0% found this document useful (0 votes)
219 views153 pages

3102 Workbook

This document provides instructions for setting up and using self-study materials to prepare for the Novell Certified Linux Administrator 11 (CLA 11) certification. It outlines the required hardware, software, and setup steps to configure virtual machines for completing the exercises, including installing VMware virtualization software on the host computer and setting up virtual machines for a SUSE Linux Enterprise Server 11 system and a SUSE Linux Enterprise Desktop 11 workstation. The exercises are meant to provide hands-on practice of system administration skills on SUSE Linux Enterprise 11.

Uploaded by

mansoor.ahmed100
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
219 views153 pages

3102 Workbook

This document provides instructions for setting up and using self-study materials to prepare for the Novell Certified Linux Administrator 11 (CLA 11) certification. It outlines the required hardware, software, and setup steps to configure virtual machines for completing the exercises, including installing VMware virtualization software on the host computer and setting up virtual machines for a SUSE Linux Enterprise Server 11 system and a SUSE Linux Enterprise Desktop 11 workstation. The exercises are meant to provide hands-on practice of system administration skills on SUSE Linux Enterprise 11.

Uploaded by

mansoor.ahmed100
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 153

SelfStudyManuals

SUSELinuxEnterprise11AdministrationWorkbookCourse3102

SUSELinuxEnterprise11AdministrationWorkbook
Introduction

ThisworkbookisdesignedtohelpyoupracticetheskillsassociatedwithSUSELinux
Enterprise11Administration(Course3102)objectives.
Theseskills,alongwiththosetaughtinSUSELinuxEnterprise11Fundamentals(Course
3101),prepareyoutotaketheNovellCertifiedLinuxAdministrator11(NovellCLA11)
certificationtest.
Beforestartingtheexercisesinthisworkbook,youneeddothefollowing:
"ChecktheMediainYourStudentKit"
"SetUpYourPracticeEnvironment"
"ReviewExerciseIssuesandTips"
"ReviewtheCourseScenario"
"ReviewtheExerciseConventions"
ChecktheMediainYourStudentKit

Your3102studentkitcontainsthefollowingitems:
3102CourseManual:Printedcoursemanualthatcontainsinstructionalandreference
content.
3102Workbook:Printedworkbookthatcontainsstepbystepinstructionsforsettingup
andcompletingthe3102courseexercises.
3102CourseDVD:ContainsthecoursemanualandworkbookinPDFformataswell
asareadmefile.Italsocontainsthefollowingfoldersthatcontainvariousfilesrequired
forcompletingthelabexercisesforthiscourse:
Setup:Containsfilesusedforthecoursesetup.

Exercises:Containsfilesusedforthecourseexercises.
Docs:ContainstheSUSELinuxEnterprise11documentation,whichisalso
availablefrom.
SUSELinuxEnterpriseServer11DVD:SLES11installationmediayouwilluseto
completeyourlabexercises.
SUSELinuxEnterpriseDesktop11DVD:SLED11installationmediayouwilluseto
completeyourlabexercises.
SetUpYourPracticeEnvironment

Setupyourpracticebycompletingthefollowing:
"ReviewtheSetupRequirements"
"ReviewtheSetupDiagram"
"PrepareYourHostWorkstation"
ReviewtheSetupRequirements

Thefollowingarethehardwareandsoftwarerequirementsforyourpracticeenvironment:
Setup

MinimumRequirements

Hardware Youneedonehostcomputerthatmeetsthefollowingrequirements:
PentiumIV2GHz(orfaster)computer
2GBRAM(4GBrecommended):
1024MB(DA1virtualserver)
512MB(DASLEDvirtualworkstation)
40GB(ormore)harddiskspace
DVDdrive
MakesurethatthehostcomputerisactuallyutilizingalloftheinstalledRAM.If
not,theexercisesmayrunextremelyslowlyorevenstall.
Software Tocompletethepracticeenvironmentsetup,youneedthefollowingsoftware:

Setup

MinimumRequirements
3102CourseDVD(includedinyourstudentkit),whichcontainssoftware
andfilesneededtocompletethecourseexercises
SUSELinuxEnterpriseServer11DVD,whichcontainstheSLES11
installationmediayouwillusetocompleteyourlabexercises.
SUSELinuxEnterpriseDesktop11DVD,whichcontainstheSLED11
installationmediayouwillusetocompleteyourlabexercises.

ReviewtheSetupDiagram

Inthiscourse,yourhostcomputerwillrunmultiplevirtualmachinesconcurrently.The
followingdepictstherelationshipbetweenthehostcomputerandthevirtualmachines:


Thefollowingtableliststhedetailsabouteachvirtualmachineusedinthiscourse:
VirtualMachine Details
DA1

Hostname:da1.digitalairlines.com
Operatingsystem:SUSELinuxEnterpriseServer11

VirtualMachine Details
IPaddress:172.17.8.101
Subnetmask:255.255.0.0
Logininformation:
Superuser:root
Password:novell
DASLED

Hostname:dasled.digitalairlines.com
Operatingsystem:SUSELinuxEnterpriseDesktop11
IPaddress:172.17.8.104
Subnetmask:255.255.0.0
Logininformation:
Superuser:root
Password:novell

PrepareYourHostWorkstation

Tocompletethelabexercisesinthiscourse,youmustfirstinstallandconfigureVMware
virtualizationsoftwareonyourhostworkstation.Todothis,completethefollowing:
1. InstallSLED11onyourhostworkstation.
Duringtheinstallation,installtheC/C++CompilerandToolspattern,asshownbelow:


Duringtheinstallation,configurethefollowinguseraccounts:
geekowithapasswordofnovell
geekowithapasswordofnovell
2. ConfigurethenetworkinterfaceontheworkstationtousetheTraditionalMethodwith
ifupnetworksetupmethodinsteadofNetworkManager.
3. InstallVMwareWorkstationonyourhostworkstation.
VMwareisvirtualizationsoftwarethatallowsyoutorunanoperatingsysteminparallel
toyourexistingoperatingsysteminstallation.YoucanuseVMwaretoinstalland
configuremultipleguestoperatingsystemsonyourcomputerwithoutrepartitioning
yourdisks.

Inthefirstexerciseinthiscourse,youwillinstallavirtualSLES11serverandavirtual
SLED11workstationthatyouwillusetocompletetheremainingexercisesinthe
course.
IfyoudonothaveVMwareonyoursystem,youcandownloadacopyfromthe
VMwareWebsiteat.Youcanchoosebetweenthefollowingproducts:
VMwareServer:FreeversionoftheVMwareproduct.Itcanbeusedtocreate,
modify,andrunVMwareimages.Itdoesnotallowyoutocreatesnapshots,
however.
VMwareWorkstation:FullfeaturedversionofVMware.Thesoftwarecanbe
usedtocreate,modify,andrunVMwareimages.Youcaneitherpurchasethe
softwareorgetafree30daysevaluationkey.
VMwarePlayer:FreeversionoftheVMwareproduct.Itcanrunexistingvirtual
machines,butitcannotbeusedtocreateVMwareimagesnordoesitallowyou
tocreatesnapshots.
NOTE:IfyouneedhelpinstallingaVMwareproduct,visit.
4. Configurevmnet5inVMware:
SelectComputer>MoreApplications>System>VirtualNetworkEditor.
Whenprompted,enteryourrootuser'spassword.
Thefollowingisdisplayed:

Selectvmnet1.
IntheSubnetIPfield,enter172.17.0.0,asshownbelow:

SelectSave.
Openaterminalwindowandusethesucommandtoswitchtoyourrootuser
account.
Attheshellprompt,entervi/etc/vmware/networking.

PressIns;thenscrolldowntotheanswerVNET_1_HOSTONLY_NETMASK
255.255.255.0line.
ChangethislinetoanswerVNET_1_HOSTONLY_NETMASK255.255.0.0.
PressEsc;thenenter:exit.
SelectComputer>MoreApplications>System>VirtualNetworkEditoragain.
Whenprompted,enteryourrootuser'spassword.
Selectvmnet1andverifythatthesubnetmaskhaschangedto255.255.0.0,as
showbelow:

SelectSave.
Shutdownandrestarttheworkstation.
Whentheworkstationhasrebooted,loginandthenopenaterminalwindow.
Switchtorootusingthesucommand.
Attheshellprompt,enterifconfig.
Verifythatyourhost'svmnet1virtualnetworkadapterhasbeenassignedanIP
addressof172.17.0.1andasubnetmaskof255.255.0.0,asshownbelow:

5. Createthefollowingfoldersonyourhost'sharddrive:

/isos/3102
/vms/3102
6. CopythecourseISOfilesfromtheExercisesfolderonyourcourseDVDtothe
/isos/3102folderonyourharddrive.
7. CopythecoursevirtualmachinefilesfromtheSetupfolderonyourcourseDVDto
the/vms/3102directoryonyourharddrive.
8. Configurethehotkeysusedtoreleasethefocusfromthevirtualmachinebydoingthe
following:
IntheVMwarewindow,selectEdit>Preferences>HotKeys.
MarkCtrl+Shift+Alt.
SelectOK.
ReviewExerciseIssuesandTips

Beforestartingtheexercises,makesureyoureviewthefollowing:
"MemoryIssues"
"ExerciseTips"
"BrowserIssues"
"ExerciseNotes"
MemoryIssues

Althoughyouperformtheexerciseswith2GBofRAMonthehostmachine,theprocessing
timeforperformingsomeadministrationtaskswillbesignificantlyslowerthaninareal
hardwareenvironment.Additionalmemorywillincreasetheoverallspeedofthesystem.
ExerciseTips

Followingaresometipsthatcanhelpyouwhenusingthisworkbooktocompleteexercises:
Exercisesequence:Althoughtherearemanytasksintheexercisesthatcanbedone
atanytime,theexercisesoftenrelyontasksperformedinearlierexercises.
Forthisreason,it'srecommendedthatyouperformtheexercisesinsequenceto
successfullycompleteallexercises.

Keyboardentryproblems:Ifyoucannotusethekeyboardtoentertext,tryselectingthe
virtualmachinewindowwiththemouseortrypressingShift+Tab.
Virtualmachineshutdown:Beforepoweringoffavirtualmachine,makesureyoushut
downtheguestoperatingsystemcleanlyfirst.
BrowserIssues

Mostofthelabsinthiscoursedirectyoutouseabrowserwithinthevariousvirtualmachines.
Thisworkedwellduringthetestingofthelabsandreducesdependenciesonthehost
workstation.
However,ifyoufindusingabrowserwithinavirtualmachinecumbersomeorslow,youcan
useabrowseronthehostworkstationinstead.
ExerciseNotes

Reviewthefollowingnotespriortocompletingthelabexercisesinthiscourse:
Exercise

Notes

Exercise22,
PartIII

AttheendofPartIII,studentsmayhavetorebootthesystemtobeableto
logbackinasgeeko.

ReviewtheCourseScenario

TheITdepartmentofDigitalAirlinesisrollingoutmoreandmoreSUSELinuxEnterprise11
installations.YourtaskistofamiliarizeyourselfwithSUSELinuxEnterprise11tobeableto
takeonagreaternumberofsystemadministratortasksonthisplatform.
Youneedadditionalexperienceinthefollowingareas:
InstallationandconfigurationofSUSELinuxEnterprise11
Filesystemmaintenance
Specializedaspectsofusermanagement(suchasACLs)
Networkconfigurationandfundamentalnetworkservices
Hardwaremanagement
Backupandrecovery
Managementofservicesandprocesses

Remoteadministration
Youdecidetosetuptestserversandworkstationsinthelabtoenhanceyourskillsinthese
areas.
ReviewtheExerciseConventions

Whenworkingthroughanexercise,youwillseeconventionsthatindicateinformationyou
needtosupplythatisspecifictoyourserver.
Thefollowingdescribesthemostcommonconventions:
italicized/boldedtext:Thisisareferencetoavariablethatisuniquetoyoursituation,
suchasthehostnameofyourserver.
Forexample,ifthehostnameofyourserverisDA1,andyouseethefollowing,
hostname.digitalairlines.com
thenyouwouldenter
DA1.digitalairlines.com
172.17.8.xx:ThisistheIPaddressthatisassignedtoyourSUSELinuxEnterprise
system.
Forexample,ifyourIPaddressis172.17.8.101,andyouseethefollowing:
172.17.8.xx
thenyouwouldenter
172.17.8.101
Select:Thewordselectisusedinexercisestepstoindicateavarietyofactions
includingclickingabuttonontheinterfaceandselectingamenuitem.
EnterandType:Thewordsenterandtypehavedistinctmeanings.
ThewordentermeanstotypetextinafieldoratacommandlineandpresstheEnter
keywhennecessary.ThewordtypemeanstotypetextwithoutpressingtheEnterkey.
Ifyouaredirectedtotypeavalue,makesureyoudonotalsopresstheEnterkeyor
youmightactivateaprocessthatyouarenotreadytostart.

InstallSUSELinuxEnterprise11

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"InstallSUSELinuxEnterpriseServer11"
Inthisexercise,youinstallSUSELinuxEnterpriseServer11.
"InstallSUSELinuxEnterpriseDesktop11"
Inthisexercise,youinstallSUSELinuxEnterpriseDesktop11.
InstallSUSELinuxEnterpriseServer11

Inthisexercise,youinstallaSUSELinuxEnterpriseServer11system.Usethefollowing
specificationsasaguidelinefortheinstallation:
Createthefollowingpartitions:
1GBswappartition.
6GBfor/(Youshouldleaveunpartitionedspaceontheharddisktoadd
partitionsinlaterexercises).
Usedefaultsoftwarepatterns,butaddtheC/C++CompilerandToolspattern.
rootpassword:novell
NOTE:Thispasswordisnotappropriateforaproductionenvironment.
UseastaticIPaddress:
IPaddress:172.17.8.101
Networkmask:255.255.0.0
Hostname:da1
Domainname:digitalairlines.com
Nameserver:none
Defaultgateway:none
Uselocalauthentication.Createageekouseraccountwithapasswordofnovell.

Skiptheonlineupdate.
Dothefollowing:
1. InsertyourSLES11installationDVDintoyourhostworkstation'sDVDdrive.
2. Onyourhostworkstation,startVMwareWorkstation.
3. InVMware,selectFile>Open.
4. Browsetoandselectthe/vms/3102/DA1/DA1.vmxfile.
5. SelectPowerOnThisVirtualMachine.
6. Ifpromptedtocreateanewidentifierforthevirtualmachine,selectKeep;thenclick
OK.
7. WhentheGRUBinstallationscreenappears,selectInstallationwiththearrowkeys
andthenpressEnter.
WaitwhileLinuxisloadedandtheYaSTInstallationmodulestarts.
8. IntheLanguageSelectiondialog,selectyourlanguageandyourkeyboardlayout.
NOTE:Althoughyoucanselectanyavailablelanguage,theexercisesinthismanual
arewrittenforEnglishUS.
9. IntheLicenseAgreementfield,selectIAgreetotheLicenseTerms;thenclickNext.
10.IntheMediaCheckscreen,selectStartCheck.
Waitwhilethemediaischecked.
11.Whenthemediacheckiscomplete,clickNext.
Waitwhilethesystemhardwareisprobed.
12.IntheInstallationModedialog,selectNewInstallation;thenclickNext.
13.IntheClockandTimeZonedialog,selectyourtimezone.
14.DeselectHardwareClockSetToUTC.
15.Adjustthedateandtimetothecorrectparameters,ifneeded.
16.Whendone,clickNext.

17.IntheServerBaseScenarioscreen,selectPhysicalMachine;thenclickNext.
TheInstallationSettingsproposaldialogappears.
18.ChangethepartitioningsettingsbyselectingPartitioning.
19.SelectCustomPartitioning(forexperts);thenclickNext.
20.Createaswappartitionbydoingthefollowing:
1. UnderSystemView,selectHardDisks>sda.
2. SelectAdd.
3. SelectPrimaryPartition;thenclickNext.
4. SelectCustomSize;thenenterasizeof1GB.
5. ClickNext.
6. FromtheFileSystemdropdownlist,selectSwap.
7. AddtheswappartitionbyclickingFinish.
21.Createtherootpartitionbydoingthefollowing:
1. SelectAdd.
2. SelectPrimaryPartition;thenclickNext.
3. SelectCustomSize;thenenterasizeof6GB.
4. ClickNext.
5. Configurethefollowingoptions:
SelectExt3fromtheFileSystemdropdownlist.
Select/fromtheMountPointdropdownlist.
6. AddtherootpartitionbyclickingFinish.
Yourpartitionsshouldappearasshownbelow:


22.ConfirmthepartitioningsetupandreturntotheinstallationproposalbyclickingAccept.
23.IntheInstallationSettingsOverview,selectSoftware.
24.UnderPatterns,scrolldowntoandselectC/C++CompilerandTools,asshown
below:


25.ClickOK.
26.Ifpromptedtoacceptlicenseagreementsforpackagestobeinstalled,selectAccept.
27.IntheInstallationSettingsdialog,clickInstall.
28.Intheconfirmationdialog,clickInstall.
Waitwhilethediskispartitionedandthepackagesareinstalled.Thismaytakeupto
30minutestocomplete.
29.InthePasswordfortheSystemAdministrator"root"screen,enternovellinthe
passwordfields.

30.ClickNext.
31.Whenwarnedthatthepasswordistoosimple,clickYes.
32.Whenwarnedthatthepasswordusesonlylowercaseletters,clickYes.
33.IntheHostnameandDomainNamedialog,enterDA1intheHostnamefieldand
digitalairlines.comintheDomainNamefield.
34.DeselectChangeHostnameviaDHCP.
35.SelectWriteHostnameto/etc/hosts;thenclickNext.
36.IntheNetworkConfigurationscreenunderFirewall,clickOpennexttoSSHPortis
Blocked.
TheentrywillchangetoSSHPortisOpen.
37.SelectNetworkInterfaces.
38.Selectthefirstdetectednetworkcard;thenclickEdit.
39.SelectStaticallyAssignedIPAddress.
40.IntheIPAddressfield,enter172.17.8.101.
41.IntheSubnetMaskfield,enter255.255.0.0.
42.IntheHostnamefield,enterDA1.
43.ClickNext.
44.SelecttheHostname/DNStab.
Yourhostnameanddomainnameshouldalreadybefilled.Ifnot,enterahostnameof
DA1andthedomainnamedigitalairlines.com.
NOTE:Becausethisvirtualmachinerunsinhostonlymode,itisisolatedfromtherest
ofyournetwork.Inaproductionenvironment,youwouldconfigureoneormoreDNS
serveraddressesandagatewayrouteraddress.
45.ReturntotheNetworkConfigurationdialogbyselectingOK.
46.ContinuewiththeinstallationbyclickingNext.
47.IntheTestInternetConnectiondialog,selectNo,SkipThisTest;thenclickNext.

48.IntheInstallationOverviewdialog,acceptthedefaultsettingsbyclickingNext.
49.IntheUserAuthenticationMethodscreen,selectLocal(/etc/passwd);thenclickNext.
50.IntheNewLocalUserscreen,addausernamedgeekobyenteringthefollowing:
1. User'sFullName:GeekoNovell
2. UserLogin:geeko
3. Password:novell
51.CreatetheuserbyclickingNext.
52.ConfirmthepasswordwarningsbyclickingYestwice.
53.IntheReleaseNotesscreen,reviewthereleasenotes;thenclickNext.
54.IntheHardwareConfigurationdialog,reviewthesettingssuggestedunderGraphics
Cards;thenclickNext.
55.CompletetheinstallationprocessbyclickingFinish.
Waitwhilethesystemisclonedandthegraphicalloginisloaded.
56.Edityourhostsfilebydoingthefollowing:
1. LogintoyourDA1serverasgeekowithapasswordofnovell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.
4. InYaST,selectNetworkServices>Hostnames.
5. ClickAdd.
6. Specifythefollowing:
IPAddress:172.17.8.104
Hostname:DASLED.digitalairlines.com
Alias:DASLED
7. ClickOK.

8. ClickFinish.
9. CloseYaST.
57.InstallVMwareToolsinyourSLES11virtualmachinebydoingthefollowing:
1. InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
2. InyourVMwarewindow,selectVM>InstallVMwareTools>Install.
3. Whenpromptedfortherootuser'spassword,enternovell.
AFileBrowserwindowopensdisplayingthefilesontheVMwareToolsISO
image.
4. RightclicktheVMwareToolsRPMfile;thenselectOpenwithInstallSoftware.
5. Whenpromptedfortherootuser'spassword,enternovell.
Waitwhilethepackageisinstalled.
6. Whencomplete,closetheFileBrowserwindow.
7. RightclicktheVMwareToolsicononthedesktop;thenselectUnmountVolume.
8. InyourVMwarewindow,selectVM>CancelVMwareToolsInstall.
9. InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Connect.
10.Whenpromptedfortherootuser'spassword,enternovellandclick
Authenticate.
11.ClosetheFileBrowserwindow.
12.Rightclickthedesktop;thenselectOpenInTerminal.
13.Attheshellprompt,entersufollowedbyapasswordofnovellandclick
Authenticate.
14.Attheshellprompt,entervmwareconfigtools.pl.
15.Whenpromptedtobuildthevmhgfsmodule,enteryes.
16.WhenpromptedforthelocationoftheCheaderfiles,pressEnter.

17.Whenpromptedtobuildthevmxnetmodule,enteryes.
18.Whenpromptedtoconfigureyourscreenresolution,entertheappropriatemenu
optionfor1024x768.
19.Rebootthesystembyenteringinit6attheshellprompt.
InstallSUSELinuxEnterpriseDesktop11

Inthisexercise,youinstallaSUSELinuxEnterpriseDesktop11system.Usethefollowing
specificationsasaguidelinefortheinstallation:
UsethedefaultpartitionsproposedbyYaST.
Usedefaultsoftwareselection,butaddtheC/C++CompilerandToolspattern.
rootpassword:novell
NOTE:Thispasswordisnotappropriateforaproductionenvironment.
UseastaticIPaddress:
IPaddress:172.17.8.104
Networkmask:255.255.0.0
Hostname:dasled
Domainname:digitalairlines.com
Nameserver:none
Defaultgateway:none
Uselocalauthentication.Createageekouseraccountwithapasswordofnovell.
Skiptheonlineupdate.
Dothefollowing:
1. Ifit'srunning,suspendyourDA1virtualserver.
2. InsertyourSLED11installationDVDintoyourhostworkstation'sDVDdrive.
3. InVMware,selectFile>Open.

4. Browsetoandselectthe/vms/3102/DASLED/DASLED.vmxfile.
5. SelectPowerOnThisVirtualMachine.
6. Ifpromptedtocreateanewidentifierforthevirtualmachine,selectKeep;thenclick
OK.
7. WhentheGRUBinstallationscreenappears,selectInstallationwiththearrowkeys
andpressEnter.
WaitwhileLinuxisloadedandtheYaSTInstallationmodulestarts.
8. IntheLanguageSelectiondialog,selectyourlanguageandyourkeyboardlayout.
9. IntheLicenseAgreementfield,selectIAgreetotheLicenseTerms;thenclickNext.
10.IntheMediaCheckscreen,clickStartCheck.
Waitwhilethemediaischecked.
11.Whenthemediacheckiscomplete,clickNext.
Waitwhilethesystem'shardwareisprobed.
12.IntheInstallationModedialog,selectNewInstallation;thenclickNext.
13.IntheClockandTimeZonedialog,selectyourtimezone.
14.DeselectHardwareClockSetToUTC.
15.Adjustthedateandtimetothecorrectparameters,ifneeded.
16.Whendone,clickNext.
Thefollowingisdisplayed:


17.Createanewstandarduserbyspecifyingthefollowing:
User'sFullName:GeekoChameleon
Username:geeko
Password:novell
18.SelectUseThisPasswordforSystemAdministrator;thenclickNext.
19.Whenpromptedthatthepasswordistoosimple,clickYes.
20.Whenpromptedthatthepasswordusesonlylowercaseletters,clickYes.

TheInstallationSettingsproposaldialogappears.
21.IntheInstallationSettingsOverview,selectSoftware.
22.UnderPatterns,scrolldowntoandselectC/C++CompilerandTools,asshown
below:

23.ClickOK.
24.Ifpromptedtoacceptlicenseagreementsforpackagestobeinstalled,selectAccept
untilyoureturntotheinstallationproposal.
25.IntheInstallationSettingsOverview,clickInstall.

26.Intheconfirmationdialog,clickInstall.
Waitwhilethediskispartitionedandthepackagesareinstalled.Thismaytakeupto
45minutestocomplete.
27.Atthispoint,yourinstallationiscomplete.YaSTdisplaysthefollowing:

28.CompletetheinstallationprocessbyclickingFinish.
Waitwhilethegraphicalloginisloaded.
29.AssignastaticIPaddresstoyourvirtualSLED11workstationbydoingthefollowing:
LogintoyourDASLEDworkstationasgeekowithapasswordofnovell.

SelectComputer>YaST.
Whenpromptedfortherootuser'spassword,enternovell.
SelectNetworkDevices>NetworkSettings.
Whenpromptedthatyournetworksettingsarecurrentlymanagedby
NetworkManager,clickOK.
SelectTraditionalMethodwithifup;thenclickOK.
InYaST,selectNetworkDevices>NetworkSettingsagain.
Selectyournetworkinterface,thenclickEdit.
SelectStaticallyAssignedIPAddress;thenspecifythefollowing:
IPAddress:172.17.8.104
SubnetMask:255.255.0.0
Hostname:DASLED
ClickNext.
SelecttheHostname/DNStab;thenspecifythefollowing:
Hostname:DASLED
DomainName:digitalairlines.com
ClickOK.
30.Edityourhostsfilebydoingthefollowing:
InYaST,selectNetworkServices>Hostnames.
ClickAdd.
Specifythefollowing:
IPAddress:172.17.8.101
Hostname:DA1.digitalairlines.com

Alias:DA1
ClickOK.
ClickFinish.
CloseYaST.
31.InstallVMwareToolsinyourSLES11virtualmachinebydoingthefollowing:
RightclicktheDVDicononyourdesktop;thenselectUnmountVolume.
InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
InyourVMwarewindow,selectVM>InstallVMwareTools>Install.
AFileBrowserwindowopensdisplayingthefilesontheVMwareToolsISO
image.
RightclicktheVMwareToolsRPMfile;thenselectOpenwithInstallSoftware.
SelectInstall.
Whenpromptedfortherootuser'spassword,enternovell.
Waitwhilethepackageisinstalled.
Whencomplete,closetheFileBrowserwindow.
RightclicktheVMwareToolsicononthedesktop;thenselectUnmountVolume.
InyourVMwarewindow,selectVM>CancelVMwareToolsInstall.
InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Connect.
Rightclickonthedesktop;thenselectOpenInTerminal.
Attheshellprompt,entersufollowedbyapasswordofnovell.
Attheshellprompt,entervmwareconfigtools.pl.
Whenpromptedtobuildthevmhgfsmodule,enteryes.

WhenpromptedforthelocationoftheCheaderfiles,pressEnter.
Whenpromptedtobuildthevmxnetmodule,enteryes.
Whenpromptedtoconfigureyourscreenresolution,entertheappropriatemenu
optiontospecify1024x768.
Rebootthesystembyenteringinit6attheshellprompt.

ManageSystemInitialization

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ManagetheBootLoader"
Inthisexercise,youpracticebootingintoashellandmodifying/boot/grub/menu.lst.
"ManageRunlevels"
Inthisexercise,youpracticeconfiguringrunlevels.
ManagetheBootLoader

Inthisexercise,youpracticebootingintoashellandmodifying/boot/grub/menu.lst.
Youenterinit=/bin/bashatthebootpromptandmodify/boot/grub/menu.lsttorequirea
passwordbeforekernelparameterscanbemodified.YouthentestthenewGRUB
configuration.
NOTE:ThisexercisewillnotworkwithSUSELinuxEnterprise11runningonphysical
hardwarewithaUSBkeyboard.USBdriversareusuallyloadedlateintheinitprocess.Ifyour
machineisequippedwithaUSBkeyboard,youhavetoaddthemodulestotheinitialRAM
diskforthisexercisetowork.TodothiswithaUSBkeyboard,completethefollowingsteps
first:FindoutwhichUSBmodulesareloadedbyenteringlsmodinaterminalwindow.Then
starttheYaSTControlCenter,andselectSystem>/etc/sysconfigEditor.ExpandSystem>
Kernel.InINITRD_MODULES,addtheappropriatemodules(suchasusbhid,uhdi_hcd,
and/orehci_hcd).Closethedialogs.Inaterminalwindow(asroot),entermkinitrd.
Completethefollowing:
1. IfyourDASLEDvirtualworkstationisrunning,suspendit.
2. IfyourDA1virtualserverissuspended,resumeit.
3. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.

4. Rightclickonthedesktop;thenselectOpeninTerminal.
5. Intheterminalwindow,entersufollowedbyapasswordofnovell.
6. Rebootthesystembyenteringinit6attheshellprompt.
7. WhentheGRUBbootmenuisdisplayed,pressSpacetostopthetimer.
8. IntheBootOptionsfield,replacethevga=0x332optionwithinit=/bin/bash.
Anexampleisshownbelow:

9. PressEnter.

Afterafewminutes,thebashpromptisdisplayed:

10.Remounttherootpartitionreadwritablebyentering
mountoremount,rw,sync/
11.Attheshellprompt,entervi/boot/grub/menu.lst.
12.PressIns.
13.Positionthecursoratthebeginningofthelinestartingwith"gfxmenu".
14.Commentoutthelinebyinsertingapoundsign(#)infrontofthelinestartingwith
"gfxmenu".
15.Toavoidhavingthepassworddisplayedincleartextintheconfigurationfile,createan
MD5Hashencryptedpasswordbydoingthefollowingwithinvi:
1. Addanew,blanklineafterthe"gfxmenu"lineyoujustcommentedout.
2. PressEsc.
3. Enter:r!echoe"secret\nsecret"|grubmd5crypt.

Thisrunsanexternalcommandfromwithinthevieditor.Theechocommand
sendsthesecretandsecrettextstringstothestandardinputofthegrub
md5cryptcommand.
Thegrubmd5cryptcommandusesthesestringsasinputforitsPassword:
andRetypePassword:prompts.Itthenencryptsthepassword.
Theoutputfromgrubmd5cryptcommandisinsertedintothefile,includingthe
encryptedpassword:

4. Arrowuptothelinethatreadsstty:standardinput:Invalid
argument.
5. Typeddtodeletetheline.
6. Repeatthisprocesstodeletethefollowinglines:
Password:
RetypePassword:
stty:standardinput:Invalidargument
7. PressIns.

8. Atthebeginningofthelinewiththeencryptedpassword,enterpasswordmd5.
Anexampleisshownbelow:

Yourhashvaluewillbedifferentthanthatshownabove.
1. SavethefilebypressingEscandthenentering:wq.
2. Resetthecomputerbyenteringrebootattheshellprompt.
Youwillnoticethatthestartscreenlooksdifferentnow,becauseyouturnedoffthe
graphicalmenu.
3. Ifyouwanttoeditthekernelcommandline,presspandthenenterapasswordof
secret.
4. SelecttheSUSELinuxEnterpriseServer11menuoptionandpressEnter.
Waitwhilethesystemboots.
5. Undothechangesin/boot/grub/menu.lst:
1. Loginasgeekowithapasswordofnovell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Attheshellprompt,entervi/boot/grub/menu.lst.
4. PressIns.
5. Putacommentsign(#)atthebeginningofthelinebeginningwithpassword.
6. Removethecommentsigninfrontofthelinestartingwithgfxmenu.
7. SavethefileandclosevibypressingEscandentering:wq.
8. Attheshellprompt,enterexit>exit.
ManageRunlevels

Inthisexercise,youpracticeconfiguringrunlevels.Thisexercisehasfourparts.
Inthefirstpart,youusetherunlevelcommandtodeterminethecurrentrunlevel.Youalso
usetheinitcommandtochangetorunlevel3andthenbackto5.
Inthesecondpart,youactivatetheatserviceatd.
Inthethirdpart,yourebootyourcomputerandbootintorunlevel3insteadofthedefault
runlevel5.Youthenloginandswitchtobacktorunlevel5.
Inthefourthpart,youactivatethersyncdaemonusingtheYaSTrunleveleditor.
Completethefollowing:
"PartI:ViewandChangetheCurrentRunlevel"
"PartII:ActivatetheatdService"
"PartIII:SetaRunlevelatBootTime"
"PartIV:EnablersyncdwithYaST"
PartI:ViewandChangetheCurrentRunlevel

Toviewandchangethecurrentrunlevel,dothefollowing:
1. Ifnecessary,logintoyourDA1serverasgeekowithapasswordofnovell.
2. Openaterminalwindowandsutorootusingapasswordofnovell.

3. Checkthepreviousandcurrentrunlevelsbyenteringrunlevelattheshellprompt.
Listtherunlevelsinthetablebelow:
Previous Current

NoticethatthepreviousrunlevelislistedasN,whichmeansthattherewasno
previousrunlevelset.
3. Changetorunlevel3byenteringinit3intheterminalwindow.
Thegraphicalenvironmentisterminatedandyouareleftataterminalloginprompt:

5. Loginasrootwithapasswordofnovell.
6. Checkthepreviousandcurrentrunlevelbyenteringrunlevel.
Listtherunlevelsinthetablebelow:
Previous Current

7. Switchtorunlevel5byenteringinit5.
TheGUIloginscreenappears.
8. Loginasgeekowithapasswordofnovell.
PartII:ActivatetheatdService

Toactivatetheatdservice,dothefollowing:
1. Openaterminalwindow.
2. Attheshellprompt,sutorootwithapasswordofnovell.
3. Viewthecurrentrunlevelconfigurationforatdbyenteringchkconfigatdlattheshell
prompt.
Noticethatconfigurationisoffforallrunlevels.
4. Installtheservicetoitspredefinedrunlevelsbyentering
insservdatd
5. Checkthemodifiedrunlevelconfigurationforatdbyenteringchkconfigatdlagain.
Noticethatthedefaultconfigurationforatdsetsrunlevels2,3,and5toon:


6. Changetothe/etc/rc.d/rc3.ddirectorybyenteringcd/etc/rc.d/rc3.dattheshellprompt.
7. Listtheatdfilesinthedirectorybyenteringlsl*atdattheshellprompt.
Noticethattherearetwoatdlinksoneisusedtostarttheatdserviceandoneisused
tokillit:

8. Starttheatservicebyenteringrcatdstartattheshellprompt.
9. Verifythattheserviceisrunningbyenteringrcatdstatusattheshellprompt.
10.Switchtovirtualterminal1bypressingCtrl+Alt+F1.
11.PressCtrl+ctobringuptheshellprompt.
12.Youshouldbestillbeloggedinasroot.Verifythisbyenteringwhoamiattheshell
prompt.
13.Switchtorunlevel1byenteringinit1attheshellprompt.

14.Whenprompted,enterarootpasswordofnovell.
15.Determineiftheatdserviceisrunningbyenteringrcatdstatusattheshellprompt.
Theserviceislistedasunusedbecauseitisnotconfiguredtostartatrunlevel1.
16.Switchbacktoyourpreviousrunlevel(5)byenteringinit5attheshellprompt.
TheGUIloginscreenappears.
17.Loginasgeekowithapasswordofnovell.
18.Openaterminalsessionandentersutoswitchtorootusingapasswordofnovell.
19.Fromthecommandline,removetheatdservicefromsystemstartuprunlevelsby
enteringchkconfigatdoff.
20.Viewthecurrentrunlevelconfigurationforatbyenteringchkconfigatdlattheshell
prompt.
Noticethattheserviceisoffforallrunlevels.
21.Reenabletheservicetostartatthedefaultrunlevelsbyenteringchkconfigatdonat
theshellprompt.
PartIII:SetaRunlevelatBootTime

Tosetarunlevelatboottime,dothefollowing:
1. Rebootbyenteringinit6attheshellprompt.
2. WhentheGRUBbootmenuisdisplayed,pressSpacetostopthetimer.
3. IntheBootOptionsfield,addthenumber3attheendoftheline,asshownbelow:


4. PressEntertoboottheLinuxsystemtorunlevel3.
5. Whentheloginpromptappears,loginasrootwithapasswordofnovell.
6. Displaythecurrentrunlevelbyenteringrunlevelattheshellprompt.
7. Switchtorunlevel5byenteringinit5attheshellprompt.
8. SwitchbacktothevirtualterminalbypressingCtrl+Alt+F1.
9. PressCtrl+C.
10.Logoutasrootbyenteringexit.

11.SwitchbacktothegraphicaluserinterfacebypressingCtrl+Alt+F7.
12.Loginasgeekowithapasswordofnovell.
PartIV:EnablersyncdwithYaST

ToenablersyncdwithYaST,dothefollowing:
1. Inthegraphicaldesktop,selectComputer>YaST.
2. Enterapasswordofnovell.
TheYaSTControlCenterappears.
3. SelectSystem>SystemServices(Runlevel).
TheRunlevelEditor:Servicesdialogappears.
4. Switchtoamoredetailedview(withadditionaloptions)byselectingExpertMode.
5. Scrolltoandselectrsyncd.
6. Belowthelist,configurethisservicetostartatrunlevels3and5byselecting3and5.
7. FromtheSet/Resetdropdownlist,selectEnabletheService.
8. StartthersyncdservicebyselectingStartNowfromtheStart/Stop/Refreshdropdown
list.
Astatusmessageappearsindicatingthattheservicestartedsuccessfully.
9. ClosethestatusmessagebyselectingOK.
10.StopthersyncdservicebyselectingStopNowfromtheStart/Stop/Refreshdropdown
list.
Astatusmessageappearsindicatingthattheservicestoppedsuccessfully.
11.ClosethestatusmessagebyselectingOK.
12.SavethechangesbyselectingOK>Yes.
13.ClosetheYaSTControlCenter.

AdministerLinuxProcessesandServices

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ManageLinuxProcesses"
Inthisexercise,youstartandstopprocessesandchangetheirpriorities.
ManageLinuxProcesses

Inthisexercise,youpracticestartingandstoppingprocessesandchangingtheirpriorities.
Inthefirstpartoftheexercise,youstartandsuspendgcalctool,moveittothebackground
andforeground,andthenstopit.
Inthesecondpart,youstartgcalctoolandsetthepriorityoftherunningprogramtoanice
valueof5.Thenyoustartxeyeswithanicevalueof10.
Completethefollowing:
"PartI:MoveProcessestotheBackground"
"PartII:ModifyProcessPriorities"
PartI:MoveProcessestotheBackground

Tomoveprocessestothebackground,dothefollowing:
1. IfyourDA1serverisrunning,suspendit.
2. IfyourDASLEDworkstationissuspended,resumeit.
3. Ifnecessary,logintoyourDASLEDvirtualworkstationasgeekowithapasswordof
novell.
4. Openaterminalwindowandsutorootusingapasswordofnovell.
5. Atthecommandline,displaytheprocessesthatarecurrentlyownedbygeekoby
entering
pslUgeeko(withalowercaseL)
6. Displaytheprocessesthatarecurrentlyownedbyrootbyentering
pslUroot(withalowercaseL)
7. StarttheGNOMECalculatorprogrambyenteringgcalctoolattheshellprompt.

Noticethattheterminalisnotavailabletoreceivenewcommandsbecauseno
commandlineisdisplayed.Thisisbecausethecalculatorprogramisrunninginthe
foreground.
8. Arrangethecalculatorwindowandtheterminalwindowsothatyoucanseethemboth;
thenselecttheterminalwindowtoactivateit.
9. SuspendthecalculatorprogrambypressingCtl+z.
10.Tryusingthecalculatortooltocalculateseveralnumbers.
Becauseitsprocesswassuspended,thecalculatordoesnotrespond.
11.Viewthejobinthebackgroundbyentering
jobs
Youshouldseethatthegcalctooljobisstopped:

12.Viewthegcalctoolprocessrunningfromthecurrentterminalbyentering
psl(withalowercaseL)
TheprocessshowsastatusofT,whichindicatesthatitisbeingtracedorstopped:

13.Resumethecalculatorprogramrunninginthebackgroundbyentering
bg1
Noticethatthecalculatorprogramisrunningagain.Becauseit'srunninginthe
background,youcannowusetheterminalwindowtoenterothercommands.
14.Verifythatthejobstatusisrunningbyentering
jobs

Youshouldseethatthegcalctooljobisnowrunning:

15.Viewthegcalctoolbranchintheprocesstreebyentering
pstreep|grepgcalctool
Noticethatthegcalctoolprocessislistedattheendofthetree:

16.Bringthexosviewprocessintotheforegroundbyentering
fg1
17.Closethecalculatorprogram.
18.Startthecalculatorinthebackgroundbyentering
nohupgcalctool&
NOTE:Thenohupcommandrunsacommandsuchthatisignoresanyhangupkill
signalssenttoit.
19.Closetheterminalwindow.
Thecalculatorprogramremainsrunning.
20.Openanewterminalwindow.
21.Startthetopprogrambyentering
top
22.Viewonlytheprocessesstartedbyrootbytypingu;thenenteringroot.
23.Checkforthecalculatorprogram(gcalctool)listedintop.
24.(Conditional)Ifyoucannotfindthegcalctoolprogram,trymaximizingtheterminal
window.YoucanalsoactivatetheCalculatorwindowanduseittocalculateseveral
numbers.Thisshouldcausethegcalctoolprocesstobemovednearthetopofthe

outputintop.
YoucanalsoenterFintopandselectPIDasthesortcolumn.Ifneeded,youcanalso
reversethesortorderbypressingR
25.RecordthePIDofthegcalctoolprocess:
26.Exittopbytypingq.
27.Viewinformationaboutthegcalctoolprocessbyentering
psPID_of_gcalctool_process
28.Switchtoyourrootuseraccountusingthesucommandandapasswordofnovell.
29.Stopthecalculatorprogramandcheckthestatusbyenteringthefollowingcommands:
killPID_of_gcalctool_processpsaux|grepgcalctool
30.Startthexeyesprograminthebackgroundbyentering
xeyes&
31.Killthexeyesprogrambyentering
killallxeyes
PartII:ModifyProcessPriorities

Tomodifyprocesspriorities,dothefollowing:
1. Switchbacktoyourgeekouserbyenteringexitattheshellprompt.
2. Startthegcalctoolprograminthebackgroundbyentering
gcalctool&
3. RecordthePIDforgcalctool(displayedintheterminalwindow):
4. Viewtherunningprocessbyentering
pslf
Noticethatthenicevalue(NI)iscurrentlyat0.
5. Increasethepriorityoftheprocesstoanicevalueof5byentering

renice5pPID_of_gcalctool_process
Noticethataregularusercannotchangethenicevaluetoavaluebelow0,only020.
6. Switchtoroot(su)withapasswordofnovell.
7. Trysettingthenicevalueto5againbyentering
renice5pPID_of_gcalctool_process
8. Checkthatthesettingiseffectivebyentering
pslf(lowercaseL)
Noticethattheprocessisnotdisplayed,becausepslfonlydisplaysprocessesstarted
bythecurrentuser.Thecalculatorprogramwasstartedbygeeko(notroot).
9. Viewallprocessesbyentering
psalf
Thegcalctoolsprocessisnowdisplayed.
10.Changethenicevalueforthegcalctoolsprocesstoahigherprioritybyentering
renice10pPID_of_gcalctools_process
11.Verifythatthegcalctoolsprocessnicevalueissetto10byentering
psalf(withalowercaseL)
12.Exittheshellrunningasrootbyentering
exit
Youshouldnowbeusergeekoagain.
13.Startthexeyesprograminthebackgroundwiththenicevalueof+10byentering
nicexeyes&
14.Verifythatthexeyesprocessnicevalueissetto+10byentering
pslf(withalowercaseL)
15.Killthegcalctoolsandxeyesprocessesbyenteringthefollowingcommands:

killPID_of_gcalctools_processkillallxeyes
16.Closeyourterminalwindow.

AdministertheLinuxFileSystem

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfigurePartitionsonyourHardDrive"
Inthisexercise,youpracticecreatingpartitionsandfilesystemswithYaSTandfdisk.
Youalsousecommandlinetoolstocreatefilesystems.
"ManageFileSystemsfromtheCommandLine"
Inthisexercise,youpracticemanagingfilesystemsfromthecommandline.
"CreateLogicalVolumes"
Inthisexercise,youlearnhowtoadministerLVMwithYaST.
"SetUpandConfigureDiskQuotas"
Inthisexercise,youlearnhowtoadministerquotas.
ConfigurePartitionsonyourHardDrive

Inthisexercise,youpracticecreatingpartitionsandfilesystemsusingYaSTandfdisk.You
alsousecommandlinetoolstocreatefilesystems.
Inthefirstpartofthisexercise,youuseYaSTtocreatethefollowingpartitionsandfile
systems:
Anextendedpartitionusingtheremainingdiskspace.
Onelogicalpartitionwithasizeof500MB,anext3filesystem,andamountpointof
/apps.
Onelogicalpartitionwithasizeof1GB,aReiserfilesystem,andamountpointof
/srv.
Inthesecondpartofthisexercise,youusefdisktocreatethefollowingpartitions:
OnepartitionofthepartitiontypeWin95/FAT32withasizeof500MB.

TwopartitionswiththepartitiontypeLinuxandsizesof1GBand2GB.
Inthethirdpartofthisexercise,youcreatefilesystemsonthepartitionsyoucreatedinthe
secondpartusingtheapplicableoptionsformkfs:
CreateaFAT32filesystemon/dev/sda7.
Createanext2filesystemon/dev/sda8.
CreateaReiserfilesystemwithafilesystemsizeof625MBon/dev/sda9.
Todothis,youneedtocompletethefollowingtasks:
"PartI:CreatePartitionsandFileSystemswithYaST"
"PartII:PartitionManuallywithfdisk"
"PartIII:ManageFileSystemsfromtheCommandLine"
PartI:CreatePartitionsandFileSystemswithYaST

TocreatepartitionsandfilesystemswithYaST,dothefollowing:
1. IfyourDASLEDvirtualmachineiscurrentlyrunning,suspendit.
2. IfyourDA1virtualmachineissuspended,resumeit.
3. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
4. Openaterminalwindowandusethesucommandtoswitchtoyourrootaccount
usingapasswordofnovell.
5. Attheshellprompt,enteryast2disk.
Awarningmessageappears.
6. ContinuebyclickingYes.
Afterafewmoments,theExpertPartitionerdialogappears.
7. CreateanextendedpartitionwithYaSTbydoingthefollowing:
1. FromtheSystemView,expandHardDisks.
2. Highlightsda,thenclickAdd.

3. FortheNewPartitionType,selectExtendedPartition;thenclickNext.
TheNewPartitionSizedialogisdisplayed:

4. MakesureMaximumSizeisselected;thenclickFinish.
YouarereturnedtotheExpertPartitionerdialog,withtheextendedpartition
listedasanewentryforyourharddisk:


8. Createanewext3partitionwithYaST:
1. ClickAdd.
TheNewPartitionSizedialogisdisplayed.
2. VerifythatCustomSizeisselected.
3. IntheSizefield,enter500MB;thenclickNext.
NOTE:BesuretouseuppercasecharacterswhenenteringMBorGBinthe
ExpertPartitionerfields.

TheFormattingOptionsdialogisdisplayed:

4. SetthefilesystemtypetoExt2.
5. UnderMountingOptions,selectMountPartition.
6. FortheMountPoint,enter/apps.
7. CreatethepartitiondefinitionbyclickingFinish.
YouarereturnedtotheExpertPartitionerdialogwherethenewpartitionis
addedtothelist:


Theasterisk(*)afterthemountpointindicatesthefilesystemisnotcurrently
mounted.
1. Createapartitionforthe/srvdirectory:
1. Withthesdadiskselected,clickAdd.
2. WithCustomSizeselected,enter1GBintheSizefield;thenclickNext.
3. IntheFileSystemdropdownlist,selectReiser.
4. UnderMountingOptions,selectMountPartition.

5. FortheMountPoint,enter/srv.
6. Addthe/srvpartitionbyclickingFinish.
YouarereturnedtotheExpertPartitionerdialogwherethenewpartitionis
addedtothelist:

10.AddthenewpartitionstotheharddrivebyclickingNext.
Adialogisdisplayedshowingasummaryofthechanges.
11.SelectFinish.

ThiscommitsthechangestodiskandclosestheExpertPartitionerdialog.
12.Verifycreationofthenewpartitionfor/apps.
Intheterminalwindowwhereyouareloggedinasroot,verifythatthenewpartitions
havebeenmountedbyenteringmount.
Youshouldseethefollowinglines:

13.Thecontentsofthe/srvdirectoryarenolongervisibleasitiscurrentlyusedasthe
mountpointforthe/dev/sda6partition.Tocopytheexistscontentsofthedirectoryto
thenewpartition,dothefollowing:
1. Unmount/dev/sda6byentering
umount/srv
2. Mountthepartition/dev/sda6under/mntbyentering
mount/dev/sda6/mnt
3. Movethecontentof/srvto/mnt
mv/srv/*/mnt
4. Umount/mntandmount/dev/sda6again,usingtheentriesin/etc/fstab
umount/mntmounta
5. Verifythatthefilesyoumovedareavailableagainunder/srvbyentering
ls/srv/
14.Verifythattheappropriateentrywasaddedtothe/etc/fstabforthenewpartitionsby
entering:
cat/etc/fstab
Youshouldseethefollowing:


Theseentriesensurethatthenewpartitionsaremountedwhenthesystemboots.
PartII:PartitionManuallywithfdisk

Topartitionmanuallyfromthecommandlinewithfdisk,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,starttheutilityfdiskonthefirst
harddiskonyourserverbyentering
fdisk/dev/sda
Amessageisdisplayedindicatingthatthenumberofcylindersisabove1024,which
mightcauseproblemsundercertaincircumstances.
2. Viewthecurrentpartitiontableinfdiskbyenteringp.
Noticethattherearefivepartitionsdefinedonsda:

3. Createanew500MBWin95FAT32logicalpartitionintheextendedpartitionyou
createdearlierbydoingthefollowing:
1. Createanewpartitionbyenteringn.
2. Enterl(lowercaseL)forlogical.
3. AcceptthedefaultfirstcylinderbypressingEnter.
4. Indicatethepartitionsizebyentering+500M.
5. ChangethepartitiontypetoWin95FAT32byenteringt(fortype).
6. Enter7toselectthepartitionyoujustcreated.

7. WhenpromptedforaHexcode,enterbforWin95/FAT32.
8. Verifythenewpartitionconfigurationbyenteringp.
Noticethatthesda7partitionhasbeenaddedtothetable:

4. Create2morelogicalpartitionswithapartitiontypeofLinux(thedefault)bydoingthe
following:
1. Createanewpartitionbyenteringn.
2. Enterl(lowercaseL)tocreatealogicalpartition.
3. AcceptthedefaultfirstcylinderbypressingEnter.
4. Specifyapartitionsizeof1GBbyentering+1G.
5. Createanothernewpartitionbyenteringn.
6. Enterl(lowercaseL)tocreatealogicalpartition.
7. AcceptthedefaultfirstcylinderbypressingEnter.
8. Indicatethepartitionsizebyentering+2G.
9. Verifythenewpartitionconfigurationbyenteringp.
Noticethattwonewpartitions(sda8andsda9)havebeenaddedtothepartition
table:


5. Writethenewpartitiontabletoyourharddriveandexitfdiskbyenteringw.
6. Viewthecurrentpartitiontableusedbythekernelbyentering
cat/proc/partitions
Noticethatthe3newpartitionsyoujustcreatedaren'tlisted.
7. Toaccessthenewpartitions,youmustupdatethekernel'spartitiontablestoredin
memory.Dooneofthefollowing:
1. Havethekernelupdateitspartitiontablebyenteringpartprobe.
2. Rebootthesystembyenteringreboot.
8. Viewthepartitiontableagainbyentering
cat/proc/partitions
PartIII:ManageFileSystemsfromtheCommandLine

Tomanagefilesystemsfromthecommandline,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,createthefollowingfile
systems:
1. CreateanewFAT32filesystemon/dev/sda7andgiveitthelabeldata1by
enteringthefollowing:
mkfs.msdosndata1/dev/sda7
Thefollowingmessageshouldbedisplayed:
mkfs.msdos2.11(12Mar2005)

Thisconfirmsthefilesystemwascreated.
NOTE:Makesureyouspecifythecorrectdeviceintheabovecommand!Ifyou
specifythewrongdevice,nowarningmessagewillbedisplayedandthefile
systemonthedevicewillbeoverwritten.
2. Createanewext2filesystemon/dev/sda8withverboseoutputbyenteringthe
following:
mkfstext2v/dev/sda8
Noticethatbyaddingtheoptionv,extensiveinformationaboutthenewfile
systemisdisplayed:

1. CreateanewReiserfilesystemon/dev/sda9thatis625MBinsizebyentering
mkreiserfs/dev/sda9160000
Awarningmessageappearsindicatingthatalldatawillbeloston/dev/sda9.
2. Continuebyenteringy.
2. Createthedirectoriesnameddata1,data2,anddata3under/export/byentering

mkdirp/export/data{1,2,3}
3. Verifythatthedirectorieswerecreatedbyentering
lsl/export
4. Asroot,addentriestothe/etc/fstabfileforthenewfilesystems:
1. Openthefile/etc/fstabinthevieditorbyenteringvi/etc/fstabattheshell
prompt.
2. PressIns.
3. Attheendofthefilefstab,addthefollowingnewlines:
/dev/sda7/export/data1vfatdefaults12/dev/sda8/export/data2ext2defaults1
2/dev/sda9/export/data3reiserfsdefaults12
NOTE:Youmustaddanemptylineafterthelastnewentryattheendofthefile,
otherwisethemountcommandcannotreadthefile.
Thesenewentriesensurethesda7,sda8,andsda9partitionsaremounted
whenstartingorrebootingthesystem.
4. Savethechangesto/etc/fstabbypressingEscandthenentering:wq.
5. Intheterminalwindow,rereadthe/etc/fstabfileandmountallofthenewfilesystems
byentering
mounta
6. Viewtheinformationonthemountedfilesystemsbyenteringthefollowingtwo
commands:
mountcat/proc/mounts
Youshouldseeentriesforthethreenewpartitionsyoujustcreated,asshowninthe
following:


ManageFileSystemsfromtheCommandLine

Inthisexercise,youpracticemanagingfilesystemsfromthecommandline.Intheprevious
exercise,youcreatedseveralpartitionsandfilesystems.
Inthefirstpartofthisexercise,yourune2fsckontheext2filesystemyoucreatedon
/dev/sda5,whichismountedin/apps.
Inthesecondpartoftheexercise,youconvertthe/dev/sda8partitiontoanext3filesystem
byaddingajournal.Youalsoaddalabeltoit.
Finally,youresizetheReiserfilesystemon/dev/sda9tousetheentirepartitionandnotjust
625MB.

Completethefollowing:
"PartI:Rune2fsck"
"PartII:CustomizetheFileSystems"
PartI:Rune2fsck

Torune2fsck,dothefollowing:
1. IfifyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. Openaterminalsessionandswitchtoyourrootuseraccountbyenteringsufollowed
byapasswordofnovellattheshellprompt.
4. Unmountthefilesystemon/dev/sda5byentering
umount/apps
5. Verifythatthefilesystemisnolongermountedbyentering
mount
The/dev/sda5partitionshouldnotbelistedintheoutputofthemountcommand.
6. Startafilesystemcheckonsda5runninginverbosemodewithanautomaticresponse
ofyestoallpromptsbyentering
e2fsckfyv/dev/sda5
7. Mountthe/appsfilesystemagainbyentering
mount/apps
8. Verifythatthefilesystemon/dev/sda5ismountedbyenteringmount
PartII:CustomizetheFileSystems

Inthispartoftheexercise,youaddajournaltoanext2filesystem,effectivelymakingitan
ext3filesystem.Completethefollowing:
1. Modifythe/dev/sda8partition:
1. Intheterminalwindow,umountthe/dev/sda8partitionandviewdetailsabout

theext2filesystemonitbyentering
umount/dev/sda8;dumpe2fs/dev/sda8|more
Noticetheblocksizeandthefilesystemstate.
2. Givetheext2filesystemavolumenameof/export/data2whilethefilesystemis
unmountedbyentering
tune2fsL/export/data2/dev/sda8
NOTE:Itiscommonpracticetousethisnamingconvention.Namingafile
systemafteritsmountpointcanbeusefulinsystemrescuesituationswhen
the/etc/fstabfileisnotavailable.
3. Verifythatthefilesystemnowhasavolumenamebyentering
dumpe2fs/dev/sda8|less
Youshouldseethatthevolumenamehasbeensettothepartition'smount
point,asshownbelow:

4. Addajournaltothefilesystem(makingitanext3filesystem)byentering
tune2fsj/dev/sda8
5. Verifythatthefilesystemnowcontainsajournalbyentering
dumpe2fs/dev/sda8|less
Youshouldseethefollowing:


6. Mount/dev/sda8againbyentering
mount/dev/sda8
7. Viewinformationonthemountedfilesystemsbyentering
mount
Noticethatthefilesystemisstillmountedasanext2filesystem.
8. Unmountthepartition/dev/sda8againbyentering
umount/dev/sda8
9. Verifythatthefilesystemstateiscleanbyentering
dumpe2fs/dev/sda8|less
10.Editthe/etc/fstabfiletochangethefilesystemtypefromext2toext3by
enteringvi/etc/fstabattheshellprompt.
11.PressIns.
12.Locatetheentryfor/dev/sda8andchangethefilesystemtypefromext2to
ext3,asinthefollowing:


13.PressEsc,thenenter:exittosavethechangestothefileandexitthevieditor.
14.Atthecommandline,reread/etc/fstabandmountthepartitionasanext3file
systembyentering
mounta
15.Verifythechangebyentering
mount
Youshouldseethat/dev/sda8hasbeenmountedasanext3filesystem,as
shownbelow:

16.Unmountthepartition/dev/sda8againbyentering

umount/export/data2
17.Mountthepartitionasanext2filesystemmanuallybyentering
mounttext2/dev/sda8/export/data2
18.Verifythatthefilesystemismountedwithoutajournal(asanext2filesystem)
byentering
mount
Asyoucansee,ext3isbackwardcompatiblewithext2:

1. Remount/dev/sda8asanext3filesystemandverifythechangebyenteringthe
followingcommands:
umount/export/data2mountamount
2. Modifythe/dev/sda9partitionbydoingthefollowing:
1. Viewthesizeofthe/dev/sda9partitionbyentering
dfh
Notethesizeof/dev/sda9,whichshouldbesimilartothatshowninthe
following:

2. Unmountdev/sda9byentering

umount/export/data3
3. Whilethepartitionisunmounted,addalabelof/export/data3tothefilesystem
byentering
reiserfstunel/export/data3/dev/sda9
4. Resizethepartitiontoconsumetheentirepartitionbyentering
resize_reiserfs/dev/sda9
NOTE:Whennosizeisspecified,thefilesystemisresizedtouseallavailable
spaceonthepartition.IncreasingthesizeoftheReiserFSisalsopossiblewhen
thefilesystemismounted.
5. Remountthepartitionbyentering
mounta
6. Viewthesizeofthepartitionbyentering
dfh
Thesizeisnolonger625MBbutis2GBormore,dependinguponthesizeof
yourextendedpartition.
7. Unmountthepartitionsoyoucanrunafilesystemcheckonitbyentering
umount/export/data3
8. Runacheckonthefilesystemon/dev/sda9byentering
reiserfscky/dev/sda9
9. Remountallfilesystemsbyentering
mounta
CreateLogicalVolumes

Inthisexercise,youlearnhowtoadministerLVMwithYaST.
Inthefirstpartofthisexercise,youuseYaSTtocreatetwophysicalvolumes(PVs)witha
sizeof1GBeach.Youthenaddthemtoavolumegroup(VG)namedprojects.
Withinthevolumegroup,younextaddtwologicalvolumesnamedpilot(750MB)and

production(750MB)whichwillbemountedunder/projects/pilotand/projects/production,
respectively.
Inthesecondpartoftheexercise,youincreasethesizeofthelogicalvolumeproductionto
themaximumspaceavailablewithinthevolumegroup.
Completethefollowing:
"PartI:CreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes"
"PartII:ResizeanLVMVolume"
PartI:CreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes

TocreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes,dothefollowing:
1. IfyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. StartYaSTbyselectingComputer>YaSTandenteringapasswordofnovell,when
prompted.
4. SelectSystem>PartitionerandacknowledgethewarningmessagebyselectingYes.
TheExpertPartitionerdialogappears.
5. CreateanewLVMpartitionbydoingthefollowing:
1. FromtheSystemView,expandHardDisks.
2. Highlightsda;thenclickAdd.
3. VerifyCustomSizeisselected;thenenter1GBintheSizefield,asshown
below:


1. ClickNext.
2. UnderFormattingOptions,selectDonotformatpartition.
3. UnderFileSystemID,select0x8ELinuxLVM.
4. SavethepartitiondefinitionbyselectingFinish.
2. Createanother1GBLVMpartitionbyrepeatingtheprecedingstep.
Youshouldnowhavetwo1GBLVMpartitions:


7. FromtheSystemView,selectVolumeManagement;thenclickAddVolumeGroup.
8. Specifythefollowing:
1. VolumeGroupName:projects
2. PhysicalExtentSize:4MB
9. AddeachLinuxLVMphysicalvolumetothevolumegroupprojectsbyCtrlclicking
/dev/sda10and/dev/sda11andthenclickingAdd.
10.ClickFinish.

TheVolumeManagementdialogappearsdisplayingthenewlyaddedvolumegroup:

11.Addalogicalvolumenamedpilottotheprojectsvolumegroupbydoingthefollowing:
1. FromtheSystemView,selectprojects;thenclickAdd.
TheAddLogicalVolumedialogappears.
2. EnteraLogicalVolumenameofpilot;thenclickNext.
3. SelectManualSizeandenter750MBintheSizefield;thenclickNext.
4. IntheFileSystemdropdownlist,selectReiser.

5. SelectMountPartition;thenenteramountpointof/projects/pilot.
6. SelectFinish.
12.Addalogicalvolumenamedproductiontotheprojectsvolumegroupbydoingthe
following:
1. FromtheSystemView,selectprojects;thenclickAdd.
2. EnteraLogicalVolumenameofproduction;thenclickNext.
3. SelectManualSizeandenter750MBintheSizefield;thenclickNext.
4. IntheFileSystemdropdownlist,selectReiser.
5. SelectMountPartition;thenenteramountpointof/projects/production.
6. SelectFinish.
YouarereturnedtotheExpertPartitioner.
13.IntheExpertPartitioner,clickNext.
Amessageappears;acceptthechangesbyclickingFinish.
14.Openaterminalwindowandusethesucommandandapasswordofnovellto
switchtoroot.
15.ViewthenewLVMfilesystemsbyentering
dfh
Youshouldseeoutputsimilartothefollowing:


16.Viewthedevicenamesandmountlocationsbyentering
cat/etc/fstab
Youshouldseethefollowing:

PartII:ResizeanLVMVolume

ToresizeaLVMVolume,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,enterumount
/projects/production.
2. FromtheYaSTControlCenter,selectSystem>Partitionerandacknowledgethe

warningmessagebyselectingYes.
TheExpertPartitionerdialogappears.
3. FromtheSystemView,expandVolumeManagement.
4. Expandprojectsandselectproduction;thenclickResize.
TheResizeLogicalVolumedialogappears,asshownbelow:

Notethesizeofthevolume.
4. Usetheslidertoselectthemaximumsizeavailable.
Noticethatthesizechangestothemaximumspaceavailable.
5. ContinuebyclickingOK.
6. SavethechangesbyclickingNext;thenapplythechangesbyclickingFinish.
7. Fromtheterminalwindow,viewthenewsizeofproductionbyentering
dfh
Youshouldseeoutputsimilartothefollowing:

SetUpandConfigureDiskQuotas

Inthisexercise,youlearnhowtoadministerquotas.Youinstallthequotapackageandthen
configurequotasfor/dev/sda8,whichismountedat/export/data2.
Completethefollowing:
1. IfyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. Openaterminalwindow;thenswitchtorootusingthesucommandandapasswordof
novell.
4. Installthequotapackagebyenteringyastiquota.
5. (Conditional)InserttheSLES11installationDVD,ifprompted.
6. Viewthediskquotaconfigurationforusergeekobyentering
quotavugeeko
Thelackofanyoutputindicatestherearenoquotascurrentlyconfiguredforgeeko.
7. Addquotamountoptionstothe/dev/sda8partitionbydoingthefollowing:
1. Openthe/etc/fstabfileinthevieditorbyentering
vi/etc/fstab
2. PressInsandarrowdowntothe/dev/sda8entry.
3. Editthe/dev/sda8entrytothefollowing:

/dev/sda8/export/data2ext3
defaults
,usrquota,grpquota12

4. Whenyoufinish,pressEsc;thensavethefileandexitbyentering:wq.
8. Remountthefilesystemsoitthatthechangesinthe/etc/fstabfilearereadbythe
systembyentering
mountoremount/dev/sda8
NOTE:Ifyoureceivetheerrormessage"/export/data2mountedalready,orbad
option",checkthecontentsofthe/etc/fstabfile.Youmighthavemisspelledthe
usrquotaorgrpquotaoption.
9. Runquotachecktoinitializethequotadatabasebyentering
quotacheckmavug
NOTE:Youwillreceiveseveralstatusmessagesaboutoldquotafiles.Theseindicate
thatthisisanewquotadatabasewithnopreviousquotadatabasefilesonthesystem.
10.Verifythattheaquota.userandaquota.groupsfilesexistinthe/export/data2directory
byentering
lsl/export/data2
11.Turnquotasonforallfilesystemsthataremountedwiththeseoptionsbyentering
quotaonav
12.Makethequotasystempersistentafterrebootbyentering
insservboot.quota
13.Setaquotaforgeekowithasoftblocklimitofabout20MBandahardblocklimitof
about30MBon/dev/sda8byentering
edquotaugeeko
Thequotaeditorappearsinthevieditor.
14.PressIns.

15.Undersoft,removethe0andenter20000.
16.Underhard,removethe0andenter30000.
17.Whenyou'refinished,pressEsc;thenenter:wq.
18.Viewthequotainformationaboutallconfiguredusersbyentering
repquotaav
Youshouldseethefollowing:

19.(Optional)Ifyoufinishearly,setaquotafortheusersgroupof100MBforthesoftlimit
and150MBforthehardlimit.
20.Testifthequotasbydoingthefollowing:
1. Asroot,createadirectorynamed/export/data2/geekoandchangetheownerto
geekobydoingthefollowing:
mkdir/export/data2/geekochowngeeko.users/export/data2/geeko
2. Changetotheuseraccountgeekoandcreateafilebyentering
sugeekoddif=/dev/zeroof=/export/data2/geeko/bigfile
Afterashorttime,youshouldseeamessageindicatingthequotawas
exceeded,asshownbelow:


21.Closeallopenwindows.

ConfiguretheNetworkManually

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfiguretheNetworkConnectionManually"
Inthisexercise,youlearnhowtoconfigurethenetworkmanually.
ConfiguretheNetworkConnectionManually

Thepurposeofthisexerciseistofamiliarizeyouwithmanuallyconfiguringnetworksettings.
Inthefirstpart,youusetheipcommandtofindoutthecurrentsettingsforIPaddress,routes,
macaddress.Inthesecondpart,youuseYaSTtodeletethecurrentnetworkconfiguration.
Inthethirdpart,youusetheipcommandtosetupthenetworkmanually.Inthefourthpart,
yourecreatethefilenotedinPartIusinganeditor.
Completethefollowing:
"PartI:NotetheCurrentNetworkConfiguration"
"PartII:DeletetheCurrentNetworkSetupwithYaST"
"PartIII:ConfiguretheNetworkManually"
"PartIV:SavetheNetworkConnectiontoanInterfaceConfigurationFile"
PartI:NotetheCurrentNetworkConfiguration

Tonotethecurrentnetworkconfiguration,dothefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Enteripaddressshoweth0.
4. Undereth0,findthelinestartingwithinetandrecordtheIPaddresswiththesubnet
maskdisplayedinthatline:
IPaddress:
Subnetmask:
5. Enteriprouteshow.
Noticethatadefaultgatewayhasnotbeenassigned.
6. Enteriplinkshoweth0.
7. Findthelinestartingwithlink/etherandrecordtheMACaddressofthenetwork
card:
MACaddress:
PartII:DeletetheCurrentNetworkSetupwithYaST

TodeletethecurrentnetworksetupwithYaST,dothefollowing:
1. StartYaST;thenselectNetworkDevices>NetworkSettings.
2. Selectyournetworkcard;thenclickDelete.
3. ClickOK.
4. CloseYaST.
5. Verifythatthenetworkconnectionisnotworkinganymorebypingingyourhost
system'svmnet1virtualnetworkinterface.Enterthefollowingattheshellprompt:
ping172.17.0.1
Youshouldseeamessageindicatingthatthenetworkisunreachable.
6. Enteripaddressshowattheshellprompt.
Notethatthestateofyoureth0deviceisDOWN.

PartIII:ConfiguretheNetworkManually

Toconfigurethenetworkmanually,dothefollowing:
1. Enterthefollowingcommandattheshellprompt:
ipaddressadd172.17.8.101/16brd+deveth0
2. Toactivatethenetworkdevice,enter
iplinkseteth0up
3. Tosetthedefaultroute,enter
iprouteadddefaultvia172.17.0.1
4. Verifythatthenetworkconnectionisworkingagainbyentering
ping172.17.0.1
Youshouldseeyourhostsystemrespondtotheping,asshownbelow:

PartIV:SavetheNetworkConnectiontoanInterfaceConfigurationFile

Tosavethenetworkconnectiontoaninterfaceconfigurationfile,dothefollowing:
1. Intheterminalwindow,enter
cd/etc/sysconfig/network
2. Makeacopyofthenetworkconfigurationtemplatebyentering
cpifcfg.templateifcfgeth0
3. Openthecopiedfileinatexteditorbyenteringviifcfgeth0attheshellprompt.
4. PressIns.
5. Findthefollowingoptionsandentertheindicatedvalues:

STARTMODE='auto'
BOOTPROTO='static'
IPADDR='172.17.8.101/16'
NETMASK='255.255.0.0'
BROADCAST='172.17.255.255'
ChangeBRIDGE='yes'toBRIDGE='no'
6. PressEsc;thensavethefileandexitvibyentering:wq.
7. Createanewfilewithvicalledroutesbyenteringviroutesattheshellprompt.
8. PressIns;thenaddthefollowinglinetothefile:
default172.17.0.1
9. PressEsc;thensavethefileandexitvibyentering:wq.
10.Rebootyoursystembyenteringinit6attheshellprompt.
Waitwhilethesystemreboots.
11.Afterrebooting,loginasgeekowithapasswordofnovell.
12.Openaterminalwindow.
13.Changetorootusingthesucommandandapasswordofnovell.
14.Verifythatthenetworkconfigurationloadedcorrectlybyenteringthefollowing
commands:
ipaddressshoweth0iprouteshow
Youshouldseethefollowing:


15.Verifythatthenetworkconnectionisworkingproperlybyentering
ping172.17.0.1
16.Closeallopenwindows.
NOTE:Ifthenetworkconfigurationdoesn'tworkproperly,usetheYaSTNetworkCard
moduletoreconfigurethenetworkcardwiththepropersettings.

ManageHardware

Inthissectionoftheworkbook,youcanfindthefollowingexercises:
"ManageLinuxKernelModules"
Inthisexercise,youloadandunloadkernelmodules.
"ObtainHardwareConfigurationInformationinYaST"
Inthisexercise,youlearnhowtoobtainhardwareconfigurationinformationonyour
computer.
"ModifyudevRules
Inthisexercise,youwillmodifyaudevruletorenameyourEthernetinterface.
ManageLinuxKernelModules

Inthisexercise,loadandunloadkernelmodules.Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.

2. Openaterminalwindow,thenswitchtotherootuserbyenteringsufollowedbya
passwordofnovell.
3. Viewthecurrentlyloadedkernelmodulesbyenteringlsmodattheshellprompt.
4. Scrollthroughthemodulestoseeifthejoystickmodule(joydev)isloaded.Ifit's
difficulttolocateintheoutput,youcanenterlsmod|grepjoydevattheshellprompt.
Youshouldseeoutputsimilartothefollowing:

The0intheUsedcolumnindicatesthatthemoduleisnotinuse.
NOTE:Ifthejoydevmoduleisnotlisted,skiptostepStep7

4. Removethejoystickmodulefromthekernelmemorybyentering
rmmodjoydev
5. Verifythatthejoydevkernelmodulewasremovedfrommemorybyenteringlsmod|
grepjoydevattheshellprompt.
Noticethatthemodulejoydevisnolongerlisted.
6. Loadthejoystickkernelmodulebyentering
modprobejoydev
7. Verifythatthejoydevkernelmoduleisloadedinmemorybyenteringlsmod|grep
joydevattheshellprompt.
8. Viewthekernelmodulesconfigurationbyenteringmodprobec|lessattheshell
prompt.
9. ScrollthroughthemoduleconfigurationinformationbypressingSpace.
10.Whenyouhavefinished,returntothecommandlinebytypingq.
11.Createalistofkernelmodulesdependenciesbyentering
depmodv|less
Waitafewminutesfortheinformationtobegenerated.
12.ScrollthroughthedependencyinformationbypressingSpace.
13.Whenyouhavefinished,returntothecommandlinebytypingq.
14.Closetheterminalwindowbyenteringexittwice.
ObtainHardwareConfigurationInformationinYaST

Inthisexercise,youobtainhardwareconfigurationinformationaboutyourcomputer.
Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.

4. SelectHardware>HardwareInformation.
WaitwhiletheYaSTmodulescansyourhardware.Thismaytakeseveralminutes.
Whencomplete,youshouldseeoutputsimilartothefollowing:

5. Reviewtheresultsofthehardwaredetection.
6. Savetheresultstoafilebydoingthefollowing:
1. ClickSavetoFile.
2. Browsetotherootuser'shomedirectory(/root).

3. IntheFileNamefield,enterhardware.txt.
4. ClickSave.
5. Waitwhilethefileissaved.Thismaketakeseveralminutestocomplete.
7. ClosetheHardwareinfowindowbyclickingClose.
8. ClosetheYaSTControlCenter.
9. Viewtheinformationsavedinthehardware.txtfilebydoingthefollowing:
1. Openaterminalwindow.
2. Switchtoyourrootuseraccountbyenteringsuattheshellprompt,followedby
apasswordofnovell.
3. Attheshellprompt,enterless./hardware.txt.
Youshouldseetextsimilartothefollowing:

1. UsetheSpacebartobrowsethroughtheresults.
2. Whenfinished,pressqtoexit.
2. Closeallopenwindows.
ModifyudevRules

Inthisexercise,youmodifyaudevrulethatrenamesyoureth0interfacetoeth1.Complete
thefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. Openaterminalwindowandswitchtotherootuseraccountbyenteringsufollowed
byapasswordofnovell.
3. Attheshellprompt,entercd/etc/udev/rules.d.
4. Openthe70persistentnet.rulesfileinthevieditorbyenteringvi./70persistent
net.rulesattheshellprompt.
5. PressIns.
6. Locateandscrolldowntothelinethatsetsthenameofyournetworkinterfacetoeth0.
7. ChangetheNAME=eth0parametertoNAME=eth1.
8. PressEsc.
9. Saveyourchangesandexittheeditorbyentering:exitattheshellprompt.
10.RebootyourDA1virtualserverbyenteringinit6attheshellprompt.
11.WaitforyourdefaultGRUBmenuitemtobeselectedtostartthebootprocess.
12.Whenthesystemstartstoboot,pressEscsoyoucanviewyoursystem'sboot
messages.
Youshouldseeamessageindicatingeth0isbeingrenamedtoeth1byudev,as
shownbelow:


Youshouldalsoseeamessageindicatingtheeth1interfacehasnotbeenconfigured,
asshownbelow:


Thishappensbecausethereisnoconfigurationforeth1in/etc/sysconfig.
12.Whenthesystemhasrebooted,loginasgeekowithapasswordofnovell.
13.Openaterminalsessionandswitchtorootwiththesucommandandapasswordof
novell.
14.Attheshellprompt,entercd/etc/udev/rules.d.
15.Openthe70persistentnet.rulesfileinthevieditorbyenteringvi./70persistent
net.rulesattheshellprompt.
16.PressIns.

17.ChangetheNAME=eth1parameterbacktoNAME=eth0.
18.PressEsc.
19.Saveyourchangesandexittheeditorbyentering:exitattheshellprompt.
20.RebootyourDA1virtualserverbyenteringinit6attheshellprompt.
21.WaitforyourdefaultGRUBmenuitemtobeselectedtostartthebootprocess.
22.Whenthesystemstartstoboot,pressEscsoyoucanviewyoursystem'sboot
messages.
23.Verifythatyournetworkinterfaceisnownamedeth0andthattheappropriatenetwork
configurationparametersareapplied,asshownbelow:

ConfigureRemoteAccess

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"PracticeUsingOpenSSH"
Inthisexercise,youlearnhowtouseOpenSSH.
"PerformPublicKeyAuthentication"
Inthisexercise,youpracticeusingSSHwithpublickeyauthentication.
"UseRemoteAdministration"

Inthisexercise,youconfigureremoteadministration.
"UseNomad"
Inthisexercise,youconfigureremotedesktopusingNomad.
PracticeUsingOpenSSH

Inthisexercise,youpracticeusingtheSSHsuiteofutilities.Youperformthefollowingtasks:
LoginremotelytoyourDA1serverasroot.
RemotelyexecutethepsauxcommandonDA1withoutloggingintotheserver.
Copythe/etc/hostsfilefromDA1toyour/tmpdirectory.
Copythe/etc/hostsfilefromyourworkstationtothehomedirectoryofgeekoonDA1.
Usingsftp,copythe/bin/datefilefromDA1to/home/geekoonyourworkstation.
Dothefollowing:
1. Ifnecessary,poweronbothyourDA1andyourDASLEDvirtualmachines.
2. LogintoDA1fromDASLEDbydoingthefollowing:
1. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordof
novell.
2. Rightclickthedesktop;thenselectOpeninTerminal.
3. Atthecommandline,enter
sshlgeekoda1.digitalairlines.com
Thefollowingisdisplayed:


1. Whenpromptedtocontinue,enteryes.
2. Whenprompted,enterapasswordofnovell.
YouarenowloggedintotheDA1serverasgeeko.
3. Logoutbyenteringexit.
2. ChecktheprocessesrunningontheDA1serverbyenteringthefollowingattheshell
promptofyourworkstation:
sshlgeekoda1.digitalairlines.compsaux
3. Whenprompted,enterapasswordofnovell.
AlistofallprocessescurrentlyrunningonDA1isdisplayed:


5. Copythe/etc/hostsfileonyourDA1servertothe/tmpdirectoryonyourworkstationby
enteringthefollowingattheworkstationshellprompt:
[email protected]:/etc/hosts/tmp/
6. Whenprompted,enterapasswordofnovell.
7. Attheshellprompt,enterls/tmp.
YoushouldseethehostsfilefromtheDA1serverinyour/tmpdirectory,asshown
below:


8. Copythe/etc/hostsfileonyourworkstationtogeeko'shomedirectoryonyourDA1
serverbyenteringthefollowing:
scp/etc/[email protected]:
9. Whenprompted,enterapasswordofnovell.
10.Verifythatthefilewascopiedbydoingthefollowing:
1. SwitchtoyourDA1server.
2. Ifnecessary,loginasgeekowithapasswordofnovell.
3. Doubleclickthegeeko'sHomeicononthedesktop.
Youshouldseethehostsfilefromtheworkstationinthegeekouser'shome
directory:


1. Switchbacktoyourworkstation.
2. UsesftptoconnecttoyourDA1serverasgeekobyentering:
[email protected]
3. Whenprompted,enterapasswordofnovell.
4. Copythe/bin/dateprogramfromtheDA1servertogeeko'shomedirectoryonyour
workstationbyentering:
get/bin/date/home/geeko/
Youshouldseeoutputsimilartothefollowing:

14.Quitsftpbyenteringexit.
15.Attheshellprompt,enterls/home/geeko.
Verifythatthedateprogramhasbeencopiedtothegeekouser'shomedirectory:

Closeallopenwindowsonbothvirtualmachines.
PerformPublicKeyAuthentication

Inthisexercise,youpracticeusingSSHwithpublickeyauthentication.
First,youcreateansshkeypair.Thenyouaddthepublickeytothe
~geeko/.ssh/authorized_keysfileonyourDA1serverandnotethedifferencebetweenlogging
inwithandwithoutapublickey.
YouthenusesshagenttocachetheprivatekeyandloginagaintoyourDA1serveras
geeko.Finally,youchangetheserverconfigurationtoallowonlypublickeyauthentication.
Completethefollowing:
1. Ifnecessary,poweronyourDA1andDASLEDvirtualmachines.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. Onyourworkstation,openaterminalwindow.
4. GenerateanRSAkeypairbydoingthefollowing:
1. Attheterminalwindow,entersshkeygentrsa.
2. Acceptthedefaultlocationforthekey(/home/geeko/.ssh/id_rsa)bypressing
Enter.

3. Whenprompted,enterapassphraseofnovell.
Informationaboutyourkeypair,suchasthelocationofyouridentificationand
thepublickey,isdisplayed:

5. AddtheRSApublickeytothegeekouser's~/.ssh/authorized_keysfileonDA1by
doingthefollowing:
1. CopythefiletothehomedirectoryofgeekoontheDA1serverbyenteringthe
following:
scp~/.ssh/[email protected]:
2. Whenprompted,enterapasswordofnovell.
3. Usingssh,loginasgeekotoyourDA1serverbyentering
sshlgeekoda1.digitalairlines.com
4. Whenprompted,enterapasswordofnovell.

5. Enterlsal.
6. Ifan.sshdirectorydoesnotexist,thencreateitbyentering
mkdir.ssh
7. Copythepublickeytothe~/.ssh/authorized_keysfilebyentering
catid_rsa.pub>>.ssh/authorized_keys
6. LogoutfromtheDA1serverbyenteringexit.
7. Usingssh,logintoyourDA1serverasgeekobyentering
sshlgeekoda1.digitalairlines.com
Youarepromptedforapasswordtounlocktheprivatekey:

8. Loginbyenteringnovell;thenlogoutbyenteringexit.
9. Totrackauthentication,startthesshagentbyenteringsshagentbash.
10.Addyourprivatekeytotheagentforauthenticationbyentering
sshadd~/.ssh/id_rsa
11.Whenprompted,enterapassphraseofnovell.
12.Usingssh,loginasgeekotoyourDA1serverbyentering
sshlgeekoda1.digitalairlines.com
Thistimeyouarenotpromptedforapasswordorpassphrase.
13.Switchtouserrootbyenteringsufollowedbyapasswordofnovell.
14.Attheshellprompt,entervi/etc/ssh/sshd_config.
15.Dothefollowing:
1. Enter/PasswordAuthenticationtolocatethePasswordAuthenticationline.
2. Makesureitissettono.
3. Enter/UsePAMtolocatetheUsePAMline.
4. PressIns.
5. ChangethevalueofUsePamfromyestono.
6. PressEsc.
7. Enter:exittosavethefileandclosetheeditor.
16.Restartsshdbyenteringrcsshdrestart.
17.Entersshgeeko@localhost.
18.Whenpromptedtocontinueconnecting,enteryes.
Youshouldseeanerrormessageandnopromptforapassword:


19.Usingthevieditor,undothechangesmadeinStep15;thenrestartsshd.
20.Logoutasrootbyenteringexit.
21.LogoutfromDA1byenteringexit.
22.Closeallopenwindows.
UseRemoteAdministration

Inthisexercise,youconfigureremoteadministration.
Thisexercisehasfourparts.Inthefirstpart,youremotelyaccessthetextbasedversionof
YaSTonDA1fromyourworkstation.
Theninthesecondpart,youremotelyaccessthegraphicalversionofYaSTonDA1from
yourworkstation.
Inthethirdpart,youconfigureremoteaccesstoyourDA1serverwiththeYaSTRemote
Administrationmodule.Inthefourthpart,youaccessyourserverviaVNC.
Youneedtocompletethefollowingtasks:
"PartI:RemotelyAccessaTextBasedVersionofYaST"
"PartII:RemotelyAccesstheGUIVersionofYaST
"PartIII:ConfigureRemoteAdministrationwithYaST"
"PartIV:AccessYourDA1ServerRemotely"
PartI:RemotelyAccessaTextBasedVersionofYaST

Dothefollowing:

1. Ifnecessary,poweronyourDA1andDASLEDvirtualmachines.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. Openaterminalwindowandenter:
[email protected]
4. Whenpromptedforthepassword,enternovell.
5. LaunchthencursesbasedversionofYaSTbyenteringyast2.
Despitethefactthatyouenteredyast2,thetextbasedversionoftheYaSTControl
Centerappears:

ThisisbecauseX11forwardingisnotactiveinthedefaultconfigurationofssh.
5. ExittheYaSTControlCenterbypressingAlt+q.
6. ClosetheSSHsessionbyenteringexit.

PartII:RemotelyAccesstheGUIVersionofYaST

Dothefollowing:
1. Fromtheterminalwindowonyourworkstation,enter
[email protected]
2. Whenpromptedforthepassword,enternovell.
3. LaunchtheGUIbasedversionofYaSTbyenteringyast2.
BecausetheXoptionactivatedX11forwarding,theGUIbasedversionoftheYaST
ControlCenterappears:


PartIII:ConfigureRemoteAdministrationwithYaST

Dothefollowing:
1. InstallaJavabrowserplugin:
1. SelectSoftware>SoftwareManagement.
2. Inthesearchfield,enterjava1;thenclickSearch.
3. Fromthesearchresults,selectjava1_6_0ibmplugin.

4. ClickAccept.
5. AccepttheautomaticchangesbyclickingContinue.
Waitwhilethepackagesareinstalled.
2. InthemainwindowofYaST,selectNetworkDevices>RemoteAdministration(VNC).
TheRemoteAdministrationdialogappears:

3. SelectAllowRemoteAdministration;thenselectOpenPortinFirewall.
4. ClickFinish.

5. CloseYaST.
6. Restartthedisplaymanagerbyenteringrcxdmrestartattheshellprompt.
7. Attheshellprompt,enterexit.
YourSUSELinuxEnterpriseServer11systemisreadytobeaccessedremotely.
PartIV:AccessYourDA1ServerRemotely

ToaccesstheDA1serverfromawebbrowser,dothefollowing:
1. OnyourDASLEDworkstationdesktop,opentheFirefoxwebbrowserbyselecting
Computer>Firefox.
2. IntheLocationfield,enter
http://da1.digitalairlines.com:5801
Thefollowingisdisplayed:


3. Logintotheremoteserver'sdesktopasgeekowithapasswordofnovell.
ThedesktopforyourgeekoonDA1appears.
4. Iftimepermits,trycompletingvariousadministrativetasksandrunningcommonlyused
applicationsonDA1throughtheVNCsession.
5. Whenyou'refinishtestingthedesktop,closetheVNCsessionbyclickingDisconnect
(atthetopofthescreen).
6. Closeallopenwindows.

UseNomad

Inthisexercise,youconfigureNomadonyourDASLEDworkstation.YouestablishanRDP
connectionbetweenyourhostworkstationandtheDASLEDvirtualworkstation.
Completethefollowing:
1. VerifythatyourDASLEDworkstationisrunning.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. InstalltheNomadpackagesonDASLEDbydoingthefollowing:
1. StartYaSTbyselectingComputer>YaST.
2. Whenprompted,enterarootuserpasswordofnovell.
3. SelectNetworkDevices>RemoteAdministration(RDP).
4. Whenpromptedthatxrdpneedstobeinstalled,clickInstall.
5. (Conditional)Ifprompted,insertyourSLED11installationDVD.
6. WaitwhiletheRDPpackagesareinstalled.
Whencomplete,thefollowingisdisplayed:


1. MarkAllowRemoteAdministrationandOpenPortinFirewall.
2. ClickFinish.
3. CloseYaST.
2. RebootDASLEDbyenteringinit6attheshellprompt.
3. Afterthesystemasrebooted,loginasgeekowithapasswordofnovell.
4. Openaterminalsessionandswitchtorootusingthesucommandfollowedbya
passwordofnovell.

5. Verifythatxrdpisrunningbyenteringrcxrdpstatusattheshellprompt.
Thecommandshouldreturnastatusofrunning.
6. Adddasled.digitalairlines.comtothe/etc/hostsfileonyourhostworkstation(notDA
SLED)bydoingthefollowing:
1. Onyourhostworkstation,startYaST.
2. InYaST,selectNetworkServices>Hostnames.
3. ClickAdd.
4. Enterthefollowing:
IPAddress:172.17.8.104
Hostname:dasled.digitalairlines.com
HostAliases:dasled
5. ClickOK.
6. ClickFinish.
7. ExitYaST.
7. Verifythattherdesktopandtsclientpackageswereinstalledwhenyourhost
workstationwasdeployedbydoingthefollowing:
1. Openaterminalsessiononyourhostworkstation.
2. Attheshellprompt,switchtorootbyenteringsufollowedbyapasswordof
novell.
3. Attheshellprompt,enterrpmqrdesktop.
4. Attheshellprompt,enterrpmqtsclient.
Youshouldseethatbothpackageshavealreadybeeninstalled:


NOTE:Ifthesepackageswerenotautomaticallyinstalled,useYaSTtoinstall
themmanually.
1. Configurearemotedesktopconnectiononyourhostworkstationbydoingthe
following:
1. Attheshellpromptonyourhostworkstation,entertsclient.
2. ClickAddConnection>WindowsTerminalService.
Thefollowingisdisplayed:


3. IntheNamefield,enterDASLEDDesktop.
4. IntheHostfield,enterDASLED.digitalairlines.com.
5. IntheUsernamefield,entergeeko.
6. InthePasswordfield,enternovell.
7. SelectCustomWindowSize;thenenterascreengeometryof800x600.
8. ExpandAdvancedOptions.
9. IntheConnectionTypedropdownlist,selectLAN.
10.ClickOK.
TheDASLEDDesktopremotedesktopconnectionisaddedtotheTerminal
ServerClientwindow,asshownbelow:


11.OpentheremoteconnectionbydoubleclickingDASLEDDesktop.
TheDASLEDdesktopisdisplayedinanrdesktopwindow,asshownbelow:


12.(Conditional)Iftimepermits,experimentwiththeremotedesktop.Tryopeningand
usingthevariousapplicationsremotely.
13.Whencomplete,clickComputer>Logout>LogOutwithintheremotedesktop
session.
14.IntheTerminalServerClientwindow,clicktheExiticon.
15.Attheshellprompt,enterexittwice.

MonitorSUSELinuxEnterprise11

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"GatherInformationonyourSLES11Server"
Inthisexercise,youlearnhowtogetinformationonthecomputeryouareusing.
"ManageSystemLogging"
Inthisexercise,youpracticeconfiguringsyslogngandlogrotate.
GatherInformationonyourSLES11Server

Inthisexercise,youlearnhowtogetinformationaboutyourDA1server.Youusethe
administrationtoolscoveredinthissectiontogatherthefollowinginformationonyourserver.
Asyouworkthroughthisexercise,writedowntheappropriatevalueintherighthandcolumn
ofthefollowingtable:
SystemParameter
OS
HardwareArchitecture
ProcessorType
Hostname
KernelRelease
KernelVersion(includedateandtime)
SystemUpTime
LoadAverages
SLES11Version
SystemDateandTime
ModelNameofProcessor

Value

SystemParameter

Value

FreeMemory
PatchLevel
Completethefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof
novell.
3. ViewthekernelreleaseoftheLinuxdistributionyouarerunningbyentering
unamer
4. Viewthecomputer'shardwarearchitecturebyentering
unamem
5. ViewtheprocessortypeforthisLinuxbuildbyentering
unamep
6. Viewallinformation,includinghostname,kernelrelease,andkernelversion,by
entering
unamea
7. Viewthesystemuptimeandtheloadaveragesbyentering
uptime
8. ViewtheversionoftheSUSELinuxEnterpriseServerdistributionbyentering
cat/etc/SuSErelease
9. Viewthesystemdateandtimebyentering
date
10.Viewinformationontheprocessorbyentering
cat/proc/cpuinfo

11.Viewthecurrentmemorystatisticsbyentering
cat/proc/meminfo
ManageSystemLogging

Inthisexercise,youpracticeconfiguringsyslogngandlogrotate.
First,youconfiguresyslogngtologmessagesofthelocal4facility.The/var/log/local4fileis
usedformessagesofthelocal4facilitynomatterthepriority.The/var/log/local4.debugfile
logsonlymessageswiththedebugpriority.Athirdfile,/var/log/local4.info,logsonly
messageswiththeinfopriority.
Thenyouconfigurelogrotatetomanagetheselogfiles.Youcreatea/etc/logrotate.d/local4
filethatdoesthefollowingwiththesethreefiles:
Compressestheoldlogs
Savestheoldlogswithadateextension
Limitstheoldestlogtooneday
Limitstherotatedlogssavedtofive
Limitsthemaximumsizeofthefileto20bytes
Proceedswithouterrorifalogfileismissing
Logsthedateinthelocal4.infofileeachtimeanewlogfileisgenerated
NOTE:Theabovevalues(oneday,fivelogs,20bytes)areusedfordemonstrationpurposes
only.Inaproductionenvironment,thesevaluesshouldbemuchhigher.
Completethefollowingtaskstodothis:
"PartI:ModifythesyslogngConfiguration"
"PartII:Configurelogrotate"
PartI:ModifythesyslogngConfiguration

Tomodifythesyslogngconfiguration,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof

novell.
3. Attheshellprompt,entervi/etc/syslogng/syslogng.conf.in.
4. PressIns.
5. Addthefollowinglinesatthebottomofthefiletocreatefiltersforthemessagesyou
wanttolog:
filterf_local4debug{level(debug)
andfacility(local4);
};

filterf_local4info{level(info)
andfacility(local4);
};

filterf_local4
{facility(local4);};

6. Specifythedestinationsandlogpathsbyaddingthefollowinglines:
destinationlocal4debug
{file("/var/log/local4.debug");
};
log{source(src);
filter(f_local4debug);
destination(local4debug);};

destinationlocal4info
{file("/var/log/local4.info");
};

log{source(src);
filter(f_local4info);
destination(local4info);};

destinationlocal4
{file("/var/log/local4");
};
log{source(src);
filter(f_local4);destination(local4);};

NOTE:Checkyoursyntaxcarefully.Ifyoumakeamistakeinthisfile,syslogwon't
start.
7. SavethechangesandclosetheeditorbypressingEscandthenentering:exit.
8. Restartthesyslogdaemonbyenteringrcsyslogrestartattheshellprompt.
9. Openanewterminalwindowandentersufollowedbyapasswordofnovell.
10.Checktheconfigurationbylogginganentrytotheinfolevelinthelocal4facilityby
doingthefollowing:
1. Enterthefollowinginoneofyourterminalsessionstomonitortheactivityofthe
logfile:
tailfretry/var/log/local4.info
NOTE:Youwillseewarningsregardingtheretryoptionandthefactthatthe
filedoesnotyetexist.Youcandisregardthiserrorasthefilewillbecreated
whenyoucompletethenextstep.
2. Intheotherterminalwindow,loganentrytotheinfolevelinthelocal4facilityby
entering
loggerplocal4.info"Infomessage1"
3. Checktheresultsinthesecondterminalwindow.Themessageisloggedin
the/var/log/local4.infofile,asshownbelow:


Themessageshouldalsobeloggedinthe/var/log/local4fileand,becauseof
otherentriesin/etc/syslogng/syslogng.conf,in/var/log/localmessages.
NOTE:Ifnomessagesappear,theremightbesomethingwrongwithyour
syslogconfiguration,forinstanceatypooramissing";".Todiagnosewhatis
wrong,enterrcsyslogrestartattheshellpromptandseeifsyslogstarts
properly.Ifthereisanissuewiththeconfiguration,anerrormessagewillsayso.
Lookforthelinenumbershownintheoutputfortheerror,correctit,andrestart
syslog.
1. Intheterminalwindowwherethelogactivityisbeingmonitoredwithtail,stop
themonitoringbypressingCtrl+c.
2. Repeatthisprocessforthedebugloglevel.Usethefollowingcommandinthefirst
terminalwindow:
tailfretry/var/log/local4.debug
Usethefollowingcommandinthesecondterminalwindow:
loggerplocal4.debug"Infomessage2"
NOTE:Onlythoselevel4logfileswithentrieswillbecompressedduringlogrotationin
PartIIofthisexercise.
3. Intheterminalwindowwherethelogactivityisbeingmonitoredwithtail,stopthe
monitoringbypressingCtrl+c.
PartII:Configurelogrotate

Toconfigurelogrotate,dothefollowing:
1. Attheshellprompt,entervi/etc/logrotate.d/local4.
2. PressIns.
3. Addthefollowingcontenttothefile:

/var/log/local4.debug
/var/log/local4.info/var/log/local4
{
compress
dateext
maxage1
rotate5
size20
postrotate
date>>/var/log/local4.info
endscript
}

NOTE:Makesurethedirectoriesinthefirstlineareseparatedwithspaces.
4. PressEsc;thensavethechangesandclosetheeditorbyentering:exit.
5. Switchtovirtualterminal1bypressingCtrl+Alt+F1.
6. Loginasrootwithapasswordofnovell.
7. Rotatethelogsmanuallybyentering
logrotate/etc/logrotate.conf
8. Checkthedirectory/var/logforthezippedlocal4logfilesbyentering
lsl/var/log|less
Youseethefollowingfiles:
local4.debugcurrent_date.bz2
local4.infocurrent_date.bz2
Forexample,ifthecurrentdateisJuly15,2009,thenthezippedfileforlocal4.infowill

belocal4.info20090715.bz2.
The.bz2extensionisusedbecausethecommandtocompressfilesissettobzip2
in/etc/logrotate.conf.
NOTE:Onlythoselogfileswithentriesarezipped.
9. Exitthelistbyenteringq.
10.Checkthecontentsofthelocal4.infozippedarchivebyentering
less/var/log/local4.infocurrent_date.bz2
Youshouldseetheentriesyouaddedtothelogfile,asshowninthefollowing:

11.Pressqtoexit.
12.Logoutasrootbyentering
exit
13.ReturntotheGNOMEdesktopbypressingCtrl+Alt+F7.
14.Closeallopenwindows.

AdministerLinuxProcessesandServices

Inthissectionoftheworkbook,youlearnhowtodothefollowing
"ScheduleJobswithcronandat"
ScheduleJobswithcronandat

Inthisexercise,youpracticeschedulingjobswithatandcron.
Inthefirstpartoftheexercise,youredirecttheoutputofthefingercommandto
/var/log/messagesthreeminutesfromthecurrenttime.Thenyouschedulethesamejobfor
tomorrowatnoon.Finally,youscheduleaprogramtoruntomorrowat2p.m.andafterwards
removethejob.

Inthesecondpartoftheexercise,youcreateacronjobasanormaluserthatlogstheoutput
offingerto~/users.logeveryminuteandanothercronjobasrootthatbacksup/etc/to
/export/data2/etc.tgzusingtarandtheoptionsczvfeveryTuesdayat2a.m.
Completethefollowing:
"PartI:ScheduleJobswithat"
"PartII:ScheduleJobswithcron"
PartI:ScheduleJobswithat

Toschedulejobswithat,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof
novell.
3. Checktoseeiftheatserviceisrunningbyenteringrcatdstatusattheshellprompt.
4. Ifthecommandreturnsastatusofunused,starttheatservicebyenteringrcatdstartat
theshellprompt.
5. Displaythecurrentdateandtimebyenteringdateattheshellprompt.
6. Threeminutesfromnow,logwhoiscurrentlyloggedintothe/var/log/messagesfileby
enteringthefollowingcommands:
athh:mmfinger>>/var/log/messages
NOTE:Makesureyouentertwo>charactersintheabovecommand.Ifyouhaveonly
one>character,allexistingentriesin/var/log/messageswillbeoverwritten.
7. ExittheateditorbypressingCtrl+d.
8. Viewthescheduledatjobsbyenteringatq(oratl).
Notethejobnumberlisted.
9. Waitforthethreeminutestopass.
10.Whenthetimehaspast,entertail/var/log/messagesattheshellprompt.
Logininformationforgeekoislistedattheendofthefile.Anexampleisshownbelow:


11.Schedulethesamejobtoruntomorrowatnoonbyenteringthefollowingcommands:
atnoontomorrowfinger>>/var/log/messages
12.ExittheateditorbypressingCtrl+d.
13.Schedulethedatetobeloggedtomorrowat2:00p.m.tothe/var/log/messagesfileby
enteringthefollowing:
at14:00tomorrowdate>>/var/log/messages
14.ExittheateditorbypressingCtrl+d.
15.Viewthescheduledatjobsbyenteringatq(oratl).
Noticethatthetwojobsarelisted,eachwithanindividualjobnumber:

16.Removethejobscheduledfortomorrowat2:00p.m.byentering
atrmjob_number
17.Viewthescheduledatjobsbyenteringatq(oratl).
Onlythejobscheduledfor12:00p.m.shouldstillbelisted.
PartII:ScheduleJobswithcron

Toschedulejobswithcron,dothefollowing:
1. Attheshellprompt,returntothegeekouseraccountbyenteringexit.
2. Scheduleacronjobasgeekobydoingthefollowing:

1. Entercrontabeattheshellprompt.
Thevieditorisdisplayedwithgeeko'scrontabfileloaded.
2. PressInstoenterinsertmode.
3. Schedulefingertoruneveryminuteandwritetheoutputtothe~/users.logfile
byenteringthefollowing:
*****finger>>~/users.log
4. PressEsc.
5. Savethefileandexitthevieditorbyentering:wq.
6. Watchtheusers.logfileforafewminutesandvalidatethatitisbeingupdated
byenteringtailF~/users.logattheshellprompt.
NOTE:TheFoptionisashortcutforfretrythatkeepstryingtoopenafile
evenifitisinaccessiblewhentailstarts.
Youshouldseeoutputsimilartothefollowing:

1. Whenfinished,pressCtrl+ctobreakoutoftail.
2. Removegeeko'scrontabfilebyenteringcrontabrattheshellprompt.
3. Verifythatthecrontabfilenolongerexistsbyenteringcrontablattheshellprompt.
4. VerifythatthecronjobyoudefinedinStep2isnolongeractivebyenteringtailf
~/users.logattheshellprompt.
Noticethatentriestousers.logarenolongerbeingadded.
5. PressCtrl+c.

6. Scheduleacronjobasroot:
1. Attheshellprompt,entersufollowedbyapasswordofnovell.
2. Entercrontabe.
3. PressIns.
4. Addajobthatrunsat2:00a.m.everyTuesdayandcreatesatarballof/etcthat
issavedin/tmpbyenteringthefollowing:
02**2tarczvf/tmp/etc.tgz/etc
5. PressEsc.
6. Savethefileandexitthevieditorbyentering:wq.
7. Verifythatthejobisinthecrontabfileforrootbyenteringcrontablattheshell
prompt.
Youshouldseethefollowing:

8. Removeroot'scrontabfilebyenteringcrontabrattheshellprompt.
9. Verifythatthecrontabfilenolongerexistsbyenteringcrontablattheshellprompt.
10.Closeallopenwindows.

ManageBackupandRecovery

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"BackUpSystemFileswithYaST"
Inthisexercise,youlearnhowtoperformasystembackupwithYaST.
"CreateBackupFileswithtar"
Inthisexercise,youlearnhowtousetar.

"CreateDriveImageswithdd(Optional)"
Inthisexercise,youuseddtocreateadriveimage.
"BackUpaHomeDirectorywithrsync"
Inthisexercise,youlearnhowtousersync.
"ConfigureacronJobforDataBackups"
Inthisexercise,youusecronfordatabackup.
BackUpSystemFileswithYaST

Inthisexercise,youperformasystembackupwiththeYaSTSystemBackupmodule.
Completethefollowing:
1. Ifnecessary,poweronyouDA1serverandloginasgeekowithapasswordofnovell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.
4. InYaST,selectSystem>SystemBackup.
5. SelectProfileManagement>Add.
6. EnterCourse3102;thenclickOK.
Thefollowingisdisplayed:


7. IntheFilenamefield,enter/tmp/course3102.tar.
8. ClickNext.
9. IntheBackupOptionsscreen,usethedefaultselectionsbyclickingNext.
Alistofdirectoriesandfilesystemswhicharenotgoingtobeincludedinthebackupis
displayed.
10.UnderItemsExcludedfromSearch,selectAdd>Directory.
11.Enter/home;thenclickOK.

Wewillassumethatthehomedirectoriesarebackedupusingadifferentutility.Your
SearchConstraintsscreenshouldappearasshownbelow:

12.ClickOK.
13.Intheprofileoverview,makesuretheprofileCourse3102ishighlighted;thenclick
CreateBackup.
Waituntilthebackuphasbeencompleted.(Thiswilltakesometimetocomplete.)
14.IntheBackupSummary,clickOK;thenclickOKintheSystemBackupscreen.
15.Reviewthestructureofthetararchivein/tmp/course3072.tarbydoingthefollowing:

1. Openaterminalwindowandswitchtoyourrootuseraccountbyenteringsuat
theshellpromptfollowedbyapasswordofnovell.
2. Attheshellprompt,entertartf/tmp/course3102.tar.
Youshouldseeoutputsimilartothefollowing:

CreateBackupFileswithtar

Inthisexercise,youusetartocreateafullbackupandanincrementalbackup.
Completethefollowing:
"PartI:CreateaFullBackup"
"PartII:CreateanIncrementalBackup"
NOTE:Inthisexercise,youcopybackupfilestothedirectory/tmp.Thisisdonefor
demonstrationpurposesonly.Youshouldneverstoreanactualbackupinthe/tmpdirectory.
PartI:CreateaFullBackup

Tocreateafullbackup,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Changetothe/srv/wwwdirectorybyentering
cd/srv/www/
4. Createatararchiveofthehtdocsdirectorybyentering
tarczf/tmp/htdocs.tar.gzhtdocs
5. Deletethehtdocsdirectorybyentering
rmrhtdocs
6. Copythebackuparchivetothe/srv/wwwdirectorybyentering
cp/tmp/htdocs.tar.gz/srv/www
7. Restorethehtdocsdirectorybyentering
tarxzfhtdocs.tar.gz
8. Viewthecontentoftherestoreddirectorybyentering
lshtdocs
PartII:CreateanIncrementalBackup

Tocreateanincrementalbackup,dothefollowing:
1. Createafullbackupofthehtdocsdirectorybyentering
tarczvg/tmp/snapshot_filef/tmp/htdocs_full.tar.gzhtdocs
2. Createanewfileinthehtdocsdirectorybyentering
touchhtdocs/incremental.html
3. Performanincrementalbackupbyentering
tarczvg/tmp/snapshot_filef/tmp/htdocs_incremental.tar.gzhtdocs
Notethattarbacksupthefileincrementally.
4. Viewthecontentoftheincrementalbackupfilebyentering

tartzf/tmp/htdocs_incremental.tar.gz
Youshouldseeoutputsimilartothefollowing:

5. Removethehtdocsdirectorybyentering
rmrhtdocs
6. Unpackthefullbackupbyentering
tarxzf/tmp/htdocs_full.tar.gz
7. Unpacktheincrementalbackupbyentering
tarxzf/tmp/htdocs_incremental.tar.gz
Closeallopenwindows.
CreateDriveImageswithdd(Optional)

Inthisexercise,youuseddtocreateadriveimagefromanopticaldisc.
Completethefollowing:
1. ConnectyourDA1virtualmachinetothe3102_CD.isofilelocatedintheExercises/10
3directoryonyourcourseDVDbydoingthefollowing:
1. IfanopticaldisciconisdisplayedonyourDA1desktop,rightclickitandselect
UnmountVolume.
2. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
3. Ifnecessary,insertyour3102courseDVDinyourhostworkstation'soptical
drive.
4. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Edit.
5. SelectUseISOImage;thenbrowsetoandselectthe3102_CD.isofilelocated

intheExercises/103directoryonyourcourseDVD.
6. SelectConnected;thenclickOK.
7. Whenpromptedforroot'spassword,enternovell.
YoushouldseetheGNOMEFileBrowserwindowopendisplayingthecontents
ofthedisc:

2. ClosetheFileBrowserwindow.
3. Openaterminalwindowandsutorootusingapasswordofnovell.
4. Attheshellprompt,entermount.
5. Intheoutput,lookforanentry

/dev/sr0on/media/...

6. Notethecorrespondingdevicename(listedinthefirstcolumnoftheoutput):
7. CopyanimageoftheCDtotheharddiskbyenteringthefollowingattheshellprompt:
ddif=/dev/device_nameof=/tmp/course_cd.iso
Youshouldseeoutputsimilartothefollowing:

8. Whenthecopyprocessiscomplete,mounttheimagefilebyentering
mountoloop/tmp/course_cd.iso/mnt/
9. Changetothe/mnt/directorybyenteringcd/mntattheshellprompt.
10.Displaythecontentoftheimagefilebyenteringlsattheshellprompt.
YoushouldseethefilesfromtheCD,asshownbelow:

11.Entercd/media/3102_CD;thenenterls.
NotethatthecontentoftheimagefileisidenticaltotheoriginalCD:


12.Changetoyourhomedirectoryandunmounttheimagefilebyenteringthefollowing
commands:
cd~umount/mnt
13.Deletetheimagefilebyentering
rm/tmp/course_cd.iso
14.ConnectyourDA1virtualmachinebacktoyourhostworkstation'sopticaldriveby
doingthefollowing:
1. Rightclickthe3102_CDvolumeonyourdesktopandselectUnmountVolume.
2. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
3. Ifnecessary,insertyourSLES11installationDVDinyourhostworkstation's
opticaldrive.
4. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Edit.
5. MarkUsePhysicalDrive;thenselectyouropticaldriveinthedropdownlist
displayed.
6. MarkConnected;thenclickOK.
7. Whenpromptedforroot'spassword,enternovell.
8. Closeallopenwindows.
BackUpaHomeDirectorywithrsync

Inthisexercise,youusersynctobackupauser'shomedirectory.
Completethefollowing:

"PartI:PerformaLocalBackupwithrsync"
"PartII:PerformaRemoteBackupwithrsync
PartI:PerformaLocalBackupwithrsync

Toperformalocalbackupwithrsync,dothefollowing:
1. OnyourDA1virtualserver,loginasgeekowithapasswordofnovell(ifnecessary)
andopenaterminalwindow.
2. Switchtorootusingthesucommandalongwithapasswordofnovell.
3. Createatestbackupdirectorybyenteringmkdir/tmp/rsync_testattheshellprompt.
4. Copygeeko'shomedirectorytothebackupdirectorybyenteringthefollowing
commandattheshellprompt:
rsyncav/home/geeko/tmp/rsync_test
5. Attheshellprompt,entercd/tmp/rsync_test.
6. Enterlstoviewthefilescopiedbyrsync.
Youshouldseeallofthefilesingeeko'shomedirectory,asshownbelow:

7. Attheshellprompt,entercd~.
8. Openasecondterminalwindow.
9. Asthegeekouser,createanewfilebyenteringtouchnew_fileattheshellprompt.
10.Switchtotherootterminalwindowandenterthesamersynccommandagain:

rsyncav/home/geeko/tmp/rsync_test
Noticethatrsynctransfersonlythenewfileandthecorrespondingdirectory:

PartII:PerformaRemoteBackupwithrsync

Inthispartoftheexercise,youpreformaaremotebackuptoyourDASLEDvirtual
workstationfromDA1.Dothefollowing:
1. Ifnecessary,poweronyourDASLEDvirtualworkstationandwaitforittoboot.
2. OpenthesshportinthefirewallonDASLEDbydoingthefollowing:
1. OnDASLED,selectComputer>YaST.
2. SelectSecurityandUsers>Firewall.
3. Ontheleft,selectAllowedServices.
4. IntheServicetoAllowdropdownlist,selectSecureShellServer.
5. ClickAdd.
6. ClickNext>Finish.
7. CloseYaST.
3. SwitchbacktoyourDA1server.
4. FromtherootterminalwindowonDA1,performaremotebackupofthegeekouser's
homedirectoryonDASLEDbyenteringthefollowingattheshellprompt(allonone
line):
[email protected]:/home/geeko/tmp/rsync_test
5. Whenpromptedtoacceptthesecuritycertificate,enteryes.

6. Whenprompted,enterapasswordofnovell.
Youshouldseethegeekouser'sfilesonDASLEDbeingsynchronizedtoyourDA
server,asshownbelow:

7. SwitchtoyourDASLEDworkstationanddothefollowing:
1. OpenaterminalsessiononDASLED.
2. Asgeeko,createanewfileinthegeekohomedirectorybyenteringtouch
~/new_file2attheshellprompt.
8. SwitchbacktoyourDA1server.
9. Enterthersynccommandagainattheshellprompt:
[email protected]:/home/geeko/tmp/rsync_test
10.Whenprompted,enterapasswordofnovell.
Noticethatonlynewfilescreatedsincethelasttimersycwasrunarecopied:


11.Cleanupthebackupdirectorybyentering
rmr/tmp/rsync_test/*
12.Closeallterminalwindowsonbothvirtualmachines.
ConfigureacronJobforDataBackups

Inthisexercise,usecrontoautomatethebackupprocess.
Completethefollowing:
1. OnyourDA1virtualserver,loginasgeekowithapasswordofnovell(ifnecessary)
andopenaterminalwindow.
2. Switchtorootusingthesucommandandapasswordofnovell.
3. Changetothe/usr/local/bin/directorybyenteringcd/usr/local/binattheshellprompt.
4. Createthehome_backup.shfileinthecurrentdirectorybyenteringvihome_backup.sh
attheshellprompt.
5. PressIns;thenaddthefollowinglinestothefile:
#!/bin/bash
rsynca/home/geeko/tmp/rsync_test

6. PressEsc;thenenter:exittosavethefileandclosetheeditor.
7. Makethefileexecutablebyenteringchmod744home_backup.shattheshellprompt.
8. Toeditroot'scrontab,startthecrontabeditorbyenteringcrontabeattheshell
prompt.
9. PressIns;thenenterthefollowing:
5_minutes_in_the_future
*
**/usr/local/bin/home_backup.sh

Forexample,tohavethebackupscriptrunat3:30,youwouldenterthefollowing:
3015***
/usr/local/bin/home_backup.sh

10.PressEsc;thenenter:exittosavethefileandclosetheeditor.
11.Waitfiveminutes,thenverifythatthebackupranbyenteringthefollowingattheshell
prompt:
ls/tmp/rsync_test
12.CloseallopenwindowsonDA1.

AdministerUserAccessandSecurity

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfigurePAMAuthentication"
Inthisexercise,youpracticeconfiguringPAMauthentication.
"Configuresudo"
Inthisexercise,youpracticeconfiguringsudo.

"ConfigurethePasswordSecuritySettings"
Inthisexercise,youpracticechangingdifferentsecuritysettings.
"UseACLs"
Inthisexercise,youpracticeusingACLs.
"ConfigureSuSEfirewall2"
Inthisexercise,youpracticeconfiguringthehostbasedfirewallonSLES11.
ConfigurePAMAuthentication

Inthisexercise,youpracticeconfiguringPAMauthenticationonDA1.Youwillcreateafile
thatpreventsallnormalusers(suchasgeeko)fromlogginginandtestthesystem.
Completethefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Inthegraphicaldesktop,switchtovirtualconsole3bypressingCtrl+Alt+F3.
3. Loginasrootwithapasswordofnovell.
4. Createthe/etc/nologinfilebyenteringthefollowingcommandattheshellprompt:
echoNologinpossible>/etc/nologin
5. Switchtovirtualconsole4bypressingAlt+F4.
6. Attempttologinasgeeko.
A"Nologinpossible"anda"Loginincorrect"messagearedisplayed,indicatingthat
youcannotlogintothesystem:


7. Switchbacktovirtualconsole3bypressingAlt+F3.
8. Viewthelastlinesofthefile/var/log/messagesbyenteringthefollowingattheshell
prompt:
tail/var/log/messages
Lookforthe"FAILEDLOGIN"messageforgeekothatindicatesthefailedlogin
attempt:

9. Editthefile/etc/pam.d/loginconfigurationfilebydoingthefollowing:
1. Attheshellprompt,entervi/etc/pam.d/login.
2. SwitchtoinsertmodebypressingIns.
3. Adda#signtothebeginningofthefollowingline:
authrequisite
pam_nologin.so

ThisPAMmodulecheckstoseeifthefile/etc/nologinexists.Ifitdoes,itdoes
notallowregularuserstologinbyreturningafailedstatus.
Nowthatthislineiscommentedout,PAMwillnotcheckforthefile.Thismeans
thatalluserscanlogin,evenifthefileexists.

4. PressEsc;thensavethefilebyentering:w.
10.TestthemodifiedPAMconfigurationfile:
1. Switchtovirtualconsole4bypressingAlt+F4.
2. Attempttologinasgeekowithapasswordofnovell.
YouareabletologinbecausePAMnolongerchecksforthe/etc/nologinfile.
3. Logoutasgeekobyenteringexit.
11.Editthefile/etc/pam.d/logintouncommentthepam_nologin.soline:
1. Switchtovirtualconsole3bypressingAlt+F3.
2. Inthevieditor,pressIns.
3. Uncommentthepam_nologin.soline(byremovingthe#signyouentered
before)soitlookslikethefollowing:
authrequisitepam_nologin.so
4. PressEsc;thensavethefileandexitvibyentering:wq.
12.Onvirtualconsole4,trylogginginagainasgeeko.
Again,youreceivea"Loginincorrect"message.
13.PressAlt+F3.
14.Deletethefile/etc/nologinbyenteringrm/etc/nologinattheshellprompt.
15.PressAlt+F4.
16.Tryagaintologinasgeekowithapasswordofnovell.
Becausethe/etc/nologinfilenolongerexists,userloginisenabledagain.
17.Logoutasgeekobyenteringexit.
18.PressAlt+F3.
19.Logoutasrootbyenteringexit.
20.ReturntotheserverdesktopbypressingAlt+F7.

Configuresudo

Inthisexercise,youpracticeconfiguringsudotoallowthegeekousertokillprocesseson
DA1asroot.Completethefollowing:
1. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
2. Openaterminalwindow.
3. Switchtorootusingthesucommandandpasswordofnovell.
4. Attheshellprompt,entervisudo.
5. PressIns.
6. Scrolldowntothe"Defaultstargetpw..."line.
7. Commentoutthefollowinglinesbyplacinga#atthebeginningofeachline:
Defaultstargetpw#askforthepasswordofthetarget
useri.e.root

ALLALL=(ALL)ALL#WARNING!Onlyusethistogether
with'Defaultstargetpw'!

8. DefineaUser_AliasnamedPOWRUSRSthatcontainsthegeekouseraccountby
addingthefollowinglinetotheendofthefile:
User_AliasPOWRUSRS=geeko

9. DefineaCmnd_AliasnamedKPROCSthatcontainsthekillandkillallcommandsby
addingthefollowinglinetotheendofthefile:
Cmnd_AliasKPROCS=/bin/kill,
/usr/bin/killall

10.DefineaHost_AliasnamedHSTSthatcontainstheda1hostbyaddingthefollowing
linetotheendofthefile:

Host_AliasHSTS=da1

11.Usingthealiasesdefinedabove,allowthegeekousertorunthespecifiedcommands
onda1asrootbyaddingthefollowinglinetotheendofthefile:
POWRUSRSHSTS=(root)KPROCS

12.PressEsc;thensaveyourchangesandexittheeditorbyentering:exit.
13.Testyourconfigurationbydoingthefollowing:
1. Attheshellprompt(asroot),entertoptostartthetopprocessrunning.
2. Openanewterminalwindow.
3. Attheshellpromptinthenewterminalwindow(asgeeko),entersudokillalltop.
4. Whenprompted,entergeeko'spasswordofnovell.

Youshouldseethattopisunloadedinthefirstterminalwindow,asshown
below:

5. Closeallopenwindowsonthedesktop.
ConfigurethePasswordSecuritySettings

Inthisexercise,youpracticeeditingsecuritysettings.Youwillchangethedefaultbehavior
whenCtrl+Alt+Delispressed.Youwillalsochangetheencryptionmethodfromblowfishto
MD5.
Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. OpenaterminalwindowonDA1.
3. CheckthesettingfortheCtrl+Alt+Delkeystrokeinthefile/etc/inittabbyentering

grepctrlaltdel/etc/inittab
Notethecurrentsetting:
4. StartYaSTbyselectingComputer>YaSTandenteringapasswordofnovell.
5. SelectSecurityandUsers>LocalSecurity.
TheSecurityOverviewdialogappears.
6. Ontheleft,selectPredefinedSecurityConfigurations.
7. MakesureCustomSettingsisselected.
8. Ontheleft,selectPasswordSettings.
9. FromthePasswordEncryptionMethoddropdownlist,selectMD5.
10.Ontheleft,selectBootSettings.
11.FromtheInterpretationofCtrl+Alt+Deldropdownlist,selectHalt.
12.ApplythenewsecuritysettingsbyclickingOK.
13.CloseYaST.
14.Totestthechange,youmustfirstactivatethenewconfiguration.
Thiscanbedoneeitherbyrebootingthesystemorbyentering(asroot)initq,which
reloadsthe/etc/inittabfile.Youwilldothelatter:
1. Intheterminalwindow,sutorootusingapasswordofnovell.
2. Reloadthe/etc/inittabfilebyenteringinitq.
15.VerifythattheCtrl+Alt+Delsettinghaschangedbyentering
grepctrlaltdel/etc/inittab
NoticethatthesettingisnowshutdownhinsteadofwhatyounotedinStep2.
16.TestthissettingbypressingCtrl+Alt+F2andthenselectSendCtrl+Alt+Del.
Thesystemshutsdowninsteadofrestarting.
17.PowertheDA1virtualmachinebackonandloginasgeekowithapasswordofnovell.

18.(Optional)UsetheYaSTSecuritysettingsmoduletochangethedefaultfor
Ctrl+Alt+DelbacktoRestart.
UseACLs

Inthisexercise,youpracticeusingACLs.Inthefirstpart,youcreatetheacl_testdirectory
in/tmpandsetrwxrightsfortheowneronly.YouthensetACLstoallowthegeekouserto
changeintothatdirectory.
Inthesecondpart,youcreateafileinthe/tmp/acl_testdirectoryasrootusingtouch.Then
youchangethedefaultACLsforthe/tmp/acl_testdirectorytogivegeekoreadandwrite
accesstofilesanddirectories.
Inthethirdpartofthisexercise,youpracticeremovingtheACLsthatyouhaveset.
Completethefollowing:
"PartI:ConfiguretheACLofaDirectory"
"PartII:ConfigureaDefaultACLforaDirectory"
"PartIII:DeleteanACL"
PartI:ConfiguretheACLofaDirectory

ToconfiguretheACLofadirectory,dothefollowing:
1. Ifnecessary,logintoyourDA1serverasgeekowithapasswordofnovell.
2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Changetothedirectory/tmpbyentering
cd/tmp
4. Createatestdirectorybyentering
mkdiracl_test
5. Limitthefilesystempermissionsforthedirectorybyentering
chmod700acl_test
6. Openasecondterminalwindowasthegeekouser.
7. Trychangingtothetestdirectorybyentering

cd/tmp/acl_test/
Thecommandfails,becausegeeko(whoisnottheownerofthedirectory)hasno
permissiontoreadandchangeintothedirectory.
8. Switchtotherootterminalsession.
9. DisplaytheminimumACLofthedirectorybyentering
getfaclacl_test
Itshouldappearasfollows:

10.AddanextendedACLbyentering
setfaclmu:geeko:rwxacl_test/
11.Switchtothegeekoterminalandtrytoaccessthedirectoryagainbyentering
cd/tmp/acl_test
BecauseoftheextendedACL,youcannowchangeintothedirectory.
12.SwitchtotherootterminalanddisplaytheextendedACLofthedirectorybyentering
getfacl/tmp/acl_test/
Itshouldappearasfollows:

PartII:ConfigureaDefaultACLforaDirectory

ToconfigureadefaultACLforadirectory,dothefollowing:

1. Intherootterminalwindow,changetothedirectoryacl_testbyentering
cd/tmp/acl_test
2. Createafilebyentering
touchwithout_default_acl
3. DisplaytheACLofthenewfilebyentering
getfaclwithout_default_acl
BecausethereisnodefaultACLfortheparentdirectory,thenewfiledoesnothavean
extendedACLeither.
4. SetadefaultACLfortheacl_testdirectorybyentering
setfacldmu:geeko:rw/tmp/acl_test/
5. Createanothertestfilebyentering
touchwith_default_acl
6. DisplaytheACLofthenewfilebyentering
getfaclwith_default_acl
BecausethisfilewascreatedafterthedefaultACLoftheparentdirectorywasset,the
newfileinheritedtheACL.Thisisshownbelow:

PartIII:DeleteanACL

TodeleteACL,dothefollowing:
1. Intherootterminalwindow,removetheACLbyentering

setfaclxu:geekowith_default_acl
2. DisplaytheACLagainbyentering
getfaclwith_default_acl
Asyoucansee,theACLfortheusergeekohasbeenremoved.IftherewereACLsfor
otherusers,theywouldremainunaffected.
3. Viewthefileattributesofwith_default_aclbyentering
lslwith_default_acl
Therearestillextendedattributes(suchasthemask"+")intheoutput.
4. RemoveallACLsbyentering
setfaclbwith_default_acl
5. DisplaytheACLagainbyenteringthefollowingcommands:
getfaclwith_default_acllslwith_default_acl
NoticethattheACLhasbeenremoved,asshownbelow:

6. Closeallterminalwindows.
ConfigureSuSEfirewall2

Inthisexercise,youpracticeconfiguringSuSEfirewall2onyourDA1server.Youinstalland
configuretheApacheWebServeronDA1.ThenyouenablethefirewallonDA1and
configureittoallowWebservertraffic.
Completethefollowing:

1. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
2. InstalltheApacheWebServeronDA1bydoingthefollowing:
1. SelectComputer>YaST.
2. Whenprompted,enterapasswordofnovell.
3. SelectSoftware>SoftwareManagement.
4. FromtheFilterdropdownlist,selectPatterns.
5. SelecttheWebandLAMPServerpattern,asshownbelow:

1. ClickAccept.
2. IntheAutomaticChangesscreen,clickContinue.
3. Ifprompted,insertyourSLES11installationDVDandclickRetry.
Waitwhilethepackagesareinstalled.
4. Whendone,closeYaST.
5. Openaterminalsession.
6. Switchtorootbyenteringsuattheshellpromptfollowedbyapasswordof
novell.
7. StartApacheonDA1byenteringrcapache2startattheshellprompt.
2. TesttheApacheWebServeronDA1bydoingthefollowing:
1. SelectComputer>Firefox.
2. IntheAddressfield,enterhttp://da1.digitalairlines.com.
Youshouldseethefollowing:

1. CloseFirefox.
2. EnableSuSEfirewall2onDA1bydoingthefollowing:
1. StartYaSTagainonDA1.

2. SelectSecurityandUsers>Firewall.
3. IntheStartUpscreen,verifythatmarkEnableFirewallAutomaticStartingis
marked.
4. (Conditional)ifyourfirewallisn'tcurrentlyrunning,selectStartFirewallNow.
Youshouldseethefirewallstatuschangetorunning,asshownbelow:

5. ClickNext.
Thefollowingsettingsshouldbescheduledtobeappliedtothefirewall:


1. IntheSummaryscreen,clickFinish.
2. CloseYaST.
2. TestthefirewallconfigurationfromyourDASLEDvirtualworkstationbydoingthe
following:
1. Ifnecessary,poweronyourDASLEDvirtualworkstationandloginasgeeko
withapasswordofnovell.
2. StartFirefoxonDASLED.
3. IntheAddressfield,enterhttp://da1.digitalairlines.com.

TheservershouldfailtorespondbecausethefirewallonDA1isblockingall
networktrafficexceptSSHtraffic:

6. ConfigurethefirewallonDA1toallowWebservertrafficbydoingthefollowing:
1. SwitchtoyourDA1virtualserver.
2. StartYaSTandselectSecurityandUsers>Firewall.
3. SelectAllowedServices.
4. FromtheServicetoAllowdropdownlist,selectHTTPServer;thenclickAdd.
5. FromtheServicetoAllowdropdownlist,selectHTTPSServer;thenclickAdd.

6. ClickNext.
7. ClickFinish.
8. CloseYaST.
7. Testthenewfirewallconfigurationbydoingthefollowing:
1. SwitchtoyourDASLEDworkstation.
2. IntheFirefoxwindow,clicktheReloadicon.
TheservershouldnowrespondbecausethefirewallonDA1isconfiguredto
allowHTTPandHTTPStraffic:

8. Closeallopenwindowsonbothsystems.

You might also like