|< Day Day Up >|| |
Here are some of the key points from the certification objectives in Chapter 11.
When Red Hat Enterprise Linux starts on your computer, it triggers a special process known as init, which then opens the other basic processes required for a working Linux system.
Many services have their own user ID, as shown in /etc/passwd; alternatively, some services can run under the nobody account.
Service user IDs are not for real users.
Red Hat's user private group scheme configures users with their own unique user and group ID numbers.
With appropriate SGID permissions, you can configure a shared directory for a specific group of users.
Setting the SGID bit ensures that all files created in a shared directory belong to the correct group.
Setting the SGID bit is easy; use chown to set nobody as the user owner, and the name of the group as the group owner. Then run the chmod 2770 command on the shared directory.
The anacron service includes a special cron job which runs jobs that were supposed to be run while a computer is powered down.
The tmpwatch command (/usr/sbin/tmpwatch) is used to remove files that have not been accessed in a specified number of hours.
Rescue disks aren't always available. Be prepared to use the linux rescue environment from a Red Hat installation CD.
One good boot disk customized for your system can be created with the mkbootdisk command.
When you start the linux rescue environment, be able to access the Red Hat installation files.
The linux rescue environment may be able to mount your filesystems on /mnt/sysimage. It will provide a minimum set of commands such as fdisk and fsck, and utilities such as vi.
If your filesystems are properly mounted, you can access documents such as man pages normally after a chroot /mnt/sysimage command.
Linux may not be able to mount all of your filesystems.
Some mount points fail because of bad labels. Check the label on a specific partition with the e2label command.
The fsck command is used to check the filesystem on a partition for consistency.
The dumpe2fs command can provide a lot of information about each partition, including the label, the journal, and the block size.
One alternative to the linux rescue environment is single-user mode. You can even boot from GRUB into other runlevels such as 3 and 5.
Common problem files that can prevent Linux from booting include /boot/grub/grub.conf and /etc/fstab.
The OpenSSH command utilities-sshd, ssh, ssh-keygen, ssh-add, and ssh-agent-provide secure remote services over any network connections.
Encryption is based on private and public keys.
You can keep your private key secure with a passphrase.
Public keys are shared with others so that they can communicate with you through SSH.
As it is easy to decipher traffic, even passwords, from telnet, ftp, and the 'r' commands, it is best to use SSH on any publicly accessible network.
PGP, Pretty Good Privacy, is the way much e-mail is encrypted today.
The Linux implementation of PGP is GPG.
You can validate the signature of any RPM using the rpm -vK packagename command.
To add an LV, you need to know how to use the pvcreate, vgcreate, and lvcreate commands.
To remove an LV, you need to know how to use the lvremove command.
To resize an LV, you need to know how to use the vgextend and lvextend commands.
|< Day Day Up >|| |