If you are a newbie to Linux world, You must be wishing to get some guide lines from others. Well, I have something for you. Hey, me too is a newbie only, but still, I hope that my efforts here shall help you.. In fact, I got these information from various linux friends, web searches, reading.. Well, if anybody finds anything wrong here, please correct it... Here I have written some of my likes and opinions as well as I have included comments about the areas or the way will help you to pass Red Hat Certification Exams (RHCT or RHCE)...
Manu
Basic concepts like login and shell
a. The default shell is bash.
b. Do not set your default shell to ksh if you come from another UNIX. The test is geared towards bash. Its dumb. But thats the way it is.
c. The following manpages are important
i. cp
ii. ls
iii. rm
iv. chmod
v. passwd
vi. mkdir
Using the vi editor
a. Take time off to master the vi editor. It will prove useful during the test.
b. The vi editor has two modes - command and input.
c. You can delete a character in command mode by issuing command x when the cursor is below the character that has to be deleted.
c. You can delete a line in command mode by issuing command dd when the cursor is below the line that has to be deleted.
d. You can use the h and l instead of the arrow keys to move left or right. This is important since the telnet client of windows does not support arrow keys.
e. You can use the h and l instead of the arrow keys to move left or right. This is important since the telnet client of windows does not support arrow keys.
f. You can use the j and k instead of the arrow keys to move up or down. This is important since the telnet client of windows does not support arrow keys.
The Bourne Again Shell
a. The Bourne Again Shell is the default shell in Red Hat Linux. It is popularly known as "bash" .
b. Bash provides POSIX shell compatibilty, history, job control, command completion and many other features.
c. You can invoke command line completion by pressing the <TAB> key.
Processes
a. The default process priority is 0.
b. The lowest process priority is -19.
c. The highest process priority is 20.
d. You cannot renice a process downward and then renice it upward.
e. The important manpages are
i. ps
ii. pstree
iii. nice
iv. renice
v. kill
vi. killall
vii. top
Standard I/O, Redirection and Piping
a. By default Linux commands expect their input to be text. Generally, they output text as well.
b. The 3 default filehandles available to any Linux process are stdin (0), stdout (1) and stderr (2).
c. By default the stdin is the keyboard, and the the stdout and stderr are both, the monitor.
d. The stdin, stdout and stderr, each can be reassigned to files. Example :
foo < `cat data` 2> err 1> results
In this example, program foo accepts input from the command cat data, sends its output to the file results and all warnings and error messages to the file err.
e. The output of a command may also be sent to the stdin of another program. This is known as piping.
Example :
foo | sort
In this example the output of the comand foo is sent to the stdin of the command sort.
Using networking services
a. You can use ping to make sure that you can get onto the network.
b. You can use traceroute to find out whether you gateway configuration is correct.
Configuration of hardware
a. Make a habit of running lspci after every install.
b. For purposes of the test, you need not learn how to configure ISA devices.
c. If you have to change your NIC from brand A to brand B, then make sure that you have the driver in /lib/modules/<kernel-version>/drivers/ .
d. In general, the native e100 driver by Intel works better than the default eepro series of drivers supplied with the Linux kernel. If you have a choice, use e100.
e. Look for a new PCI NIC in the listing of lspci and insmod its driver into a running kernel.
f. Important manpages are
i. proc
ii. lspci
iii. setpci
iv. setserial
v. fdisk
vi. mkfs
vii. mke2fs
viii. fsck
ix. e2fsck
x. hdparm
xi. mknod
xii. modemtool
xiii. sndconfig
xiv. dd
The Linux filesystem hierarchy
a. In general the Linux filesystem follows POSIX guidelines that specify that configuration info be kept separate from executables and further, that application data be separately maintained.
b. The configuration files are to be found in the /etc directory.
c. The log files are to be found in the /log directory.
d. The home directories of the users are in the /home directory.
e. The following manpages are important
i. df
ii. du
Various types of installations
a. Never install using graphical mode. Always use text mode. It is much faster.
b. Practise network install as much as possible. Learn to install Red Hat over NFS, FTP and HTTP.
c. When given a choice, prefer an NFS install to an FTP install. Likewise prefer an FTP install to an HTTP install.
d. You will almost never have to install packages for text processing, databases ( like mysql or postgres ) and image processing. So don't.
e. Learn which application bundles are installed by default in a server.
f. You may generally skip making a bootdisk during installations.
g. Do install basic X. That way you can configure printing through the printtool.
h. A large number of problems can be traced to mistakes in configuring lilo.
i. The following manpages are important
i. mkkickstart
ii. mkbootdisk
iii. kickstart
Utilities useful to system administrators
a. The cron suite is used for commands that have to be executred periodically.
b. The anacron command is used when it is not clear that the machine will be on at all times.
c. The find command is a versatile search utility to find files that match a variety of criteria.
d. Backups are made using the tar command.
e. The rpm command allows one to install, remove and query Red Hat packages.
f. The important manpages are
i. useradd
ii. find
iii. rsync
iv. rdist
v. rsh
vi. rcp
vii. rpm
viii. md5sum
ix. tar
x. cpio
xi. dump
xii. restore
xii. mt
xiii. usermod
xiv. userdel
xv. groupadd
xvi. groupmod
xv. groupdel
xvi. authconfig
xvii. chage
xviii. chown
xix. chgrp
Logging
a. The main system logger is the syslog whose log file is /var/log/messages . By default, programs like named log to this file.
b. The mail log is in /var/log/maillog .
c. The apache webserver logs to the /var/log/httpd/ directory. There are access_log and error_log files which log web traffic and errors if any.
d. The kernel boot messages are in /var/log/dmesg.
e. Learn the format of the following logfiles
i. syslog
ii. maillog
iii. xferlog
iv. All logs generated by apache - access_log and error_log
f. The following manpages are important
i. syslog
ii. syslog.conf
Configuring and troubleshooting X
a. Learn to use xf86config. It is old but still works just fine.
b. Learn to use Xconfigurator. It is standard in all distributions today.
c. Practise using the VGA mode. It is enough for most purposes including the test.
d. The following manpages are important
i. xfs
ii. xinitrc
iii.xauth
iv. X
v. xhost
vi. xdm
vii. gdm
viii. kdm
Basic networking
a. The configuration file for NIC eth0 is /etc/sysconfig/network-scripts/ifcfg-eth0. In this file you can set up the boot protocol, the IP address, the netmask and gateway for that interface.
b. You can allow a user to bring an interface up or down by setting the USERCTL directive in the init file of that interface
c. The following manpages are important
i. ifconfig
ii. netstat
iii. route
iv. ping
v. traceroute
vi. arpwatch
vii. arp
DNS
a. Bind 8 is the DNS server distributed with Red Hat.
b. Both master and slave servers provide authoratative information about a domain.
c. In case you have more than one nameserver in your /etc/resolv.conf file, the first available nameserver will be queried and the rest will be ignored. If the first available nameserver does not have information about the host, the host will be reported as unreachable.
d. The basic configuration file governing the behaviour of the nameserver is /etc/named.conf .
e. The first stanza in the named.conf is the "options" stanza. Read it carefully and make sure that you know which directory contains the zones for which this nameserver is authoritative.
f. If a hint file is provided, make sure that it exists.
g. When a query reaches a server, the server first checks its own cache, then it forwards it to the servers in its "hint" file.
h. When configuring a nameserver, make sure that the start of authority record is valid.
i. Red Hat recommends that the serial be in the format YYYYMMDDxx.
j. You may safely omit NS and MX records in the reverse lookup zone file.
k. Learn to use dig rather than nslookup.
l. Do not waste time learning about IPv6 or IPSec if the test is your objective.
m. The important manpages are
i. named
ii. named.conf
iii. resolv.conf
iv. resolver
v. nslookup
vi. dig
vii. host
SAMBA
a. You are unlikely to administer a NetBIOS network containing Windows 95 as well as Windows 98, NT and Windows 2000. So you are safe to assume that passwords will always be encrypted. Do not waste time mugging up registry settings to set up cleartext passwords in in non-95 Windows setups.
b. Make sure that there are Windows 95 clients. If there are, encrypt passwords = no.
c. To enable encrypted passwords, you have to uncomment two lines in the smb.conf. They are
encrypt passwords = yes
smb password file = /etc/samba/passwd
d. WINS support is enabled through the following lines
wins support = yes
name resolve order = wins lmhosts bcast
Make sure that you have a sensible lmhosts file.
e. Make sure that you are in the correct workgroup.
f. Make sure that you are naming the shares correctly.
g. If restricting access to certain users, make sure that they exist in /etc/passwd.
h. Always test the smb.conf file using testparm.
i. You have to restart samba for any changes to take effect.
j. After you have restarted samba, check that the required share is indeed available by using smbclient.
k. Configure printing ahead of Samba. That way, all printers denoted in /etc/printcap will be made available by default in the smb.conf.
l. A printer called foo made available by setting
the "printer = foo" and the "printable = yes" inside its own share stanza.
m. The important manpages are
i. samba
ii. smbd
iii.smb.conf
iv. nmbd
v. smbclient
vi. testparm
vii. testprns
viii. smbstatus
ix. nmblookup
x. smbpasswd
xi. smdadduser
Apache
a. To configure a virtualhost, you have to use the ServerName, ServerAdmin, DocumentRoot, ErrorLog and CustomLog directives. Enclose these in a VirtualHost container.
b. Set up the NameVirtualHost directive before the VirtualHost container.
c. To restrict access to a particular directory, you have to first set up a AllowOverride AuthConfig for that Directory in httpd.conf and later create a .htaccess file in that directory.
d. The following manpages are important
i. httpd
ii. htaccess
iii.htpasswd
iv. suexec
NIS
a. You can set the NIS domain of the host with the NISDOMAIN directive in /etc/sysconfig/network .
b. To set up an NIS server you need to install only the ypserv rpm.
c. Make sure that you are in runlevel 3 or above.
d. Make sure that both ypserv and yppasswdd are starting up in your runlevel if setting up an NIS server.
e. Check your NIS settings with rpcinfo -p localhost .
f. To set up an NIS client, you need to install the ypbind and yp-tools rpms.
g. Make sure that the NIS server's name is in /etc/yp.conf .
h. It is enough to place a the name of a directory in the /etc/exports file and run the command exportfs in order to share the directory on the network.
i. You need not learn much about LDAP for test preparation.
j. The following manpages are important.
i. showmount
ii. rpcinfo
iii. ypinit
iv. ypserv
v. ypbind
vi. exports
vii. auto.master
viii. portmap
Sendmail and mail related applications
a. Make sure that the sendmail daemon is not running as user root.
b. Always make a backup of your sendmail.cf file. If you are about to enable promisuous relaying, for example,
cp -v /etc/sendmail.cf /etc/sendmail.cf.b4.promisc_relay
This way you will always have a working copy of sendmail.cf. You will then be able to correct mistakes very quickly.
c. There are special sendmail-related files in /etc/mail .
d. The /etc/aliases file is used for mapping a local user the mail alias used by that user.
e. The /etc/mail/virtusertable maps virtual domains and users to other addresses
f. The /etc/mail/access file sets up access control lists for sendmail. It can allow or deny relaying and acceptance based on username, domainname or IP address or any combination of these.
g. Under Red Hat Linux, sendmail hands off all local delivery to procmail.
h. Sendmail writes detailed logs to /var/log/maillog.
i. In sendmail.cf, DR is the machine which will handle unqualified addresses.
j. In sendmail.cf, DH is the machine to which all local mail traffic is forwarded.
k. In sendmail.cf, DS is the machine which acts as the smarthost for this machine.
l. In sendmail.cf, DM is the domain that the local machine masquerades as.
m. In case any of DR, DH, DS or DM are blank, the FQDN of the localhost is used in its place.
n. Both, the POP3 and IMAP4 servers, are available in the imap rpm.
o. The prefered mail retrival application in Red Hat is fetchmail. It supports pop3 and imap4.
p. By default, fetchmail hands off all mail for local deliver to sendmail. Sendmail further hands it off to procmail which finally writes the mail to the individual mailbox.
q. If installing sendmail, remember to chkconfig sendmail on service sendmail start
r. If installing imap, remember to enable pop3 and imap4 support in /etc/xinetd.d/ipop3 and /etc/xinetd.d/imap4 . Follow this with service xinetd restart
s. The following manpages are important
i. sendmail
ii. mailq
iii. runq
iv. pine
v. fetchmail
vi. procmail
vii. procmailrc
viii. procmailex
ix. procmailse
x. mutt
xi. aliases
Misc networking daemons such as ftpd
a. By default, all users are allowed to ftp into their home directories.
b. By default, anonymous access to /home/ftpd/pub directory is provided.
c. The important manpages are
i. ftpd
ii. wget
iii. ncftp
iv. pppd
v. chat
vi. wvdial
vii. ftpaccess
viii. xinetd
ix. dhcpd
Security and its aspects
a. Security has many aspects - user security, filesystem security, password security, and process security
b. Important manpages are
i. tripwire
ii. tmpwatch
iii. lsattr
iv. chattr
v. pam (concentrate on PAM)
vi. twintro
vii. twadmin
viii. twprint
ix. siggen
x. twconfig
xi. twpolicy
xii. twfiles
xiii. tcpdump
xiv. hosts.allow (Concentrate on TCP Wrappers)
xv. hosts.deny
Encrypted communications
a. The following commandline options of gpg are important -
gen-key, list-keys, list-secret-keys, export, import, armor, and recipient
b. The following manpages are important
i. ssh
ii. sshd
iii. openssh
iv. openssl
v. stunnel
vi. gpg
vii. ssh-keygen
Firewalls
a. There are 3 basic chains - input, output and forward.
b. If you have made any changes to the firewalling rules, they will be lost when you reboot. So service ipchains/iptables save chkconfig ipchains/iptables on service ipchains/iptables restart.
d. Important manpages are
i. iptables
ii. ipchains
Troubleshooting
a. If any service is not working first check whether it has been installed. If not installed, install it.
b. If any service has been installed, but is not working, chkconfig <name-of-service> on service <name-of-service> start
c. If a service is spawned by xinetd, make sure that it is set to disable = no and the service xinetd restart.
d. If faced with a non-booting system, first boot using a rescue disk and mount the root partition of the hard disk. Check its lilo.conf . That is the most common problem with non-booting systems.
e. Always reboot the system and ensure that you have solved the problem.
f. Important manpages are
i. lilo.conf
ii. chkconfig
iii. ntsysv
iv. tksysv
v. service
vi. inittab
vii. init
viii. telinit
ix. mknod
x. chroot
xi. fsck
xii. e2fsck
xiii. e2label
xiv. grub
Kernel compilation
a. Remember that Linux provides you with virtual terminals. Use them. Compile the kernel in one virtual terminal and do something else in another virtual terminal. Do not waste time staring at the screen while the kernel is compiling.
b. Always set EXTRAVERSION in the toplevel Makefile before doing anything else.
c. Use menuconfig if possible rather than xconfig.
d. If not using scsi, you may safely skip making a ramdisk.
e. Memorize the following line - make mrproper menuconfig dep bzImage modules modules_install .
f. Do not try to make modules modules_install in another virtual terminal. It might not work. This will waste more time.
g. Unless specifically instructed, cp -v the kernel to its location in the /boot. Unless so specifically instructed do not mv the kernel to its new location.
h. Remember to add a stanza to /etc/lilo.conf pointing to your new kernel. Do not modify existing stanzas unless you need to.
i. To reinstall lilo with your changes, use lilo -v -t first. This will run lilo in verbose test mode so that you know whether you have made any mistakes. If your lilo.conf is fine, install it with a lilo -v. You can never be too careful.
j. The important manpages are
i. lsmod
ii. insmod
iii. modprobe
iv. rmmod
v. modconf
vi. sysctl
Performance and tuning
a. If you are creating a filesystem for a database,
b. RAID5 is ideal but RAID0 works in most cases. Learn to mirror disks. Practise with IDE hard disks.
c. RAID5 makes for fast reads and slow writes.
d. There is a lot of documentation that comes with the raidtools package including a sample /etc/raidtab. Read the documentation carefully and experiment with RAID upto mirroring. No need to experiment beyond that.
Note : create RAID after installation, not during if not familiar.
Manu
