SelfStudyManuals

SUSELinuxEnterprise11AdministrationWorkbookCourse3102

SUSELinuxEnterprise11AdministrationWorkbook
Introduction

ThisworkbookisdesignedtohelpyoupracticetheskillsassociatedwithSUSELinux
Enterprise11Administration(Course3102)objectives.
Theseskills,alongwiththosetaughtinSUSELinuxEnterprise11Fundamentals(Course
3101),prepareyoutotaketheNovellCertifiedLinuxAdministrator11(NovellCLA11)
certificationtest.
Beforestartingtheexercisesinthisworkbook,youneeddothefollowing:
"ChecktheMediainYourStudentKit"
"SetUpYourPracticeEnvironment"
"ReviewExerciseIssuesandTips"
"ReviewtheCourseScenario"
"ReviewtheExerciseConventions"
ChecktheMediainYourStudentKit

Your3102studentkitcontainsthefollowingitems:
3102CourseManual:Printedcoursemanualthatcontainsinstructionalandreference
content.
3102Workbook:Printedworkbookthatcontainsstepbystepinstructionsforsettingup
andcompletingthe3102courseexercises.
3102CourseDVD:ContainsthecoursemanualandworkbookinPDFformataswell
asareadmefile.Italsocontainsthefollowingfoldersthatcontainvariousfilesrequired
forcompletingthelabexercisesforthiscourse:
Setup:Containsfilesusedforthecoursesetup.

 Exercises:Containsfilesusedforthecourseexercises.
Docs:ContainstheSUSELinuxEnterprise11documentation,whichisalso
availablefrom.
SUSELinuxEnterpriseServer11DVD:SLES11installationmediayouwilluseto
completeyourlabexercises.
SUSELinuxEnterpriseDesktop11DVD:SLED11installationmediayouwilluseto
completeyourlabexercises.
SetUpYourPracticeEnvironment

Setupyourpracticebycompletingthefollowing:
"ReviewtheSetupRequirements"
"ReviewtheSetupDiagram"
"PrepareYourHostWorkstation"
ReviewtheSetupRequirements

Thefollowingarethehardwareandsoftwarerequirementsforyourpracticeenvironment:
Setup

MinimumRequirements

Hardware Youneedonehostcomputerthatmeetsthefollowingrequirements:
PentiumIV2GHz(orfaster)computer
2GBRAM(4GBrecommended):
1024MB(DA1virtualserver)
512MB(DASLEDvirtualworkstation)
40GB(ormore)harddiskspace
DVDdrive
MakesurethatthehostcomputerisactuallyutilizingalloftheinstalledRAM.If
not,theexercisesmayrunextremelyslowlyorevenstall.
Software Tocompletethepracticeenvironmentsetup,youneedthefollowingsoftware:

Setup

MinimumRequirements
3102CourseDVD(includedinyourstudentkit),whichcontainssoftware
andfilesneededtocompletethecourseexercises
SUSELinuxEnterpriseServer11DVD,whichcontainstheSLES11
installationmediayouwillusetocompleteyourlabexercises.
SUSELinuxEnterpriseDesktop11DVD,whichcontainstheSLED11
installationmediayouwillusetocompleteyourlabexercises.

ReviewtheSetupDiagram

Inthiscourse,yourhostcomputerwillrunmultiplevirtualmachinesconcurrently.The
followingdepictstherelationshipbetweenthehostcomputerandthevirtualmachines:


Thefollowingtableliststhedetailsabouteachvirtualmachineusedinthiscourse:
VirtualMachine Details
DA1

Hostname:da1.digitalairlines.com
Operatingsystem:SUSELinuxEnterpriseServer11

VirtualMachine Details
IPaddress:172.17.8.101
Subnetmask:255.255.0.0
Logininformation:
Superuser:root
Password:novell
DASLED

Hostname:dasled.digitalairlines.com
Operatingsystem:SUSELinuxEnterpriseDesktop11
IPaddress:172.17.8.104
Subnetmask:255.255.0.0
Logininformation:
Superuser:root
Password:novell

PrepareYourHostWorkstation

Tocompletethelabexercisesinthiscourse,youmustfirstinstallandconfigureVMware
virtualizationsoftwareonyourhostworkstation.Todothis,completethefollowing:
1. InstallSLED11onyourhostworkstation.
Duringtheinstallation,installtheC/C++CompilerandToolspattern,asshownbelow:


Duringtheinstallation,configurethefollowinguseraccounts:
geekowithapasswordofnovell
geekowithapasswordofnovell
2. ConfigurethenetworkinterfaceontheworkstationtousetheTraditionalMethodwith
ifupnetworksetupmethodinsteadofNetworkManager.
3. InstallVMwareWorkstationonyourhostworkstation.
VMwareisvirtualizationsoftwarethatallowsyoutorunanoperatingsysteminparallel
toyourexistingoperatingsysteminstallation.YoucanuseVMwaretoinstalland
configuremultipleguestoperatingsystemsonyourcomputerwithoutrepartitioning
yourdisks.

Inthefirstexerciseinthiscourse,youwillinstallavirtualSLES11serverandavirtual
SLED11workstationthatyouwillusetocompletetheremainingexercisesinthe
course.
IfyoudonothaveVMwareonyoursystem,youcandownloadacopyfromthe
VMwareWebsiteat.Youcanchoosebetweenthefollowingproducts:
VMwareServer:FreeversionoftheVMwareproduct.Itcanbeusedtocreate,
modify,andrunVMwareimages.Itdoesnotallowyoutocreatesnapshots,
however.
VMwareWorkstation:FullfeaturedversionofVMware.Thesoftwarecanbe
usedtocreate,modify,andrunVMwareimages.Youcaneitherpurchasethe
softwareorgetafree30daysevaluationkey.
VMwarePlayer:FreeversionoftheVMwareproduct.Itcanrunexistingvirtual
machines,butitcannotbeusedtocreateVMwareimagesnordoesitallowyou
tocreatesnapshots.
NOTE:IfyouneedhelpinstallingaVMwareproduct,visit.
4. Configurevmnet5inVMware:
SelectComputer>MoreApplications>System>VirtualNetworkEditor.
Whenprompted,enteryourrootuser'spassword.
Thefollowingisdisplayed:

Selectvmnet1.
IntheSubnetIPfield,enter172.17.0.0,asshownbelow:

SelectSave.
Openaterminalwindowandusethesucommandtoswitchtoyourrootuser
account.
Attheshellprompt,entervi/etc/vmware/networking.

 PressIns;thenscrolldowntotheanswerVNET_1_HOSTONLY_NETMASK
255.255.255.0line.
ChangethislinetoanswerVNET_1_HOSTONLY_NETMASK255.255.0.0.
PressEsc;thenenter:exit.
SelectComputer>MoreApplications>System>VirtualNetworkEditoragain.
Whenprompted,enteryourrootuser'spassword.
Selectvmnet1andverifythatthesubnetmaskhaschangedto255.255.0.0,as
showbelow:

SelectSave.
Shutdownandrestarttheworkstation.
Whentheworkstationhasrebooted,loginandthenopenaterminalwindow.
Switchtorootusingthesucommand.
Attheshellprompt,enterifconfig.
Verifythatyourhost'svmnet1virtualnetworkadapterhasbeenassignedanIP
addressof172.17.0.1andasubnetmaskof255.255.0.0,asshownbelow:

5. Createthefollowingfoldersonyourhost'sharddrive:

 /isos/3102
/vms/3102
6. CopythecourseISOfilesfromtheExercisesfolderonyourcourseDVDtothe
/isos/3102folderonyourharddrive.
7. CopythecoursevirtualmachinefilesfromtheSetupfolderonyourcourseDVDto
the/vms/3102directoryonyourharddrive.
8. Configurethehotkeysusedtoreleasethefocusfromthevirtualmachinebydoingthe
following:
IntheVMwarewindow,selectEdit>Preferences>HotKeys.
MarkCtrl+Shift+Alt.
SelectOK.
ReviewExerciseIssuesandTips

Beforestartingtheexercises,makesureyoureviewthefollowing:
"MemoryIssues"
"ExerciseTips"
"BrowserIssues"
"ExerciseNotes"
MemoryIssues

Althoughyouperformtheexerciseswith2GBofRAMonthehostmachine,theprocessing
timeforperformingsomeadministrationtaskswillbesignificantlyslowerthaninareal
hardwareenvironment.Additionalmemorywillincreasetheoverallspeedofthesystem.
ExerciseTips

Followingaresometipsthatcanhelpyouwhenusingthisworkbooktocompleteexercises:
Exercisesequence:Althoughtherearemanytasksintheexercisesthatcanbedone
atanytime,theexercisesoftenrelyontasksperformedinearlierexercises.
Forthisreason,it'srecommendedthatyouperformtheexercisesinsequenceto
successfullycompleteallexercises.

 Keyboardentryproblems:Ifyoucannotusethekeyboardtoentertext,tryselectingthe
virtualmachinewindowwiththemouseortrypressingShift+Tab.
Virtualmachineshutdown:Beforepoweringoffavirtualmachine,makesureyoushut
downtheguestoperatingsystemcleanlyfirst.
BrowserIssues

Mostofthelabsinthiscoursedirectyoutouseabrowserwithinthevariousvirtualmachines.
Thisworkedwellduringthetestingofthelabsandreducesdependenciesonthehost
workstation.
However,ifyoufindusingabrowserwithinavirtualmachinecumbersomeorslow,youcan
useabrowseronthehostworkstationinstead.
ExerciseNotes

Reviewthefollowingnotespriortocompletingthelabexercisesinthiscourse:
Exercise

Notes

Exercise22,
PartIII

AttheendofPartIII,studentsmayhavetorebootthesystemtobeableto
logbackinasgeeko.

ReviewtheCourseScenario

TheITdepartmentofDigitalAirlinesisrollingoutmoreandmoreSUSELinuxEnterprise11
installations.YourtaskistofamiliarizeyourselfwithSUSELinuxEnterprise11tobeableto
takeonagreaternumberofsystemadministratortasksonthisplatform.
Youneedadditionalexperienceinthefollowingareas:
InstallationandconfigurationofSUSELinuxEnterprise11
Filesystemmaintenance
Specializedaspectsofusermanagement(suchasACLs)
Networkconfigurationandfundamentalnetworkservices
Hardwaremanagement
Backupandrecovery
Managementofservicesandprocesses

 Remoteadministration
Youdecidetosetuptestserversandworkstationsinthelabtoenhanceyourskillsinthese
areas.
ReviewtheExerciseConventions

Whenworkingthroughanexercise,youwillseeconventionsthatindicateinformationyou
needtosupplythatisspecifictoyourserver.
Thefollowingdescribesthemostcommonconventions:
italicized/boldedtext:Thisisareferencetoavariablethatisuniquetoyoursituation,
suchasthehostnameofyourserver.
Forexample,ifthehostnameofyourserverisDA1,andyouseethefollowing,
hostname.digitalairlines.com
thenyouwouldenter
DA1.digitalairlines.com
172.17.8.xx:ThisistheIPaddressthatisassignedtoyourSUSELinuxEnterprise
system.
Forexample,ifyourIPaddressis172.17.8.101,andyouseethefollowing:
172.17.8.xx
thenyouwouldenter
172.17.8.101
Select:Thewordselectisusedinexercisestepstoindicateavarietyofactions
includingclickingabuttonontheinterfaceandselectingamenuitem.
EnterandType:Thewordsenterandtypehavedistinctmeanings.
ThewordentermeanstotypetextinafieldoratacommandlineandpresstheEnter
keywhennecessary.ThewordtypemeanstotypetextwithoutpressingtheEnterkey.
Ifyouaredirectedtotypeavalue,makesureyoudonotalsopresstheEnterkeyor
youmightactivateaprocessthatyouarenotreadytostart.

InstallSUSELinuxEnterprise11

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"InstallSUSELinuxEnterpriseServer11"
Inthisexercise,youinstallSUSELinuxEnterpriseServer11.
"InstallSUSELinuxEnterpriseDesktop11"
Inthisexercise,youinstallSUSELinuxEnterpriseDesktop11.
InstallSUSELinuxEnterpriseServer11

Inthisexercise,youinstallaSUSELinuxEnterpriseServer11system.Usethefollowing
specificationsasaguidelinefortheinstallation:
Createthefollowingpartitions:
1GBswappartition.
6GBfor/(Youshouldleaveunpartitionedspaceontheharddisktoadd
partitionsinlaterexercises).
Usedefaultsoftwarepatterns,butaddtheC/C++CompilerandToolspattern.
rootpassword:novell
NOTE:Thispasswordisnotappropriateforaproductionenvironment.
UseastaticIPaddress:
IPaddress:172.17.8.101
Networkmask:255.255.0.0
Hostname:da1
Domainname:digitalairlines.com
Nameserver:none
Defaultgateway:none
Uselocalauthentication.Createageekouseraccountwithapasswordofnovell.

 Skiptheonlineupdate.
Dothefollowing:
1. InsertyourSLES11installationDVDintoyourhostworkstation'sDVDdrive.
2. Onyourhostworkstation,startVMwareWorkstation.
3. InVMware,selectFile>Open.
4. Browsetoandselectthe/vms/3102/DA1/DA1.vmxfile.
5. SelectPowerOnThisVirtualMachine.
6. Ifpromptedtocreateanewidentifierforthevirtualmachine,selectKeep;thenclick
OK.
7. WhentheGRUBinstallationscreenappears,selectInstallationwiththearrowkeys
andthenpressEnter.
WaitwhileLinuxisloadedandtheYaSTInstallationmodulestarts.
8. IntheLanguageSelectiondialog,selectyourlanguageandyourkeyboardlayout.
NOTE:Althoughyoucanselectanyavailablelanguage,theexercisesinthismanual
arewrittenforEnglishUS.
9. IntheLicenseAgreementfield,selectIAgreetotheLicenseTerms;thenclickNext.
10.IntheMediaCheckscreen,selectStartCheck.
Waitwhilethemediaischecked.
11.Whenthemediacheckiscomplete,clickNext.
Waitwhilethesystemhardwareisprobed.
12.IntheInstallationModedialog,selectNewInstallation;thenclickNext.
13.IntheClockandTimeZonedialog,selectyourtimezone.
14.DeselectHardwareClockSetToUTC.
15.Adjustthedateandtimetothecorrectparameters,ifneeded.
16.Whendone,clickNext.

17.IntheServerBaseScenarioscreen,selectPhysicalMachine;thenclickNext.
TheInstallationSettingsproposaldialogappears.
18.ChangethepartitioningsettingsbyselectingPartitioning.
19.SelectCustomPartitioning(forexperts);thenclickNext.
20.Createaswappartitionbydoingthefollowing:
1. UnderSystemView,selectHardDisks>sda.
2. SelectAdd.
3. SelectPrimaryPartition;thenclickNext.
4. SelectCustomSize;thenenterasizeof1GB.
5. ClickNext.
6. FromtheFileSystemdropdownlist,selectSwap.
7. AddtheswappartitionbyclickingFinish.
21.Createtherootpartitionbydoingthefollowing:
1. SelectAdd.
2. SelectPrimaryPartition;thenclickNext.
3. SelectCustomSize;thenenterasizeof6GB.
4. ClickNext.
5. Configurethefollowingoptions:
SelectExt3fromtheFileSystemdropdownlist.
Select/fromtheMountPointdropdownlist.
6. AddtherootpartitionbyclickingFinish.
Yourpartitionsshouldappearasshownbelow:


22.ConfirmthepartitioningsetupandreturntotheinstallationproposalbyclickingAccept.
23.IntheInstallationSettingsOverview,selectSoftware.
24.UnderPatterns,scrolldowntoandselectC/C++CompilerandTools,asshown
below:


25.ClickOK.
26.Ifpromptedtoacceptlicenseagreementsforpackagestobeinstalled,selectAccept.
27.IntheInstallationSettingsdialog,clickInstall.
28.Intheconfirmationdialog,clickInstall.
Waitwhilethediskispartitionedandthepackagesareinstalled.Thismaytakeupto
30minutestocomplete.
29.InthePasswordfortheSystemAdministrator"root"screen,enternovellinthe
passwordfields.

30.ClickNext.
31.Whenwarnedthatthepasswordistoosimple,clickYes.
32.Whenwarnedthatthepasswordusesonlylowercaseletters,clickYes.
33.IntheHostnameandDomainNamedialog,enterDA1intheHostnamefieldand
digitalairlines.comintheDomainNamefield.
34.DeselectChangeHostnameviaDHCP.
35.SelectWriteHostnameto/etc/hosts;thenclickNext.
36.IntheNetworkConfigurationscreenunderFirewall,clickOpennexttoSSHPortis
Blocked.
TheentrywillchangetoSSHPortisOpen.
37.SelectNetworkInterfaces.
38.Selectthefirstdetectednetworkcard;thenclickEdit.
39.SelectStaticallyAssignedIPAddress.
40.IntheIPAddressfield,enter172.17.8.101.
41.IntheSubnetMaskfield,enter255.255.0.0.
42.IntheHostnamefield,enterDA1.
43.ClickNext.
44.SelecttheHostname/DNStab.
Yourhostnameanddomainnameshouldalreadybefilled.Ifnot,enterahostnameof
DA1andthedomainnamedigitalairlines.com.
NOTE:Becausethisvirtualmachinerunsinhostonlymode,itisisolatedfromtherest
ofyournetwork.Inaproductionenvironment,youwouldconfigureoneormoreDNS
serveraddressesandagatewayrouteraddress.
45.ReturntotheNetworkConfigurationdialogbyselectingOK.
46.ContinuewiththeinstallationbyclickingNext.
47.IntheTestInternetConnectiondialog,selectNo,SkipThisTest;thenclickNext.

48.IntheInstallationOverviewdialog,acceptthedefaultsettingsbyclickingNext.
49.IntheUserAuthenticationMethodscreen,selectLocal(/etc/passwd);thenclickNext.
50.IntheNewLocalUserscreen,addausernamedgeekobyenteringthefollowing:
1. User'sFullName:GeekoNovell
2. UserLogin:geeko
3. Password:novell
51.CreatetheuserbyclickingNext.
52.ConfirmthepasswordwarningsbyclickingYestwice.
53.IntheReleaseNotesscreen,reviewthereleasenotes;thenclickNext.
54.IntheHardwareConfigurationdialog,reviewthesettingssuggestedunderGraphics
Cards;thenclickNext.
55.CompletetheinstallationprocessbyclickingFinish.
Waitwhilethesystemisclonedandthegraphicalloginisloaded.
56.Edityourhostsfilebydoingthefollowing:
1. LogintoyourDA1serverasgeekowithapasswordofnovell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.
4. InYaST,selectNetworkServices>Hostnames.
5. ClickAdd.
6. Specifythefollowing:
IPAddress:172.17.8.104
Hostname:DASLED.digitalairlines.com
Alias:DASLED
7. ClickOK.

8. ClickFinish.
9. CloseYaST.
57.InstallVMwareToolsinyourSLES11virtualmachinebydoingthefollowing:
1. InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
2. InyourVMwarewindow,selectVM>InstallVMwareTools>Install.
3. Whenpromptedfortherootuser'spassword,enternovell.
AFileBrowserwindowopensdisplayingthefilesontheVMwareToolsISO
image.
4. RightclicktheVMwareToolsRPMfile;thenselectOpenwithInstallSoftware.
5. Whenpromptedfortherootuser'spassword,enternovell.
Waitwhilethepackageisinstalled.
6. Whencomplete,closetheFileBrowserwindow.
7. RightclicktheVMwareToolsicononthedesktop;thenselectUnmountVolume.
8. InyourVMwarewindow,selectVM>CancelVMwareToolsInstall.
9. InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Connect.
10.Whenpromptedfortherootuser'spassword,enternovellandclick
Authenticate.
11.ClosetheFileBrowserwindow.
12.Rightclickthedesktop;thenselectOpenInTerminal.
13.Attheshellprompt,entersufollowedbyapasswordofnovellandclick
Authenticate.
14.Attheshellprompt,entervmwareconfigtools.pl.
15.Whenpromptedtobuildthevmhgfsmodule,enteryes.
16.WhenpromptedforthelocationoftheCheaderfiles,pressEnter.

17.Whenpromptedtobuildthevmxnetmodule,enteryes.
18.Whenpromptedtoconfigureyourscreenresolution,entertheappropriatemenu
optionfor1024x768.
19.Rebootthesystembyenteringinit6attheshellprompt.
InstallSUSELinuxEnterpriseDesktop11

Inthisexercise,youinstallaSUSELinuxEnterpriseDesktop11system.Usethefollowing
specificationsasaguidelinefortheinstallation:
UsethedefaultpartitionsproposedbyYaST.
Usedefaultsoftwareselection,butaddtheC/C++CompilerandToolspattern.
rootpassword:novell
NOTE:Thispasswordisnotappropriateforaproductionenvironment.
UseastaticIPaddress:
IPaddress:172.17.8.104
Networkmask:255.255.0.0
Hostname:dasled
Domainname:digitalairlines.com
Nameserver:none
Defaultgateway:none
Uselocalauthentication.Createageekouseraccountwithapasswordofnovell.
Skiptheonlineupdate.
Dothefollowing:
1. Ifit'srunning,suspendyourDA1virtualserver.
2. InsertyourSLED11installationDVDintoyourhostworkstation'sDVDdrive.
3. InVMware,selectFile>Open.

4. Browsetoandselectthe/vms/3102/DASLED/DASLED.vmxfile.
5. SelectPowerOnThisVirtualMachine.
6. Ifpromptedtocreateanewidentifierforthevirtualmachine,selectKeep;thenclick
OK.
7. WhentheGRUBinstallationscreenappears,selectInstallationwiththearrowkeys
andpressEnter.
WaitwhileLinuxisloadedandtheYaSTInstallationmodulestarts.
8. IntheLanguageSelectiondialog,selectyourlanguageandyourkeyboardlayout.
9. IntheLicenseAgreementfield,selectIAgreetotheLicenseTerms;thenclickNext.
10.IntheMediaCheckscreen,clickStartCheck.
Waitwhilethemediaischecked.
11.Whenthemediacheckiscomplete,clickNext.
Waitwhilethesystem'shardwareisprobed.
12.IntheInstallationModedialog,selectNewInstallation;thenclickNext.
13.IntheClockandTimeZonedialog,selectyourtimezone.
14.DeselectHardwareClockSetToUTC.
15.Adjustthedateandtimetothecorrectparameters,ifneeded.
16.Whendone,clickNext.
Thefollowingisdisplayed:


17.Createanewstandarduserbyspecifyingthefollowing:
User'sFullName:GeekoChameleon
Username:geeko
Password:novell
18.SelectUseThisPasswordforSystemAdministrator;thenclickNext.
19.Whenpromptedthatthepasswordistoosimple,clickYes.
20.Whenpromptedthatthepasswordusesonlylowercaseletters,clickYes.

TheInstallationSettingsproposaldialogappears.
21.IntheInstallationSettingsOverview,selectSoftware.
22.UnderPatterns,scrolldowntoandselectC/C++CompilerandTools,asshown
below:

23.ClickOK.
24.Ifpromptedtoacceptlicenseagreementsforpackagestobeinstalled,selectAccept
untilyoureturntotheinstallationproposal.
25.IntheInstallationSettingsOverview,clickInstall.

26.Intheconfirmationdialog,clickInstall.
Waitwhilethediskispartitionedandthepackagesareinstalled.Thismaytakeupto
45minutestocomplete.
27.Atthispoint,yourinstallationiscomplete.YaSTdisplaysthefollowing:

28.CompletetheinstallationprocessbyclickingFinish.
Waitwhilethegraphicalloginisloaded.
29.AssignastaticIPaddresstoyourvirtualSLED11workstationbydoingthefollowing:
LogintoyourDASLEDworkstationasgeekowithapasswordofnovell.

 SelectComputer>YaST.
Whenpromptedfortherootuser'spassword,enternovell.
SelectNetworkDevices>NetworkSettings.
Whenpromptedthatyournetworksettingsarecurrentlymanagedby
NetworkManager,clickOK.
SelectTraditionalMethodwithifup;thenclickOK.
InYaST,selectNetworkDevices>NetworkSettingsagain.
Selectyournetworkinterface,thenclickEdit.
SelectStaticallyAssignedIPAddress;thenspecifythefollowing:
IPAddress:172.17.8.104
SubnetMask:255.255.0.0
Hostname:DASLED
ClickNext.
SelecttheHostname/DNStab;thenspecifythefollowing:
Hostname:DASLED
DomainName:digitalairlines.com
ClickOK.
30.Edityourhostsfilebydoingthefollowing:
InYaST,selectNetworkServices>Hostnames.
ClickAdd.
Specifythefollowing:
IPAddress:172.17.8.101
Hostname:DA1.digitalairlines.com

 Alias:DA1
ClickOK.
ClickFinish.
CloseYaST.
31.InstallVMwareToolsinyourSLES11virtualmachinebydoingthefollowing:
RightclicktheDVDicononyourdesktop;thenselectUnmountVolume.
InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
InyourVMwarewindow,selectVM>InstallVMwareTools>Install.
AFileBrowserwindowopensdisplayingthefilesontheVMwareToolsISO
image.
RightclicktheVMwareToolsRPMfile;thenselectOpenwithInstallSoftware.
SelectInstall.
Whenpromptedfortherootuser'spassword,enternovell.
Waitwhilethepackageisinstalled.
Whencomplete,closetheFileBrowserwindow.
RightclicktheVMwareToolsicononthedesktop;thenselectUnmountVolume.
InyourVMwarewindow,selectVM>CancelVMwareToolsInstall.
InyourVMwarewindow,selectVM>RemovableDevices>CDROM>
Connect.
Rightclickonthedesktop;thenselectOpenInTerminal.
Attheshellprompt,entersufollowedbyapasswordofnovell.
Attheshellprompt,entervmwareconfigtools.pl.
Whenpromptedtobuildthevmhgfsmodule,enteryes.

 WhenpromptedforthelocationoftheCheaderfiles,pressEnter.
Whenpromptedtobuildthevmxnetmodule,enteryes.
Whenpromptedtoconfigureyourscreenresolution,entertheappropriatemenu
optiontospecify1024x768.
Rebootthesystembyenteringinit6attheshellprompt.

ManageSystemInitialization

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ManagetheBootLoader"
Inthisexercise,youpracticebootingintoashellandmodifying/boot/grub/menu.lst.
"ManageRunlevels"
Inthisexercise,youpracticeconfiguringrunlevels.
ManagetheBootLoader

Inthisexercise,youpracticebootingintoashellandmodifying/boot/grub/menu.lst.
Youenterinit=/bin/bashatthebootpromptandmodify/boot/grub/menu.lsttorequirea
passwordbeforekernelparameterscanbemodified.YouthentestthenewGRUB
configuration.
NOTE:ThisexercisewillnotworkwithSUSELinuxEnterprise11runningonphysical
hardwarewithaUSBkeyboard.USBdriversareusuallyloadedlateintheinitprocess.Ifyour
machineisequippedwithaUSBkeyboard,youhavetoaddthemodulestotheinitialRAM
diskforthisexercisetowork.TodothiswithaUSBkeyboard,completethefollowingsteps
first:FindoutwhichUSBmodulesareloadedbyenteringlsmodinaterminalwindow.Then
starttheYaSTControlCenter,andselectSystem>/etc/sysconfigEditor.ExpandSystem>
Kernel.InINITRD_MODULES,addtheappropriatemodules(suchasusbhid,uhdi_hcd,
and/orehci_hcd).Closethedialogs.Inaterminalwindow(asroot),entermkinitrd.
Completethefollowing:
1. IfyourDASLEDvirtualworkstationisrunning,suspendit.
2. IfyourDA1virtualserverissuspended,resumeit.
3. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.

4. Rightclickonthedesktop;thenselectOpeninTerminal.
5. Intheterminalwindow,entersufollowedbyapasswordofnovell.
6. Rebootthesystembyenteringinit6attheshellprompt.
7. WhentheGRUBbootmenuisdisplayed,pressSpacetostopthetimer.
8. IntheBootOptionsfield,replacethevga=0x332optionwithinit=/bin/bash.
Anexampleisshownbelow:

9. PressEnter.

Afterafewminutes,thebashpromptisdisplayed:

10.Remounttherootpartitionreadwritablebyentering
mountoremount,rw,sync/
11.Attheshellprompt,entervi/boot/grub/menu.lst.
12.PressIns.
13.Positionthecursoratthebeginningofthelinestartingwith"gfxmenu".
14.Commentoutthelinebyinsertingapoundsign(#)infrontofthelinestartingwith
"gfxmenu".
15.Toavoidhavingthepassworddisplayedincleartextintheconfigurationfile,createan
MD5Hashencryptedpasswordbydoingthefollowingwithinvi:
1. Addanew,blanklineafterthe"gfxmenu"lineyoujustcommentedout.
2. PressEsc.
3. Enter:r!echoe"secret\nsecret"|grubmd5crypt.

Thisrunsanexternalcommandfromwithinthevieditor.Theechocommand
sendsthesecretandsecrettextstringstothestandardinputofthegrub
md5cryptcommand.
Thegrubmd5cryptcommandusesthesestringsasinputforitsPassword:
andRetypePassword:prompts.Itthenencryptsthepassword.
Theoutputfromgrubmd5cryptcommandisinsertedintothefile,includingthe
encryptedpassword:

4. Arrowuptothelinethatreadsstty:standardinput:Invalid
argument.
5. Typeddtodeletetheline.
6. Repeatthisprocesstodeletethefollowinglines:
Password:
RetypePassword:
stty:standardinput:Invalidargument
7. PressIns.

8. Atthebeginningofthelinewiththeencryptedpassword,enterpasswordmd5.
Anexampleisshownbelow:

Yourhashvaluewillbedifferentthanthatshownabove.
1. SavethefilebypressingEscandthenentering:wq.
2. Resetthecomputerbyenteringrebootattheshellprompt.
Youwillnoticethatthestartscreenlooksdifferentnow,becauseyouturnedoffthe
graphicalmenu.
3. Ifyouwanttoeditthekernelcommandline,presspandthenenterapasswordof
secret.
4. SelecttheSUSELinuxEnterpriseServer11menuoptionandpressEnter.
Waitwhilethesystemboots.
5. Undothechangesin/boot/grub/menu.lst:
1. Loginasgeekowithapasswordofnovell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Attheshellprompt,entervi/boot/grub/menu.lst.
4. PressIns.
5. Putacommentsign(#)atthebeginningofthelinebeginningwithpassword.
6. Removethecommentsigninfrontofthelinestartingwithgfxmenu.
7. SavethefileandclosevibypressingEscandentering:wq.
8. Attheshellprompt,enterexit>exit.
ManageRunlevels

Inthisexercise,youpracticeconfiguringrunlevels.Thisexercisehasfourparts.
Inthefirstpart,youusetherunlevelcommandtodeterminethecurrentrunlevel.Youalso
usetheinitcommandtochangetorunlevel3andthenbackto5.
Inthesecondpart,youactivatetheatserviceatd.
Inthethirdpart,yourebootyourcomputerandbootintorunlevel3insteadofthedefault
runlevel5.Youthenloginandswitchtobacktorunlevel5.
Inthefourthpart,youactivatethersyncdaemonusingtheYaSTrunleveleditor.
Completethefollowing:
"PartI:ViewandChangetheCurrentRunlevel"
"PartII:ActivatetheatdService"
"PartIII:SetaRunlevelatBootTime"
"PartIV:EnablersyncdwithYaST"
PartI:ViewandChangetheCurrentRunlevel

Toviewandchangethecurrentrunlevel,dothefollowing:
1. Ifnecessary,logintoyourDA1serverasgeekowithapasswordofnovell.
2. Openaterminalwindowandsutorootusingapasswordofnovell.

3. Checkthepreviousandcurrentrunlevelsbyenteringrunlevelattheshellprompt.
Listtherunlevelsinthetablebelow:
Previous Current

NoticethatthepreviousrunlevelislistedasN,whichmeansthattherewasno
previousrunlevelset.
3. Changetorunlevel3byenteringinit3intheterminalwindow.
Thegraphicalenvironmentisterminatedandyouareleftataterminalloginprompt:

5. Loginasrootwithapasswordofnovell.
6. Checkthepreviousandcurrentrunlevelbyenteringrunlevel.
Listtherunlevelsinthetablebelow:
Previous Current

7. Switchtorunlevel5byenteringinit5.
TheGUIloginscreenappears.
8. Loginasgeekowithapasswordofnovell.
PartII:ActivatetheatdService

Toactivatetheatdservice,dothefollowing:
1. Openaterminalwindow.
2. Attheshellprompt,sutorootwithapasswordofnovell.
3. Viewthecurrentrunlevelconfigurationforatdbyenteringchkconfigatdlattheshell
prompt.
Noticethatconfigurationisoffforallrunlevels.
4. Installtheservicetoitspredefinedrunlevelsbyentering
insservdatd
5. Checkthemodifiedrunlevelconfigurationforatdbyenteringchkconfigatdlagain.
Noticethatthedefaultconfigurationforatdsetsrunlevels2,3,and5toon:


6. Changetothe/etc/rc.d/rc3.ddirectorybyenteringcd/etc/rc.d/rc3.dattheshellprompt.
7. Listtheatdfilesinthedirectorybyenteringlsl*atdattheshellprompt.
Noticethattherearetwoatdlinksoneisusedtostarttheatdserviceandoneisused
tokillit:

8. Starttheatservicebyenteringrcatdstartattheshellprompt.
9. Verifythattheserviceisrunningbyenteringrcatdstatusattheshellprompt.
10.Switchtovirtualterminal1bypressingCtrl+Alt+F1.
11.PressCtrl+ctobringuptheshellprompt.
12.Youshouldbestillbeloggedinasroot.Verifythisbyenteringwhoamiattheshell
prompt.
13.Switchtorunlevel1byenteringinit1attheshellprompt.

14.Whenprompted,enterarootpasswordofnovell.
15.Determineiftheatdserviceisrunningbyenteringrcatdstatusattheshellprompt.
Theserviceislistedasunusedbecauseitisnotconfiguredtostartatrunlevel1.
16.Switchbacktoyourpreviousrunlevel(5)byenteringinit5attheshellprompt.
TheGUIloginscreenappears.
17.Loginasgeekowithapasswordofnovell.
18.Openaterminalsessionandentersutoswitchtorootusingapasswordofnovell.
19.Fromthecommandline,removetheatdservicefromsystemstartuprunlevelsby
enteringchkconfigatdoff.
20.Viewthecurrentrunlevelconfigurationforatbyenteringchkconfigatdlattheshell
prompt.
Noticethattheserviceisoffforallrunlevels.
21.Reenabletheservicetostartatthedefaultrunlevelsbyenteringchkconfigatdonat
theshellprompt.
PartIII:SetaRunlevelatBootTime

Tosetarunlevelatboottime,dothefollowing:
1. Rebootbyenteringinit6attheshellprompt.
2. WhentheGRUBbootmenuisdisplayed,pressSpacetostopthetimer.
3. IntheBootOptionsfield,addthenumber3attheendoftheline,asshownbelow:


4. PressEntertoboottheLinuxsystemtorunlevel3.
5. Whentheloginpromptappears,loginasrootwithapasswordofnovell.
6. Displaythecurrentrunlevelbyenteringrunlevelattheshellprompt.
7. Switchtorunlevel5byenteringinit5attheshellprompt.
8. SwitchbacktothevirtualterminalbypressingCtrl+Alt+F1.
9. PressCtrl+C.
10.Logoutasrootbyenteringexit.

11.SwitchbacktothegraphicaluserinterfacebypressingCtrl+Alt+F7.
12.Loginasgeekowithapasswordofnovell.
PartIV:EnablersyncdwithYaST

ToenablersyncdwithYaST,dothefollowing:
1. Inthegraphicaldesktop,selectComputer>YaST.
2. Enterapasswordofnovell.
TheYaSTControlCenterappears.
3. SelectSystem>SystemServices(Runlevel).
TheRunlevelEditor:Servicesdialogappears.
4. Switchtoamoredetailedview(withadditionaloptions)byselectingExpertMode.
5. Scrolltoandselectrsyncd.
6. Belowthelist,configurethisservicetostartatrunlevels3and5byselecting3and5.
7. FromtheSet/Resetdropdownlist,selectEnabletheService.
8. StartthersyncdservicebyselectingStartNowfromtheStart/Stop/Refreshdropdown
list.
Astatusmessageappearsindicatingthattheservicestartedsuccessfully.
9. ClosethestatusmessagebyselectingOK.
10.StopthersyncdservicebyselectingStopNowfromtheStart/Stop/Refreshdropdown
list.
Astatusmessageappearsindicatingthattheservicestoppedsuccessfully.
11.ClosethestatusmessagebyselectingOK.
12.SavethechangesbyselectingOK>Yes.
13.ClosetheYaSTControlCenter.

AdministerLinuxProcessesandServices

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ManageLinuxProcesses"
Inthisexercise,youstartandstopprocessesandchangetheirpriorities.
ManageLinuxProcesses

Inthisexercise,youpracticestartingandstoppingprocessesandchangingtheirpriorities.
Inthefirstpartoftheexercise,youstartandsuspendgcalctool,moveittothebackground
andforeground,andthenstopit.
Inthesecondpart,youstartgcalctoolandsetthepriorityoftherunningprogramtoanice
valueof5.Thenyoustartxeyeswithanicevalueof10.
Completethefollowing:
"PartI:MoveProcessestotheBackground"
"PartII:ModifyProcessPriorities"
PartI:MoveProcessestotheBackground

Tomoveprocessestothebackground,dothefollowing:
1. IfyourDA1serverisrunning,suspendit.
2. IfyourDASLEDworkstationissuspended,resumeit.
3. Ifnecessary,logintoyourDASLEDvirtualworkstationasgeekowithapasswordof
novell.
4. Openaterminalwindowandsutorootusingapasswordofnovell.
5. Atthecommandline,displaytheprocessesthatarecurrentlyownedbygeekoby
entering
pslUgeeko(withalowercaseL)
6. Displaytheprocessesthatarecurrentlyownedbyrootbyentering
pslUroot(withalowercaseL)
7. StarttheGNOMECalculatorprogrambyenteringgcalctoolattheshellprompt.

Noticethattheterminalisnotavailabletoreceivenewcommandsbecauseno
commandlineisdisplayed.Thisisbecausethecalculatorprogramisrunninginthe
foreground.
8. Arrangethecalculatorwindowandtheterminalwindowsothatyoucanseethemboth;
thenselecttheterminalwindowtoactivateit.
9. SuspendthecalculatorprogrambypressingCtl+z.
10.Tryusingthecalculatortooltocalculateseveralnumbers.
Becauseitsprocesswassuspended,thecalculatordoesnotrespond.
11.Viewthejobinthebackgroundbyentering
jobs
Youshouldseethatthegcalctooljobisstopped:

12.Viewthegcalctoolprocessrunningfromthecurrentterminalbyentering
psl(withalowercaseL)
TheprocessshowsastatusofT,whichindicatesthatitisbeingtracedorstopped:

13.Resumethecalculatorprogramrunninginthebackgroundbyentering
bg1
Noticethatthecalculatorprogramisrunningagain.Becauseit'srunninginthe
background,youcannowusetheterminalwindowtoenterothercommands.
14.Verifythatthejobstatusisrunningbyentering
jobs

Youshouldseethatthegcalctooljobisnowrunning:

15.Viewthegcalctoolbranchintheprocesstreebyentering
pstreep|grepgcalctool
Noticethatthegcalctoolprocessislistedattheendofthetree:

16.Bringthexosviewprocessintotheforegroundbyentering
fg1
17.Closethecalculatorprogram.
18.Startthecalculatorinthebackgroundbyentering
nohupgcalctool&
NOTE:Thenohupcommandrunsacommandsuchthatisignoresanyhangupkill
signalssenttoit.
19.Closetheterminalwindow.
Thecalculatorprogramremainsrunning.
20.Openanewterminalwindow.
21.Startthetopprogrambyentering
top
22.Viewonlytheprocessesstartedbyrootbytypingu;thenenteringroot.
23.Checkforthecalculatorprogram(gcalctool)listedintop.
24.(Conditional)Ifyoucannotfindthegcalctoolprogram,trymaximizingtheterminal
window.YoucanalsoactivatetheCalculatorwindowanduseittocalculateseveral
numbers.Thisshouldcausethegcalctoolprocesstobemovednearthetopofthe

outputintop.
YoucanalsoenterFintopandselectPIDasthesortcolumn.Ifneeded,youcanalso
reversethesortorderbypressingR
25.RecordthePIDofthegcalctoolprocess:
26.Exittopbytypingq.
27.Viewinformationaboutthegcalctoolprocessbyentering
psPID_of_gcalctool_process
28.Switchtoyourrootuseraccountusingthesucommandandapasswordofnovell.
29.Stopthecalculatorprogramandcheckthestatusbyenteringthefollowingcommands:
killPID_of_gcalctool_processpsaux|grepgcalctool
30.Startthexeyesprograminthebackgroundbyentering
xeyes&
31.Killthexeyesprogrambyentering
killallxeyes
PartII:ModifyProcessPriorities

Tomodifyprocesspriorities,dothefollowing:
1. Switchbacktoyourgeekouserbyenteringexitattheshellprompt.
2. Startthegcalctoolprograminthebackgroundbyentering
gcalctool&
3. RecordthePIDforgcalctool(displayedintheterminalwindow):
4. Viewtherunningprocessbyentering
pslf
Noticethatthenicevalue(NI)iscurrentlyat0.
5. Increasethepriorityoftheprocesstoanicevalueof5byentering

renice5pPID_of_gcalctool_process
Noticethataregularusercannotchangethenicevaluetoavaluebelow0,only020.
6. Switchtoroot(su)withapasswordofnovell.
7. Trysettingthenicevalueto5againbyentering
renice5pPID_of_gcalctool_process
8. Checkthatthesettingiseffectivebyentering
pslf(lowercaseL)
Noticethattheprocessisnotdisplayed,becausepslfonlydisplaysprocessesstarted
bythecurrentuser.Thecalculatorprogramwasstartedbygeeko(notroot).
9. Viewallprocessesbyentering
psalf
Thegcalctoolsprocessisnowdisplayed.
10.Changethenicevalueforthegcalctoolsprocesstoahigherprioritybyentering
renice10pPID_of_gcalctools_process
11.Verifythatthegcalctoolsprocessnicevalueissetto10byentering
psalf(withalowercaseL)
12.Exittheshellrunningasrootbyentering
exit
Youshouldnowbeusergeekoagain.
13.Startthexeyesprograminthebackgroundwiththenicevalueof+10byentering
nicexeyes&
14.Verifythatthexeyesprocessnicevalueissetto+10byentering
pslf(withalowercaseL)
15.Killthegcalctoolsandxeyesprocessesbyenteringthefollowingcommands:

killPID_of_gcalctools_processkillallxeyes
16.Closeyourterminalwindow.

AdministertheLinuxFileSystem

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfigurePartitionsonyourHardDrive"
Inthisexercise,youpracticecreatingpartitionsandfilesystemswithYaSTandfdisk.
Youalsousecommandlinetoolstocreatefilesystems.
"ManageFileSystemsfromtheCommandLine"
Inthisexercise,youpracticemanagingfilesystemsfromthecommandline.
"CreateLogicalVolumes"
Inthisexercise,youlearnhowtoadministerLVMwithYaST.
"SetUpandConfigureDiskQuotas"
Inthisexercise,youlearnhowtoadministerquotas.
ConfigurePartitionsonyourHardDrive

Inthisexercise,youpracticecreatingpartitionsandfilesystemsusingYaSTandfdisk.You
alsousecommandlinetoolstocreatefilesystems.
Inthefirstpartofthisexercise,youuseYaSTtocreatethefollowingpartitionsandfile
systems:
Anextendedpartitionusingtheremainingdiskspace.
Onelogicalpartitionwithasizeof500MB,anext3filesystem,andamountpointof
/apps.
Onelogicalpartitionwithasizeof1GB,aReiserfilesystem,andamountpointof
/srv.
Inthesecondpartofthisexercise,youusefdisktocreatethefollowingpartitions:
OnepartitionofthepartitiontypeWin95/FAT32withasizeof500MB.

 TwopartitionswiththepartitiontypeLinuxandsizesof1GBand2GB.
Inthethirdpartofthisexercise,youcreatefilesystemsonthepartitionsyoucreatedinthe
secondpartusingtheapplicableoptionsformkfs:
CreateaFAT32filesystemon/dev/sda7.
Createanext2filesystemon/dev/sda8.
CreateaReiserfilesystemwithafilesystemsizeof625MBon/dev/sda9.
Todothis,youneedtocompletethefollowingtasks:
"PartI:CreatePartitionsandFileSystemswithYaST"
"PartII:PartitionManuallywithfdisk"
"PartIII:ManageFileSystemsfromtheCommandLine"
PartI:CreatePartitionsandFileSystemswithYaST

TocreatepartitionsandfilesystemswithYaST,dothefollowing:
1. IfyourDASLEDvirtualmachineiscurrentlyrunning,suspendit.
2. IfyourDA1virtualmachineissuspended,resumeit.
3. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
4. Openaterminalwindowandusethesucommandtoswitchtoyourrootaccount
usingapasswordofnovell.
5. Attheshellprompt,enteryast2disk.
Awarningmessageappears.
6. ContinuebyclickingYes.
Afterafewmoments,theExpertPartitionerdialogappears.
7. CreateanextendedpartitionwithYaSTbydoingthefollowing:
1. FromtheSystemView,expandHardDisks.
2. Highlightsda,thenclickAdd.

3. FortheNewPartitionType,selectExtendedPartition;thenclickNext.
TheNewPartitionSizedialogisdisplayed:

4. MakesureMaximumSizeisselected;thenclickFinish.
YouarereturnedtotheExpertPartitionerdialog,withtheextendedpartition
listedasanewentryforyourharddisk:


8. Createanewext3partitionwithYaST:
1. ClickAdd.
TheNewPartitionSizedialogisdisplayed.
2. VerifythatCustomSizeisselected.
3. IntheSizefield,enter500MB;thenclickNext.
NOTE:BesuretouseuppercasecharacterswhenenteringMBorGBinthe
ExpertPartitionerfields.

TheFormattingOptionsdialogisdisplayed:

4. SetthefilesystemtypetoExt2.
5. UnderMountingOptions,selectMountPartition.
6. FortheMountPoint,enter/apps.
7. CreatethepartitiondefinitionbyclickingFinish.
YouarereturnedtotheExpertPartitionerdialogwherethenewpartitionis
addedtothelist:


Theasterisk(*)afterthemountpointindicatesthefilesystemisnotcurrently
mounted.
1. Createapartitionforthe/srvdirectory:
1. Withthesdadiskselected,clickAdd.
2. WithCustomSizeselected,enter1GBintheSizefield;thenclickNext.
3. IntheFileSystemdropdownlist,selectReiser.
4. UnderMountingOptions,selectMountPartition.

5. FortheMountPoint,enter/srv.
6. Addthe/srvpartitionbyclickingFinish.
YouarereturnedtotheExpertPartitionerdialogwherethenewpartitionis
addedtothelist:

10.AddthenewpartitionstotheharddrivebyclickingNext.
Adialogisdisplayedshowingasummaryofthechanges.
11.SelectFinish.

ThiscommitsthechangestodiskandclosestheExpertPartitionerdialog.
12.Verifycreationofthenewpartitionfor/apps.
Intheterminalwindowwhereyouareloggedinasroot,verifythatthenewpartitions
havebeenmountedbyenteringmount.
Youshouldseethefollowinglines:

13.Thecontentsofthe/srvdirectoryarenolongervisibleasitiscurrentlyusedasthe
mountpointforthe/dev/sda6partition.Tocopytheexistscontentsofthedirectoryto
thenewpartition,dothefollowing:
1. Unmount/dev/sda6byentering
umount/srv
2. Mountthepartition/dev/sda6under/mntbyentering
mount/dev/sda6/mnt
3. Movethecontentof/srvto/mnt
mv/srv/*/mnt
4. Umount/mntandmount/dev/sda6again,usingtheentriesin/etc/fstab
umount/mntmounta
5. Verifythatthefilesyoumovedareavailableagainunder/srvbyentering
ls/srv/
14.Verifythattheappropriateentrywasaddedtothe/etc/fstabforthenewpartitionsby
entering:
cat/etc/fstab
Youshouldseethefollowing:


Theseentriesensurethatthenewpartitionsaremountedwhenthesystemboots.
PartII:PartitionManuallywithfdisk

Topartitionmanuallyfromthecommandlinewithfdisk,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,starttheutilityfdiskonthefirst
harddiskonyourserverbyentering
fdisk/dev/sda
Amessageisdisplayedindicatingthatthenumberofcylindersisabove1024,which
mightcauseproblemsundercertaincircumstances.
2. Viewthecurrentpartitiontableinfdiskbyenteringp.
Noticethattherearefivepartitionsdefinedonsda:

3. Createanew500MBWin95FAT32logicalpartitionintheextendedpartitionyou
createdearlierbydoingthefollowing:
1. Createanewpartitionbyenteringn.
2. Enterl(lowercaseL)forlogical.
3. AcceptthedefaultfirstcylinderbypressingEnter.
4. Indicatethepartitionsizebyentering+500M.
5. ChangethepartitiontypetoWin95FAT32byenteringt(fortype).
6. Enter7toselectthepartitionyoujustcreated.

7. WhenpromptedforaHexcode,enterbforWin95/FAT32.
8. Verifythenewpartitionconfigurationbyenteringp.
Noticethatthesda7partitionhasbeenaddedtothetable:

4. Create2morelogicalpartitionswithapartitiontypeofLinux(thedefault)bydoingthe
following:
1. Createanewpartitionbyenteringn.
2. Enterl(lowercaseL)tocreatealogicalpartition.
3. AcceptthedefaultfirstcylinderbypressingEnter.
4. Specifyapartitionsizeof1GBbyentering+1G.
5. Createanothernewpartitionbyenteringn.
6. Enterl(lowercaseL)tocreatealogicalpartition.
7. AcceptthedefaultfirstcylinderbypressingEnter.
8. Indicatethepartitionsizebyentering+2G.
9. Verifythenewpartitionconfigurationbyenteringp.
Noticethattwonewpartitions(sda8andsda9)havebeenaddedtothepartition
table:


5. Writethenewpartitiontabletoyourharddriveandexitfdiskbyenteringw.
6. Viewthecurrentpartitiontableusedbythekernelbyentering
cat/proc/partitions
Noticethatthe3newpartitionsyoujustcreatedaren'tlisted.
7. Toaccessthenewpartitions,youmustupdatethekernel'spartitiontablestoredin
memory.Dooneofthefollowing:
1. Havethekernelupdateitspartitiontablebyenteringpartprobe.
2. Rebootthesystembyenteringreboot.
8. Viewthepartitiontableagainbyentering
cat/proc/partitions
PartIII:ManageFileSystemsfromtheCommandLine

Tomanagefilesystemsfromthecommandline,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,createthefollowingfile
systems:
1. CreateanewFAT32filesystemon/dev/sda7andgiveitthelabeldata1by
enteringthefollowing:
mkfs.msdosndata1/dev/sda7
Thefollowingmessageshouldbedisplayed:
mkfs.msdos2.11(12Mar2005)

Thisconfirmsthefilesystemwascreated.
NOTE:Makesureyouspecifythecorrectdeviceintheabovecommand!Ifyou
specifythewrongdevice,nowarningmessagewillbedisplayedandthefile
systemonthedevicewillbeoverwritten.
2. Createanewext2filesystemon/dev/sda8withverboseoutputbyenteringthe
following:
mkfstext2v/dev/sda8
Noticethatbyaddingtheoptionv,extensiveinformationaboutthenewfile
systemisdisplayed:

1. CreateanewReiserfilesystemon/dev/sda9thatis625MBinsizebyentering
mkreiserfs/dev/sda9160000
Awarningmessageappearsindicatingthatalldatawillbeloston/dev/sda9.
2. Continuebyenteringy.
2. Createthedirectoriesnameddata1,data2,anddata3under/export/byentering

mkdirp/export/data{1,2,3}
3. Verifythatthedirectorieswerecreatedbyentering
lsl/export
4. Asroot,addentriestothe/etc/fstabfileforthenewfilesystems:
1. Openthefile/etc/fstabinthevieditorbyenteringvi/etc/fstabattheshell
prompt.
2. PressIns.
3. Attheendofthefilefstab,addthefollowingnewlines:
/dev/sda7/export/data1vfatdefaults12/dev/sda8/export/data2ext2defaults1
2/dev/sda9/export/data3reiserfsdefaults12
NOTE:Youmustaddanemptylineafterthelastnewentryattheendofthefile,
otherwisethemountcommandcannotreadthefile.
Thesenewentriesensurethesda7,sda8,andsda9partitionsaremounted
whenstartingorrebootingthesystem.
4. Savethechangesto/etc/fstabbypressingEscandthenentering:wq.
5. Intheterminalwindow,rereadthe/etc/fstabfileandmountallofthenewfilesystems
byentering
mounta
6. Viewtheinformationonthemountedfilesystemsbyenteringthefollowingtwo
commands:
mountcat/proc/mounts
Youshouldseeentriesforthethreenewpartitionsyoujustcreated,asshowninthe
following:


ManageFileSystemsfromtheCommandLine

Inthisexercise,youpracticemanagingfilesystemsfromthecommandline.Intheprevious
exercise,youcreatedseveralpartitionsandfilesystems.
Inthefirstpartofthisexercise,yourune2fsckontheext2filesystemyoucreatedon
/dev/sda5,whichismountedin/apps.
Inthesecondpartoftheexercise,youconvertthe/dev/sda8partitiontoanext3filesystem
byaddingajournal.Youalsoaddalabeltoit.
Finally,youresizetheReiserfilesystemon/dev/sda9tousetheentirepartitionandnotjust
625MB.

Completethefollowing:
"PartI:Rune2fsck"
"PartII:CustomizetheFileSystems"
PartI:Rune2fsck

Torune2fsck,dothefollowing:
1. IfifyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. Openaterminalsessionandswitchtoyourrootuseraccountbyenteringsufollowed
byapasswordofnovellattheshellprompt.
4. Unmountthefilesystemon/dev/sda5byentering
umount/apps
5. Verifythatthefilesystemisnolongermountedbyentering
mount
The/dev/sda5partitionshouldnotbelistedintheoutputofthemountcommand.
6. Startafilesystemcheckonsda5runninginverbosemodewithanautomaticresponse
ofyestoallpromptsbyentering
e2fsckfyv/dev/sda5
7. Mountthe/appsfilesystemagainbyentering
mount/apps
8. Verifythatthefilesystemon/dev/sda5ismountedbyenteringmount
PartII:CustomizetheFileSystems

Inthispartoftheexercise,youaddajournaltoanext2filesystem,effectivelymakingitan
ext3filesystem.Completethefollowing:
1. Modifythe/dev/sda8partition:
1. Intheterminalwindow,umountthe/dev/sda8partitionandviewdetailsabout

theext2filesystemonitbyentering
umount/dev/sda8;dumpe2fs/dev/sda8|more
Noticetheblocksizeandthefilesystemstate.
2. Givetheext2filesystemavolumenameof/export/data2whilethefilesystemis
unmountedbyentering
tune2fsL/export/data2/dev/sda8
NOTE:Itiscommonpracticetousethisnamingconvention.Namingafile
systemafteritsmountpointcanbeusefulinsystemrescuesituationswhen
the/etc/fstabfileisnotavailable.
3. Verifythatthefilesystemnowhasavolumenamebyentering
dumpe2fs/dev/sda8|less
Youshouldseethatthevolumenamehasbeensettothepartition'smount
point,asshownbelow:

4. Addajournaltothefilesystem(makingitanext3filesystem)byentering
tune2fsj/dev/sda8
5. Verifythatthefilesystemnowcontainsajournalbyentering
dumpe2fs/dev/sda8|less
Youshouldseethefollowing:


6. Mount/dev/sda8againbyentering
mount/dev/sda8
7. Viewinformationonthemountedfilesystemsbyentering
mount
Noticethatthefilesystemisstillmountedasanext2filesystem.
8. Unmountthepartition/dev/sda8againbyentering
umount/dev/sda8
9. Verifythatthefilesystemstateiscleanbyentering
dumpe2fs/dev/sda8|less
10.Editthe/etc/fstabfiletochangethefilesystemtypefromext2toext3by
enteringvi/etc/fstabattheshellprompt.
11.PressIns.
12.Locatetheentryfor/dev/sda8andchangethefilesystemtypefromext2to
ext3,asinthefollowing:


13.PressEsc,thenenter:exittosavethechangestothefileandexitthevieditor.
14.Atthecommandline,reread/etc/fstabandmountthepartitionasanext3file
systembyentering
mounta
15.Verifythechangebyentering
mount
Youshouldseethat/dev/sda8hasbeenmountedasanext3filesystem,as
shownbelow:

16.Unmountthepartition/dev/sda8againbyentering

umount/export/data2
17.Mountthepartitionasanext2filesystemmanuallybyentering
mounttext2/dev/sda8/export/data2
18.Verifythatthefilesystemismountedwithoutajournal(asanext2filesystem)
byentering
mount
Asyoucansee,ext3isbackwardcompatiblewithext2:

1. Remount/dev/sda8asanext3filesystemandverifythechangebyenteringthe
followingcommands:
umount/export/data2mountamount
2. Modifythe/dev/sda9partitionbydoingthefollowing:
1. Viewthesizeofthe/dev/sda9partitionbyentering
dfh
Notethesizeof/dev/sda9,whichshouldbesimilartothatshowninthe
following:

2. Unmountdev/sda9byentering

umount/export/data3
3. Whilethepartitionisunmounted,addalabelof/export/data3tothefilesystem
byentering
reiserfstunel/export/data3/dev/sda9
4. Resizethepartitiontoconsumetheentirepartitionbyentering
resize_reiserfs/dev/sda9
NOTE:Whennosizeisspecified,thefilesystemisresizedtouseallavailable
spaceonthepartition.IncreasingthesizeoftheReiserFSisalsopossiblewhen
thefilesystemismounted.
5. Remountthepartitionbyentering
mounta
6. Viewthesizeofthepartitionbyentering
dfh
Thesizeisnolonger625MBbutis2GBormore,dependinguponthesizeof
yourextendedpartition.
7. Unmountthepartitionsoyoucanrunafilesystemcheckonitbyentering
umount/export/data3
8. Runacheckonthefilesystemon/dev/sda9byentering
reiserfscky/dev/sda9
9. Remountallfilesystemsbyentering
mounta
CreateLogicalVolumes

Inthisexercise,youlearnhowtoadministerLVMwithYaST.
Inthefirstpartofthisexercise,youuseYaSTtocreatetwophysicalvolumes(PVs)witha
sizeof1GBeach.Youthenaddthemtoavolumegroup(VG)namedprojects.
Withinthevolumegroup,younextaddtwologicalvolumesnamedpilot(750MB)and

production(750MB)whichwillbemountedunder/projects/pilotand/projects/production,
respectively.
Inthesecondpartoftheexercise,youincreasethesizeofthelogicalvolumeproductionto
themaximumspaceavailablewithinthevolumegroup.
Completethefollowing:
"PartI:CreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes"
"PartII:ResizeanLVMVolume"
PartI:CreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes

TocreateLVMPhysicalVolumes,aVolumeGroup,andLogicalVolumes,dothefollowing:
1. IfyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. StartYaSTbyselectingComputer>YaSTandenteringapasswordofnovell,when
prompted.
4. SelectSystem>PartitionerandacknowledgethewarningmessagebyselectingYes.
TheExpertPartitionerdialogappears.
5. CreateanewLVMpartitionbydoingthefollowing:
1. FromtheSystemView,expandHardDisks.
2. Highlightsda;thenclickAdd.
3. VerifyCustomSizeisselected;thenenter1GBintheSizefield,asshown
below:


1. ClickNext.
2. UnderFormattingOptions,selectDonotformatpartition.
3. UnderFileSystemID,select0x8ELinuxLVM.
4. SavethepartitiondefinitionbyselectingFinish.
2. Createanother1GBLVMpartitionbyrepeatingtheprecedingstep.
Youshouldnowhavetwo1GBLVMpartitions:


7. FromtheSystemView,selectVolumeManagement;thenclickAddVolumeGroup.
8. Specifythefollowing:
1. VolumeGroupName:projects
2. PhysicalExtentSize:4MB
9. AddeachLinuxLVMphysicalvolumetothevolumegroupprojectsbyCtrlclicking
/dev/sda10and/dev/sda11andthenclickingAdd.
10.ClickFinish.

TheVolumeManagementdialogappearsdisplayingthenewlyaddedvolumegroup:

11.Addalogicalvolumenamedpilottotheprojectsvolumegroupbydoingthefollowing:
1. FromtheSystemView,selectprojects;thenclickAdd.
TheAddLogicalVolumedialogappears.
2. EnteraLogicalVolumenameofpilot;thenclickNext.
3. SelectManualSizeandenter750MBintheSizefield;thenclickNext.
4. IntheFileSystemdropdownlist,selectReiser.

5. SelectMountPartition;thenenteramountpointof/projects/pilot.
6. SelectFinish.
12.Addalogicalvolumenamedproductiontotheprojectsvolumegroupbydoingthe
following:
1. FromtheSystemView,selectprojects;thenclickAdd.
2. EnteraLogicalVolumenameofproduction;thenclickNext.
3. SelectManualSizeandenter750MBintheSizefield;thenclickNext.
4. IntheFileSystemdropdownlist,selectReiser.
5. SelectMountPartition;thenenteramountpointof/projects/production.
6. SelectFinish.
YouarereturnedtotheExpertPartitioner.
13.IntheExpertPartitioner,clickNext.
Amessageappears;acceptthechangesbyclickingFinish.
14.Openaterminalwindowandusethesucommandandapasswordofnovellto
switchtoroot.
15.ViewthenewLVMfilesystemsbyentering
dfh
Youshouldseeoutputsimilartothefollowing:


16.Viewthedevicenamesandmountlocationsbyentering
cat/etc/fstab
Youshouldseethefollowing:

PartII:ResizeanLVMVolume

ToresizeaLVMVolume,dothefollowing:
1. Intheterminalwindowwhereyouareloggedinasroot,enterumount
/projects/production.
2. FromtheYaSTControlCenter,selectSystem>Partitionerandacknowledgethe

warningmessagebyselectingYes.
TheExpertPartitionerdialogappears.
3. FromtheSystemView,expandVolumeManagement.
4. Expandprojectsandselectproduction;thenclickResize.
TheResizeLogicalVolumedialogappears,asshownbelow:

Notethesizeofthevolume.
4. Usetheslidertoselectthemaximumsizeavailable.
Noticethatthesizechangestothemaximumspaceavailable.
5. ContinuebyclickingOK.
6. SavethechangesbyclickingNext;thenapplythechangesbyclickingFinish.
7. Fromtheterminalwindow,viewthenewsizeofproductionbyentering
dfh
Youshouldseeoutputsimilartothefollowing:

SetUpandConfigureDiskQuotas

Inthisexercise,youlearnhowtoadministerquotas.Youinstallthequotapackageandthen
configurequotasfor/dev/sda8,whichismountedat/export/data2.
Completethefollowing:
1. IfyourDA1virtualmachineissuspended,resumeit.
2. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
3. Openaterminalwindow;thenswitchtorootusingthesucommandandapasswordof
novell.
4. Installthequotapackagebyenteringyastiquota.
5. (Conditional)InserttheSLES11installationDVD,ifprompted.
6. Viewthediskquotaconfigurationforusergeekobyentering
quotavugeeko
Thelackofanyoutputindicatestherearenoquotascurrentlyconfiguredforgeeko.
7. Addquotamountoptionstothe/dev/sda8partitionbydoingthefollowing:
1. Openthe/etc/fstabfileinthevieditorbyentering
vi/etc/fstab
2. PressInsandarrowdowntothe/dev/sda8entry.
3. Editthe/dev/sda8entrytothefollowing:

/dev/sda8/export/data2ext3
defaults
,usrquota,grpquota12

4. Whenyoufinish,pressEsc;thensavethefileandexitbyentering:wq.
8. Remountthefilesystemsoitthatthechangesinthe/etc/fstabfilearereadbythe
systembyentering
mountoremount/dev/sda8
NOTE:Ifyoureceivetheerrormessage"/export/data2mountedalready,orbad
option",checkthecontentsofthe/etc/fstabfile.Youmighthavemisspelledthe
usrquotaorgrpquotaoption.
9. Runquotachecktoinitializethequotadatabasebyentering
quotacheckmavug
NOTE:Youwillreceiveseveralstatusmessagesaboutoldquotafiles.Theseindicate
thatthisisanewquotadatabasewithnopreviousquotadatabasefilesonthesystem.
10.Verifythattheaquota.userandaquota.groupsfilesexistinthe/export/data2directory
byentering
lsl/export/data2
11.Turnquotasonforallfilesystemsthataremountedwiththeseoptionsbyentering
quotaonav
12.Makethequotasystempersistentafterrebootbyentering
insservboot.quota
13.Setaquotaforgeekowithasoftblocklimitofabout20MBandahardblocklimitof
about30MBon/dev/sda8byentering
edquotaugeeko
Thequotaeditorappearsinthevieditor.
14.PressIns.

15.Undersoft,removethe0andenter20000.
16.Underhard,removethe0andenter30000.
17.Whenyou'refinished,pressEsc;thenenter:wq.
18.Viewthequotainformationaboutallconfiguredusersbyentering
repquotaav
Youshouldseethefollowing:

19.(Optional)Ifyoufinishearly,setaquotafortheusersgroupof100MBforthesoftlimit
and150MBforthehardlimit.
20.Testifthequotasbydoingthefollowing:
1. Asroot,createadirectorynamed/export/data2/geekoandchangetheownerto
geekobydoingthefollowing:
mkdir/export/data2/geekochowngeeko.users/export/data2/geeko
2. Changetotheuseraccountgeekoandcreateafilebyentering
sugeekoddif=/dev/zeroof=/export/data2/geeko/bigfile
Afterashorttime,youshouldseeamessageindicatingthequotawas
exceeded,asshownbelow:


21.Closeallopenwindows.

ConfiguretheNetworkManually

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfiguretheNetworkConnectionManually"
Inthisexercise,youlearnhowtoconfigurethenetworkmanually.
ConfiguretheNetworkConnectionManually

Thepurposeofthisexerciseistofamiliarizeyouwithmanuallyconfiguringnetworksettings.
Inthefirstpart,youusetheipcommandtofindoutthecurrentsettingsforIPaddress,routes,
macaddress.Inthesecondpart,youuseYaSTtodeletethecurrentnetworkconfiguration.
Inthethirdpart,youusetheipcommandtosetupthenetworkmanually.Inthefourthpart,
yourecreatethefilenotedinPartIusinganeditor.
Completethefollowing:
"PartI:NotetheCurrentNetworkConfiguration"
"PartII:DeletetheCurrentNetworkSetupwithYaST"
"PartIII:ConfiguretheNetworkManually"
"PartIV:SavetheNetworkConnectiontoanInterfaceConfigurationFile"
PartI:NotetheCurrentNetworkConfiguration

Tonotethecurrentnetworkconfiguration,dothefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Enteripaddressshoweth0.
4. Undereth0,findthelinestartingwithinetandrecordtheIPaddresswiththesubnet
maskdisplayedinthatline:
IPaddress:
Subnetmask:
5. Enteriprouteshow.
Noticethatadefaultgatewayhasnotbeenassigned.
6. Enteriplinkshoweth0.
7. Findthelinestartingwithlink/etherandrecordtheMACaddressofthenetwork
card:
MACaddress:
PartII:DeletetheCurrentNetworkSetupwithYaST

TodeletethecurrentnetworksetupwithYaST,dothefollowing:
1. StartYaST;thenselectNetworkDevices>NetworkSettings.
2. Selectyournetworkcard;thenclickDelete.
3. ClickOK.
4. CloseYaST.
5. Verifythatthenetworkconnectionisnotworkinganymorebypingingyourhost
system'svmnet1virtualnetworkinterface.Enterthefollowingattheshellprompt:
ping172.17.0.1
Youshouldseeamessageindicatingthatthenetworkisunreachable.
6. Enteripaddressshowattheshellprompt.
Notethatthestateofyoureth0deviceisDOWN.

PartIII:ConfiguretheNetworkManually

Toconfigurethenetworkmanually,dothefollowing:
1. Enterthefollowingcommandattheshellprompt:
ipaddressadd172.17.8.101/16brd+deveth0
2. Toactivatethenetworkdevice,enter
iplinkseteth0up
3. Tosetthedefaultroute,enter
iprouteadddefaultvia172.17.0.1
4. Verifythatthenetworkconnectionisworkingagainbyentering
ping172.17.0.1
Youshouldseeyourhostsystemrespondtotheping,asshownbelow:

PartIV:SavetheNetworkConnectiontoanInterfaceConfigurationFile

Tosavethenetworkconnectiontoaninterfaceconfigurationfile,dothefollowing:
1. Intheterminalwindow,enter
cd/etc/sysconfig/network
2. Makeacopyofthenetworkconfigurationtemplatebyentering
cpifcfg.templateifcfgeth0
3. Openthecopiedfileinatexteditorbyenteringviifcfgeth0attheshellprompt.
4. PressIns.
5. Findthefollowingoptionsandentertheindicatedvalues:

 STARTMODE='auto'
BOOTPROTO='static'
IPADDR='172.17.8.101/16'
NETMASK='255.255.0.0'
BROADCAST='172.17.255.255'
ChangeBRIDGE='yes'toBRIDGE='no'
6. PressEsc;thensavethefileandexitvibyentering:wq.
7. Createanewfilewithvicalledroutesbyenteringviroutesattheshellprompt.
8. PressIns;thenaddthefollowinglinetothefile:
default172.17.0.1
9. PressEsc;thensavethefileandexitvibyentering:wq.
10.Rebootyoursystembyenteringinit6attheshellprompt.
Waitwhilethesystemreboots.
11.Afterrebooting,loginasgeekowithapasswordofnovell.
12.Openaterminalwindow.
13.Changetorootusingthesucommandandapasswordofnovell.
14.Verifythatthenetworkconfigurationloadedcorrectlybyenteringthefollowing
commands:
ipaddressshoweth0iprouteshow
Youshouldseethefollowing:


15.Verifythatthenetworkconnectionisworkingproperlybyentering
ping172.17.0.1
16.Closeallopenwindows.
NOTE:Ifthenetworkconfigurationdoesn'tworkproperly,usetheYaSTNetworkCard
moduletoreconfigurethenetworkcardwiththepropersettings.

ManageHardware

Inthissectionoftheworkbook,youcanfindthefollowingexercises:
"ManageLinuxKernelModules"
Inthisexercise,youloadandunloadkernelmodules.
"ObtainHardwareConfigurationInformationinYaST"
Inthisexercise,youlearnhowtoobtainhardwareconfigurationinformationonyour
computer.
"ModifyudevRules
Inthisexercise,youwillmodifyaudevruletorenameyourEthernetinterface.
ManageLinuxKernelModules

Inthisexercise,loadandunloadkernelmodules.Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.

2. Openaterminalwindow,thenswitchtotherootuserbyenteringsufollowedbya
passwordofnovell.
3. Viewthecurrentlyloadedkernelmodulesbyenteringlsmodattheshellprompt.
4. Scrollthroughthemodulestoseeifthejoystickmodule(joydev)isloaded.Ifit's
difficulttolocateintheoutput,youcanenterlsmod|grepjoydevattheshellprompt.
Youshouldseeoutputsimilartothefollowing:

The0intheUsedcolumnindicatesthatthemoduleisnotinuse.
NOTE:Ifthejoydevmoduleisnotlisted,skiptostepStep7

4. Removethejoystickmodulefromthekernelmemorybyentering
rmmodjoydev
5. Verifythatthejoydevkernelmodulewasremovedfrommemorybyenteringlsmod|
grepjoydevattheshellprompt.
Noticethatthemodulejoydevisnolongerlisted.
6. Loadthejoystickkernelmodulebyentering
modprobejoydev
7. Verifythatthejoydevkernelmoduleisloadedinmemorybyenteringlsmod|grep
joydevattheshellprompt.
8. Viewthekernelmodulesconfigurationbyenteringmodprobec|lessattheshell
prompt.
9. ScrollthroughthemoduleconfigurationinformationbypressingSpace.
10.Whenyouhavefinished,returntothecommandlinebytypingq.
11.Createalistofkernelmodulesdependenciesbyentering
depmodv|less
Waitafewminutesfortheinformationtobegenerated.
12.ScrollthroughthedependencyinformationbypressingSpace.
13.Whenyouhavefinished,returntothecommandlinebytypingq.
14.Closetheterminalwindowbyenteringexittwice.
ObtainHardwareConfigurationInformationinYaST

Inthisexercise,youobtainhardwareconfigurationinformationaboutyourcomputer.
Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.

4. SelectHardware>HardwareInformation.
WaitwhiletheYaSTmodulescansyourhardware.Thismaytakeseveralminutes.
Whencomplete,youshouldseeoutputsimilartothefollowing:

5. Reviewtheresultsofthehardwaredetection.
6. Savetheresultstoafilebydoingthefollowing:
1. ClickSavetoFile.
2. Browsetotherootuser'shomedirectory(/root).

3. IntheFileNamefield,enterhardware.txt.
4. ClickSave.
5. Waitwhilethefileissaved.Thismaketakeseveralminutestocomplete.
7. ClosetheHardwareinfowindowbyclickingClose.
8. ClosetheYaSTControlCenter.
9. Viewtheinformationsavedinthehardware.txtfilebydoingthefollowing:
1. Openaterminalwindow.
2. Switchtoyourrootuseraccountbyenteringsuattheshellprompt,followedby
apasswordofnovell.
3. Attheshellprompt,enterless./hardware.txt.
Youshouldseetextsimilartothefollowing:

1. UsetheSpacebartobrowsethroughtheresults.
2. Whenfinished,pressqtoexit.
2. Closeallopenwindows.
ModifyudevRules

Inthisexercise,youmodifyaudevrulethatrenamesyoureth0interfacetoeth1.Complete
thefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. Openaterminalwindowandswitchtotherootuseraccountbyenteringsufollowed
byapasswordofnovell.
3. Attheshellprompt,entercd/etc/udev/rules.d.
4. Openthe70persistentnet.rulesfileinthevieditorbyenteringvi./70persistent
net.rulesattheshellprompt.
5. PressIns.
6. Locateandscrolldowntothelinethatsetsthenameofyournetworkinterfacetoeth0.
7. ChangetheNAME=eth0parametertoNAME=eth1.
8. PressEsc.
9. Saveyourchangesandexittheeditorbyentering:exitattheshellprompt.
10.RebootyourDA1virtualserverbyenteringinit6attheshellprompt.
11.WaitforyourdefaultGRUBmenuitemtobeselectedtostartthebootprocess.
12.Whenthesystemstartstoboot,pressEscsoyoucanviewyoursystem'sboot
messages.
Youshouldseeamessageindicatingeth0isbeingrenamedtoeth1byudev,as
shownbelow:


Youshouldalsoseeamessageindicatingtheeth1interfacehasnotbeenconfigured,
asshownbelow:


Thishappensbecausethereisnoconfigurationforeth1in/etc/sysconfig.
12.Whenthesystemhasrebooted,loginasgeekowithapasswordofnovell.
13.Openaterminalsessionandswitchtorootwiththesucommandandapasswordof
novell.
14.Attheshellprompt,entercd/etc/udev/rules.d.
15.Openthe70persistentnet.rulesfileinthevieditorbyenteringvi./70persistent
net.rulesattheshellprompt.
16.PressIns.

17.ChangetheNAME=eth1parameterbacktoNAME=eth0.
18.PressEsc.
19.Saveyourchangesandexittheeditorbyentering:exitattheshellprompt.
20.RebootyourDA1virtualserverbyenteringinit6attheshellprompt.
21.WaitforyourdefaultGRUBmenuitemtobeselectedtostartthebootprocess.
22.Whenthesystemstartstoboot,pressEscsoyoucanviewyoursystem'sboot
messages.
23.Verifythatyournetworkinterfaceisnownamedeth0andthattheappropriatenetwork
configurationparametersareapplied,asshownbelow:

ConfigureRemoteAccess

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"PracticeUsingOpenSSH"
Inthisexercise,youlearnhowtouseOpenSSH.
"PerformPublicKeyAuthentication"
Inthisexercise,youpracticeusingSSHwithpublickeyauthentication.
"UseRemoteAdministration"

Inthisexercise,youconfigureremoteadministration.
"UseNomad"
Inthisexercise,youconfigureremotedesktopusingNomad.
PracticeUsingOpenSSH

Inthisexercise,youpracticeusingtheSSHsuiteofutilities.Youperformthefollowingtasks:
LoginremotelytoyourDA1serverasroot.
RemotelyexecutethepsauxcommandonDA1withoutloggingintotheserver.
Copythe/etc/hostsfilefromDA1toyour/tmpdirectory.
Copythe/etc/hostsfilefromyourworkstationtothehomedirectoryofgeekoonDA1.
Usingsftp,copythe/bin/datefilefromDA1to/home/geekoonyourworkstation.
Dothefollowing:
1. Ifnecessary,poweronbothyourDA1andyourDASLEDvirtualmachines.
2. LogintoDA1fromDASLEDbydoingthefollowing:
1. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordof
novell.
2. Rightclickthedesktop;thenselectOpeninTerminal.
3. Atthecommandline,enter
sshlgeekoda1.digitalairlines.com
Thefollowingisdisplayed:


1. Whenpromptedtocontinue,enteryes.
2. Whenprompted,enterapasswordofnovell.
YouarenowloggedintotheDA1serverasgeeko.
3. Logoutbyenteringexit.
2. ChecktheprocessesrunningontheDA1serverbyenteringthefollowingattheshell
promptofyourworkstation:
sshlgeekoda1.digitalairlines.compsaux
3. Whenprompted,enterapasswordofnovell.
AlistofallprocessescurrentlyrunningonDA1isdisplayed:


5. Copythe/etc/hostsfileonyourDA1servertothe/tmpdirectoryonyourworkstationby
enteringthefollowingattheworkstationshellprompt:
[email protected]:/etc/hosts/tmp/
6. Whenprompted,enterapasswordofnovell.
7. Attheshellprompt,enterls/tmp.
YoushouldseethehostsfilefromtheDA1serverinyour/tmpdirectory,asshown
below:


8. Copythe/etc/hostsfileonyourworkstationtogeeko'shomedirectoryonyourDA1
serverbyenteringthefollowing:
scp/etc/[email protected]:
9. Whenprompted,enterapasswordofnovell.
10.Verifythatthefilewascopiedbydoingthefollowing:
1. SwitchtoyourDA1server.
2. Ifnecessary,loginasgeekowithapasswordofnovell.
3. Doubleclickthegeeko'sHomeicononthedesktop.
Youshouldseethehostsfilefromtheworkstationinthegeekouser'shome
directory:


1. Switchbacktoyourworkstation.
2. UsesftptoconnecttoyourDA1serverasgeekobyentering:
[email protected]
3. Whenprompted,enterapasswordofnovell.
4. Copythe/bin/dateprogramfromtheDA1servertogeeko'shomedirectoryonyour
workstationbyentering:
get/bin/date/home/geeko/
Youshouldseeoutputsimilartothefollowing:

14.Quitsftpbyenteringexit.
15.Attheshellprompt,enterls/home/geeko.
Verifythatthedateprogramhasbeencopiedtothegeekouser'shomedirectory:

Closeallopenwindowsonbothvirtualmachines.
PerformPublicKeyAuthentication

Inthisexercise,youpracticeusingSSHwithpublickeyauthentication.
First,youcreateansshkeypair.Thenyouaddthepublickeytothe
~geeko/.ssh/authorized_keysfileonyourDA1serverandnotethedifferencebetweenlogging
inwithandwithoutapublickey.
YouthenusesshagenttocachetheprivatekeyandloginagaintoyourDA1serveras
geeko.Finally,youchangetheserverconfigurationtoallowonlypublickeyauthentication.
Completethefollowing:
1. Ifnecessary,poweronyourDA1andDASLEDvirtualmachines.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. Onyourworkstation,openaterminalwindow.
4. GenerateanRSAkeypairbydoingthefollowing:
1. Attheterminalwindow,entersshkeygentrsa.
2. Acceptthedefaultlocationforthekey(/home/geeko/.ssh/id_rsa)bypressing
Enter.

3. Whenprompted,enterapassphraseofnovell.
Informationaboutyourkeypair,suchasthelocationofyouridentificationand
thepublickey,isdisplayed:

5. AddtheRSApublickeytothegeekouser's~/.ssh/authorized_keysfileonDA1by
doingthefollowing:
1. CopythefiletothehomedirectoryofgeekoontheDA1serverbyenteringthe
following:
scp~/.ssh/[email protected]:
2. Whenprompted,enterapasswordofnovell.
3. Usingssh,loginasgeekotoyourDA1serverbyentering
sshlgeekoda1.digitalairlines.com
4. Whenprompted,enterapasswordofnovell.

5. Enterlsal.
6. Ifan.sshdirectorydoesnotexist,thencreateitbyentering
mkdir.ssh
7. Copythepublickeytothe~/.ssh/authorized_keysfilebyentering
catid_rsa.pub>>.ssh/authorized_keys
6. LogoutfromtheDA1serverbyenteringexit.
7. Usingssh,logintoyourDA1serverasgeekobyentering
sshlgeekoda1.digitalairlines.com
Youarepromptedforapasswordtounlocktheprivatekey:

8. Loginbyenteringnovell;thenlogoutbyenteringexit.
9. Totrackauthentication,startthesshagentbyenteringsshagentbash.
10.Addyourprivatekeytotheagentforauthenticationbyentering
sshadd~/.ssh/id_rsa
11.Whenprompted,enterapassphraseofnovell.
12.Usingssh,loginasgeekotoyourDA1serverbyentering
sshlgeekoda1.digitalairlines.com
Thistimeyouarenotpromptedforapasswordorpassphrase.
13.Switchtouserrootbyenteringsufollowedbyapasswordofnovell.
14.Attheshellprompt,entervi/etc/ssh/sshd_config.
15.Dothefollowing:
1. Enter/PasswordAuthenticationtolocatethePasswordAuthenticationline.
2. Makesureitissettono.
3. Enter/UsePAMtolocatetheUsePAMline.
4. PressIns.
5. ChangethevalueofUsePamfromyestono.
6. PressEsc.
7. Enter:exittosavethefileandclosetheeditor.
16.Restartsshdbyenteringrcsshdrestart.
17.Entersshgeeko@localhost.
18.Whenpromptedtocontinueconnecting,enteryes.
Youshouldseeanerrormessageandnopromptforapassword:


19.Usingthevieditor,undothechangesmadeinStep15;thenrestartsshd.
20.Logoutasrootbyenteringexit.
21.LogoutfromDA1byenteringexit.
22.Closeallopenwindows.
UseRemoteAdministration

Inthisexercise,youconfigureremoteadministration.
Thisexercisehasfourparts.Inthefirstpart,youremotelyaccessthetextbasedversionof
YaSTonDA1fromyourworkstation.
Theninthesecondpart,youremotelyaccessthegraphicalversionofYaSTonDA1from
yourworkstation.
Inthethirdpart,youconfigureremoteaccesstoyourDA1serverwiththeYaSTRemote
Administrationmodule.Inthefourthpart,youaccessyourserverviaVNC.
Youneedtocompletethefollowingtasks:
"PartI:RemotelyAccessaTextBasedVersionofYaST"
"PartII:RemotelyAccesstheGUIVersionofYaST
"PartIII:ConfigureRemoteAdministrationwithYaST"
"PartIV:AccessYourDA1ServerRemotely"
PartI:RemotelyAccessaTextBasedVersionofYaST

Dothefollowing:

1. Ifnecessary,poweronyourDA1andDASLEDvirtualmachines.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. Openaterminalwindowandenter:
[email protected]
4. Whenpromptedforthepassword,enternovell.
5. LaunchthencursesbasedversionofYaSTbyenteringyast2.
Despitethefactthatyouenteredyast2,thetextbasedversionoftheYaSTControl
Centerappears:

ThisisbecauseX11forwardingisnotactiveinthedefaultconfigurationofssh.
5. ExittheYaSTControlCenterbypressingAlt+q.
6. ClosetheSSHsessionbyenteringexit.

PartII:RemotelyAccesstheGUIVersionofYaST

Dothefollowing:
1. Fromtheterminalwindowonyourworkstation,enter
[email protected]
2. Whenpromptedforthepassword,enternovell.
3. LaunchtheGUIbasedversionofYaSTbyenteringyast2.
BecausetheXoptionactivatedX11forwarding,theGUIbasedversionoftheYaST
ControlCenterappears:


PartIII:ConfigureRemoteAdministrationwithYaST

Dothefollowing:
1. InstallaJavabrowserplugin:
1. SelectSoftware>SoftwareManagement.
2. Inthesearchfield,enterjava1;thenclickSearch.
3. Fromthesearchresults,selectjava1_6_0ibmplugin.

4. ClickAccept.
5. AccepttheautomaticchangesbyclickingContinue.
Waitwhilethepackagesareinstalled.
2. InthemainwindowofYaST,selectNetworkDevices>RemoteAdministration(VNC).
TheRemoteAdministrationdialogappears:

3. SelectAllowRemoteAdministration;thenselectOpenPortinFirewall.
4. ClickFinish.

5. CloseYaST.
6. Restartthedisplaymanagerbyenteringrcxdmrestartattheshellprompt.
7. Attheshellprompt,enterexit.
YourSUSELinuxEnterpriseServer11systemisreadytobeaccessedremotely.
PartIV:AccessYourDA1ServerRemotely

ToaccesstheDA1serverfromawebbrowser,dothefollowing:
1. OnyourDASLEDworkstationdesktop,opentheFirefoxwebbrowserbyselecting
Computer>Firefox.
2. IntheLocationfield,enter
http://da1.digitalairlines.com:5801
Thefollowingisdisplayed:


3. Logintotheremoteserver'sdesktopasgeekowithapasswordofnovell.
ThedesktopforyourgeekoonDA1appears.
4. Iftimepermits,trycompletingvariousadministrativetasksandrunningcommonlyused
applicationsonDA1throughtheVNCsession.
5. Whenyou'refinishtestingthedesktop,closetheVNCsessionbyclickingDisconnect
(atthetopofthescreen).
6. Closeallopenwindows.

UseNomad

Inthisexercise,youconfigureNomadonyourDASLEDworkstation.YouestablishanRDP
connectionbetweenyourhostworkstationandtheDASLEDvirtualworkstation.
Completethefollowing:
1. VerifythatyourDASLEDworkstationisrunning.
2. Ifnecessary,logintoyourDASLEDworkstationasgeekowithapasswordofnovell.
3. InstalltheNomadpackagesonDASLEDbydoingthefollowing:
1. StartYaSTbyselectingComputer>YaST.
2. Whenprompted,enterarootuserpasswordofnovell.
3. SelectNetworkDevices>RemoteAdministration(RDP).
4. Whenpromptedthatxrdpneedstobeinstalled,clickInstall.
5. (Conditional)Ifprompted,insertyourSLED11installationDVD.
6. WaitwhiletheRDPpackagesareinstalled.
Whencomplete,thefollowingisdisplayed:


1. MarkAllowRemoteAdministrationandOpenPortinFirewall.
2. ClickFinish.
3. CloseYaST.
2. RebootDASLEDbyenteringinit6attheshellprompt.
3. Afterthesystemasrebooted,loginasgeekowithapasswordofnovell.
4. Openaterminalsessionandswitchtorootusingthesucommandfollowedbya
passwordofnovell.

5. Verifythatxrdpisrunningbyenteringrcxrdpstatusattheshellprompt.
Thecommandshouldreturnastatusofrunning.
6. Adddasled.digitalairlines.comtothe/etc/hostsfileonyourhostworkstation(notDA
SLED)bydoingthefollowing:
1. Onyourhostworkstation,startYaST.
2. InYaST,selectNetworkServices>Hostnames.
3. ClickAdd.
4. Enterthefollowing:
IPAddress:172.17.8.104
Hostname:dasled.digitalairlines.com
HostAliases:dasled
5. ClickOK.
6. ClickFinish.
7. ExitYaST.
7. Verifythattherdesktopandtsclientpackageswereinstalledwhenyourhost
workstationwasdeployedbydoingthefollowing:
1. Openaterminalsessiononyourhostworkstation.
2. Attheshellprompt,switchtorootbyenteringsufollowedbyapasswordof
novell.
3. Attheshellprompt,enterrpmqrdesktop.
4. Attheshellprompt,enterrpmqtsclient.
Youshouldseethatbothpackageshavealreadybeeninstalled:


NOTE:Ifthesepackageswerenotautomaticallyinstalled,useYaSTtoinstall
themmanually.
1. Configurearemotedesktopconnectiononyourhostworkstationbydoingthe
following:
1. Attheshellpromptonyourhostworkstation,entertsclient.
2. ClickAddConnection>WindowsTerminalService.
Thefollowingisdisplayed:


3. IntheNamefield,enterDASLEDDesktop.
4. IntheHostfield,enterDASLED.digitalairlines.com.
5. IntheUsernamefield,entergeeko.
6. InthePasswordfield,enternovell.
7. SelectCustomWindowSize;thenenterascreengeometryof800x600.
8. ExpandAdvancedOptions.
9. IntheConnectionTypedropdownlist,selectLAN.
10.ClickOK.
TheDASLEDDesktopremotedesktopconnectionisaddedtotheTerminal
ServerClientwindow,asshownbelow:


11.OpentheremoteconnectionbydoubleclickingDASLEDDesktop.
TheDASLEDdesktopisdisplayedinanrdesktopwindow,asshownbelow:


12.(Conditional)Iftimepermits,experimentwiththeremotedesktop.Tryopeningand
usingthevariousapplicationsremotely.
13.Whencomplete,clickComputer>Logout>LogOutwithintheremotedesktop
session.
14.IntheTerminalServerClientwindow,clicktheExiticon.
15.Attheshellprompt,enterexittwice.

MonitorSUSELinuxEnterprise11

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"GatherInformationonyourSLES11Server"
Inthisexercise,youlearnhowtogetinformationonthecomputeryouareusing.
"ManageSystemLogging"
Inthisexercise,youpracticeconfiguringsyslogngandlogrotate.
GatherInformationonyourSLES11Server

Inthisexercise,youlearnhowtogetinformationaboutyourDA1server.Youusethe
administrationtoolscoveredinthissectiontogatherthefollowinginformationonyourserver.
Asyouworkthroughthisexercise,writedowntheappropriatevalueintherighthandcolumn
ofthefollowingtable:
SystemParameter
OS
HardwareArchitecture
ProcessorType
Hostname
KernelRelease
KernelVersion(includedateandtime)
SystemUpTime
LoadAverages
SLES11Version
SystemDateandTime
ModelNameofProcessor

Value

SystemParameter

Value

FreeMemory
PatchLevel
Completethefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof
novell.
3. ViewthekernelreleaseoftheLinuxdistributionyouarerunningbyentering
unamer
4. Viewthecomputer'shardwarearchitecturebyentering
unamem
5. ViewtheprocessortypeforthisLinuxbuildbyentering
unamep
6. Viewallinformation,includinghostname,kernelrelease,andkernelversion,by
entering
unamea
7. Viewthesystemuptimeandtheloadaveragesbyentering
uptime
8. ViewtheversionoftheSUSELinuxEnterpriseServerdistributionbyentering
cat/etc/SuSErelease
9. Viewthesystemdateandtimebyentering
date
10.Viewinformationontheprocessorbyentering
cat/proc/cpuinfo

11.Viewthecurrentmemorystatisticsbyentering
cat/proc/meminfo
ManageSystemLogging

Inthisexercise,youpracticeconfiguringsyslogngandlogrotate.
First,youconfiguresyslogngtologmessagesofthelocal4facility.The/var/log/local4fileis
usedformessagesofthelocal4facilitynomatterthepriority.The/var/log/local4.debugfile
logsonlymessageswiththedebugpriority.Athirdfile,/var/log/local4.info,logsonly
messageswiththeinfopriority.
Thenyouconfigurelogrotatetomanagetheselogfiles.Youcreatea/etc/logrotate.d/local4
filethatdoesthefollowingwiththesethreefiles:
Compressestheoldlogs
Savestheoldlogswithadateextension
Limitstheoldestlogtooneday
Limitstherotatedlogssavedtofive
Limitsthemaximumsizeofthefileto20bytes
Proceedswithouterrorifalogfileismissing
Logsthedateinthelocal4.infofileeachtimeanewlogfileisgenerated
NOTE:Theabovevalues(oneday,fivelogs,20bytes)areusedfordemonstrationpurposes
only.Inaproductionenvironment,thesevaluesshouldbemuchhigher.
Completethefollowingtaskstodothis:
"PartI:ModifythesyslogngConfiguration"
"PartII:Configurelogrotate"
PartI:ModifythesyslogngConfiguration

Tomodifythesyslogngconfiguration,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof

novell.
3. Attheshellprompt,entervi/etc/syslogng/syslogng.conf.in.
4. PressIns.
5. Addthefollowinglinesatthebottomofthefiletocreatefiltersforthemessagesyou
wanttolog:
filterf_local4debug{level(debug)
andfacility(local4);
};

filterf_local4info{level(info)
andfacility(local4);
};

filterf_local4
{facility(local4);};

6. Specifythedestinationsandlogpathsbyaddingthefollowinglines:
destinationlocal4debug
{file("/var/log/local4.debug");
};
log{source(src);
filter(f_local4debug);
destination(local4debug);};

destinationlocal4info
{file("/var/log/local4.info");
};

log{source(src);
filter(f_local4info);
destination(local4info);};

destinationlocal4
{file("/var/log/local4");
};
log{source(src);
filter(f_local4);destination(local4);};

NOTE:Checkyoursyntaxcarefully.Ifyoumakeamistakeinthisfile,syslogwon't
start.
7. SavethechangesandclosetheeditorbypressingEscandthenentering:exit.
8. Restartthesyslogdaemonbyenteringrcsyslogrestartattheshellprompt.
9. Openanewterminalwindowandentersufollowedbyapasswordofnovell.
10.Checktheconfigurationbylogginganentrytotheinfolevelinthelocal4facilityby
doingthefollowing:
1. Enterthefollowinginoneofyourterminalsessionstomonitortheactivityofthe
logfile:
tailfretry/var/log/local4.info
NOTE:Youwillseewarningsregardingtheretryoptionandthefactthatthe
filedoesnotyetexist.Youcandisregardthiserrorasthefilewillbecreated
whenyoucompletethenextstep.
2. Intheotherterminalwindow,loganentrytotheinfolevelinthelocal4facilityby
entering
loggerplocal4.info"Infomessage1"
3. Checktheresultsinthesecondterminalwindow.Themessageisloggedin
the/var/log/local4.infofile,asshownbelow:


Themessageshouldalsobeloggedinthe/var/log/local4fileand,becauseof
otherentriesin/etc/syslogng/syslogng.conf,in/var/log/localmessages.
NOTE:Ifnomessagesappear,theremightbesomethingwrongwithyour
syslogconfiguration,forinstanceatypooramissing";".Todiagnosewhatis
wrong,enterrcsyslogrestartattheshellpromptandseeifsyslogstarts
properly.Ifthereisanissuewiththeconfiguration,anerrormessagewillsayso.
Lookforthelinenumbershownintheoutputfortheerror,correctit,andrestart
syslog.
1. Intheterminalwindowwherethelogactivityisbeingmonitoredwithtail,stop
themonitoringbypressingCtrl+c.
2. Repeatthisprocessforthedebugloglevel.Usethefollowingcommandinthefirst
terminalwindow:
tailfretry/var/log/local4.debug
Usethefollowingcommandinthesecondterminalwindow:
loggerplocal4.debug"Infomessage2"
NOTE:Onlythoselevel4logfileswithentrieswillbecompressedduringlogrotationin
PartIIofthisexercise.
3. Intheterminalwindowwherethelogactivityisbeingmonitoredwithtail,stopthe
monitoringbypressingCtrl+c.
PartII:Configurelogrotate

Toconfigurelogrotate,dothefollowing:
1. Attheshellprompt,entervi/etc/logrotate.d/local4.
2. PressIns.
3. Addthefollowingcontenttothefile:

/var/log/local4.debug
/var/log/local4.info/var/log/local4
{
compress
dateext
maxage1
rotate5
size20
postrotate
date>>/var/log/local4.info
endscript
}

NOTE:Makesurethedirectoriesinthefirstlineareseparatedwithspaces.
4. PressEsc;thensavethechangesandclosetheeditorbyentering:exit.
5. Switchtovirtualterminal1bypressingCtrl+Alt+F1.
6. Loginasrootwithapasswordofnovell.
7. Rotatethelogsmanuallybyentering
logrotate/etc/logrotate.conf
8. Checkthedirectory/var/logforthezippedlocal4logfilesbyentering
lsl/var/log|less
Youseethefollowingfiles:
local4.debugcurrent_date.bz2
local4.infocurrent_date.bz2
Forexample,ifthecurrentdateisJuly15,2009,thenthezippedfileforlocal4.infowill

belocal4.info20090715.bz2.
The.bz2extensionisusedbecausethecommandtocompressfilesissettobzip2
in/etc/logrotate.conf.
NOTE:Onlythoselogfileswithentriesarezipped.
9. Exitthelistbyenteringq.
10.Checkthecontentsofthelocal4.infozippedarchivebyentering
less/var/log/local4.infocurrent_date.bz2
Youshouldseetheentriesyouaddedtothelogfile,asshowninthefollowing:

11.Pressqtoexit.
12.Logoutasrootbyentering
exit
13.ReturntotheGNOMEdesktopbypressingCtrl+Alt+F7.
14.Closeallopenwindows.

AdministerLinuxProcessesandServices

Inthissectionoftheworkbook,youlearnhowtodothefollowing
"ScheduleJobswithcronandat"
ScheduleJobswithcronandat

Inthisexercise,youpracticeschedulingjobswithatandcron.
Inthefirstpartoftheexercise,youredirecttheoutputofthefingercommandto
/var/log/messagesthreeminutesfromthecurrenttime.Thenyouschedulethesamejobfor
tomorrowatnoon.Finally,youscheduleaprogramtoruntomorrowat2p.m.andafterwards
removethejob.

Inthesecondpartoftheexercise,youcreateacronjobasanormaluserthatlogstheoutput
offingerto~/users.logeveryminuteandanothercronjobasrootthatbacksup/etc/to
/export/data2/etc.tgzusingtarandtheoptionsczvfeveryTuesdayat2a.m.
Completethefollowing:
"PartI:ScheduleJobswithat"
"PartII:ScheduleJobswithcron"
PartI:ScheduleJobswithat

Toschedulejobswithat,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Openaterminalwindowandswitchtorootusingthesucommandandapasswordof
novell.
3. Checktoseeiftheatserviceisrunningbyenteringrcatdstatusattheshellprompt.
4. Ifthecommandreturnsastatusofunused,starttheatservicebyenteringrcatdstartat
theshellprompt.
5. Displaythecurrentdateandtimebyenteringdateattheshellprompt.
6. Threeminutesfromnow,logwhoiscurrentlyloggedintothe/var/log/messagesfileby
enteringthefollowingcommands:
athh:mmfinger>>/var/log/messages
NOTE:Makesureyouentertwo>charactersintheabovecommand.Ifyouhaveonly
one>character,allexistingentriesin/var/log/messageswillbeoverwritten.
7. ExittheateditorbypressingCtrl+d.
8. Viewthescheduledatjobsbyenteringatq(oratl).
Notethejobnumberlisted.
9. Waitforthethreeminutestopass.
10.Whenthetimehaspast,entertail/var/log/messagesattheshellprompt.
Logininformationforgeekoislistedattheendofthefile.Anexampleisshownbelow:


11.Schedulethesamejobtoruntomorrowatnoonbyenteringthefollowingcommands:
atnoontomorrowfinger>>/var/log/messages
12.ExittheateditorbypressingCtrl+d.
13.Schedulethedatetobeloggedtomorrowat2:00p.m.tothe/var/log/messagesfileby
enteringthefollowing:
at14:00tomorrowdate>>/var/log/messages
14.ExittheateditorbypressingCtrl+d.
15.Viewthescheduledatjobsbyenteringatq(oratl).
Noticethatthetwojobsarelisted,eachwithanindividualjobnumber:

16.Removethejobscheduledfortomorrowat2:00p.m.byentering
atrmjob_number
17.Viewthescheduledatjobsbyenteringatq(oratl).
Onlythejobscheduledfor12:00p.m.shouldstillbelisted.
PartII:ScheduleJobswithcron

Toschedulejobswithcron,dothefollowing:
1. Attheshellprompt,returntothegeekouseraccountbyenteringexit.
2. Scheduleacronjobasgeekobydoingthefollowing:

1. Entercrontabeattheshellprompt.
Thevieditorisdisplayedwithgeeko'scrontabfileloaded.
2. PressInstoenterinsertmode.
3. Schedulefingertoruneveryminuteandwritetheoutputtothe~/users.logfile
byenteringthefollowing:
*****finger>>~/users.log
4. PressEsc.
5. Savethefileandexitthevieditorbyentering:wq.
6. Watchtheusers.logfileforafewminutesandvalidatethatitisbeingupdated
byenteringtailF~/users.logattheshellprompt.
NOTE:TheFoptionisashortcutforfretrythatkeepstryingtoopenafile
evenifitisinaccessiblewhentailstarts.
Youshouldseeoutputsimilartothefollowing:

1. Whenfinished,pressCtrl+ctobreakoutoftail.
2. Removegeeko'scrontabfilebyenteringcrontabrattheshellprompt.
3. Verifythatthecrontabfilenolongerexistsbyenteringcrontablattheshellprompt.
4. VerifythatthecronjobyoudefinedinStep2isnolongeractivebyenteringtailf
~/users.logattheshellprompt.
Noticethatentriestousers.logarenolongerbeingadded.
5. PressCtrl+c.

6. Scheduleacronjobasroot:
1. Attheshellprompt,entersufollowedbyapasswordofnovell.
2. Entercrontabe.
3. PressIns.
4. Addajobthatrunsat2:00a.m.everyTuesdayandcreatesatarballof/etcthat
issavedin/tmpbyenteringthefollowing:
02**2tarczvf/tmp/etc.tgz/etc
5. PressEsc.
6. Savethefileandexitthevieditorbyentering:wq.
7. Verifythatthejobisinthecrontabfileforrootbyenteringcrontablattheshell
prompt.
Youshouldseethefollowing:

8. Removeroot'scrontabfilebyenteringcrontabrattheshellprompt.
9. Verifythatthecrontabfilenolongerexistsbyenteringcrontablattheshellprompt.
10.Closeallopenwindows.

ManageBackupandRecovery

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"BackUpSystemFileswithYaST"
Inthisexercise,youlearnhowtoperformasystembackupwithYaST.
"CreateBackupFileswithtar"
Inthisexercise,youlearnhowtousetar.

 "CreateDriveImageswithdd(Optional)"
Inthisexercise,youuseddtocreateadriveimage.
"BackUpaHomeDirectorywithrsync"
Inthisexercise,youlearnhowtousersync.
"ConfigureacronJobforDataBackups"
Inthisexercise,youusecronfordatabackup.
BackUpSystemFileswithYaST

Inthisexercise,youperformasystembackupwiththeYaSTSystemBackupmodule.
Completethefollowing:
1. Ifnecessary,poweronyouDA1serverandloginasgeekowithapasswordofnovell.
2. SelectComputer>YaST.
3. Whenprompted,enterarootpasswordofnovell.
4. InYaST,selectSystem>SystemBackup.
5. SelectProfileManagement>Add.
6. EnterCourse3102;thenclickOK.
Thefollowingisdisplayed:


7. IntheFilenamefield,enter/tmp/course3102.tar.
8. ClickNext.
9. IntheBackupOptionsscreen,usethedefaultselectionsbyclickingNext.
Alistofdirectoriesandfilesystemswhicharenotgoingtobeincludedinthebackupis
displayed.
10.UnderItemsExcludedfromSearch,selectAdd>Directory.
11.Enter/home;thenclickOK.

Wewillassumethatthehomedirectoriesarebackedupusingadifferentutility.Your
SearchConstraintsscreenshouldappearasshownbelow:

12.ClickOK.
13.Intheprofileoverview,makesuretheprofileCourse3102ishighlighted;thenclick
CreateBackup.
Waituntilthebackuphasbeencompleted.(Thiswilltakesometimetocomplete.)
14.IntheBackupSummary,clickOK;thenclickOKintheSystemBackupscreen.
15.Reviewthestructureofthetararchivein/tmp/course3072.tarbydoingthefollowing:

1. Openaterminalwindowandswitchtoyourrootuseraccountbyenteringsuat
theshellpromptfollowedbyapasswordofnovell.
2. Attheshellprompt,entertartf/tmp/course3102.tar.
Youshouldseeoutputsimilartothefollowing:

CreateBackupFileswithtar

Inthisexercise,youusetartocreateafullbackupandanincrementalbackup.
Completethefollowing:
"PartI:CreateaFullBackup"
"PartII:CreateanIncrementalBackup"
NOTE:Inthisexercise,youcopybackupfilestothedirectory/tmp.Thisisdonefor
demonstrationpurposesonly.Youshouldneverstoreanactualbackupinthe/tmpdirectory.
PartI:CreateaFullBackup

Tocreateafullbackup,dothefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.

2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Changetothe/srv/wwwdirectorybyentering
cd/srv/www/
4. Createatararchiveofthehtdocsdirectorybyentering
tarczf/tmp/htdocs.tar.gzhtdocs
5. Deletethehtdocsdirectorybyentering
rmrhtdocs
6. Copythebackuparchivetothe/srv/wwwdirectorybyentering
cp/tmp/htdocs.tar.gz/srv/www
7. Restorethehtdocsdirectorybyentering
tarxzfhtdocs.tar.gz
8. Viewthecontentoftherestoreddirectorybyentering
lshtdocs
PartII:CreateanIncrementalBackup

Tocreateanincrementalbackup,dothefollowing:
1. Createafullbackupofthehtdocsdirectorybyentering
tarczvg/tmp/snapshot_filef/tmp/htdocs_full.tar.gzhtdocs
2. Createanewfileinthehtdocsdirectorybyentering
touchhtdocs/incremental.html
3. Performanincrementalbackupbyentering
tarczvg/tmp/snapshot_filef/tmp/htdocs_incremental.tar.gzhtdocs
Notethattarbacksupthefileincrementally.
4. Viewthecontentoftheincrementalbackupfilebyentering

tartzf/tmp/htdocs_incremental.tar.gz
Youshouldseeoutputsimilartothefollowing:

5. Removethehtdocsdirectorybyentering
rmrhtdocs
6. Unpackthefullbackupbyentering
tarxzf/tmp/htdocs_full.tar.gz
7. Unpacktheincrementalbackupbyentering
tarxzf/tmp/htdocs_incremental.tar.gz
Closeallopenwindows.
CreateDriveImageswithdd(Optional)

Inthisexercise,youuseddtocreateadriveimagefromanopticaldisc.
Completethefollowing:
1. ConnectyourDA1virtualmachinetothe3102_CD.isofilelocatedintheExercises/10
3directoryonyourcourseDVDbydoingthefollowing:
1. IfanopticaldisciconisdisplayedonyourDA1desktop,rightclickitandselect
UnmountVolume.
2. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
3. Ifnecessary,insertyour3102courseDVDinyourhostworkstation'soptical
drive.
4. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Edit.
5. SelectUseISOImage;thenbrowsetoandselectthe3102_CD.isofilelocated

intheExercises/103directoryonyourcourseDVD.
6. SelectConnected;thenclickOK.
7. Whenpromptedforroot'spassword,enternovell.
YoushouldseetheGNOMEFileBrowserwindowopendisplayingthecontents
ofthedisc:

2. ClosetheFileBrowserwindow.
3. Openaterminalwindowandsutorootusingapasswordofnovell.
4. Attheshellprompt,entermount.
5. Intheoutput,lookforanentry

/dev/sr0on/media/...

6. Notethecorrespondingdevicename(listedinthefirstcolumnoftheoutput):
7. CopyanimageoftheCDtotheharddiskbyenteringthefollowingattheshellprompt:
ddif=/dev/device_nameof=/tmp/course_cd.iso
Youshouldseeoutputsimilartothefollowing:

8. Whenthecopyprocessiscomplete,mounttheimagefilebyentering
mountoloop/tmp/course_cd.iso/mnt/
9. Changetothe/mnt/directorybyenteringcd/mntattheshellprompt.
10.Displaythecontentoftheimagefilebyenteringlsattheshellprompt.
YoushouldseethefilesfromtheCD,asshownbelow:

11.Entercd/media/3102_CD;thenenterls.
NotethatthecontentoftheimagefileisidenticaltotheoriginalCD:


12.Changetoyourhomedirectoryandunmounttheimagefilebyenteringthefollowing
commands:
cd~umount/mnt
13.Deletetheimagefilebyentering
rm/tmp/course_cd.iso
14.ConnectyourDA1virtualmachinebacktoyourhostworkstation'sopticaldriveby
doingthefollowing:
1. Rightclickthe3102_CDvolumeonyourdesktopandselectUnmountVolume.
2. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Disconnect.
3. Ifnecessary,insertyourSLES11installationDVDinyourhostworkstation's
opticaldrive.
4. InyourDA1VMwarewindow,selectVM>RemovableDevices>CDROM>
Edit.
5. MarkUsePhysicalDrive;thenselectyouropticaldriveinthedropdownlist
displayed.
6. MarkConnected;thenclickOK.
7. Whenpromptedforroot'spassword,enternovell.
8. Closeallopenwindows.
BackUpaHomeDirectorywithrsync

Inthisexercise,youusersynctobackupauser'shomedirectory.
Completethefollowing:

 "PartI:PerformaLocalBackupwithrsync"
"PartII:PerformaRemoteBackupwithrsync
PartI:PerformaLocalBackupwithrsync

Toperformalocalbackupwithrsync,dothefollowing:
1. OnyourDA1virtualserver,loginasgeekowithapasswordofnovell(ifnecessary)
andopenaterminalwindow.
2. Switchtorootusingthesucommandalongwithapasswordofnovell.
3. Createatestbackupdirectorybyenteringmkdir/tmp/rsync_testattheshellprompt.
4. Copygeeko'shomedirectorytothebackupdirectorybyenteringthefollowing
commandattheshellprompt:
rsyncav/home/geeko/tmp/rsync_test
5. Attheshellprompt,entercd/tmp/rsync_test.
6. Enterlstoviewthefilescopiedbyrsync.
Youshouldseeallofthefilesingeeko'shomedirectory,asshownbelow:

7. Attheshellprompt,entercd~.
8. Openasecondterminalwindow.
9. Asthegeekouser,createanewfilebyenteringtouchnew_fileattheshellprompt.
10.Switchtotherootterminalwindowandenterthesamersynccommandagain:

rsyncav/home/geeko/tmp/rsync_test
Noticethatrsynctransfersonlythenewfileandthecorrespondingdirectory:

PartII:PerformaRemoteBackupwithrsync

Inthispartoftheexercise,youpreformaaremotebackuptoyourDASLEDvirtual
workstationfromDA1.Dothefollowing:
1. Ifnecessary,poweronyourDASLEDvirtualworkstationandwaitforittoboot.
2. OpenthesshportinthefirewallonDASLEDbydoingthefollowing:
1. OnDASLED,selectComputer>YaST.
2. SelectSecurityandUsers>Firewall.
3. Ontheleft,selectAllowedServices.
4. IntheServicetoAllowdropdownlist,selectSecureShellServer.
5. ClickAdd.
6. ClickNext>Finish.
7. CloseYaST.
3. SwitchbacktoyourDA1server.
4. FromtherootterminalwindowonDA1,performaremotebackupofthegeekouser's
homedirectoryonDASLEDbyenteringthefollowingattheshellprompt(allonone
line):
[email protected]:/home/geeko/tmp/rsync_test
5. Whenpromptedtoacceptthesecuritycertificate,enteryes.

6. Whenprompted,enterapasswordofnovell.
Youshouldseethegeekouser'sfilesonDASLEDbeingsynchronizedtoyourDA
server,asshownbelow:

7. SwitchtoyourDASLEDworkstationanddothefollowing:
1. OpenaterminalsessiononDASLED.
2. Asgeeko,createanewfileinthegeekohomedirectorybyenteringtouch
~/new_file2attheshellprompt.
8. SwitchbacktoyourDA1server.
9. Enterthersynccommandagainattheshellprompt:
[email protected]:/home/geeko/tmp/rsync_test
10.Whenprompted,enterapasswordofnovell.
Noticethatonlynewfilescreatedsincethelasttimersycwasrunarecopied:


11.Cleanupthebackupdirectorybyentering
rmr/tmp/rsync_test/*
12.Closeallterminalwindowsonbothvirtualmachines.
ConfigureacronJobforDataBackups

Inthisexercise,usecrontoautomatethebackupprocess.
Completethefollowing:
1. OnyourDA1virtualserver,loginasgeekowithapasswordofnovell(ifnecessary)
andopenaterminalwindow.
2. Switchtorootusingthesucommandandapasswordofnovell.
3. Changetothe/usr/local/bin/directorybyenteringcd/usr/local/binattheshellprompt.
4. Createthehome_backup.shfileinthecurrentdirectorybyenteringvihome_backup.sh
attheshellprompt.
5. PressIns;thenaddthefollowinglinestothefile:
#!/bin/bash
rsynca/home/geeko/tmp/rsync_test

6. PressEsc;thenenter:exittosavethefileandclosetheeditor.
7. Makethefileexecutablebyenteringchmod744home_backup.shattheshellprompt.
8. Toeditroot'scrontab,startthecrontabeditorbyenteringcrontabeattheshell
prompt.
9. PressIns;thenenterthefollowing:
5_minutes_in_the_future
*
**/usr/local/bin/home_backup.sh

Forexample,tohavethebackupscriptrunat3:30,youwouldenterthefollowing:
3015***
/usr/local/bin/home_backup.sh

10.PressEsc;thenenter:exittosavethefileandclosetheeditor.
11.Waitfiveminutes,thenverifythatthebackupranbyenteringthefollowingattheshell
prompt:
ls/tmp/rsync_test
12.CloseallopenwindowsonDA1.

AdministerUserAccessandSecurity

Inthissectionoftheworkbook,youlearnhowtodothefollowing:
"ConfigurePAMAuthentication"
Inthisexercise,youpracticeconfiguringPAMauthentication.
"Configuresudo"
Inthisexercise,youpracticeconfiguringsudo.

 "ConfigurethePasswordSecuritySettings"
Inthisexercise,youpracticechangingdifferentsecuritysettings.
"UseACLs"
Inthisexercise,youpracticeusingACLs.
"ConfigureSuSEfirewall2"
Inthisexercise,youpracticeconfiguringthehostbasedfirewallonSLES11.
ConfigurePAMAuthentication

Inthisexercise,youpracticeconfiguringPAMauthenticationonDA1.Youwillcreateafile
thatpreventsallnormalusers(suchasgeeko)fromlogginginandtestthesystem.
Completethefollowing:
1. Ifnecessary,poweronyourDA1serverandloginasgeekowithapasswordofnovell.
2. Inthegraphicaldesktop,switchtovirtualconsole3bypressingCtrl+Alt+F3.
3. Loginasrootwithapasswordofnovell.
4. Createthe/etc/nologinfilebyenteringthefollowingcommandattheshellprompt:
echoNologinpossible>/etc/nologin
5. Switchtovirtualconsole4bypressingAlt+F4.
6. Attempttologinasgeeko.
A"Nologinpossible"anda"Loginincorrect"messagearedisplayed,indicatingthat
youcannotlogintothesystem:


7. Switchbacktovirtualconsole3bypressingAlt+F3.
8. Viewthelastlinesofthefile/var/log/messagesbyenteringthefollowingattheshell
prompt:
tail/var/log/messages
Lookforthe"FAILEDLOGIN"messageforgeekothatindicatesthefailedlogin
attempt:

9. Editthefile/etc/pam.d/loginconfigurationfilebydoingthefollowing:
1. Attheshellprompt,entervi/etc/pam.d/login.
2. SwitchtoinsertmodebypressingIns.
3. Adda#signtothebeginningofthefollowingline:
authrequisite
pam_nologin.so

ThisPAMmodulecheckstoseeifthefile/etc/nologinexists.Ifitdoes,itdoes
notallowregularuserstologinbyreturningafailedstatus.
Nowthatthislineiscommentedout,PAMwillnotcheckforthefile.Thismeans
thatalluserscanlogin,evenifthefileexists.

4. PressEsc;thensavethefilebyentering:w.
10.TestthemodifiedPAMconfigurationfile:
1. Switchtovirtualconsole4bypressingAlt+F4.
2. Attempttologinasgeekowithapasswordofnovell.
YouareabletologinbecausePAMnolongerchecksforthe/etc/nologinfile.
3. Logoutasgeekobyenteringexit.
11.Editthefile/etc/pam.d/logintouncommentthepam_nologin.soline:
1. Switchtovirtualconsole3bypressingAlt+F3.
2. Inthevieditor,pressIns.
3. Uncommentthepam_nologin.soline(byremovingthe#signyouentered
before)soitlookslikethefollowing:
authrequisitepam_nologin.so
4. PressEsc;thensavethefileandexitvibyentering:wq.
12.Onvirtualconsole4,trylogginginagainasgeeko.
Again,youreceivea"Loginincorrect"message.
13.PressAlt+F3.
14.Deletethefile/etc/nologinbyenteringrm/etc/nologinattheshellprompt.
15.PressAlt+F4.
16.Tryagaintologinasgeekowithapasswordofnovell.
Becausethe/etc/nologinfilenolongerexists,userloginisenabledagain.
17.Logoutasgeekobyenteringexit.
18.PressAlt+F3.
19.Logoutasrootbyenteringexit.
20.ReturntotheserverdesktopbypressingAlt+F7.

Configuresudo

Inthisexercise,youpracticeconfiguringsudotoallowthegeekousertokillprocesseson
DA1asroot.Completethefollowing:
1. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
2. Openaterminalwindow.
3. Switchtorootusingthesucommandandpasswordofnovell.
4. Attheshellprompt,entervisudo.
5. PressIns.
6. Scrolldowntothe"Defaultstargetpw..."line.
7. Commentoutthefollowinglinesbyplacinga#atthebeginningofeachline:
Defaultstargetpw#askforthepasswordofthetarget
useri.e.root

ALLALL=(ALL)ALL#WARNING!Onlyusethistogether
with'Defaultstargetpw'!

8. DefineaUser_AliasnamedPOWRUSRSthatcontainsthegeekouseraccountby
addingthefollowinglinetotheendofthefile:
User_AliasPOWRUSRS=geeko

9. DefineaCmnd_AliasnamedKPROCSthatcontainsthekillandkillallcommandsby
addingthefollowinglinetotheendofthefile:
Cmnd_AliasKPROCS=/bin/kill,
/usr/bin/killall

10.DefineaHost_AliasnamedHSTSthatcontainstheda1hostbyaddingthefollowing
linetotheendofthefile:

Host_AliasHSTS=da1

11.Usingthealiasesdefinedabove,allowthegeekousertorunthespecifiedcommands
onda1asrootbyaddingthefollowinglinetotheendofthefile:
POWRUSRSHSTS=(root)KPROCS

12.PressEsc;thensaveyourchangesandexittheeditorbyentering:exit.
13.Testyourconfigurationbydoingthefollowing:
1. Attheshellprompt(asroot),entertoptostartthetopprocessrunning.
2. Openanewterminalwindow.
3. Attheshellpromptinthenewterminalwindow(asgeeko),entersudokillalltop.
4. Whenprompted,entergeeko'spasswordofnovell.

Youshouldseethattopisunloadedinthefirstterminalwindow,asshown
below:

5. Closeallopenwindowsonthedesktop.
ConfigurethePasswordSecuritySettings

Inthisexercise,youpracticeeditingsecuritysettings.Youwillchangethedefaultbehavior
whenCtrl+Alt+Delispressed.Youwillalsochangetheencryptionmethodfromblowfishto
MD5.
Completethefollowing:
1. Ifnecessary,poweronyourDA1virtualserverandloginasgeekowithapasswordof
novell.
2. OpenaterminalwindowonDA1.
3. CheckthesettingfortheCtrl+Alt+Delkeystrokeinthefile/etc/inittabbyentering

grepctrlaltdel/etc/inittab
Notethecurrentsetting:
4. StartYaSTbyselectingComputer>YaSTandenteringapasswordofnovell.
5. SelectSecurityandUsers>LocalSecurity.
TheSecurityOverviewdialogappears.
6. Ontheleft,selectPredefinedSecurityConfigurations.
7. MakesureCustomSettingsisselected.
8. Ontheleft,selectPasswordSettings.
9. FromthePasswordEncryptionMethoddropdownlist,selectMD5.
10.Ontheleft,selectBootSettings.
11.FromtheInterpretationofCtrl+Alt+Deldropdownlist,selectHalt.
12.ApplythenewsecuritysettingsbyclickingOK.
13.CloseYaST.
14.Totestthechange,youmustfirstactivatethenewconfiguration.
Thiscanbedoneeitherbyrebootingthesystemorbyentering(asroot)initq,which
reloadsthe/etc/inittabfile.Youwilldothelatter:
1. Intheterminalwindow,sutorootusingapasswordofnovell.
2. Reloadthe/etc/inittabfilebyenteringinitq.
15.VerifythattheCtrl+Alt+Delsettinghaschangedbyentering
grepctrlaltdel/etc/inittab
NoticethatthesettingisnowshutdownhinsteadofwhatyounotedinStep2.
16.TestthissettingbypressingCtrl+Alt+F2andthenselectSendCtrl+Alt+Del.
Thesystemshutsdowninsteadofrestarting.
17.PowertheDA1virtualmachinebackonandloginasgeekowithapasswordofnovell.

18.(Optional)UsetheYaSTSecuritysettingsmoduletochangethedefaultfor
Ctrl+Alt+DelbacktoRestart.
UseACLs

Inthisexercise,youpracticeusingACLs.Inthefirstpart,youcreatetheacl_testdirectory
in/tmpandsetrwxrightsfortheowneronly.YouthensetACLstoallowthegeekouserto
changeintothatdirectory.
Inthesecondpart,youcreateafileinthe/tmp/acl_testdirectoryasrootusingtouch.Then
youchangethedefaultACLsforthe/tmp/acl_testdirectorytogivegeekoreadandwrite
accesstofilesanddirectories.
Inthethirdpartofthisexercise,youpracticeremovingtheACLsthatyouhaveset.
Completethefollowing:
"PartI:ConfiguretheACLofaDirectory"
"PartII:ConfigureaDefaultACLforaDirectory"
"PartIII:DeleteanACL"
PartI:ConfiguretheACLofaDirectory

ToconfiguretheACLofadirectory,dothefollowing:
1. Ifnecessary,logintoyourDA1serverasgeekowithapasswordofnovell.
2. Openaterminalwindowandsutorootusingapasswordofnovell.
3. Changetothedirectory/tmpbyentering
cd/tmp
4. Createatestdirectorybyentering
mkdiracl_test
5. Limitthefilesystempermissionsforthedirectorybyentering
chmod700acl_test
6. Openasecondterminalwindowasthegeekouser.
7. Trychangingtothetestdirectorybyentering

cd/tmp/acl_test/
Thecommandfails,becausegeeko(whoisnottheownerofthedirectory)hasno
permissiontoreadandchangeintothedirectory.
8. Switchtotherootterminalsession.
9. DisplaytheminimumACLofthedirectorybyentering
getfaclacl_test
Itshouldappearasfollows:

10.AddanextendedACLbyentering
setfaclmu:geeko:rwxacl_test/
11.Switchtothegeekoterminalandtrytoaccessthedirectoryagainbyentering
cd/tmp/acl_test
BecauseoftheextendedACL,youcannowchangeintothedirectory.
12.SwitchtotherootterminalanddisplaytheextendedACLofthedirectorybyentering
getfacl/tmp/acl_test/
Itshouldappearasfollows:

PartII:ConfigureaDefaultACLforaDirectory

ToconfigureadefaultACLforadirectory,dothefollowing:

1. Intherootterminalwindow,changetothedirectoryacl_testbyentering
cd/tmp/acl_test
2. Createafilebyentering
touchwithout_default_acl
3. DisplaytheACLofthenewfilebyentering
getfaclwithout_default_acl
BecausethereisnodefaultACLfortheparentdirectory,thenewfiledoesnothavean
extendedACLeither.
4. SetadefaultACLfortheacl_testdirectorybyentering
setfacldmu:geeko:rw/tmp/acl_test/
5. Createanothertestfilebyentering
touchwith_default_acl
6. DisplaytheACLofthenewfilebyentering
getfaclwith_default_acl
BecausethisfilewascreatedafterthedefaultACLoftheparentdirectorywasset,the
newfileinheritedtheACL.Thisisshownbelow:

PartIII:DeleteanACL

TodeleteACL,dothefollowing:
1. Intherootterminalwindow,removetheACLbyentering

setfaclxu:geekowith_default_acl
2. DisplaytheACLagainbyentering
getfaclwith_default_acl
Asyoucansee,theACLfortheusergeekohasbeenremoved.IftherewereACLsfor
otherusers,theywouldremainunaffected.
3. Viewthefileattributesofwith_default_aclbyentering
lslwith_default_acl
Therearestillextendedattributes(suchasthemask"+")intheoutput.
4. RemoveallACLsbyentering
setfaclbwith_default_acl
5. DisplaytheACLagainbyenteringthefollowingcommands:
getfaclwith_default_acllslwith_default_acl
NoticethattheACLhasbeenremoved,asshownbelow:

6. Closeallterminalwindows.
ConfigureSuSEfirewall2

Inthisexercise,youpracticeconfiguringSuSEfirewall2onyourDA1server.Youinstalland
configuretheApacheWebServeronDA1.ThenyouenablethefirewallonDA1and
configureittoallowWebservertraffic.
Completethefollowing:

1. Ifnecessary,logintoDA1asgeekowithapasswordofnovell.
2. InstalltheApacheWebServeronDA1bydoingthefollowing:
1. SelectComputer>YaST.
2. Whenprompted,enterapasswordofnovell.
3. SelectSoftware>SoftwareManagement.
4. FromtheFilterdropdownlist,selectPatterns.
5. SelecttheWebandLAMPServerpattern,asshownbelow:

1. ClickAccept.
2. IntheAutomaticChangesscreen,clickContinue.
3. Ifprompted,insertyourSLES11installationDVDandclickRetry.
Waitwhilethepackagesareinstalled.
4. Whendone,closeYaST.
5. Openaterminalsession.
6. Switchtorootbyenteringsuattheshellpromptfollowedbyapasswordof
novell.
7. StartApacheonDA1byenteringrcapache2startattheshellprompt.
2. TesttheApacheWebServeronDA1bydoingthefollowing:
1. SelectComputer>Firefox.
2. IntheAddressfield,enterhttp://da1.digitalairlines.com.
Youshouldseethefollowing:

1. CloseFirefox.
2. EnableSuSEfirewall2onDA1bydoingthefollowing:
1. StartYaSTagainonDA1.

2. SelectSecurityandUsers>Firewall.
3. IntheStartUpscreen,verifythatmarkEnableFirewallAutomaticStartingis
marked.
4. (Conditional)ifyourfirewallisn'tcurrentlyrunning,selectStartFirewallNow.
Youshouldseethefirewallstatuschangetorunning,asshownbelow:

5. ClickNext.
Thefollowingsettingsshouldbescheduledtobeappliedtothefirewall:


1. IntheSummaryscreen,clickFinish.
2. CloseYaST.
2. TestthefirewallconfigurationfromyourDASLEDvirtualworkstationbydoingthe
following:
1. Ifnecessary,poweronyourDASLEDvirtualworkstationandloginasgeeko
withapasswordofnovell.
2. StartFirefoxonDASLED.
3. IntheAddressfield,enterhttp://da1.digitalairlines.com.

TheservershouldfailtorespondbecausethefirewallonDA1isblockingall
networktrafficexceptSSHtraffic:

6. ConfigurethefirewallonDA1toallowWebservertrafficbydoingthefollowing:
1. SwitchtoyourDA1virtualserver.
2. StartYaSTandselectSecurityandUsers>Firewall.
3. SelectAllowedServices.
4. FromtheServicetoAllowdropdownlist,selectHTTPServer;thenclickAdd.
5. FromtheServicetoAllowdropdownlist,selectHTTPSServer;thenclickAdd.

6. ClickNext.
7. ClickFinish.
8. CloseYaST.
7. Testthenewfirewallconfigurationbydoingthefollowing:
1. SwitchtoyourDASLEDworkstation.
2. IntheFirefoxwindow,clicktheReloadicon.
TheservershouldnowrespondbecausethefirewallonDA1isconfiguredto
allowHTTPandHTTPStraffic:

8. Closeallopenwindowsonbothsystems.