Index [link.springer.com]978-1-4302-1913-2/1.pdf · backup and recovery backup process, 623–624...

1025

Index

# (hash mark), 355$ (dollar sign), 131$ arguments, 159$ symbol, 71<%= value %> syntax, 983%CPU column header, 835–836&& (double ampersand), 629* symbol, 83_ variable, 131_netdev option, 589+2G command, 339! modifier, 876? symbol, 83/ volume, 22

Numerics250 response code, 4462048 option, 678

Aa class abbreviation, 89-A flag, 78-a option, 179-A option, 227-a option, 485, 865a2dismod command, 533a2enmod command, 533a2ensite utility, 530abi directory, 867ACCEPT policy, 225ACCEPT target, 228access control lists (ACLs)

LDAP, 778–783, 794–795Squid, 558

access restriction, Apache web server, 531–532AccessFileName directive, 529Accessories tab, 68account management group, 135accounts group, 77, 117acl directive, 559ACLs. See access control lists (ACLs)action key-value pair, 893action line, 894action2 line, 896actions, syslog, 876–877activationkey option, 284Active Directory LDAP server, 564Active Directory Service (ADS), 583activeTypes section, 799AD (Microsoft Active Directory) file, 565add machine script, 571

--add option, 162, 368add user script, 571addr object, 204address books, Zimbra, 749–757address object, 203address parameter, 200adduser package, 119, 303admin account, 726ADMIN alias, 141Admin Password setting, 707Admin type, 642Admin user, 600, 707, 709, 720, 780, 856Administration Console, Zimbra, 712–713, 729ADS (Active Directory Service), 583adsl-setup, 241–245adsl-setup command, 241Advanced Network Configuration button, 38Advanced Packaging Tool (APT), 310–311Advanced Policy Firewall (APF), 265advanced tools

CPU and memory use, 834–844disk access, 845–847overview, 834swap space use, 844–845

agents, 847AH (Authentication Header), 230alert priority, 876alias attribute, 906, 910alias command, 104, 132alias_maps option, 460aliases

CNAME entries and, 408command, 132–133distribution lists and, 725–728overview, 460

ALIASES section, 133all flag, 297ALL keyword, 542ALL option, 140all view, 849allow,deny parameter, 529allow directive, 946allow statement, 970AllowOverride directive, 530–531allow-update option, 428ANONYMOUS mechanism, 480Anonymous mode, 766anonymous read access, 781ANSWER SECTION command, 220antispam. See spamantivirus. See viruses

INDEX1026

Apache web serveraccess restriction, 531–532authentication, 821–824configuring for provisioning, 950file and directory permissions, 533–534installation and configuration, 517–518, 527–530modules, 532–533virtual host, adding for LDAP Account Manager,

800–807apache2 package, 517, 530, 944apache2-common package, 530apache2ctl command, 530, 533apache2ctl configtest command, 530apache2-mpm-prefork package, 517apachectl command, 527, 531, 533APF (Advanced Policy Firewall), 265Application Data directories, 573application packages, 268approx index type, 774apropos command, 76APT (Advanced Packaging Tool), 310–311apt-cache command, 312apt-cacher utility, 309apt-file command, 311–312apt-get command, 311aptitude

command, 192, 452noninteractive mode, 308–309property, 701removing packages, 309–310tool, 302–312updating packages, 311–312

Aptitude source packages, 310--arch option, 939archive mirrors, 48$ARG1$ macro, 914, 917argsfile attribute, 770$ARGx$ macro, 914arp tool, 222arrays, 362–369Asterix PBX Integration Zimlet, 749atime, 94atomic method, 960attach directory, 554audit command, 502auth access, 795auth access privileges, 778AUTH command, 485auth default configuration option, 479auth directive, 955auth facility, 875auth management group, 135, 818auth service, 479auth type, 137auth_debug option, 514auth_debug_password option, 514auth_verbose option, 514AuthBasicProvider directive, 532AuthBasicProvider ldap command, 823auth-client-config utility, 769authconfig command, 134

AuthConfig option, 531authentication

OpenVPN, 675–679overview, 476–477PAM, 133Postfix, 465SASL, 477–482SMTP AUTH, 477–478testing Postfix authentication, 483–485

Authentication Header (AH), 230AuthName directive, 532, 923authoritative DNS servers, 405–420

forward lookup zones, 407–408reverse lookup zones, 408–410security, 417slave servers, adding, 417–420using system-config-bind tool on Red Hat, 410–417zoning, 406–407

authorized_keys file, 627, 918auth-priv facility, 875auth-priv messages, 877–878AuthType directive, 531, 923AuthUserFile directive, 532auth-user-pass option, 690AuthzLDAPAuthoritative on command, 823auto parameter, 200autolearn=spam message, 493automating mounts, 355–357autopart, 958, 964AUXILIARY object, 776–777

Bb file type, 85-b option, 142, 382, 788backing up, LDAP directory, 796–797backports, Ubuntu, 326backup and recovery

backup process, 623–624Bacula

acquiring, 638–641backing up databases with,

658–661Bat console, 661–666configuring, 641–653managing with bconsole command, 654–658

disaster recover planning (DRP), 621–622network backups, 624–625overview, 621rsync

overview, 625–626using with SSH, 626, 636

Backup job type, 642--backup-file option, 369BackupPC tool, 636Bacula

acquiring, 638–641backing up databases with, 658–661Bat console, 661–666configuring, 641–653

testing syntax, 653managing with bconsole command, 654–658overview, 636–637

INDEX 1027

Bacula backup server, 621bacula-dir.conf file, 641–650bacula-fd.conf file, 652–653bacula-sd.conf file, 651–652baddomain.com network, 266bare metal installs, 13BASE field, 785baseurl option, 294–295bash scripts, 880Bash shell, 69, 130–131.bash_profile file, 130, 132basic input/output system (BIOS), 145–146bastion firewall

filter table, 253–255, 259–264nat table, 258–259overview, 249–252

Bat console, 661–666Bayesian spam filtering, 488BCM (business continuity management), 621bconsole command, 637, 654–658bconsole.conf file, 653bdb database, 772Berkeley Internet Name Domain (BIND), 399, 401BFD (Brute Force Detection), 265/bin directory, 82, 140, 141/bin/bash command, 128, 293, 298BIND (Berkeley Internet Name Domain), 399, 401bind mount, 383--bind option, 950bind timelimit setting, 819bind-utils package, 397/bin/extra/ directory, 140/bin/false file, 126, 128/bin/groupadd file, 141/bin/mail command, 126/bin/userdel file, 139BIOS (basic input/output system), 145–146blkid utility, 356blocks, 334, 347bo column, 846bond0 setting, 568bonded interface, 179boot, starting and stopping services at, 160–163/boot/ directory, 82boot loader, 22–23, 146–148/boot partition, 22, 49, 356, 958#boot=/dev/sda file, 149bootargs parameter, 1005/boot/grub directory, 998/boot/grub/grub.conf file, 149, 276/boot/grub/menu.lst file, 149boot.img.gz file, 947booting, 145, 153–156booting kernel, 148bootloader directive, 954, 955, 1005BOOTP protocol, 186BOOTPROTO, 196, 197bootstrapping, 145, 931both method, 737brace expansion, 464Braille, 44

break control option, 782bridged VPN, 674bridge-utils package, 1011bridging mode, 240Briefcase feature, 738, 756broadcast-address option, 422browseable directive, 572–573Brute Force Detection (BFD), 265buffers column, 833builder parameter, 1005business continuity management (BCM), 621

C-c | --contents option, 321c file type, 85-c N option, 349-c option, 113, 531, 909, 923-C option, 544ca option, 473, 679, 682, 725cabling, 176ca-bundle.crt file, 609, 772cacert.pem CA certificate file, 681cacert.pem file, 609cache, APT, 309cache_dir directive, 560cached column, 833caching DNS servers, 401–405Cacti

adding hosts to, 856–863configuration, 854–856installation on Red Hat, 852–854installation on Ubuntu, 850–852settings and defaults, 863–864

/cacti subdirectory, 853Calendar rule type, 895, 898calendars, 751cancel command, 655Cancel Selected Events button, 289CAs. See certificate authorities (CAs)cat command, 95, 102cat /proc/mdstat command, 369cd command, 80, 86, 681CD/DVDs, 146cdrom directive, 955CentOS, 5, 11, 64, 271cert option, 679, 682certificate authorities (CAs)

commercial, 466creating certificates from, 468creating own, 470–472defined, 465noncommercial, 466–467securing VPNs, 676self-managed, 467signing certificates with own, 472–474

Certificate File, 552Certificate Key File, 552certificate signing request (CSR), 468, 676certificates

choosing type of, 467creating, 468–470

INDEX1028

creating own CAs, 470–472from noncommercial CAs, 466–467self-signed certificates, 467See also certificate authorities

certname option, 969cfg_dir option, 904cfg_file option, 904CGI scripts, 523cgi.cfg configuration file, 924chage command, 124–125chain loading, 149chains, Netfilter, 224chcon command, 550Check SMTP service, 916check-host-alive attribute, 908checkpoint directive, 775check-update option, 290chgrp command, 93chkconfig --add xendomains command, 1010chkconfig command, 159–160, 162–163, 165, 536, 608, 672chkconfig --list command, 166, 938chmod command, 88, 91, 462chown command, 93, 462, 546chroot command, 383, 627chsh command, 115CIFS (Common Internet File System), 564Citadel, 698ClamAV

configuring, 502defined, 488help resources, 506installing, 500–502testing SpamAssassin with, 504–505

clamscan command, 506class directive, 974Class of Service (CoS), Zimbra, 713–719classes directory, 968clean all option, 291clearpart directive, 954client configuration, Squid cache, 560–561Client daemon, 639Client directive, 643client option, 682Client resource, 647Client Run After Job script, 796Client Run Before Job script, 658, 796client-cert-not-required option, 689clone file, 199clustering, 28cmd.php file, 863Cmnd_Alias command, 141cn command, 774cn=admin setting, 779CNAME command, 221CNAME record, 703cobbler command, 939cobbler package, 933cobbler profile command, 941cobbler profile list command, 941cobbler system command, 957

CodeWeavers, 564Collaborative Services

migrating from existing e-mail service, 757–758Zimbra, 698–757. See also specific services under Zimbra

collections, 966com_zimbra_emailquotes file, 730combining multiple selectors, 877–878command aliases, 132–133COMMAND column header, 835command history, 72command line, 67–72command prompt, 68command_line attribute, 908, 914command_name attribute, 908command-line shell, 68comment directive, 572commercial certificate authorities, 466Common Gateway Interface, 523Common Internet File System (CIFS), 564common-account file, 137, 818common-auth file, 818common-password file, 818common-session file, 818compare access privileges, 778compiling software from source, 326–328

configure command, 328–330installing, 331make command, 330–331uninstalling, 331

comp-lzo file, 675compress option, 881Computer Name tab, 576-conf option, 887, 889conf.d directory, 529-config . /openssl.cnf option, 472–473--config option, 1021config.cfg file, 798config.php file, 556configuration management

overview, 931provisioning

Kickstart and Preseed, 953–965overview, 932with Red Hat Cobbler, 932–944with Ubuntu, 944–953

Puppet, 965–986. See also PuppetConfiguration Reference, 987configure command, 103, 328–330configuring

GRUB boot loader, 149–151init, 154–155Pluggable Authentication Modules (PAM),

133–137shell and environment, 130–133sudo command, 144

configuring sudo, 139confirm directive, 960confirm subkey, 960confirm_write_new_label subkey, 960Connection Timeout setting, 520CONNMARK target, 228

INDEX 1029

console, Nagiosauthentication, 921–925functions, 926–928overview, 921

console output option, 169Console service, 650Contact field, 406contact_groups attribute, 910contact_name directive, 924$CONTACTEMAIL$ macro, 912contactgroup object, 910contactgroup_name attribute, 910container-based approach, 992content attribute, 982content_filter option, 491continue line, 891continue option, 782, 892continuous performance monitoring

Cacti, 850–864SNMP, 847–850

control flag, 135–136copy command, 941copying files, 100–103core.schema file, 775, 786correlation, 883CoS (Class of Service), Zimbra, 713–719cp command, 100–101cpu group, 845CPU usage, 831–832, 834–844CRAM-MD5 mechanism, 480create command, 1021CREATE DATABASE statement, 541create mask directive, 572create mode, 364create mode owner group option, 881Create New Logical Volume dialog box, 378Create New Virtual Disk Wizard, 996createrepo package, 933crit priority, 876CRITICAL plug-in status, 909, 915, 919cron, scheduling services and commands, 170–173cron command, 854cron facility, 875–876cron messages, 876crontab command, 170–173CSR (certificate signing request), 468, 676CUPS

configuring, 609installing printer management tools, 610–617overview, 609–610

cups options directive, 572

D-d -1 option, 783-d days option, 125d file type, 85-d homedir option, 113-D option, 114, 227, 788-d option, 497, 883DAC (discretionary access control), 34daemon facility, 875

DAEMON_ARGS line, 888daemons, 74. See also individual daemon by namedaily option, 881DAP (Directory Access Protocol), 762DATA command, 446, 459, 489data directory, 554, 591data retention periods, 623data volumes, 623database directive, 773, 775date, files, 94–95date command, 94, 893DB_CONFIG file, 774dbconfig settings, 774dbconfig-common framework, 851dc=com setting, 779dcObject object class, 776, 786dd command, 370, 846, 1013debconf command, 808Debian distribution, 5, 11, 43, 888, 1020debug directory, 867debug logging option, 824--debug option, 971debug priority, 876default file, 949default gateway, 191default kernel, 148default keyword, 392default node, 973default route, 182, 208default value, 980Default Virtual Host, 520default-lease-time directive, 421defaults option, 167Default-Start keyword, 160Default-Stop keyword, 160definitions, Puppet, 983–984del command, 204--del option, 162deleting

entries from LDAP directory, 792files, 104users, 118–119

delivery mode, 497deluser.ldif file, 792demand option, 785Demilitarized Zones (DMZs), 986Denial of Service attacks (DoS), 263DENIED_COMMANDS command, 141Deny from all directive, 529deny statement, 970dependencies, 270desc key-value pair, 893Description keyword, 160Desktop directory, 573destination network address translation (DNAT), 251destination parameter, 264-detach option, 887, 889–890--detail option, 365/dev/ directory, 82, 334–335, 867/dev file, 383, 610/dev/cdrom directory, 1013

INDEX1030

/dev/disk/by-uuid file, 357/dev/dvd device, 85Development packages, 269Device Down Detection method, 863DEVICE option, 196device_remove_lvm directive, 960devices, 333–335, 856Devices tab, 191/dev/md0 device, 372dev.raid.speed_limit_max variable, 868df command, 94, 353, 358df -i command, 358df tool, 834dhclient utility, 431DHCP. See Dynamic Host Configuration Protocoldhcp3-server package, 944dhcp-client package, 961differential backups, 623Diffie-Hellman parameters, 677dig command, 219–221, 397–400DIGEST-MD5 mechanism, 480Dimdim Web Meeting, 749dir_index option, 869, 870Director configuration file, 641Director daemon, 636Directory Access Protocol (DAP), 762directory directive, 402Directory Information Tree (DIT), 762directory mask directive, 572Directory Page Search List, 551directory permissions, 533–534directory services. See Lightweight Directory Access

Protocol (LDAP)Directory tag, 530Dirvish tool, 636--disable option, 961disable_plaintext_auth option, 509disable_vrfy_command option, 489disabled option, 956DISABLE-NBT option, 694disabling users, 126disaster recover planning (DRP)

boot loader problems, 383–384disk failure, 384–386overview, 380–383, 621–622

disclose access privileges, 778discretionary access control (DAC), 34disk access, 845–847disk drivers, 14disk group, 334disk parameter, 1005disks

Kickstart, 958–960monitoring space, 834Preseed, 958–960

DISPLAY option, 948distinguished name (DN), 762distribution lists, Zimbra, 725–728distributions

CentOS, 5choosing, 6–7

Debian Linux, 5Fedora Project, 5Gentoo, 6overview, 3–4Red Hat Enterprise Linux (RHEL), 4–5Ubuntu, 5–6

DistroWatch, 6DIT (Directory Information Tree), 762dmesg command, 335–336, 341, 344, 353, 834DMS (document management systems)

adding and checking out documents, 602–608KnowledgeTree DMS, 590–591, 602–609using, 590

dms user account, 596dmsctl.sh command, 608DMZs (Demilitarized Zones), 986DN (distinguished name), 762dn: cn=config option, 784DNAT (destination network address translation),

251DNAT target, 562DNS. See Domain Name System (DNS) serverDNS option, 196dns-nameserver parameter, 201dnssec-keygen tool, 426dnsutils package, 397document management system (DMS), 563

adding and checking out documents, 602–608KnowledgeTree DMS, 590–591, 602–609using, 590

Document Root Directory setting, 521Documentation/sysctl directory, 868DocumentRoot, 530, 553documents, Zimbra, 749–757dollar sign ($), 131domain master = yes line, 569DOMAIN name option, 694Domain Name System (DNS) server

address, 694authoritative

forward lookup zones, 407–408overview, 405reverse lookup zones, 408–410security, 417slave servers, adding, 417–420using system-config-bind tool on Red Hat,

410–417zoning, 406–407

caching DNS servers, 401–405dynamic, 420–426IP addresses and, 26overview, 394querying name servers, 396–401root servers, 394–396

$domain variables, 984domain-name option, 422done command, 657DontCont option, 891DoS (Denial of Service attacks), 263dosfstools package, 351double ampersand (&&), 629Double Reverse Lookup, 523

INDEX 1031

Dovecot, 507–515configuring, 508–509configuring for SASL, 478–482defined, 443help resources, 515testing, 509–514troubleshooting, 514

#dovecot channel, 515down command, 203Downed Device Detection option, 859dpkg

commands, 309, 323–325defined, 302examining package details/contents, 323–324file searches, 325installing packages, 325overview, 320–323removing packages, 325–326

dpkg-reconfigure command, 455dport 25 command, 259DPT port, 262driftfile directive, 391Drop Box for Windows, 596DROP chain, 255DROP DATABASE statement, 542DROP policy, 225, 580DROP target, 228DRP. See disaster recover planning (DRP)drsync tool, 636Drupal installer, 547dst directive, 559du command, 93, 94, 834dual boot, 22dumpe2fs tool, 382dump-file directive, 404duplex setting, 205Dynamic Host Configuration Protocol (DHCP)

address assignment, 182configuring, 421–423dynamic DNS updates, 425–426, 430–433installing, 421–423manually changing DNS entries, 433overview, 24, 421static lease assignments, 423–425

E-e | --erase option, 296e argument, 491-e date option, 115-E date option, 125-e option, 455e2fsck utility, 381–382echo command, 131edit command, 957EHLO command, 444, 458, 489e-mail, 757–758. See also mail servicesemailquotes command, 732emerg priority, 875–877Enable Network Time Protocol option, 35Enable SSL support box, 551enabled option, 294ENABLED=0 option, 490

enablemd5 value, 954Encapsulating Security Payload (ESP), 230encryption

certificates, 465–474TLS, 465–466, 474–476

End User License Agreement, 596endscript option, 883ensure attribute, 974, 980enterprise monitoring, 899env command, 130envelope, 445environments

configuring, 130–133Puppet, 986

epel-release RPM, 853, 933, 967eq index type, 774erase option, 293--erase option, 300err priority, 876error_check() subroutine, 634errors.sh script, 195ESMTP (Extended SMTP), 445ESP (Encapsulating Security Payload),

230esp rule, 229–230ESTABLISHED,RELATED state, 264ESTABLISHED chain, 262ESTABLISHED connection state, 238ESTABLISHED packet state, 254eth0 interface, 181, 568ethtool command, 205ETHTOOL_OPTS option, 196event, defined, 168event [time] [event text] action, 898exampleActive attribute, 777exampleActive property, 764exampleClient object class, 777example.com.schema file, 770, 775, 778exbackup home directory, 626exbackup.pub key, 628--exclude option, 632.exe postfix, 739ExecCGI option, 524–525Executive directory, 602Expire field, 406EXPIRE option, 114--expiredate option, 126ext2, ext3, ext4 file system options, 347–348Extended SMTP (ESMTP), 445-extensions v3_ca option, 472extents option, 870external nodes, Puppet, 986extra parameter, 1005eZ Publish, 544

F-f $sender option, 492-F | --freshen option, 296-F 32 option, 352-f days option, 115-f filename option, 786

INDEX1032

-f option, 167, 453, 788, 883-F option, 227facilities, syslog, 874–875facter package, 967fakeroot package, 865fdisk utility, 336, 337–338Fedora Project, 5, 11, 61, 64, 271file command, 327File daemon, 636file permissions, 533–534file resource, 974, 981File: :Scan: :ClamAV package, 501file serving, Puppet, 969–970file sharing

DMS, 590, 602–609with NFS, 563–564, 587–589with Samba, 563–564, 575–576, 580–587

file systemsadditional systems, 352automating mounts, 355–357checking usage, 358–359creating, 344–346tweaking ext2, ext3, and ext4 file system options,

347–348XFS and JFS file systems, 349–352

File["/etc/ssh/sshd_config"] resource, 981filebucket command, 976filegen directive, 391filename option, 936–938, 946files

copying, 100–103date and time, 94–95deleting, 104editing, 107linking, 105links to, 92moving and renaming, 103–104permissions, 86–92reading, 95–98searches, 325searching for, 98–100size and space, 93–94types, 85–86users, groups, and ownership, 92–93

files directory, 968fileserver.conf file, 975FileSet, 643–644Filesystem state flag, 354filter rules, 259filter table, 224, 228–230, 235–236, 250, 253–264find / -user UID -o -group GID command, 118find command, 99–100, 304Firestarter, 265firewall

bastion, 249–264Kickstart, 957Netfilter, 222–239OpenVPN, 686–687Preseed, 957Puppet, 970Ubuntu, 950Zimbra, 711–712

firewall option, 957

firstboot directive, 961fixed-address option, 423folders, Zimbra, 749–757FollowSymLinks option, 524for loop function, 635force create mode directive, 572force directory mode directive, 572force group directive, 572force user directive, 572fork bomb, 832forking, 157FORWARD chain, 224–226, 234, 237, 252, 259forward lookup zones, 407–408forward_order_big_client.doc document, 604, 606ForwardAgent yes option, 438–439forwarding packets, 205–211ForwardX11 yes directive, 438fping package, 902FQDNs (fully qualified domain names), 407, 569free command, 345, 833, 835freshclam update daemon, 502-fromstart option, 889fs directory, 867fstab file, 356–357fstab manual page, 356full virtualization, 991fully qualified domain names (FQDNs), 407, 569Fully Virtualized option, 1015function keys, 14Function Reference, 987

G-g GID option, 117-g group option, 115-G option, 117GAL (global address list), 738gateway, defined, 241gateway parameter, 201gateway server, 673–675gateway$ command, 679gateway.conf file, 673–674, 679, 682, 685gateway.conf VPN tunnel, 688gateway.ks file, 943GatewayPorts directive, 439gedit command, 106generate function, 985generic class, 979Generic Text printer drivers, 619generic-host template, 907generic-service template, 916--genkey option, 675Genome, 933Gentoo distributions, 6get_sales function, 634getent passwd tool, 820Getting Started guide, 987GID (group ID), 116global address list (GAL), 738Global Settings, Zimbra, 738–741[global] configuration, 567[global] service, 572

INDEX 1033

Gnome (network-manager-openvn Package), 692Gnome desktop, 17, 67–68, 75Gnome System Monitor, 838–844Gnome Terminal, 68gnome-app-install package, 312GNU GPL license, 671GoTo option, 891gpasswd command, 118gpgcheck option, 294gpgkey option, 294gpm package, 358gpm utility, 358Grand Unified Bootloader. See GRUB (Grand Unified

Bootloader)GRANT OPTION statement, 542GRANT statement, 542Graph Export tab, 864Graph Grouping Style, 861graph tree, 861graphical user interface. See GUI (Graphical User

Interface)grep command, 96, 98, 103, 291, 297, 337group file, 129group ID (GID), 116GROUP option, 114group option, 481, 675, 689group setting, 682groupadd command, 110, 117, 119groupdel command, 110, 118groupmod command, 110groupOfNames object class, 787groups

deleting, 118–119managing via GUIs, 120–123overview, 115–118storing group data, 127–130users, ownership and, 92–93users and, 77volumes and, 370–373

groups.ldif file, 786groupware, 697grow mode, 369--grow option, 959GRUB (Grand Unified Bootloader)

BIOS, 146configuring, 149–151overview, 148–149securing, 152–153using menu, 151–152

grub command, 153/grub directory, 150GRUB menu screen, 31grub.conf file, 149, 152–153, 998grub-md5-crypt command, 153, 956GSSAPI mechanism, 480guest ok directive, 572GUI (graphical user interface)

configuring network interfaces fromRed Hat, 182–192Ubuntu, 192–194

desktop, 66–67managing groups and users via, 120–123

managing LVM via, 375–380xDSL setup, 245–249

GUI Services Configuration, 160–162gunzip command, 888

H\h hostname, 131-h option, 358-H option, 919-h switch, 93half duplex, 205halt process, 158ham, defined, 488hard disks, 146, 624Hard links, 92hard state, 916hardware, choosing, 8Hardware Compatibility Lists (HCLs), 8hardware ethernet option, 423has_journal option, 870hash mark (#), 355--hash option, 300HCLs (Hardware Compatibility Lists), 8hdb database, 772head command, 158head office resources, exposing, 684–687HEAD utility, 529headless installation, 11HELO command, 445help argument, 608--help option, 328, 919–920help resources

ClamAV, 506Dovecot, 515finding, 75–77Postfix, 487SpamAssassin, 494–495

--help switch, 76, 284hi status code, 322hiddenmenu instruction, 150history command, 72home directory, 66/home/ directory, 70, 82, 99, 127HOME option, 114/home partition, 960HOME variable, 130, 170home_mailbox option, 461hop, 210Horde, 698host configuration, Nagios, 905–913Host Detail screen, 926host key fingerprint, 434host object, 905host utility, 222, 397Host_Alias alias, 141host_name attribute, 914$HOSTADDRESS$ macro, 908, 912, 917$HOSTALIAS$ macro, 906hostname fact, 978$hostname variable, 978$HOSTNAME$ macro, 906, 912

INDEX1034

$HOSTOUTPUT$ macro, 912hosts

adding to Cacti, 856–863controlling access to, 133–137downloading and preparing, 702–703

hosts allow option, 569hosts deny option, 569Hosts tab, 184, 190$HOSTSTATE$ macro, 912hosts.txt file, 394hot backups, 623.htaccess files, 525, 529–531html directory, 850, 852–853htpasswd command, 531, 923HTTP (WWW) option, 526http method, 737http_access directive, 559http_port directive, 561http_port file, 558httpd daemon, 78, 157, 162httpd package, 517httpd server, 984httpd.conf file, 529HTTPS (Hypertext Transfer Protocol over Secure Socket

Layer) protocol, 465https method, 737HUP signal, 838Hypertext Transfer Protocol over Secure Socket Layer

(HTTPS) protocol, 465

I-i | --install option, 296, 321I command, 230-I days option, 125-i option, 217-I option, 227IANA (Internet Assigned Numbers Authority), 776ibdata file, 540ICANN (Internet Corporation for Assigned Names and

Numbers), 395ICMP (Internet Control Message Protocol), 223Id command, 116, 820id_dsa file, 918id_dsa.pub file, 918IdentityFile directive, 438idle timelimit setting, 819iface bond0 inet static file, 202ifcfg-eth? files, 195ifcfg-ppp0 file, 243ifconfig command, 198, 202, 423ifconfig eth0 down command, 203ifdown command, 181ifempty option, 882ifenslave command, 202IfModule statement, 553IfModule tags, 529ifup command, 181ii status code, 322IMAP (Internet Message Access Protocol), 443, 506–507IMAP tab, 740imapsync command, 758

import option, 939import statement, 968INACTIVE option, 114-iname option, 100include directive, 402, 973Include directives cause, 529include directory, 882include option, 137, 524--include option, 632include statement, 137, 770, 775, 985IncludesNOEXEC option, 524incremental backups, 623Indexes option, 524index.php file, 551index.txt file, 470inet parameter, 200inet_interfaces option, 455inet_protocols option, 457inet6 parameter, 200inetutils-inetd package, 944-infiles option, 473info command, 77info ls command, 77info option, 291--info option, 298info priority, 874, 876infrastructure services

DNS server, 394–396, 401–405, 420–421Dynamic Host Configuration Protocol (DHCP),

421–425, 433Network Time Protocol (NTP), 389–394overview, 389Secure Shell (SSH), 433–440

init, configuring, 154–155init command, 156init mechanism, 164init process, 157, 168, 836init program, 148, 153init script, 163–164, 847, 886, 970, 980initctl command, 168init.d directories, 526init.d script, 157–159, 162–163, 167, 173initdefault line, 155initrd.img file, 148, 151inittab file, 154, 157inittab man page, 154InnoDB, 537–540Inodes, 347INPUT chain, 224–225, 230–231, 234, 236–237, 252, 259, 580-input option, 887, 889, 890, 891INPUT rule, 235-input=file pattern[=context] option, 889insmod command, 198, 238install command, 501install directive, 955INSTALL file, 554install option, 290, 951, 954--install option, 300/install/ subdirectory, 854Installation Number screen, 18installation splash screen, 12, 14

INDEX 1035

installingClamAV, 500–502compiling software from source, 331Dynamic Host Configuration Protocol (DHCP),

421–423KnowledgeTree DMS, 591, 602LAM, 798–799LDAP, 768–769Linux

LiveCDs, 12overview, 11–12Red Hat, 13, 42troubleshooting, 60–61Ubuntu, 42, 60virtual machines, 12–13

Nagios, 901–902OpenVPN, 671packages, 291–292, 299–300, 325Postfix, 449–452printer management tools, 610–617Puppet, 967Red Hat Cobbler, 933Simple Event Correlator (SEC), 886Zimbra, 703–706

install/netboot directory, 947install.sh script, 702–703interfaces, network

configuring from GUI, 182, 192–194overview, 179–181

interfaces = eth0 service, 568interfaces option, 568Internet Assigned Numbers Authority (IANA), 776Internet Control Message Protocol (ICMP), 223Internet Corporation for Assigned Names and Numbers

(ICANN), 395Internet Message Access Protocol (IMAP), 443, 506–507Internet Printing Protocol (IPP), 238-intevents option, 887INVALID state, 238INVOCATION section, 130invoke-rc.d command, 164–165, 233, 452, 490, 576, 617,

672, 970ip addr show command, 198ip command, 181, 202, 204–205, 1021ip link show command, 203IPADDR option, 196$ipaddress variable, 984ipaddress_eth0 fact, 983$ipaddress_eth0 variable, 983IP-based virtual hosts, 519ipconfig command, 179IPP (Internet Printing Protocol), 238IPsec tab, 184ipt_conntrack Netfilter kernel module, 238iptables, 222–224, 227–233, 580iptables command, 222–223, 225, 228, 233, 237, 674, 712iptables configuration, 250iptables filters, 257iptables firewall, 33, 457iptables interface, 175iptables man page, 232iptables management tools, 233iptables rules, 223, 252, 580, 695, 938, 950

iptables service, 158iptables-restore command, 232iptables-save command, 232IPtools2 package, 202–205ipv6 kernel module, 864IPV6INIT=no protocol, 196--iscrypted option, 956issue file, 129issue.net file, 129

J-j option, 349-j target option, 227JFS file systems, 349–352jfsutils package, 350Job Options tab, 617JobPlot window, 664Joomla!, 544journaled file system, 344.js postfix, 739Jump rule, 895jwhois package, 395

KK parameter, 543KDE (KVpnc), 692KDE GUI interface, 68keepalive option, 675KeePass, 28Kerberos, 564kern facility, 874–875kernel, 3, 184, 277kernel binary, 148kernel directory, 867Kernel Log daemon, 872kernel parameters, 23kernel-package package, 865key directive, 961key option, 679, 682keyboard, 955–956key-chain tool, 627-keyout option, 469keys, SSH, 434–435Kickstart

complete configurations, 963–965disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956Kickstart Configurator, 962–963language, 955–956network configuration, 957package management, 961partitions, 958–960postinstallation, 962preinstallation, 962time zone, 955–956user management, 956

kickstart option, 941kickstarting, 931kill command, 838

INDEX1036

killall program, 158, 169klogd daemon, 872KnowledgeTree DMS

help resources, 609installing, 591, 602integrating LDAP, 824–828securing with SSL, 608–609starting and stopping, 608

Knumber> prefix, 158kod keyword, 392Konsole, 68ks option, 951ks.cfg file, 951kubuntu-desktop package, 312KVM

installing Virtual Machines withinstalling Ubuntu Server as Guest Operating

System, 1013–1014installing Windows as Guest Operating System,

1012–1013managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012

overview, 992kvm command, 1013–1014kvm kernel module, 1012KVpnc (KDE), 692

L-l | --list option, 321-L | --listfiles option, 321l file type, 85-L label option, 349-l option, 142, 349, 919, 946-L option, 142, 227-l switch, 84label command, 655LABEL option, 948LAM (LDAP Account Manager). See LDAP Account

Manager (LAM)lam.conf file, 799lang directive, 955LANG variable, 130language

Kickstart, 955–956Preseed, 955–956

Language Tutorial, 987last command, 143lastb command, 143lastlog command, 144lcd command, 681LDAP (Lightweight Directory Access Protocol), 761, 829

backing up, 796–797configuring

access control lists, 778–783overview, 770–775schemas, creating, 775–778setting up LDAP client, 785slapd daemon, running, 783–784

considerations, 765–767defined, 762–765deleting entries from, 792implementing, 767–768

installing, 768–769integrating

Apache authentication, 821–824centralized Linux authentication, 808–817KnowledgeTree DMS, 824–828Pluggable Authentication Modules (PAM),

817–820management and tools

access control lists, testing, 794–795backing up directory, 796–797deleting entries from directory, 792LAM, 797–807LDIF files, 786–791password policy overlay, 793–794searching LDAP tree, 791–792users, adding, 786–791

LDAP Account Manager (LAM)Apache virtual host, adding for, 800–807configuring, 798–799installing, 798–799overview, 797

ldap admin dn file, 571ldapadd command, 787–788, 790–791, 792ldap-auth-client utility, 769ldap-auth-config tool, 808ldap.conf file, 785, 825ldapdelete command, 792, 788ldapmodify tool, 784, 788ldapsam option, 570ldapsearch command, 788, 791–792, 795LDAPTrustedMode TLS file, 822ldap-utils package, 769LDIF files, 786–791less command, 96, 462--level option, 162lftp command, 947/lib/ directory, 82libpcre3 package, 305, 316Library packages, 268/lib/security directory, 136libtool-ltdl package, 901libvirtd group, 1012Lightweight Directory Access Protocol (LDAP). See LDAP

(Lightweight Directory Access Protocol)LILO boot loader, 148limits module, 866limits.conf file, 866link object, 203link src address, 208linking files, 105link-local IPv6 address, 180Linode, 8Linux

authentication, centralized, 808–817distributions, 3–8files

copying, 100–103deleting, 104editing, 105–107links, 92–95moving and renaming, 103–104overview, 80–85reading, 95–98

INDEX 1037

searching, 98–100types and permissions, 85–92

getting help, 75–77hardware, 8installing

LiveCDs, 12overview, 11–12Red Hat, 13, 42troubleshooting, 60–61Ubuntu, 42, 60virtual machines, 12–13

logging in, 64–66vs. Microsoft Windows, 66–72mounting Samba shares on, 581overview, 3, 63packages, 79remote access, 73–75services and processes, 79shutting down and rebooting host, 169software, 9support, 9–10users and groups, 77

Linux Standard Base (LSB), 82Linux-image packages, 323list available option, 291list option, 290, 943--list option, 162, 299, 972list updates option, 291Listen directive, 553ListenAddress directive, 436listen-on-v6 option, 403LiveCDs, 12, 63ln command, 92, 105, 530lo setting, 568load printers directive, 572LoadModule directive, 532local facility, 874local option, 695local0-local7 facility, 875LocalForward directive, 439localhost hostname, 262localhost interface, 559localinstall option, 291LocalityName attribute, 762local-link network, 207local-service template, 915–916localtime parameter, 1005lock file, 519log analysis, 883log correlation

overview, 883–884Simple Event Correlator (SEC)

installing, 886running, 886–890troubleshooting, 899using, 890–899

log management, 881–883-log option, 887log rotation, 881–883LOG target, 228log_archive_path option, 904log_bin variable, 540log_file option, 904

log_rotation_method option, 904log-append option, 675logd daemon, 168log-facility, 421logfile command, 795logger command, 880logging

log correlation, 883–884Simple Event Correlator (SEC), 884–899syslog

actions, 876–877combining multiple selectors, 877–878facilities, 874–875overview, 872–874priorities, 876

syslog daemonconfiguring, 878–880starting, 878–880

testing with logger utility, 880logging in, 64–66, 109–110Logging tab, 523logical volume management (LVM)

expanding logical volume, 373–374groups and volumes, 370–373managing via GUI, 375–380shrinking logical volume, 374

login application, 109LOGIN authentication, 480, 485login file, 137loglevel command, 795LogLevel directive, 824Loglevel setting, 771, 829logon script directive, 570logonly action, 898logrotate command, 881, 883logrotate man file, 881logrotate.conf file, 882–883logrotate.d directory, 881–882logs, monitoring, 834long term support (LTS), 7$LONGDATETIME$$ macro, 912lost+found directory, 353, 382Lotus Domino, 698lpr facility, 875ls command, 76, 77, 83, 334ls /dev/usblp file, 611LS_COLORS variable, 130LSB (Linux Standard Base), 82lsof command, 354, 844LTS (long term support), 7lvcreate command, 372, 374lvdisplay / lvs command, 374lvdisplay command, 371lvextend command, 373–374LVM (logical volume management). See logical volume

management (LVM)lvreduce command, 374lvremove command, 374lvs command, 371

M-m 0 option, 346

INDEX1038

-M days option, 125-m days option, 125m limit -limit 3/s file, 254-m mins option, 878-m N option, 349-m option, 113, 833-M option, 113, 124m tcp command, 259MAC (mandatory access control), 34MAC (Media Access Control) address, 180maddress object, 203magnetic tapes, 624mail address option, 882mail clients, 499–500mail command, 457, 459Mail Delivery Agents (MDAs), 443mail facility, 874–875MAIL FROM command, 446mail services

authentication, 476–485Dovecot, 507–515encryption, 465–466, 474–476IMAP, 506–507life cycle, 444–448overview, 443POP3, 506–507Postfix, 449–464, 487spam, 488–490, 495–500virtual domains and users, 515viruses, 488, 500–506

Mail Transfer Agents (MTAs), 443Mail Transport Agent Switcher, 450Mail User Agents (MUAs), 443MAIL variable, 130mailbox format, Postfix, 461–464mailbox_command option, 462, 464, 496, 497mailcommand command, 650Maildir directory, 461–462Maildir mailboxes, 508Maildir/.Spam folder, 499maildrop command, 462, 497–498, 505maildrop MDA, 495–499maildrop package, 463.mailfilter file, 505mail.info file, 874maillog file, 874mail.log file, 874MAILTO variable, 170main.cf configuration file, 454–455, 460, 475, 482, 488, 496maintenance mode, 151major number, 334make command, 81, 330–331make gconfig command, 865make menuconfig command, 865make test commands, 103make xconfig command, 865Makefile command, 331maldirmake command, 464man page, 75, 84, 181, 296, 470, 483, 570, 695, 790, 886manage access privileges, 778manage mode, 368Management Information Bases (MIBs), 849

mandatory access control (MAC), 34mangle table, 224manifests, 968Manual option, 49mapped network drive, 564mark command, 657mark facility, 875, 878mark message, 878MASQUERADE chain, 259MASQUERADE target, 228master boot record (MBR), 22, 146master browser, 570master configuration, 420master daemon, 78Master field, 406MASTER option, 196master.cf file, 453, 491masters, Puppet, 965Max Number of Connections box, 520max_check_attempts attribute, 907–908, 916Maximum Volume Bytes limit, 648mbox format, 459MBR (master boot record), 22, 146MDAs (Mail Delivery Agents), 443mechanisms service, 479Media Access Control (MAC) address, 180/media/ directory, 82/media/cdrom directory, 950members attribute, 910memory parameter, 1005memory use

CPU and, 834–844Gnome System Monitor, 838–844overview, 834–838

performance monitoring, 832–834memtest86 utility, 44menu.lst file, 149mess command, 655meta users, 781MIBs (Management Information Bases), 849Microsoft Active Directory (AD) file, 565Microsoft Exchange server, 740Microsoft Windows, 564. See also Windows operating

systemMicrosoft Windows Recovery Console, 151miimon command, 198mini.iso file, 947, 1014minor number, 334--mirror option, 939mirroring, 360–361MISSING statement, 704missingok option, 882mkdir command, 102, 464, 496, 526mkfs.ext3 utility, 345–346mkfs.jfs utility, 350mkfs.vfat format, 352mkfs.vfat utility, 351mkfs.xfs tool, 349–350mkntfs tool, 352mkswap command, 344/mnt directory, 82, 352

INDEX 1039

/mnt/data file, 352, 354mobile connections, OpenVPN, 687–695mobileclient.conf file, 690, 694mobile.conf configuration file, 688, 692, 695mobileuser.conf file, 672mod_ssl package, 550mode option, 481mods-enabled/*.load file, 529modulepath /usr/lib/ldap file, 771modules

Apache web server, 532–533Puppet, 985

monitoringNagios

configuring, 903–921console, 921–928installing, 901–902starting, 902troubleshooting, 928

overview, 871, 899Monitoring Overview screen, 926monthly option, 881more command, 321mount command, 353, 357, 581, 589, 655, 869moving files, 103–104mroute object, 203MTAs (Mail Transfer Agents), 443mtime, defined, 94mtr command, 211, 213–214MTU option, 180MUAs (Mail User Agents), 443multiboot loader, 148Multiuser mode, 154mv command, 101, 104MX records, 447, 703My Documents folder/directory, 70, 573mydb database, 541, 543mydestination option, 455–456, 482myfile file, 88, 93mynetworks option, 456, 476, 482MyROGroup group, 848–849MySQL database

basic administration, 541–543basic tuning for InnoDB, 537–540installation, 534–536testing server, 537

MySQL database server, 517MySQL installation, 56mysql_backup script, 658mysql_secure_installation utility, 535mysqladmin command, 535mysqld daemon, 78mysql-server package, 534

N\n code, 131-n option, 167, 352, 866-N option, 227Nagios

configuringhost configuration, 905–913nagios.cfg file, 904–905

plug-ins, 920–921service configuration, 914–920

consoleauthentication, 921–925functions, 926–928

package, installing, 901–902overview, 899–901starting, 902troubleshooting, 928

/nagios directory, 921nagios script, 902name attribute, 907, 980name option, 294--name option, 939name parameter, 1005Name-based virtual hosting, 519named daemon, 140named.conf.options file, 402nameservers command, 221NAT (network address translation), 225nat chain, 259nat table, 258–259, 561NBDD address option, 694nc command, 211, 218, 457, 483Negative Cache TTL field, 401, 406neighbour object, 203net directory, 867netbios name option, 568netboot directory, 947netboot.tar.gz file, 947netcat, 218–219Netfilter

chains, 224default firewall rules on Red Hat hosts, 233–239iptables, 227–233network address translation (NAT), 225overview, 222–224policies, 225tables, 224

netlogon directory, 570[netlogon] share service, 570–573NETMASK option, 196netmask parameter, 201NETRX parameter, 1010NETS parameter, 1010net-snmp package, 847net-snmp-utils package, 847netstat command, 218, 222netstat -ltup command, 568NETTX parameter, 1010network address translation (NAT), 225Network authentication, 40network backups, 624–625network booting host, Ubuntu, 951–952network configuration files, 194–205network configuration, Kickstart, 957network configuration, Preseed, 957Network Configuration tool, 190–191Network File System (NFS), 563–564, 587–589Network ID button, 576Network Identification Wizard, 576Network Information Center (NIC), 394

INDEX1040

network interface, 179network interface card (NIC), 252network mount, 588NETWORK option, 196network option, 957Network Time Protocol (NTP), 35, 257, 389–394network_config snippet, 958network-admin command, 193network-functions scripts, 195networking, 1011–1012network-manager-openvn Package (Gnome), 692networks

example, 239–249Firewall Configuration Tools, 264–265forwarding packets, 205–211interfaces, 179–182, 194Netfilter

chains, 224default firewall rules on Red Hat hosts, 233–239iptables, 227–233network address translation (NAT), 225overview, 222–224policies, 225tables, 224

network configuration files, 194, 202–205overview, 175–179routes, adding, 205–211TCP Wrappers, 265–266troubleshooting, 211–222

New button, 190NEW connection, 238new directory, 461NEW state, 257, 263new subdirectory, 461new_vhost definition, 984newaliases command, 460newcerts directory, 470newfile file, 105-newkey rsa:4096 option, 469news facility, 875next_server file, 934$next_server option, 936next-server option, 936–937, 946NFS (Network File System), 563–564, 587–589nfs-kernel-server package, 588nfs-utils package, 588NI column header, 835NIC (Network Information Center), 394NIC (network interface card), 252-j LOG target, 262nmap command, 305, 313, 316, 326, 331, 675nmap package, 277, 279, 292, 300, 311nmbd service, 569No Reverse Lookup, 523no_subtree_check option, 588noatime option, 869nobody option, 675--no-daemonize option, 971node directive, 973--nodeps option, 300nodes, 965

nodes directory, 968-nodes option, 469-nodetach option, 890-nofromstart option, 889nogroup option, 675, 682nomail option, 882nomissingok option, 882nomodify keyword, 392noncommercial certificate authorities, 466–467none access privileges, 778none action, 898none wildcard selector, 875noninteractive mode, 308–309--noop option, 976nopeer keyword, 392noquery keyword, 392-noquoting option, 889normal_check_interval attribute, 915--noscripts option, 300NOT FOUND statement, 704-notail option, 889-notestonly option, 890notice function, 985notice priority, 876notification_interval attribute, 910notification_options attribute, 910$NOTIFICATIONTYPE$ macro, 912notify metaparameter, 982notrap keyword, 392Novell Groupwise, 698Novell Virtualization Driver Pack, 991now/knowledgetree_open_source_download command,

591NPerlFunc pattern, 892-r argument, 169NRegExp[number] pattern, 892nslookup utility, 397nss_ldap file, 785nsswitch.conf files, 818NSubStr[number] pattern, 892-t: 5 argument, 169ntfsprogs package, 352NTLM mechanism, 480NTP (Network Time Protocol), 35, 257,

389–394NTP address option, 694ntpdate utility, 390ntpq command, 393nullok argument, 136number portion, 892

O-O feat option, 349Object Identifier (OID), 776, 849objectIdentifierMatch rule, 793octal notation, 89OID (Object Identifier), 776, 849OK plug-in, 909on_crash parameter, 1005on_poweroff parameter, 1005

INDEX 1041

on_reboot parameter, 1005ONBOOT option, 196, 243ONBOOT variable, 199ONBOOT=yes protocol, 196–197--ondisk option, 959one-time passwords, 133, 477ONPARENT variable, 199open relays, 476OpenLDAP, 564openldap command, 773OpenLDAP directory, 761OpenSSH application, 73openssl-devel package, 330OpenVPN application

configuring, 672–684connections for mobile users, 687–695exposing head office resources with, 684–687installing, 671starting and stopping, 672troubleshooting, 695

openvpn command, 675OpenVZ Virtual Machines

overview, 992virtualization with

Basic OpenVZ Virtual Machine Management, 1024creating OpenVZ Virtual Machines, 1021–1023installation, 1020–1021overview, 1019–1020

OpenXchange, 698$operatingsystem fact, 979–980operatorcommand command, 650opportunistic TLS, 475/opt directory, 82, 701optional control flag, 136Optional packages button, 29options field, 869OPTIONS line, 946Options rule, 895Order directive, 529organizational units, 764organizationalUnit object class, 786$ORIGIN field, 406OTP mechanism, 480ou attribute, 786ou=meta setting, 779our $CLAMD_SOCK command, 504-out option, 473OUTPUT chain, 224–225, 234, 255, 259–260--owner option, 959ownership, file, 92–93

P-p | --print-avail option, 321-P | --purge option, 321p esp protocol, 230p file type, 85-P option, 227-p option, 381, 464, 526, 537, 917p parameter, 880-p switch, 101p tcp command, 259

package managementcompiling software from source, 326–331Kickstart, 961overview, 267–269Preseed, 961Red Hat Linux, 269–271, 277–280, 290–295, 301tools, 4Ubuntu, 301–302, 312, 320–326

Package Manager, 270, 277–279, 769package resource, 974, 981package type, 974Package Updater program, 271–277packages, 4, 79, 267packages directory, 702Packet shaping, 222packets, forwarding, 205–211packet-sniffing software, 216PAE (Physical Address Extension), 1020Page Options tab, 521Pair rule type, 895PairWithWindow rule, 895–896PAM (Pluggable Authentication Modules). See Pluggable

Authentication Modules (PAM)panic argument, 232parameters syntax, 228paranoid name, 848paravirtualization, 990Paravirtualized option, 1015part directive/option, 955, 958parted utility, 342partitions

Kickstart, 958–960overview, 335–342Preseed, 958–960

partman key, 960partman/choose_recipe key, 960passdb backend = tdbsam setting, 570passdb backend package, 571passdb pam store, 480passwd command, 91, 112, 123, 126, 134, 1023passwd entries, 127passwd file, 128–129, 689password management group, 135password option, 284password policy overlay, LDAP, 793–794passwords, 123–126patch command, 888path = /var/spool/samba directive, 573path definition, 572path directive, 572$PATH variable, 73PATH variable, 130, 170paths, defined, 80pattern line, 892–893, 896–897pattern2 line, 896PDC (primary domain controller),

568PEERDNS option, 196PEERDNS=yes protocol, 196PEN (private enterprise number), 776people.ldif file, 786

INDEX1042

performance monitoringadvanced tools

CPU and memory use, 834–844disk access, 845–847swap space use, 844–845

continuousCacti, 850, 864overview, 847Simple Network Management Protocol (SNMP),

847–850CPU usage, 831–832disk space, 834logs, 834memory usage, 832–834

performance optimizationfile system tweaks, 869–870overview, 864–865resource limits, 865–867storage devices, 868sysctl and proc file system, 867–868

Performance tab, 524PerlFunc pattern, 892perl-libwww-perl package, 529Perl-Net-SNMP package, 902permissions, 86–92permit_mynetworks option, 482permit_sasl_authenticated option, 482persist-key option, 675persist-tun option, 675person object, 787PHP support, installing on Apache web server, 533php.ini file, 798Physical Address Extension (PAE), 1020physical volume (PV), 370PID (Process ID), 78PID column header, 835pid file, 519-pid option, 887-pid=pidfile option, 889pidfile attribute, 770ping command, 211, 212–213, 684ping connection, 208pipe daemon, 491pipelining, 489piping, 102pirut application, 277PLAIN command, 485PLAIN mechanism, 479, 480Pluggable Authentication Modules (PAM)

configuring, 133–137integrating LDAP, 817–820

plugin configuration option, 689plug-ins, Nagios, 920–921Point-to-Point Protocol (PPP). See PPP (Point-to-Point

Protocol)point-to-point VPN, 672policies, Netfilter, 225Pool = Full definition, 643Pool definition, 647pools, 637POP3 (Post Office Protocol), 443, 506–507popularity-contest utility, 318

port directive, 559port mapping, 251Port option, 436ports, defined, 74ports.conf file, 529posixGroup object class, 787POST (power-on self-test), 146Post Office Protocol (POP3), 443, 506–507postconf command, 455–456, 461, 478postconf -n command, 455post-down command, 232Postfix

configuration of, 453–457configuring, 474–476configuring for antispam, 488–490configuring for SASL, 482configuring for SpamAssassin, 491–492encryption, 465–466init script, 159installing, 449–452mailbox format, choosing, 461–464script, 158starting, 452–453testing, 457–460testing authentication, 483–485

Postfix TLS/SSL encryption, 476Postinstallalation Configuration Menu, Zimbra, 707–711postmap command, 486postmaster e-mail addresses, 726postrotate command, 883POSTROUTING chain, 224, 258post-up parameter, 201power-on self-test (POST), 146PPP (Point-to-Point Protocol)

configuring networks, 192connection

overview, 241xDSL setup, 241–249

ppp parameter, 200PPPoE connection, 178PR column header, 835Preboot Execution Environment (PXE), 932pre-down parameter, 201prerotate command, 883PREROUTING chain, 224, 258–259, 561pres index type, 774Preseed

disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956language, 955–956network configuration, 957overview, 953–955package management, 961partitions, 958–960time zone, 955–956user management, 956

preseed directive, 965preseeding, 931preshared keys, 675pre-up command, 232

INDEX 1043

primary domain controller (PDC), 568primary group, 92, 115print sharing

overview, 563printer servers, 609–610, 617, 619

printable directive, 572printcap name = cups line, 572printer management tools, 610–617printer servers

adding printers to desktop, 617–619CUPS, 609–617overview, 609

[printer] service, 572, 617[printers] section, 573printing group, 117priorities, syslog, 876private directory, 470–471private enterprise number (PEN), 776private keys, 433privileges, 542–543/proc directory, 82, 206/proc file, 367, 383, 842proc file system, 867–868/proc/cpuinfo file, 991Process ID (PID), 78processes, 79procmail command, 462, 495–497, 505.procmailrc file, 497–505/proc/mdstat file, 367–369, 384/proc/sys directory, 367, 867/proc/sys/dev/raid directory, 868/proc/sys/fs/file-max file, 868/proc/sys/net/ipv4/ip_forward file, 206/proc/sys/vm/swappiness file, 867profile, defined, 66.profile file, 130[profile] share service, 570profilename option, 284[profiles] directory, 573PROMPT option, 949PROMPTING section, 131proto udp option, 674protocols configuration option, 508provider, 974Provides keyword, 160provides option, 291provisioning

Kickstart and Preseedcomplete Kickstart configurations,

963–965disks, 958–960firewall, 957installation behavior, 961–962installation source, 955keyboard, 955–956Kickstart Configurator, 962–963language, 955–956network configuration, 957package management, 961partitions, 958–960postinstallation, 962preinstallation, 962

time zone, 955–956user management, 956

overview, 932with Red Hat Cobbler

building host with, 941–943configuring, 934–939installing, 933troubleshooting, 944using, 939–941web interface, 943

with Ubuntuconfiguring Apache for provisioning, 950DHCP server, 945–946firewall, 950installing boot files, 947installing packages, 944network booting host, 951–952PXE boot loader, 947–949specifying Kickstart file, 950–951TFTP server, 946troubleshooting network booting, 952–953

proxy, 704Proxy server, 37ps command, 78PS1 variable, 131pseudo-tty, 629PSTN (Public Switched Telephone Network) phone line,

186ptype2 line, 896public key encryption, 465public keys, 433Public Switched Telephone Network (PSTN) phone line,

186pup application, 272Puppet

configurationapplying, 975–977creating, 972–975documenting, 986specifying for multiple hosts, 977–980

configuring, 968–970file serving, 969–970firewall, 970starting server, 970

definitions, 983–984environments, 986external nodes, 986functions, 985installing, 967modules, 985overview, 965–967relating resources, 980–982reports, 985templates, 982–983troubleshooting, 986–987

puppetca binary, 971puppetca --sign --all command, 972puppet.conf configuration file, 970puppetd command, 970, 976[puppetd] section, 969puppet-master package, 967[puppetmasterd] section, 969puppets, 965

INDEX1044

$puppetserver variable, 968, 975purge option, 316--purge option, 326push option, 692–693put command, 681PuTTY client, 74PV (physical volume), 370pvcreate command, 370, 374pvdisplay command, 371, 374pvremove command, 374pvs command, 371pwd command, 80pwdAttribute attribute, 793PXE (Preboot Execution Environment), 932PXE boot loader, Ubuntu, 947–949pxelinux.0 file, 951pxelinux.cfg directory, 947–948python-cheetah package, 933

Q-q | --query option, 296qemu-img command, 1013query flag, 297query mode, 365--query option, 299QueryFile directive, 642querying

name serversdig utility, 397–400host utility, 397zone metadata, 400–401

packages with RPM, 296–299QuickAdd Appointment window, 753quiet setting, 152QUIT command, 446QUIT signal, 838-quoting option, 889

R-r | --remove option, 321-r N option, 349r now command, 384-r option, 117-r switch, 101Rackspace, 8RAID (Redundant Array of Inexpensive Disks)

controller, 335creating array, 362–369overview, 359–360processor to rescue, 361–362RAID 1 redundancy, 361RAID level 5, 361striping and mirroring, 360–361

range directive, 422range file, 199raw table, 224rc status code, 322rc script, 157RCPT TO command, 446, 482rc.sysinit script, 155RDN (relative distinguished name), 762RDP (Remote Desktop Protocol), 73

read access privileges, 778read_buffer_size variable, 540read_rnd_buffer_size variable, 540readonly directive, 572readonly security name, 848reboot command, 384reboot directive, 962reboot entry, 143reboot program, 169recipes, 497${recipient} option, 492Recycle = Yes setting, 649Recycle Oldest Volume = Yes setting, 649Red Hat

configuring network interfaces from GUI, 182–192default firewall rules, 233–239installation and configuration of Apache web server,

518–527installing Cacti on, 852–854installing LDAP, 769installing Linux, 13, 42installing MySQL database, 534–536installing Nagios on, 901–902installing Postfix, 449–451installing Puppet on, 967network configuration files for, 194overview, 158–160package management, 269–271, 277–280, 290–295, 301running Simple Event Correlator (SEC) on, 887–888slave servers, adding, 417–419starting and stopping running services, 163–164starting and stopping services at boot and shutdown,

160–163using system-config-bind tool on, 410–417webmail, 550–552xDSL setup using GUI, 245

Red Hat Cobblerbuilding host with, 941–943configuring

DHCP, 934–938overview, 934starting, 938TFTP, 938–939

installing, 933troubleshooting, 944using, 939–941web interface, 943

Red Hat Enterprise Linux (RHEL), 4–5, 11, 149Red Hat Network (RHN), 33, 280–290Red Hat Package Management (RPM)

building from source, 301installing packages, 299–300overview, 295–296querying packages, 296–299removing packages, 300

Redundant Array of Inexpensive Disks (RAID). See RAID (Redundant Array of Inexpensive Disks)

Refresh field, 406regex style, 779RegExp pattern types, 892RegExp[number] pattern, 892region-city-OS type-number, 25register attribute, 912

INDEX 1045

registrars, 396regular expressions, 885REJECT rule, 225, 262, 580REJECT target, 237reject_unauth_destination option, 482reject_unknown_sender_domain option, 489RELATED chain, 262RELATED packet state, 254RELATED state, 238realtime option, 356relationships, 980relative distinguished name (RDN), 762relay_domains option, 482relayhost configuration option, 486$releasever variable, 295remote access, 73–75Remote Desktop Protocol (RDP), 73remote option, 682RemoteForward directive, 439remove command, 941, 943remove option, 167, 291, 293removing

packages, 292–293, 300, 309–310, 325–326software, 316

renaming files, 103–104renice utility, 838[repo-id] option, 294report option, 939, 943Report Reference, 987reports, Puppet, 985repositories, 292, 316–319require metaparameter, 981Require valid-user command, 532required control flag, 136requisite control flag, 136RES column header, 835resize2fs utility, 373resolv.conf file, 219resource limits, 865–867resource_file option, 904, 908resource.cfg file, 908restart argument, 608restore command, 655Restore type, 642restrict keyword, 392Retry field, 406retry_check_interval attribute, 915Reverse DNS Lookup option, 523reverse lookup zones, 408–410reverse proxy, 558rewrite module, 533RHEL (Red Hat Enterprise Linux), 4–5, 11, 61, 149RHEL installation section, 55rhgb setting, 152RHN (Red Hat Network), 33, 280–290RHN Proxy server, 280RHN Satellite server, 280rhnreg_ks command, 284rm command, 101, 104rm -I shell, 132rndc reload command, 410

root access, 34root certificate, 465root column, 171root directory, 80/root directory, 82, 132, 473root group, 92root option, 150root partition, 49root privileges, 193, 227, 290root servers, 394–396, 541root user, 53, 79, 88, 127–128, 137, 139, 460, 538, 542, 576,

812, 867, 964root user password, 27, 534, 596root user privileges, 703root volume, 22root zone, 394root_squash option, 588/root/anaconda-ks.cfg file, 955rootdn command, 773rootpw command, 773rootpw directive, 955–956, 965rotate count option, 882route object, 203Route tab, 191routed VPN, 674route-eth0 file, 192router, 210router option, 422routes, 182, 205–211routing, OpenVPN, 685–686, 692–695RPM (Red Hat Package Management). See Red Hat

Package Management (RPM)rpm command, 295–296, 300rpm --install --verbose --hash command,

299rpm package, 268rpm -ql package, 853rpm tool, 269, 296,rp-pppoe package, 241rsync

overview, 625–626using with SSH, 626–636

rule object, 203run command, 655RUN_DAEMON option, 888, 946runinterval option, 977runlevel command, 156runlevels, 154, 156running services, 163–164run-parts option, 171

S-S | --search option, 321S column header, 835s file type, 85-s option, 358, 788, 946-s shell option, 113–115-s sub option, 791-s switch, 93Safe_ports interface, 559safe-upgrade package, 311

INDEX1046

Sales directory, 565, 573, 604, 606sales folder, 746sales group, 110[sales] share service, 572–573Salesforce.com, 749Samba

adding printers to desktop, 617–619file sharing with, 563–564, 575–576, 580–587product suite, 625

samba-common package, 565SASL (Simple Authentication and Security Layer)

configuring Dovecot for, 478–482configuring Postfix for, 482overview, 477–478

Satellite server, 37save argument, 232/sbin/ directory, 82/sbin/init tool, 154/sbin/ip addr show command, 198/sbin/ip link set up eth0 file, 204/sbin/nologin file, 126, 128Scalix, 698Schedule resource, 643schema, 764schema directory, 775schemas, LDAP, 775–778scope setting, 819scp command, 680SCSI (Small Computer System Interface), 334/scsi file, 335sd prefix, 334sda disk, 337sda prefix, 334sdb command, 363sdb disk, 337sdb1 disk, 384search access privileges, 778search option, 290–291SEC (Simple Event Correlator)

installing, 886overview, 884–885running, 886–890troubleshooting, 899using, 890–899

sec binary, 886sec daemon, 888sec package, 886, 888SEC_ARGS line, 887sec.default file, 888sec.init file, 888sec.pl script, 886--secret option, 676secret.key file, 676Secure, 508Secure Shell daemon, 78Secure Shell (SSH). See SSH (Secure Shell)security = user setting, 570self keyword, 781self write access, 781self-managed certificate authorities, 467self-signed certificates, 467SELinux, 34

selinux --disabled option, 957send host-name option, 431Sendmail, 449sendmail command, 492Sent folder, 463, 716Serial field, 406serial file, 470–471server file, 934Server header, 529Server Message Block (SMB), 564server option, 675server string option, 568Server tab, 519ServerAdmin class, 553ServerAlias directives, 530ServerName class, 553ServerName tag, 530SERVERS alias, 141Servers tab, 29ServerSignature On directive causes, 529ServerTokens class, 529service command, 164, 173, 481, 490, 527, 535, 576, 617,

672, 970service configuration

Nagios, 914–920overview, 914–917simple remote monitoring, 917–920

Service Detail links, 926service iptables status command, 234service job definition, 168service resource, 980–981service_description attribute, 914service_notification attribute, 911services, 79, 168

managing, 156–158, 164–169scheduling with cron, 173shutting down and rebooting your Linux host, 169

session management group, 135set_cachesize setting, 774sftp command, 680shadow file, 128shadow passwords, 128shadowLastChange attribute, 780shared column, 833shared mode package, 573sharedscripts command, 882, 883SHELL option, 114, 131, 170shellcmd action, 898shellcmd command, 896, 898shorewall package, 265Should-Start keyword, 160Should-Stop keyword, 160showmount command, 588SHR column header, 835shutdown command, 169shutdown directive, 962Shuttleworth, Mark, 5si column, 845--sign option, 972Simple Authentication and Security Layer (SASL). See SASL

(Simple Authentication and Security Layer)

INDEX 1047

Simple Event Correlator (SEC). See SEC (Simple Event Correlator)

Simple Mail Transfer Protocol (SMTP), 443Simple Network Management Protocol (SNMP), 705,

847–850simple_bind operations, 772Single rule, 891single setting, 152single-user mode, 151site.pp file, 968, 975sites-enabled directory, 529size size[M,k] option, 882SKEL option, 114SKEY mechanism, 480--skip option, 961–962slapacl command, 794slapacl tool, 794–795slapadd command, 797slapcat command, 796slappasswd command, 773SLAVE option, 196slave servers

defined, 406Red Hat, 417–419Ubuntu, 419–420

Small Computer System Interface (SCSI), 334smarthost, 486SMB (Server Message Block), 564smb.conf files, 565, 573smb.conf workgroup definition, 578smbfs package, 581smbldap-tools package, 571smbldap-useradd script, 571smbpasswd option, 570, 575SMTP (Simple Mail Transfer Protocol), 443SMTP AUTH, 477–478smtp service, 454, 491SNMP (Simple Network Management Protocol), 705,

847–850snmp package, 847snmpconf configuration wizard, 850snmpd command, 849snmpd package, 847SNMPDOPTS variable, 847snmpwalk utility, 860Snumber prefix, 158so column, 845SOA (Start of Authority), 400, 406socket directive, 481sockets, 214soft state, 916software, 9Software Development, 28SOHO routers, 186solid-state drive (SSD), 344sort command, 103source attribute, 974, 979, 982source value, 975SourceForge Bacula page, 638SourceForge site, 885Spacewalk, 37, 933

spamconfiguring Postfix for antispam, 488–490moving to special folder, 495–500

SpamAssassinconfiguring, 502configuring Postfix for, 491–492help resources, 494–495overview, 490testing, 492–494testing with ClamAV, 504–505

spamassassin command, 495spamassassin daemon, 491spamassassin filter, 491spamassassin package, 490spamc command, 491spamc package, 490spamd daemon, 490sparse_super option, 870spawn shellcmd action, 898spec file, 269speed, 864splash.xpm.gz file, 150SPT port, 262Squid cache

client configuration, 560–561configuration, 558, 560transparency, 561–562

squid package, 558SquirrelMail, 554–556src directive, 559/srv/ directory, 82SSD (solid-state drive), 344ssf command, 772SSH (Secure Shell)

agent, 435–436configuration, 436–439keys, creating and distributing, 434–435overview, 433remote access using, 73–75secure file transfers, 439–440service, 389SSH agent, 435–436using rsync with, 626–636

ssh class, 981ssh command, 74.ssh directory, 918ssh mechanism, 625ssh_limiter.sh script, 629, 632$SSH_ORIGINAL_COMMAND variable, 628–629ssh/config file, 437, 633sshd daemon, 78, 157ssh-keygen, 434, 627, 918SSL Certificate

securing KnowledgeTree DMS with, 608–609Zimbra, 732–738

SSL tab, 522SSL VPN application, 671ssl_cert_file option, 508ssl_key_file option, 508SSLEngine on directive, 553start argument, 608Start of Authority (SOA), 400, 406

INDEX1048

start option, 165, 167STARTTLS command, 476, 482, 485startup, 145–148

BIOS, 145–146boot loader, 146–148after booting, 153–156GRUB boot loader, 148–153Nagios, 902OpenVPN, 672operating system, 148Red Hat Cobbler, 938

stat client command, 655stat dir command, 654–655stat storage command, 655stateful firewall, 223stateless autoconfiguration, 180stateless packet-filtering firewall, 223static addresses, 24static lease assignments, 423–425static VPN, 672statistics reporting, 391statistics-file, 405statsdir option, 391status all command, 654status argument, 232status option, 675stop argument, 608stop on configuration, 169stop option, 165, 167, 782Storage Clustering, 28Storage configuration file, 651Storage daemon, 636Storage definition, 647storage devices, 868storage management

devices, 333–335file systems, 342–352logical volume management (LVM), 370–380partitions, 335–342RAID, 359–369using file system, 352–359

Storage resource, 643strata, 390striping, 360–361STRUCTURAL object, 777su command, 92, 109, 918sub index type, 774submission service, 454subnet directive, 946subnetting, 191substitute user, 137SubStr pattern type, 892SubStr[number] pattern, 892subtree attribute, 782subtree_check option, 588sudoers file, 139–140, 142, 975sufficient directive, 135–136, 818suffix command, 773sunrpc directory, 867SUP top class, 776supplementary groups, 92, 115Suppress rule, 895, 897

swaks command, 483, 492, 504swap group, 845swap space use, 844–845swap volume, 22swapon command, 344switch user, 137switches, 76, 176SymLinksIfOwnerMatch option, 524SYN packet, 217Synaptic

adding software, 313–315managing repositories, 316–318overview, 312–313removing software, 316Update Manager, 319–320updating repositories, 318–319upgrading repositories, 318–319

/sys file system, 610, 842syscontact variable, 850sysctl and proc file system, 867–868sysctl command, 868sysctl fs.file-max command, 868sysctl -p command, 206, 868sysctl parameters, 1020sysctl utility, 868sysctl vm.swappiness file, 867sysctl.conf file, 206sysklogd init script, 878syslocation variable, 850syslog

actions, 876–877combining multiple selectors, 877–878facilities, 874–875overview, 872–874priorities, 876

syslog communications protocol, 872syslog daemon, 128, 514, 871, 878–880, 883syslog facility, 875syslog init script, 878syslog.conf file, 872, 874, 877syslogd daemons, 876, 879system command, 943system cron jobs, 170System Events Pending page, 288System Monitor Preferences dialog, 842System Settings tab, 17System Software Errata page, 289system view, 849system-auth default PAM authentication file, 689system-auth file, 134–135system-auth-config utility, 769SystemImager tool, 636

T\T code, 131-t dsa option, 918t filter -A INPUT chain, 231-t filter option, 229-t type option, 221tables, Netfilter, 224tail command, 453, 611-tail option, 889

INDEX 1049

TakeNext option, 891tar application, 327tarball, 327target, 223tasks, 168, 170TCP (Transmission Control Protocol), 223tcpdump command, 211, 216–218, 477, 675, 944, 952TCP/IP, 214–216tdbsam option, 570teamed interface, 179technical support, 7telinit commands, 156, 158telnet command, 219, 222template function, 982, 985templates, Puppet, 982–983TERM signal, 838terminal emulator, 68Test memory option, 44--test option, 300testing

configurations using iptools2, 202–205Dovecot, 509–514logging with logger, 880OpenVPN tunnel, 682–684Postfix, 457–460Postfix authentication, 483–485SpamAssassin, 492–494SpamAssassin with ClamAV, 504–505

-testonly option, 890text-based installation mechanism, 14TFTP (Trivial File Transfer Protocol)

Red Hat Cobbler, 938–939Ubuntu, 946

tftp service, 938tftpd service, 946tftpd-hpa package, 946tftp-hpa package, 946thresh option, 894thunderbird package, 509time command, 893time to live (TTL), 210, 399time zone, 955–956TIME+ column header, 835TIMEOUT options, 949timeperiod_name attribute, 908timezone directive, 955title option, 150$title variable, 984TLDs (top-level domains), 394TLS (Transport Layer Security)

configuring email, 448configuring Postfix for, 474–476overview, 465–466

-tls option, 485TLS_REQCERT field, 785TLSVerifyClient class, 772tmp/test_sync.txt file, 631to_localhost interface, 559to-destination parameter, 562tokens, 133tool-threads directive, 772top command, 78, 832, 834, 1010

top object class, 787top-level domains (TLDs), 394.toprc file, 837Torvalds, Linus, 3touch command, 106traceroute tool, 213Transmission Control Protocol (TCP), 223transparency, Squid cache, 561–562transparent proxy, 561Transport Layer Security (TLS). See TLS (Transport Layer

Security)Trivial File Transfer Protocol (TFTP). See TFTP (Trivial

File Transfer Protocol)troubleshooting

Dovecot, 514Linux installations, 60–61Nagios, 928OpenVPN, 695Puppet, 986–987Red Hat Cobbler, 944Simple Event Correlator (SEC), 899Ubuntu network booting, 952–953

troubleshooting networksdig, 219–221miscellaneous tools, 222mtr, 213–214netcat, 218–219overview, 211ping, 212–213tcpdump, 216–218TCP/IP, 214–216

trunk device, 197try_first_pass module, 136tshark command, 944, 952–953TTL (time to live), 210, 399$TTL field, 406tune2fs -e command, 356tune2fs utility, 347tunnel, OpenVPN, 682–684tunnel object, 203Tunnelblick, 692tunneldown.sh script, 694tunneling, SSH, 438–439tunnels, 669tunnelup.sh script, 694type field, 960-type option, 100Type Reference, 987TYPE=Ethernet protocol, 196types, 974

U-U | --upgrade option, 296-u ldap -g ldap option, 783-u openldap option, 783-u option, 537, 866-U option, 788-u user option, 142\u username, 131-u username -e option, 173-u username option, 173Ubuntu class, 979–980

INDEX1050

Ubuntu Serverconfiguring Apache for provisioning, 950configuring network interfaces from GUI, 192–194DHCP server, 945–946distributions, 5–6firewall, 950installation and configuration of Apache web server,

527–530installing as guest operating system, 1013–1014installing boot files, 947installing Cacti on, 850–852installing LDAP, 769installing Linux, 42, 60installing MySQL database, 536installing Nagios on, 902installing packages, 944installing Postfix, 452installing Puppet on, 967managing services, 164–168network booting host, 951–952network configuration files for, 202overview, 944package management, 301–302, 312, 320–326password, 66PXE boot loader, 947–949running Simple Event Correlator (SEC) on,

888–889slave servers, adding, 419–420specifying Kickstart file, 950–951TFTP server, 946troubleshooting network booting, 952–953Virtual Machines and, 1012webmail, 553xDSL setup using GUI, 248–249

udev service, 334, 357udevd daemon, 610udf DVD file system, 355UDP (User Datagram Protocol), 223ufs format, 560ufw service, 233UID (user ID), 116uid attributes, 787, 791UID_MAX range, 116UID_MIN range, 116ulimit command, 832, 865–866ulimit section, 866umask command, 91umount command, 353–354un status code, 322unalias command, 133uname -r command, 296UNATHORIZED COMMAND, 632unattended installation, 11Unauthenticated mode, 766uninit_bg option, 870uniq command, 103Universally Unique Identifiers (UUIDs), 345UNKNOWN status, 909unlimit attribute, 772unmount command, 655UNREACHABLE status, 909up command, 203

up state, 196Update Manager, 319–320update option, 290update volume command, 655update-rc.d command, 164, 166–168, 608updating

packages, 311–312repositories, 292, 318–319

UPG (user private group) scheme, 115upgrade directive, 954, 955upgrading repositories, 318–319Upstart, 168–169upstream RPMs, 301uptime command, 831URI field, 785url option, 951USB keys, 146Use Network Login button, 40use_syslog option, 904USER column header, 835User Datagram Protocol (UDP), 223user facility, 875user ID (UID), 116user management, 956user option, 481, 675, 689user private group (UPG) scheme, 115${USER} variable, 497$USER1$ macro, 914useradd command, 77, 110, 112–113, 116, 119, 139USERCTL option, 196USERCTL=no protocol, 196–197userdel command, 110, 118, 139, 325usermod command, 110–111, 116–117, 126username option, 284username-as-common-name option, 689Username/Password authentication, 766userPassword attribute, 767, 780, 793, 794users

adding, 786–791configuring shell and environment,

130–133controlling access to host, 133–137creating, 112–114default settings, 113–114deleting, 118–119disabling, 126groups and, 77groups and ownerships, 92–93managing via GUIs, 120–123passwords, 123–126privileges and, 542–543storing user data, 127–130and sudo command, 111–112, 137–144

users.ldif file, 790, 792user-space program, 223users.sh script, 725users.txt file, 720-useshadow value, 954uucp facility, 875, 876uuid parameter, 1005UUIDs (Universally Unique Identifiers), 345

INDEX 1051

V-V | --verify option, 296-v option, 788, 883v parameter, 327valid users directive, 572valid users setting, 573value field, 960/var/ directory, 82variables

environment, 130–132substitutions, 570

vboxusers group, 993vcpus parameter, 1005VCS (version control system), 904verb option, 675--verbose option, 300, 971Verify type, 642version control system (VCS), 904vfb parameter, 1005vgcreate command, 372, 374vgdisplay command, 371, 374vgextend command, 371, 374vgreduce command, 372, 374vgremove command, 374vgs command, 371–372vif parameter, 1005vim command, 105vimtutor command, 106VIRT column header, 835virt-manager command, 999virt-manager interface, 1014, 1019virtual appliances, 13virtual domains, 515virtual facilities, 159Virtual Host Name, 521Virtual Host Properties dialog, 520, 524virtual hosting, 519Virtual Hosts tab, 524Virtual Machine Manager, 999, 1006–1007Virtual Machines

creating with VirtualBox, 994–998installing with KVM

installing Ubuntu Server as Guest Operating System, 1013–1014

installing Windows as Guest Operating System, 1012–1013

managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012

installing with Xenautomatically starting, 1010–1011creating, 999–1005managing with the xm Comman, 1007–1010managing with Virtual Machine Manager,

1006–1007preparing computer for Xen usage, 998–999

LiveCDs and, 12–13Virtual Network Computing (VNC), 73virtual private networks (VPNs), 669, 696

example, 669–670OpenVPN, 671–672, 684–687, 695

virtual users, 515VirtualBox

creating Virtual Machines with, 994–998installing, 993

VirtualBox command, 994VirtualHost tag, 530, 550, 553<VirtualHost> tag, 801, 822virtualization

installing Virtual Machines with KVMinstalling Ubuntu Server as Guest Operating

System, 1013–1014installing Windows as Guest Operating System,

1012–1013managing with Virtual Manager, 1014–1019networking, 1011–1012setting up on Ubuntu Server, 1012

installing Virtual Machines with Xenautomatically starting, 1010–1011creating, 999–1005managing with the xm Command, 1007–1010managing with Virtual Machine Manager,

1006–1007preparing computer for Xen usage, 998–999

OpenVZBasic OpenVZ Virtual Machine Management, 1024creating OpenVZ Virtual Machines, 1021–1023installation, 1020–1021

software, 13solutions

KVM, 992OpenVZ, 992VirtualBox, 989VMware, 990Xen, 990–992

VirtualBoxcreating Virtual Machines with, 994–998installing, 993

virtual-manager interface, 1014viruses

ClamAV, 500–506moving infected e-mail to special folder, 505overview, 488, 500SpamAssassin, 502–505

visudo command, 111, 138–139vm directory, 867vmstat command, 835, 844–845, 846VMware, 12, 990VNC (Virtual Network Computing), 73Volume Retention, 649volumes, 370–373VPN networks, 177VPNs (virtual private networks). See virtual private

networks (VPNs)VRFY command, 490--vv option, 300vzctl command, 1021vzctl enter command, 1023vzlist -a command, 1024

W-W days option, 125-W option, 788

INDEX1052

-w option, 868, 909wa column, 845--waitforcert option, 971WARNING plug-in, 909warning priority, 876WARNING status, 909, 915, 919wc command, 103web accelerator, 558web services, Squid cache, 558–562webadmin attribute, 780–781webadmin user, 781Webex Zimlet, 749webmail

configuring SquirrelMail, 554–556overview, 549–550Red Hat, 550–552Ubuntu, 553

websites, installing, 543–544, 549, 556–557weekly option, 881wget command, 299, 327, 702, 1020wget utility, 326, 544whatis command, 76wheel group, 142who command, 143whois tool, 395–396wiki user, 720Windows operating system

installing as guest operating system, 1012–1013vs. Linux, 66–72

Windows Small Business Server, 176Windows XP host, 69windows.img file, 1013Wine, 564WINS address option, 694Wireshark, 477workgroups, 567workhours time, 910writable directive, 572–573write access, 781–782write access privileges, 778write action, 894, 898write list directive, 572WWW (HTTP) option, 526www group, 544www-data directory, 546

X-X option, 227, 788-x option, 788X Window System, 15xDSL setup

using adsl-setup, 241–245using GUI, 245–249

Xeninstalling Virtual Machines with, 998–1011overview, 990–992

xendomains service, 1010XFS file systems, 349–352xfs_grow /srv/www command, 374xfsprogs package, 349xinetd package, 433xinetd service, 938xm <option> help element, 1007xm Command, 1007–1010

Y-Y option, 788Yum (Yellowdog Updater Modified)

additional tasks, 293configuring, 294–295installing packages, 291–292overview, 290–291removing packages, 292–293updating repositories, 292

yum command, 299, 450, 902yum property, 701

Z-Z option, 788Zimbra

adding new users, 719–725adding resources, 728–729adding SSL Certificate, 732–738adding Zimlets, 729–732Administration Console, 712–713, 741aliases and distribution lists, 725–728Class of Service, 713–719downloading and preparing the hosts, 702–703e-mail, 744–747firewall changes, 711–712Global Settings, 738–741installing, 703–706monitoring, 741–743Postinstallalation Configuration Menu, 707–711prerequisites, 701–702sharing folders, address books, documents, 749–757

Zimlets, 698, 717, 729–732, 747–749zmcontrol command, 711, 738zmprov command, 725zmtlsctl command, 737zombie, 836zone files, 406zones, defined, 394zoning

authoritative DNS servers, 406–407forward lookup zones, 407–408querying name servers, 400–401reverse lookup zones, 408–410

Date post:	11-Feb-2020
Category:	Documents
Upload:	others
View:	1 times
Download:	0 times