Product SiteDocumentation Site

Fedora 16

System Administrator's Guide

Deployment, Configuration, and Administration of Fedora 16

Edition 1

Jaromír Hradílek

Red Hat, Inc. Engineering Content Services

Douglas Silas

Red Hat, Inc. Engineering Content Services

Martin Prpič

Red Hat, Inc. Engineering Content Services

Eva Kopalová

Red Hat, Inc. Engineering Content Services

Eliška Slobodová

Red Hat, Inc. Engineering Content Services

Tomáš Čapek

Red Hat, Inc. Engineering Content Services

Petr Kovář

Red Hat, Inc. Engineering Content Services

Miroslav Svoboda

Red Hat, Inc. Engineering Content Services

John Ha

Red Hat, Inc. Engineering Content Services

David O'Brien

Red Hat, Inc. Engineering Content Services

Michael Hideo

Red Hat, Inc. Engineering Content Services

Don Domingo

Red Hat, Inc. Engineering Content Services

Legal Notice

Copyright © 2011 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.
Abstract
The System Administrator's Guide documents relevant information regarding the deployment, configuration, and administration of Fedora 16. It is oriented towards system administrators with a basic understanding of the system.

Preface
1. Target Audience
2. How to Read this Book
3. Document Conventions
3.1. Typographic Conventions
3.2. Pull-quote Conventions
3.3. Notes and Warnings
4. Feedback
5. Acknowledgments
I. Basic System Configuration
1. Configuring the Language and Keyboard
1.1. Changing the Language
1.2. Changing the Date, Time, and Numeric Format
1.3. Changing the Keyboard Layout
1.4. Viewing the Current Configuration
2. Configuring the Date and Time
2.1. Using the Date and Time Configuration Tool
2.2. Using the Command Line Tools
2.2.1. Changing the Date
2.2.2. Changing the Time
2.2.3. Configuring the Network Time Protocol
2.3. Additional Resources
2.3.1. Installed Documentation
3. Managing Users and Groups
3.1. Introduction to Users and Groups
3.1.1. User Private Groups
3.1.2. Shadow Passwords
3.2. Using the User Accounts Tool
3.2.1. Configuring an Account
3.2.2. Adding a New User
3.2.3. Removing a User
3.3. Using the User Manager Tool
3.3.1. Viewing Users and Groups
3.3.2. Adding a New User
3.3.3. Adding a New Group
3.3.4. Modifying User Properties
3.3.5. Modifying Group Properties
3.4. Using Command Line Tools
3.4.1. Adding a New User
3.4.2. Adding a New Group
3.4.3. Enabling Password Aging
3.4.4. Enabling Automatic Logouts
3.4.5. Creating Group Directories
3.5. Additional Resources
3.5.1. Installed Documentation
II. Package Management
4. Yum
4.1. Checking For and Updating Packages
4.1.1. Checking For Updates
4.1.2. Updating Packages
4.1.3. Preserving Configuration File Changes
4.2. Packages and Package Groups
4.2.1. Searching Packages
4.2.2. Listing Packages
4.2.3. Displaying Package Information
4.2.4. Installing Packages
4.2.5. Removing Packages
4.2.6. Working with Transaction History
4.3. Configuring Yum and Yum Repositories
4.3.1. Setting [main] Options
4.3.2. Setting [repository] Options
4.3.3. Using Yum Variables
4.3.4. Viewing the Current Configuration
4.3.5. Adding, Enabling, and Disabling a Yum Repository
4.3.6. Creating a Yum Repository
4.4. Yum Plug-ins
4.4.1. Enabling, Configuring, and Disabling Yum Plug-ins
4.4.2. Installing Additional Yum Plug-ins
4.4.3. Plug-in Descriptions
4.5. Additional Resources
5. PackageKit
5.1. Updating Packages with Software Update
5.1.1. Setting the Update-Checking Interval
5.1.2. Setting the Software Sources
5.2. Using Add/Remove Software
5.2.1. Refreshing Software Sources (Yum Repositories)
5.2.2. Finding Packages with Filters
5.2.3. Installing and Removing Packages (and Dependencies)
5.2.4. Installing and Removing Package Groups
5.2.5. Viewing the Transaction Log
5.3. PackageKit Architecture
5.4. Additional Resources
III. Networking
6. Network Interfaces
6.1. Network Configuration Files
6.2. Interface Configuration Files
6.2.1. Ethernet Interfaces
6.2.2. Channel Bonding Interfaces
6.2.3. Alias and Clone Files
6.2.4. Dialup Interfaces
6.2.5. Other Interfaces
6.3. Interface Control Scripts
6.4. Configuring Static Routes
6.5. Network Function Files
6.6. Additional Resources
6.6.1. Installed Documentation
IV. Infrastructure Services
7. Services and Daemons
7.1. Configuring Services
7.1.1. Enabling the Service
7.1.2. Disabling the Service
7.2. Running Services
7.2.1. Checking the Service Status
7.2.2. Running the Service
7.2.3. Stopping the Service
7.2.4. Restarting the Service
7.3. Additional Resources
7.3.1. Installed Documentation
7.3.2. Related Books
8. Configuring Authentication
8.1. The Authentication Configuration Tool
8.1.1. Identity & Authentication
8.1.2. Advanced Options
8.1.3. Command Line Version
8.2. The System Security Services Daemon (SSSD)
8.2.1. What is SSSD?
8.2.2. SSSD Features
8.2.3. Setting Up SSSD
8.2.4. Configuring Services
8.2.5. Configuring Domains
8.2.6. Setting Up Kerberos Authentication
8.2.7. Configuring a Proxy Domain
8.2.8. Troubleshooting
8.2.9. SSSD Configuration File Format
9. OpenSSH
9.1. The SSH Protocol
9.1.1. Why Use SSH?
9.1.2. Main Features
9.1.3. Protocol Versions
9.1.4. Event Sequence of an SSH Connection
9.2. An OpenSSH Configuration
9.2.1. Configuration Files
9.2.2. Starting an OpenSSH Server
9.2.3. Requiring SSH for Remote Connections
9.2.4. Using a Key-Based Authentication
9.3. OpenSSH Clients
9.3.1. Using the ssh Utility
9.3.2. Using the scp Utility
9.3.3. Using the sftp Utility
9.4. More Than a Secure Shell
9.4.1. X11 Forwarding
9.4.2. Port Forwarding
9.5. Additional Resources
9.5.1. Installed Documentation
9.5.2. Useful Websites
V. Servers
10. DHCP Servers
10.1. Why Use DHCP?
10.2. Configuring a DHCP Server
10.2.1. Configuration File
10.2.2. Lease Database
10.2.3. Starting and Stopping the Server
10.2.4. DHCP Relay Agent
10.3. Configuring a DHCP Client
10.4. Configuring a Multihomed DHCP Server
10.4.1. Host Configuration
10.5. DHCP for IPv6 (DHCPv6)
10.6. Additional Resources
10.6.1. Installed Documentation
11. DNS Servers
11.1. Introduction to DNS
11.1.1. Nameserver Zones
11.1.2. Nameserver Types
11.1.3. BIND as a Nameserver
11.2. BIND
11.2.1. Configuring the named Service
11.2.2. Editing Zone Files
11.2.3. Using the rndc Utility
11.2.4. Using the dig Utility
11.2.5. Advanced Features of BIND
11.2.6. Common Mistakes to Avoid
11.2.7. Additional Resources
12. Web Servers
12.1. The Apache HTTP Server
12.1.1. New Features
12.1.2. Notable Changes
12.1.3. Updating the Configuration
12.1.4. Running the httpd Service
12.1.5. Editing the Configuration Files
12.1.6. Working with Modules
12.1.7. Setting Up Virtual Hosts
12.1.8. Setting Up an SSL Server
12.1.9. Additional Resources
13. Mail Servers
13.1. Email Protocols
13.1.1. Mail Transport Protocols
13.1.2. Mail Access Protocols
13.2. Email Program Classifications
13.2.1. Mail Transport Agent
13.2.2. Mail Delivery Agent
13.2.3. Mail User Agent
13.3. Mail Transport Agents
13.3.1. Postfix
13.3.2. Sendmail
13.3.3. Fetchmail
13.3.4. Mail Transport Agent (MTA) Configuration
13.4. Mail Delivery Agents
13.4.1. Procmail Configuration
13.4.2. Procmail Recipes
13.5. Mail User Agents
13.5.1. Securing Communication
13.6. Additional Resources
13.6.1. Installed Documentation
13.6.2. Useful Websites
13.6.3. Related Books
14. Directory Servers
14.1. OpenLDAP
14.1.1. Introduction to LDAP
14.1.2. Installing the OpenLDAP Suite
14.1.3. Configuring an OpenLDAP Server
14.1.4. Running an OpenLDAP Server
14.1.5. Configuring a System to Authenticate Using OpenLDAP
14.1.6. Additional Resources
15. File and Print Servers
15.1. Samba
15.1.1. Introduction to Samba
15.1.2. Samba Daemons and Related Services
15.1.3. Connecting to a Samba Share
15.1.4. Configuring a Samba Server
15.1.5. Starting and Stopping Samba
15.1.6. Samba Server Types and the smb.conf File
15.1.7. Samba Security Modes
15.1.8. Samba Account Information Databases
15.1.9. Samba Network Browsing
15.1.10. Samba with CUPS Printing Support
15.1.11. Samba Distribution Programs
15.1.12. Additional Resources
15.2. FTP
15.2.1. The File Transfer Protocol
15.2.2. FTP Servers
15.2.3. Files Installed with vsftpd
15.2.4. Starting and Stopping vsftpd
15.2.5. vsftpd Configuration Options
15.2.6. Additional Resources
15.3. Printer Configuration
15.3.1. Starting the Printer Configuration Tool
15.3.2. Starting Printer Setup
15.3.3. Adding a Local Printer
15.3.4. Adding an AppSocket/HP JetDirect printer
15.3.5. Adding an IPP Printer
15.3.6. Adding an LPD/LPR Host or Printer
15.3.7. Adding a Samba (SMB) printer
15.3.8. Selecting the Printer Model and Finishing
15.3.9. Printing a test page
15.3.10. Modifying Existing Printers
15.3.11. Additional Resources
VI. Monitoring and Automation
16. System Monitoring Tools
16.1. Viewing System Processes
16.1.1. Using the ps Command
16.1.2. Using the top Command
16.1.3. Using the System Monitor Tool
16.2. Viewing Memory Usage
16.2.1. Using the free Command
16.2.2. Using the System Monitor Tool
16.3. Viewing Block Devices and File Systems
16.3.1. Using the lsblk Command
16.3.2. Using the blkid Command
16.3.3. Using the partx Command
16.3.4. Using the findmnt Command
16.3.5. Using the df Command
16.3.6. Using the du Command
16.3.7. Using the System Monitor Tool
16.4. Viewing Hardware Information
16.4.1. Using the lspci Command
16.4.2. Using the lsusb Command
16.4.3. Using the lspcmcia Command
16.4.4. Using the lscpu Command
16.5. Monitoring Performance with Net-SNMP
16.5.1. Installing Net-SNMP
16.5.2. Running the Net-SNMP Daemon
16.5.3. Configuring Net-SNMP
16.5.4. Retrieving Performance Data over SNMP
16.5.5. Extending Net-SNMP
16.6. Additional Resources
16.6.1. Installed Documentation
17. Viewing and Managing Log Files
17.1. Configuring rsyslog
17.1.1. Global Directives
17.1.2. Modules
17.1.3. Rules
17.1.4. rsyslog Command Line Configuration
17.2. Locating Log Files
17.2.1. Configuring logrotate
17.3. Viewing Log Files
17.4. Adding a Log File
17.5. Monitoring Log Files
17.6. Additional Resources
17.6.1. Installed Documentation
17.6.2. Useful Websites
18. Automating System Tasks
18.1. Cron and Anacron
18.1.1. Starting and Stopping the Service
18.1.2. Configuring Anacron Jobs
18.1.3. Configuring Cron Jobs
18.1.4. Controlling Access to Cron
18.1.5. Black/White Listing of Cron Jobs
18.2. At and Batch
18.2.1. Configuring At Jobs
18.2.2. Configuring Batch Jobs
18.2.3. Viewing Pending Jobs
18.2.4. Additional Command Line Options
18.2.5. Controlling Access to At and Batch
18.2.6. Starting and Stopping the Service
18.3. Additional Resources
18.3.1. Installed Documentation
19. OProfile
19.1. Overview of Tools
19.2. Configuring OProfile
19.2.1. Specifying the Kernel
19.2.2. Setting Events to Monitor
19.2.3. Separating Kernel and User-space Profiles
19.3. Starting and Stopping OProfile
19.4. Saving Data
19.5. Analyzing the Data
19.5.1. Using opreport
19.5.2. Using opreport on a Single Executable
19.5.3. Getting more detailed output on the modules
19.5.4. Using opannotate
19.6. Understanding /dev/oprofile/
19.7. Example Usage
19.8. OProfile Support for Java
19.8.1. Profiling Java Code
19.9. Graphical Interface
19.10. OProfile and SystemTap
19.11. Additional Resources
19.11.1. Installed Docs
19.11.2. Useful Websites
VII. Kernel, Module and Driver Configuration
20. Manually Upgrading the Kernel
20.1. Overview of Kernel Packages
20.2. Preparing to Upgrade
20.3. Downloading the Upgraded Kernel
20.4. Performing the Upgrade
20.5. Verifying the Initial RAM Disk Image
20.6. Verifying the Boot Loader
20.6.1. Configuring the GRUB Boot Loader
20.6.2. Configuring the OS/400 Boot Loader
20.6.3. Configuring the YABOOT Boot Loader
21. Working with Kernel Modules
21.1. Listing Currently-Loaded Modules
21.2. Displaying Information About a Module
21.3. Loading a Module
21.4. Unloading a Module
21.5. Setting Module Parameters
21.6. Persistent Module Loading
21.7. Specific Kernel Module Capabilities
21.7.1. Using Multiple Ethernet Cards
21.7.2. Using Channel Bonding
21.8. Additional Resources
21.8.1. Installed Documentation
21.8.2. Useful Websites
22. The kdump Crash Recovery Service
22.1. Configuring the kdump Service
22.1.1. Using the Kernel Dump Configuration Utility
22.1.2. Configuring kdump on the Command Line
22.1.3. Testing the Configuration
22.2. Analyzing the Core Dump
22.2.1. Running the crash Utility
22.2.2. Displaying the Message Buffer
22.2.3. Displaying a Backtrace
22.2.4. Displaying a Process Status
22.2.5. Displaying Virtual Memory Information
22.2.6. Displaying Open Files
22.2.7. Exiting the Utility
22.3. Additional Resources
22.3.1. Installed Documentation
22.3.2. Useful Websites
A. Consistent Network Device Naming
A.1. Affected Systems
A.2. System Requirements
A.3. Enabling and Disabling the Feature
A.4. Notes for Administrators
B. RPM
B.1. RPM Design Goals
B.2. Using RPM
B.2.1. Finding RPM Packages
B.2.2. Installing and Upgrading
B.2.3. Configuration File Changes
B.2.4. Uninstalling
B.2.5. Freshening
B.2.6. Querying
B.2.7. Verifying
B.3. Checking a Package's Signature
B.3.1. Importing Keys
B.3.2. Verifying Signature of Packages
B.4. Practical and Common Examples of RPM Usage
B.5. Additional Resources
B.5.1. Installed Documentation
B.5.2. Useful Websites
B.5.3. Related Books
C. The X Window System
C.1. The X Server
C.2. Desktop Environments and Window Managers
C.2.1. Desktop Environments
C.2.2. Window Managers
C.3. X Server Configuration Files
C.3.1. The Structure of the Configuration
C.3.2. The xorg.conf.d Directory
C.3.3. The xorg.conf File
C.4. Fonts
C.4.1. Adding Fonts to Fontconfig
C.5. Additional Resources
C.5.1. Installed Documentation
C.5.2. Useful Websites
D. The sysconfig Directory
D.1. Files in the /etc/sysconfig/ Directory
D.1.1. /etc/sysconfig/arpwatch
D.1.2. /etc/sysconfig/authconfig
D.1.3. /etc/sysconfig/autofs
D.1.4. /etc/sysconfig/clock
D.1.5. /etc/sysconfig/dhcpd
D.1.6. /etc/sysconfig/firstboot
D.1.7. /etc/sysconfig/i18n
D.1.8. /etc/sysconfig/init
D.1.9. /etc/sysconfig/ip6tables-config
D.1.10. /etc/sysconfig/keyboard
D.1.11. /etc/sysconfig/ldap
D.1.12. /etc/sysconfig/named
D.1.13. /etc/sysconfig/network
D.1.14. /etc/sysconfig/ntpd
D.1.15. /etc/sysconfig/quagga
D.1.16. /etc/sysconfig/radvd
D.1.17. /etc/sysconfig/samba
D.1.18. /etc/sysconfig/selinux
D.1.19. /etc/sysconfig/sendmail
D.1.20. /etc/sysconfig/spamassassin
D.1.21. /etc/sysconfig/squid
D.1.22. /etc/sysconfig/system-config-users
D.1.23. /etc/sysconfig/vncservers
D.1.24. /etc/sysconfig/xinetd
D.2. Directories in the /etc/sysconfig/ Directory
D.3. Additional Resources
D.3.1. Installed Documentation
E. The proc File System
E.1. A Virtual File System
E.1.1. Viewing Virtual Files
E.1.2. Changing Virtual Files
E.2. Top-level Files within the proc File System
E.2.1. /proc/buddyinfo
E.2.2. /proc/cmdline
E.2.3. /proc/cpuinfo
E.2.4. /proc/crypto
E.2.5. /proc/devices
E.2.6. /proc/dma
E.2.7. /proc/execdomains
E.2.8. /proc/fb
E.2.9. /proc/filesystems
E.2.10. /proc/interrupts
E.2.11. /proc/iomem
E.2.12. /proc/ioports
E.2.13. /proc/kcore
E.2.14. /proc/kmsg
E.2.15. /proc/loadavg
E.2.16. /proc/locks
E.2.17. /proc/mdstat
E.2.18. /proc/meminfo
E.2.19. /proc/misc
E.2.20. /proc/modules
E.2.21. /proc/mounts
E.2.22. /proc/mtrr
E.2.23. /proc/partitions
E.2.24. /proc/slabinfo
E.2.25. /proc/stat
E.2.26. /proc/swaps
E.2.27. /proc/sysrq-trigger
E.2.28. /proc/uptime
E.2.29. /proc/version
E.3. Directories within /proc/
E.3.1. Process Directories
E.3.2. /proc/bus/
E.3.3. /proc/bus/pci
E.3.4. /proc/driver/
E.3.5. /proc/fs
E.3.6. /proc/irq/
E.3.7. /proc/net/
E.3.8. /proc/scsi/
E.3.9. /proc/sys/
E.3.10. /proc/sysvipc/
E.3.11. /proc/tty/
E.3.12. /proc/PID/
E.4. Using the sysctl Command
E.5. References
F. Revision History
Index