book

Red Hat Enterprise Linux Server Cookbook

by William Leemans

December 2015

Intermediate to advanced

250 pages

4h 41m

English

Packt Publishing

Read now

Unlock full access

Support files, eBooks, discount offers, and moreWhy Subscribe?Free Access for Packt account holders
What this book covers

Getting readyHow to do it…How it works…There's more…See also
Downloading the color images of this bookErrataPiracyQuestions
Introduction
Getting readyHow to do it…Manual installationKickstart installationGraphical setup during the system's setupSee also
Getting readyHow to do it…Creating storage poolsQuerying storage poolsRemoving storage poolsCreating a virtual networkRemoving networksHow it works…There's more…Local storage poolsNetworked or shared storage poolsSee also
Getting readyHow to do it…Create a guestDeleting a guestHow it works…There's more…See also
Getting readyHow to do it…On the KVM host, perform the following steps:On the KVM guest, perform the following:
Getting readyHow to do it…
Getting readyHow to do it…How it works…There's more…
Getting readyHow to do it…How it works…There's more…
Getting readyHow to do it…Live native migration over the default networkLive native migration over a dedicated networkHow it works…There's more…See also
How to do it…How it works…See also
Introduction
Getting readyHow to do it…How it works…There's more…See also
How to do it…There's more…See also
Getting readyHow to do it…How it works…There's more…See also
How to do it…How it works…
Introduction
Getting readyHow to do it…Creating the VLAN connection with nmcliCreating the VLAN connection with nmtuiCreating the VLAN connection with kickstartThere's more…See also
Getting readyHow to do it…Creating the teamed interface using nmcliCreating the teamed interface using nmtuiCreating the teamed interface with kickstartThere's more…nmclinmtuikickstartSee also
Getting readyHow to do it…Creating a bridge using nmcliCreating a bridge using nmtuiCreating a bridge with kickstartThere's more…See also
How to do it…Setting your IPv4 configuration using nmcliSetting your IPv4 configuration using nmtuiThere's more…
How to do it…Setting your DNS resolvers using nmcliSetting your DNS resolvers using nmtuiThere's more…
How to do it…Configuring static network routes using nmcliConfiguring network routes using nmtui
Introduction
How to do it…There's more…See also
How to do it…There's more…See also
How to do it…There's more…See also
How to do it…There's more…See also
How to do it…How it works…There's more…See also
How to do it…Managing time through chronyManaging time through ntpdThere's more…See also
How to do it…How it works…There's more…See also
How to do it…There's more…See also
Introduction
Getting readyHow to do it…Temporary context changesPersistent file context changesThere's more…See also
How to do it…Listing SELinux booleansChanging SELinux booleansThere's more…
How to do it…There's more…
Getting readyHow to do it…audit.logsyslogausearchThere's more…See also
Getting readyHow to do it…How it works…There's more…See also
Getting readyHow to do it...How it works…There's more…See also
Introduction
Getting readyHow to do it…Installing the latest tarballInstalling cutting edge from GitInstalling Ansible from the EPEL repositoryThere's more…
How to do it…The static inventory fileThe dynamic inventory filehost_vars filesgroup_vars filesHow it works…There's more…See also
Getting readyHow to do it…How it works…There's more…See also
Getting readyHow to do it…How it works…There's more…See also
Getting readyHow to do it…There's more…See also
Getting readyHow to do it…How it works…There's more…
Introduction
How to do it…There's more…See also
How to do it…There's more…
Getting readyHow to do it…How it works...There's more...See also
How to do it…Create the configuration nodeCreate a node groupThere's more…
How to do it…Configure to deploy a module or manifest to a single clientConfigure to deploy a module or manifest to a node groupConfigure to deploy to all registered systemsDeploy to a systemThere's more…
Introduction
How to do it…Your yum historyInformation about a yum transaction or packageUndoing/redoing certain yum transactionsRoll back to a certain point in your transaction historyThere's more…See also
Getting readyHow to do it…Syncing RHN repositoriesThere's more…See also
Getting readyHow to do it…There's more…See also
Getting readyHow to do it…How it works…There's more…See also
How to do it…How it works…See also
Getting readyHow to do it…There's more…
Introduction
Getting readyHow to do it…Installing the IPA serverInstalling the IPA clientThere's more…See also
How to do it…How it works…There's more…See also
Getting readyHow to do it…There's more…See also
How to do it…Showing the currently allowed services and ports on your systemAllowing incoming requests for NFS (v4)Allowing incoming requests on an arbitrary portThere's more…See also
How to do it…Installing and configuring kdump and SysRqUsing kdump tools to analyze the dumpThere's more…See also…
How to do it…Installing and configuring abrtdUsing abrt-cliThere's more…See also
How to do it…Configuring a centralized syslog server to accept audit logsSome audit rulesShowing audit logs for the preceding rulesSee also
Introduction
How to do it…There's more…See also
How to do it…The default installationThe central collectorThere's more…See also
How to do it…There's more…
How to do it…
How to do it…
How to do it…
How to do it…

Content preview from Red Hat Enterprise Linux Server Cookbook

Auditing the system

The Linux audit system allows you to track security-related information about your systems. It allows you to watch security events, filesystem access, network access, commands run by users, and system calls.

How to do it…

By default, audit is installed as part of the core packages. So, there's no need to install this.

Configuring a centralized syslog server to accept audit logs

Perform these steps to set up the syslog server:

On the syslog server, create a /etc/rsyslog.d/audit_server.conf file containing the following:

# Receive syslog audit messages via TCP over port 65514 $ModLoad imtcp $InputTCPServerRun 65514 $AllowedSender TCP, 127.0.0.1, 192.168.1.0/24 $template HostAudit, "/var/log/audit/%$YEAR%%$MONTH%%$DAY%-%HOSTNAME%/audit.log" ...