Red Hat LINUX 7.2 - OFFICIAL LINUX CUSTOMIZATION GUIDE Guide d'installation

Red Hat Linux 7.3The Official Red Hat LinuxReference Guide

x Introductiondownloaded and built software you found on the Internet. After installing Linux, however, configura-tion issues can be very confusing.The

100 Chapter 7. X Servers and Clients7.2. The XFree86 ServerRed Hat Linux uses XFree86 4 as the base X Window System, which includes the various necess

Chapter 7. X Servers and Clients 101the installation process. If you use Xconfigurator to reconfigure a new video card, both configura-tion files are reg

102 Chapter 7. X Servers and ClientsFilesThis section sets paths for services vital to the XFree86 server, such as the font path. Commonoptions includ

Chapter 7. X Servers and Clients 103• Identifier — Provides a unique name for this monitor, usually numbering each monitorstarting at 0. The first moni

104 Chapter 7. X Servers and Clients• InputDevice — The names of any InputDevice sections to be used with the XFree86server. Most users will only have

Chapter 7. X Servers and Clients 105These window managers can be run as individual X clients to gain a better sense of their differ-ences. Type the xi

106 Chapter 7. X Servers and Clientsyou must already be logged into the system at runlevel 3 to be able to type commands, startx is onlydesigned to br

Chapter 7. X Servers and Clients 107xdm display managers to find one to use. Once one is found, prefdm launches it to handle the userlogin.Each of the

108 Chapter 7. X Servers and Clients7.5.1. xfs ConfigurationThe /etc/rc.d/init.d/xfs script starts the xfs server. Several options can be configured in

Chapter 7. X Servers and Clients 109NoteYou must have a fonts.dir file in your new font directory for the chkfontpath command towork correctly. The cre

Introduction xiUse Netscape Navigator to browse the Web.[key]A key on the keyboard is shown in this style. For example:To use [Tab] completion, type i

110 Chapter 7. X Servers and Clients7.6.2. Useful Websites• http://www.xfree86.org — Home page of the XFree86 project, which produces the XFree86 open

Security Reference

Chapter 8.Pluggable Authentication Modules (PAM)Programs that give privileges to users must properly authenticate each user. When you log into asystem

114 Chapter 8. Pluggable Authentication Modules (PAM)The next four sections will describe the basic format of PAM configuration files and how they usePA

Chapter 8. Pluggable Authentication Modules (PAM) 1158.3.2. Creating ModulesNew PAM modules can be added at any time, and PAM-aware applications can t

116 Chapter 8. Pluggable Authentication Modules (PAM)A newer control flag syntax allowing for even more control is now available for PAM. Please see th

Chapter 8. Pluggable Authentication Modules (PAM) 117This line causes the user to be asked for a password and then checks the password using the infor

118 Chapter 8. Pluggable Authentication Modules (PAM)#%PAM-1.0auth required /lib/security/pam_nologin.soauth required /lib/security/pam_securetty.soau

Chapter 8. Pluggable Authentication Modules (PAM) 119The devices affected include, but are not limited to, sound cards, floppy drives, and CD-ROM drive

xii Introduction[stephen@maturin stephen]$leopard login:user inputText that the user has to type, either on the command line, or into a text box on a

120 Chapter 8. Pluggable Authentication Modules (PAM)

Chapter 9.TCP Wrappers and xinetdControlling access to network services can be a challenge. Firewalls are useful for controlling accessin and out of a

122 Chapter 9. TCP Wrappers and xinetdAll rules in each file take effect from the top down, so the order in which the rules are placed can beimportant.

Chapter 9. TCP Wrappers and xinetd 123CautionThe KNOWN, UNKNOWN, and PARANOID wildcards should be used very carefully, as a disruption in nameresoluti

124 Chapter 9. TCP Wrappers and xinetdVarious expansions containing specific information about the client, server, and process involved areavailable to

Chapter 9. TCP Wrappers and xinetd 1259.3.1. xinetd Configuration FilesThe xinet service is controlled by the /etc/xinetd.conf file, as well as the vari

126 Chapter 9. TCP Wrappers and xinetd9.3.1.2. Files in the /etc/xinetd.d DirectoryThe various files in the /etc/xinetd.d directory are read every time

Chapter 9. TCP Wrappers and xinetd 127two files, /etc/hosts.allow and /etc/hosts.deny, each service’s file in /etc/xinetd.d cancontain access control ru

128 Chapter 9. TCP Wrappers and xinetdpoint to another port number on the same system, redirect the request to different IP address on thesame machine

Chapter 9. TCP Wrappers and xinetd 129• /usr/share/doc/tcp_wrappers- version — Contains a README file that discusses howTCP wrappers work and the vario

Introduction xiii3. Using the MouseRed Hat Linux is designed to use a three-button mouse. If you have a two-button mouse, you shouldhave selected thre

130 Chapter 9. TCP Wrappers and xinetd

Chapter 10.SSH ProtocolSSH™ allows users to log into host systems remotely. Unlike rlogin or telnet SSH encrypts thelogin session, making it impossibl

132 Chapter 10. SSH Protocol• Interception of communication between two systems — In this scenario, a third party exists some-where on the network bet

Chapter 10. SSH Protocol 133Once an SSH client contacts a server, key information is exchanged so that the two systems cancorrectly construct the tran

134 Chapter 10. SSH Protocol10.3.3. ConnectionAfter a successful authentication over the SSH transport layer, multiple channels are opened by multi-pl

Chapter 10. SSH Protocol 135• id_dsa — Contains the DSA authentication identity of the user.• id_dsa.pub — The DSA public key of the user.• id_rsa — T

136 Chapter 10. SSH ProtocolNoteSetting up port forwarding to listen on ports below 1024 requires root access.So if you want to check your email on a

Chapter 10. SSH Protocol 137• ftp• rlogin• wu-ftpd• vsftpdFor more information on runlevels and configuring services with chkconfig, ntsysv, and servic

138 Chapter 10. SSH Protocol

Chapter 11.KerberosKerberos is a network authentication protocol created by MIT which uses secret-key cryptographyto secure passwords over the network

xiv Introduction• Official Red Hat support — Get help with your installation questions from Red Hat, Inc.’s supportteam.• Red Hat Network — Easily upda

140 Chapter 11. Kerberos11.3. Kerberos TerminologyLike any other system, Kerberos has its own terminology to define various aspects of the service.Befo

Chapter 11. Kerberos 141ticketA temporary set of electronic credentials that verify the identity of a client for a particular service.Ticket Granting

142 Chapter 11. KerberosNoteKerberos depends on certain network services to work correctly. First, Kerberos requires approximateclock synchronization

Chapter 11. Kerberos 143KDC from kerberos.example.com to the name of your Kerberos server. By convention,all realm names are uppercase and all DNS hos

144 Chapter 11. KerberosOnce you have completed the steps listed above, your Kerberos server should be up and running. Next,you will need to set up yo

Chapter 11. Kerberos 14511.8. Additional ResourcesFor more information on Kerberos, refer to the following resources.11.8.1. Installed Documentation•

146 Chapter 11. Kerberos

Chapter 12.Installing and Configuring TripwireTripwire software can help to ensure the integrity of critical system files and directories by identifying

148 Chapter 12. Installing and Configuring TripwireFigure 12-1. How to Use TripwireThe following steps should be taken to properly install, use and mai

Chapter 12. Installing and Configuring Tripwire 149information, see Section 12.7.3. Run a Tripwire integrity check — Compare the newly-created Tripwire

System Reference

150 Chapter 12. Installing and Configuring Tripwire1. If you already know of several changes that should be made to the configuration file(/etc/tripwire/

Chapter 12. Installing and Configuring Tripwire 15112.4. Tripwire ComponentsThe Tripwire policy file is a text file containing comments, rules, directive

152 Chapter 12. Installing and Configuring Tripwire12.6. Selecting PassphrasesTripwire files are signed or encrypted using site and local keys, which pr

Chapter 12. Installing and Configuring Tripwire 15312.9. Printing ReportsThe twprint -m r command will display the contents of a Tripwire report in cle

154 Chapter 12. Installing and Configuring Tripwire12.9.1. Using twprint to View the Tripwire DatabaseYou can also use twprint to view the entire datab

Chapter 12. Installing and Configuring Tripwire 155------------- -----------Object Type Regular FileDevice Number 773Inode Number 216991Mode -rw-r--r--

156 Chapter 12. Installing and Configuring Tripwiredoes not have a /etc/smb.conf file, you can tell Tripwire not to try to look for it by commentingout

Chapter 12. Installing and Configuring Tripwire 157For example, if you would like two administrators, Sam and Bob, notified if a networking program ismo

158 Chapter 12. Installing and Configuring Tripwire

Network Services Reference

Chapter 13.Network ScriptsUsing Red Hat Linux, all network communications occur between interfaces and physical networkingdevices connected to the sys

162 Chapter 13. Network ScriptsWithin each of the interface configuration files, the following values are common:• BOOTPROTO= protocol , where protocol

Chapter 13. Network Scripts 163connection tools. You can also create and edit this file manually. A typical ifcfg-ppp0 files lookslike this:DEVICE=ppp0N

164 Chapter 13. Network Scripts• no — The /etc/resolv.conf file will not be changed.• PERSIST= answer , where answer is one of the following:• yes — Th

Chapter 13. Network Scripts 16513.2. Interface Control ScriptsThe interface control scripts control activating and deactivating interface connections.

166 Chapter 13. Network Scripts13.3. Network FunctionsRed Hat Linux makes use of several files that contain important functions that are used in variou

Chapter 14.Firewalling with iptablesThe Linux kernel contains advanced tools for packet filtering — the process of controlling networkpackets as they a

168 Chapter 14. Firewalling with iptablesRegardless of their destination, when packets match a particular rule on one of the rule lists, they aredesig

Chapter 14. Firewalling with iptables 16914.3. Options Used in iptables CommandsRules that allow packets to be filtered by the kernel are put into plac

Chapter 1.File System Structure1.1. Why Share a Common Structure?An operating system’s file system structure is its most basic level of organization. A

170 Chapter 14. Firewalling with iptablesThe iptables commands are:• -A — Appends the iptables rule to the end of the specified chain. This is the comm

Chapter 14. Firewalling with iptables 171• -d — Sets the destination hostname, IP address, or network of a packet that will match the rule.When matchi

172 Chapter 14. Firewalling with iptables• --dport — Sets the destination port for the packet. You can use either a network service name(such as www o

Chapter 14. Firewalling with iptables 17314.3.5.4. Modules with Additional Match OptionsAdditional match options are also available through modules lo

174 Chapter 14. Firewalling with iptables• ACCEPT — Allows the packet to successfully move on to its destination or another chain.• DROP — Drops the p

Chapter 14. Firewalling with iptables 175• -x — Expands numbers into their exact values. On a busy system, the number of packets andbytes seen by a pa

176 Chapter 14. Firewalling with iptables

Chapter 15.ApacheThe Apache product includes software developed by the Apache Software Foundation(http://www.apache.org).The Apache HTTP server is a r

178 Chapter 15. Apachemod_log_referermod_mimemod_negotiationmod_statusmod_infomod_includemod_autoindexmod_dirmod_cgimod_asismod_imapmod_actionsmod_use

Chapter 15. Apache 17915.2. Starting and Stopping httpdDuring the installation process, a Bourne shell script named httpd was saved in/etc/rc.d/init.d

18 Chapter 1. File System Structure1.2.1. FHS OrganizationThe directories and files noted here are a small subset of those specified by the FHS document

180 Chapter 15. Apacheprovided in HTML format at http://localhoast/manual/ or to the Apache group documentation athttp://httpd.apache.org/docs/. For m

Chapter 15. Apache 18115.3.8. TimeoutTimeout defines, in seconds, the amount of time that your server will wait for receipts and trans-missions during

182 Chapter 15. Apache15.3.14. MaxClientsMaxClients sets a limit on the total number of server processes, or simultaneously connected clients,that can

Chapter 15. Apache 18315.3.20. ClearModuleListThe ClearModuleList directive is located immediately before the long list of AddModule direc-tives. Clea

184 Chapter 15. Apache15.3.25. GroupThe Group directive is similar to the User. The Group sets the group under which the server willanswer requests. T

Chapter 15. Apache 185The cgi-bin directory is set up to allow the execution of CGI scripts, with the ExecCGI option. Ifyou need to execute a CGI scri

186 Chapter 15. Apache15.3.33. AllowAllow specifies which requester can access a given directory. The requester can be all, a domainname, an IP address

Chapter 15. Apache 18715.3.38. CacheNegotiatedDocsBy default, your Web server asks proxy servers not to cache any documents which were negotiated onth

188 Chapter 15. Apacheother words, after a reverse lookup is performed, a forward lookup is performed on the result. At leastone of the IP addresses i

Chapter 15. Apache 189authuserIf authentication was required, this is the username with which the user identified herself. Usu-ally, this is not used,

Chapter 1. File System Structure 191.2.1.6. The /proc DirectoryThe /proc directory contains special "files" that either extract information f

190 Chapter 15. ApacheSee Section 15.3.65 and Section 15.3.29 for instructions on how to execute CGI scripts in directoriesother than the cgi-bin.15.3

Chapter 15. Apache 19115.3.55. AddIconAddIcon tells the server which icon to show in server generated directory listings for certain file typesor for fi

192 Chapter 15. Apache15.3.62. AddLanguageAddLanguage associates filename extensions with specific content languages. This directive is mostlyuseful for

Chapter 15. Apache 19315.3.67. MetaDirMetaDir specifies the name of a directory where your Web server should look for files containingmeta information (

194 Chapter 15. Apache# AuthType Basic# AuthName Temporary# AuthUserFile /etc/httpd/conf/passwd# EnableDelete Off# umask 007#Limit PUT# require valid-

Chapter 15. Apache 19515.3.72. ProxyRequestsIf you uncomment the IfModule tags surrounding the ProxyRequests directives, your Apacheserver will also f

196 Chapter 15. ApacheYou cannot use name-based virtual hosts with your secure server because the SSL handshake (whenthe browser accepts the secure We

Chapter 15. Apache 19715.4. Adding Modules to Your ServerSince Apache 1.3 supports DSOs, you can easily load Apache modules or compile in your own mod

198 Chapter 15. ApacheNote that you will need to change the name of the module and the name of your shared object file asappropriate.At the end of the

Chapter 15. Apache 19915.5.1. The Secure Web Server Virtual HostThe default configuration of your Web server runs a non-secure and a secure server. Bot

Red Hat Linux 7.3: The Official Red Hat Linux Reference GuideCopyright © 2002 by Red Hat, Inc.Red Hat, Inc.1801 Varsity DriveRaleigh NC 27606-2072 USAP

20 Chapter 1. File System Structurethat do not belong in /sbin), share contains files that are not architecture-specific, src is for sourcecode, and X11

200 Chapter 15. ApacheIf you set up a virtual host and want it to listen on a non-default port, you will need to set up a virtualhost for that port an

Chapter 16.EmailEmail is one of the most widely used services on the Internet. Red Hat Linux offers many ways foryou to utilize email, whether you are

202 Chapter 16. Email16.1.2. POPThe Post Office Protocol (POP) allows email clients to pull off email from remote servers and savethose messages on the

Chapter 16. Email 203SMTP also handles cases where email needs to be forwarded between systems, when the receivingsystem knows where to send the messa

204 Chapter 16. Emailcomplicated. In addition, due to problems from spam, use of a particular MTA is usually restricted bythe MTA’s own configuration o

Chapter 16. Email 20516.3.2. Purpose and LimitationsIt is important to be aware of what Sendmail is and what it can do for you as opposed to what it i

206 Chapter 16. [email protected] [email protected] 16-1. virtusertable exampleThen, to add this new information to the virtusertable.db file, e

Chapter 16. Email 207# sendmail.cw - include all aliases for your machine# here.torgo.bigcorp.compoodle.bigcorp.comdevel.bigcorp.comFigure 16-2. Examp

208 Chapter 16. EmailBecause /etc/mail/access.db is a database, you need to use makemap to activate yourchanges by recreating the database map. This i

Chapter 16. Email 20916.4. FetchmailFetchmail is a program that can retrieve email from remote servers for on-demand TCP/IP connec-tions. Many users a

Chapter 1. File System Structure 21+- spool|- anacron|- at|- cron|- fax|- lpd|- mail|- mqueue|- news|- rwho|- samba|- slrnpull|- squid|- up2date|- uuc

210 Chapter 16. Emailset postmaster "user1"set bouncemailpoll pop.domain.com proto pop3user ’user1’ there with password ’secret’ is user1 he

Chapter 16. Email 211methods that do not require a password, then methods that mask your password, and finally attemptto send your password in the clea

212 Chapter 16. Email16.4.2.1. Informational or Debugging OptionsCertain options used after the fetchmail command can provide you with important infor

Chapter 16. Email 213a .procmailrc file in the user’s home directory to find rules specific to that user. Many users alsocreate additional rc files of the

214 Chapter 16. Email• MAILDIR — Sets the current working directory for Procmail. If set, all other Procmail paths arerelative to this directory.• ORG

Chapter 16. Email 215be performed. Conditions are checked based on the flags set in the recipe’s first line. Optional specialcharacters placed after the

216 Chapter 16. EmailIf you would like to ignore "Program failure" messages when deciding whether a filter or actionsucceeded, use the W opti

Chapter 16. Email 217:0:new-mail.spoolFigure 16-10. Example with no conditionsThe first line starts the recipe by specifying that a local lockfile is to

218 Chapter 16. EmailSPAM=junk:0:* To??^$$SPAM:0:* ^(To|CC):.*,.*,.*,.*,.*,.*,.*,.*,.*,.*,.*,$SPAM:0:* ^Message-Id:.*[^@]*$SPAMFigure 16-13. Example o

Chapter 16. Email 219Authority (CA) for an SSL certificate, or you can create a self-signed certificate to provide the benefitof the SSL encrypted commun

22 Chapter 1. File System StructureAnother location specific to Red Hat Linux is the /etc/sysconfig/ directory. This directory storesa variety of config

220 Chapter 16. Email• procmail — Provides an overview of how Procmail works and the steps involved with filteringemail.• procmailrc — Explains the rc

Chapter 17.Berkeley Internet Name Domain (BIND)Today, the Internet and almost all local networks depend upon a working and reliable Domain NameService

222 Chapter 17. Berkeley Internet Name Domain (BIND)Except for the hostname, every section is a called a zone, which defines a particular namespace. An

Chapter 17. Berkeley Internet Name Domain (BIND) 223WarningDo not manually edit the /etc/named.conf file or any files in the /var/named/ directory if yo

224 Chapter 17. Berkeley Internet Name Domain (BIND)When utilized with other /etc/named.conf statements and their options, acl statements can bevery u

Chapter 17. Berkeley Internet Name Domain (BIND) 225• allow-query — Specifies which hosts are allowed to query this nameserver. By default, allhosts ar

226 Chapter 17. Berkeley Internet Name Domain (BIND)answer regarding a particular zone while other hosts receive totally different information. Altern

Chapter 17. Berkeley Internet Name Domain (BIND) 22717.2.1.1. Sample Zone StatementsMost changes to the /etc/named.conf file of a master or slave names

228 Chapter 17. Berkeley Internet Name Domain (BIND)17.2.2.1. Zone File DirectivesDirectives are identified by the leading $ character before the name

Chapter 17. Berkeley Internet Name Domain (BIND) 229IN A 10.0.1.3server1 IN A 10.0.1.5Figure 17-8. Example A recordsRequests for domain.com are pointe

Chapter 2.The /proc File SystemThe Linux kernel’s primary functions are to control access to physical devices on the computer and toschedule when and

230 Chapter 17. Berkeley Internet Name Domain (BIND)IN NS dns1.domain.com.IN NS dns2.domain.com.Figure 17-14. Example NS records• PTR — PoinTeR record

Chapter 17. Berkeley Internet Name Domain (BIND) 231Seconds Other Time Units259200 3D604800 1W31536000 365DTable 17-1. Seconds compared to other time

232 Chapter 17. Berkeley Internet Name Domain (BIND)In this example, standard directives and SOA values are used. The authoritative nameservers are se

Chapter 17. Berkeley Internet Name Domain (BIND) 233zone "1.0.10.in-addr.arpa" IN {type master;file "domain.com.rr.zone";allow-upd

234 Chapter 17. Berkeley Internet Name Domain (BIND)key " key-name " {algorithm hmac-md5;secret "key-value ";};Figure 17-22. Sampl

Chapter 17. Berkeley Internet Name Domain (BIND) 235If the command was not successful, carefully go over the /etc/named.conf and /etc/rndc.conffiles an

236 Chapter 17. Berkeley Internet Name Domain (BIND)17.4. BIND Advanced FeaturesMost BIND implementations only use named to provide name resolution se

Chapter 17. Berkeley Internet Name Domain (BIND) 237• TSIG — Short for Transaction SIGnatures, a shared secret key exists on the master and slave serv

238 Chapter 17. Berkeley Internet Name Domain (BIND)17.6.1. Installed Documentation• BIND features a full-range of installed documentation covering ma

Chapter 18.Network File System (NFS)NFS (Network File System) exists to allow remote hosts to mount partitions on a particular system anduse them as t

24 Chapter 2. The /proc File SystemAs you view different virtual files in /proc, you will notice that some of the information makes sense.Others are no

240 Chapter 18. Network File System (NFS)to the /etc/exports file to uncover that host’s privileges for the various mounts available. Aftergranting acc

Chapter 18. Network File System (NFS) 241100003 3 udp 2049 nfs100021 1 udp 1028 nlockmgr100021 3 udp 1028 nlockmgr100021 4 udp 1028 nlockmgr[root@blea

242 Chapter 18. Network File System (NFS)18.2.1. /etc/exportsThe /etc/exports file is the standard for controlling which filesystems are exported to whi

Chapter 18. Network File System (NFS) 243However, be careful when using wildcards with fully qualified domain names, as they tend to bemore exact than

244 Chapter 18. Network File System (NFS)The options area specifies how the filesystem is to be mounted. For example, if the options areastates rw,suid

Chapter 18. Network File System (NFS) 245This line states that any directory a user tries to access under the local /home directory (due to theasteris

246 Chapter 18. Network File System (NFS)18.4.1. Host AccessNFS controls who can mount an exported filesystem based on the host making the mount reques

Chapter 18. Network File System (NFS) 247• fstab — Gives details for the format of the /etc/fstab file used to mount filesystems atsystem boot.• nfs — P

248 Chapter 18. Network File System (NFS)

Chapter 19.Lightweight Directory Access Protocol (LDAP)19.1. What is LDAP?LDAP (Lightweight Directory Access Protocol) is a proposed open standard for

Chapter 2. The /proc File System 251.16 1.2 0x03 0x00 0x00 0x01 99% 1792 minIn this state, the apm command yields readable information from this data:

250 Chapter 19. Lightweight Directory Access Protocol (LDAP)19.3. Uses for LDAPSeveral Netscape applications, including web browsers using the Netscap

Chapter 19. Lightweight Directory Access Protocol (LDAP) 251An entry can contain as many attrtype : attrvalue pairs as needed. A blank line indicatest

252 Chapter 19. Lightweight Directory Access Protocol (LDAP)orsuffix "dc=acmeuniversity, dc=edu"The rootdn entry is the DN for a user who is

Chapter 19. Lightweight Directory Access Protocol (LDAP) 253CautionYou should not modify any of the schema items defined in the schema files installed b

254 Chapter 19. Lightweight Directory Access Protocol (LDAP)• slapindex — Reindexes the slapd database based on the actual current database content. E

Chapter 19. Lightweight Directory Access Protocol (LDAP) 2554. Create your LDAP directory. Examples of LDAP entries are provided at the PADL Softwarew

256 Chapter 19. Lightweight Directory Access Protocol (LDAP)19.10.2.4. PAM and LDAPTo have standard PAM-enabled applications use LDAP for authenticati

Chapter 19. Lightweight Directory Access Protocol (LDAP) 257DAP website and the LDAP HOWTO, before configuring LDAP on your system.19.11.1. Installed D

258 Chapter 19. Lightweight Directory Access Protocol (LDAP)

Appendixes

26 Chapter 2. The /proc File Systemoccasionally compiled for particular architectures, this value tells you which package to install onthe system.• mo

Appendix A.General Parameters and ModulesThis appendix is provided to illustrate some of the possible parameters that may be needed by certaindrivers1

262 Appendix A. General Parameters and ModulesNoteOnly use one method, and not both, when loading a module with particular parameters.CautionWhen a pa

Appendix A. General Parameters and Modules 263Hardware Module ParametersISP16, MAD16, or Mozartsound card CD-ROM interface(OPTi 82C928 and OPTi82C929)

264 Appendix A. General Parameters and ModulesNoteMost newer Sound Blaster cards come with IDE interfaces. For these cards, you do not need to usesbpc

Appendix A. General Parameters and Modules 265Hardware Module ParametersACARD ATP870U PCI SCSIControlleratp870u.oCompaq Smart Array 5300Controllerccis

266 Appendix A. General Parameters and ModulesHardware Module ParametersNCR SCSI controllers with810/810A/815/825/825A/860/875/876/895chipsetsncr53c8x

Appendix A. General Parameters and Modules 267Configuration ExampleFuture Domain TMC-800 at CA000, IRQ 10 controller_type=2 base_address=0xca000irq=10T

268 Appendix A. General Parameters and ModulesHardware Module ParametersCrystalSemiconductorCS89[02]0cs89x0.oEtherWORKS DE425TP/COAX EISA, DE434TP PCI

Appendix A. General Parameters and Modules 269Hardware Module ParametersIntel EtherExpress 16(i82586)eexpress.o eexpress=io_port,IRQ OR eexpressio=io_

Chapter 2. The /proc File System 272.2.5. /proc/dmaThis file contains a list of the registered ISA direct memory access (DMA) channels in use. A sample

270 Appendix A. General Parameters and ModulesHardware Module ParametersMiCom-Interlan NI5010 ni5010.oNI5210 card (i82586Ethernet chip)ni52.o ni52=io_

Appendix A. General Parameters and Modules 271Hardware Module ParametersWD8003 andWD8013-compatibleEthernet cardswd.o wd=io_port,IRQ,mem, mem_end OR w

272 Appendix A. General Parameters and Modules

IndexSymbols.fetchmailrc, 209global options, 210server options, 210user options, 211.procmailrc, 213/dev directory, 18/etc directory, 18/etc/exports,

274pci, 35process directories, 37scsi directory, 43self directory, 39slabinfo, 36stat, 36swaps, 36sys directory, 44controlling with sysctl, 52dev dire

275boot process, 55chain loading, 78direct loading, 78init, 58x86, 55bootingsingle-user modeGRUB, 61LILO, 61BrowserMatchApache configuration directive,

276document, xcopying and pasting textwhen using X, xiiiCustomLogApache configuration directive, 188Ddefault modules, 177DefaultIconApache configuration

277reverting from ext3, 90ext3, 87, 89, 89(See Also mkfs)converting from ext2, 90creating, 88features, 87hierarchy, 17labeling(See e2label)organizatio

278KKeepAliveApache configuration directive, 181KeepAliveTimeoutApache configuration directive, 181Kerberos, 139additional resources, 145installed docum

279NNameVirtualHostApache configuration directive, 195Netscape Navigatorpublish feature, 193networkconfiguration, 161control scripts, 165functions, 166i

28 Chapter 2. The /proc File System2.2.9. /proc/interruptsThis file records the number of interrupts per IRQ on the x86 architecture. A standard/proc/i

280running at boot time, 74proxy server, 195, 195ProxyRequestsApache configuration directive, 195ProxyViaApache configuration directive, 195public_html

281shutdown, 74system request keyenabling, 45SysV init, 60directories used by, 60runlevels used by, 73TTCP wrappers, 121access control, 121operators,

XX client(See XFree86)X server(See XFree86)X Window System(See XFree86)overview, 99X client, 99X server, 99x86boot process, 77XFree86, 99additional re

Chapter 2. The /proc File System 29000f0000-000fffff : System ROM00100000-07ffffff : System RAM00100000-00291ba8 : Kernel code00291ba9-002e09cb : Kern

Table of ContentsIntroduction...

30 Chapter 2. The /proc File System2.2.12. /proc/isapnpThis file lists Plug and Play (PnP) cards in ISA slots on the system. This is most often seen wi

Chapter 2. The /proc File System 312.2.14. /proc/kmsgThis file is used to hold messages generated by the kernel. These messages are then picked up by o

32 Chapter 2. The /proc File System2.2.18. /proc/mdstatThis file contains the current information for multiple-disk, RAID configurations. If your system

Chapter 2. The /proc File System 33• MemShared — Unused with 2.4 and higher kernels but left in for compatibility with earlier kernelversions.• Buffer

34 Chapter 2. The /proc File System(autoclean) or if it is not being utilized (unused). Any module with a line containing a name listedin brackets ([

Chapter 2. The /proc File System 352.2.25. /proc/pciThis file contains a full listing of every PCI device on your system. Depending on the number of PC

36 Chapter 2. The /proc File System2.2.26. /proc/slabinfoThis file gives information about memory usage on the slab level. Linux kernels greater than 2

Chapter 2. The /proc File System 372.2.29. /proc/uptimeThis file contains information about how long the system has on since its last restart. The outp

38 Chapter 2. The /proc File Systemcpu0 0 0cpu1 11 3• cwd — A symlink to the current working directory for the process.• environ — Gives a list of the

Chapter 2. The /proc File System 39PPid: 723TracerPid: 0Uid: 0 0 0 0Gid: 0 0 0 0FDSize: 32Groups:VmSize: 3596 kBVmLck: 0 kBVmRSS: 288 kBVmData: 552 kB

7.6. Additional Resources... 109II. Security Reference ...

40 Chapter 2. The /proc File SystemT: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 2B: Alloc= 0/900 us ( 0%), #Int= 0, #Iso= 0D: Ver= 1.0

Chapter 2. The /proc File System 41------------- drive0 --------- drive1 -------- drive0 ---------- drive1 ------DMA enabled: yes no yes noUDMA enable

42 Chapter 2. The /proc File Systemnowerr 0 0 1 rwnumber 0 0 3 rwpio_mode write-only 0 255 wslow 0 0 1 rwunmaskirq 0 0 1 rwusing_dma 1 0 1 rw2.3.5. /p

Chapter 2. The /proc File System 43• sockstat — Provides socket statistics.• tcp — Contains detailed TCP socket information.• tr_rif — The token ring

44 Chapter 2. The /proc File SystemInterrupts: 33726BIOS Control Word: 0x18a6Adapter Control Word: 0x1c5fExtended Translation: EnabledDisconnect Enabl

Chapter 2. The /proc File System 45A good way to determine if a particular file can configured or is only designed to provide informationis to list it.

46 Chapter 2. The /proc File SystemCan close tray: 1Can open tray: 1Can lock tray: 1Can change speed: 1Can select disk: 0Can read multisession: 1Can r

Chapter 2. The /proc File System 472.3.8.3. /proc/sys/kernel/This directory contains a variety of different configuration files that directly affect the

48 Chapter 2. The /proc File System• 1 — Kernel alert. Action must be taken immediately.• 2 — Condition of the kernel is considered critical.• 3 — Gen

Chapter 2. The /proc File System 49• message_burst — Tenths of seconds required to write a new warning message. This is used toprevent Denial of Servi

III. Network Services Reference ... 15913. Network Sc

50 Chapter 2. The /proc File SystemFor a complete list of files and options available, see /usr/src/linux-2.4/Documentation/networking/ip-sysctl.txt.A

Chapter 2. The /proc File System 51• max_map_count — Configures the maximum number of memory map areas a process may have.In most cases, the default va

52 Chapter 2. The /proc File SystemRegistered line disciplines are stored in the ldiscs file, with detailed information available in theldisc directory

Chapter 2. The /proc File System 53• /usr/src/linux-2.4/Documentation/sysctl — A directory containing a variety of sysctltips, including modifying val

54 Chapter 2. The /proc File System

Chapter 3.Boot Process, Init, and ShutdownThis chapter contains information on what happens when you boot or shut down your Red Hat Linuxsystem.NoteTh

56 Chapter 3. Boot Process, Init, and ShutdownGRUB or LILO uses the settings in the MBR to display boot options and allow for user input on whichopera

Chapter 3. Boot Process, Init, and Shutdown 57• The existence of prompt tells LILO to show you whatever is referenced in the message line. Whileit is

58 Chapter 3. Boot Process, Init, and Shutdown3.2.2. InitThe kernel finds /sbin/init and executes it. It is the init command which coordinates the rest

Chapter 3. Boot Process, Init, and Shutdown 59K30mcserv -> ../init.d/mcservK34yppasswdd -> ../init.d/yppasswddK35dhcpd -> ../init.d/dhcpdK35s

IV. Appendixes ... 259A.

60 Chapter 3. Boot Process, Init, and Shutdownrhnsd. The last thing init does is run /etc/rc.d/rc.local to run any special scripts configuredfor that h

Chapter 3. Boot Process, Init, and Shutdown 61id:3:initdefault:The default runlevel is 3 in this example, the number after the first colon. If you want

62 Chapter 3. Boot Process, Init, and Shutdown• dhcpd• firewall• gpm• harddisks• hwconf• i18n• identd• init• ipchains• iptables• irda• keyboard• kudzu

Chapter 3. Boot Process, Init, and Shutdown 633.3.1.2. /etc/sysconfig/apmdThe /etc/sysconfig/apmd file is used by apmd as a configuration for what thing

64 Chapter 3. Boot Process, Init, and Shutdown• true — Indicates that the clock is set to Universal Time. Any other value indicates that it is setto l

Chapter 3. Boot Process, Init, and Shutdown 65• USE_DMA=1, where setting this to 1 enables DMA. However, with some chipsets and hard drivecombinations

66 Chapter 3. Boot Process, Init, and Shutdown• SETCOLOR_SUCCESS= value , where value sets the color to a color indicating success.Defaults to ANSI se

Chapter 3. Boot Process, Init, and Shutdown 67• DEVICE= value , where value is the device (usually a serial port) that handles infraredconnections.• D

68 Chapter 3. Boot Process, Init, and Shutdown• mousesystems — A Mouse Systems™ mouse.• ps/2 — A PS/2 mouse.• msbm — A Microsoft™ bus mouse.• logibm —

Chapter 3. Boot Process, Init, and Shutdown 693.3.1.23. /etc/sysconfig/networkThe /etc/sysconfig/network file is used to specify information about the

IntroductionWelcome to the Official Red Hat Linux Reference Guide.The Official Red Hat Linux Reference Guide contains useful information about your Red

70 Chapter 3. Boot Process, Init, and Shutdown• CARDMGR_OPTS= value , where value is the list of options for the PCMCIA cardmgr(such as -q for quiet m

Chapter 3. Boot Process, Init, and Shutdown 71• QUEUE=1h which is given to Sendmail as -q$QUEUE. The -q option is not given to Sendmail if/etc/sysconf

72 Chapter 3. Boot Process, Init, and Shutdown• ups-trust425+625 — For a Trust™ UPS.• DEVICE= value , where value specifies where the UPS is connected,

Chapter 3. Boot Process, Init, and Shutdown 73• Scripts used to bring up and down ISDN interfaces, such as ifup-isdn and ifdown-isdn• Various shared n

74 Chapter 3. Boot Process, Init, and Shutdown• In the graphical GRUB boot loader screen, select the Red Hat Linux boot label and press [e] toedit it.

Chapter 3. Boot Process, Init, and Shutdown 75WarningIf your computer does not power itself down, be careful not turn off the computer until you see a

76 Chapter 3. Boot Process, Init, and Shutdown

Chapter 4.GRUBBefore Red Hat Linux can load on a system, it must be told to boot by special instructions placed ona boot loader, a program that exists

78 Chapter 4. GRUBNoteSome filesystems, as well as filesystem configurations, may require a Stage 1.5 file that essentiallybridges the gap between the pri

Chapter 4. GRUB 79NoteWhen changes are made to the GRUB configuration file, it is not necessary to restart GRUB. Anychanges made are automatically detec

viii IntroductionNew to LinuxThis type of user has never used any Linux (or Linux-like) operating system before or has hadonly limited exposure to Lin

80 Chapter 4. GRUBNoteRemember that GRUB’s numbering system for devices starts at 0, and not 1. This is one of the mostcommon mistakes made by new GRU

Chapter 4. GRUB 814.2.3. GRUB’s Root FilesystemSome users are confused by the use of the term "root filesystem" with GRUB. It is important to

82 Chapter 4. GRUBto move to the beginning of a line, and [Ctrl]-[e] to move to the end of a line. In addition, the arrow,[Home], [End], and [Delete]

Chapter 4. GRUB 83• kernel kernel-file-name option-1 option-N — Specifies the kernel file toload from GRUB’s root filesystem when using direct loading to

84 Chapter 4. GRUB4.5.2. Configuration File StructureThe commands to set the global preferences for the GRUB menu interface are placed at the top of th

Chapter 4. GRUB 85• http://www.uruk.org/orig-grub — The original GRUB documentation before the project washanded off to the Free Software Foundation f

86 Chapter 4. GRUB

Chapter 5.The ext3 File SystemWith the release of Red Hat Linux 7.2, Red Hat changed the default file system from the venerableext2 format to the journ

88 Chapter 5. The ext3 File System5.2. Creating an ext3 File SystemIf you are adding a new disk drive to a Red Hat Linux system and want to utilize th

Chapter 5. The ext3 File System 89TipIt is a good idea to write down which partitions (for example, /dev/hdb2) are meant for which filesystems (for exa

Introduction ixBeyond reading Red Hat Linux manuals, several other excellent documentation resources are availablefor little or no cost:1.1.1. Introdu

90 Chapter 5. The ext3 File SystemOnce you have assigned each partition a label, add the partitions to /etc/fstab. To do this, log inas root and type:

Chapter 5. The ext3 File System 91umount /dev/hdbXIn the above command, replace hdb with the drive letter and X with the partition number. For therema

92 Chapter 5. The ext3 File System

Chapter 6.Users and GroupsThe control of users and groups exists at the core of Red Hat Linux system administration.Users can be either people (accoun

94 Chapter 6. Users and GroupsUser UID GID Home Directory Shelluucp 10 14 /var/spool/uucpoperator 11 0 /rootgames 12 100 /usr/gamesgopher 13 30 /usr/l

Chapter 6. Users and Groups 95Group GID Membersroot 0 rootbin 1 root, bin, daemondaemon 2 root, bin, daemonsys 3 root, bin, admadm 4 root, adm, daemon

96 Chapter 6. Users and GroupsGroup GID Membersmailnull 47 mailnullrpcusers 29nfsnobody 65534xfs 43 xfsgdm 42 gdmapache 48 apachesquid 23 squidnamed 2

Chapter 6. Users and Groups 97You can add a user to a group using redhat-config-users (see the Official Red Hat Linux Customiza-tion Guide), or if you p

98 Chapter 6. Users and Groups6.5. Shadow UtilitiesIf you are in a multiuser environment and not using a networked authentication scheme such as Ker-b

Chapter 7.X Servers and ClientsWhile the heart of Red Hat Linux is the kernel, for workstation users, the X environment is the face ofthe operating sy