Product SiteDocumentation Site

Fedora Draft Documentation

System Administrator's Guide

Deployment, Configuration, and Administration of Fedora 20

Edition 20.0.1

Jaromír Hradílek

Red Hat Engineering Content Services

Douglas Silas

Red Hat Engineering Content Services

Martin Prpič

Red Hat Engineering Content Services

Stephen Wadeley

Red Hat Engineering Content Services

Eliška Slobodová

Red Hat Engineering Content Services

Tomáš Čapek

Red Hat Engineering Content Services

Petr Kovář

Red Hat Engineering Content Services

Miroslav Svoboda

Red Hat Engineering Content Services

John Ha

Red Hat Engineering Content Services

David O'Brien

Red Hat Engineering Content Services

Michael Hideo

Red Hat Engineering Content Services

Don Domingo

Red Hat Engineering Content Services

Legal Notice

Copyright © 2014 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.
Abstract
The System Administrator's Guide documents relevant information regarding the deployment, configuration, and administration of Fedora 20. It is oriented towards system administrators with a basic understanding of the system.

Preface
1. Target Audience
2. How to Read this Book
3. Document Conventions
3.1. Typographic Conventions
3.2. Pull-quote Conventions
3.3. Notes and Warnings
4. We Need Feedback!
5. Acknowledgments
I. Basic System Configuration
1. Opening Graphical Applications
1.1. Opening graphical applications from the command line
1.2. Launching Applications with Alt+F2
1.3. Launching applications from the Desktop Menu
1.3.1. Using GNOME menus
1.3.2. Using KDE menus
1.3.3. Using menus in LXDE, MATE, and XFCE
2. Configuring the Language and Keyboard
2.1. Changing the Language
2.2. Changing the Date, Time, and Numeric Format
2.3. Changing the Keyboard Layout
2.4. Viewing the Current Configuration
3. Configuring the Date and Time
3.1. Using the Date and Time Configuration Tool
3.2. Using the Command Line Tools
3.2.1. Changing the Date
3.2.2. Changing the Time
3.2.3. Configuring the Network Time Protocol
3.3. Additional Resources
3.3.1. Installed Documentation
4. Managing Users and Groups
4.1. Introduction to Users and Groups
4.1.1. User Private Groups
4.1.2. Shadow Passwords
4.2. Using the User Accounts Tool
4.2.1. Configuring an Account
4.2.2. Adding a New User
4.2.3. Removing a User
4.3. Using the User Manager Tool
4.3.1. Viewing Users and Groups
4.3.2. Adding a New User
4.3.3. Adding a New Group
4.3.4. Modifying User Properties
4.3.5. Modifying Group Properties
4.4. Using Command Line Tools
4.4.1. Adding a New User
4.4.2. Adding a New Group
4.4.3. Enabling Password Aging
4.4.4. Enabling Automatic Logouts
4.4.5. Creating Group Directories
4.5. Additional Resources
4.5.1. Installed Documentation
II. Package Management
5. Yum
5.1. Checking For and Updating Packages
5.1.1. Checking For Updates
5.1.2. Updating Packages
5.1.3. Preserving Configuration File Changes
5.2. Packages and Package Groups
5.2.1. Searching Packages
5.2.2. Listing Packages
5.2.3. Displaying Package Information
5.2.4. Installing Packages
5.2.5. Removing Packages
5.2.6. Working with Transaction History
5.3. Configuring Yum and Yum Repositories
5.3.1. Setting [main] Options
5.3.2. Setting [repository] Options
5.3.3. Using Yum Variables
5.3.4. Viewing the Current Configuration
5.3.5. Adding, Enabling, and Disabling a Yum Repository
5.3.6. Creating a Yum Repository
5.4. Yum Plug-ins
5.4.1. Enabling, Configuring, and Disabling Yum Plug-ins
5.4.2. Installing Additional Yum Plug-ins
5.4.3. Plug-in Descriptions
5.5. Additional Resources
6. PackageKit
6.1. Updating Packages with Software Update
6.1.1. Setting the Update-Checking Interval
6.1.2. Setting the Software Sources
6.2. Using Add/Remove Software
6.2.1. Refreshing Software Sources (Yum Repositories)
6.2.2. Finding Packages with Filters
6.2.3. Installing and Removing Packages (and Dependencies)
6.2.4. Installing and Removing Package Groups
6.2.5. Viewing the Transaction Log
6.3. PackageKit Architecture
6.4. Additional Resources
III. Infrastructure Services
7. Services and Daemons
7.1. Configuring Services
7.1.1. Enabling the Service
7.1.2. Disabling the Service
7.2. Running Services
7.2.1. Checking the Service Status
7.2.2. Running the Service
7.2.3. Stopping the Service
7.2.4. Restarting the Service
7.3. Additional Resources
7.3.1. Installed Documentation
7.3.2. Related Books
8. Configuring Authentication
8.1. Configuring System Authentication
8.1.1. Launching the Authentication Configuration Tool UI
8.1.2. Selecting the Identity Store for Authentication
8.1.3. Configuring Alternative Authentication Features
8.1.4. Setting Password Options
8.1.5. Configuring Authentication from the Command Line
8.1.6. Using Custom Home Directories
8.2. Using and Caching Credentials with SSSD
8.2.1. About the sssd.conf File
8.2.2. Starting and Stopping SSSD
8.2.3. Configuring SSSD to Work with System Services
8.2.4. Creating Domains
8.2.5. Configuring Access Control for SSSD Domains
8.2.6. Configuring Domain Failover
8.2.7. Managing the SSSD Cache
8.2.8. Configuring OpenSSH to Check SSSD for Cached Keys (TECH PREVIEW)
8.2.9. Using NSCD with SSSD
8.2.10. Troubleshooting SSSD
9. OpenSSH
9.1. The SSH Protocol
9.1.1. Why Use SSH?
9.1.2. Main Features
9.1.3. Protocol Versions
9.1.4. Event Sequence of an SSH Connection
9.2. An OpenSSH Configuration
9.2.1. Configuration Files
9.2.2. Starting an OpenSSH Server
9.2.3. Requiring SSH for Remote Connections
9.2.4. Using a Key-Based Authentication
9.3. OpenSSH Clients
9.3.1. Using the ssh Utility
9.3.2. Using the scp Utility
9.3.3. Using the sftp Utility
9.4. More Than a Secure Shell
9.4.1. X11 Forwarding
9.4.2. Port Forwarding
9.5. Additional Resources
9.5.1. Installed Documentation
9.5.2. Useful Websites
IV. Servers
10. Web Servers
10.1. The Apache HTTP Server
10.1.1. New Features
10.1.2. Notable Changes
10.1.3. Updating the Configuration
10.1.4. Running the httpd Service
10.1.5. Editing the Configuration Files
10.1.6. Working with Modules
10.1.7. Setting Up Virtual Hosts
10.1.8. Setting Up an SSL Server
10.1.9. Additional Resources
11. Mail Servers
11.1. Email Protocols
11.1.1. Mail Transport Protocols
11.1.2. Mail Access Protocols
11.2. Email Program Classifications
11.2.1. Mail Transport Agent
11.2.2. Mail Delivery Agent
11.2.3. Mail User Agent
11.3. Mail Transport Agents
11.3.1. Postfix
11.3.2. Sendmail
11.3.3. Fetchmail
11.3.4. Mail Transport Agent (MTA) Configuration
11.4. Mail Delivery Agents
11.4.1. Procmail Configuration
11.4.2. Procmail Recipes
11.5. Mail User Agents
11.5.1. Securing Communication
11.6. Additional Resources
11.6.1. Installed Documentation
11.6.2. Useful Websites
11.6.3. Related Books
12. Directory Servers
12.1. OpenLDAP
12.1.1. Introduction to LDAP
12.1.2. Installing the OpenLDAP Suite
12.1.3. Configuring an OpenLDAP Server
12.1.4. Running an OpenLDAP Server
12.1.5. Configuring a System to Authenticate Using OpenLDAP
12.1.6. Additional Resources
13. File and Print Servers
13.1. Samba
13.1.1. Introduction to Samba
13.1.2. Samba Daemons and Related Services
13.1.3. Connecting to a Samba Share
13.1.4. Configuring a Samba Server
13.1.5. Starting and Stopping Samba
13.1.6. Samba Server Types and the smb.conf File
13.1.7. Samba Security Modes
13.1.8. Samba Account Information Databases
13.1.9. Samba Network Browsing
13.1.10. Samba with CUPS Printing Support
13.1.11. Samba Distribution Programs
13.1.12. Additional Resources
13.2. FTP
13.2.1. The File Transfer Protocol
13.2.2. FTP Servers
13.2.3. Files Installed with vsftpd
13.2.4. Starting and Stopping vsftpd
13.2.5. vsftpd Configuration Options
13.2.6. Additional Resources
13.3. Printer Configuration
13.3.1. Starting the Printer Configuration Tool
13.3.2. Starting Printer Setup
13.3.3. Adding a Local Printer
13.3.4. Adding an AppSocket/HP JetDirect printer
13.3.5. Adding an IPP Printer
13.3.6. Adding an LPD/LPR Host or Printer
13.3.7. Adding a Samba (SMB) printer
13.3.8. Selecting the Printer Model and Finishing
13.3.9. Printing a test page
13.3.10. Modifying Existing Printers
13.3.11. Additional Resources
14. Configuring NTP Using the chrony Suite
14.1. Introduction to the chrony Suite
14.1.1. Differences Between ntpd and chronyd
14.1.2. Choosing Between NTP Daemons
14.2. Understanding chrony and Its Configuration
14.2.1. Understanding chronyd
14.2.2. Understanding chronyc
14.2.3. Understanding the chrony Configuration Commands
14.2.4. Security with chronyc
14.3. Using chrony
14.3.1. Checking if chrony is Installed
14.3.2. Installing chrony
14.3.3. Checking the Status of chronyd
14.3.4. Starting chronyd
14.3.5. Stopping chronyd
14.3.6. Checking if chrony is Synchronized
14.3.7. Manually Adjusting the System Clock
14.4. Setting Up chrony for Different Environments
14.4.1. Setting Up chrony for a System Which is Infrequently Connected
14.4.2. Setting Up chrony for a System in an Isolated Network
14.5. Using chronyc
14.5.1. Using chronyc to Control chronyd
14.5.2. Using chronyc for Remote Administration
14.6. Additional Resources
14.6.1. Installed Documentation
14.6.2. Useful Websites
15. Configuring NTP Using ntpd
15.1. Introduction to NTP
15.2. NTP Strata
15.3. Understanding NTP
15.4. Understanding the Drift File
15.5. UTC, Timezones, and DST
15.6. Authentication Options for NTP
15.7. Managing the Time on Virtual Machines
15.8. Understanding Leap Seconds
15.9. Understanding the ntpd Configuration File
15.10. Understanding the ntpd Sysconfig File
15.11. Disabling chrony
15.12. Checking if the NTP Daemon is Installed
15.13. Installing the NTP Daemon (ntpd)
15.14. Checking the Status of NTP
15.15. Configure the Firewall to Allow Incoming NTP Packets
15.15.1. Change the Firewall Settings
15.15.2. Open Ports in the Firewall for NTP Packets
15.16. Configure NTP
15.16.1. Configure Access Control to an NTP Service
15.16.2. Configure Rate Limiting Access to an NTP Service
15.16.3. Adding a Peer Address
15.16.4. Adding a Server Address
15.16.5. Adding a Broadcast or Multicast Server Address
15.16.6. Adding a Manycast Client Address
15.16.7. Adding a Broadcast Client Address
15.16.8. Adding a Manycast Server Address
15.16.9. Adding a Multicast Client Address
15.16.10. Configuring the Burst Option
15.16.11. Configuring the iburst Option
15.16.12. Configuring Symmetric Authentication Using a Key
15.16.13. Configuring the Poll Interval
15.16.14. Configuring Server Preference
15.16.15. Configuring the Time-to-Live for NTP Packets
15.16.16. Configuring the NTP Version to Use
15.17. Configuring the Hardware Clock Update
15.18. Configuring Clock Sources
15.19. Additional Resources
15.19.1. Installed Documentation
15.19.2. Useful Websites
16. Configuring PTP Using ptp4l
16.1. Introduction to PTP
16.1.1. Understanding PTP
16.1.2. Advantages of PTP
16.2. Using PTP
16.2.1. Checking for Driver and Hardware Support
16.2.2. Installing PTP
16.2.3. Starting ptp4l
16.3. Specifying a Configuration File
16.4. Using the PTP Management Client
16.5. Synchronizing the Clocks
16.6. Verifying Time Synchronization
16.7. Serving PTP Time with NTP
16.8. Serving NTP Time with PTP
16.9. Improving Accuracy
16.10. Additional Resources
16.10.1. Installed Documentation
16.10.2. Useful Websites
V. Monitoring and Automation
17. System Monitoring Tools
17.1. Viewing System Processes
17.1.1. Using the ps Command
17.1.2. Using the top Command
17.1.3. Using the System Monitor Tool
17.2. Viewing Memory Usage
17.2.1. Using the free Command
17.2.2. Using the System Monitor Tool
17.3. Viewing CPU Usage
17.3.1. Using the System Monitor Tool
17.4. Viewing Block Devices and File Systems
17.4.1. Using the lsblk Command
17.4.2. Using the blkid Command
17.4.3. Using the partx Command
17.4.4. Using the findmnt Command
17.4.5. Using the df Command
17.4.6. Using the du Command
17.4.7. Using the System Monitor Tool
17.5. Viewing Hardware Information
17.5.1. Using the lspci Command
17.5.2. Using the lsusb Command
17.5.3. Using the lspcmcia Command
17.5.4. Using the lscpu Command
17.6. Monitoring Performance with Net-SNMP
17.6.1. Installing Net-SNMP
17.6.2. Running the Net-SNMP Daemon
17.6.3. Configuring Net-SNMP
17.6.4. Retrieving Performance Data over SNMP
17.6.5. Extending Net-SNMP
17.7. Additional Resources
17.7.1. Installed Documentation
18. Viewing and Managing Log Files
18.1. Configuring rsyslog
18.1.1. Global Directives
18.1.2. Modules
18.1.3. Rules
18.1.4. rsyslog Command Line Configuration
18.2. Locating Log Files
18.2.1. Configuring logrotate
18.3. Viewing Log Files
18.4. Adding a Log File
18.5. Monitoring Log Files
18.6. Additional Resources
18.6.1. Installed Documentation
18.6.2. Useful Websites
19. Automating System Tasks
19.1. Cron and Anacron
19.1.1. Starting and Stopping the Service
19.1.2. Configuring Anacron Jobs
19.1.3. Configuring Cron Jobs
19.1.4. Controlling Access to Cron
19.1.5. Black/White Listing of Cron Jobs
19.2. At and Batch
19.2.1. Configuring At Jobs
19.2.2. Configuring Batch Jobs
19.2.3. Viewing Pending Jobs
19.2.4. Additional Command Line Options
19.2.5. Controlling Access to At and Batch
19.2.6. Starting and Stopping the Service
19.3. Additional Resources
19.3.1. Installed Documentation
20. Automatic Bug Reporting Tool (ABRT)
20.1. Overview
20.2. Installing ABRT and Starting its Services
20.3. Running ABRT
20.3.1. Using the Graphical User Interface
20.3.2. Using the Command Line Interface
20.4. Configuring ABRT
20.4.1. ABRT Events
20.4.2. Standard ABRT Installation Supported Events
20.4.3. Event Configuration in ABRT GUI
20.4.4. ABRT Specific Configuration
20.4.5. Configuring Automatic Reporting
20.4.6. Uploading and reporting using a proxy server
20.5. Configuring Centralized Crash Collection
20.5.1. Configuration Steps Required on a Dedicated System
20.5.2. Configuration Steps Required on a Client System
20.5.3. Saving Package Information
20.5.4. Testing ABRT's Crash Detection
21. OProfile
21.1. Overview of Tools
21.2. Configuring OProfile
21.2.1. Specifying the Kernel
21.2.2. Setting Events to Monitor
21.2.3. Separating Kernel and User-space Profiles
21.3. Starting and Stopping OProfile
21.4. Saving Data
21.5. Analyzing the Data
21.5.1. Using opreport
21.5.2. Using opreport on a Single Executable
21.5.3. Getting more detailed output on the modules
21.5.4. Using opannotate
21.6. Understanding /dev/oprofile/
21.7. Example Usage
21.8. OProfile Support for Java
21.8.1. Profiling Java Code
21.9. Graphical Interface
21.10. OProfile and SystemTap
21.11. Additional Resources
21.11.1. Installed Docs
21.11.2. Useful Websites
VI. Kernel, Module and Driver Configuration
22. Manually Upgrading the Kernel
22.1. Overview of Kernel Packages
22.2. Preparing to Upgrade
22.3. Downloading the Upgraded Kernel
22.4. Performing the Upgrade
22.5. Verifying the Initial RAM Disk Image
22.6. Verifying the Boot Loader
22.6.1. Configuring the GRUB 2 Boot Loader
22.6.2. Configuring the OS/400 Boot Loader
22.6.3. Configuring the YABOOT Boot Loader
23. Working with Kernel Modules
23.1. Listing Currently-Loaded Modules
23.2. Displaying Information About a Module
23.3. Loading a Module
23.4. Unloading a Module
23.5. Setting Module Parameters
23.6. Persistent Module Loading
23.7. Specific Kernel Module Capabilities
23.7.1. Using Multiple Ethernet Cards
23.7.2. Using Channel Bonding
23.8. Additional Resources
23.8.1. Installed Documentation
23.8.2. Useful Websites
24. The kdump Crash Recovery Service
24.1. Installing the kdump Service
24.2. Configuring the kdump Service
24.2.1. Configuring the kdump at First Boot
24.2.2. Using the Kernel Dump Configuration Utility
24.2.3. Configuring kdump on the Command Line
24.2.4. Testing the Configuration
24.3. Analyzing the Core Dump
24.3.1. Running the crash Utility
24.3.2. Displaying the Message Buffer
24.3.3. Displaying a Backtrace
24.3.4. Displaying a Process Status
24.3.5. Displaying Virtual Memory Information
24.3.6. Displaying Open Files
24.3.7. Exiting the Utility
24.4. Additional Resources
24.4.1. Installed Documentation
24.4.2. Useful Websites
A. RPM
A.1. RPM Design Goals
A.2. Using RPM
A.2.1. Finding RPM Packages
A.2.2. Installing and Upgrading
A.2.3. Configuration File Changes
A.2.4. Uninstalling
A.2.5. Freshening
A.2.6. Querying
A.2.7. Verifying
A.3. Checking a Package's Signature
A.3.1. Importing Keys
A.3.2. Verifying Signature of Packages
A.4. Practical and Common Examples of RPM Usage
A.5. Additional Resources
A.5.1. Installed Documentation
A.5.2. Useful Websites
A.5.3. Related Books
B. The X Window System
B.1. The X Server
B.2. Desktop Environments and Window Managers
B.2.1. Desktop Environments
B.2.2. Window Managers
B.3. X Server Configuration Files
B.3.1. The Structure of the Configuration
B.3.2. The xorg.conf.d Directory
B.3.3. The xorg.conf File
B.4. Fonts
B.4.1. Adding Fonts to Fontconfig
B.5. Runlevels and X
B.5.1. Runlevel 3
B.5.2. Runlevel 5
B.6. Additional Resources
B.6.1. Installed Documentation
B.6.2. Useful Websites
C. Revision History
Index