Documente Academic
Documente Profesional
Documente Cultură
3112
Novell Training Services www.novell.com
Part # 100-005271-001-REV A
Version 2
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents
or use of this documentation, and specifically disclaims any express or implied
warranties of merchantability or fitness for any particular purpose. Further,
Novell, Inc., reserves the right to revise this publication and to make changes to
its content, at any time, without obligation to notify any person or entity of such
revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any
software, and specifically disclaims any express or implied warranties of
merchantability or fitness for any particular purpose. Further, Novell, Inc.,
reserves the right to make changes to any and all parts of Novell software, at any
time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be
subject to U.S. export controls and the trade laws of other countries. You agree to
comply with all export control regulations and to obtain any required licenses or
classification to export, re-export or import deliverables. You agree not to export
or re-export to entities on the current U.S. export exclusion lists or to any
embargoed or terrorist countries as specified in the U.S. export laws. You agree
to not use deliverables for prohibited nuclear, missile, or chemical biological
weaponry end uses. See the Novell International Trade Services Web page (http:/
/www.novell.com/info/exports/) for more information on exporting Novell
software. Novell assumes no responsibility for your failure to obtain any
necessary export approvals.
Copyright © 2011 Novell, Inc. All rights reserved. No part of this publication
may be reproduced, photocopied, stored on a retrieval system, or transmitted
without the express written consent of the publisher.
Novell, Inc., has intellectual property rights relating to technology embodied in
the product that is described in this document. In particular, and without
limitation, these intellectual property rights may include one or more of the U.S.
patents listed on the Novell Legal Patents Web page (http://www.novell.com/
company/legal/patents/) and one or more additional patents or pending patent
applications in the U.S. and in other countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://
www.novell.com/company/legal/trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
Introduction 7
SECTION 1 Use the Linux Desktop and the Command Line Interface 9
SECTION 4 Administer SUSE Linux Enterprise Server 11 with the Command Line
Interface 37
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 3
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
4 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 5
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
6 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Introduction
This workbook is designed to help you practice the skills associated with Novell’s
Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 (Course
3112) objectives.
The purpose of these exercises is to teach you practical Linux skills, using SUSE
Linux Enterprise Server 11, and to prepare you for the LPI Level One Certification
exam.
NOTE: Instructions for setting up a self-study environment are in the 3112_setup.pdf on the Course
CD.
Before starting the exercises in this workbook, please review the following exercise
conventions.
Exercise Conventions
When working through an exercise, you will see conventions that indicate
information you need to enter that is specific to your server.
The following describes the most common conventions:
italicized text: This is refers to your unique situation, such as the hostname of
your server.
For example, supposing the hostname of your server is da50 and you see the
following
hostname.digitalairlines.com
You would enter
da50.digitalairlines.com
172.17.8.xx: This is the IP address that is assigned to your SUSE Linux
Enterprise Server 11.
For example, supposing your IP address is 172.17.8.50 and you see the following
172.17.8.xx
You would enter
172.17.8.50
Select: The word select is used in exercise steps with reference to menus where
you can choose between different entries, such as drop-down menus.
Enter and Type: The words enter and type have distinct meanings.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 7
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
The word enter means to type text in a field or at a command line and press the
Enter key when necessary. The word type means to type text without pressing the
Enter key.
If you are directed to type a value, make sure you do not press the Enter key or
you might activate a process that you are not ready to start.
Key combinations: Ctrl+Alt+F1 indicates that all three keys should be pressed
at the same time. Ctrl, Alt, F1 indicates that the three keys should be pressed and
released one after the other.
8 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 9
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: In later exercises you will use the root account - the root password is novell.
10 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
3. View the file system tree in the side panel by opening the menu at the top of the
side panel (labeled Places when Nautilus is started the first time).
4. From the menu, select Tree.
5. View the contents of the /etc directory by selecting the small triangle in front
of the File System entry in the side panel.
6. In the side panel, select etc.
7. Copy the /etc/DIR_COLORS file onto the desktop:
a. Scroll down to the DIR_COLORS file icon.
b. While holding the Ctrl key, drag the icon onto the desktop, then release the
mouse button.
8. Switch back to your home directory by selecting Home Folder in the side panel.
9. Move the DIR_COLORS file from the desktop into your home directory. Select
the DIR_COLORS file icon and drag it over the right frame of the Nautilus
window. Release the mouse button.
IMPORTANT: Notice there is no small plus at the mouse pointer while dragging the file,
indicating that you are moving a file.
10. Switch to the list of emblems by opening the menu at the top of the side panel
(labeled Tree now).
11. From the menu, select Emblems.
13. Drag the Important icon over the DIR_COLORS file icon in the right frame, and
release the mouse button.
14. Rename the copied file by right-clicking the DIR_COLORS file icon, and then
selecting Rename from the popup menu.
15. For the new filename, type example.txt, then press Enter.
16. Delete the example.txt file by dragging the file icon over the Trash icon on
the desktop and releasing the mouse button.
17. Close the Nautilus file manager window.
18. Right-click the Trash icon on the desktop, then select Empty Trash from the
pop-up menu.
19. In the confirmation dialog, select Empty Trash.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 11
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
12 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Do the following:
1. Log in as geeko and open a terminal window.
2. View the history cache by entering history.
3. Press the Up-arrow until you see a command you would like to execute, then
press Enter.
4. Type h and press Page Up once.
You should see the history command at the command line again.
5. Press Enter to execute the history command.
6. Switch to root by entering
su –
Then enter a password of novell.
7. Check to make sure you are logged in as root by entering id.
8. Start YaST by entering
yast2
YaST should start in GUI mode.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 13
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
exit
11. Move the cursor to the reference Quitting Info by pressing Tab nine times.
14 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
12. Write the output of the ls command on the screen and into the
home_directory file by entering the following:
ls ~ | tee home_directory
13. Remove the home_directory file by entering rm home_directory.
In this exercise, create a new vi_test file with the text editor vi. Then, edit the text
using the command mode of vi.
To enter a text, do the following:
1. Open a terminal window.
2. Start vi by entering vi.
3. Switch to the insert mode by typing i.
4. Type the following two paragraphs of text (press Enter at the end of each line):
Administrator training for SUSE Linux Enterprise Server 11 will be held
in Training Room 4 of Building B on Tuesday of next week.
Make sure you bring your SUSE Linux Enterprise Server 11 Administration
Manual. There will be wireless Internet access available in the training
room.
5. Exit the insert mode by pressing Esc.
6. Move the cursor to the middle of the second line of the first paragraph.
7. Delete text to the right of the cursor by typing D (uppercase d).
8. Undo the deletion by typing u.
9. Delete the character directly under the cursor by pressing Delete.
10. Copy the current line to the internal buffer by typing y twice.
11. Move the cursor to the beginning of the first line of the second paragraph.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 15
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
12. Insert the contents of the internal buffer after the current line by typing p.
16. Right-click the vi_test file on the desktop and select Open with gedit.
NOTE: Commands are case sensitive. Make sure you enter a capital “D” when typing the word
Desktop.
The same file opens, displaying the changes you made in gedit.
22. Enter :q and close the terminal window.
Do the following:
1. Open a terminal window and change to the ~/bin directory with the cd ~/
bin command.
2. Open the backup.sh file in vi by entering vi backup.sh.
3. Press i and enter the following text:
#!/bin/bash
#
# backup.sh
# Backup geeko’s home directory to /tmp using rsync
16 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Exercise 1-4 Use Command Line Tools to Work with Files and Directories
In this exercise, you use different tools to administer files and directories.
In Part I, you create an empty file and view the content of a file. Use the touch,
cat, less, head, and tail commands.
In Part II, you copy and move files with the cp and mv commands.
In Part III, you create a symbolic link to the ~/my_file file and a hardlink to the
~/my_file1 file with the ln command:
In Part IV, you use the whereis, which, and find commands.
head -n 5 /var/log/messages
11. View a continuously updated display of the last lines of the /var/log/
messages file by entering
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 17
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
tail -f /var/log/messages
12. Arrange the terminal windows on the desktop so that you can see the content of
both.
13. In the first terminal window you opened in Step 2, log in as root (su -), then
enter an invalid password (such as suse).
Notice that the failed login attempt is logged in the second terminal window.
14. In the first terminal window, log in as root (su -) with a password of novell.
17. Stop the tail process in the second terminal window by pressing Ctrl+c.
11. Move and rename the /tmp/rename file to ~/my_file2 by entering the
following:
mv /tmp/rename ~/my_file2
12. Verify that the my_file2 file exists by entering ls -l.
13. Copy the complete /bin/ directory to the home directory with the new
directory named my_dir by entering the following:
18 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
cp -r /bin ~/my_dir
14. Verify that the files were copied by entering ls -l ~/my_dir.
15. Create a directory named new_dir inside the my_dir directory by entering the
following:
mkdir ~/my_dir/new_dir
16. Verify that the directory was created by entering the following:
ls ~/my_dir
17. Create a directory geeko_dir, including a new directory empty_dir, by
entering the following:
mkdir -p ~/geeko_dir/empty_dir
18. Verify that geeko_dir was created by entering ls.
rmdir geeko_dir/empty_dir
22. Verify that the /empty_dir directory has been removed by entering ls
geeko_dir.
23. Remove the ~/geeko_dir directory by entering rmdir geeko_dir.
26. Verify that the file has been removed by entering ls ~/my_dir/login.
27. Remove all files with names that begin with “a” in the /home/geeko/
my_dir/ directory by entering the following:
rm -i ~/my_dir/a*
28. Confirm every warning by entering y.
31. Verify that the directory has been removed by entering ls ~/my_dir.
1. Enter the following to create a symbolic link to the my_file file in your home
directory:
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 19
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
ln -s ~/my_file softlink
2. Enter the following to create a hard link to the my_file1 file in your home
directory:
ln ~/my_file1 hardlink
3. Display the links by entering ls -l.
Notice that the symbolic link identifies the file it is linked to and that the link
counter is 2 on the my-file1 and hardlink files.
4. Close the terminal window.
5. From the terminal window command line, find all files in the home directory
whose names start with “my” by entering the following:
find ~ -name "my*"
6. Find all files in the /tmp/ directory that were changed or created in the last 24
hours by entering the following:
find /tmp -ctime -1 (the numeral one, not the letter “l”)
1. Find all HTML headings of hierarchy 2 in the /usr/share/doc/
packages/yast2-users/users.html file by entering the following (on
one line):
grep "<h2>" /usr/share/doc/packages/yast2-users/
users.html
The output may appear similar to this:
<h2>Features (SL9/3)</h2>
<h2>Implementation</h2>
<h2>The files</h2>
2. Find all locations in the HTML files of the /usr/share/doc/packages/
yast2-users/ directory that include the word “configuration” by entering the
following:
grep configuration /usr/share/doc/packages/yast2-
users/*.html
20 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
3. Find all locations in the HTML files of all “yast2” directories /usr/share/
doc/packages/yast2-*/ that include lines beginning with a number by
entering the following:
egrep "^[0-9]" /usr/share/doc/packages/yast2-*/*.html
4. Find all locations in the HTML files of all /usr/share/doc/packages/
yast2-*/ directories that include lines beginning with the letter “m” by
entering the following:
egrep "^[m]" /usr/share/doc/packages/yast2-*/*.html
5. Close the terminal window.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 21
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
TIP: If your time zone is already set to EDT, you should select a different time zone, such as
MDT.
5. Verify that the TZ environment variable was populated by entering env at the
shell prompt.
You should see that TZ is set to a value of EDT, as shown below:
geeko@da-host:~/> env
LESSKEY=/etc/lesskey.bin
ORBIT_SOCKETDIR=/tmp/orbit-geeko
INFODIR=/usr/local/info:/usr/share/info:/usr/info
NNTPSERVER=news
MANPATH=/usr/local/man:/usr/share/man
...
TZ=EDT
...
QT_IM_SWITCHER=imsw-multi
G_BROKEN_FILENAMES=1
COLORTERM=gnome-terminal
XAUTHORITY=/var/run/gdm/auth-for-geeko-t4AGzY/database
_=/usr/bin/env
6. Verify that the time zone has changed by entering date at the shell prompt.
You should see that the time zone has changed to the value you specified in the
TZ environment variable. An example is shown below:
geeko@da-host:~/> date
Thu Aug 5 20:08:13 EDT 2010
7. Reset the TZ variable back to its original time zone value.
(End of Exercise)
22 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 23
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
24 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: Although you can select any available language, the exercises in this manual are
written for English US.
8. In the License Agreement field, select I Agree to the License Terms, then click
Next.
9. In the Media Check screen, click Next.
Wait while the system hardware is probed.
10. In the Installation Mode dialog, select New Installation, then click Next.
11. In the Clock and Time Zone dialog, select your time zone.
13. Adjust the date and time to the correct parameters, if needed.
15. In the Server Base Scenario screen, select Physical Machine, then click Next.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 25
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
22. Under Patterns, scroll down to and select C/C++ Compiler and Tools.
Wait while the disk is partitioned and the packages are installed. This may take
up to 30 minutes to complete.
27. In the Password for the System Administrator “root” screen, enter novell in the
password fields.
28. Click Next.
29. When warned that the password is too simple, click Yes.
30. When warned that the password uses only lowercase letters, click Yes.
31. In the Hostname and Domain Name dialog, enter da1 in the Hostname field and
digitalairlines.com in the Domain Name field.
32. Deselect Change Hostname via DHCP.
34. In the Network Configuration screen under Firewall, click disable next to
Firewall is enabled.
The entry will change to Firewall is disabled.
NOTE: Turning off the firewall is not generally recommended. Within this course, however,
having SuSE Firewall enabled would interfere with a later exercise involving the iptables
command.
36. Select the first detected network card, then click Edit.
Your hostname and domain name should already be filled. If not, enter a
hostname of da1 and the domain name digitalairlines.com.
26 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: Because this virtual machine runs in host-only mode, it is isolated from the rest of your
network. In a production environment, you would configure one or more DNS server addresses
and a gateway router address.
45. In the Test Internet Connection dialog, select No, Skip This Test, then click Next.
46. In the Installation Overview dialog, accept the default settings by clicking Next.
47. In the User Authentication Method screen, select Local (/etc/passwd), then click
Next.
48. In the New Local User screen, add a user named geeko by entering the following:
User’s Full Name: Geeko Novell
User Login: geeko
Password: novell
49. Create the user by clicking Next.
51. In the Release Notes screen, review the release notes, then click Next.
52. In the Hardware Configuration dialog, review the settings suggested under
Graphics Cards, then click Next.
53. Uncheck Clone this System for AutoYaST and complete the installation process
by clicking Finish.
Wait while the graphical login is loaded.
54. In the lower right corner of the VMware Player window, click the Network
Adapter icon and make sure the Host Only entry is selected.
55. To make sure that da-host and da1 can access each other over the network, do the
following on da-host:
a. Select Yast > Security and Users > Firewall.
b. In the tree on the left select Interfaces. In the Firewall Interfaces frame,
select vmnet1 and click Change. From the Interface Zone drop down menu
select Internal Zone, then click OK.
c. In the tree on the left select Masquerading. In the Masquerading frame on
the right, make sure Masquerade Networks is selected, then click OK. In the
Firewall Configuration: Summary dialog, click Finish.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 27
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
28 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 29
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
30 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
5. Press the Down-arrow until Miscellaneous is highlighted in the left frame and
press Enter.
6. Press the Down-arrow until System Log is highlighted in the right frame and
press Enter.
7. Press the Down-arrow until /proc/version is highlighted and press Enter.
8. Press Tab twice to highlight OK and press Enter.
9. Press Alt+Q to select Quit.
10. Log out by entering exit.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 31
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: Notice that the icon shows an empty box. This indicates that the package is not yet
installed.
32 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: Notice that the list shows a box already checked. This means that the package is
installed.
3. In the list on the right, click 3ddiag until a red X appears to the left.
4. Click Accept at the bottom right.
You are returned to the YaST Control Center.
5. Repeat steps 1-4 to uninstall xosview.
6. Close any open windows.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 33
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
34 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Part IV: Log In as User geeko and Remove the New User Account
To log in as user geeko and remove the new user account, do the following:
1. Log in as geeko with a password of novell.
2. From the GNOME desktop, select Computer > More Applications > System >
YaST, then enter a password of novell and select Continue.
3. From the YaST Control Center, select Security and Users > User and Group
Management.
4. From the list of users, select tux, then click Delete.
5. Select Delete Home Directory /home/tux, then click Yes.
6. Click OK.
7. Confirm that the user tux has been removed by doing the following:
a. Start the Nautilus file manager by double-clicking the geeko’s Home icon on
the desktop.
The content of Geeko’s home directory is displayed.
b. Browse the File System to the /home directory.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 35
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
36 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 37
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
38 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
7. Save the file and close the editor by pressing Esc and entering
:wq
You are returned to the command prompt.
8. See what has changed in the files on your hard drive since the wget RPM was
originally installed by entering
rpm -V wget
9. The following is displayed:
S.5....T c /etc/wgetrc
Refer to the student manual (Section 4, first objective) to interpret what has
changed.
10. View the documentation files for the wget by entering
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 39
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
11. Verify that the package is no longer installed by entering the following:
(End of Exercise)
40 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 41
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Exercise 4-3 Create and Manage Users and Groups from the Command Line
In this exercise, you add and remove a user using command line tools.
Create, change, and delete a user account, using the following information:
Use the useradd command to add a new user account labeled tux for user Tux
Penguin.
Look for the new entries in the /etc/passwd and /etc/shadow files.
Use the passwd command to set the password for tux to novell.
Use the su command to switch to user tux.
Use the passwd command to change the password to d1g1t@l.
Use the userdel command to remove the account of user tux.
This exercise is performed on the da-host server.
42 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Part III: Log In as the New User and Change Your Password
To log in as the new user and change your password, do the following:
1. Log in as tux by entering su - tux. Enter the password novell when prompted.
2. Change the password of the user tux by entering passwd.
3. Enter the old password of the user tux: novell
4. Try to change the password to novell by entering novell.
You receive a warning that you must choose a new password.
1. Enter d1g1t@l as the new password (enter twice).
2. Log out as user tux by entering exit.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 43
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
44 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
ls -l
11. Log out as geeko by pressing Ctrl+d or by entering
exit
12. Return to the GNOME desktop by pressing Ctrl+Alt+F7.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 45
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
To partition manually from the command line with fdisk, do the following:
1. Open a terminal window and su - to root (password novell) and start the fdisk
utility on the first hard disk on your server by entering
fdisk /dev/sda
A message is displayed, indicating that the number of cylinders is above 1024,
which might cause problems under certain circumstances.
2. View the current partition table in fdisk by entering p.
46 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
3. Create an extended partition that uses the entire free space of the hard disk by
doing the following:
a. Create a new partition by entering n.
b. Enter e for extended.
c. Conditional: When asked for a partition number, enter 3.
d. Accept the suggested first cylinder by pressing Enter.
e. Accept the suggested last cylinder by pressing Enter.
4. Create two logical partitions with a partition type of Linux (the default) by doing
the following:
a. Create a new partition by entering n.
b. Enter l (lower case L) to create a logical partition.
c. Accept the default first cylinder by pressing Enter.
d. Specify a partition size of 1 GB by entering +1G.
e. Create another new partition by entering n.
f. Enter l (lower case L) to create a logical partition.
g. Accept the default first cylinder by pressing Enter.
h. Indicate the partition size by entering +1G.
i. Verify the new partition configuration by entering p.
5. Write the new partition table to your hard drive and exit fdisk by entering w.
You will see a warning message that the kernel is still using the old partition table
and that the new table will be used at the next reboot.
6. View the current partition table used by the kernel by entering
cat /proc/partitions
Notice that the three new partitions you just created are not listed.
7. To access the new partitions, you must update the kernel’s partition table which is
stored in memory. Do one of the following:
Have the kernel update its partition table by entering partprobe.
Reboot the system by entering reboot.
8. View the partition table again by entering
cat /proc/partitions
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 47
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: You should add an empty line after the last new entry at the end of the file to make
sure the mount command can interpret the file properly.
These new entries ensure the sda5 and sda6 partitions are mounted when
starting or rebooting the system.
d. Save the changes to /etc/fstab by pressing Esc and then entering :wq.
5. In the terminal window, reread the /etc/fstab file and mount all of the new
file systems by entering
mount -a
6. View the information on the mounted file systems by entering the following two
commands:
mount
cat /proc/mounts
You should see entries for the two new partitions you created.
48 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
In this part of the exercise, you add a journal to an ext2 file system, effectively
making it an ext3 file system. Complete the following:
1. Modify the /dev/sda6 partition:
a. In the terminal window, umount the /dev/sda6 partition and view details
about the ext2 file system on it by entering
umount /dev/sda6 ; dumpe2fs /dev/sda6 | more
Notice the block size and the file system state.
b. Give the ext2 file system a volume name of /export/data2 while the file
system is unmounted by entering
tune2fs -L /export/data2 /dev/sda6
NOTE: It is common practice to use this naming convention. Naming a file system after
its mount point can be useful in system rescue situations when the /etc/fstab file is
not available.
c. Verify that the file system now has a volume name by entering
dumpe2fs /dev/sda6 | less
You should see that the volume name has been set to the partition’s mount
point.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 49
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
d. Add a journal to the file system (making it an ext3 file system) by entering
tune2fs -j /dev/sda6
e. Verify that the file system now contains a journal by entering
dumpe2fs /dev/sda6 | less
f. Mount /dev/sda6 again by entering
mount /dev/sda6
g. View information on the mounted file systems by entering
mount
Notice that the file system is still mounted as an ext2 file system.
h. Unmount the partition /dev/sda6 again by entering
umount /dev/sda6
i. Verify that the file system state is clean by entering
dumpe2fs /dev/sda6 | less
j. Edit the /etc/fstab file to change the file system type from ext2 to ext3
by entering vi /etc/fstab at the shell prompt.
k. Locate the entry for /dev/sda6 and change the file system type from ext2
to ext3. Save the file and close the editor.
l. At the command line, reread /etc/fstab and mount the partition as an
ext3 file system by entering
mount -a
m. Verify the change by entering
mount
You should see that /dev/sda6 has been mounted as an ext3 file system.
n. Unmount the partition /dev/sda6 again by entering
umount /export/data2
o. Mount the partition as an ext2 file system manually by entering
mount -t ext2 /dev/sda6 /export/data2
p. Verify that the file system is mounted without a journal (as an ext2 file
system) by entering
mount
As you can see, ext3 is backward compatible with ext2.
q. Remount /dev/sda6 as an ext3 file system and verify the change by
entering the following commands:
umount /export/data2
mount -a
mount
50 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: If you receive the error message “/export/data2 mounted already, or bad option,” check
the contents of the /etc/fstab file. You might have misspelled the usrquota or grpquota
option.
NOTE: You will receive several status messages about old quota files. These indicate that this
is a new quota database with no previous quota database files on the system.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 51
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
insserv boot.quota
11. Set a quota for geeko with a soft block limit of about 20 MB and a hard block
limit of about 30 MB on /dev/sda6 by entering
edquota -u geeko
The quota editor appears in the vi editor.
12. Under soft, remove the 0 and enter 20000.
15. View the quota information about all configured users by entering
repquota -av
16. (Optional) If you finish early, set a quota for the users group of 100 MB for the
soft limit and 150 MB for the hard limit.
17. Test the quotas by doing the following:
a. As root, create a directory named /export/data2/geeko and change
the owner to geeko by doing the following:
mkdir /export/data2/geeko
chown geeko.users /export/data2/geeko
b. Change to the user account geeko and create a file by entering
su - geeko
dd if=/dev/zero of=/export/data2/geeko/bigfile
After a short time, you should see a message indicating the quota was
exceeded.
18. Close all open windows.
(End of Exercise)
52 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 53
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
54 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: In this exercise, you copy backup files to the /tmp directory. This is done for
demonstration purposes only. You should never store an actual backup in the /tmp directory.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 55
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
56 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
5. Note the corresponding device name (listed in the first column of the output):
6. Copy an image of the CD to the hard disk by entering the following at the shell
prompt:
dd if=/dev/device_name of=/tmp/course_cd.iso
Copying the DVD can take some time.
7. When the copy process is complete, mount the image file by entering
mount -o loop /tmp/course_cd.iso /mnt/
8. Change to the /mnt/ directory by entering cd /mnt at the shell prompt.
9. Display the content of the image file by entering ls at the shell prompt.
You should see the files from the CD.
10. Enter cd /media/3112*, then enter ls.
Note that the content of the image file is identical to the original CD.
11. Change to your home directory and unmount the image file by entering the
following command:
cd ; umount /mnt
12. Delete the image file by entering
rm /tmp/course_cd.iso
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 57
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
In this part of the exercise, you perform a a remote backup from da-host to your da1
virtual server. Do the following:
1. If necessary, power on your da1virtual workstation and wait for it to boot.
2. Log in to da1 as geeko, open a terminal window, and enter su - to switch to the
root account (password novell).
58 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
3. From the root terminal window on da1, perform a remote backup of the geeko
user’s home directory on da-host by entering the following at the shell prompt
(all on one line):
rsync -ave ssh root@172.17.8.1:/home/geeko /tmp/
rsync_test
4. When prompted to accept the security certificate, enter yes.
5. When prompted, enter a password of novell.
You should see the geeko user’s files on da-host being synchronized to your da1
server.
6. Switch to your da-host workstation and do the following:
a. Open a terminal session on da-host.
b. As geeko, create a new file in the geeko home directory by entering echo
"A new file" > ~/new_file2 at the shell prompt.
7. Switch back to your da1 server.
8. Enter the rsync command again at the shell prompt:
rsync -ave ssh root@172.17.8.1:/home/geeko /tmp/
rsync_test
9. When prompted, enter a password of novell.
Notice that only new files created since the last time rsync was run are copied.
10. Close all terminal windows.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 59
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
1. Open a terminal window, then switch to the root user by entering su - followed
by a password of novell.
2. View the currently loaded kernel modules by entering lsmod at the shell
prompt.
3. Scroll through the modules to see if the joystick module (joydev) is loaded. If it’s
difficult to locate in the output, you can enter lsmod | grep joydev at the
shell prompt.
The 0 in the Used column indicates that the module is not in use.
NOTE: If the joydev module is not listed, skip to step Step 6 on page 60.
60 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
depmod -v | less
Wait a few minutes for the information to be generated.
12. Scroll through the dependency information by pressing the Space bar.
13. When you have finished, return to the command line by typing q.
12. Open a terminal session and switch to root with the su - command and a
password of novell.
13. At the shell prompt, enter cd /etc/udev/rules.d.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 61
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
16. Save your changes and exit the editor by entering :exit.
17. Reboot your da-host server by entering init 6 at the shell prompt.
18. Wait for your default GRUB menu item to be selected to start the boot process.
19. When the system starts to boot, press Esc so you can view your system’s boot
messages.
20. Verify that your network interface is now named eth0 and that the appropriate
network configuration parameters are applied.
(End of Exercise)
62 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 63
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
64 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
bg 1
Notice that the calculator program is running again. Because it’s running in the
background, you can now use the terminal window to enter other commands.
12. Verify that the job status is running by entering
jobs
You should see that the gcalctool job is now running.
13. View the gcalctool branch in the process tree by entering
fg 1
15. Close the calculator program.
nohup gcalctool&
NOTE: The nohup command runs a command such that it ignores any hangup kill signals sent
to it.
top
20. View only the processes started by root by typing u and then entering root.
22. (Conditional) If you cannot find the gcalctool program, try maximizing the
terminal window. You can also activate the Calculator window and use it to
calculate several numbers. This should cause the gcalctool process to be moved
near the top of the output in top.
You can also enter F in top and select PID as the sort column. If needed, you can
also reverse the sort order by pressing R.
23. Record the PID of the gcalctool process:
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 65
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
ps PID_of_gcalctool_process
26. Switch to your root user account using the su - command and a password of
novell.
27. Stop the calculator program and check the status by entering the following
commands:
kill PID_of_gcalctool_process
ps aux | grep gcalctool
28. Start the xeyes program in the background by entering
xeyes&
29. Kill the xeyes program by entering
killall xeyes
66 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Notice that the process is not displayed, because ps lf only displays processes
started by the current user. The calculator program was started by geeko (not
root).
9. View all processes by entering
ps alf
The gcalctools process is now displayed.
10. Change the nice value for the gcalctools process to a higher priority by entering
exit
You should now be user geeko again.
13. Start the xeyes program in the background with the nice value of +10 by entering
nice xeyes&
14. Verify that the xeyes process nice value is set to +10 by entering
ps lf (with a lowercase L)
15. Kill the gcalctools and xeyes processes by entering the following commands:
kill PID_of_gcalctools_process
killall xeyes
16. Close your terminal window.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 67
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: The -F option is a shortcut for -f --retry, which keeps trying to open a file
even if it is inaccessible when tail starts.
68 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
5. Press Ctrl+c.
6. Close all open windows.
NOTE: Make sure you enter two > characters in the above command. If you have only one >
character, all existing entries in /var/log/messages will be overwritten.
11. Schedule the date to be logged tomorrow at 2:00 p.m. to the /var/log/
messages file by entering the following:
at 14:00 tomorrow
date >> /var/log/messages
12. Exit the at editor by pressing Ctrl+d.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 69
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Notice that the two jobs are listed, each with an individual job number.
14. Remove the job scheduled for tomorrow at 2:00 p.m. by entering
atrm job_number
15. View the scheduled at jobs by entering atq (or at -l).
Only the job scheduled for 12:00 p.m. should still be listed.
(End of Exercise)
70 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 71
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Password:
Retype Password:
stty: standard input: Invalid argument
g. Press Ins.
h. At the beginning of the line with the encrypted password, enter
password --md5
The line should look similar to the following:
password --md5 $1$/5bSD....
i. Save the file by pressing Esc and then entering :wq.
10. Reset the computer by entering reboot at the shell prompt.
You will notice that the start screen looks different now, because you turned off
the graphical menu.
11. If you want to edit the kernel command line, press p and then enter a password of
secret.
12. Select the SUSE Linux Enterprise Server 11 menu option and press Enter.
72 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Previous Current
Notice that the previous runlevel is listed as N, which means that there was no
previous runlevel set.
4. Change to runlevel 3 by entering init 3 in the terminal window.
The graphical environment is terminated and you are left at a terminal login
prompt.
5. Log in as root with a password of novell.
6. Check the previous and current runlevel by entering runlevel.
List the runlevels in the table below:
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 73
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Previous Current
12. You should be still be logged in as root. Verify this by entering whoami at the
shell prompt.
13. Switch to runlevel 1 by entering init 1 at the shell prompt.
15. Determine if the atd service is running by entering rcatd status at the shell
prompt.
74 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
18. Open a terminal session and enter su - to switch to root using a password of
novell.
19. From the command line, remove the atd service from system startup runlevels by
entering chkconfig atd off.
20. View the current runlevel configuration for at by entering chkconfig atd -
l at the shell prompt.
Notice that the service is off for all runlevels.
21. Re-enable the service to start at the default runlevels by entering chkconfig
atd on at the shell prompt.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 75
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
(End of Exercise)
76 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: The above values (one day, five logs, 20 bytes) are used for demonstration purposes only. In
a production environment, these values should be much higher.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 77
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: Check your syntax carefully. If you make a mistake in this file, syslog won’t start.
NOTE: You can find the syslog-ng.conf file in the Exercises/Section_05 directory on the
Course DVD.
NOTE: You will see warnings regarding the --retry option and the fact that the file
does not yet exist. You can disregard this error because the file will be created when you
complete the next step.
b. In the other terminal window, log an entry to the info level in the local4
facility by entering
logger -p local4.info "Info message 1"
c. Check the results in the second terminal window. The message is logged in
the /var/log/local4.info file.
The message should also be logged in the /var/log/local4 file and,
because of other entries in /etc/syslog-ng/syslog-ng.conf, in /
var/log/localmessages.
78 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: If no messages appear, there might be something wrong with your syslog
configuration, for instance a typo or a missing “;”. To diagnose what is wrong, enter
rcsyslog restart at the shell prompt and see if syslog starts properly. If there is an
issue with the configuration, an error message will say so. Look for the line number
shown in the output for the error, correct it, and restart syslog.
d. In the terminal window where the log activity is being monitored with tail,
stop the monitoring by pressing Ctrl+c.
9. Repeat this process for the debug log level. Use the following command in the
first terminal window:
tail -f --retry /var/log/local4.debug
Use the following command in the second terminal window:
logger -p local4.debug "Info message 2"
NOTE: Only those level4 log files with entries will be compressed during log rotation in
Part II of this exercise.
10. In the terminal window where the log activity is being monitored with tail, stop
the monitoring by pressing Ctrl+c.
NOTE: Make sure the directories in the first line are separated with spaces.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 79
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
logrotate /etc/logrotate.conf
7. Check the directory /var/log for the zipped local4 log files by entering
ls -l /var/log | less
You see the following files:
local4.debug-current_date.bz2
local4.info-current_date.bz2
For example, if the current date is July 15, 2009, then the zipped file for
local4.info will be local4.info-20090715.bz2.
The .bz2 extension is used because the command to compress files is set to
bzip2 in /etc/logrotate.conf.
exit
12. Return to the GNOME desktop by pressing Ctrl+Alt+F7.
(End of Exercise)
80 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
As you work through this exercise, write down the appropriate value in the right-hand
column of the following table:
OS
Hardware Architecture
Processor Type
Hostname
Kernel Release
System Up Time
Load Averages
SLES 11 Version
Free Memory
Patch Level
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 81
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
cat /proc/meminfo
82 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 83
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
84 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 85
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
86 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
18. In the Name Server 1 field, enter the IP address of your DNS server.
19. If there are values in the other Name Server text fields, remove them.
21. If there are values in the other Domain Search text fields, remove them.
24. In the Default Gateway field, enter the IP address of your Internet gateway.
27. To test your network connection, start the web browser Firefox and try to connect
to www.novell.com (http://www.novell.com).
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 87
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
cd /etc/sysconfig/network
11. Open the ifcfg-eth0 file in a text editor by entering vi ifcfg-eth0 at the
shell prompt.
12. Add the following lines to the file:
IPADDR_2=’172.17.8.201/16’
88 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
14. Reboot your da1 virtual machine by entering init 6 at the shell prompt.
18. Verify that the network configuration loaded correctly by entering the following
commands:
ip address show eth0
You should see two IP addresses.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 89
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
From da1, ping da-host (171.17.8.1). (You will notice a slightly different output
of the ping command compared to Step 7 above.)
90 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
iptables -F
14. Find out what happens when you use ssh from da-host to da1 by entering
ssh geeko@172.17.1.101
When asked if you are sure you want to continue connecting, enter yes. Then
enter the password novell. After you have successfully logged in, log out again
by pressing Ctrl+D.
15. Create an iptables rule that drops incoming TCP packets addressed to port 22
(SSH) by entering
iptables -A INPUT -i eth0 -p tcp --dport 22 -j DROP
16. Try again to log in to da1 using ssh and notice how the results differ from the
results in Step 14.
17. Change the rule from Step 15 to use REJECT as its target instead of DROP.
You can either delete the rule and create a new one, or replace the rule by
entering
iptables -R INPUT 1 -i eth0 -p tcp --dport 22 -j REJECT
18. View the current ruleset by entering
iptables -v -L -n
19. Try again to ssh to da1 from da-host and find out if there is any difference to
before. If yes, why is that?
20. Change the rule from Step 17 to REJECT with a TCP reset, instead of the ICMP
message port unreachable, by entering (on one line)
iptables -R INPUT 1 -i eth0 -p tcp --dport 22 -j REJECT
--reject-with tcp-reset
21. View the current ruleset by entering
iptables -v -L -n
22. Again connect to da1 from da-host using ssh and find out if you get different
results.
23. Flush your ruleset by entering
iptables -F
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 91
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
(End of Exercise)
92 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 93
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
In this part of the exercise, you configure global settings for the Samba service on da-
host.
Complete the following:
1. In YaST on da-host, select Network Services > Samba Server.
2. In the Workgroup or Domain Name field, type digitalairlines, then select Next.
3. Under Samba Server Type, select Not a Domain Controller, then select Next.
4. On the Start-Up tab, select the following options:
During Boot
Open Port in Firewall (if necessary)
5. Select the Identity tab.
6. In the NetBIOS Hostname field, type da-host.
7. Select WINS Server Support.
8. Deselect Retrieve WINS Server via DHCP, then select Use WINS for
Hostname Resolution.
9. Select Advanced Settings > Expert Global Settings.
Confirm the warnings by clicking OK.
94 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
10. Verify that security is set to user and that printing is set to cups.
In this part of the exercise, you create a share named geeko-data that points to the
/srv/samba/geeko-data directory.
Complete the following:
1. Create the /srv/samba/geeko-data directory on da-host:
a. At the shell prompt, (as root) enter mkdir -p /srv/samba/geeko-
data.
b. Create a test file in the directory by entering touch /srv/samba/
geeko-data/my_file at the shell prompt.
c. To adjust the permissions assigned to the directory and file to allow access
by the geeko user, at the shell prompt enter
chown -R geeko: /srv/samba/geeko-data/
2. Create the [geeko-data] share by doing the following:
a. In YaST, select Network Services > Samba Server.
b. On the Shares tab, select Add.
c. On the New Share screen, enter the following information:
Share Name: geeko-data
Share Description: Geeko’s Data Directory
Share Path: /srv/samba/geeko-data
d. Select OK.
e. With the geeko-data share selected, select Edit.
f. On the Share geeko-data screen, select Add.
g. In the Selected Option drop-down list, select valid users, then select OK.
h. In the valid users field, enter geeko, then select OK.
i. Select OK to close the Share geeko-data dialog.
j. Select OK to close the Samba Configuration.
3. Close YaST.
4. Open a terminal window, enter su - (password novell), and view the samba
configuration by entering
less /etc/samba/smb.conf
5. Test the configuration of the Samba server and the [geeko-data] share by
entering testparm at the shell prompt.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 95
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
96 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 97
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
98 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
NOTE: You can use the accounting-index.html and hr-index.html files from the
Exercises/Section_07 directory on the Novell’s Guide to the LPIC-1 Certification
Using SUSE Linux Enterprise Server 11 Course CD.
<VirtualHost _default_:80>
ServerAdmin webmaster@digitalairlines.com
ServerName accounting.digitalairlines.com
DocumentRoot /srv/www/accounting
ErrorLog /var/log/apache2/accounting.digitalairlines.com-
error_log
CustomLog /var/log/apache2/accounting.digitalairlines.com-
access_log combined
UseCanonicalName On
ScriptAlias /cgi-bin/ “/srv/www/cgi-bin”
<Directory “/srv/www/cgi-bin”>
AllowOverride None
Options +ExecCGI -Includes
Order allow,deny
Allow from all
</Directory>
<Directory “/srv/www/accounting/”>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
12. Copy the accounting.conf file to hr.conf and edit it so it fits the requirements of
the hr.digitalairlines.com domain.
NOTE: You can find the accounting.conf and hr.conf configuration files in the
Exercises/Section_07 directory on the Novell’s Guide to the LPIC-1 Certification
Using SUSE Linux Enterprise Server 11 Course CD.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 99
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
16. To make sure Apache starts automatically, use the command insserv
apache2.
17. Test your virtual host.
a. Start Firefox on da-host by selecting Computer > Firefox.
b. Access the Accounting virtual host by entering http://
accounting.digitalairlines.com/ in the URL field of the Firefox browser.
You should see the Accounting Intranet page that you created earlier.
c. Access the HR virtual host by entering http://hr.digitalairlines.com/ in the
URL field of the Firefox browser.
You should see the HR Intranet page that you created earlier.
d. Close Firefox and any open terminal windows.
(End of Exercise)
100 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
cd /srv/ftp
ls -l.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 101
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
13. Enter ftp localhost, log in with the username ftp, and again try to
download the suse-build-key.gpg file.
This should succeed now.
14. Close the ftp client by entering bye.
(End of Exercise)
102 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
3. Enter the following two lines of text (press Enter after each line):
I have just installed SUSE Linux Enterprise Server 11
on my computer and am ready for administration training.
When you finish, press Ctrl+d.
4. Change to the root account by entering su - (password novell).
5. Enter mail.
In the last line of the list you should find the mail message you just sent to root.
6. To read the message, enter the number in the second column of the table.
7. Delete the message by entering d and the number of the message (such as d 4).
8. Quit mail by entering q.
9. Verify that the message was deleted by entering mail, then exit mail by
entering q.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 103
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Do the following:
1. On da-host, open a terminal window and enter su - to get root permissions.
When prompted, enter the root password novell.
2. Stop the postfix daemon by entering
rcpostfix stop
3. Open the /etc/postfix/main.cf file in a text editor.
Scroll to the settings at the end of the file.
4. To accept mail only from the local network, modify the following options as
shown below:
inet_interfaces = 172.17.8.1, localhost
mynetworks_style = subnet (should already be set)
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination (on one line)
5. To rewrite the sender addresses and remove the host name, modify the following
options as shown below:
masquerade_exceptions = root (should already be set)
masquerade_domains = digitalairlines.com
6. Save the file and close the editor.
7. Start Postfix by entering
rcpostfix start
8. Start your da1 virtual server if it is not already running.
9. On da1, stop the postfix daemon by entering
rcpostfix stop
10. Open the /etc/postfix/main.cf file in a text editor.
relayhost = 172.17.8.1
12. To rewrite the sender addresses and remove the host name, modify the following
options as shown below:
masquerade_exceptions = root (should already be set)
masquerade_domains = digitalairlines.com
Save the file and close the editor.
13. Start Postfix by entering
rcpostfix start
104 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
mail joe@example.com.
Enter the subject and some text and finish the e-mail message by doing the
following:
Press Enter.
Type . (dot).
Press Enter.
15. As root in a terminal window on da-host, enter mailq.
As your classroom network is most likely not set up to deliver mail to the outside
and there is no MX record for the example.com domain, you should see an entry
for the e-mail message you just created. If not, have a look at the /var/log/
mail file on da1 and da-host to find out what happened to the e-mail message.
16. Using the Queue ID displayed in the output of the mailq command, delete the
e-mail message from the queue by entering
postsuper -d queue_ID
17. Enter mailq to verify the mail has been deleted from the queue.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 105
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
socket://172.17.8.250:9100
Select Continue.
The Make/Manufacturer for Fictive dialog appears.
11. From the Make/Manufacturer for Fictive pull-down menu, select HP, then
select Continue.
106 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 107
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
options {
};
108 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
NOTE: You can find the above named.conf file in the Exercises/Section_07/
directory on the Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise
Server 11 Course CD.
9. Conditional: If there is a name server for the classroom, ask the instructor for its
IP address and configure the forwarders line to match the following:
forwarders {x.x.x.x;};
Make sure that you delete the comment character from the beginning of the
forwarders line.
10. Add the following two zone statements after the existing zone statements:
zone "digitalairlines.com" in {
type master;
file "master/digitalairlines.com.zone";
};
zone "0.0.10.in-addr.arpa" in {
type master;
file "master/10.0.0.zone";
};
Save and close the file.
11. Create a new /var/lib/named/master/
digitalairlines.com.zone file with the following content:
$TTL 172800
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 109
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
NOTE: You can use the digitalairlines.com.zone file from the Exercises/
Section_07/ directory on the Novell’s Guide to the LPIC-1 Certification Using SUSE
Linux Enterprise Server 11 Course CD as a template.
IN NS da-host.digitalairlines.com.
NOTE: You can use the 172.17.zone file from the Exercises/Section_07/
directory on the Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise
Server 11 Course CD as a template.
14. To view the end of the /var/log/messages file and any new entries added
to it, enter
tail -f /var/log/messages
15. Switch to the first terminal window and start bind by entering
rcnamed start
If there are errors in the /etc/named.conf file, they are displayed in the
output (with specific references and line numbers). The named daemon will not
start until these errors are fixed.
16. From the second terminal window, watch the log output of bind for any messages
such as Unknown RR Type or File Not Found.
If any errors occur, fix them and restart bind.
110 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
17. From the first terminal window, start bind automatically when the system is
booted by entering
insserv named
18. Open the /etc/resolv.conf file in a text editor.
19. Delete all existing nameserver entries and add the following entry:
nameserver 172.17.8.1
host da2.digitalairlines.com
This should display the IP address of 172.17.8.102.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 111
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
112 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
The output will vary, depending on the time passed since ntpd was started and
whether or not the NTP server you configured can actually be reached from your
computer.
6. View the log of the NTP server by entering
tail -f /var/log/ntp
Stop tail by pressing Ctrl+c.
7. View the changes made to the /etc/ntp.conf file by entering
less /etc/ntp.conf
Notice that the NTP server is the server you selected earlier.
8. Check the hardware clock time by entering hwclock.
9. Set the hardware clock from the system time by entering the following:
hwclock --systohc
10. Check the new hardware clock time by entering hwclock.
(End of Exercise)
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 113
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
114 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 115
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
116 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 117
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
6. Define a Cmnd_Alias named KPROCS that contains the kill and killall
commands by adding the following line to the end of the file:
Cmnd_Alias KPROCS = /bin/kill, /usr/bin/killall
7. Define a Host_Alias named HOSTS that contains the da1 host by adding the
following line to the end of the file:
Host_Alias HOSTS = da-host
8. Using the aliases defined above, allow the geeko user to run the specified
commands on da1 as root by adding the following line to the end of the file:
POWERUSERS HOSTS = (root) KPROCS
9. Press Esc, then save your changes and exit the editor by entering :exit.
10. Test your configuration by doing the following:
a. At the shell prompt (as root), enter top to start the top process running.
b. Open a new terminal window.
c. At the shell prompt in the new terminal window (as geeko), enter sudo
killall top.
d. When prompted, enter geeko’s password of novell.
You should see that top is unloaded in the first terminal window.
(End of Exercise)
118 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
2. Start YaST by selecting Computer > YaST and entering a password of novell.
3. Select Security and Users > Local Security.
The Security Overview dialog appears.
4. On the left, select Predefined Security Configurations.
5. Make sure Custom Settings is selected.
6. On the left, select Password Settings.
7. From the Password Encryption Method drop-down list, select MD5.
8. On the left, select Boot Settings.
9. From the Interpretation of Ctrl + Alt + Del drop-down list, select Halt.
10. Apply the new security settings by clicking OK, then close YaST.
11. To test the change, you must first activate the new configuration.
This can be done either by rebooting the system or by entering (as root) init q,
which reloads the /etc/inittab file. You will do the latter:
a. In the terminal window, su - to root using a password of novell.
b. Reload the /etc/inittab file by entering init q.
12. Verify that the Ctrl+Alt+Del setting has changed by entering
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 119
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
(End of Exercise)
120 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Do the following:
1. If necessary, start your da1 virtual machine.
2. Log in to da1 from da-host by doing the following:
a. On da-host, open a terminal window and enter
ssh -l geeko da1.digitalairlines.com
b. When prompted to continue, enter yes.
c. When prompted, enter a password of novell.
You are now logged in to the da1 server as geeko.
d. Log out by entering exit.
3. Check the processes running on the da1 server by entering the following at the
shell prompt of your workstation:
ssh -l geeko da1.digitalairlines.com ps aux
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 121
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
sftp geeko@da1.digitalairlines.com
12. When prompted, enter a password of novell.
13. Copy the /bin/date program from the da1 server to geeko’s home directory
on your workstation by entering:
get /bin/date /home/geeko/
14. Quit sftp by entering exit.
Verify that the date program has been copied to the geeko user’s home directory.
122 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 123
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
(End of Exercise)
124 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.
Version 2 Copying all or part of this manual, or distributing such copies, is strictly prohibited. 125
To report suspected copying, please call 1-800-PIRATES.
Novell’s Guide to the LPIC-1 Certification Using SUSE Linux Enterprise Server 11 / Workbook
Because the /etc/nologin file no longer exists, user login is enabled again.
16. Log out as geeko by entering exit.
(End of Exercise)
126 Copying all or part of this manual, or distributing such copies, is strictly prohibited. Version 2
To report suspected copying, please call 1-800-PIRATES.