Product SiteDocumentation Site

Red Hat Enterprise Linux 6

Deployment Guide

Deployment, Configuration and Administration of Red Hat Enterprise Linux 6

Edition 1

Douglas Silas

Red Hat, Inc. Engineering Content Services

Martin Prpič

Red Hat, Inc. Engineering Content Services

Florian Nadge

Red Hat, Inc. Engineering Content Services

Jaromír Hradílek

Red Hat, Inc. Engineering Content Services

John Ha

Red Hat, Inc Engineering Content Services

David O'Brien

Red Hat, Inc Engineering Content Services

Michael Hideo

Red Hat, Inc Engineering Content Services

Don Domingo

Red Hat, Inc Engineering Content Services

Legal Notice

Copyright © 2010 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.


1801 Varsity Drive
 RaleighNC 27606-2072 USA
 Phone: +1 919 754 3700
 Phone: 888 733 4281
 Fax: +1 919 754 3701

Abstract
The Deployment Guide documents relevant information regarding the deployment, configuration and administration of Red Hat Enterprise Linux 6.

Preface
1. Document Conventions
1.1. Typographic Conventions
1.2. Pull-quote Conventions
1.3. Notes and Warnings
2. We Need Feedback!
2.1. Technical Review Requests
3. Acknowledgements
Introduction
I. Package Management
1. Yum
1.1. Checking For and Updating Packages
1.1.1. Checking For Updates
1.1.2. Updating Packages
1.1.3. Updating Security-Related Packages
1.1.4. Preserving Configuration File Changes
1.2. Packages and Package Groups
1.2.1. Searching, Listing and Displaying Package Information
1.2.2. Installing
1.2.3. Removing
1.3. Configuring Yum and Yum Repositories
1.3.1. Setting [main] Options
1.3.2. Setting [repository] Options
1.3.3. Using Yum Variables
1.3.4. Creating a Yum Repository
1.4. Yum Plugins
1.4.1. Enabling, Configuring and Disabling Yum Plugins
1.4.2. Installing More Yum Plugins
1.4.3. Plugin Descriptions
1.5. Additional Resources
2. PackageKit
2.1. Updating Packages with Software Update
2.2. Using Add/Remove Software
2.2.1. Refreshing Software Sources (Yum Repositories)
2.2.2. Finding Packages with Filters
2.2.3. Installing and Removing Packages (and Dependencies)
2.2.4. Installing and Removing Package Groups
2.2.5. Viewing the Transaction Log
2.3. PackageKit Architecture
2.4. Additional Resources
3. RPM
3.1. RPM Design Goals
3.2. Using RPM
3.2.1. Finding RPM Packages
3.2.2. Installing and Upgrading
3.2.3. Configuration File Changes
3.2.4. Uninstalling
3.2.5. Freshening
3.2.6. Querying
3.2.7. Verifying
3.3. Checking a Package's Signature
3.3.1. Importing Keys
3.3.2. Verifying Signature of Packages
3.4. Practical and Common Examples of RPM Usage
3.5. Additional Resources
3.5.1. Installed Documentation
3.5.2. Useful Websites
3.5.3. Related Books
II. Network-Related Configuration
4. Network Interfaces
4.1. Network Configuration Files
4.2. Interface Configuration Files
4.2.1. Ethernet Interfaces
4.2.2. Channel Bonding Interfaces
4.2.3. Alias and Clone Files
4.2.4. Dialup Interfaces
4.2.5. Other Interfaces
4.3. Interface Control Scripts
4.4. Configuring Static Routes
4.5. Network Function Files
4.6. Additional Resources
4.6.1. Installed Documentation
5. Network Configuration
5.1. The NetworkManager Daemon
5.2. Interacting with NetworkManager
5.2.1. Connecting to a Network
5.2.2. Configuring New and Editing Existing Connections
5.2.3. Connecting to a Network Automatically
5.2.4. User and System Connections
5.3. Configuring Connection Settings
5.3.1. Configuring IPv4 Settings
6. Dynamic Host Configuration Protocol (DHCP)
6.1. Why Use DHCP?
6.2. Configuring a DHCP Server
6.2.1. Configuration File
6.2.2. Lease Database
6.2.3. Starting and Stopping the Server
6.2.4. DHCP Relay Agent
6.3. Configuring a DHCP Client
6.4. Configuring a Multihomed DHCP Server
6.4.1. Host Configuration
6.5. DHCP for IPv6 (DHCPv6)
6.6. Additional Resources
6.6.1. Installed Documentation
7. Controlling Access to Services
7.1. Configuring the Default Runlevel
7.2. Configuring the Services
7.2.1. Using the Service Configuration Utility
7.2.2. Using the ntsysv Utility
7.2.3. Using the chkconfig Utility
7.3. Running the Services
7.3.1. Using the service Utility
7.4. Additional Resources
7.4.1. Installed Documentation
7.4.2. Related Books
8. Authentication Configuration
8.1. The Authentication Configuration Tool
8.1.1. Identity & Authentication
8.1.2. Advanced Options
8.1.3. Command Line Version
8.2. The System Security Services Daemon (SSSD)
8.2.1. What is SSSD?
8.2.2. SSSD Features
8.2.3. Setting Up SSSD
8.2.4. Configuring Services
8.2.5. Configuring Domains
8.2.6. Setting Up Kerberos Authentication
8.2.7. Troubleshooting
8.2.8. SSSD Configuration File Format
9. OpenSSH
9.1. The SSH Protocol
9.1.1. Why Use SSH?
9.1.2. Main Features
9.1.3. Protocol Versions
9.1.4. Event Sequence of an SSH Connection
9.2. An OpenSSH Configuration
9.2.1. Configuration Files
9.2.2. Starting an OpenSSH Server
9.2.3. Requiring SSH for Remote Connections
9.2.4. Using a Key-Based Authentication
9.3. OpenSSH Clients
9.3.1. Using the ssh Utility
9.3.2. Using the scp Utility
9.3.3. Using the sftp Utility
9.4. More Than a Secure Shell
9.4.1. X11 Forwarding
9.4.2. Port Forwarding
9.5. Additional Resources
9.5.1. Installed Documentation
9.5.2. Useful Websites
10. The BIND DNS Server
10.1. Introduction to DNS
10.1.1. Nameserver Zones
10.1.2. Nameserver Types
10.1.3. BIND as a Nameserver
10.2. Configuring the named Service
10.2.1. Common Statement Types
10.2.2. Other Statement Types
10.2.3. Comment Tags
10.3. Editing Zone Files
10.3.1. Common Directives
10.3.2. Common Resource Records
10.3.3. Comment Tags
10.3.4. Example Usage
10.4. Using the rndc Utility
10.4.1. Configuring the Utility
10.4.2. Checking the Service Status
10.4.3. Reloading the Configuration and Zones
10.4.4. Updating Zone Keys
10.4.5. Enabling the DNSSEC Validation
10.4.6. Enabling the Query Logging
10.5. Using the dig Utility
10.5.1. Looking Up a Nameserver
10.5.2. Looking Up an IP Address
10.5.3. Looking Up a Hostname
10.6. Advanced Features of BIND
10.6.1. Multiple Views
10.6.2. Incremental Zone Transfers (IXFR)
10.6.3. Transaction SIGnatures (TSIG)
10.6.4. DNS Security Extensions (DNSSEC)
10.6.5. Internet Protocol version 6 (IPv6)
10.7. Common Mistakes to Avoid
10.8. Additional Resources
10.8.1. Installed Documentation
10.8.2. Useful Websites
10.8.3. Related Books
11. The Apache HTTP Server
11.1. The Apache HTTP Server 2.2
11.1.1. New Features
11.1.2. Notable Changes
11.1.3. Updating the Configuration
11.2. Running the httpd Service
11.2.1. Starting the Service
11.2.2. Stopping the Service
11.2.3. Restarting the Service
11.2.4. Checking the Service Status
11.3. Editing the Configuration Files
11.3.1. Common httpd.conf Directives
11.3.2. Common ssl.conf Directives
11.3.3. Common Multi-Processing Module Directives
11.4. Working with Modules
11.4.1. Loading a Module
11.4.2. Writing a Module
11.5. Setting Up Virtual Hosts
11.6. Setting Up an SSL Server
11.6.1. An Overview of Certificates and Security
11.6.2. Enabling the mod_ssl Module
11.6.3. Using an Existing Key and Certificate
11.6.4. Generating a New Key and Certificate
11.7. Additional Resources
11.7.1. Installed Documentation
11.7.2. Useful Websites
12. Email
12.1. Email Protocols
12.1.1. Mail Transport Protocols
12.1.2. Mail Access Protocols
12.2. Email Program Classifications
12.2.1. Mail Transport Agent
12.2.2. Mail Delivery Agent
12.2.3. Mail User Agent
12.3. Mail Transport Agents
12.3.1. Postfix
12.3.2. Sendmail
12.3.3. Fetchmail
12.3.4. Mail Transport Agent (MTA) Configuration
12.4. Mail Delivery Agents
12.4.1. Procmail Configuration
12.4.2. Procmail Recipes
12.5. Mail User Agents
12.5.1. Securing Communication
12.6. Additional Resources
12.6.1. Installed Documentation
12.6.2. Useful Websites
12.6.3. Related Books
III. System Configuration
13. Date and Time Configuration
13.1. Date/Time Properties Tool
13.1.1. Date and Time Properties
13.1.2. Network Time Protocol Properties
13.1.3. Time Zone Properties
13.2. Command Line Configuration
13.2.1. Date and Time Setup
13.2.2. Network Time Protocol Setup
14. Keyboard Configuration
14.1. Changing the Keyboard Layout
14.2. Adding the Keyboard Layout Indicator
14.3. Setting Up a Typing Break
15. Users and Groups
15.1. User and Group Configuration
15.1.1. Adding a New User
15.1.2. Adding a New Group
15.1.3. Modifying Group Properties
15.2. User and Group Management Tools
15.2.1. Command Line Configuration
15.2.2. Explaining the Process
15.3. Standard Users
15.4. Standard Groups
15.5. User Private Groups
15.5.1. Group Directories
15.6. Shadow Passwords
15.7. Additional Resources
15.7.1. Installed Documentation
16. Automated Tasks
16.1. Cron and Anacron
16.1.1. Starting and Stopping the Service
16.1.2. Configuring Anacron Jobs
16.1.3. Configuring Cron Jobs
16.1.4. Controlling Access to Cron
16.1.5. Black/White Listing of Cron Jobs
16.2. At and Batch
16.2.1. Configuring At Jobs
16.2.2. Configuring Batch Jobs
16.2.3. Viewing Pending Jobs
16.2.4. Additional Command Line Options
16.2.5. Controlling Access to At and Batch
16.2.6. Starting and Stopping the Service
16.3. Additional Resources
16.3.1. Installed Documentation
17. Log Files
17.1. Configuring rsyslog
17.1.1. Modules
17.1.2. Global Directives
17.1.3. Rules
17.1.4. Templates
17.1.5. Filter Conditions
17.1.6. Output Channels
17.2. rsyslog Performance
17.3. Locating Log Files
17.3.1. Configuring logrotate
17.4. Viewing Log Files
17.5. Adding a Log File
17.6. Monitoring Log Files
17.7. Additional Resources
17.7.1. Installed Documentation
17.7.2. Useful Websites
18. The sysconfig Directory
18.1. Files in the /etc/sysconfig/ Directory
18.1.1. /etc/sysconfig/arpwatch
18.1.2. /etc/sysconfig/authconfig
18.1.3. /etc/sysconfig/autofs
18.1.4. /etc/sysconfig/clock
18.1.5. /etc/sysconfig/dhcpd
18.1.6. /etc/sysconfig/firstboot
18.1.7. /etc/sysconfig/i18n
18.1.8. /etc/sysconfig/init
18.1.9. /etc/sysconfig/ip6tables-config
18.1.10. /etc/sysconfig/keyboard
18.1.11. /etc/sysconfig/ldap
18.1.12. /etc/sysconfig/named
18.1.13. /etc/sysconfig/network
18.1.14. /etc/sysconfig/ntpd
18.1.15. /etc/sysconfig/quagga
18.1.16. /etc/sysconfig/radvd
18.1.17. /etc/sysconfig/samba
18.1.18. /etc/sysconfig/selinux
18.1.19. /etc/sysconfig/sendmail
18.1.20. /etc/sysconfig/spamassassin
18.1.21. /etc/sysconfig/squid
18.1.22. /etc/sysconfig/system-config-users
18.1.23. /etc/sysconfig/vncservers
18.1.24. /etc/sysconfig/xinetd
18.2. Directories in the /etc/sysconfig/ Directory
18.3. Additional Resources
18.3.1. Installed Documentation
19. The proc File System
19.1. A Virtual File System
19.1.1. Viewing Virtual Files
19.1.2. Changing Virtual Files
19.2. Top-level Files within the proc File System
19.2.1. /proc/buddyinfo
19.2.2. /proc/cmdline
19.2.3. /proc/cpuinfo
19.2.4. /proc/crypto
19.2.5. /proc/devices
19.2.6. /proc/dma
19.2.7. /proc/execdomains
19.2.8. /proc/fb
19.2.9. /proc/filesystems
19.2.10. /proc/interrupts
19.2.11. /proc/iomem
19.2.12. /proc/ioports
19.2.13. /proc/kcore
19.2.14. /proc/kmsg
19.2.15. /proc/loadavg
19.2.16. /proc/locks
19.2.17. /proc/mdstat
19.2.18. /proc/meminfo
19.2.19. /proc/misc
19.2.20. /proc/modules
19.2.21. /proc/mounts
19.2.22. /proc/mtrr
19.2.23. /proc/partitions
19.2.24. /proc/slabinfo
19.2.25. /proc/stat
19.2.26. /proc/swaps
19.2.27. /proc/sysrq-trigger
19.2.28. /proc/uptime
19.2.29. /proc/version
19.3. Directories within /proc/
19.3.1. Process Directories
19.3.2. /proc/bus/
19.3.3. /proc/bus/pci
19.3.4. /proc/driver/
19.3.5. /proc/fs
19.3.6. /proc/irq/
19.3.7. /proc/net/
19.3.8. /proc/scsi/
19.3.9. /proc/sys/
19.3.10. /proc/sysvipc/
19.3.11. /proc/tty/
19.3.12. /proc/PID/
19.4. Using the sysctl Command
19.5. References
IV. System Monitoring
20. Gathering System Information
20.1. System Processes
20.2. Memory Usage
20.3. File Systems
20.4. Hardware
20.5. Additional Resources
20.5.1. Installed Documentation
21. ABRT
21.1. Overview
21.2. Installing and Running ABRT
21.3. ABRT Plugins
21.3.1. Analyzer Plugins
21.3.2. Reporter Plugins
21.3.3. Plugin Configuration in the GUI
21.4. Generating Backtraces
21.4.1. Troubleshooting Backtrace Generation
21.5. Using the Command Line Interface
21.5.1. Viewing Crashes
21.5.2. Reporting Crashes
21.5.3. Deleting Crashes
21.6. Configuring ABRT
21.7. Configuring Centralized Crash Collection
21.7.1. Testing ABRT's Crash Detection
21.7.2. Testing the Upload Method
V. Kernel, Module and Driver Configuration
22. Working with Kernel Modules
22.1. Listing Currently-Loaded Modules
22.2. Displaying Information About a Module
22.3. Loading a Module
22.4. Unloading a Module
22.5. Setting Module Parameters
22.6. Persistent Module Loading
22.7. Specific Kernel Module Capabilities
22.7.1. Using Multiple Ethernet Cards
22.7.2. Using Channel Bonding
22.8. Additional Resources
23. Manually Upgrading the Kernel
23.1. Overview of Kernel Packages
23.2. Preparing to Upgrade
23.3. Downloading the Upgraded Kernel
23.4. Performing the Upgrade
23.5. Verifying the Initial RAM Disk Image
23.6. Verifying the Boot Loader
23.6.1. Configuring the GRUB Boot Loader
23.6.2. Configuring the OS/400® Boot Loader
23.6.3. Configuring the YABOOT Boot Loader
24. The kdump Crash Recovery Service
24.1. Configuring the kdump Service
24.1.1. Configuring the kdump at First Boot
24.1.2. Using the Kernel Dump Configuration Utility
24.1.3. Configuring kdump on the Command Line
24.1.4. Testing the Configuration
24.2. Analyzing the Core Dump
24.2.1. Displaying the Message Buffer
24.2.2. Displaying a Backtrace
24.2.3. Displaying a Process Status
24.2.4. Displaying Virtual Memory Information
24.2.5. Displaying Open Files
24.3. Additional Resources
24.3.1. Installed Documentation
24.3.2. Useful Websites
A. Revision History
Index