book

LPI Linux Certification in a Nutshell, 2nd Edition

by Steven Pritchard, Bruno Gomes Pessanha, Nicolai Langfeldt, James Stanger, Jeff Dean

July 2006

Intermediate to advanced

992 pages

30h 57m

English

O'Reilly Media, Inc.

Read now

Unlock full access

LPI Linux Certification in a Nutshell
SPECIAL OFFER: Upgrade this ebook with O’Reilly
Preface
The Linux Professional Institute
Audience for This Book
Organization
Book Chapters
Conventions Used in This Book
Using Code Examples
Safari Enabled
How to Contact Us
Acknowledgments

I. General Linux Exam 101
1. LPI Exams
1.1. Exam 101 Overview
2. Exam 101 Study Guide
2.1. Exam Preparation
3. Hardware and Architecture (Topic 1.101)
3.1. Objective 1: Configure Fundamental BIOS Settings3.1.1. BIOS3.1.1.1. Date and time3.1.1.2. Disks and boot devices3.1.2. Resource Assignments3.1.3. 1024-Cylinder Limit
3.2. Objective 3: Configure Modems and Sound Cards
3.2.1. Modems3.2.1.1. Modem types3.2.1.2. Modem hardware resources3.2.2. Sound Devices
3.3. Objective 4: Set Up Non-IDE Devices
3.3.1. SCSI3.3.1.1. SCSI types3.3.2. SCSI IDs3.3.2.1. SCSI logical unit numbers3.3.2.2. Linux SCSI disk device files3.3.2.3. Termination3.3.2.4. SCSI controllers on PCs
3.4. Objective 5: Set Up Different PC Expansion Cards
3.4.1. Plug and Play3.4.1.1. Using the /proc filesystem
3.5. Objective 6: Configure Communications Devices
3.6. Objective 7: Configure USB Devices
3.6.1. USB Topology3.6.2. USB Controllers3.6.3. USB Devices3.6.4. USB Drivers3.6.5. USB Hotplug
4. Linux Installation and Package Management (Topic 1.102)
4.1. Objective 1: Design a Hard Disk Layout4.1.1. System Considerations4.1.1.1. Limited disk space4.1.1.2. Larger systems4.1.1.3. System role4.1.1.4. Backup4.1.2. Swap Space4.1.3. General Guidelines
4.2. Objective 2: Install a Boot Manager
4.2.1. LILO4.2.1.1. The boot loader4.2.1.2. The LILO map installer and its configuration file4.2.1.3. LILO locations4.2.2. GRUB4.2.2.1. GRUB device naming4.2.2.2. Installing GRUB4.2.2.3. Booting GRUB4.2.2.4. The GRUB configuration file
4.3. Objective 3: Make and Install Programs from Source
4.3.1. Getting Open Source and Free Software4.3.1.1. What's a tarball?4.3.1.2. Opening a tarball4.3.2. Compiling Open Source Software4.3.2.1. configure4.3.2.2. make4.3.2.3. Installing the compiled software4.3.2.4. Example:Compiling bash
4.4. Objective 4: Manage Shared Libraries
4.4.1. Shared Library Dependencies4.4.2. Linking Shared Libraries
4.5. Objective 5: Use Debian Package Management
4.5.1. Debian Package Management Overview4.5.2. Managing Debian Packages
4.6. Objective 6: Use Red Hat Package Manager (RPM)
4.6.1. RPM Overview4.6.2. Running rpm
5. GNU and Unix Commands (Topic 1.103)
5.1. Objective 1: Work on the Command Line5.1.1. The Interactive Shell5.1.1.1. Shell variable basics5.1.1.2. Entering commands at the command prompt5.1.1.3. Entering commands not in the PATH5.1.1.4. Entering multiple-line commands interactively5.1.1.5. Entering command sequences5.1.2. Command History and Editing5.1.2.1. Command substitution5.1.2.2. Applying commands recursively through a directory tree
5.2. Objective 2: Process Text Streams Using Filters
5.4. Objective 3: Perform Basic File Management
5.4.1. Filesystem Objects5.4.1.1. Directories and files5.4.1.2. Inodes5.4.1.3. File and directory management commands5.4.2. File-Naming Wildcards
5.5. Objective 4: Use Streams, Pipes, and Redirects
5.5.1. Standard I/O and Default File Descriptors5.5.2. Pipes5.5.3. Redirection5.5.4. Using the tee Command
5.6. Objective 5: Create, Monitor, and Kill Processes
5.6.1. Processes5.6.2. Process Monitoring5.6.3. Signaling Active Processes5.6.4. Terminating Processes5.6.5. Shell Job Control
5.7. Objective 6: Modify Process Execution Priorities
5.7.1. nice
5.8. Objective 7: Search Text Files Using Regular Expressions
5.8.1. Regular Expression Syntax5.8.1.1. Examples5.8.2. Using sed5.8.2.1. Commands5.8.3. Examples5.8.3.1. Anchors5.8.3.2. Groups and ranges5.8.3.3. Modifiers5.8.3.4. Basic regular expression patterns5.8.3.5. Using regular expressions as addresses in sed
5.9. Objective 8: Perform Basic File Editing Operations Using vi
5.9.1. Invoking vi5.9.2. vi Basics
6. Devices, Linux Filesystems, and the Filesystem Hierarchy Standard (Topic 1.104)
6.1. Objective 1: Create Partitions and Filesystems6.1.1. Disk Drives Under Linux6.1.1.1. Hard disk devices6.1.1.2. Disk partitions6.1.1.3. The root filesystem and mount points6.1.1.4. Managing partitions6.1.1.5. Creating filesystems6.1.1.6. Creating swap partitions
6.2. Objective 2: Maintain the Integrity of Filesystems
6.2.1. Monitoring Free Disk Space and Inodes6.2.2. Monitoring Disk Usage6.2.3. Modifying a Filesystem6.2.4. Checking and Repairing Filesystems
6.3. Objective 3: Control Filesystem Mounting and Unmounting
6.3.1. Managing the Filesystem Table6.3.2. Mounting Filesystems6.3.3. Unmounting Filesystems
6.4. Objective 4: Set and View Disk Quotas
6.4.1. Quota Limits6.4.2. Quota Commands6.4.3. Enabling Quotas
6.5. Objective 5: Use File Permissions to Control Access to Files
6.5.1. Linux Access Control6.5.1.1. The mode bits6.5.1.2. The mode string6.5.2. Setting Access Modes6.5.2.1. New files6.5.2.2. Changing access modes
6.6. Setting Up a Workgroup Directory
6.7. Objective 6: Manage File Ownership
6.8. Objective 7: Create and Change Hard and Symbolic Links
6.8.1. Why Links?6.8.1.1. Preserving links6.8.1.2. Finding links to a file
6.9. Objective 8: Find System Files and Place Files in the Correct Location
6.9.1. Data Types6.9.2. The root Filesystem6.9.2.1. The /usr filesystem6.9.2.2. The /var filesystem6.9.2.3. Linux annex6.9.2.4. Where's that binary?6.9.3. Locating Files
7. The X Window System (Topic 1.1.10)
7.1. An Overview of X
7.2. Objective 1: Install and Configure X11
7.2.1. Selecting and Configuring an X Server7.2.1.1. Supported video hardware7.2.1.2. Installing XFree867.2.1.3. Configuring an X server and the XF86Config file7.2.2. X Fonts7.2.2.1. Installing fonts7.2.2.2. The X font server7.2.3. Controlling X Applications with .Xresources
7.3. Objective 2: Set Up a Display Manager
7.3.1. Configuring xdm7.3.1.1. Running xdm manually7.3.1.2. Running xdm automatically7.3.1.3. Basic xdm customization7.3.2. X Terminals7.3.2.1. xdm for X terminals
7.4. Objective 4: Install and Customize a Window Manager Environment
7.4.1. Starting X and a Default Window Manager7.4.1.1. The XFree86 start up process7.4.2. xterm et al.7.4.3. X Libraries7.4.4. Remote X Clients7.4.4.1. Examples7.4.5. X Security7.4.5.1. Host access control7.4.5.2. MIT-MAGIC-COOKIE-1 Authentication
8. Exam 101 Review Questions and Exercises
8.1. Hardware and Architecture (Topic 1.101)8.1.1. Review questions8.1.2. Exercises
8.2. Linux Installation and Package Management (Topic 1.102)
8.2.1. Review Questions8.2.2. Exercises
8.3. GNU and Unix Commands (Topic 1.103)
8.3.1. Review Questions8.3.2. Exercises
8.4. Devices, Linux Filesystems, and the Filesystem Hierarchy Standard (Topic 1.104)
8.4.1. Review Questions8.4.2. Exercises
8.5. The X Window System (Topic 1.110)
8.5.1. Review Questions8.5.2. Exercises
9. Exam 101 Practice Test
9.1. Questions
9.2. Answers
10. Exam 101 Highlighter's Index
10.1. Hardware and Architecture10.1.1. Objective 1: Configure Fundamental BIOS Settings10.1.1.1. PC BIOS10.1.1.2. Resource assignments10.1.1.3. 1024-cylinder limit10.1.2. Objective 3: Configure Modems and Sound Cards10.1.2.1. Modems10.1.2.2. Sound devices10.1.3. Objective 4: Set Up Non-IDE Devices10.1.3.1. SCSI10.1.4. Objective 5: Set Up PC Different Expansion Cards10.1.4.1. /proc10.1.4.2. Commands10.1.5. Objective 6: Configure Communication Devices10.1.5.1. Concepts10.1.5.2. Commands10.1.6. Objective 7: Configure USB Devices10.1.6.1. Host Controllers10.1.6.2. Devices10.1.6.3. Drivers10.1.6.4. Commands
10.2. Linux Installation and Package Management
10.2.1. Objective 1: Design a Hard Disk Layout10.2.1.1. Guidelines10.2.2. Objective 2: Install a Boot Manager10.2.2.1. LILO10.2.2.2. GRUB10.2.3. Objective 3: Make and Install Programs from Source10.2.3.1. Source Files10.2.3.2. make10.2.4. Objective 4: Manage Shared Libraries10.2.4.1. Concepts10.2.4.2. Commands10.2.5. Objective 5: Use Debian Package Management10.2.5.1. Commands10.2.6. Objective 6: Use Red Hat Package Manager (RPM)10.2.6.1. Concepts
10.3. GNU and Unix Commands
10.3.1. Objective 1: Work Effectively on the Command Line10.3.1.1. The interactive shell and shell variables10.3.1.2. Entering commands10.3.1.3. Command history, editing, and substitution10.3.1.4. Recursive execution10.3.2. Objective 2: Process Text Streams Using Filters10.3.2.1. The Commands10.3.2.2. The stream editor, sed10.3.3. Objective 3: Perform Basic File Management10.3.3.1. Concepts10.3.3.2. File and directory management commands10.3.3.3. File-naming wildcards10.3.4. Objective 4: Use Unix Streams, Pipes, and Redirects10.3.4.1. Concepts10.3.4.2. Standard I/O10.3.4.3. Pipes and redirection10.3.5. Objective 5: Create, Monitor, and Kill Processes10.3.5.1. Concepts10.3.5.2. Monitoring commands10.3.5.3. Signaling processes10.3.5.4. Shell job control10.3.6. Objective 6: Modify Process Execution Priorities10.3.6.1. Concepts10.3.6.2. Commands10.3.7. Objective 7: Search Text Files Using Regular Expressions10.3.7.1. Concepts10.3.7.2. Position anchors10.3.7.3. Character sets10.3.7.4. Modifiers10.3.8. Objective 8: Using vi10.3.8.1. Subcommands
10.4. Devices, Linux Filesystems, and the Filesystem Hierarchy Standard
10.4.1. Objective 1: Create Partitions and Filesystems10.4.1.1. Disk drives and partitions10.4.1.2. The root filesystem and mount points10.4.1.3. Partition and filesystem management commands10.4.2. Objective 2: Maintain the Integrity of Filesystems10.4.2.1. Filesystem Commands10.4.3. Objective 3: Control Filesystem Mounting and Unmounting10.4.3.1. Managing the filesystem table10.4.3.2. Mounting and unmounting10.4.3.3. Filesystem types10.4.4. Objective 4: Managing Disk Quota10.4.4.1. Quota Types10.4.4.2. Commands10.4.5. Objective 5: Use File Permissions to Control Access to Files10.4.5.1. Access control10.4.5.2. Setting access modes10.4.6. Objective 6: Manage File Ownership10.4.6.1. Concepts10.4.6.2. Commands10.4.7. Objective 7: Create and Change Hard and Symbolic Links10.4.7.1. Concepts10.4.7.2. ln10.4.8. Objective 8: Find System Files and Place Files in the Correct Location10.4.8.1. File Hierarchy Standard (FHS)10.4.8.2. The directory hierarchy10.4.8.3. Locating files
10.5. The X Window System
10.5.1. Objective 1: Install and Configure X1110.5.1.1. Selecting and configuring an X server10.5.1.2. X fonts10.5.1.3. .Xresources10.5.2. Objective 2: Setup A Display Manager10.5.2.1. xdm10.5.2.2. X terminals10.5.3. Objective 4: Install and Customize a Window Manager Environment10.5.3.1. Concepts10.5.3.2. Window managers10.5.3.3. xterm10.5.3.4. X libraries10.5.3.5. Remote X clients
II. General Linux Exam 102
11. Exam 102 Overview
12. Exam 102 Study Guide
12.1. Exam Preparation
13. Kernel (Topic 1.105)
13.1. Objective 1: Manage/Query Kernel and Kernel Modules at Runtime13.1.1. Module Files13.1.2. Manipulating Modules13.1.3. Configuring Modules13.1.4. Module Dependency File
13.2. Objective 2: Reconfigure, Build, and Install a Custom Kernel and Kernel Modules
13.2.1. Kernel Background13.2.1.1. Kernel versions13.2.1.2. Required tools and software13.2.2. Compiling a Custom Kernel13.2.2.1. Creating a kernel configuration13.2.2.2. Compiling the kernel13.2.2.3. Installing the new kernel and configuring LILO13.2.2.4. Examine the new modules
14. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
14.1. Objective 1: Boot the System14.1.1. Boot-time Kernel Parameters14.1.2. Introduction to Kernel Module Configuration14.1.2.1. Kernel boot-time messages14.1.2.2. Reviewing system logs
14.2. Objective 2: Change Runlevels and Shut Down or Reboot System
14.2.1. Single-User Mode14.2.1.1. Overview of the /etc directory tree and the init process14.2.1.2. Setting the default runlevel14.2.1.3. Determining your system's runlevel14.2.2. Changing Runlevels with init and telinit14.2.3. System Shutdown with shutdown
15. Printing (Topic 1.107)
15.1. An Overview of Printing
15.2. Objective 2: Manage Printers and Print Queues
15.2.1. Linux Printing Overview15.2.2. Managing Print Queues15.2.2.1. Managing print queues with lpc
15.3. Objective 3: Print Files
15.4. Objective 4: Install and Configure Local and Remote Printers
15.4.1. /etc/printcap15.4.2. Filters15.4.2.1. APSfilter15.4.2.2. magicfilter15.4.2.3. Multiple filters15.4.3. Remote lpd and Samba Printers
16. Documentation (Topic 1.108)
16.1. Objective 1: Use and Manage Local System Documentation16.1.1. Text Files and Paging16.1.1.1. Paging programs16.1.2. Manpages16.1.2.1. Manual sections16.1.2.2. Manpage format16.1.2.3. man mechanics16.1.3. Information in /usr/share/doc16.1.4. Info Pages
16.2. Objective 2: Find Linux Documentation on the Internet
16.2.1. The Linux Documentation Project16.2.2. Usenet Newsgroups16.2.2.1. Newsgroup archives16.2.2.2. Contributing to Usenet16.2.3. Mailing Lists16.2.4. Vendor Web Sites and Other Resources
16.3. Objective 5: Notify Users on System-related Issues
16.3.1. /etc/issue16.3.1.1. Example16.3.2. /etc/motd
17. Shells, Scripting, Programming, and Compiling (Topic 1.109)
17.1. Objective 1: Customize and Use the Shell Environment17.1.1. An Overview of Shells17.1.2. The Bash Shell17.1.2.1. Shell and environment variables17.1.2.2. Aliases17.1.2.3. Functions17.1.2.4. Configuration files17.1.2.5. .inputrc
17.2. Objective 2: Customize or Write Simple Scripts
17.2.1. Script Files17.2.1.1. Creating a simple bash script17.2.1.2. Executable files17.2.1.3. She-bang!17.2.1.4. The shell script's environment17.2.1.5. Location, ownership, and permissions17.2.1.6. SUID and GUID rights17.2.2. Basic Bash Scripts17.2.2.1. Return values17.2.2.2. File tests17.2.2.3. Command substitution17.2.2.4. Mailing from scripts17.2.2.5. Abbreviated Bash command reference
18. Administrative Tasks (Topic 1.111)
18.1. Objective 1: Manage Users and Group Accounts and Related System Files18.1.1. User Accounts and the Password File18.1.2. Groups and the Group File18.1.3. The Shadow Password and Shadow Group Systems18.1.3.1. Group passwords and shadow groups18.1.4. User and Group Management Commands18.1.4.1. Additional shadow password management commands
18.2. Objective 2: Tune the User Environment and System Environment Variables
18.2.1. Systemwide Startup Scripts18.2.2. Setting the Home Directory for New Accounts
18.3. Objective 3: Configure and Use System Log Files to Meet Administrative and Security Needs
18.3.1. Configuring syslogd18.3.2. Log File Rotation18.3.3. Examining Log Files
18.4. Objective 4: Automate System Administration Tasks by Scheduling Jobs to Run in the Future
18.4.1. Using cron18.4.1.1. User crontab files18.4.1.2. System crontab files18.4.2. Using at18.4.3. Controlling User Access to cron and at
18.5. Objective 5: Maintain an Effective Data Backup Strategy
18.5.1. Backup Concepts and Strategies18.5.1.1. Backup types18.5.1.2. Backup verification18.5.2. Device Files18.5.3. Using tar and mt18.5.4. Backup Operations18.5.4.1. What should I back up?18.5.4.2. An example backup script18.5.4.3. Verifying tar archives18.5.4.4. File restoration
18.6. Objective 6: Maintain System Time
18.6.1. NTP Concepts18.6.2. The NTP Software Package Components
19. Networking Fundamentals (Topic 1.112)
19.1. Objective 1: Fundamentals of TCP/IP19.1.1. Addressing and Masks19.1.2. Protocols19.1.3. TCP/IP Services19.1.4. TCP/IP Utilities
19.2. Objective 3: TCP/IP Configuration and Troubleshooting
19.2.1. Network Interfaces19.2.1.1. Configuration files19.2.1.2. Configuration commands19.2.1.3. Common manual network interface tasks19.2.2. DHCP19.2.2.1. Subnets and relays19.2.2.2. Leases19.2.2.3. dhcpd
19.3. Objective 4: Configure Linux as a PPP Client
19.3.1. Clients and Servers19.3.1.1. Serial ports and modems19.3.1.2. PPP overview19.3.1.3. Chat scripts19.3.1.4. The PPP daemon19.3.1.5. Manual PPP connection19.3.1.6. Authentication protocols19.3.1.7. PPP over ISDN19.3.1.8. Too many variables
20. Networking Services (Topic 1.113)
20.1. Objective 1: Configure and Manage inetd, xinetd, and Related Services20.1.1. The inetd Configuration File20.1.2. TCP Wrappers with inetd20.1.3. Starting and Stopping inetd Services20.1.4. xinetd Configuration20.1.4.1. Frequently used xinetd.conf options20.1.4.2. Modular configuration
20.2. Objective 2: Operate and Perform Basic Configuration of Mail Transfer Agent (MTA)
20.2.1. Configuring sendmail20.2.1.1. The smart host parameter20.2.2. Mail Aliases20.2.2.1. Forwarding mail from your account to another account20.2.3. Queued Mail20.2.4. Starting and Stopping sendmail
20.3. Objective 3: Operate and Perform Basic Configuration of Apache
20.3.1. Configuring Apache20.3.2. Starting and Stopping Apache
20.4. Objective 4: Properly Manage the NFS and Samba Daemons
20.4.1. NFS20.4.1.1. Exporting (sharing) local filesystems using NFS20.4.1.2. Mounting remote NFS filesystems20.4.1.3. Starting and stopping NFS20.4.2. Samba and the SMB and NMB Daemons20.4.2.1. Getting started20.4.2.2. WINS and browsing20.4.2.3. Using SWAT
20.5. Objective 5: Set Up and Configure Basic DNS Services
20.5.1. The Resolver20.5.1.1. Domain registration20.5.1.2. Using named as a local caching-only name server20.5.1.3. DNS query utilities20.5.1.4. BIND Version 4 versus Version 8 configuration files
20.6. Objective 7: Set Up Secure Shell (OpenSSH)
21. Security (Topic 1.114)
21.1. Objective 1: Perform Security Administration Tasks21.1.1. TCP Wrappers21.1.1.1. On the attack21.1.1.2. Configuring inetd and tcpd21.1.1.3. tcpd access control21.1.1.4. tcpd logging21.1.2. Finding Executable SUID Files21.1.3. Verifying Packages21.1.3.1. Checking installed packages21.1.3.2. Checking packages prior to installation21.1.4. SGID Workgroups21.1.5. Password Management
21.2. Objective 2: Set Up Host Security
21.2.1. Shadow Passwords21.2.2. inetd Minimalism21.2.3. Logging and Superuser Mail21.2.4. Watching for Security Announcements
21.3. Objective 3: Set Up User-level Security
22. Exam 102 Review Questions and Exercises
22.1. Kernel (Topic 1.105)22.1.1. Review Questions22.1.2. Exercises
22.2. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
22.2.1. Review Questions22.2.2. Exercises22.2.2.1. Exercise 1.106-1. Boot22.2.2.2. Exercise 1.106-2. Runlevels
22.3. Printing (Topic 1.107)
22.3.1. Review Questions22.3.2. Exercises
22.4. Documentation (Topic 1.108)
22.4.1. Review Questions22.4.2. Exercises22.4.2.1. Exercise 1.108-1. man and /usr/doc22.4.2.2. Exercise 1.108-4. Acting as a Linux helpdesk
22.5. Shells, Scripting, Programming, and Compiling (Topic 1.109)
22.5.1. Review Questions22.5.2. Exercises
22.6. Administrative Tasks (Topic 1.111)
22.6.1. Review questions22.6.2. Exercises22.6.2.1. Exercise 1.111-1. User accounts22.6.2.2. Exercise 1.111-2. User environment and variables22.6.2.3. Exercise 1.111-3. Syslog and log files22.6.2.4. Exercise 1.111-4. cron and at22.6.2.5. Exercise 1.111-5. Backup
22.7. Networking Fundamentals (Topic 1.112)
22.7.1. Review Questions22.7.2. Exercises
22.8. Networking Services (Topic 1.113)
22.8.1. Review Questions22.8.2. Exercises
22.9. Security (Topic 1.114)
22.9.1. Review Questions22.9.2. Exercises
23. Exam 102 Practice Test
23.1. Questions
23.2. Answers
24. Exam 102 Highlighter's Index
24.1. Kernel (Topic 1.105)24.1.1. Objective 1: Manage/Query Kernel and Kernel Modules at Runtime24.1.2. Objective 2: Reconfigure, Build, and Install a Custom Kernel and Kernel Modules
24.2. Boot, Initialization, Shutdown, and Runlevels (Topic 1.106)
24.2.1. Objective 1: Boot the System24.2.1.1. LILO, the Linux loader24.2.1.2. Kernel parameters and module configuration24.2.1.3. Boot-time messages24.2.2. Objective 2: Change Runlevels and Shut Down or Reboot System24.2.2.1. Single-user mode24.2.2.2. The /etc/rc.d directory24.2.2.3. Default runlevel, determining runlevel, changing runlevels
24.3. Printing (Topic 1.107)
24.3.1. Objective 2: Manage Printers and Print Queues24.3.2. Objective 3: Print Files24.3.3. Objective 4: Install and Configure Local and Remote Printers24.3.3.1. /etc/printcap24.3.3.2. Filters24.3.3.3. Remote queues and Samba printers
24.4. Documentation (Topic 1.108)
24.4.1. Objective 1: Use and Manage Local System Documentation24.4.1.1. Text and paging24.4.1.2. The man facility24.4.1.3. /usr/doc24.4.1.4. The info facility24.4.2. Objective 2: Find Linux Documentation on the Internet24.4.2.1. Linux Documentation Project24.4.2.2. Other sources24.4.3. Objective 5: Notify Users on System-related Issues24.4.3.1. /etc/issue24.4.3.2. /etc/issue.net24.4.3.3. /etc/motd
24.5. Shells, Scripting, Programming, and Compiling
24.5.1. Objective 1: Customize and Use the Shell Environment24.5.1.1. bash24.5.2. Objective 2: Customize or Write Simple Scripts24.5.2.1. Environment
24.6. Administrative Tasks (Topic 1.111)
24.6.1. Objective 1: Manage Users and Group Accounts and Related System Files24.6.1.1. passwd and group24.6.1.2. Shadow files24.6.1.3. User and group management commands24.6.2. Objective 2: Tune the User Environment and System Environment Variables24.6.2.1. Configuration scripts24.6.2.2. New account home directories24.6.3. Objective 3: Configure and Use System Log Files to Meet Administrative and Security Needs24.6.3.1. Syslog24.6.3.2. Log file rotation24.6.3.3. Examining log files24.6.4. Objective 4: Automate System Administration Tasks by Scheduling Jobs to Run in the Future24.6.4.1. Using cron24.6.4.2. Using at24.6.4.3. User access24.6.5. Objective 5: Maintain an Effective Data Backup Strategy24.6.6. Objective 6: Maintain System Time
24.7. Networking Fundamentals (Topic 1.112)
24.7.1. Objective 1: Fundamentals of TCP/IP24.7.1.1. Addressing and masks24.7.1.2. Protocols24.7.1.3. TCP/IP services24.7.1.4. TCP/IP utilities24.7.2. Objective 3: TCP/IP Configuration and Troubleshooting24.7.2.1. Network interfaces24.7.2.2. DHCP24.7.3. Objective 4: Configure Linux as a PPP Client
24.8. Networking Services (Topic 1.113)
24.8.1. Objective 1: Configure and Manage inetd, xinetd, and Related Services24.8.2. Objective 2: Operate and Perform Basic Configuration of Mail Transfer Agent (MTA)24.8.3. Objective 3: Operate and Perform Basic Configuration of Apache24.8.4. Objective 4: Properly Manage the NFS and Samba Daemons24.8.4.1. NFS24.8.4.2. Samba24.8.5. Objective 5: Set Up and Configure Basic DNS Services24.8.5.1. The resolver24.8.5.2. Domain registration24.8.6. Objective 7: Set Up Secure Shell (OpenSSH)
24.9. Security (Topic 1.114)
24.9.1. Objective 1: Perform Security Administration Tasks24.9.1.1. TCP wrappers24.9.1.2. Finding executable SUID files24.9.1.3. Verifying packages24.9.1.4. SGID workgroups24.9.1.5. The Secure Shell24.9.2. Objective 2: Set Up Host Security24.9.2.1. Shadow passwords24.9.3. Objective 3: Set Up User-level Security
III. General Linux Exam 201
25. Linux Kernel
25.1. Objective 1: Kernel Components25.1.1. Kernel Image Formats25.1.2. Different Kernel Trees25.1.2.1. Choosing an appropriate kernel25.1.2.2. Hardware support25.1.2.3. Patches25.1.2.4. Kernel modules
25.2. Objective 2: Compiling a Kernel
25.2.1. Kernel Configuration Tools25.2.1.1. make config25.2.1.2. make menuconfig25.2.1.3. make xconfig25.2.2. Compiling and Installing a Custom Kernel25.2.3. Using initrd25.2.3.1. mkinitrd on Red Hat/Fedora25.2.3.2. mkinitrd in Debian25.2.4. Updating Your Kernel
25.3. Objective 3: Patching a Kernel
25.3.1. Applying the Patch25.3.2. Removing a Patch
25.4. Objective 4: Customizing a Kernel
26. System Startup
26.1. Objective 1: Customizing System Startup and Boot Processes26.1.1. /etc/inittab26.1.2. System Initialization Scripts26.1.2.1. System initialization26.1.2.2. Runlevel directories26.1.3. Customizing Runlevels26.1.3.1. Customizing runlevels on Red Hat26.1.4. Customizing initrd Images26.1.4.1. initrd and /linuxrc on Debian26.1.4.2. initrd and /linuxrc on Red Hat
26.2. Objective 2: System Recovery
26.2.1. Filesystem Damage26.2.2. init or the System Initialization Fails26.2.2.1. Bypassing init26.2.2.2. Working in the shell environment26.2.3. Booting from a Rescue CD26.2.3.1. Restoring the bootstrap26.2.3.2. Exploring the damaged system26.2.3.3. Loss of key files
27. Filesystem
27.1. Objective 1: Operating the Linux Filesystem27.1.1. Level 1 Review27.1.2. Additional Filesystem Management Files27.1.3. Managing Swap27.1.4. Linux Partitioning Scheme
27.2. Objective 2: Maintaining a Linux Filesystem
27.2.1. tune2fs27.2.2. dumpe2fs27.2.3. debugfs27.2.4. badblocks and e2fsck27.2.5. fsck27.2.6. mke2fs27.2.7. Filesystem Resizing27.2.8. fsck27.2.9. Self-Monitoring, Analysis, and Reporting Technology System (SMART)
27.3. Objective 3: Creating and Configuring Filesystem Options
27.3.1. Automounting Filesystems27.3.2. Other Filesystems27.3.2.1. Using ext327.3.2.2. vfat filesystems27.3.3. ISO9660 Filesystems27.3.3.1. Creating ISO9660 images27.3.3.2. Burning CD-ROMs27.3.3.2.1. Burning with IDE CD burners27.3.3.2.2. Using cdrecord27.3.3.2.3. CD miscellany27.3.4. dd
28. Hardware (Topic 2.204)
28.1. Objective 1: Configuring RAID28.1.1. The mkraid Tools28.1.2. How to Create RAID 1 (Mirroring)
28.2. Objective 2: Adding New Hardware
28.2.1. Reporting Your Hardware
28.3. Objective 3: Software and Kernel Configuration
28.3.1. hdparm28.3.2. tune2fs28.3.3. Supporting IDE CD Burners28.3.4. Logical Volume Manager (LVM)28.3.4.1. Initializing a disk or partition28.3.4.2. Creating a volume group28.3.4.3. Making a logical volume28.3.4.4. Displaying physical volume properties28.3.4.5. Displaying volume group properties28.3.4.6. Displaying logical volume properties28.3.4.7. Listing disks and volume groups28.3.4.8. Adding disks to a volume group28.3.4.9. Removing a disk from a volume group28.3.4.10. Expanding a logical volume28.3.4.11. Shrinking a logical volume28.3.4.12. Removing a logical volume28.3.4.13. Removing a volume group28.3.4.14. Removing a physical volume28.3.4.15. Starting and stopping LVM28.3.4.16. LVM snapshots28.3.5. Runtime Kernel Configuration
28.4. Objective 4: Configuring PCMCIA Devices
28.4.1. PCMCIA configuration files28.4.1.1. /etc/pcmcia/config28.4.1.2. /etc/pcmcia/config.opts28.4.1.3. /etc/pcmcia/network.opts28.4.1.4. /etc/pcmcia/*.opts28.4.2. PCMCIA commands28.4.3. PCMCIA Troubleshooting28.4.3.1. Steps for troubleshooting PCMCIA devices28.4.3.2. Boot problems28.4.3.3. Common PCMCIA errors28.4.3.4. Kernel upgrades
29. File and Service Sharing (Topic 2.209)
29.1. Objective 1: Configuring a Samba Server29.1.1. Basic Configuration File29.1.2. Windows Passwords29.1.3. Acting as a PDC29.1.4. Login Settings29.1.5. Shares29.1.6. Startup29.1.7. Troubleshooting
29.2. Objective 2: Configuring an NFS Server
29.2.1. The NFS Server29.2.2. Configuring NFS Server Exports29.2.3. NFS Server Security29.2.4. The NFS Client29.2.5. NFS Tools
30. System Maintenance (Topic 2.211)
30.1. Objective 1: System Logging30.1.1. Setting Up a syslog Server30.1.2. Setting Up syslog Clients30.1.3. Using the Central Logs
30.2. Objective 2: Packaging Software
30.2.1. Building RPM Packages30.2.2. Modifying RPM Packages30.2.3. Building Deb Packages30.2.3.1. Signing the package30.2.3.2. Building the package30.2.4. Modifying Deb Packages30.2.4.1. control30.2.4.2. rules
30.3. Objective 3: Backup Operations
31. System Customization and Automation (Topic 2.213)
31.1. Objective 1: Automating Tasks Using Scripts31.1.1. Scripting with Bash and Friends31.1.1.1. Variables31.1.1.2. Checking process status and sending alerts31.1.1.3. Monitoring users and using awk31.1.1.4. Detecting changes31.1.1.5. Log munging with sed31.1.2. Scripting with Perl31.1.2.1. Using CPAN31.1.2.2. Log watching with Perl31.1.2.3. Fetching and processing web logs31.1.2.4. Using Perl to add new disks attached to an HBA controller31.1.2.5. Perl in adverse environments31.1.3. Synchronizing Files Across Machines31.1.4. Scheduled execution31.1.4.1. cron31.1.4.2. Using at
32. Troubleshooting (Topic 2.214)
32.1. Objective 1: Creating Recovery Disks
32.2. Objective 2: Identifying Boot Stages
32.3. Objective 3: Troubleshooting Boot Loaders
32.4. Objective 4: General Troubleshooting
32.5. Objective 5: Troubleshooting System Resources
32.5.1. Environment Variables and Shells32.5.2. Shell Environment32.5.3. Editors32.5.4. Kernel Parameters
32.6. Objective 6: Troubleshooting Environment Configurations
32.6.1. Authorization Problems32.6.2. crontab Problems32.6.3. Init Problems32.6.4. Logging Problems
33. LPI Exam 201 Review Questions and Exercises
33.1. Linux Kernel (Topic 2.201)33.1.1. Review Questions33.1.2. Answers33.1.3. Exercise
33.2. System Startup (Topic 2.202)
33.2.1. Review Questions33.2.2. Answers33.2.3. Exercises
33.3. Filesystem (Topic 2.203)
33.3.1. Review Questions33.3.2. Answers33.3.3. Exercises
33.4. Hardware (Topic 2.204)
33.4.1. Review Questions33.4.2. Answers33.4.3. Exercises
33.5. File and Service Sharing (Topic 2.209)
33.5.1. Review Questions33.5.2. Answers33.5.3. Exercises
33.6. System Maintenance (Topic 2.211)
33.6.1. Review Questions33.6.2. Answers33.6.3. Exercises
33.7. System Customization and Automation (Topic 2.213)
33.7.1. Review Questions33.7.2. Answers33.7.3. Exercises
33.8. Troubleshooting (Topic 2.214)
33.8.1. Review Questions33.8.2. Answers33.8.3. Exercises
34. Exam 201 Practice Test
34.1. Questions
34.2. Answers
IV. General Linux Exam 202
35. Networking Configuration (Topic 2.205)
35.1. Objective 1: Basic Networking Configuration35.1.1. Network Configuration Utilities, and What Lies Beneath35.1.2. Common Network Configuration Files35.1.2.1. The /etc/network/interfaces file35.1.2.2. The /etc/sysconfig/network-scripts directory35.1.3. Using ifconfig35.1.3.1. Virtual interfaces35.1.3.2. Other common uses for ifconfig35.1.3.3. Examples35.1.4. The route Command35.1.4.1. Syntax and frequently used options35.1.5. Common Uses35.1.6. ARP and Related Commands35.1.6.1. arp command syntax35.1.6.2. Example #135.1.6.3. Example #235.1.7. The arpwatch Command35.1.7.1. arpwatch35.1.7.2. Sample arpwatch results35.1.8. Dial-up Connections35.1.8.1. Connecting with a modem35.1.8.2. Configuration files35.1.8.3. pon35.1.8.4. Checking a dial-up network connection35.1.8.5. The poff command35.1.8.6. The wvdial command35.1.8.7. Configuring wvdial: wvdialconf35.1.8.8. wvdialconf examples35.1.8.9. Sample /etc/wvdial.conf file35.1.8.10. ISDN connections35.1.8.11. The ipppd daemon35.1.8.12. The isdnctrl command35.1.8.13. Using isdnctrl35.1.8.14. Multihomed systems35.1.8.15. IP routing configuration35.1.8.16. IP forwarding versus firewalling and Network Address Translation (NAT)
35.2. Objective 2: Advanced Network Configuration and Troubleshooting
35.2.1. Simple Connectivity Example: Telnet35.2.1.1. Using tcpdump35.2.1.2. tcpdump expressions35.2.1.3. Example #135.2.1.4. Example #235.2.1.5. Example #335.2.1.6. Example #435.2.1.7. ethereal and tethereal35.2.1.8. The lsof command35.2.1.9. Example #135.2.1.10. Example #235.2.1.11. Example #335.2.1.12. Example #435.2.1.13. Example #535.2.1.14. The netstat command35.2.1.15. Example #135.2.1.16. Example #235.2.1.17. Example #335.2.2. netcat (nc)35.2.2.1. Example #135.2.2.2. Example #235.2.2.3. Example #3
36. Mail and News (Topic 2.206)
36.1. Objective 2: Using Sendmail36.1.1. Sendmail Configuration36.1.1.1. Building and editing configuration files: the m4 utility36.1.1.2. Additional configuration files36.1.1.2.1. Restarting Sendmail36.1.2. Securing Sendmail36.1.2.1. Defining a trusted network36.1.2.2. The /etc/mail/access file36.1.2.3. Testing Sendmail configuration36.1.2.4. Defining accepted email domains: local-host-names and sendmail.cw36.1.3. Delivering Email36.1.3.1. SMTP delivery based on DNS lookup36.1.3.1.1. SMTP delivery via a smart host36.1.4. Manual Entries36.1.5. Local Delivery36.1.6. Using virtusertable36.1.7. Checking Virtual Users36.1.8. Email Aliases36.1.8.1. The contents of the aliases file36.1.8.2. Reversing virtual user accounts36.1.8.3. The genericstable file36.1.9. Bastion Host Sendmail Server36.1.9.1. Locking down the server36.1.9.2. Configuring Sendmail for a bastion host36.1.10. Managing Mail Traffic36.1.11. Monitoring Mail36.1.12. Log Configuration
36.2. Objective 3: Managing Mail Traffic
36.2.1. Filtering and Sorting Techniques36.2.1.1. Using Procmail36.2.1.2. Procmail files36.2.1.3. Creating recipes in Procmail36.2.1.3.1. Sample Procmail recipes36.2.1.4. Monitoring and troubleshooting Procmail
36.3. Objective 1: Configuring Mailing Lists
36.3.1. Configuring Majordomo36.3.1.1. Preparing Sendmail36.3.1.2. Installing Majordomo36.3.1.3. Creating Majordomo lists36.3.1.3.1. Using the create command36.3.1.3.2. Customizing the list36.3.2. Testing the Implementation and Monitoring Problems
36.4. Objective 4: Serving News
36.4.1. Overview36.4.1.1. Installing INN36.4.1.2. Configuring INN36.4.1.3. Customizing newsgroups36.4.1.4. Configuring downstream and upstream clients36.4.1.5. Monitoring newsgroups36.4.1.6. Using innwatch
36.5. Conclusion
37. DNS (Topic 2.207)
37.1. Objective 1: Basic DNS Server Configuration37.1.1. named.conf37.1.2. Primary DNS37.1.3. Secondary and Tertiary DNS
37.2. Objective 2: Create and Maintain DNS Zones
37.2.1. Forward DNS Zones37.2.2. Reverse DNS Files37.2.3. DNS Tools
37.3. Objective 3: Securing a DNS Server
37.3.1. Dedicated Servers37.3.2. Restricting Zone Transfers37.3.3. Using Transaction Signatures (TSIG)37.3.4. Recursive Queries37.3.5. Running BIND in a chroot Jail/Reduced Privileges
38. Web Services (Apache and Squid, Topic 2.208)
38.1. Installing Apache38.1.1. Apache Installation from Source
38.2. Configuring Apache
38.2.1. Access Control38.2.2. Third-Party Modules38.2.2.1. mod_php38.2.2.2. mod_perl38.2.2.3. mod_ssl38.2.2.4. mod_rewrite38.2.2.5. Apache performance tuning
38.3. Squid: History and Overview
38.3.1. http_port option38.3.2. cache_dir option38.3.3. cache_mem option38.3.4. cache_access_log option38.3.5. acl option
38.4. Squid Authentication
38.5. Squid as Web Accelerator
39. Network Client Management (Topic 2.210)
39.1. Objective 1: DHCP Configuration39.1.1. Setting Up a DHCP Server39.1.1.1. Configuring DHCP options39.1.1.2. Configuring dhcpd for random IP assignment39.1.1.3. Fixed addresses in dhcpd39.1.1.4. bootp support39.1.1.5. dhcpd.leases39.1.2. Using DHCP Clients39.1.2.1. Using pump39.1.2.2. Using dhclient39.1.2.3. Configuring Red Hat as a DHCP client39.1.2.4. Configuring Debian as a DHCP client39.1.3. DHCP Relay
39.2. Objective 2: NIS Configuration
39.2.1. NIS Master Server39.2.2. NIS Client39.2.2.1. compat39.2.2.2. NIS slave server39.2.3. NIS Maps and Tools39.2.3.1. Map lookups and nicknames39.2.3.2. Keeping maps up to date39.2.3.3. Netgroups39.2.3.4. RPC calls
39.3. Objective 3: LDAP Configuration
39.3.1. Setting Up OpenLDAP Server39.3.2. Setting Up Client Tools
39.4. Objective 4: PAM Authentication
39.4.1. PAM Configuration39.4.1.1. module-type39.4.1.2. control-flag39.4.1.3. module-path and arguments39.4.2. LDAP Client Authentication Using PAM39.4.2.1. Packages for LDAP and PAM39.4.2.2. Configuring nss_ldap and nsswitch.conf39.4.2.3. Configuring pam_ldap and /etc/pam.d files
40. System Security (Topic 2.212)
40.1. Objective 2: Configuring a Router40.1.1. The Example Networks40.1.2. Getting Routing Working40.1.3. Firewall Rulesets40.1.3.1. ipchains versus iptables40.1.3.2. Antispoofing40.1.4. Using ipchains40.1.4.1. ipchains40.1.4.2. ipmasqadm40.1.4.3. Sample ipchains setup40.1.5. Using iptables40.1.5.1. The iptables command40.1.5.2. Example netfilter configuration40.1.6. Firewalling Miscellanea40.1.6.1. /proc/sys/net/ipv440.1.6.2. Saving and reloading rulesets40.1.6.3. NAT and security40.1.6.4. Dynamic routing
40.2. Objective 3: Securing FTP Servers
40.3. Objective 4: Secure Shell (SSH)
40.3.1. Installation and Configuration40.3.2. Generating and Using Keys40.3.3. ssh-agent40.3.4. Other ssh Tricks
40.4. Objective 5: TCP Wrappers
40.4.1. /etc/hosts.allow and /etc/hosts.deny40.4.1.1. Specifying services40.4.1.2. xinetd and access control
40.5. Objective 6: Security Tasks
40.5.1. Kerberos40.5.1.1. Overview40.5.1.2. Server installation and configuration40.5.1.3. Client configuration40.5.2. Security Auditing Source Code40.5.2.1. Executing subprograms40.5.2.2. Checking input40.5.2.3. Buffer overflows40.5.2.4. Unsafe temporary file creation40.5.3. IDS40.5.3.1. Tripwire40.5.3.1.1. Overview of Tripwire40.5.3.1.2. Tripwire policy file format40.5.3.2. Snort40.5.3.2.1. Configuring Snort40.5.3.2.2. Understanding Snort rules40.5.4. Miscellaneous40.5.4.1. Scanning in general40.5.4.2. Security alerts40.5.4.3. Updating Linux40.5.4.3.1. Keeping Debian up-to-date40.5.4.3.2. Keeping Red Hat up-to-date
41. Network Troubleshooting (Topic 214)
41.1. Network Troubleshooting Essentials
41.2. Common Troubleshooting Commands
41.2.1. ping41.2.2. telnet and netcat41.2.3. ifconfig41.2.4. traceroute41.2.5. netstat and route
41.3. Hardware Problems
41.3.1. Physical Connection Issues41.3.1.1. Cabling41.3.1.2. Failed networking devices41.3.2. Problems with the Interface Card41.3.3. Reviewing Screen Output41.3.4. Changes to the Kernel and /etc/modules41.3.5. Checking Log Files
41.4. Network Device Configuration Files
41.4.1. The /etc/network/interfaces File41.4.2. The /etc/sysconfig/network-scripts Directory41.4.3. PCMCIA Card Configuration41.4.4. The /etc/networks File41.4.5. The /etc/nsswitch File41.4.6. Additional Configuration Files41.4.6.1. /etc/host.conf41.4.6.2. /etc/modprobe.d/aliases41.4.6.3. The /etc/hostname file41.4.7. Application Issues
41.5. DNS Errors
41.6. Determining the Cause of Inaccessible Services
41.6.1. Using netstat41.6.2. nmap41.6.3. Finding Authoritative Information with lsof and strace41.6.4. Unexpected Changes to Files and Settings
41.7. Conclusion
42. Exam 202 Review Questions and Exercises
42.1. Networking Configuration (Topic 2.205)42.1.1. Review Questions42.1.2. Answers42.1.3. Exercise
42.2. Mail and News (Topic 2.206)
42.2.1. Review Questions42.2.2. Answers42.2.3. Exercises
42.3. DNS (Topic 2.207)
42.3.1. Review Questions42.3.2. Answers42.3.3. Exercises
42.4. Web Services (Topic 2.208)
42.4.1. Review Questions
42.5. Answers
42.5.1. Exercises
42.6. Network Client Management (Topic 2.210)
42.6.1. Review Questions42.6.2. Answers42.6.3. Exercises
42.7. System Security (Topic 2.212)
42.7.1. Review Questions42.7.2. Answers42.7.3. Exercises
42.8. Network Troubleshooting (Topic 2.214)
42.8.1. Review Questions42.8.2. Answers42.8.3. Exercises
43. Exam 202 Practice Test
43.1. Questions
43.2. Answers
Index
About the Authors
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly

Content preview from LPI Linux Certification in a Nutshell, 2nd Edition

System Security (Topic 2.212)

Review Questions

Which file is considered first by TCP wrappers, hosts.allow or hosts.deny?
Why is it a good idea to store the Tripwire database on a read-only medium, such as a CD-ROM disk?
You have configured an internal network to use the 192.168.2.0/24 block of IP addresses. You have also configured a Linux system with two NICs and have enabled IP address forwarding. However, no users can access the Internet. You have decided not to use a proxy server. What else can you do to allow Internet access through your Linux router?
Consider the following line in the /etc/ssh/ssh_config file. What does it instruct sshd to do?
```
Protocol 2
```
You have been asked to use the iptables command to configure a system to automatically drop all connections from systems that attempt to access TCP ports 21 through 80 on your local system. Your supervisor wants this rule to be the first rule processed. Write in the command that will accomplish this.
Why do many FTP servers contain their own copies of files such as ls, passwd, and chmod?
You wish to use public-key authentication for an SSH session with a remote user. What must you first place into your ~/.ssh/authorized_keys or ~/.ssh/ authorized_keys2 file?

Answers

The hosts.allow file is considered first. Then TCP wrappers reads the contents of the hosts.deny file.
Because storing the database on a read-only medium helps make you reasonably sure that the database has not been changed.
Use iptables to enable Network Address Translation ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 0596005288

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills