifythematter ifwe areto write aboutthe Linux, Mach (Mac OS X
kernel), Solaris or BSD systems. Safetytasks are run withinthe kernel layer. Basically, inthe
kernel alone. The Machmicrokernel has additional safetymodules which runinthe kernel layer
7/27/2019 44088245 Project of RHCE
13/24
Ravi Narain Reg No:-800119695
13
as auxiliary programs. Protectionin Unix systems is always on, moreover, itis simpleinterms of
design andduetothat statisticallytougher tocrack.
The samecannotbe said about Windows systems. The protection subsystems are
morecomplex andthey run withintheuser layer. The logic lyingbehindis screwedup. The
operating systemis deafandblind. Itcreates anenvironment. The programs whichcan talk totheenvironment are startedintheuser layer, sothe protection which works onthe same level
shouldbeefficient. Readfrom a paper, itis true, but lifeis not so rosy. Firstofall, any program
runningintheuser layer (protectionis implemented as another program) is more vulnerableor
proneto disarmament
than protectionimplementedinthe kernel layer. For second, oneof
themost popular computer protection systems, not playing withdetails, is a firewall. As it
works intheuser layer, itmustbedesignedin such a waythatit shouldn tfinditselfnot
startinginthe systems l oading process. At last, itis a program, andcontrarytothe kernel itself,
itdoesn thaveto work.
A small digression. I have writtenearlier aboutthe SYSTEM user . This SYSTEM isneededbythe Windows systems to start programs intheuser layer, amongothers. After all, we
mustn t waitto launch a firewall until JohnSmithis logged-in (after several hours in whichhis
computer has beenup and running). SotheSYSTEM user is used. Butit suffices, likeinthe
Machexample, to placethe protection subsystemin lower layer andhavethe problemoffofa
head.
Lets ass ume something likethis. I have loggedinto a Windows system as a
commonuser. Lets check whatdisks havebeen attachedtomy systemor speaking precisely-
whatdisks havebeenmappedtomy system. I havefound, as a normal user, a few network
disks fromtwo servers. Mycomputer runs several programs. Youll find amongthem local ones,
onefromthefirst server, and another onefromthe second server. All the applications makeuseofseveral dozenfiles atonce, someofthem placedonthetwo servers.
Lets ass umenow that atonetime I havedecidedto readthedata from a fileowned
by a server administrator (and it has just happened to be me). Oh, Lord! How I didyearnto
work with any Unix systemin suchconditions! Any attemptto attach admin resources will end
up withthemessage: Multiple links to server or to shared resources by the same user, making
use of the users name more than once, is not allowed. Disconnect all previous server
connections and try to reconnect. Marvelous!
IfI was workingunder Linuxor OSX
I dbe abletomounttheneededdevice andtomakeuseofa file, using a nice and simple programcalledsmbmount. The programtreats every
connection as a uniqueone and pa ys no attention
to suchconditions where another copyof
itselfhasjustmade a connectiontothe samedeviceunder thenameofanother user. This is
thedirect resultofconceptuallycomplexdesignoftheuser layer, which I describedearlier in
this article. Itcanbecommentedonlyone way: another prooffor superiorityofsimplicityover
complexity.
7/27/2019 44088245 Project of RHCE
14/24
Ravi Narain Reg No:-800119695
14
Itis notthe authors intentionto rekindle another flame war between Windows
and Linuxusers. The author asks both sides interestedinthis topicto refrainfromdarting
names ontoeachother. Ifonefeels necessitytocommentthe article, please write itis bador
not
, or point whereit shouldbe rewrittenin a broader perspective- whatdoesn tmeanit
should show superiorityofoneofthe systems over theother. Such a statement wouldbehighly
subjective. And whenI reckon Windows ar chitectureinferior to Linuxone, itdoesn tmeanitisinferior. Theydiffer. Writingoperating systemis a complexmatter andtoomanytimes the
chosen solutionis socalled a s olutionoflesser evil . Oneis ableto write a similar l ist
of
architectural items pertainingto Linux systems, butit wouldhavenothingtodo with Photoshop
runningor notoneveryofthetwo systems.
Case Studies - 02
Users and Groups Management in Linux
Control ofusers andgroupsis a coreelementofRed Hat Linux system
administration.
Userscanbeeither people, meaning accounts tiedto physical users, or accounts which
existfor specific applications touse.
Groups are logical expressions oforganization, tyingusers together for a common
purpose. Users withinthe samegroup can read, write, or executefiles ownedbythegroup.
Eachuser andgroup have a uniquenumerical identificationnumber called a userid
(UID) and a groupid(GID) respectively.
When a fileis created, itis assigned a user andgroup owner. Itis also assigned
separate read, write, andexecute permissions for theowner, thegroup, andeveryoneelse. The
user andthegroup to which a filebelongs, as well as the access permissions onthefile, canbe
changedbythe rootuser or, inmostcases, bythecreator ofthefile.
Proper managementofusers andgroups, andeffectivemanagementoffile
permissions are amongthemostimportanttasks a system administrator undertakes. For a
detailed look at strategies for managingusers andgroups, refer tothechapter titledManaging
Accounts and GroupintheRed Hat Linux System Administration Primer.
7/27/2019 44088245 Project of RHCE
15/24
Ravi Narain Reg No:-800119695
15
User and Group Management in Windows
Thegroup is is one area where win.mit.edu, or WIN, diverges from a typical Windows
Domain. WIN users andgroups aredefined andmaintainedinthe MIT systemofrecord, Moira.
There are a varietyoftools availableto add anexistinguser to anexistinggroup.
Theseincludethe Moira listmanagement webinterface, moira commands likeblanche, andthe
WIN machine Moira MMC snap-in.
On a WIN machineyoumay runmoira or blanchefromthecommand lineor the run
menu. Youmay also startthe Moira MMC snap-infromthemenuitem "Start-> Programs->
Administrative Tools-> Moira Account Management."
Moira MMC Procedure
To add a user to a group usingthe Moira MMC:
1. SelectList Managementfromthe left panel and rightclick onthe selection.2. SelectFind Lists.3. Click onName, enter the listname andhitSearch.4. Selectthe listname andhitDisplay.5. Rightclick onthe listname and selectProperties.6. Click ontheMemberstab.7. Ifyouhavethe permission, theAddbutton will be sensitized, soclick onit.8. Choosethetypeofobjectyou wishto add andenter its name.9. Click OK.
Case Studies - 03
File System
It keep thedata inorganized. It allocates the spacetothe anddirectories andit assign
attributes tothefiledirectories.
Linuxusedext2 & ext3
It arrange all thefile anddirectories inhighrical way
7/27/2019 44088245 Project of RHCE
16/24
Ravi Narain Reg No:-800119695
16
/ This is toplabledirectoryinthehighrical whichis called root. Itis thetop ofthefile
system structure . All thedirectory aremountedunder it.
7/27/2019 44088245 Project of RHCE
17/24
Ravi Narain Reg No:-800119695
17
7/27/2019 44088245 Project of RHCE
18/24
Ravi Narain Reg No:-800119695
18
This is a layoutfrom a RedHat system. Dependingonthe system admin, the
operating system andthemissionofthe UNIXmachine, the structuremay vary, anddirectories
maybe leftoutor added at will. Thenames arenoteven required;they areonly a convention.
Thetreeofthefile system starts atthetrunk or slash, indicatedby a forward slash
(/). This directory, containing all underlyingdirectories andfiles, is alsocalledtheroot directoryor "the root" ofthefile system.
Directories that areonlyone level below the rootdirectory areoften precededby a
slash, toindicatetheir position and preventconfusion withother directories thatcouldhave
the samename. When starting with a new system, itis always a goodidea totake a look inthe
rootdirectory. Let's see whatyoucould runinto:
Directory Content
/bin Common programs, sharedbythe system, the system administrator andtheusers.
/boot
The startup files andthe kernel, vmlinuz. In some recentdistributions alsogrubdata.
Grubis the GRand Unified Boot loader andis an attempttoget ridofthemany
differentboot-loaders we know today.
/devContains references to all the CPU peripheral hardware, which are represented as files
with special properties.
/etcMostimportant systemconfigurationfiles arein /etc, this directorycontains data
similar tothoseinthe Control Panel in Windows
/home Homedirectories ofthecommonusers.
/initrd (on somedistributions) Informationfor booting. Donot remove!
/libLibraryfiles, includes files for all kinds ofprograms neededbythe system andthe
users.
/lost+foundEvery partitionhas a lost+foundinits upper directory. Files that were savedduring
failures arehere.
/misc For miscellaneous purposes.
/mnt Standardmount pointfor external file systems, e.g. a CD-ROM or a digital camera.
/net Standardmount pointfor entire remotefile systems
/opt Typicallycontains extra andthird party software.
7/27/2019 44088245 Project of RHCE
19/24
Ravi Narain Reg No:-800119695
19
Directory Content
/proc
A virtual file systemcontaininginformation about system resources. Moreinformation
aboutthemeaningofthefiles in procis obtainedbyenteringthecommandmanproc
in a terminal window. Thefile proc.txtdiscusses the virtual file systemindetail.
/rootThe administrativeuser's homedirectory. Mindthedifferencebetween /, the root
directory and /root, thehomedirectoryoftherootuser.
/sbin Programs for usebythe system andthe system administrator.
/tmpTemporary spacefor usebythe system, cleanedupon reboot, sodon'tusethis for
saving any work!
/usr Programs, libraries, documentationetc. for all user-related programs.
/var
Storagefor all variablefiles andtemporaryfiles createdbyusers, such as logfiles, the
mail queue, the print spooler area, spacefor temporary storageoffiles downloaded
fromthe Internet, or to keep animageofa CD beforeburningit.
Case Studies - 04
Software project site Oftenindividual software project will offer their own setof
RPM packages for their own project. This is particularlyuseful for projectunder continuous
development. Ifthe projectdoesn toffer RPMs, they will typicallyoffer codein whatis called a
tarball. Thetarball mayincludebinarycodeor moreoften, sourcecodeyoucanbuildfor your
environment.
Mostfedora repositories are lightondescriptions ofthe packages theyoffer. The
following list summarizes someother Web sites thatyoucanbrowsetofinddetailed
information about softwarethat runs in Linux. Thenyoucan search Fedora repositories for
Fedora-or RHEL-specific versions ofthose packages
*Freshment(www.freshmeat.net) this sitemaintains a massive indexof
LinuxSoftware. Youcando keyword searches for software projects or browsefor softwareby
category.
*SourceForge (www.sourceforge.net) This sitehosts thousands ofopen
source software projects. Youcandownload software anddocumentationfromthose projects
throughtheSourceForge site.
*Rpmfind (www.rpmfingd.net) This sitehosts thousands ofopen source
softwarethatis packageinthe RPM Package Management(RPM) format across a varietyof
repositories. Youcando a keyword searchfromthis Website.
7/27/2019 44088245 Project of RHCE
20/24
Ravi Narain Reg No:-800119695
20
Wecanjustdownload a single software packagetogetthe
softwareinthat packageto word. Many packagedepends onother packages. For example
software packagefor playing audio & videotypically relyonother software packages for
decodingdifferent kinds ofcontent.
Case Studiesb - 05
Sendmail shouldbe installedbydefault whenyou install Red Hat Linux. If it is not
thenyouneedtoinstall theSendmail RPM's withthe Red Hatdistribution.
Download the Sendmail RPM's from the RedHat website, from a mirroror from
your Red Hatinstallation CD.
These RPM's are required:
sendmail-{ver}.i386.rpm
sendmail-cf-{ver}.i386.rpm
sendmail-devel-{ver}.i386.rpm
Configuring Sendmail
1). Editfile "/etc/mail/sendmail.mc" - Look for the line:
DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
Changethis lineto:
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
Savethefile.
2). Makethe sendmail configurationfile:
$>m4 /etc/mail/sendmail.mc> /etc/sendmail.cf
3).RestartSendmail:
$> /etc/rc.d/init.d/sendmail restart
7/27/2019 44088245 Project of RHCE
21/24
Ravi Narain Reg No:-800119695
21
PROJECT ON RHEL 5
All about Linux swap space
Whenyour computer needs to run programs that arebigger thanyour available
physical memory, mostmodernoperating systems use a techniquecalled swapping, in which
chunks ofmemory aretemporarily storedontheharddisk whileother data is movedinto
physical memory space. Here are sometechniques thatmayhelp youbetter manage swapping
on Linux systems andgetthebest performancefromthe Linux swapping subsystem.
Linuxdivides its physical RAM (random access memory) intochucks ofmemory
called pages. Swappingis the process whereby a pageofmemoryis copiedtothe preconfigured
spaceontheharddisk, called swap space, tofreeup that pageofmemory. Thecombined sizes
ofthe physical memory andthe swap spaceis the amountofvirtual memory available.
Swappingis necessaryfor twoimportant reasons. First, whenthe system requires
morememorythanis physically available, the kernel swaps out less used pages andgives
memorytothecurrent application (process) thatneeds thememoryimmediately. Second, a
significantnumber ofthe pages usedby an applicationduringits startup phasemayonlybe
usedfor initialization andthennever used again. The systemcan swap outthose pages andfree
thememoryfor other applications or evenfor thedisk cache.
However, swappingdoes have a downside. Comparedtomemory, disks are veryslow. Memory speeds canbemeasuredinnanoseconds, whiledisks aremeasuredin
milliseconds, so accessingthedisk canbetens ofthousands times slower than accessing
physical memory. Themore swappingthatoccurs, the slower your system will be. Sometimes
excessive swappingor thrashingoccurs where a pageis swappedout andthen very soon
swappedin andthen swappedout again and soon. In such situations the systemis strugglingto
findfreememory and keep applications running atthe sametime. Inthis caseonly addingmore
RAM will help.
Linuxhas twoforms ofswap space:the swap partition andthe swap file. The swap
partitionis anindependent sectionoftheharddisk used solelyfor swapping;noother files can
residethere. The swap fileis a special fileinthefilesystemthat resides amongstyour system
anddata files.
To see what swap spaceyouhave, usethecommandswapon-s. Theoutput will look
something likethis:
Filename Type Size Used Priority
7/27/2019 44088245 Project of RHCE
22/24
Ravi Narain Reg No:-800119695
22
/dev/sda5 partition 859436 0 -1
Each line lists a separate swap spacebeingusedbythe system. Here, the'Type'field
indicates thatthis swap spaceis a partition rather than a file, andfrom'Filename' we seethatit
is onthedisk sda5. The'Size'is listedin kilobytes, andthe'Used'fieldtells us how many
kilobytes ofswap spacehas beenused (inthis casenone). 'Priority'tells Linux which swap spacetousefirst. Onegreatthing aboutthe Linux swapping subsystemis thatifyoumounttwo (or
more) swap spaces (preferablyontwodifferentdevices) withthe same priority, Linux will
interleaveits swapping activitybetweenthem, whichcangreatlyincrease swapping
performance.
To add anextra swap partitiontoyour system, youfirstneedto prepareit. Step one
is toensurethatthe partitionis marked as a swap partition and step twois tomakethe swap
filesystem. Tocheck thatthe partitionis markedfor swap, run as root:
fdisk -l /dev/hdb
Replace /dev/hdb withthedeviceoftheharddisk onyour system withthe swap
partitiononit. You should seeoutputthat looks likethis:
Device Boot Start End Blocks Id System
/dev/hdb1 2328 2434 859446 82 Linux swap / Solaris
Ifthe partitionisn'tmarked as swap you will needto alter itby runningfdisk and
usingthe't'menuoption. Becareful when working with partitions --youdon't wanttodelete
important partitions bymistakeor changetheidofyour system partitionto swap bymistake.
All data on a swap partition will be lost, sodouble-check everychangeyoumake. Alsonotethat
Solaris uses the same ID as Linux swap spacefor its partitions, sobecareful notto kill your
Solaris partitions bymistake.
Once a partitionis marked as swap, youneedto prepareitusingthemkswap (make
swap) command as root:
mkswap /dev/hdb1
Ifyou seenoerrors, your swap spaceis readytouse. To activateitimmediately, type:
swapon /dev/hdb1
Youcan verifythatitis beingusedby runningswapon-s. Tomountthe swap space
automatically atboottime, youmust add anentrytothe /etc/fstabfile, whichcontains a listof
filesystems and swap spaces thatneedtobemounted atbootup. Theformatofeach lineis:
7/27/2019 44088245 Project of RHCE
23/24
Ravi Narain Reg No:-800119695
23
Since swap spaceis a special typeoffilesystem, manyofthese parameters aren't applicable.
For swap space, add:
/dev/hdb1 none swap sw 0 0
where /dev/hdb1 is the swap partition. Itdoesn'thave a specificmount point,hencenone. Itis oftypeswap withoptions ofsw, andthe lasttwo parameters aren'tused so
they areentered as 0.
Tocheck thatyour swap spaceis being automaticallymounted withouthaving
to reboot, youcan runtheswapoff-acommand (whichturns offall swap spaces) andthenswapon
-a (whichmounts all swap spaces listedinthe /etc/fstabfile) andthencheck it withswapon-s.
Swap file
As well as the swap partition, Linux also supports a swap filethatyoucancreate,prepare, andmountin a fashion similar tothatofa swap partition. The advantageofswap files
is thatyoudon'tneedtofind anempty partitionor repartition a disk to add additional swap
space.
Tocreate a swap file, usetheddcommandtocreate anemptyfile. Tocreate a 1GB file, type:
ddif=/dev/zeroof=/swapfilebs=1024 count=1048576
/swapfileis thenameofthe swap file, andthecountof1048576 is the sizein kilobytes
(i.e. 1GB).
Preparethe swap fileusingmkswapjust as you would a partition, butthis timeusethe
nameofthe swap file:
mkswap /swapfile
And similarly, mountitusingthe swaponcommand:swapon /swapfile.
The /etc/fstabentryfor a swap file would look likethis:
/swapfile none swap sw 0 0
How big should my swap space be?
Itis possibleto run a Linux system without a swap space, andthe system will run well
ifyouhave a large amountofmemory--butifyou runoutofphysical memorythenthe system
7/27/2019 44088245 Project of RHCE
24/24
Ravi Narain Reg No:-800119695
24
will crash, as ithas nothingelseitcando, soitis advisabletohave a swap space, especially
sincedisk spaceis relativelycheap.
The keyquestionis how much? Older versions ofUnix-typeoperating systems (such
as Sun OS and Ultrix) demanded a swap spaceoftwotothreetimes thatofphysical memory.
Modernimplementations (such as Linux) don't requirethatmuch, buttheycanuseitifyouconfigureit. A ruleofthumbis as follows: 1) for a desktop system, use a swap spaceofdouble
systemmemory, as it will allow youto run a largenumber ofapplications (manyofwhichmay
will beidle andeasily swapped), makingmore RAM availablefor the active applications; 2) for a
server, have a smaller amountofswap available (sayhalfofphysical memory) sothatyouhave
someflexibilityfor swapping whenneeded, butmonitor the amountofswap spaceused and
upgradeyour RAM ifnecessary; 3) for older desktop machines (with sayonly 128MB), use as
much swap space as youcan spare, evenup to 1GB.
The Linux 2.6 kernel added a new kernel parameter calledswappinessto let
administrators tweak the way Linux swaps. Itis a number from 0 to 100. Inessence, highervalues leadtomore pages being swapped, and lower values leadtomore applications being
keptinmemory, evenifthey areidle. Kernel maintainer Andrew Mortonhas saidthathe runs
his desktop machines with a swappiness of100, statingthat "My pointis thatdecreasingthe
tendencyofthe kernel to swap stuffoutis wrong. You reallydon't wanthundreds ofmegabytes
ofBloatyApp's untouchedmemoryfloating aboutinthemachine. Getitoutonthedisk, usethe
memoryfor somethinguseful."
Onedownsideto Morton's idea is thatifmemoryis swappedouttooquicklythen
application responsetimedrops, because whenthe application's window is clickedthe system
has to swap the applicationback intomemory, which will makeitfeel slow.
Thedefault valuefor swappiness is 60. Youcan alter ittemporarily (until younext
reboot) bytyping as root:
echo 50 > /proc/sys/vm/swappiness
Ifyou wantto alter it permanentlythenyouneedtochangethevm.swappiness
parameter inthe /etc/sysctl.conffile.
Conclusion
Managing swap spaceis anessential aspectofsystem administration. Withgood
planning and proper use swappingcan providemanybenefits. Don'tbe afraidtoexperiment,
and always monitor your systemtoensureyou aregettingthe results youneed.