Using System Administration Utilities

Red Hat has developed a number of other graphical utilities that can help you with the day-to-day tasks of administering your Linux system. They are in various stages of development; expect improvements as Red Hat releases new packages and later versions of its distribution.

Table 19.4 summarizes the Red Hat graphical system administration utilities. Keep in mind that this is an arbitrary list of the utilities described in this section; you could also classify the other utilities in this chapter as system administration utilities.

Table 19.4: Red Hat Graphical System Administration Utilities

Utility

Function

redhat-config-packages

Managing RPM package groups

redhat-config-rootpassword

Changing the root user s password

redhat-config-users

Adding and maintaining users

redhat-config-xfree86

Configuring the GUI

redhat-logviewer

Inspecting current log files

redhat-update-gnome-font-install
redhat-update-gnome-font-install2

Updating fonts

redhat-config-kickstart

Building a Kickstart file for automated installation

redhat-config-securitylevel

Configuring a firewall

redhat-config-proc

Changing kernel settings in /proc

authconfig-gtk

Setting up authentication

authconfig

Using the text-mode version of authconfig-gtk

Package Group Management

You can use the redhat-config-packages utility to inspect, install, and remove the RPM packages currently on your Linux system. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Add/Remove Applications. This opens the Package Management window, shown in Figure 19.24.

click to expand
Figure 19.24: Package Management by groups

If you installed Red Hat Linux graphically per Chapter 03 , Figure 19.24 should look familiar. It includes the same organization of package groups that you used during the graphical installation process.

You can select some individual packages in each group for installation and removal. As an example, take a look at the packages associated with the KDE Desktop Environment. On the far right side of the associated entry, click Details. This opens the KDE Desktop Environment Package Details window, shown in Figure 19.25.

click to expand
Figure 19.25: KDE Desktop Environment Package Details

As you can see, there are two categories of packages: standard and extra. Standard packages correspond to the mandatory packages as defined in the comps .xml file described in Web Chapter 5. The extra packages are either default or optional packages as defined in comps.xml .

In this way, you can deselect the packages or package groups of your choice. Make any desired changes and click Close. When you click Update in the Package Management window, this utility makes sure that you don t have unsatisfied dependencies. You get a last chance to cancel (see Figure 19.26) before the deselected packages are removed from the system. Click Show Details to review the packages that are to be removed.

click to expand
Figure 19.26: Before packages are removed

Adding new packages is a bit more complex, because it requires access to the installation RPMs. If you start redhat-config-packages from the command line, this utility will prompt you for CDs.

Tip  

If you have a network source for your Red Hat installation files, you don t need the installation CDs. For example, if the /RedHat/RPMS directory with your RPM packages is mounted on /mnt/source , run the redhat-config- packages --tree=/mnt/source command. As long as the RPMs are accessible over the network, redhat -config-packages starts and can use this source to install the packages that you specify.

One more way to start redhat-config-packages is with the redhat-cdinstall-helper --tree=/ mnt/ cdrom command. You ll be prompted to insert the first Red Hat Installation CD before Red Hat takes you to the redhat-config-packages utility.

Linux logs the updated list of installed RPM packages each week in /var/log/rpmpkgs . The original list from when you installed Red Hat Linux is stored in /root/install.log .

Root Password

The redhat-config-rootpassword utility lets you change the password associated with the root user account. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Root Password. If you re not logged in as the root user, you re prompted for the root password, as shown in Figure 19.27.

click to expand
Figure 19.27: You should have the root password before you can change it.

Assuming you enter the correct password (or are already logged into the root account), you ll see the Root Password dialog box, shown in Figure 19.28. The next time you want to log into the root account, you ll need this password.


Figure 19.28: Changing the root user password

Configuring Users

You can use the redhat-config-users utility to manage the users and groups with accounts on your Linux system. More information on the affected configuration files is available in Chapter 09 .

Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Users and Groups. This opens the Red Hat User Manager window, shown in Figure 19.29.

click to expand
Figure 19.29: The Red Hat User Manager

As you can see, this window includes two tabs. The Users tab lists current users on the system, from /etc/passwd . The categories should be familiar if you know this file. To add a user, click Add User. This opens the Create New User dialog box, shown in Figure 19.30.


Figure 19.30: Creating a new user

This dialog box allows you to enter the information associated with the new user, along with the password. Normally, the new user gets the next user ID available, in this case, 503. If you activate Specify User ID Manually, you can set the number of your choice.

You can add more account information for each user. Highlight a user and click Properties. This opens the User Properties dialog box, shown in Figure 19.31.

click to expand
Figure 19.31: Changing user properties

There are four tabs of information within User Properties, which are described in Table 19.5.

Table 19.5: Configurable User Properties

Tab

Description

User Data

Lists basic data for the user, stored in /etc/passwd and /etc/shadow .

Account Info

Allows you to lock and/or set an expiration date for the account; the information is stored in /etc/shadow .

Password Info

Lets you set up password expiration parameters; the information is stored in /etc/shadow .

Groups

Permits you to set group membership for that user; the information is stored in /etc/group .

Click OK to return to the main Red Hat User Manager window. Next, select the Groups tab, which lists current groups from /etc/group . Click Add Group. This opens the Create New Group dialog box, shown in Figure 19.32. By default, each user is a member of his or her own group, with the same ID number. For example, user donna has a user ID of 501 and group donna has a group ID of 501. This is the User Private Group scheme described in Chapter 09 .


Figure 19.32: Creating a new group

Whenever you create a special group, it s a good idea to give it a number in a different range from your users. I ve created the group named angels. After selecting angels from the Groups tab, I clicked the Properties button, which opens the Group Properties dialog box. On the Group Users tab shown in Figure 19.33, you can add the users of your choice to this new group, in this case, nancy and randy .


Figure 19.33: Adding users to a group

GUI Configuration

The Red Hat graphical configuration tool is redhat-config-xfree86 , which is described in detail in Chapter 15 . Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Display. This opens the Display Settings window, shown in Figure 19.34.

click to expand
Figure 19.34: Configuring the X Window

In most cases, you can run redhat-config-xfree86 from a terminal window, even if you didn t choose to install graphical packages during the Red Hat Linux installation process. Once changes are made, you ll be able to see the results in /etc/X11/XF86Config . If you ve used redhat-config-xfree86 before, you ll probably see this comment at the top of that file:

 # XFree86 4 configuration created by redhat-config-xfree86 

Otherwise, if you ve only configured the X Window during the Red Hat installation process, you ll see this comment instead:

 # XFree86 4 configuration created by pyxf86config 

Log Viewer

Red Hat includes a graphical viewer for standard log files, redhat-logviewer . Start it from a GNOME desktop by selecting Main Menu ˜ System Tools ˜ System Logs. This opens the System Logs window, shown in Figure 19.35.

click to expand
Figure 19.35: Reviewing system logs

Note the list of logs on the left and a view of the specific log file on the right. You can see right away, from the exclamation point (the alert icon) and failed messages that there might be some problem with ntpd , the Network Time Protocol daemon.

You can use this tool to search for specific messages; enter the search term of your choice and the redhat-logviewer isolates any messages with the search term. You might even realize that this search capability is a function of the grep command.

The redhat-logviewer is configured to review log files from standard locations. If you click Edit ˜ Preferences, that opens the Preferences dialog box, where you can change the file associated with a log, and specify the messages that set off the alert icon.

The standard locations for the redhat-logviewer log files are shown in Table 19.6.

Table 19.6: redhat-logviewer Standard Log File Locations

Log Name

File Location

Boot

/var/log/boot.log

Cron

/var/log/cron

Kernel Startup

/var/log/dmesg

Apache Access

/var/log/httpd/access_log

Apache Error

/var/log/httpd/error_log

Mail

/var/log/maillog

News

/var/log/spooler

RPM Packages

/var/log/rpmpkgs

Security

/var/log/secure

System

/var/log/messages

XFree86

/var/log/XFree86.0.log

If a log file is missing from the list, you may not have started the service before. For example, if you don t see an Apache Access Log in Figure 19.35, you probably haven t started or accessed the Apache web server on your computer.

Fonts

There are two similar-looking utilities related to fonts:

 # redhat-update-gnome-font-install # redhat-update-gnome-font-install2 

Both can help you upload fonts that support printing from GNOME applications. The first utility generates a font map used in printing GNOME-based applications. They update the following font configuration files:

 /etc/gnome/fonts/gnome-print-rpm.fontmap /etc/gnome/libgnomeprint-2.0/fonts/libgnomeprint-rpm.fontmap 

Kickstart

The Red Hat Kickstart configuration tool is redhat-config-kickstart , which is described in detail in Chapter 05 . Start it from a GNOME desktop by selecting Main Menu ˜ System Tools ˜ Kickstart. This opens the Kickstart Configurator window, shown in Figure 19.36.

click to expand
Figure 19.36: The Kickstart Configurator

Normally, you should save Kickstart files to ks.cfg; a model Kickstart file based on how you installed Red Hat Linux on the local computer is available at /root/anaconda-ks.cfg .

Security Level

The Red Hat Firewall configuration tool is redhat-config-securitylevel , which is essentially the same tool that you used during the installation process in Chapter 03 or 4. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Security Level. This opens the Security Level Configuration window, shown in Figure 19.37.

click to expand
Figure 19.37: Setting up a firewall

To summarize, you can configure three levels of firewall protection for your computer: high, medium, or none.

You can further customize the firewall. For example, if one of the network cards is connected only to the local network, you may want it to be a trusted device; firewall rules do not apply to traffic through trusted devices. In addition, you can customize the firewall to allow incoming data associated with the protocols shown in the Security Level Configuration window.

If you re using the default iptables firewall command, any changes that you make are written to /etc/sysconfig/iptables . For more information on firewalls and the iptables command, read Chapter 22 .

The redhat-config-securitylevel utility is closely related to the GNOME lokkit firewall wizard, described in Chapter 16 . Both can help you create an iptables -based firewall, using the same basic parameters.

Tuning the Kernel

The Red Hat kernel tuning tool is redhat-config-proc , which allows you to modify settings in the /proc directory. Some of the files in this directory are described in greater detail in Chapter 11 . As of this writing, you can only start this utility from a GUI command-line interface; there is no entry in the GNOME Main Menu. Figure 19.38 displays the Kernel Tuning window.

click to expand
Figure 19.38: Kernel Tuning
Warning  

Be careful before you use redhat-config-proc . At the very least, back up your current /etc/sysctl.conf file first. Any changes you make can change the functionality of your kernel, which could easily stop Linux from working.

In the setting shown in Figure 19.38, you can enable IP Forwarding, which lets your Linux computer work as a gateway between two or more networks. Changes that you make are written to /etc/sysctl.conf .

Authentication

The Red Hat tool for setting up username and password databases is authconfig-gtk , which is essentially the same tool that you used during the installation process in Chapter 03 or 4. Start it from a GNOME desktop by selecting Main Menu ˜ System Settings ˜ Authentication. This opens the Authentication Configuration window, shown in Figure 19.39.

click to expand
Figure 19.39: Setting up user information databases

Depending on the type of installation, you may have already set this up during the Red Hat Linux installation process in Chapter 03 or 4 . Since you may be seeing these options for the first time, we ll address them in detail here. First, the settings on the User Information tab are described in Table 19.7.

Table 19.7: Authentication Configuration, User Information Tab

Setting

Description

Cache User Information

Sets the local server to store user settings.

Enable NIS Support

Configures authentication through an NIS Server.

Configure NIS

Opens a window where you can enter the name of the NIS domain and server.

Enable LDAP Support

Configures access to user information through the Lightweight Directory Assistance Protocol (LDAP).

Configure LDAP

Opens a window where you can enable Transmission Layer Security (TLS), which is the formal name of the Secure Socket Layer (SSL) protocol, along with an LDAP search database and server.

Hesiod

Configures authentication information and other configuration files in DNS; its functionally is similar to NIS.

Configure Hesiod

Opens a window where you can specify Hesiod LHS, which is the prefix for a DNS server name, and the Hesiod RHS, which is the suffix for a DNS server name. For example, if the address of a DNS server is nameserv.mommabears.com , the LHS is nameserv and the RHS is mommabears.com .

The settings found on the Authentication tab are shown in Figure 19.40; they include several other configuration options, described in Table 19.8.

click to expand
Figure 19.40: Configuring additional username/password support
Table 19.8: Authentication Configuration, Authentication Tab

Setting

Description

Enable LDAP Support

Configures user authentication through the Lightweight Directory Assistance Protocol (LDAP).

Configure LDAP

Opens a window where you can enable Transmission Layer Security (TLS), which is the formal name of the Secure Socket Layer (SSL) protocol, along with an LDAP search database and server.

Use Shadow Passwords

Enables the Shadow Password Suite, with passwords, account data, and group information protected in /etc/shadow and /etc/gshadow .

Use MD5 Passwords

Configures the use of the MD5 form of password encryption.

Enable Kerberos Support

Sets up strong encryption for checking user credentials, using this protocol developed at MIT.

Configure Kerberos

Opens a window where you can set the Kerberos Realm ”usually the name of the domain in upper case; the Kerberos Domain Controller (KDC), which is the name of the Kerberos server, using TCP/IP port 88; and any Kerberos administrative servers, using TCP/IP port 749.

Enable SMB Support

Sets up authentication using Microsoft Windows or Samba servers on a Microsoft Windows “based network.

Configure SMB

Opens a window where you can set the name of the workgroup or domain controller for the Microsoft Windows “based network.

Any changes you make are written to the /etc/sysconfig/authconfig configuration file.

Tip  

If you want to configure Kerberos 5, you should configure your computers to a central NTP server, as described earlier with the redhat-config-time utility.

There is a text-mode version of the Authentication Configuration utility, which you start with the authconfig command. It includes two text-mode screens that allow you to enter the same information described in this section.

 


Mastering Red Hat Linux 9
Building Tablet PC Applications (Pro-Developer)
ISBN: 078214179X
EAN: 2147483647
Year: 2005
Pages: 220

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net