Red Hat has developed a number of other graphical utilities that can help you with the day-to-day tasks of administering your Linux system. They are in various stages of development; expect improvements as Red Hat releases new packages and later versions of its distribution.
Table 19.4 summarizes the Red Hat graphical system administration utilities. Keep in mind that this is an arbitrary list of the utilities described in this section; you could also classify the other utilities in this chapter as system administration utilities.
Utility | Function |
---|---|
redhat-config-packages | Managing RPM package groups |
redhat-config-rootpassword | Changing the root user s password |
redhat-config-users | Adding and maintaining users |
redhat-config-xfree86 | Configuring the GUI |
redhat-logviewer | Inspecting current log files |
redhat-update-gnome-font-install | Updating fonts |
redhat-config-kickstart | Building a Kickstart file for automated installation |
redhat-config-securitylevel | Configuring a firewall |
redhat-config-proc | Changing kernel settings in /proc |
authconfig-gtk | Setting up authentication |
authconfig | Using the text-mode version of authconfig-gtk |
You can use the redhat-config-packages utility to inspect, install, and remove the RPM packages currently on your Linux system. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Add/Remove Applications. This opens the Package Management window, shown in Figure 19.24.
If you installed Red Hat Linux graphically per Chapter 03 , Figure 19.24 should look familiar. It includes the same organization of package groups that you used during the graphical installation process.
You can select some individual packages in each group for installation and removal. As an example, take a look at the packages associated with the KDE Desktop Environment. On the far right side of the associated entry, click Details. This opens the KDE Desktop Environment Package Details window, shown in Figure 19.25.
As you can see, there are two categories of packages: standard and extra. Standard packages correspond to the mandatory packages as defined in the comps .xml file described in Web Chapter 5. The extra packages are either default or optional packages as defined in comps.xml .
In this way, you can deselect the packages or package groups of your choice. Make any desired changes and click Close. When you click Update in the Package Management window, this utility makes sure that you don t have unsatisfied dependencies. You get a last chance to cancel (see Figure 19.26) before the deselected packages are removed from the system. Click Show Details to review the packages that are to be removed.
Adding new packages is a bit more complex, because it requires access to the installation RPMs. If you start redhat-config-packages from the command line, this utility will prompt you for CDs.
Tip | If you have a network source for your Red Hat installation files, you don t need the installation CDs. For example, if the /RedHat/RPMS directory with your RPM packages is mounted on /mnt/source , run the redhat-config- packages --tree=/mnt/source command. As long as the RPMs are accessible over the network, redhat -config-packages starts and can use this source to install the packages that you specify. |
One more way to start redhat-config-packages is with the redhat-cdinstall-helper --tree=/ mnt/ cdrom command. You ll be prompted to insert the first Red Hat Installation CD before Red Hat takes you to the redhat-config-packages utility.
Linux logs the updated list of installed RPM packages each week in /var/log/rpmpkgs . The original list from when you installed Red Hat Linux is stored in /root/install.log .
The redhat-config-rootpassword utility lets you change the password associated with the root user account. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Root Password. If you re not logged in as the root user, you re prompted for the root password, as shown in Figure 19.27.
Assuming you enter the correct password (or are already logged into the root account), you ll see the Root Password dialog box, shown in Figure 19.28. The next time you want to log into the root account, you ll need this password.
You can use the redhat-config-users utility to manage the users and groups with accounts on your Linux system. More information on the affected configuration files is available in Chapter 09 .
Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Users and Groups. This opens the Red Hat User Manager window, shown in Figure 19.29.
As you can see, this window includes two tabs. The Users tab lists current users on the system, from /etc/passwd . The categories should be familiar if you know this file. To add a user, click Add User. This opens the Create New User dialog box, shown in Figure 19.30.
This dialog box allows you to enter the information associated with the new user, along with the password. Normally, the new user gets the next user ID available, in this case, 503. If you activate Specify User ID Manually, you can set the number of your choice.
You can add more account information for each user. Highlight a user and click Properties. This opens the User Properties dialog box, shown in Figure 19.31.
There are four tabs of information within User Properties, which are described in Table 19.5.
Tab | Description |
---|---|
User Data | Lists basic data for the user, stored in /etc/passwd and /etc/shadow . |
Account Info | Allows you to lock and/or set an expiration date for the account; the information is stored in /etc/shadow . |
Password Info | Lets you set up password expiration parameters; the information is stored in /etc/shadow . |
Groups | Permits you to set group membership for that user; the information is stored in /etc/group . |
Click OK to return to the main Red Hat User Manager window. Next, select the Groups tab, which lists current groups from /etc/group . Click Add Group. This opens the Create New Group dialog box, shown in Figure 19.32. By default, each user is a member of his or her own group, with the same ID number. For example, user donna has a user ID of 501 and group donna has a group ID of 501. This is the User Private Group scheme described in Chapter 09 .
Whenever you create a special group, it s a good idea to give it a number in a different range from your users. I ve created the group named angels. After selecting angels from the Groups tab, I clicked the Properties button, which opens the Group Properties dialog box. On the Group Users tab shown in Figure 19.33, you can add the users of your choice to this new group, in this case, nancy and randy .
The Red Hat graphical configuration tool is redhat-config-xfree86 , which is described in detail in Chapter 15 . Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Display. This opens the Display Settings window, shown in Figure 19.34.
In most cases, you can run redhat-config-xfree86 from a terminal window, even if you didn t choose to install graphical packages during the Red Hat Linux installation process. Once changes are made, you ll be able to see the results in /etc/X11/XF86Config . If you ve used redhat-config-xfree86 before, you ll probably see this comment at the top of that file:
# XFree86 4 configuration created by redhat-config-xfree86
Otherwise, if you ve only configured the X Window during the Red Hat installation process, you ll see this comment instead:
# XFree86 4 configuration created by pyxf86config
Red Hat includes a graphical viewer for standard log files, redhat-logviewer . Start it from a GNOME desktop by selecting Main Menu ˜ System Tools ˜ System Logs. This opens the System Logs window, shown in Figure 19.35.
Note the list of logs on the left and a view of the specific log file on the right. You can see right away, from the exclamation point (the alert icon) and failed messages that there might be some problem with ntpd , the Network Time Protocol daemon.
You can use this tool to search for specific messages; enter the search term of your choice and the redhat-logviewer isolates any messages with the search term. You might even realize that this search capability is a function of the grep command.
The redhat-logviewer is configured to review log files from standard locations. If you click Edit ˜ Preferences, that opens the Preferences dialog box, where you can change the file associated with a log, and specify the messages that set off the alert icon.
The standard locations for the redhat-logviewer log files are shown in Table 19.6.
Log Name | File Location |
---|---|
Boot | /var/log/boot.log |
Cron | /var/log/cron |
Kernel Startup | /var/log/dmesg |
Apache Access | /var/log/httpd/access_log |
Apache Error | /var/log/httpd/error_log |
| /var/log/maillog |
News | /var/log/spooler |
RPM Packages | /var/log/rpmpkgs |
Security | /var/log/secure |
System | /var/log/messages |
XFree86 | /var/log/XFree86.0.log |
If a log file is missing from the list, you may not have started the service before. For example, if you don t see an Apache Access Log in Figure 19.35, you probably haven t started or accessed the Apache web server on your computer.
There are two similar-looking utilities related to fonts:
# redhat-update-gnome-font-install # redhat-update-gnome-font-install2
Both can help you upload fonts that support printing from GNOME applications. The first utility generates a font map used in printing GNOME-based applications. They update the following font configuration files:
/etc/gnome/fonts/gnome-print-rpm.fontmap /etc/gnome/libgnomeprint-2.0/fonts/libgnomeprint-rpm.fontmap
The Red Hat Kickstart configuration tool is redhat-config-kickstart , which is described in detail in Chapter 05 . Start it from a GNOME desktop by selecting Main Menu ˜ System Tools ˜ Kickstart. This opens the Kickstart Configurator window, shown in Figure 19.36.
Normally, you should save Kickstart files to ks.cfg; a model Kickstart file based on how you installed Red Hat Linux on the local computer is available at /root/anaconda-ks.cfg .
The Red Hat Firewall configuration tool is redhat-config-securitylevel , which is essentially the same tool that you used during the installation process in Chapter 03 or 4. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Security Level. This opens the Security Level Configuration window, shown in Figure 19.37.
To summarize, you can configure three levels of firewall protection for your computer: high, medium, or none.
You can further customize the firewall. For example, if one of the network cards is connected only to the local network, you may want it to be a trusted device; firewall rules do not apply to traffic through trusted devices. In addition, you can customize the firewall to allow incoming data associated with the protocols shown in the Security Level Configuration window.
If you re using the default iptables firewall command, any changes that you make are written to /etc/sysconfig/iptables . For more information on firewalls and the iptables command, read Chapter 22 .
The redhat-config-securitylevel utility is closely related to the GNOME lokkit firewall wizard, described in Chapter 16 . Both can help you create an iptables -based firewall, using the same basic parameters.
The Red Hat kernel tuning tool is redhat-config-proc , which allows you to modify settings in the /proc directory. Some of the files in this directory are described in greater detail in Chapter 11 . As of this writing, you can only start this utility from a GUI command-line interface; there is no entry in the GNOME Main Menu. Figure 19.38 displays the Kernel Tuning window.
Warning | Be careful before you use redhat-config-proc . At the very least, back up your current /etc/sysctl.conf file first. Any changes you make can change the functionality of your kernel, which could easily stop Linux from working. |
In the setting shown in Figure 19.38, you can enable IP Forwarding, which lets your Linux computer work as a gateway between two or more networks. Changes that you make are written to /etc/sysctl.conf .
The Red Hat tool for setting up username and password databases is authconfig-gtk , which is essentially the same tool that you used during the installation process in Chapter 03 or 4. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Authentication. This opens the Authentication Configuration window, shown in Figure 19.39.
Depending on the type of installation, you may have already set this up during the Red Hat Linux installation process in Chapter 03 or 4 . Since you may be seeing these options for the first time, we ll address them in detail here. First, the settings on the User Information tab are described in Table 19.7.
Setting | Description |
---|---|
Cache User Information | Sets the local server to store user settings. |
Enable NIS Support | Configures authentication through an NIS Server. |
Configure NIS | Opens a window where you can enter the name of the NIS domain and server. |
Enable LDAP Support | Configures access to user information through the Lightweight Directory Assistance Protocol (LDAP). |
Configure LDAP | Opens a window where you can enable Transmission Layer Security (TLS), which is the formal name of the Secure Socket Layer (SSL) protocol, along with an LDAP search database and server. |
Hesiod | Configures authentication information and other configuration files in DNS; its functionally is similar to NIS. |
Configure Hesiod | Opens a window where you can specify Hesiod LHS, which is the prefix for a DNS server name, and the Hesiod RHS, which is the suffix for a DNS server name. For example, if the address of a DNS server is nameserv.mommabears.com , the LHS is nameserv and the RHS is mommabears.com . |
The settings found on the Authentication tab are shown in Figure 19.40; they include several other configuration options, described in Table 19.8.
Setting | Description |
---|---|
Enable LDAP Support | Configures user authentication through the Lightweight Directory Assistance Protocol (LDAP). |
Configure LDAP | Opens a window where you can enable Transmission Layer Security (TLS), which is the formal name of the Secure Socket Layer (SSL) protocol, along with an LDAP search database and server. |
Use Shadow Passwords | Enables the Shadow Password Suite, with passwords, account data, and group information protected in /etc/shadow and /etc/gshadow . |
Use MD5 Passwords | Configures the use of the MD5 form of password encryption. |
Enable Kerberos Support | Sets up strong encryption for checking user credentials, using this protocol developed at MIT. |
Configure Kerberos | Opens a window where you can set the Kerberos Realm ”usually the name of the domain in upper case; the Kerberos Domain Controller (KDC), which is the name of the Kerberos server, using TCP/IP port 88; and any Kerberos administrative servers, using TCP/IP port 749. |
Enable SMB Support | Sets up authentication using Microsoft Windows or Samba servers on a Microsoft Windows “based network. |
Configure SMB | Opens a window where you can set the name of the workgroup or domain controller for the Microsoft Windows “based network. |
Any changes you make are written to the /etc/sysconfig/authconfig configuration file.
Tip | If you want to configure Kerberos 5, you should configure your computers to a central NTP server, as described earlier with the redhat-config-time utility. |
There is a text-mode version of the Authentication Configuration utility, which you start with the authconfig command. It includes two text-mode screens that allow you to enter the same information described in this section.