Red Hat Enterprise Linux 5 Administration Unleashed

More documents

Recommendations

Info

Tracing a Process with Audit 521LISTING 25.8Continuedtype=USER_END msg=audit(1145210930.022:2025): user pid=30718 uid=0auid=4294967295 msg=’PAM: session close acct=root : exe=”/usr/bin/sudo”(hostname=?, addr=?, terminal=pts/3 res=success)’----time->Fri Dec 1 05:01:01 2006type=CRED_ACQ msg=audit(1145249595.972:2482): user pid=2062 uid=0auid=4294967295 msg=’PAM: setcred acct=root : exe=”/usr/bin/sudo”(hostname=?, addr=?, terminal=pts/6 res=success)’----time->Fri Dec 1 06:01:01 2006type=USER_START msg=audit(1145249595.972:2483): user pid=2062 uid=0auid=4294967295 msg=’PAM: session open acct=root : exe=”/usr/bin/sudo”(hostname=?, addr=?, terminal=pts/6 res=success)’----time->Fri Dec 1 09:01:01 2006type=USER_END msg=audit(1145249595.972:2484): user pid=2062 uid=0auid=4294967295 msg=’PAM: session close acct=root : exe=”/usr/bin/sudo”(hostname=?, addr=?, terminal=pts/6 res=success)’25Tracing a Process with AuditThe autrace utility can be used to generate audit records from a specific process. No otherrules or watches can be enabled while autrace is running. As with the other audit utilities,autrace must be run as root. To audit trace a process, use the following steps:1. Temporarily turn off all rules and watches:auditctl -D2. (Optional) To isolate the audit records from the process, force a log file rotation:service auditd rotateThe logs for the autrace will be in /var/log/audit/audit.log.3. Execute autrace on the command:autrace 4. Wait until the process is complete. A message similar to the following will bedisplayed:Trace complete. You can locate the records with ‘ausearch -i -p 10773’5. Restart the audit daemon to re-enable the rules and watches:service auditd restart6. Use ausearch to display details about the trace.
Page 2:
Tammy FoxRed Hat ®Enterprise Linux
Page 6:
Contents at a GlanceIntroduction ..
Page 10:
Table of ContentsIntroduction 1Part
Page 14:
ContentsviiConfiguring the Runlevel
Page 18:
ContentsixHow It All Works.........
Page 22:
ContentsxiLogging Samba Connections
Page 26:
ContentsxiiiPart V Monitoring and T
Page 30:
ContentsxvStarting and Stopping the
Page 34:
About the AuthorTammy Fox has been
Page 38:
We Want to Hear from You!As the rea
Page 42:
IntroductionSo you’ve decided to
Page 46:
Introduction 3Part III: System Admi
Page 50:
Introduction 5Feedback and Correcti
Page 54:
PART IInstallation andConfiguration
Page 58:
CHAPTER 1Installing Red HatEnterpri
Page 62:
Creating the Installation Source 11
Page 66:
Creating the Installation Source 13
Page 70:
Starting the Installation 15Startin
Page 74:
Performing the Installation 17If Ha
Page 78:
Performing the Installation 19A boo
Page 82:
Performing the Installation 21As a
Page 86:
Performing the Installation 23NOTEA
Page 90:
Performing the Installation 256. Op
Page 94:
Performing the Installation 274. Cr
Page 98:
Performing the Installation 291FIGU
Page 102:
Installing with Kickstart 31Creatin
Page 106:
Installing with Kickstart 33Basic S
Page 110:
Installing with Kickstart 35--bootp
Page 114:
Installing with Kickstart 37--initl
Page 118:
Installing with Kickstart 39--maxsi
Page 122:
Installing with Kickstart 41. zfcpO
Page 126:
Installing with Kickstart 43. reboo
Page 130:
Installing with Kickstart 45--drive
Page 134:
Installing with Kickstart 47Use a s
Page 138:
Installing with Kickstart 49Use thi
Page 142:
Installing with Kickstart 51. NFS s
Page 146:
Installing with PXE 53Now, you shou
Page 150:
Performing an Upgrade 55Configuring
Page 154:
CHAPTER 2Post-InstallationConfigura
Page 158:
Red Hat Setup Agent 592FIGURE 2.2En
Page 162:
Red Hat Setup Agent 612FIGURE 2.5Se
Page 166:
Red Hat Setup Agent 63After you hav
Page 170:
Network Configuration 652FIGURE 2.1
Page 174:
Network Configuration 67The /etc/ho
Page 178:
Printer Configuration 69CAUTIONIf a
Page 182:
Printer Configuration 712FIGURE 2.1
Page 186:
Printer Configuration 732FIGURE 2.1
Page 190:
Printer Configuration 75If the prin
Page 194:
Adding Boot Parameters 77LISTING 2.
Page 198:
CHAPTER 3Operating SystemUpdatesThi
Page 202:
Assigning Users for the RHN Website
Page 206:
Using System Groups on the RHN Webs
Page 210:
Retrieving Software from RHN with Y
Page 214:
Page 218:
Page 222:
Page 226:
Page 230:
Summary 95CAUTIONAlthough the -y op
Page 234:
PART IIOperating System CoreConcept
Page 238:
CHAPTER 4Understanding LinuxConcept
Page 242:
Learning the Desktop 1014FIGURE 4.1
Page 246:
Shell Basics 103TABLE 4.1Continued/
Page 250:
Shell Basics 105To remove a directo
Page 254:
Shell Basics 107every command you h
Page 258:
Shell Basics 109Reading Text FilesS
Page 262:
Manual Pages 111Manual PagesOne gre
Page 266:
Editing Text Files 113Vi EditorThe
Page 270:
Editing Text Files 115A text versio
Page 274:
File Permissions 117As you can prob
Page 278:
Initialization Scripts 1194FIGURE 4
Page 282:
Runlevels 121The default runlevel i
Page 286:
Summary 123FIGURE 4.12ntsysv4Summar
Page 290:
CHAPTER 5Working with RPMSoftwareA
Page 294:
Installing Software 127Finding the
Page 298:
Installing Software 129After verify
Page 302:
Updating Software 131perform as wel
Page 306:
Verifying Software Files 133package
Page 310:
Building RPM Packages 135example, i
Page 314:
Building RPM Packages 137such as yo
Page 318:
Building RPM Packages139LISTING 5.9
Page 322:
Building RPM Packages 141%filesThe
Page 326:
Building RPM Packages 143Creating t
Page 330:
Building RPM Packages 145LISTING 5.
Page 334:
Building RPM Packages 147You are pr
Page 338:
Summary 149When installing the exam
Page 342:
CHAPTER 6Analyzing HardwareSimilar
Page 346:
Listing Devices 153LISTING 6.1Conti
Page 350:
Listing Devices 155LISTING 6.5Verbo
Page 354:
Detecting Hardware157LISTING 6.7Con
Page 358:
Gathering Information from the BIOS
Page 362:
Gathering Information from the BIOS
Page 366:
Listing and Configuring Kernel Modu
Page 370:
HAL 165HALIf the kernel knows about
Page 374:
CHAPTER 7Managing StorageManaging s
Page 378:
Understanding Partitioning 169Creat
Page 382:
Understanding LVM 171such as:mount
Page 386:
Understanding LVM 173To increase th
Page 390:
Understanding LVM 175Use the lvcrea
Page 394:
Understanding LVM 177the final numb
Page 398:
Understanding RAID 179If a snapshot
Page 402:
Understanding RAID 181LISTING 7.7Cr
Page 406:
Understanding RAID 183Device Size :
Page 410:
Using Access Control Lists 185Under
Page 414:
Using Access Control Lists 187. For
Page 418:
Using Disk Quotas 189Removing ACLsT
Page 422:
Using Disk Quotas 191If it is unabl
Page 426:
Summary 193This grace period is use
Page 430:
CHAPTER 864-Bit, Multi-Core, andHyp
Page 434:
Multi-Core Processors 197Duplicate
Page 438:
Multi-Core Processors 199LISTING 8.
Page 442:
Processors with Hyper-Threading Tec
Page 446:
PART IIISystem AdministrationIN THI
Page 450:
CHAPTER 9Managing Users andGroupsIN
Page 454:
Managing Users 207FIGURE 9.1List of
Page 458:
Managing Users 209TABLE 9.1Options
Page 462:
Managing Groups 211TABLE 9.3 Contin
Page 466:
Managing Groups 213Deleting GroupsT
Page 470:
How It All Works 215If shadow passw
Page 474:
Best Practices 217Managing Username
Page 478:
Summary 219If your company is quite
Page 482:
CHAPTER 10Techniques for Backupand
Page 486:
Using Amanda for Backups 223. Do mu
Page 490:
Using Amanda for Backups 225Table 1
Page 494:
Using Amanda for Backups 227Setting
Page 498:
Using Amanda for Backups229TABLE 10
Page 502:
Using Amanda for Backups 231As you
Page 506:
Other Linux Backup Utilities 233com
Page 510:
Recovery and Repair 235Rescue ModeR
Page 514:
Recovery and Repair 237Once in sing
Page 518:
CHAPTER 11Automating Taskswith Scri
Page 522:
Writing Scripts with Bash 241TIPThe
Page 526:
Writing Scripts with Bash 243TABLE
Page 530:
Writing Scripts with Bash 245TABLE
Page 534:
Additional Scripting Languages 247T
Page 538:
Scheduling Tasks with Cron 249LISTI
Page 542:
Scheduling Tasks with Cron 251The f
Page 546:
PART IVNetwork ServicesIN THIS PART
Page 550:
CHAPTER 12Identity ManagementManagi
Page 554:
Enabling NIS 257. optional: Results
Page 558:
Enabling NIS 259TIPLog messages for
Page 562:
Enabling NIS 261/var/yp/nicknames f
Page 566:
Enabling NIS 263To accept requests
Page 570:
Enabling NIS 265Because the lines t
Page 574:
Enabling LDAP 267Level and Firewall
Page 578:
Enabling LDAP 269LISTING 12.3Contin
Page 582:
Enabling LDAP 271LISTING 12.6Contin
Page 586:
Enabling LDAP 273LISTING 12.7Modify
Page 590:
Enabling LDAP 275LISTING 12.8Defaul
Page 594:
Enabling LDAP 277Many applications
Page 598:
Enabling Kerberos 279Configuring th
Page 602:
Enabling Kerberos 281Principals mus
Page 606:
Enabling Kerberos 283In the ACL fil
Page 610:
Enabling SMB or Winbind Authenticat
Page 614:
Enabling with Authentication Tool 2
Page 618:
Page 622:
Page 626:
CHAPTER 13Network File SharingIN TH
Page 630:
Network File System 295The SELinux
Page 634:
Network File System 297On the Basic
Page 638:
Network File System 299Editing and
Page 642:
Network File System 301FIGURE 13.4A
Page 646:
Network File System 303update the c
Page 650:
Samba File Sharing 305To verify tha
Page 654:
Samba File Sharing 307FIGURE 13.6Sa
Page 658:
Samba File Sharing 309Clicking OK s
Page 662:
Samba File Sharing 311If users will
Page 666:
Samba File Sharing 313LISTING 13.6C
Page 670:
Samba File Sharing 315If you know t
Page 674:
Samba File Sharing 317TABLE 13.2Con
Page 678:
CHAPTER 14Granting NetworkConnectiv
Page 682:
Configuring the Server 321Chapter 3
Page 686:
Configuring the Server 323LISTING 1
Page 690:
Summary 325This argument is useful
Page 694:
CHAPTER 15Creating a Web Serverwith
Page 698:
Configuring the Server 329FIGURE 15
Page 702:
Configuring the Server 331ListenSec
Page 706:
Configuring the Server 333where is
Page 710:
Configuring the Server 335virtual h
Page 714:
Summary 337Starting and Stopping th
Page 718:
CHAPTER 16Hostname Resolutionwith B
Page 722:
Configuring BIND 341Install the bin
Page 726:
Configuring BIND 343. masters: List
Page 730:
Configuring BIND 345Configuring Vie
Page 734:
Configuring BIND 347The default-por
Page 738:
Configuring BIND Graphically 349Sta
Page 742:
Logging Connections 351FIGURE 16.2I
Page 746:
Logging Connections 353Only the fil
Page 750:
CHAPTER 17Securing Remote Loginswit
Page 754:
Configuring the Server 357key. If a
Page 758:
Connecting from the Client 359If th
Page 762:
Connecting from the Client 361It is
Page 766:
Connecting from the Client 363Remem
Page 770:
Connecting from the Client 365After
Page 774:
CHAPTER 18Setting Up an EmailServer
Page 778:
Understanding Email Concepts 369Sen
Page 782:
Configuring Sendmail 371. local-hos
Page 786:
Configuring Sendmail 373LISTING 18.
Page 790:
Using POP and IMAP 375By default, t
Page 794:
Allowing Email Connections 377LISTI
Page 798:
CHAPTER 19Explaining OtherCommon Ne
Page 802:
The xinetd Super Server 381LISTING
Page 806:
The xinetd Super Server 383LISTING
Page 810:
The xinetd Super Server 385. A patt
Page 814:
Transferring Files with FTP 387. pe
Page 818:
Transferring Files with FTP 389TABL
Page 822:
Transferring Files with FTP 391TABL
Page 826:
Transferring Files with FTP 393To d
Page 830:
Keeping Accurate Time with NTP 395K
Page 834:
Keeping Accurate Time with NTP 397A
Page 838:
Creating a Network Printer with CUP
Page 842:
PART VMonitoring and TuningIN THIS
Page 846:
CHAPTER 20Monitoring SystemResource
Page 850:
Reporting Filesystem Usage 405To vi
Page 854:
Reporting Disk Performance 407TIPNa
Page 858:
Reporting Disk Performance 409/usr/
Page 862:
Reporting System Processes 411TABLE
Page 866:
Reporting Memory Usage 413Reporting
Page 870:
Reporting on the Network Subsystem
Page 874:
Generating a System Report 417FIGUR
Page 878:
Viewing Log Files with Logwatch 419
Page 882:
Viewing Log Files with Logwatch 421
Page 886:
CHAPTER 21Monitoring and Tuningthe
Page 890:
Using the /proc Directory 425. /pro
Page 894:
Optimizing Virtual Memory 427TABLE
Page 898:
Optimizing Virtual Memory 429. vm.d
Page 902:
Managing Memory with NUMA 431If it
Page 906:
Saving Kernel Dumps for Analysis 43
Page 910:
Page 914:
Page 918:
Page 922:
Page 926:
Setting SMP IRQ Affinity 443Setting
Page 930:
Enabling NMI Watchdog for Locked Sy
Page 934:
Enabling NMI Watchdog for Locked Sy
Page 938:
CHAPTER 22Monitoring and TuningAppl
Page 942:
OProfile 451The performance monitor
Page 946:
OProfile 453TABLE 22.1Continuedppc6
Page 950:
OProfile 455To further customize th
Page 954:
OProfile 4573. Set up which process
Page 958:
Valgrind 459determine what processe
Page 962:
PART VISecurityIN THIS PARTCHAPTER
Page 966:
CHAPTER 23Protecting AgainstIntrude
Page 970:
Selecting an SELinux Mode 465CAUTIO
Page 974:
Selecting and Customizing the SELin
Page 978:
Working with Security Contexts 4692
Page 982:
Working with Security Contexts 471L
Page 986:
Working with Security Contexts 473L
Page 990:
Working with Security Contexts 475I
Page 994:
CHAPTER 24Configuring a FirewallAs
Page 998:
Selecting a Table and Command for I
Page 1002:
Using IPTables Match Extensions 481
Page 1006:
Page 1010:
Page 1014:
Page 1018:
Page 1022:
Page 1026:
Page 1030: Using IPTables Target Extensions 49
Page 1042: IPTables Examples 501. condrestart:
Page 1046: Enabling the Default Firewall 503As
Page 1050: CHAPTER 25Linux Auditing SystemThe
Page 1054: Configuring the Audit Daemon 507log
Page 1058: Writing Audit Rules and Watches 509
Page 1070: Starting and Stopping the Daemon 51
Page 1074: Analyzing the Records 517you must b
Page 1078: Analyzing the Records 519the result
Page 1084: 522CHAPTER 25Linux Auditing SystemS
Page 1088: This page intentionally left blank
Page 1092: 526APPENDIX AInstalling Proprietary
Page 1096: 528APPENDIX AInstalling Proprietary
Page 1100: 530APPENDIX BCreating Virtual Machi
Page 1132:
546APPENDIX BCreating Virtual Machi
Page 1136:
548APPENDIX CPreventing Security Br
Page 1140:
550APPENDIX CPreventing Security Br
Page 1144:
552APPENDIX DTroubleshootingQ. I di
Page 1148:
554APPENDIX DTroubleshootingQ. When
Page 1152:
556APPENDIX DTroubleshootingQ. I ne
Page 1156:
558APPENDIX DTroubleshootingSecurit
Page 1160:
560addingaddingdisk space to LVM, 1
Page 1164:
562autofsautofsconnecting NFS share
Page 1168:
564Configuration Administrator role
Page 1172:
566directivesdirectives/etc/httpd/c
Page 1176:
568Encrypt Passwords option (Samba
Page 1180:
570filesystemsfinding files in dire
Page 1184:
572helper match extension (IPTables
Page 1188:
574IPTablesconfiguring, 477examples
Page 1192:
576LDAP (Lightweight Directory Acce
Page 1196:
578loginssecure file transfers, 359
Page 1200:
580modulesmoduleskernel modulesinst
Page 1204:
582NFS (Network File System)server
Page 1208:
584passphrasespassphrasescreating v
Page 1212:
586Red Hat Network Provisioning, Li
Page 1216:
588scriptsscriptsAwk, 249Bash, 239c
Page 1220:
590sharesSambaadding to, 309adding
Page 1224:
592storageLVM schemes, 168-169remov
Page 1228:
594umount command, removing logical
Page 1232:
596vmstat command, reporting memory
show all

Red Hat Enterprise Linux 5 Administration Unleashed

Create successful ePaper yourself

Delete template?

Save as template?