Product SiteDocumentation Site

Fedora 17

System Administrator's Guide

Deployment, Configuration, and Administration of Fedora 17

Edition 1

Jaromír Hradílek

Red Hat, Inc. Engineering Content Services

Douglas Silas

Red Hat, Inc. Engineering Content Services

Martin Prpič

Red Hat, Inc. Engineering Content Services

Stephen Wadeley

Red Hat, Inc. Engineering Content Services

Eliška Slobodová

Red Hat, Inc. Engineering Content Services

Tomáš Čapek

Red Hat, Inc. Engineering Content Services

Petr Kovář

Red Hat, Inc. Engineering Content Services

John Ha

Red Hat, Inc. Engineering Content Services

David O'Brien

Red Hat, Inc. Engineering Content Services

Michael Hideo

Red Hat, Inc. Engineering Content Services

Don Domingo

Red Hat, Inc. Engineering Content Services

Legal Notice

Copyright © 2012 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.
Abstract
The System Administrator's Guide documents relevant information regarding the deployment, configuration, and administration of Fedora 17. It is oriented towards system administrators with a basic understanding of the system.

Preface
1. Target Audience
2. How to Read this Book
3. Document Conventions
3.1. Typographic Conventions
3.2. Pull-quote Conventions
3.3. Notes and Warnings
4. We Need Feedback!
5. Acknowledgments
I. Basic System Configuration
1. Configuring the Language and Keyboard
1.1. Changing the Language
1.2. Changing the Date, Time, and Numeric Format
1.3. Changing the Keyboard Layout
1.4. Viewing the Current Configuration
2. Configuring the Date and Time
2.1. Using the Date and Time Configuration Tool
2.2. Using the Command Line Tools
2.2.1. Changing the Date
2.2.2. Changing the Time
2.2.3. Configuring the Network Time Protocol
2.3. Additional Resources
2.3.1. Installed Documentation
3. Managing Users and Groups
3.1. Introduction to Users and Groups
3.1.1. User Private Groups
3.1.2. Shadow Passwords
3.2. Using the User Accounts Tool
3.2.1. Configuring an Account
3.2.2. Adding a New User
3.2.3. Removing a User
3.3. Using the User Manager Tool
3.3.1. Viewing Users and Groups
3.3.2. Adding a New User
3.3.3. Adding a New Group
3.3.4. Modifying User Properties
3.3.5. Modifying Group Properties
3.4. Using Command Line Tools
3.4.1. Adding a New User
3.4.2. Adding a New Group
3.4.3. Enabling Password Aging
3.4.4. Enabling Automatic Logouts
3.4.5. Creating Group Directories
3.5. Additional Resources
3.5.1. Installed Documentation
II. Package Management
4. Yum
4.1. Checking For and Updating Packages
4.1.1. Checking For Updates
4.1.2. Updating Packages
4.1.3. Preserving Configuration File Changes
4.2. Packages and Package Groups
4.2.1. Searching Packages
4.2.2. Listing Packages
4.2.3. Displaying Package Information
4.2.4. Installing Packages
4.2.5. Removing Packages
4.2.6. Working with Transaction History
4.3. Configuring Yum and Yum Repositories
4.3.1. Setting [main] Options
4.3.2. Setting [repository] Options
4.3.3. Using Yum Variables
4.3.4. Viewing the Current Configuration
4.3.5. Adding, Enabling, and Disabling a Yum Repository
4.3.6. Creating a Yum Repository
4.4. Yum Plug-ins
4.4.1. Enabling, Configuring, and Disabling Yum Plug-ins
4.4.2. Installing Additional Yum Plug-ins
4.4.3. Plug-in Descriptions
4.5. Additional Resources
5. PackageKit
5.1. Updating Packages with Software Update
5.1.1. Setting the Update-Checking Interval
5.1.2. Setting the Software Sources
5.2. Using Add/Remove Software
5.2.1. Refreshing Software Sources (Yum Repositories)
5.2.2. Finding Packages with Filters
5.2.3. Installing and Removing Packages (and Dependencies)
5.2.4. Installing and Removing Package Groups
5.2.5. Viewing the Transaction Log
5.3. PackageKit Architecture
5.4. Additional Resources
III. Networking
6. NetworkManager
6.1. The NetworkManager Daemon
6.2. Interacting with NetworkManager
6.2.1. Connecting to a Network
6.2.2. Configuring New and Editing Existing Connections
6.2.3. Connecting to a Network Automatically
6.2.4. User and System Connections
6.3. Establishing Connections
6.3.1. Establishing a Wired (Ethernet) Connection
6.3.2. Establishing a Wireless Connection
6.3.3. Establishing a Mobile Broadband Connection
6.3.4. Establishing a VPN Connection
6.3.5. Establishing a DSL Connection
6.3.6. Establishing Routes
6.4. Configuring Connection Settings
6.4.1. Configuring 802.1x Security
6.4.2. Configuring Wireless Security
6.4.3. Configuring PPP (Point-to-Point) Settings
6.4.4. Configuring IPv4 Settings
6.4.5. Configuring IPv6 Settings
6.5. NetworkManager Architecture
7. Network Interfaces
7.1. Network Configuration Files
7.2. Interface Configuration Files
7.2.1. Ethernet Interfaces
7.2.2. Channel Bonding Interfaces
7.2.3. Network Bridge
7.2.4. Setting Up 802.1q VLAN Tagging
7.2.5. Alias and Clone Files
7.2.6. Dialup Interfaces
7.2.7. Other Interfaces
7.3. Interface Control Scripts
7.4. Static Routes and the Default Gateway
7.5. Network Function Files
7.6. Additional Resources
7.6.1. Installed Documentation
7.6.2. Useful Websites
IV. Infrastructure Services
8. Services and Daemons
8.1. Configuring Services
8.1.1. Enabling the Service
8.1.2. Disabling the Service
8.2. Running Services
8.2.1. Checking the Service Status
8.2.2. Running the Service
8.2.3. Stopping the Service
8.2.4. Restarting the Service
8.3. Additional Resources
8.3.1. Installed Documentation
8.3.2. Related Books
9. Configuring Authentication
9.1. The Authentication Configuration Tool
9.1.1. Identity & Authentication
9.1.2. Advanced Options
9.1.3. Command Line Version
9.2. The System Security Services Daemon (SSSD)
9.2.1. What is SSSD?
9.2.2. SSSD Features
9.2.3. Setting Up SSSD
9.2.4. Configuring Services
9.2.5. Configuring Domains
9.2.6. Setting Up Kerberos Authentication
9.2.7. Configuring a Proxy Domain
9.2.8. Troubleshooting
9.2.9. SSSD Configuration File Format
10. OpenSSH
10.1. The SSH Protocol
10.1.1. Why Use SSH?
10.1.2. Main Features
10.1.3. Protocol Versions
10.1.4. Event Sequence of an SSH Connection
10.2. An OpenSSH Configuration
10.2.1. Configuration Files
10.2.2. Starting an OpenSSH Server
10.2.3. Requiring SSH for Remote Connections
10.2.4. Using a Key-Based Authentication
10.3. OpenSSH Clients
10.3.1. Using the ssh Utility
10.3.2. Using the scp Utility
10.3.3. Using the sftp Utility
10.4. More Than a Secure Shell
10.4.1. X11 Forwarding
10.4.2. Port Forwarding
10.5. Additional Resources
10.5.1. Installed Documentation
10.5.2. Useful Websites
V. Servers
11. DHCP Servers
11.1. Why Use DHCP?
11.2. Configuring a DHCP Server
11.2.1. Configuration File
11.2.2. Lease Database
11.2.3. Starting and Stopping the Server
11.2.4. DHCP Relay Agent
11.3. Configuring a DHCP Client
11.4. Configuring a Multihomed DHCP Server
11.4.1. Host Configuration
11.5. DHCP for IPv6 (DHCPv6)
11.6. Additional Resources
11.6.1. Installed Documentation
12. DNS Servers
12.1. Introduction to DNS
12.1.1. Nameserver Zones
12.1.2. Nameserver Types
12.1.3. BIND as a Nameserver
12.2. BIND
12.2.1. Configuring the named Service
12.2.2. Editing Zone Files
12.2.3. Using the rndc Utility
12.2.4. Using the dig Utility
12.2.5. Advanced Features of BIND
12.2.6. Common Mistakes to Avoid
12.2.7. Additional Resources
13. Web Servers
13.1. The Apache HTTP Server
13.1.1. New Features
13.1.2. Notable Changes
13.1.3. Updating the Configuration
13.1.4. Running the httpd Service
13.1.5. Editing the Configuration Files
13.1.6. Working with Modules
13.1.7. Setting Up Virtual Hosts
13.1.8. Setting Up an SSL Server
13.1.9. Additional Resources
14. Mail Servers
14.1. Email Protocols
14.1.1. Mail Transport Protocols
14.1.2. Mail Access Protocols
14.2. Email Program Classifications
14.2.1. Mail Transport Agent
14.2.2. Mail Delivery Agent
14.2.3. Mail User Agent
14.3. Mail Transport Agents
14.3.1. Postfix
14.3.2. Sendmail
14.3.3. Fetchmail
14.3.4. Mail Transport Agent (MTA) Configuration
14.4. Mail Delivery Agents
14.4.1. Procmail Configuration
14.4.2. Procmail Recipes
14.5. Mail User Agents
14.5.1. Securing Communication
14.6. Additional Resources
14.6.1. Installed Documentation
14.6.2. Useful Websites
14.6.3. Related Books
15. Directory Servers
15.1. OpenLDAP
15.1.1. Introduction to LDAP
15.1.2. Installing the OpenLDAP Suite
15.1.3. Configuring an OpenLDAP Server
15.1.4. Running an OpenLDAP Server
15.1.5. Configuring a System to Authenticate Using OpenLDAP
15.1.6. Additional Resources
16. File and Print Servers
16.1. Samba
16.1.1. Introduction to Samba
16.1.2. Samba Daemons and Related Services
16.1.3. Connecting to a Samba Share
16.1.4. Configuring a Samba Server
16.1.5. Starting and Stopping Samba
16.1.6. Samba Server Types and the smb.conf File
16.1.7. Samba Security Modes
16.1.8. Samba Account Information Databases
16.1.9. Samba Network Browsing
16.1.10. Samba with CUPS Printing Support
16.1.11. Samba Distribution Programs
16.1.12. Additional Resources
16.2. FTP
16.2.1. The File Transfer Protocol
16.2.2. FTP Servers
16.2.3. Files Installed with vsftpd
16.2.4. Starting and Stopping vsftpd
16.2.5. vsftpd Configuration Options
16.2.6. Additional Resources
16.3. Printer Configuration
16.3.1. Starting the Printer Configuration Tool
16.3.2. Starting Printer Setup
16.3.3. Adding a Local Printer
16.3.4. Adding an AppSocket/HP JetDirect printer
16.3.5. Adding an IPP Printer
16.3.6. Adding an LPD/LPR Host or Printer
16.3.7. Adding a Samba (SMB) printer
16.3.8. Selecting the Printer Model and Finishing
16.3.9. Printing a test page
16.3.10. Modifying Existing Printers
16.3.11. Additional Resources
VI. Monitoring and Automation
17. System Monitoring Tools
17.1. Viewing System Processes
17.1.1. Using the ps Command
17.1.2. Using the top Command
17.1.3. Using the System Monitor Tool
17.2. Viewing Memory Usage
17.2.1. Using the free Command
17.2.2. Using the System Monitor Tool
17.3. Viewing CPU Usage
17.3.1. Using the System Monitor Tool
17.4. Viewing Block Devices and File Systems
17.4.1. Using the lsblk Command
17.4.2. Using the blkid Command
17.4.3. Using the partx Command
17.4.4. Using the findmnt Command
17.4.5. Using the df Command
17.4.6. Using the du Command
17.4.7. Using the System Monitor Tool
17.5. Viewing Hardware Information
17.5.1. Using the lspci Command
17.5.2. Using the lsusb Command
17.5.3. Using the lspcmcia Command
17.5.4. Using the lscpu Command
17.6. Monitoring Performance with Net-SNMP
17.6.1. Installing Net-SNMP
17.6.2. Running the Net-SNMP Daemon
17.6.3. Configuring Net-SNMP
17.6.4. Retrieving Performance Data over SNMP
17.6.5. Extending Net-SNMP
17.7. Additional Resources
17.7.1. Installed Documentation
18. Viewing and Managing Log Files
18.1. Configuring rsyslog
18.1.1. Global Directives
18.1.2. Modules
18.1.3. Rules
18.1.4. rsyslog Command Line Configuration
18.2. Locating Log Files
18.2.1. Configuring logrotate
18.3. Viewing Log Files
18.4. Adding a Log File
18.5. Monitoring Log Files
18.6. Additional Resources
18.6.1. Installed Documentation
18.6.2. Useful Websites
19. Automating System Tasks
19.1. Cron and Anacron
19.1.1. Starting and Stopping the Service
19.1.2. Configuring Anacron Jobs
19.1.3. Configuring Cron Jobs
19.1.4. Controlling Access to Cron
19.1.5. Black/White Listing of Cron Jobs
19.2. At and Batch
19.2.1. Configuring At Jobs
19.2.2. Configuring Batch Jobs
19.2.3. Viewing Pending Jobs
19.2.4. Additional Command Line Options
19.2.5. Controlling Access to At and Batch
19.2.6. Starting and Stopping the Service
19.3. Additional Resources
19.3.1. Installed Documentation
20. OProfile
20.1. Overview of Tools
20.2. Configuring OProfile
20.2.1. Specifying the Kernel
20.2.2. Setting Events to Monitor
20.2.3. Separating Kernel and User-space Profiles
20.3. Starting and Stopping OProfile
20.4. Saving Data
20.5. Analyzing the Data
20.5.1. Using opreport
20.5.2. Using opreport on a Single Executable
20.5.3. Getting more detailed output on the modules
20.5.4. Using opannotate
20.6. Understanding /dev/oprofile/
20.7. Example Usage
20.8. OProfile Support for Java
20.8.1. Profiling Java Code
20.9. Graphical Interface
20.10. OProfile and SystemTap
20.11. Additional Resources
20.11.1. Installed Docs
20.11.2. Useful Websites
VII. Kernel, Module and Driver Configuration
21. Manually Upgrading the Kernel
21.1. Overview of Kernel Packages
21.2. Preparing to Upgrade
21.3. Downloading the Upgraded Kernel
21.4. Performing the Upgrade
21.5. Verifying the Initial RAM Disk Image
21.6. Verifying the Boot Loader
21.6.1. Configuring the GRUB 2 Boot Loader
21.6.2. Configuring the OS/400 Boot Loader
21.6.3. Configuring the YABOOT Boot Loader
22. Working with Kernel Modules
22.1. Listing Currently-Loaded Modules
22.2. Displaying Information About a Module
22.3. Loading a Module
22.4. Unloading a Module
22.5. Setting Module Parameters
22.6. Persistent Module Loading
22.7. Specific Kernel Module Capabilities
22.7.1. Using Multiple Ethernet Cards
22.7.2. Using Channel Bonding
22.8. Additional Resources
22.8.1. Installed Documentation
22.8.2. Useful Websites
23. The kdump Crash Recovery Service
23.1. Installing the kdump Service
23.2. Configuring the kdump Service
23.2.1. Configuring the kdump at First Boot
23.2.2. Using the Kernel Dump Configuration Utility
23.2.3. Configuring kdump on the Command Line
23.2.4. Testing the Configuration
23.3. Analyzing the Core Dump
23.3.1. Running the crash Utility
23.3.2. Displaying the Message Buffer
23.3.3. Displaying a Backtrace
23.3.4. Displaying a Process Status
23.3.5. Displaying Virtual Memory Information
23.3.6. Displaying Open Files
23.3.7. Exiting the Utility
23.4. Additional Resources
23.4.1. Installed Documentation
23.4.2. Useful Websites
A. Consistent Network Device Naming
A.1. Affected Systems
A.2. System Requirements
A.3. Enabling and Disabling the Feature
A.4. Notes for Administrators
B. RPM
B.1. RPM Design Goals
B.2. Using RPM
B.2.1. Finding RPM Packages
B.2.2. Installing and Upgrading
B.2.3. Configuration File Changes
B.2.4. Uninstalling
B.2.5. Freshening
B.2.6. Querying
B.2.7. Verifying
B.3. Checking a Package's Signature
B.3.1. Importing Keys
B.3.2. Verifying Signature of Packages
B.4. Practical and Common Examples of RPM Usage
B.5. Additional Resources
B.5.1. Installed Documentation
B.5.2. Useful Websites
B.5.3. Related Books
C. The X Window System
C.1. The X Server
C.2. Desktop Environments and Window Managers
C.2.1. Desktop Environments
C.2.2. Window Managers
C.3. X Server Configuration Files
C.3.1. The Structure of the Configuration
C.3.2. The xorg.conf.d Directory
C.3.3. The xorg.conf File
C.4. Fonts
C.4.1. Adding Fonts to Fontconfig
C.5. Runlevels and X
C.5.1. Runlevel 3
C.5.2. Runlevel 5
C.6. Additional Resources
C.6.1. Installed Documentation
C.6.2. Useful Websites
D. The sysconfig Directory
D.1. Files in the /etc/sysconfig/ Directory
D.1.1. /etc/sysconfig/arpwatch
D.1.2. /etc/sysconfig/authconfig
D.1.3. /etc/sysconfig/autofs
D.1.4. /etc/sysconfig/clock
D.1.5. /etc/sysconfig/dhcpd
D.1.6. /etc/sysconfig/firstboot
D.1.7. /etc/sysconfig/i18n
D.1.8. /etc/sysconfig/init
D.1.9. /etc/sysconfig/ip6tables-config
D.1.10. /etc/sysconfig/keyboard
D.1.11. /etc/sysconfig/ldap
D.1.12. /etc/sysconfig/named
D.1.13. /etc/sysconfig/network
D.1.14. /etc/sysconfig/ntpd
D.1.15. /etc/sysconfig/quagga
D.1.16. /etc/sysconfig/radvd
D.1.17. /etc/sysconfig/samba
D.1.18. /etc/sysconfig/selinux
D.1.19. /etc/sysconfig/sendmail
D.1.20. /etc/sysconfig/spamassassin
D.1.21. /etc/sysconfig/squid
D.1.22. /etc/sysconfig/system-config-users
D.1.23. /etc/sysconfig/vncservers
D.1.24. /etc/sysconfig/xinetd
D.2. Directories in the /etc/sysconfig/ Directory
D.3. Additional Resources
D.3.1. Installed Documentation
E. The proc File System
E.1. A Virtual File System
E.1.1. Viewing Virtual Files
E.1.2. Changing Virtual Files
E.2. Top-level Files within the proc File System
E.2.1. /proc/buddyinfo
E.2.2. /proc/cmdline
E.2.3. /proc/cpuinfo
E.2.4. /proc/crypto
E.2.5. /proc/devices
E.2.6. /proc/dma
E.2.7. /proc/execdomains
E.2.8. /proc/fb
E.2.9. /proc/filesystems
E.2.10. /proc/interrupts
E.2.11. /proc/iomem
E.2.12. /proc/ioports
E.2.13. /proc/kcore
E.2.14. /proc/kmsg
E.2.15. /proc/loadavg
E.2.16. /proc/locks
E.2.17. /proc/mdstat
E.2.18. /proc/meminfo
E.2.19. /proc/misc
E.2.20. /proc/modules
E.2.21. /proc/mounts
E.2.22. /proc/mtrr
E.2.23. /proc/partitions
E.2.24. /proc/slabinfo
E.2.25. /proc/stat
E.2.26. /proc/swaps
E.2.27. /proc/sysrq-trigger
E.2.28. /proc/uptime
E.2.29. /proc/version
E.3. Directories within /proc/
E.3.1. Process Directories
E.3.2. /proc/bus/
E.3.3. /proc/bus/pci
E.3.4. /proc/driver/
E.3.5. /proc/fs
E.3.6. /proc/irq/
E.3.7. /proc/net/
E.3.8. /proc/scsi/
E.3.9. /proc/sys/
E.3.10. /proc/sysvipc/
E.3.11. /proc/tty/
E.3.12. /proc/PID/
E.4. Using the sysctl Command
E.5. References
F. Revision History
Index