3116_manual.pdf

www.novel l .comNovell Training Services

A U T H O R I Z E D C O U R S E WA R E

SUSE Linux Enterprise Server 11 SP2 AdministrationManual

3 1 1 6

Part # 100-005292-001-REV AVersion 1Novell, Inc. Copyright 2012-NO PRINTING, COPYING, OR DISTRIBUTION ALLOWED.

Legal NoticesNovell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.

Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.

Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. See the Novell International Trade Services Web page (http://www.novell.com/info/exports/) for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.

Copyright 2012 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.

Novell, Inc., has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed on the Novell Legal Patents Web page (http://www.novell.com/company/legal/patents/) and one or more additional patents or pending patent applications in the U.S. and in other countries.

Novell, Inc.1800 South Novell PlaceProvo, UT 84606U.S.A.www.novell.com

Online Documentation: To access the latest online documentation for this and other Novell products, see the Novell Documentation Web page (http://www.novell.com/documentation).

Novell TrademarksFor Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/legal/trademarks/tmlist.html).

Third-Party MaterialsAll third-party trademarks are the property of their respective owners.Novell, Inc. Copyright 2012-NO PRINTING, COPYING, OR DISTRIBUTION ALLOWED.

Contents

SUSE Linux Enterpr ise Server 11 SP2 Administration / Manual 1

Introduction 11

SECTION 1 Install SUSE Linux Enterprise Server 11 SP2 17

Objective 1 Perform a SLES 11 Installation 18Boot from the Installation Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Select the System Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Check the Installation Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22Select the Installation Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Set the Clock and Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Specify the Server Base Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Configure Installation Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Verify Partitioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28Select Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Start the Installation Process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44Set the root Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45Set the Hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46Configure the Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Test the Internet Connection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Configure Novell Customer Center Configuration and Online Update . . . . . . . . . 56Configure Network Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57Manage Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59Configure Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63Finalize the Installation Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64Installation of SLED 11 SP2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Exercise 1-1 Install SUSE Linux Enterprise Server 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Objective 2 Troubleshoot the Installation Process 67

Summary 69

SECTION 2 Manage System Initialization 71

Objective 1 Describe the Linux Load Procedure 72BIOS and Boot Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73initramfs (Initial RAM File System). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74init . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Objective 2 Manage GRUB (Grand Unified Bootloader) 76How a Boot Manager Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76Boot Managers in SUSE Linux Enterprise Server 11 SP2 . . . . . . . . . . . . . . . . . . 77Starting the GRUB Shell. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78Modifying the GRUB Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80Configure GRUB with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81Boot a System Directly into a Shell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

3Version 1

Exercise 2-1 Manage the Boot Loader. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Novell, Inc. Copyright 2012-NO PRINTING, COPYING, OR DISTRIBUTION ALLOWED.

SUSE Linux Enterprise Server 11 SP2 Administration / ManualObjective 3 Manage Runlevels 91The init Program and Linux Runlevels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91init Scripts and Runlevel Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95Change the Runlevel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Exercise 2-2 Manage Runlevels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Summary 108

SECTION 3 Administer Linux Processes 109

Objective 1 Describe How Linux Processes Work 110Process-Related Terms and Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110Jobs and Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Objective 2 Manage Linux Processes 113Managing Foreground and Background Processes . . . . . . . . . . . . . . . . . . . . . . . . 113Viewing and Prioritizing Processes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115Ending a Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121How Services (Daemons) Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124Managing a Daemon Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Exercise 3-1 Manage Linux Processes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Summary 127

SECTION 4 Administer the Linux File System 129

Objective 1 Select a Linux File System 130Linux File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130Virtual Filesystem Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Linux File System Internals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133File System Journaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

Objective 2 Configure Linux File System Partitions 141Linux Device and Partition Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141Design Guidelines for Implementing Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . 143Manage Partitions with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144Manage Partitions with fdisk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Objective 3 Manage Linux File Systems 152Create a File System with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152Create a File System with Command Line Tools . . . . . . . . . . . . . . . . . . . . . . . . . 155Mount File Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Exercise 4-1 Configure Partitions on your Hard Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162Monitor and Maintain File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Exercise 4-2 Manage File Systems from the Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Objective 4 Configure Logical Volume Manager (LVM) and Software RAID 171Understand VM Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Understand LVM Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172Configure Logical Volumes with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173Configure LVM with Command Line Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177Manage Software RAID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

Exercise 4-3 Create Logical Volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 14


Objective 5 Set Up and Configure Disk Quotas 183Prepare the File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184Initialize the Quota System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184Start and Activate the Quota Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185Configure and Manage User and Group Quotas. . . . . . . . . . . . . . . . . . . . . . . . . . 185

Exercise 4-4 Set up and Configure Disk Quotas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Summary 189

SECTION 5 Configure the Network 191

Objective 1 Understand Linux Network Terms 192

Objective 2 Manage the Network Configuration Information from YaST 193Global Options Tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Overview Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194Hostname/DNS Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Routing Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198General Tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

Objective 3 Set Up Network Interfaces with the ip Tool 201Display the Current Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201Change the Current Network Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204Save Device Settings to a Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205

Objective 4 Set Up Routing with the ip Tool 208View the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Add Routes to the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209Delete Routes from the Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Save Routing Settings to a Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Objective 5 Test the Network Connection with Command Line Tools 211Test Network Connections with ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211Trace Network Packets with traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

Exercise 5-1 Configure the Network Connection Manually . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

Objective 6 Configure the Hostname and Name Resolution 215Set the Host and Domain Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215Configure Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

SECTION 6 Manage Hardware 219

Objective 1 Describe How Device Drivers Work in Linux 220The Difference Between Devices and Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 220How Device Drivers Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220How Device Drivers Are Loaded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

Objective 2 Manage Kernel Modules Manually 223Kernel Module Basics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223Managing Modules from the Command Line. . . . . . . . . . . . . . . . . . . . . . . . . . . . 223The modprobe Configuration File (/etc/modprobe.conf). . . . . . . . . . . . 225

Exercise 6-1 Manage Linux Kernel Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

5Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualObtain Hardware Configuration Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226Exercise 6-2 Obtain Hardware Configuration Information in YaST . . . . . . . . . . . . . . . . . . . . . 229

Objective 3 Describe the sysfs File System 230

Objective 4 Describe how udev Works 232The Purpose of udev . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232How udev Works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232Persistent Interface Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Exercise 6-3 Modify udev Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

Summary 236

SECTION 7 Configure Remote Access 239

Objective 1 Provide Secure Remote Access with OpenSSH 240Cryptography Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240SSH Features and Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242Configure the SSH Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249Configure the SSH Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249SSH-Related Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

Exercise 7-1 Practice Using OpenSSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254Public Key Authentication Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

Exercise 7-2 Perform Public Key Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

Objective 2 Enable Remote Administration with YaST 259VNC and YaST Remote Administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Configure Your Server for Remote Administration . . . . . . . . . . . . . . . . . . . . . . . 260Access Your Server for Remote Administration. . . . . . . . . . . . . . . . . . . . . . . . . . 261

Exercise 7-3 Use Remote Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264

Objective 3 Access Remote Desktops Using Nomad 265How RDP Works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265How Nomad Works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266Installing and Configuring RDP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Accessing the Server Remotely with Nomad . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Troubleshooting Common Nomad Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

Exercise 7-4 Use Nomad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274

Summary 275

SECTION 8 Monitor SUSE Linux Enterprise Server 11 SP2 277

Objective 1 Monitor a SUSE Linux Enterprise Server 11 SP2 System 278Gathering Boot Log Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279Viewing Hardware Information in /proc/. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282Gathering Hardware Information Using Command Line Utilities . . . . . . . . . . . . 285Gathering System and Process Information from the Command Line . . . . . . . . . 287Monitoring Hard Drive Space Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

Exercise 8-1 Gather Information on Your SLES 11 Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . 291Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 16


Objective 2 Use System Logging Services 292Configuring the Syslog Daemon (syslog-ng) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292Viewing Commonly Used Linux Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297Archiving Log Files with logrotate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298

Exercise 8-2 Manage System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301

Objective 3 Monitor Login Activity 302

Summary 306

SECTION 9 Automate Tasks 307

Objective 1 Schedule Jobs with cron 308crontab File Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308Defining System Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309Defining User Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

Objective 2 Schedule Jobs with at 313Exercise 9-1 Schedule Jobs with cron and at. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315

Summary 316

SECTION 10 Manage Backup and Recovery 317

Objective 1 Develop a Backup Strategy 318Choosing a Backup Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318Choosing a Backup Media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320Defining a Backup Schedule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321Determining What to Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

Objective 2 Back Up Files with YaST 322Back Up System Data with YaST. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322Restore System Data with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327

Exercise 10-1 Back up Files with YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

Objective 3 Create Backups with tar 332Creating tar Archives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332Unpacking tar Archives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333Excluding Files from Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333Performing Incremental and Differential Backups . . . . . . . . . . . . . . . . . . . . . . . . 334Using tar Command Line Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Exercise 10-2 Create Backup Files with tar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

Objective 4 Create Backups on Magnetic Tape 337

Objective 5 Use the snapper Tool 339Understand Snapper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339Configure Snapper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340Administer Snapper Snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341

Exercise 10-3 Work with Snapper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Objective 6 Copy Data with dd 347Exercise 10-4 Create Drive Images with dd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

7Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualObjective 7 Mirror Directories with rsync 350Using rsync to Create a Local Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350Using rsync to Create a Remote Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351

Exercise 10-5 Backup a Home Directory with rsync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

Objective 8 Automate Data Backups with cron 354Exercise 10-6 Configure a cron Job for Data Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Summary 356

SECTION 11 Administer User Access and System Security 359

Objective 1 Configure User Authentication with PAM 360How PAM Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360PAM Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361PAM Configuration File Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362PAM Configuration File Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365Secure Password Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367PAM Documentation Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367

Exercise 11-1 Configure PAM Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368

Objective 2 Manage and Secure the Linux User Environment 369Manage Use of root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369Delegate Administrative Tasks with sudo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370

Exercise 11-2 Configure sudo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374Set Defaults for New User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374Configure Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375

Exercise 11-3 Configure the Password Security Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385

Objective 3 Use Access Control Lists (ACLs) for Advanced Access Control 386How ACLs Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386Basic ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387ACL Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388ACL Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388How ACLs and Permission Bits Map to Each Other . . . . . . . . . . . . . . . . . . . . . . 389Using ACL Command Line Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391Configuring a Directory with an Access ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . 391Configuring a Directory with a Default ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394Using Additional setfacl Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396ACL Check Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397How Applications Handle ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397

Exercise 11-4 Use ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398

Objective 4 Implement a Packet-Filtering Firewall with SuSEfirewall2 399How Packet-Filtering Firewalls Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399Configuring a Packet Filtering Firewall on SUSE Linux Enterprise 11 . . . . . . . . 399

Exercise 11-5 Configure SuSEfirewall2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

Summary 405Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 18


SECTION 12 Course 3101 and 3102 LPIC-1 Addendum 407

Objective 1 Use Debian Package Management 413Debian Linux basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413Manage Software Packages Using apt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414Managing Software Packages Using dpkg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416

Objective 2 YUM Package Management 418YUM Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418YUM: /etc/yum.conf and /etc/yum.repos.d/ . . . . . . . . . . . . . . . . . 419Using yumdownloader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

Objective 3 SQL Data Management 424Manipulate data in an SQL database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424Query an SQL database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427

Objective 4 Install and Configure X11 432X11 Installation, Video Card and Monitor Requirements . . . . . . . . . . . . . . . . . . 432Understanding the X Font Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . 436Understanding the X Window Configuration File . . . . . . . . . . . . . . . . . . . . . . . . 438

Objective 5 Message Transfer Agent (MTA) Basics 441Understanding Linux MTA programs: sendmail . . . . . . . . . . . . . . . . . . . . . . . . . 441Understanding Linux MTA programs: postfix . . . . . . . . . . . . . . . . . . . . . . . . . . 442Understanding newaliases, qmail, and exim . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443Using mail, mailq, ~/.forward, and aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446sendmail emulation layer commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453

Objective 6 Fundamentals of TCP-IP (dig) 458Use dig to Perform a DNS Lookup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458List of Syntax and Query Options for dig. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461Using dig Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463

Summary 474

APPENDIX A Live Fire Exercise (Optional) 485Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

9Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualCopying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 110


IntroductionIntroduction

SUSE Linux Enterprise 11 SP2 Administration (Course 3116) focuses on the routine system administration of SUSE Linux Enterprise Server (SLES) 11 SP2.

This course covers common tasks a system administrator of SUSE Linux Enterprise 11 SP2 has to perform, such as installing and configuring the system, maintaining the file system, managing software, managing processes, and managing printing.

These skills, along with those taught in SUSE Linux Enterprise Server 11 SP2 Fundamentals (Course 3115), prepare you to take the Novell Certified Linux Administrator 11 (Novell CLA 11) certification test.

The following topics are addressed here:

Course Objectives on page 11

Audience on page 12

Certification and Prerequisites on page 12

SUSE Linux Enterprise 11 SP2 Support and Maintenance on page 12

Novell Customer Center on page 13

SUSE Linux Enterprise Server 11 SP2 Online Resources on page 13

Agenda on page 13

Scenario on page 14

Exercise Conventions on page 15

Course Objectives

This course teaches theory as well as practical application with hands-on labs for the following topics:

1. Install SUSE Linux Enterprise Server 11 SP2

2. Manage system initialization

3. Administer Linux processes and services

4. Administer storage

5. Configure the network

6. Manage hardware

7. Configure remote access

8. Monitor an SUSE Linux Enterprise 11 SP2 system

9. Automate tasksCopying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

11Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / Manual10. Manage backup and recovery

11. Administer user access and security

These are tasks a SUSE Linux administrator in an enterprise environment routinely has to deal with.

Audience

This course is designed for system administrators who want to become familiar with the Linux operating system. Its also ideal for students who want to begin preparing for the Novell Certified Linux Administrator 11 Exam.

Certification and Prerequisites

This course helps you prepare for the Novell Certified Linux Administrator 11 (CLA 11) exam. The Novell CLA 11 is a prerequisite for the higher-level certifications Novell CLP 11 and CLE 11.

As with all Novell certifications, taking the authorized Novell course is the recommended means for preparing for the exam. The exam tests you on the objectives covered in:

SUSE Linux Enterprise Server 11 SP2 Fundamentals (Course 3115).

SUSE Linux Enterprise Server 11 SP2 Administration (Course 3116).

NOTE: For more information about Novell certification programs and taking Novell exams, see http://www.novell.com/training/certinfo/.

Accordingly, before taking this course, you should first attend SUSE Linux Enterprise Server 11 SP2 Fundamentals (Course 3115).

SUSE Linux Enterprise 11 SP2 Support and Maintenance

The copies of SLES 11 SP2 and SLED 11 SP2 you received in your student kit are fully functioning versions of the SUSE Linux Enterprise 11 SP2 product line.

However, to receive official support and maintenance updates, you need to do one of the following:

Register for a free registration/serial code that provides you with 30 days of support and maintenance

Purchase a subscription to SUSE Linux Enterprise 11 SP2 from Novell (or an authorized dealer)

You can obtain your free 30-day support and maintenance code at http://www.novell.com/linux.

NOTE: You will need to have a Novell login account to access the 30-day evaluation.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 112


IntroductionNovell Customer Center

Novell Customer Center is an intuitive, Web-based interface that helps you to manage your business and technical interactions with Novell. Novell Customer Center consolidates access to information, tools and services such as

Automated registration for new SUSE Linux Enterprise products.

Patches and updates for all shipping Linux products from Novell.

Order history for all Novell products, subscriptions and services.

Entitlement visibility for new SUSE Linux Enterprise products.

Linux subscription-renewal status.

Subscription renewals via partners or Novell.

For example, in your company you might have a system administrator who needs to download SUSE Linux Enterprise software updates, a purchasing agent who needs to review the order history, and an IT manager who needs to reconcile licensing. With Novell Customer Center, your company can meet all these needs in one location, giving users access rights appropriate for their individual roles.

You can access the Novell Customer Center at http://www.novell.com/center.

SUSE Linux Enterprise Server 11 SP2 Online Resources

Novell provides a variety of online resources to help you configure and implement SUSE Linux Enterprise 11:

http://www.novell.com/products/server/

Novell home page for SUSE Linux Enterprise Server.

http://www.novell.com/documentation/sles11/

Novell Documentation Web site for SLES 11.

http://support.novell.com/linux/

Home page for all Novell Linux support. Includes links to support options such as the Knowledgebase, downloads, and FAQs.

http://www.novell.com/coolsolutions/

Novell Web site providing the latest implementation guidelines and suggestions from Novell on a variety of products, including SUSE Linux.

Agenda

The following is the agenda for this five-day course:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

13Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualTable Intro-1

Scenario

The IT department of Digital Airlines is rolling out more and more SUSE Linux Enterprise Server 11 SP2 installations. Your task is to familiarize yourself with SUSE Linux Enterprise Server 11 SP2 to be able to take on more and more system administrator tasks on this platform.

You need additional experience in the following areas:

Installation and configuration of SUSE Linux Enterprise Server 11 SP2

File system maintenance

Specialized aspects of User Management (such as POSIX ACLs)

Network configuration and fundamental network services

Hardware management

Backup and recovery

Service and process management

Remote administration

You decide to set up test systems in the lab to enhance your skills in these areas.

Section Duration

Day 1 Introduction 00:30

Section 1: Install SUSE Linux Enterprise Server 11 SP2 02:30

Section 2: Manage System Initialization 02:30

Day 2 Section 3: Administer Linux Processes 02:00

Section 4: Administer the Linux File System 03:00

Section 5: Configure the Network 01:00

Day 3 Section 5: Configure the Network (cont.) 01:00

Section 6: Manage Hardware 02:00

Section 7: Configure Remote Access 02:00

Section 8: Monitor SUSE Linux Enterprise Server 11 SP2 01:00

Day 4 Section 8: Monitor SUSE Linux Enterprise Server 11 SP2 (cont.)

01:30

Section 9: Automate Tasks 02:30

Section 10: Manage Backup and Recovery 02:00

Day 5 Section 11: Administer User Access and System Security 03:00

Appendix A: LiveFire (Optional) 03:00Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 114


IntroductionExercise Conventions

When working through an exercise, you will see conventions that indicate information you need to enter that is specific to your server.

The following describes the most common conventions:

italicized/bolded text. This is a variable reference to your unique situation, such as the host name of your server.

For example, if the host name of your server is da1, and you see the following:

hostname.digitalairlines.com

then you would enter

da1.digitalairlines.com

172.17.8.xx. This is the IP address that is assigned to your SUSE Linux Enterprise system.

For example, if your IP address is 172.17.8.101, and you see the following:

172.17.8.xx

then you would enter

172.17.8.101

Select. The word select is used in exercise steps to indicate a variety of actions including clicking a button on the interface and selecting a menu item.

Enter and Type. The words enter and type have distinct meanings.

The word enter means to type text in a field or at a command line and press the Enter key. The word type means to type text without pressing the Enter key.

If you are directed to just type a value, make sure you do not press the Enter key or else you might activate a process that you are not ready to start.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

15Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualCopying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 116


Install SUSE Linux Enterprise Server 11 SP2S E C T I O N 1 Install SUSE Linux Enterprise Server 11 SP2

In this section, you learn how to install SLES 11 SP2 using the YaST (Yet another Setup Tool) installation module. You also learn how to use advanced installation options and how to troubleshoot common installation problems.

Objectives

1. Perform a SLES 11 Installation on page 18

2. Troubleshoot the Installation Process on page 67Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

17Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualObjective 1 Perform a SLES 11 Installation

In this objective, you learn how to install a SLES 11 SP2 server. The installation process includes the following tasks:

Boot from the Installation Media on page 18

Select the System Language on page 21

Check the Installation Media on page 22

Select the Installation Mode on page 23

Set the Clock and Time Zone on page 23

Specify the Server Base Scenario on page 24

Configure Installation Settings on page 25

Verify Partitioning on page 28

Select Software on page 41

Start the Installation Process on page 44

Set the root Password on page 45

Set the Hostname on page 46

Configure the Network on page 47

Test the Internet Connection on page 55

Configure Novell Customer Center Configuration and Online Update on page 56

Configure Network Services on page 57

Manage Users on page 59

Configure Hardware on page 63

Finalize the Installation Process on page 64

Installation of SLED 11 SP2 on page 65

Boot from the Installation Media

To start the installation process, you need to insert the SUSE Linux Enterprise Server 11 SP2 installation disc into the systems optical drive and then reboot the computer to start the installation program.

NOTE: To start the installation program, your computer needs to be configured to start from the optical drive. You may need to access the CMOS Setup program in your systems BIOS and change the boot drive order to boot from the optical drive. The keystroke required to start the CMOS Setup program varies from system to system. Consult your user manual for further information.

After your system has booted from the installation media, the following appears:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 118


Install SUSE Linux Enterprise Server 11 SP2Figure 1-1 Installation Options

You can use the arrow keys to select one of the following options:

Boot from Hard Disk: Boots an operating system installed on the hard disk (if one exists). This is the default option. It allows the system to boot normally in the event you forget to remove your SLES 11 installation media from the optical drive.

Installation: Starts the normal installation process. All modern hardware functions are enabled.

Repair Installed System: Boots into a graphical repair utility.

Rescue System: Starts the SLES 11 rescue system. If you cannot boot your installed Linux system, you can boot the computer from the installation media and select this option. This starts a minimal Linux system without a graphical user interface to allow you to access disk partitions for troubleshooting and repairing an installed system.

Check Installation Media: Starts a verification routines that checks the integrity of your SLES 11 installation media.

Firmware Test: Starts a BIOS checker that validates ACPI and other parts of your system BIOS. Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

19Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / Manual Memory Test: Starts a memory testing program, which tests system RAM by using repeated read and write cycles. This is done in an endless loop, because memory corruption often shows up sporadically and many read and write cycles might be necessary to detect it.

If you suspect that your RAM might be defective, start this test and let it run for several hours. If no errors are detected, you can assume that the memory is intact. Terminate the test by rebooting the system.

Notice that at the bottom of this screen are a series of function keys. You can use these function keys to change a variety of installation settings:

F1 Help: Open context-sensitive help for the currently selected option of the boot screen.

F2 Language: Select the display language and a corresponding keyboard layout for the installation. The default language is English (US).

F3 Video Mode: Select a graphical display mode (such as 640x480 or 1024X768) for the installation process. You can also select Text Mode, which can be used if the graphical modes cause display problems.

F4 Source: Select an installation media type. Normally, you install from the inserted installation disc. However, in some cases you might want to select another source. For example, if you want to install over the network from an installation server, you would select the appropriate protocol for connected to that server, such as FTP, HTTP, or NFS.

F5 Kernel: Use the options provided by this function key if you encounter problems with the regular installation. This menu allows you to disable potentially problematic hardware features.

If your hardware does not support ACPI (Advanced Configuration and Power Interface) select No ACPI to install without ACPI support. The No Local APIC option disables support for APIC (Advanced Programmable Interrupt Controllers), which may cause problems with some hardware.

The Safe Settings option boots the system with DMA for optical drives and power management functions disabled.

If you are not sure, try the options provided in this menu in the following order:

Default

ACPI Disabled

Safe Settings

F6. Specify an optional driver update for SUSE Linux Enterprise Server. You can select from the following:

Yes: You will be prompted to insert the update disk at the appropriate point in the installation process.

File or URL: Drivers will be loaded directly before the installation starts.

After you select an installation option, a minimal Linux system loads and runs the YaST installation module. Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 120


Install SUSE Linux Enterprise Server 11 SP2Select the System Language

After YaST starts, the system language and license agreement dialog appears, as shown below:

Figure 1-2 License Agreement

Most YaST installation dialogs use the same user interface:

The left side displays an overview of the installation status.

In the lower-left corner, you can click the Help button to get information about the current installation step.

The right side displays the current installation step.

The lower-right side provides buttons used to navigate to the previous or next installation steps or to abort the installation.

NOTE: If the installation program does not detect your mouse, you can use the Tab key to navigate through the dialog elements, the arrow keys to scroll in lists, and Enter to select buttons. Dont be alarmed if this occurs. You can change the mouse settings later on in the installation process.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

21Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFrom the Language dialog, select your language and your keyboard layout. Review the license agreement and select I Agree to the License Terms, then click Next to continue.

Check the Installation Media

You can verify that your installation media is valid. This is done in the Media Check screen, shown below:

Figure 1-3 Media Check

From the CD or DVD Drive drop-down list, select the optical drive where your SLES 11 SP2 installation media resides; then click Start Check.

NOTE: If youre installing from an ISO image, you can click Check ISO File instead.

The verification process may take several minutes to complete. If the verification fails, you should not continue the installation because you will probably encounter problems during the installation process or with the server itself afterwards. In this situation, you should obtain a replacement copy of the installation media and restart the install.

NOTE: If you burn the installation media yourself from an ISO file, be sure to use the Pad option in your DVD burning software. This prevents read errors at the end of the media during the verification process.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 122


Install SUSE Linux Enterprise Server 11 SP2If the media passes the check, click Next. After doing so, the hardware in your system is probed and a corresponding basic set of kernel modules (drivers) are loaded.

Select the Installation Mode

You next need to select your installation mode in the Installation Mode screen, shown below:

Figure 1-4 Installation Mode

You can select from the following options in this screen:

New installation: Performs a normal new installation of SLES 11 SP2. This is the default option.

Update: Updates a previously installed SLES 10 or SLES 11 installation to SLES 11 SP2.

Repair Installed System: Repairs an existing system that has been damaged.

For a standard installation, select New Installation and then click Next to proceed to the next step.

Set the Clock and Time Zone

Next you need to configure your clock and time zone in the Clock and Time Zone screen, shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

23Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-5 Clock and Time Zone

By default, YaST selects the time zone based on your language selection. If necessary, you can change the time zone.

If your hardware clock is set to UTC (Universal Time Coordinated), the system time is set according to your time zone and automatically adjusted to daylight saving time. If your hardware clock is set to local time, deselect Hardware Clock Set to UTC.

NOTE: If necessary, you can also adjust the date and time by selecting Change.

When done, click Next.

Specify the Server Base Scenario

Next you need to specify your servers base scenario in the Server Base Scenario screen, shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 124


Install SUSE Linux Enterprise Server 11 SP2Figure 1-6 Server Base Scenario

In SUSE Linux Enterprise Server, you can choose from three base scenarios. The scenario you select determines the default package selection in the next screen. Select one of the following:

Physical Machine: Select if installing on physical hardware. You should also use this option when creating a VMware 5.x or earlier virtual machine that uses full virtualization.

Virtual Machine: Select if installing in a para-virtualized virtual machine environment, such as XEN or VMware 6 (and later).

NOTE: For information about the difference between full virtualization and paravirtualization, see for instance http://www.vmware.com/files/pdf/VMware_paravirtualization.pdf.

XEN Virtualization Host: Select if installing on a machine that will function as a host for XEN virtual machines.

NOTE: This option does not appear when installing a VMware virtual machine.

Click Next.

Configure Installation Settings

Next you need to configure the installation settings for your SLES 11 SP2 server in the Installation Settings screen, shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

25Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-7 Installation Settings

YaST analyzes your system and creates an installation proposal, shown in the figure above. The proposed settings are displayed on two tabs. The Overview tab shows the main categories that are necessary for a base installation. You can change these settings by selecting the following options:

Keyboard layout: Changes the keyboard layout. YaST selects the default keyboard layout based on your previous settings. Change the keyboard settings if you prefer a different layout.

Partitioning: Changes the hard drive partitioning. If the automatically generated partitioning scheme does not fit your needs, you can change it by selecting this option.

Software: Changes the software packages that will be automatically installed during the server installation. You can select or deselect software as needed.

Language: Changes the default language.

If you use BtrFS for the / (root) file system, the partitioning proposal looks different, as various BtrFS subvolumes are created by default on SLES 11 SP2:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 126


Install SUSE Linux Enterprise Server 11 SP2Figure 1-8 Installation with BtrFS

BtrFS is covered in Administer the Linux File System on page 129.

You can further customize the installation proposal by select the Expert tab, shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

27Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-9 Installation Settings - Expert

This tab displays the same options as the Overview tab, but also includes the following additional options:

System: Restarts the hardware detection process and displays a list of all available hardware components. You can change the PCI-ID setup, select single components, view details, or save the list to a file.

Booting: Allows you to change your GRUB (Grand Unified Bootloader) boot loader settings. You can also configure the system to use the Lilo (Linux Loader) bootloader instead of GRUB.

Add-on Products: Allows you to include any add-on products.

Time zone: Opens the Clock and Time Zone dialog described earlier.

Default Runlevel: Changes the runlevel. If a graphical environment is installed, the default is runlevel 5; otherwise, it is 3.

Kdump: Saves a dump of the kernel in the event of a system crash, allowing you to analyze what went wrong. Use this option to enable and configure kdump.

Verify Partitioning

In most cases, YaST proposes a reasonable partitioning scheme that you can use without modification. However, you might need to manually change the partitioning scheme if any of the following applies:

You want to optimize the partitioning scheme for a special purpose server (such as a file server)Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 128


Install SUSE Linux Enterprise Server 11 SP2 You want to configure LVM (Logical Volume Manager)

You have more than one hard drive and want to configure a software RAID (Redundant Array of Independent Disks) array

You want to delete existing operating systems on the hard drive to free up space for your SLES 11 SP2 installation

To partition the hard drive manually, you need to be familiar with the following:

Hard Drive Partitioning Basics on page 29

The Basic Linux Partitioning Scheme on page 29

Changing the Default Partitioning Proposal on page 30

Hard Drive Partitioning Basics

Hard disk partitions divide the available space of a hard drive into smaller portions. This lets you install more than one operating system on a hard drive or use different areas of the disk for programs and data.

Every hard disk (on an Intel platform) has a partition table with space for four entries. An entry in the partition table can correspond to a primary partition or an extended partition. However, only one extended partition entry is allowed.

A primary partition consists of a continuous range of cylinders (physical disk areas) assigned to a particular file system. If you use only primary partitions, you are limited to four partitions per hard disk. (Remember, the partition table can hold only four partition entries).

Extended partitions are also continuous ranges of disk cylinders. However, an extended partition can be subdivided into logical partitions. Logical partitions do not require entries in the partition table. In other words, an extended partition is a container for logical partitions.

If you need more than four partitions on a single hard disk, you should create an extended partition instead of a fourth primary partition. This extended partition should encompass the entire remaining free cylinder range. Then you can create multiple logical partitions within the extended partition. You can have a maximum of 15 logical partitions.

It does not matter which type of partitions you use for your Linux system. Primary and logical partitions both work equally well.

The Basic Linux Partitioning Scheme

The optimal partitioning scheme for a server depends on the purpose of the server. A SLES 11 SP2 installation needs at least two partitions:

Swap partition: Extends the physically available system RAM. This makes it possible to use more memory than the amount of physical ram installed. The Linux operating system moves unused data from RAM to the swap partition on the hard dive, thus freeing system RAM for active processes. Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

29Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualNOTE: Prior to version 2.4.10 of the Linux kernel, the swap partition needed to be at least twice the size of your installed system RAM. For example, if you had 1 GB of RAM in your system, the swap partition had to be at least 2 GB in size. If the swap partition was smaller than this, the overall performance of the system suffered. With later versions of the Linux kernel, however, this is no longer the case.

Root partition: Holds the root directory (/) of the file system. The root directory is the top directory in the Linux file system hierarchy.

No matter what partitioning scheme you choose, you must have at least one swap partition and a root partition. Partitions and partitioning schemes will be covered more extensively in the objective Configure Linux File System Partitions on page 141.

Changing the Default Partitioning Proposal

You can also change the default partitioning proposal to create separate partitions for various directories in the Linux file system. Doing so adds a degree of stability to the system. Problems encountered in one partition are isolated from other partitions in the system. For example an errant log file that grows too large in a partition mounted in /var doesnt impact data stored in other partitions.

You can create separate partitions for any directory in your Linux servers file system. However, the following directories are some of the best candidates for having a separate partition created:

/: You must create a partition for the root directory. This partition should at least have 5 GB, depending on how you allocate other partitions.

/boot: You can create a separate partition for the /boot directory, which contains your Linux kernel and initial ramdisk files. This partition should be 200 to 300 MB in size.

/home: You can create a separate partition for users files. You should allocate as much space as necessary to accommodate their data.

/opt: You can create a partition for application files installed into /opt (such as GroupWise). You should allocate as much space as necessary to accommodate applications that use this directory.

/tmp: You can create a partition for your systems temporary files stored in /tmp. You should allocate at least 1GB for this partition.

/usr: You can create a partition for the system utilities stored in /usr. You should allocate at least 5 GB to this partition. You may need to allocate more depending on what packages you choose to install.

/var: You can create a partition for the log files stored in /var. Because log files can become quite large, its a good idea to isolate them in their own partition. You should allocate at least 3 GB of space for this partition.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 130


Install SUSE Linux Enterprise Server 11 SP2NOTE: Considering the hard disk sizes sold today, you will probably use much bigger values in a production environment than the above minium values.

To change the default partition scheme, select Partitioning in the installation proposal. The following is displayed:

Figure 1-10 Hard Disk Preparation

In this screen, you can select from the following options:

A hard disk: Mark this option and click Next to open a dialog where you can choose to use the entire hard disk or some of the existing partitions for the installation of SLES 11 SP2.

Custom Partitioning: Mark this option and click Next to open the YaST Expert Partitioner and display the existing partition layout.

When you start the YaST Expert Partitioner, the following is displayed:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

31Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-11 Expert Partitioner

In the right side of the dialog, YaST lists the details of the current partition setup. Depending on your previous choice, the list may contain the partitioning proposal created by YaST or the partitions that currently reside on the hard disk.

The Expert Partitioner allows you to create, edit, delete, and resize partitions. You can also administer LVM (Logical Volume Manager) or RAID (Redundant Array of Independent Disks) arrays.

NOTE: The changes made with the YaST Expert Partitioner are not written to disk until the installation process is started. You can always discard your changes by clicking Back or Abort.

An entry for each hard disk is displayed in the left column of the Expert Partitioner. Expand Hard Disks; then select the hard disk entry. Overview information about the device is displayed on the Overview tab, as shown above.

To view a list of partitions on the hard drive, select the Partitions tab, as shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 132


Install SUSE Linux Enterprise Server 11 SP2Figure 1-12 Expert Partitioner

One entry is listed for every partition on the hard disk. Each entry includes information about the partition in the following columns:

Device: Device name of the partition.

Size: Size of the hard disk or partition.

F: Indicates the partition will be formatted during the installation process.

Enc: Indicates the partition will be encrypted.

Type: Partition type. Depending upon the operating system and the architecture, partitions can have various types, including as Linux native, Linux swap, Win95, FAT 32, or NTFS.

FS Type: Type of file system that will be installed on the partition, such as ext2, ext3, or BtrFS. The default is ext3.

Label: Label that will be applied to the file system.

Mount Point: Mount point of a partition. For swap partitions, the keyword swap is used instead of a directory.

Mount By: Indicates how the file system is mounted:

K: Kernel Name

L: Label U: UUIDCopying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

33Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / Manual I: Device ID

P: Device Path

Start: Start cylinder of the partition.

End: End cylinder of the partition.

Used By: Information about the system, such as LVM or RAID, using the partition.

The buttons in the lower part of the dialog let you do the following:

Create New Partitions on page 34

Edit Existing Partitions on page 39

Delete Existing Partitions on page 40

Resize Existing Partitions on page 40

NOTE: Managing LVM volumes and Software raid are covered in Configure Logical Volume Manager (LVM) and Software RAID on page 171. Crypt File partitions are not covered in this course.

Create New Partitions

To create a new primary partition, do the following:

1. Click Add.

A dialog similar to the following is displayed:

Figure 1-13 New Primary PartitionCopying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 134


Install SUSE Linux Enterprise Server 11 SP2One of the following is displayed in this dialog. What you actually see depends on your hard disk setup.

If you have more than one disk in your system, you are asked to select a disk for the new partition first.

If you do not have an extended partition, you are asked if you want to create a primary or an extended partition.

If you have an extended partition and you have space on the hard drive outside the extended partition for additional primary partitions, you are asked if you want to create a primary or a logical partition.

If you have three primary partitions and an extended partition, you are told you can create only logical partitions.

NOTE: You need enough space on your hard disk to create a new partition. You learn later in this section how to delete existing partitions to free used disk space.

2. Mark the appropriate option, then click Next.

If you choose to create either a primary or a logical partition, the following is displayed:

Figure 1-14 Add a Primary or Logical Partition

3. Specify the size of the new partition by selecting one of the following:

Maximum Size: Allocates the remaining free contiguous space on the drive to the partition.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

35Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / Manual Custom Size: Allows you to specify the size of the partition. You have two options: Enter a size for the partition (in MB or GB) in the Size field. For

example: 20 GB. Mark Custom Region; then specify the start and ending cylinders. The

start cylinder determines the first cylinder of the new partition. YaST normally preselects the first available free cylinder of the hard disk. The end cylinder specifies the last cylinder allocated to the partition, which determines the total size of the new partition. YaST preselects the last available free cylinder.

4. Click Next.

The Add Partition screen is displayed:

Figure 1-15 Add a Partition

5. Specify how the partition will be formatted by selecting one of the following:

Format Partition: Formats the partition. Select one of the following file systems for the partition from the File System drop-down list: BtrFS: A new file system that supports subvolumes and snapshotting. Ext2: Formats the partition with the Ext2 file system. Ext2 is an old and

proven file system, but it does not use journaling. Ext3: Formats the partition with the Ext3 file system. Ext3 is an

improved version of Ext2 and offers journaling. (This is the default option.)Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 136


Install SUSE Linux Enterprise Server 11 SP2 FAT: Formats the partition with the FAT file system. FAT is an older file system used in DOS and Windows. You can use this option to create a data partition that can be accessed from Windows and Linux.

NOTE: You must not create a root partition using the FAT file system.

XFS: Formats the partition with XFS, a journaling file system developed by SGI.

Swap: Formats the partition as a swap partition.

The Options button opens a dialog where you can specify specific settings for the file system you selected. However, unless you have some specific need you should not change the default values.

Do Not Format Partition. Leaves the newly created partition unformatted. No file system will be created on the new partition. You can select a partition type in the File System ID drop-down list.

Encrypt Device: Encrypting a device prevents unauthorized mounting of the partition. However, once mounted, the files in the partition are accessible like files on an unencrypted file system.

NOTE: You should use this option only for non-system partitions such as user home directories.

6. Configure your mount options for the new partition. You can select one of the following:

Mount Partition. Mounts the partition after it is created. You can select the mount point of the new partition from the Mount Point drop-down list. You can also specify a mount point manually if it's not available in the list. If you do, the mount point directory will be automatically created during the installation process.

You can also, optionally, select Fstab Options to edit the entry in the /etc/fstab file for this partition. The default settings should work in most cases.

Do Not Mount Partition. Creates the partition but leaves it unmounted in the file system.

7. Click Finish to add the new partition to the partition list.

If you need to create an extended partition instead of a primary partition, do the following:

1. Click Add.

2. Mark Extended Partition; then click Next.

The following is displayed:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

37Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-16 Add an Extended Partition

3. Specify the size of the new partition by selecting one of the following:

Maximum Size: Allocates the remaining free contiguous space on the drive to the partition.

Custom Size: Allows you to specify the size of the partition. You have two options: Enter a size for the partition (in MB or GB) in the Size field. For

example: 20 GB. Mark Custom Region; then specify the Start and End Cylinders. The

start cylinder determines the first cylinder of the new partition. YaST normally preselects the first available free cylinder of the hard disk. The end cylinder specifies the last cylinder allocated to the partition, which determines the total size of the new partition. YaST preselects the last available free cylinder.

4. Click Finish.

The extended partition is added to the list of partitions on the drive:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 138


Install SUSE Linux Enterprise Server 11 SP2Figure 1-17 Extended Partition in Expert Partitioner

At this point, you can complete the steps in Create New Partitions on page 34 to create logical partitions within the extended partition.

Edit Existing Partitions

If you need to edit an existing partition, select it from the list and then select Edit. You can edit only primary and logical partitions with the Expert Partitioner. You cannot edit extended partitions.

If you edit a primary or logical partition, a dialog similar to the following is displayed:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

39Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-18 Edit a Partition

You can change all options for the partition except its size. After changing the partition parameters, click Finish to save your changes to the partition and return to the partition list.

Delete Existing Partitions

You can also delete a partition using the Expert Partitioner. To do this, complete the following:

1. Select a partition from the list.

2. Click Delete, then click Yes in the confirmation dialog.

The partition is deleted from the partition list.

NOTE: Remember that you delete all logical partitions if you delete an extended partition.

Resize Existing Partitions

The Expert Partitioner can also be used to resize an existing partition. To do so, select a partition from the list and then click Resize.

NOTE: Although you can reduce a partitions size without deleting it, you should always back up the data on the partition before resizing it.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 140


Install SUSE Linux Enterprise Server 11 SP2NOTE: If the selected partitions are FAT or NTFS partitions with the Windows operating system installed, you should first reboot the system into Windows and scan the partitions for errors and defragment them before resizing. See the installation section in the SUSE Linux Enterprise Server 11 SP2 Administration Manual for details.

After you click Resize, the following is displayed:

Figure 1-19 Resize a Partition

This dialog allows you to select the Maximum Size, the Minimum Size, or to select Custom Size and to enter a Size value. When you click OK, the partition size changes in the partition list.

When you finish configuring settings in the Expert Partitioner, return to the installation proposal by clicking Accept.

Select Software

SUSE Linux Enterprise Server 11 SP2 includes a wide variety of software packages that you can include in your installation. These packages provide various applications and services for your server system.

Instead of selecting packages to be included in the installation one at a time, YaST allows you to select categories (called patterns) of software based on function. For example, if you want your server to function as a DNS and DHCP server on your network, you could include the DHCP and DNS Server pattern in your SLES 11 SP2 installation. All the packages needed to provide these two services would be installed automatically.

Depending on the available disk space, YaST preselects several of software patterns for you by default. To view these, select Software in the installation overview. The the following is displayed:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

41Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-20 Software Selection

This screen shows the default patterns for your sever installation. A brief description appears on the right when you highlight a pattern in the left column.

To find out which packages are contained in a pattern, click Details and then select the pattern that you are interested in. The following is displayed:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 142


Install SUSE Linux Enterprise Server 11 SP2Figure 1-21 Software Selection Details

Marking a pattern selects it for installation. Unmarking a pattern deselects it.

A package typically contains an application and all supporting files required to use the software. Sometimes larger applications are split into multiple packages. Sometimes several small applications are bundled into a single package.

NOTE: SUSE Linux Enterprise 11 SP2 uses the RPM Package Manager (rpm) for software management.

Frequently one software package needs another one to be already installed for it to run. These are called dependent packages (or dependencies). Dependency information is stored within each RPM package. If YaST encounters a package with dependencies, it automatically adds the additional dependent software packages to the installation proposal.

You can install a package by marking it in the package list on the right. The details for the selected package are displayed below the package list.

The View drop-down list offers different views for the software packages:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

43Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-22 View Drop-Down Menu

You can select from the following:

Patterns: Displays the dialog shown in Figure 1-21.

Package Groups/RPM Groups: Display the packages in a hierarchical tree view. There are several main categories, such as Productivity, Programming, System, and Hardware. Within the main categories are subcategories, such as File Utilities, Filesystems, and Modem. Selecting a category on the left displays the software packages belonging to that category on the right.

Languages: Lets you select support for additional languages.

Repositories: Displays the configured installation sources.

Search: Lets you search for packages.

Installation Summary: Displays a summary of the packages selected for installation.

From the top menu, you can select Dependencies > Check to identify the dependencies of the selected packages. This check is also done when you confirm the package selection. You can also select Dependencies > Autocheck to have dependencies checked every time you select or deselect a package.

NOTE: This option is enabled by default.

Confirm your package selection and return to the installation proposal by clicking Accept.

Start the Installation Process

After customizing the installation proposal, click Install. A dialog appears asking you to confirm the proposal. Start the installation process by clicking Install in the confirmation dialog. You can always return to the installation proposal by clicking Back.

NOTE: When you click Install, YaST implements the partitions contained in your partitioning proposal. Existing data on the disk may be lost.

Before installing software packages, YaST changes the hard disk partitioning. Based on your installation proposal, YaST creates your new partitions, installs the specified files systems on them, and then mounts them. Once done, YaST installs the software you specified in your installation proposal, as shown below:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 144


Install SUSE Linux Enterprise Server 11 SP2Figure 1-23 SLES 11 SP2 Installation

Depending on your software selection and the performance of your system, the installation process takes about 1545 minutes to complete.

After all software packages are installed, YaST reboots the computer and prompts you for the hostname, root password, network configuration details, and so on, to further customize your installation.

Set the root Password

After the system reboots, you need to set the password for the root user on your server. root is the name of the Linux system administrator. Unlike regular users, who might not have permission to do certain things on the system, root has unlimited access to do anything, including the following:

Access every file and device in the system

Change the system configuration

Install software

Set up hardware

The root account should be used only for system administration, maintenance, and repair. Logging in as root for daily work is riskya single mistake can lead to irretrievable loss of many system files.

You need to set the root password during the installation process. YaST displays the following screen:Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

45Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualFigure 1-24 Set Root Password

Enter the same password in both text fields of the dialog.

You should use a password that cannot be easily guessed. We recommend that you use numbers and lowercase and uppercase characters to avoid dictionary attacks. If desired, you can select Expert Options to customize the password encryption algorithm. In most cases, you can just use the default setting of Blowfish.

After entering the root password, continue by clicking Next. If your password is too simple or weak, a warning is displayed. You can either go back and specify a stronger password or accept the weaker password and continue.

Set the Hostname

Next, you need to set the hostname for the server. YaST suggests a default hostname of linux-xxxx, with xxxx being composed of random characters. The domain name defaults to site. Change the hostname and the domain name to the correct values for your network.

If the computers on your network get their hostname and domain name via a DHCP option, you can leave Change Hostname via DHCP selected. Otherwise, you should deselect this option.

When done, click Next.Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

Version 146


Install SUSE Linux Enterprise Server 11 SP2Configure the Network

Next, you need to set up your network configuration on the server. YaST displays the Network Configuration screen, as shown below:

Figure 1-25 Network Configuration

In the top part of this screen, you can select one of the following options:

Skip Configuration: Skip the network configuration for now. You can configure your network settings later after the system has been installed.

Use Following Configuration: Use the network configuration proposal that is currently displayed.

The network configuration proposal is similar to the installation proposal at the beginning of the base installation. The headings can be selected to view and configure specific parameters. The proposal includes the following entries:

General Network Settings: Lets you switch between the traditional method of managing network connections and using the NetworkManager utility. On a server, you should use the traditional method. The NetworkManager utility is more suitable for a notebook system, enabling users to switch between wired and wireless interfaces.

Firewall: Lets you customize your firewall settings. If you want to be able to administer your server remotely using SSH, toggle SSH port is blocked to SSH port is open by selecting open. Copying all or part of this manual, or distributing such copies, is strictly prohibited.To report suspected copying, please call 1-800-PIRATES.

47Version 1


SUSE Linux Enterprise Server 11 SP2 Administration / ManualIn addition, you can disable the firewall entirely by selecting disable. Selecting the Firewall heading itself opens a dialog that allows you to configure detailed firewall settings.

Network Interfaces: Displays network interfaces detected in the system and their configuration settings.

DSL Connections: Displays DSL devices detected in the system and their configuration settings.

ISDN Adapters: Displays ISDN devices detected in the system and their configuration settings.

Modems: Displays analog modems detected in the system and their configuration settings.

VNC Remote Administration: Lets you configure remote administration using VNC.

Proxy: Displays the HTTP and FTP proxy se

3116_manual.pdf

Documents

Transcript of 3116_manual.pdf