RH033 Unit17 Essential System Administration Tools

Objectives Upon completion of this unit, you should be able to: Explain the process of installing Red Hat Enterprise Linux
Indentify services, their status and be able to manage the runlevels which start and stop them
Install software using multiple installation methods
Understand the basic principles of Red Hat Enterprise Linux security, firewalls and SELinux
Planning an Installation 1) What hardware does the system use? Check the hardware  compatibility
2) Read the release-notes file on the first CD or at http://www.redhat.com Provides valuable summary of features and gotchas
Performing an Installation 1) Installer can be started from: CD-ROM or DVD-ROM
Use Device
Network (PXE)
2) Supported installation sources: Network Server (ftp, http or nfs)
CD-ROM or DVD-ROM
Hard Disk
Managing Services 1) What is a service? 2) Graphical Interface to Service Management: system-config-services 3) Command Line interface to service management service
chkconfig
Managing Software 1) Software is provided as RPM packages Easy installation and removal
Software information stored in a local database
2) Packages are provided by Red Hat Network Centralized management of multiple systems
Easy retrieval of errata packages
Systems must be registered first
Custom package repositories may also be used
The Yum Package Management Tool 1) Front-end to rpm, replacing up2date 2) Configuration in /etc/yum.conf and /etc/yum.repos.d/ 3) Used to install, remove and list software yum install packagename
yum remove packagename
yum update packagename
yum list available
yum list installed
Graphical Package Management 1) pup Application->System Tools->Software Updater
List and install software updates
2) pirut Application->Add/Remove software
View, install and un-install other packages
Securing the System 1) Basic security principles Avoid running services that you do not need
Limit  access to services that are running
Avoid using services that send data unencryped over the network such as instant message, pop, impa, and telnet
SELinux 1) Kernel-level security system 2) All processes and files have a context 3) SELinux Policy dictates how processes and files may interact based on context Policy rules cannot be overridden
Default policy does not apply to all services
Managing SELinux 1) SELinux errors are logged in the System Log 2) SELinux can be disabled in an emergency 3) Disabling SELinux is discouraged! 4) System->Administration->Security Level and Firewall, SELinux tab Packert Filtering 1) Network traffic is divided into packets 2) Each packet has source/destination data 3) Firewalls selectively block packets Firewall and SELinux Configuration system-config-securitylevel 1) System->Administration->Security Level and Firewall Selectively allow incoming connections by port
Specify interfaces to trust al traffic from
Responses to outbound queries always accepted
2) More advanced configuration possible with other tools End of Unit17 1) Questions and Answers 2) Summary System Installation Process
Managing Services
Software Installation Tools
System Security