Product SiteDocumentation Site

Fedora 12

Deployment Guide

Deployment, configuration and administration of Fedora 12

Edition 0

Fedora Documentation Project

Douglas Silas

Red Hat, Inc Engineering Content Services

John Ha

System Administration, Kernel 
Red Hat, Inc Engineering Content Services

David O'Brien

Security 
Red Hat, Inc Engineering Content Services

Michael Hideo

System Administration 
Red Hat, Inc Engineering Content Services

Don Domingo

System Administration 
Red Hat, Inc Engineering Content Services

Michael Behm

System Administration 
Red Hat, Inc Engineering Content Services

Jeffrey Fearn

Garrett LeSage

Andrew Fitzsimon

Michael Behm

Sandra Moore

Edward Bailey

Karsten Wade

Mark Johnson

Andrius Benokraitis

Lucy Ringland


Legal Notice

Copyright © 2009 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
All other trademarks are the property of their respective owners.
Abstract
The Deployment Guide documents relevant information regarding the deployment, configuration and administration of Fedora 12.

Preface
1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. We Need Feedback!
3. Acknowledgements
Introduction
I. Package Management
1. Yum
1.1. Checking For and Updating Packages
1.1.1. Checking For Updates
1.1.2. Updating Packages
1.1.3. Updating Security-Related Packages
1.1.4. Preserving Configuration File Changes
1.2. Packages and Package Groups
1.2.1. Searching, Listing and Displaying Package Information
1.2.2. Installing
1.2.3. Removing
1.3. Configuring Yum and Yum Repositories
1.3.1. Setting [main] Options
1.3.2. Setting [repository] Options
1.3.3. Using Yum Variables
1.3.4. Creating a Yum Repository
1.4. Yum Plugins
1.4.1. Enabling, Configuring and Disabling Yum Plugins
1.4.2. Installing More Yum Plugins
1.4.3. Plugin Descriptions
1.5. Additional Resources
2. PackageKit
2.1. Updating Packages with Software Update
2.2. Using Add/Remove Software
2.2.1. Refreshing Software Sources (Yum Repositories)
2.2.2. Finding Packages with Filters
2.2.3. Installing and Removing Packages (and Dependencies)
2.2.4. Installing and Removing Package Groups
2.2.5. Viewing the Transaction Log
2.3. PackageKit Architecture
2.4. Additional Resources
3. RPM
3.1. RPM Design Goals
3.2. Using RPM
3.2.1. Finding RPM Packages
3.2.2. Installing
3.2.3. Uninstalling
3.2.4. Upgrading
3.2.5. Freshening
3.2.6. Querying
3.2.7. Verifying
3.3. Checking a Package's Signature
3.3.1. Importing Keys
3.3.2. Verifying Signature of Packages
3.4. Practical and Common Examples of RPM Usage
3.5. Additional Resources
3.5.1. Installed Documentation
3.5.2. Useful Websites
3.5.3. Related Books
II. Network-Related Configuration
4. Network Interfaces
4.1. Network Configuration Files
4.2. Interface Configuration Files
4.2.1. Ethernet Interfaces
4.2.2. IPsec Interfaces
4.2.3. Channel Bonding Interfaces
4.2.4. Alias and Clone Files
4.2.5. Dialup Interfaces
4.2.6. Other Interfaces
4.3. Interface Control Scripts
4.4. Configuring Static Routes
4.5. Network Function Files
4.6. Additional Resources
4.6.1. Installed Documentation
5. Network Configuration
5.1. Overview
5.2. Establishing an Ethernet Connection
5.3. Establishing an ISDN Connection
5.4. Establishing a Modem Connection
5.5. Establishing an xDSL Connection
5.6. Establishing a Token Ring Connection
5.7. Establishing a Wireless Connection
5.8. Managing DNS Settings
5.9. Managing Hosts
5.10. Working with Profiles
5.11. Device Aliases
5.12. Saving and Restoring the Network Configuration
6. Controlling Access to Services
6.1. Runlevels
6.2. TCP Wrappers
6.2.1. xinetd
6.3. Services Configuration Tool
6.4. ntsysv
6.5. chkconfig
6.6. Additional Resources
6.6.1. Installed Documentation
6.6.2. Useful Websites
7. Berkeley Internet Name Domain (BIND)
7.1. Introduction to DNS
7.1.1. Nameserver Zones
7.1.2. Nameserver Types
7.1.3. BIND as a Nameserver
7.2. /etc/named.conf
7.2.1. Common Statement Types
7.2.2. Other Statement Types
7.2.3. Comment Tags
7.3. Zone Files
7.3.1. Zone File Directives
7.3.2. Zone File Resource Records
7.3.3. Example Zone File
7.3.4. Reverse Name Resolution Zone Files
7.4. Using rndc
7.4.1. Configuring /etc/named.conf
7.4.2. Configuring /etc/rndc.conf
7.4.3. Command Line Options
7.5. Advanced Features of BIND
7.5.1. DNS Protocol Enhancements
7.5.2. Multiple Views
7.5.3. Security
7.5.4. IP version 6
7.6. Common Mistakes to Avoid
7.7. Additional Resources
7.7.1. Installed Documentation
7.7.2. Useful Websites
7.7.3. Related Books
8. OpenSSH
8.1. Features of SSH
8.1.1. Why Use SSH?
8.2. SSH Protocol Versions
8.3. Event Sequence of an SSH Connection
8.3.1. Transport Layer
8.3.2. Authentication
8.3.3. Channels
8.4. Configuring an OpenSSH Server
8.4.1. Requiring SSH for Remote Connections
8.5. OpenSSH Configuration Files
8.6. Configuring an OpenSSH Client
8.6.1. Using the ssh Command
8.6.2. Using the scp Command
8.6.3. Using the sftp Command
8.7. More Than a Secure Shell
8.7.1. X11 Forwarding
8.7.2. Port Forwarding
8.7.3. Generating Key Pairs
8.8. Additional Resources
8.8.1. Installed Documentation
8.8.2. Useful Websites
9. Samba
9.1. Introduction to Samba
9.1.1. Samba Features
9.2. Samba Daemons and Related Services
9.2.1. Samba Daemons
9.3. Connecting to a Samba Share
9.3.1. Command Line
9.3.2. Mounting the Share
9.4. Configuring a Samba Server
9.4.1. Graphical Configuration
9.4.2. Command Line Configuration
9.4.3. Encrypted Passwords
9.5. Starting and Stopping Samba
9.6. Samba Server Types and the smb.conf File
9.6.1. Stand-alone Server
9.6.2. Domain Member Server
9.6.3. Domain Controller
9.7. Samba Security Modes
9.7.1. User-Level Security
9.7.2. Share-Level Security
9.8. Samba Account Information Databases
9.9. Samba Network Browsing
9.9.1. Domain Browsing
9.9.2. WINS (Windows Internetworking Name Server)
9.10. Samba with CUPS Printing Support
9.10.1. Simple smb.conf Settings
9.11. Samba Distribution Programs
9.12. Additional Resources
9.12.1. Installed Documentation
9.12.2. Related Books
9.12.3. Useful Websites
10. Dynamic Host Configuration Protocol (DHCP)
10.1. Why Use DHCP?
10.2. Configuring a DHCP Server
10.2.1. Configuration File
10.2.2. Lease Database
10.2.3. Starting and Stopping the Server
10.2.4. DHCP Relay Agent
10.3. Configuring a DHCP Client
10.4. Configuring a Multihomed DHCP Server
10.4.1. Host Configuration
10.5. Additional Resources
10.5.1. Installed Documentation
11. Apache HTTP Server
11.1. Apache HTTP Server 2.2
11.1.1. Features of Apache HTTP Server 2.2
11.2. Migrating Apache HTTP Server Configuration Files
11.2.1. Migrating Apache HTTP Server 2.0 Configuration Files
11.2.2. Migrating Apache HTTP Server 1.3 Configuration Files to 2.0
11.3. Starting and Stopping httpd
11.4. Apache HTTP Server Configuration
11.4.1. Basic Settings
11.4.2. Default Settings
11.5. Configuration Directives in httpd.conf
11.5.1. General Configuration Tips
11.5.2. Configuration Directives for SSL
11.5.3. MPM Specific Server-Pool Directives
11.6. Adding Modules
11.7. Virtual Hosts
11.7.1. Setting Up Virtual Hosts
11.8. Apache HTTP Secure Server Configuration
11.8.1. An Overview of Security-Related Packages
11.8.2. An Overview of Certificates and Security
11.8.3. Using Pre-Existing Keys and Certificates
11.8.4. Types of Certificates
11.8.5. Generating a Key
11.8.6. How to configure the server to use the new key
11.9. Additional Resources
11.9.1. Useful Websites
12. FTP
12.1. The File Transfer Protocol
12.1.1. Multiple Ports, Multiple Modes
12.2. FTP Servers
12.2.1. vsftpd
12.3. Files Installed with vsftpd
12.4. Starting and Stopping vsftpd
12.4.1. Starting Multiple Copies of vsftpd
12.5. vsftpd Configuration Options
12.5.1. Daemon Options
12.5.2. Log In Options and Access Controls
12.5.3. Anonymous User Options
12.5.4. Local User Options
12.5.5. Directory Options
12.5.6. File Transfer Options
12.5.7. Logging Options
12.5.8. Network Options
12.6. Additional Resources
12.6.1. Installed Documentation
12.6.2. Useful Websites
13. Email
13.1. Email Protocols
13.1.1. Mail Transport Protocols
13.1.2. Mail Access Protocols
13.2. Email Program Classifications
13.2.1. Mail Transport Agent
13.2.2. Mail Delivery Agent
13.2.3. Mail User Agent
13.3. Mail Transport Agents
13.3.1. Sendmail
13.3.2. Postfix
13.3.3. Fetchmail
13.4. Mail Transport Agent (MTA) Configuration
13.5. Mail Delivery Agents
13.5.1. Procmail Configuration
13.5.2. Procmail Recipes
13.6. Mail User Agents
13.6.1. Securing Communication
13.7. Additional Resources
13.7.1. Installed Documentation
13.7.2. Useful Websites
13.7.3. Related Books
14. Lightweight Directory Access Protocol (LDAP)
14.1. Why Use LDAP?
14.1.1. OpenLDAP Features
14.2. LDAP Terminology
14.3. OpenLDAP Daemons and Utilities
14.3.1. NSS, PAM, and LDAP
14.3.2. PHP4, LDAP, and the Apache HTTP Server
14.3.3. LDAP Client Applications
14.4. OpenLDAP Configuration Files
14.5. The /etc/openldap/schema/ Directory
14.6. OpenLDAP Setup Overview
14.6.1. Editing /etc/openldap/slapd.conf
14.7. Configuring a System to Authenticate Using OpenLDAP
14.7.1. PAM and LDAP
14.7.2. Migrating Old Authentication Information to LDAP Format
14.8. Migrating Directories from Earlier Releases
14.9. Additional Resources
14.9.1. Installed Documentation
14.9.2. Useful Websites
14.9.3. Related Books
15. Authentication Configuration
15.1. User Information
15.2. Authentication
15.3. Options
15.4. Command Line Version
III. System Configuration
16. Console Access
16.1. Disabling Shutdown Via Ctrl+Alt+Del
16.2. Disabling Console Program Access
16.3. Defining the Console
16.4. Making Files Accessible From the Console
16.5. Enabling Console Access for Other Applications
16.6. The floppy Group
17. The sysconfig Directory
17.1. Files in the /etc/sysconfig/ Directory
17.1.1. /etc/sysconfig/amd
17.1.2. /etc/sysconfig/apmd
17.1.3. /etc/sysconfig/arpwatch
17.1.4. /etc/sysconfig/authconfig
17.1.5. /etc/sysconfig/autofs
17.1.6. /etc/sysconfig/clock
17.1.7. /etc/sysconfig/desktop
17.1.8. /etc/sysconfig/dhcpd
17.1.9. /etc/sysconfig/exim
17.1.10. /etc/sysconfig/firstboot
17.1.11. /etc/sysconfig/gpm
17.1.12. /etc/sysconfig/hwconf
17.1.13. /etc/sysconfig/i18n
17.1.14. /etc/sysconfig/init
17.1.15. /etc/sysconfig/ip6tables-config
17.1.16. /etc/sysconfig/iptables-config
17.1.17. /etc/sysconfig/irda
17.1.18. /etc/sysconfig/keyboard
17.1.19. /etc/sysconfig/kudzu
17.1.20. /etc/sysconfig/named
17.1.21. /etc/sysconfig/network
17.1.22. /etc/sysconfig/ntpd
17.1.23. /etc/sysconfig/radvd
17.1.24. /etc/sysconfig/samba
17.1.25. /etc/sysconfig/selinux
17.1.26. /etc/sysconfig/sendmail
17.1.27. /etc/sysconfig/spamassassin
17.1.28. /etc/sysconfig/squid
17.1.29. /etc/sysconfig/system-config-securitylevel
17.1.30. /etc/sysconfig/system-config-selinux
17.1.31. /etc/sysconfig/system-config-users
17.1.32. /etc/sysconfig/system-logviewer
17.1.33. /etc/sysconfig/tux
17.1.34. /etc/sysconfig/vncservers
17.1.35. /etc/sysconfig/xinetd
17.2. Directories in the /etc/sysconfig/ Directory
17.3. Additional Resources
17.3.1. Installed Documentation
18. Date and Time Configuration
18.1. Time and Date Properties
18.2. Network Time Protocol (NTP) Properties
18.3. Time Zone Configuration
19. Keyboard Configuration
20. The X Window System
20.1. The X11R7.1 Release
20.2. Desktop Environments and Window Managers
20.2.1. Desktop Environments
20.2.2. Window Managers
20.3. X Server Configuration Files
20.3.1. xorg.conf
20.4. Fonts
20.4.1. Fontconfig
20.4.2. Core X Font System
20.5. Runlevels and X
20.5.1. Runlevel 3
20.5.2. Runlevel 5
20.6. Additional Resources
20.6.1. Installed Documentation
20.6.2. Useful Websites
21. X Window System Configuration
21.1. Display Settings
21.2. Display Hardware Settings
21.3. Dual Head Display Settings
22. Users and Groups
22.1. User and Group Configuration
22.1.1. Adding a New User
22.1.2. Modifying User Properties
22.1.3. Adding a New Group
22.1.4. Modifying Group Properties
22.2. User and Group Management Tools
22.2.1. Command Line Configuration
22.2.2. Adding a User
22.2.3. Adding a Group
22.2.4. Password Aging
22.2.5. Explaining the Process
22.3. Standard Users
22.4. Standard Groups
22.5. User Private Groups
22.5.1. Group Directories
22.6. Shadow Passwords
22.7. Additional Resources
22.7.1. Installed Documentation
23. Printer Configuration
23.1. Adding a Local Printer
23.2. Adding an IPP Printer
23.3. Adding a Samba (SMB) Printer
23.4. Adding a JetDirect Printer
23.5. Selecting the Printer Model and Finishing
23.5.1. Confirming Printer Configuration
23.6. Printing a Test Page
23.7. Modifying Existing Printers
23.7.1. The Settings Tab
23.7.2. The Policies Tab
23.7.3. The Access Control Tab
23.7.4. The Printer and Job OptionsTab
23.8. Managing Print Jobs
23.9. Additional Resources
23.9.1. Installed Documentation
23.9.2. Useful Websites
24. Automated Tasks
24.1. Cron
24.1.1. Configuring Cron Tasks
24.1.2. Controlling Access to Cron
24.1.3. Starting and Stopping the Service
24.2. At and Batch
24.2.1. Configuring At Jobs
24.2.2. Configuring Batch Jobs
24.2.3. Viewing Pending Jobs
24.2.4. Additional Command Line Options
24.2.5. Controlling Access to At and Batch
24.2.6. Starting and Stopping the Service
24.3. Additional Resources
24.3.1. Installed Documentation
25. Log Files
25.1. Locating Log Files
25.2. Viewing Log Files
25.3. Adding a Log File
25.4. Monitoring Log Files
IV. System Monitoring
26. Gathering System Information
26.1. System Processes
26.2. Memory Usage
26.3. File Systems
26.4. Hardware
26.5. Additional Resources
26.5.1. Installed Documentation
27. OProfile
27.1. Overview of Tools
27.2. Configuring OProfile
27.2.1. Specifying the Kernel
27.2.2. Setting Events to Monitor
27.2.3. Separating Kernel and User-space Profiles
27.3. Starting and Stopping OProfile
27.4. Saving Data
27.5. Analyzing the Data
27.5.1. Using opreport
27.5.2. Using opreport on a Single Executable
27.5.3. Getting more detailed output on the modules
27.5.4. Using opannotate
27.6. Understanding /dev/oprofile/
27.7. Example Usage
27.8. Graphical Interface
27.9. Additional Resources
27.9.1. Installed Docs
27.9.2. Useful Websites
28. ABRT
28.1. Overview
28.2. Installing and Starting the Daemon, Applet and GUI
28.3. Configuring
28.4. Plugins and Sending Crash Reports
28.4.1. Reporting to Bugzilla
28.4.2. Emailing the Report
28.4.3. Transferring via SCP or FTP
28.4.4. Other plugins
V. Kernel and Driver Configuration
29. Manually Upgrading the Kernel
29.1. Overview of Kernel Packages
29.2. Preparing to Upgrade
29.3. Downloading the Upgraded Kernel
29.4. Performing the Upgrade
29.5. Verifying the Initial RAM Disk Image
29.6. Verifying the Boot Loader
29.6.1. x86 Systems
29.6.2. Itanium Systems
29.6.3. IBM S/390 and IBM System z Systems
29.6.4. IBM eServer iSeries Systems
29.6.5. IBM eServer pSeries Systems
30. General Parameters and Modules
30.1. Kernel Module Utilities
30.2. Persistent Module Loading
30.3. Specifying Module Parameters
30.4. Storage parameters
30.5. Ethernet Parameters
30.5.1. Using Multiple Ethernet Cards
30.5.2. The Channel Bonding Module
30.6. Additional Resources
30.6.1. Installed Documentation
30.6.2. Useful Websites
A. Revision History
Index