GL250 "ENTERPRISE LINUX SYSTEMS ADMINISTRATION"
Intended for students already comfortable with working in the Unix environment, this in-depth course helps students acquire the variety of skills needed to set up and maintain Unix computers. The class covers subjects ranging from initial installation of Linux to day-to-day administrative tasks such as management of user accounts and disk space, and even imparting the troubleshooting skills future system administrators will need to cope with unexpected behavior.Prerequisites: Individuals wishing to take this class should already have a solid grounding in UNIX concepts. Fundamentals such as an understanding of the Linux filesystem, process management, and the ability to manipulate and edit files is considered a must and will not be covered in class. An understanding of network concepts, and the TCP/IP protocol suite is helpful.
Courseware supports latest versions of Red Hat Enterprise Linux and Fedora Core. See the exact versions here.
See the detailed outline for the SUSE LINUX Professional and SUSE LINUX Enterprise Server version of this course.
Suggested course duration: 40 hour.
Detailed Course Outline
Section 1 Linux InstallationPre-Installation Considerations
Hardware Compatibility
Multi-OS Booting
Partition Considerations
Partition Planning
Filesystem Considerations
Journaled Filesystems
Installation Choices
CD-ROM Installation
Network Installation
Local Hard Drive Installation
FC Personal Desktop Class
FC Workstation Class
FC Server Class
FC Custom Class
Install Program Interface
Installation Diagnostics
Language Selection
Keyboard Configuration
Fedora Install Options
Automatic Partitioning
Partitioning with Disk Druid
Installing a Boot Loader
Network Configuration
Security Configuration
Language Support Selection
Root Password Configuration
Time Zone Configuration
Package Group Selection
Installing Packages
Install Finished
First Boot
Finalizing GUI Configuration
Video Card Configuration
Monitor Configuration
Authentication Configuration
Lab 1 - InstallationHardware Compatibility
Multi-OS Booting
Partition Considerations
Partition Planning
Filesystem Considerations
Journaled Filesystems
Installation Choices
CD-ROM Installation
Network Installation
Local Hard Drive Installation
FC Personal Desktop Class
FC Workstation Class
FC Server Class
FC Custom Class
Install Program Interface
Installation Diagnostics
Language Selection
Keyboard Configuration
Fedora Install Options
Automatic Partitioning
Partitioning with Disk Druid
Installing a Boot Loader
Network Configuration
Security Configuration
Language Support Selection
Root Password Configuration
Time Zone Configuration
Package Group Selection
Installing Packages
Install Finished
First Boot
Finalizing GUI Configuration
Video Card Configuration
Monitor Configuration
Authentication Configuration
Perform a GUI network NFS based workstation install
Configure LVM and Software RAID at installation time
Section 2 PC Hardware and LinuxConfigure LVM and Software RAID at installation time
Kudzu
PC System Hardware
USB Devices and Configuration
Linux Device Files
Configuring New Hardware
Kernel Modules
Handling Module Dependencies
Configuring Kernel via /proc
Kernel Hardware Info - /sys/
/sys/ structure
Lab 2 - PC Hardware and LinuxPC System Hardware
USB Devices and Configuration
Linux Device Files
Configuring New Hardware
Kernel Modules
Handling Module Dependencies
Configuring Kernel via /proc
Kernel Hardware Info - /sys/
/sys/ structure
Enable the Magic-SysReq key
Use system-config-proc to disable ICMP broadcast
Use system-config-proc to disable ICMP broadcast
Section 3 Post-Install System Configuration
Configuration Utilites and Files
Network Services
Managing System Time and Network-Wide Time
Continual Time Sync - NTP
Configuring NTP Clients
Managing Software
RPM Features, Architecture, and Package Files
Working With RPMs
Querying and Verifying with RPM
Package Dependencies
Intro to YUM
Using the YUM command
Configuring YUM
YUM Repositories and Resources
Configuring Printers
Common UNIX Printing System
Defining a Printer
Kickstart
Creating Kickstart Files
Using Kickstart files
Lab 3 - Post-Install ConfigNetwork Services
Managing System Time and Network-Wide Time
Continual Time Sync - NTP
Configuring NTP Clients
Managing Software
RPM Features, Architecture, and Package Files
Working With RPMs
Querying and Verifying with RPM
Package Dependencies
Intro to YUM
Using the YUM command
Configuring YUM
YUM Repositories and Resources
Configuring Printers
Common UNIX Printing System
Defining a Printer
Kickstart
Creating Kickstart Files
Using Kickstart files
Answer some questions about the system using RPM queries
Install zsh using RPM
Troubleshoot and repair a package using RPM verification
Upgrade the kernel using RPM
Install the XFCE desktop environment using YUM
Create and test a custom YUM repository
Crate a custom YUM repository for installing software
Setup CUPS print queues using: system-config-printer, lpadmin, and the CUPS web interface
Modify a kickstart file using a text editor
Create a kickstart file using ksconfig
Start an install using a pre made kickstart file
Section 4 Boot Process and SysV InitInstall zsh using RPM
Troubleshoot and repair a package using RPM verification
Upgrade the kernel using RPM
Install the XFCE desktop environment using YUM
Create and test a custom YUM repository
Crate a custom YUM repository for installing software
Setup CUPS print queues using: system-config-printer, lpadmin, and the CUPS web interface
Modify a kickstart file using a text editor
Create a kickstart file using ksconfig
Start an install using a pre made kickstart file
Booting Linux on PCs
LILO Options
GRUB Configuration
Kernel Boot Parameters
/sbin/init
System init Styles
/etc/inittab
rc.sysinit
/etc/init.d and /etc/rcX.d
rc
Typical SysV Init Script
The rc.local file
Managing Daemons
Controlling Startup Services
Shutdown and Reboot
Lab 4 - Boot ProcessLILO Options
GRUB Configuration
Kernel Boot Parameters
/sbin/init
System init Styles
/etc/inittab
rc.sysinit
/etc/init.d and /etc/rcX.d
rc
Typical SysV Init Script
The rc.local file
Managing Daemons
Controlling Startup Services
Shutdown and Reboot
Use GRUB to boot into single user mode
Modify kernel/init parameters in GRUB
Explore the GRUB interface
Attach to the /boot filesystem and display the contents of the grub/grub.conf file
Set a GRUB password
Modify the lilo.conf creating a new stanza that passes kernel parameters
Section 5 User/Group Administration and NFSModify kernel/init parameters in GRUB
Explore the GRUB interface
Attach to the /boot filesystem and display the contents of the grub/grub.conf file
Set a GRUB password
Modify the lilo.conf creating a new stanza that passes kernel parameters
User/Group Concepts
User Private Group Scheme
User Administration
Modifying Accounts
Group Administration
Password Aging
Default User Files
Controlling Logins
PAM, PAM Services, and PAM Control Statements
su, Wheel, and sudo
DS Client Configuration
File Sharing via NFS
NFS Server Configuration
NFS Clients
Automounting Filesystems
Lab 5 - User AdministrationUser Private Group Scheme
User Administration
Modifying Accounts
Group Administration
Password Aging
Default User Files
Controlling Logins
PAM, PAM Services, and PAM Control Statements
su, Wheel, and sudo
DS Client Configuration
File Sharing via NFS
NFS Server Configuration
NFS Clients
Automounting Filesystems
Customize /etc/skel
Add new users and manage password aging
Set up wheel group behavior for su
Configure a project directory to take advantage of the user private group scheme
Configure autofs to access an NFS export
Configure NIS client as part of the domain
Configure autofs to mount home directories
Switch to using LDAP for authentication
Setup an NFS server and export directories
Section 6 Filesystem AdministrationAdd new users and manage password aging
Set up wheel group behavior for su
Configure a project directory to take advantage of the user private group scheme
Configure autofs to access an NFS export
Configure NIS client as part of the domain
Configure autofs to mount home directories
Switch to using LDAP for authentication
Setup an NFS server and export directories
Partition Tables
File System Creation
Mounting File Systems
Filesystem Maintenance
Persistent Block Devices
udev
Resizing Filesystems
File Deletion and Undeletion
Swap
Disk Usage
Configuring Disk Quotas
Checking Disk Quotas
Filesystem Attributes
File Access Control Lists
Manipulating FACLs
Viewing FACLs
Backing Up FACLs
Backup Hardware, Software, and Examples
Tape Libraries
Lab 6 - Filesystem AdminFile System Creation
Mounting File Systems
Filesystem Maintenance
Persistent Block Devices
udev
Resizing Filesystems
File Deletion and Undeletion
Swap
Disk Usage
Configuring Disk Quotas
Checking Disk Quotas
Filesystem Attributes
File Access Control Lists
Manipulating FACLs
Viewing FACLs
Backing Up FACLs
Backup Hardware, Software, and Examples
Tape Libraries
Create and activate additional swap space
Configure and test disk quotas on the /tmp filesystem
Backup files using tar and cpio over ssh
Backup files using rsync over ssh
Backup and restore files with dump and restore
Create and test an ISO9660 image
Section 7 - LVM and RaidConfigure and test disk quotas on the /tmp filesystem
Backup files using tar and cpio over ssh
Backup files using rsync over ssh
Backup and restore files with dump and restore
Create and test an ISO9660 image
Logical Volume Management
Implementing LVMs
Manipulating VGs and LVs
Advanced LVM Concepts
Graphical LVM Tool
RAID Concepts, Tools, and Implementation
RAID Monitoring/Control
Lab 7 - RAID and LVMImplementing LVMs
Manipulating VGs and LVs
Advanced LVM Concepts
Graphical LVM Tool
RAID Concepts, Tools, and Implementation
RAID Monitoring/Control
Use command line tools to partition free space
Configure software RAID-5 with a hot spare
Fail a member device of the array, examine the automatic recovery using the hot-spare
Fail another member device testing RAID-5
Remove failed member devices, add new devices to array, examine the recovery of array
Partition the drive and create LVM Physical Volumes
Create a LVM Volume Group and Logical Volume to hold website content
Verify the operation of LVM snapshots
Extend and grow the Logical Volume and the ext3 filesytem
Section 8 Task Automation & Process AccountingConfigure software RAID-5 with a hot spare
Fail a member device of the array, examine the automatic recovery using the hot-spare
Fail another member device testing RAID-5
Remove failed member devices, add new devices to array, examine the recovery of array
Partition the drive and create LVM Physical Volumes
Create a LVM Volume Group and Logical Volume to hold website content
Verify the operation of LVM snapshots
Extend and grow the Logical Volume and the ext3 filesytem
Automating Tasks
at / batch
at Access Control
cron, crontab, and crontab Format
/etc/cron.* Directories
anacron
Viewing Processes
Managing Processes
System Logging
/etc/syslog.conf
Log Management
Log Anomaly Detector
Process Accounting
Using Process Accounting
Limiting System Resources
System Status - Memory, I/O, and, CPU
sar
Lab 8 - Cron & Process Adminat / batch
at Access Control
cron, crontab, and crontab Format
/etc/cron.* Directories
anacron
Viewing Processes
Managing Processes
System Logging
/etc/syslog.conf
Log Management
Log Anomaly Detector
Process Accounting
Using Process Accounting
Limiting System Resources
System Status - Memory, I/O, and, CPU
sar
Create and edit user cron jobs
Add a system-wide cron task to /etc/cron.hourly
Install and configure process accounting
Enable and set process limits
Remove cron jobs created in previous tasks
Section 9 Client NetworkingAdd a system-wide cron task to /etc/cron.hourly
Install and configure process accounting
Enable and set process limits
Remove cron jobs created in previous tasks
Linux Network Interfaces
Ethernet Hardware Tools
Runtime configuration change
Configuring Routing Tables
ARP
Advanced Configuration
Starting and Stopping Interfaces
Virtual IP Interfaces
Enabling IPv6
Interface Bonding
802.1q VLANS
Network Profiles and ifup
IP Stack Configuration
DNS Clients
Network Services via DHCP
DHCP Clients
dhcpd.conf Syntax
Red Hat Configuration Tools
Network Diagnostics
Point-to-Point Protocol
PPP Configuration Files, Chat, and Secrets Files
Lab 9 - Client NetworkingEthernet Hardware Tools
Runtime configuration change
Configuring Routing Tables
ARP
Advanced Configuration
Starting and Stopping Interfaces
Virtual IP Interfaces
Enabling IPv6
Interface Bonding
802.1q VLANS
Network Profiles and ifup
IP Stack Configuration
DNS Clients
Network Services via DHCP
DHCP Clients
dhcpd.conf Syntax
Red Hat Configuration Tools
Network Diagnostics
Point-to-Point Protocol
PPP Configuration Files, Chat, and Secrets Files
Enable static configuration
Configure a virtual interface and verify connectivity through the new interface
Verify Link-Local IPv6 connectivity
Configure and test Site-Local connectivity
Section 10 The X Window SystemConfigure a virtual interface and verify connectivity through the new interface
Verify Link-Local IPv6 connectivity
Configure and test Site-Local connectivity
The X Window System
Xorg
Configuring X
X Fonts
Using Fonts
Display Manager Selection
XDMCP
Using Unix Remotely
X Security
Specialized X Servers
Starting X Apps Automatically
Lab 10 - XXorg
Configuring X
X Fonts
Using Fonts
Display Manager Selection
XDMCP
Using Unix Remotely
X Security
Specialized X Servers
Starting X Apps Automatically
Change your display manager to gdm
Enable XDMCP to support remote desktop login
Configure VNC to accept incoming connections
Launch a program by creating a script in the /etc/X11/xinit/xinitrc.d/ directory
Start a custom X session by modifying the ~/.xinitrc file
Secure X for use in a public kiosk
Test and verify that the special key sequences are disabled
Section 11 Security ConceptsEnable XDMCP to support remote desktop login
Configure VNC to accept incoming connections
Launch a program by creating a script in the /etc/X11/xinit/xinitrc.d/ directory
Start a custom X session by modifying the ~/.xinitrc file
Secure X for use in a public kiosk
Test and verify that the special key sequences are disabled
Security Concepts
Tightening Default Security
Staying Current
Using up2date
Security Advisories
SELinux Secuity Framework
Choosing a SELinux Policy
SELinux Commands
Booleans
Graphical Policy Tools
inetd / xinetd
Xinetd Features
TCP Wrappers
hosts.allow & hosts.deny
hosts.* Syntax Shortcuts
Advanced TCP Wrappers
Basic Firewall Activation
Stateful Packet Filter: iptables
Netfilter Rule Syntax
Targets
Common match_specs
Stateless Firewall Example
Connection Tracking
Stateful Firewall Example
Lab 11 - Security LabTightening Default Security
Staying Current
Using up2date
Security Advisories
SELinux Secuity Framework
Choosing a SELinux Policy
SELinux Commands
Booleans
Graphical Policy Tools
inetd / xinetd
Xinetd Features
TCP Wrappers
hosts.allow & hosts.deny
hosts.* Syntax Shortcuts
Advanced TCP Wrappers
Basic Firewall Activation
Stateful Packet Filter: iptables
Netfilter Rule Syntax
Targets
Common match_specs
Stateless Firewall Example
Connection Tracking
Stateful Firewall Example
Examine current system
Configure Xinetd to provide a variety of limits for connecting to services
Configure a sensor to log connection attempts
Use TCP Wrappers to secure various services
Use the Netfilter stateful packet filtering to better protect the system
Section 12 Linux Kernel CompilationConfigure Xinetd to provide a variety of limits for connecting to services
Configure a sensor to log connection attempts
Use TCP Wrappers to secure various services
Use the Netfilter stateful packet filtering to better protect the system
Why Compile?
Getting Kernel Source
Preparing to Compile
Configuring the Kernel
General Options
Disk Configuration
Network Configuration
Expansion Port Configuration
Multimedia Configuration
Kernel Documentation
RH 2.4 Kernel Extensions
Compiling the Kernel
Compile and Install Modules
Installing the Kernel
Tips and Tricks
Lab 12 - Kernel CompilationGetting Kernel Source
Preparing to Compile
Configuring the Kernel
General Options
Disk Configuration
Network Configuration
Expansion Port Configuration
Multimedia Configuration
Kernel Documentation
RH 2.4 Kernel Extensions
Compiling the Kernel
Compile and Install Modules
Installing the Kernel
Tips and Tricks
Build, test, and install a new driver for the currently running kernel
Patch the Linux kernel source to add support for a new device
Compile and install a custom Linux kernel
Section 13 TroubleshootingPatch the Linux kernel source to add support for a new device
Compile and install a custom Linux kernel
Basic Troubleshooting
Gathering Information
Information from df and mount
Information from Log Files
Information Regarding Network Settings
Information from ps, chkconfig, dmesg, w, and netstat
Useful Debugging Aids
Common Problems
Incorrect File Permissions
Inability To Boot
Corrupt File Systems
Typos in Configuration Files
Disks Full?
Runaway Processes
Shared Libraries
The Rescue Environment
Lab 13 - TroubleshootingGathering Information
Information from df and mount
Information from Log Files
Information Regarding Network Settings
Information from ps, chkconfig, dmesg, w, and netstat
Useful Debugging Aids
Common Problems
Incorrect File Permissions
Inability To Boot
Corrupt File Systems
Typos in Configuration Files
Disks Full?
Runaway Processes
Shared Libraries
The Rescue Environment
Explore troubleshooting and disaster recovery on non-mission-critical machines
Practive troubleshooting common system and daemon errors
Practive troubleshooting common system and daemon errors
