SUSE Linux Documentation Installation and Administration
			About This Guide

SUSE Linux Enterprise Server

Contents

About This Guide

1. Feedback
2. Documentation Updates
3. Additional Documentation
4. Documentation Conventions

I. Deployment

1. Planning for SUSE Linux Enterprise

1.1. Considerations for Deployment of a SUSE Linux Enterprise
1.2. Deployment of SUSE Linux Enterprise
1.3. Running SUSE Linux Enterprise

2. Deployment Strategies

2.1. Deploying up to 10 Workstations
2.2. Deploying up to 100 Workstations
2.3. Deploying More than 100 Workstations

3. Installation with YaST

3.1. IBM System z: System Start-Up for Installation
3.2. System Start-Up for Installation
3.3. The Boot Screen
3.4. Language
3.5. IBM System z: Hard Disk Configuration
3.6. License Agreement
3.7. System Analysis
3.8. Time Zone
3.9. Installation Summary
3.10. Performing the Installation
3.11. Configuration of the Installed System
3.12. Graphical Login

4. Remote Installation

4.1. Installation Scenarios for Remote Installation
4.2. Setting Up the Server Holding the Installation Sources
4.3. Preparing the Boot of the Target System
4.4. Booting the Target System for Installation
4.5. Monitoring the Installation Process

5. Automated Installation

5.1. Simple Mass Installation
5.2. Rule-Based Autoinstallation
5.3. For More Information

6. Deploying Customized Preinstallations

6.1. Preparing the Master Machine
6.2. Customizing the firstboot Installation
6.3. Cloning the Master Installation
6.4. Personalizing the Installation

7. Advanced Disk Setup

7.1. LVM Configuration
7.2. Soft RAID Configuration

8. System Configuration with YaST

8.1. YaST Language
8.2. The YaST Control Center
8.3. Software
8.4. Hardware
8.5. System
8.6. Network Devices
8.7. Network Services
8.8. AppArmor
8.9. Security and Users
8.10. Virtualization
8.11. Miscellaneous
8.12. YaST in Text Mode
8.13. Managing YaST from the Command Line
8.14. SaX2
8.15. Troubleshooting
8.16. For More Information

9. Managing Software with ZENworks

9.1. Managing Packages from the Command Line with rug
9.2. Managing Packages with the ZEN Tools
9.3. For More Information

10. Updating SUSE Linux Enterprise

10.1. Updating SUSE Linux Enterprise
10.2. Installing Service Packs
10.3. Software Changes from Version 9 to Version 10

II. Administration

11. OpenWBEM

11.1. Setting Up OpenWBEM
11.2. Changing the OpenWBEM CIMOM Configuration
11.3. For More Information

12. Mass Storage over IP Networks—iSCSI

12.1. Setting Up an iSCSI Target
12.2. Configuring iSCSI Initiator

13. Oracle Cluster File System 2

13.1. Overview of OCFS2
13.2. Creating an OCFS2 Volume
13.3. Mounting an OCFS2 Volume
13.4. Additional Information

14. Access Control Lists in Linux

14.1. Traditional File Permissions
14.2. Advantages of ACLs
14.3. Definitions
14.4. Handling ACLs
14.5. ACL Support in Applications
14.6. For More Information

15. RPM—the Package Manager

15.1. Verifying Package Authenticity
15.2. Managing Packages: Install, Update, and Uninstall
15.3. RPM and Patches
15.4. Delta RPM Packages
15.5. RPM Queries
15.6. Installing and Compiling Source Packages
15.7. Compiling RPM Packages with build
15.8. Tools for RPM Archives and the RPM Database

16. System Monitoring Utilities

16.1. Debugging
16.2. Files and File Systems
16.3. Hardware Information
16.4. Networking
16.5. The /proc File System
16.6. Processes
16.7. System Information
16.8. User Information
16.9. Time and Date

17. Working with the Shell

17.1. Getting Started with the Bash Shell
17.2. Users and Access Permissions
17.3. Important Linux Commands
17.4. The vi Editor

III. System

18. 32-Bit and 64-Bit Applications in a 64-Bit System Environment

18.1. Runtime Support
18.2. Software Development
18.3. Software Compilation on Biarch Platforms
18.4. Kernel Specifications

19. Booting and Configuring a Linux System

19.1. The Linux Boot Process
19.2. The init Process
19.3. System Configuration via /etc/sysconfig

20. The Boot Loader

20.1. Selecting a Boot Loader
20.2. Booting with GRUB
20.3. Configuring the Boot Loader with YaST
20.4. Uninstalling the Linux Boot Loader
20.5. Creating Boot CDs
20.6. The Graphical SUSE Screen
20.7. Troubleshooting
20.8. For More Information

21. Special System Features

21.1. Information about Special Software Packages
21.2. Virtual Consoles
21.3. Keyboard Mapping
21.4. Language and Country-Specific Settings

22. Virtualization

22.1. System and Software Requirements
22.2. Virtualization Infrastructure
22.3. Installing Virtualization Software
22.4. Starting the Virtualization Host Server
22.5. Managing Virtual Machines
22.6. Creating Virtual Machines
22.7. Windows Server 2003 Virtual Machines
22.8. For More Information

23. Printer Operation

23.1. The Workflow of the Printing System
23.2. Methods and Protocols for Connecting Printers
23.3. Installing the Software
23.4. Setting Up a Printer
23.5. Network Printers
23.6. Graphical Printing Interfaces
23.7. Printing from the Command Line
23.8. Special Features in SUSE Linux Enterprise
23.9. Troubleshooting

24. Dynamic Kernel Device Management with udev

24.1. The /dev Directory
24.2. Kernel uevents and udev
24.3. Drivers, Kernel Modules, and Devices
24.4. Booting and Initial Device Setup
24.5. Debugging udev Events
24.6. Influencing Kernel Device Event Handling with udev Rules
24.7. Persistent Device Naming
24.8. The Replaced hotplug Package
24.9. For More Information

25. File Systems in Linux

25.1. Terminology
25.2. Major File Systems in Linux
25.3. Some Other Supported File Systems
25.4. Large File Support in Linux
25.5. For More Information

26. The X Window System

26.1. Manually Configuring the X Window System
26.2. Installing and Configuring Fonts
26.3. For More Information

27. Authentication with PAM

27.1. Structure of a PAM Configuration File
27.2. The PAM Configuration of sshd
27.3. Configuration of PAM Modules
27.4. For More Information

28. Power Management

28.1. Power Saving Functions
28.2. APM
28.3. ACPI
28.4. Rest for the Hard Disk
28.5. The powersave Package
28.6. The YaST Power Management Module

29. Wireless Communication

29.1. Wireless LAN

IV. Services

30. Basic Networking

30.1. IP Addresses and Routing
30.2. IPv6—The Next Generation Internet
30.3. Name Resolution
30.4. Configuring a Network Connection with YaST
30.5. Managing Network Connections with NetworkManager
30.6. Configuring a Network Connection Manually
30.7. smpppd as Dial-up Assistant

31. SLP Services in the Network

31.1. Activating SLP
31.2. SLP Front-Ends in SUSE Linux Enterprise
31.3. Installation over SLP
31.4. Providing Services with SLP
31.5. For More Information

32. Time Synchronization with NTP

32.1. Configuring an NTP Client with YaST
32.2. Configuring xntp in the Network
32.3. Setting Up a Local Reference Clock

33. The Domain Name System

33.1. DNS Terminology
33.2. Configuration with YaST
33.3. Starting the Name Server BIND
33.4. The Configuration File /etc/named.conf
33.5. Zone Files
33.6. Dynamic Update of Zone Data
33.7. Secure Transactions
33.8. DNS Security
33.9. For More Information

34.1. Configuring a DHCP Server with YaST
34.2. DHCP Software Packages
34.3. The DHCP Server dhcpd
34.4. For More Information

35. Using NIS

35.1. Configuring NIS Servers
35.2. Configuring NIS Clients

36. LDAP—A Directory Service

36.1. LDAP versus NIS
36.2. Structure of an LDAP Directory Tree
36.3. Server Configuration with slapd.conf
36.4. Data Handling in the LDAP Directory
36.5. Configuring an LDAP Server with YaST
36.6. Configuring an LDAP Client with YaST
36.7. Configuring LDAP Users and Groups in YaST
36.8. Browsing the LDAP Directory Tree
36.9. For More Information

37.1. Terminology
37.2. Starting and Stopping Samba
37.3. Configuring a Samba Server
37.4. Configuring Clients
37.5. Samba as Login Server
37.6. Samba Server in the Network with Active Directory
37.7. Migrating a Windows NT Server to Samba
37.8. For More Information

38. Sharing File Systems with NFS

38.1. Installing the Required Software
38.2. Importing File Systems with YaST
38.3. Importing File Systems Manually
38.4. Exporting File Systems with YaST
38.5. Exporting File Systems Manually
38.6. NFS with Kerberos
38.7. For More Information

39. File Synchronization

39.1. Available Data Synchronization Software
39.2. Determining Factors for Selecting a Program
39.3. Introduction to CVS
39.4. Introduction to rsync

40. The Apache HTTP Server

40.1. Quick Start
40.2. Configuring Apache
40.3. Starting and Stopping Apache
40.4. Installing, Activating, and Configuring Modules
40.5. Getting CGI Scripts to Work
40.6. Setting Up a Secure Web Server with SSL
40.7. Avoiding Security Problems
40.8. Troubleshooting
40.9. For More Information

41. The Proxy Server Squid

41.1. Some Facts about Proxy Caches
41.2. System Requirements
41.3. Starting Squid
41.4. The Configuration File /etc/squid/squid.conf
41.5. Configuring a Transparent Proxy
41.6. cachemgr.cgi
41.7. squidGuard
41.8. Cache Report Generation with Calamaris
41.9. For More Information

V. Security

42. Managing X.509 Certification

42.1. The Principles of Digital Certification
42.2. YaST Modules for CA Management

43. Masquerading and Firewalls

43.1. Packet Filtering with iptables
43.2. Masquerading Basics
43.3. Firewalling Basics
43.4. SuSEfirewall2
43.5. For More Information

44. SSH: Secure Network Operations

44.1. The OpenSSH Package
44.2. The ssh Program
44.3. scp—Secure Copy
44.4. sftp—Secure File Transfer
44.5. The SSH Daemon (sshd)—Server-Side
44.6. SSH Authentication Mechanisms
44.7. X, Authentication, and Forwarding Mechanisms

45. Network Authentication—Kerberos

45.1. Kerberos Terminology
45.2. How Kerberos Works
45.3. Users' View of Kerberos
45.4. For More Information

46. Installing and Administering Kerberos

46.1. Choosing the Kerberos Realms
46.2. Setting Up the KDC Hardware
46.3. Clock Synchronization
46.4. Configuring the KDC
46.5. Manually Configuring Kerberos Clients
46.6. Configuring a Kerberos Client with YaST
46.7. Remote Kerberos Administration
46.8. Creating Kerberos Host Principals
46.9. Enabling PAM Support for Kerberos
46.10. Configuring SSH for Kerberos Authentication
46.11. Using LDAP and Kerberos

47. Encrypting Partitions and Files

47.1. Setting Up an Encrypted File System with YaST
47.2. Using Encrypted Home Directories
47.3. Using vi to Encrypt Single Files

48. Confining Privileges with AppArmor

48.1. Installing Novell AppArmor
48.2. Enabling and Disabling Novell AppArmor
48.3. Getting Started with Profiling Applications

49. Security and Confidentiality

49.1. Local Security and Network Security
49.2. Some General Security Tips and Tricks
49.3. Using the Central Security Reporting Address

VI. Troubleshooting

50. Help and Documentation

50.1. Using the SUSE Help Center
50.2. Man Pages
50.3. Info Pages
50.4. The Linux Documentation Project
50.5. Wikipedia: The Free Online Encyclopedia
50.6. Guides and Books
50.7. Package Documentation
50.8. Usenet
50.9. Standards and Specifications

51. Common Problems and Their Solutions

51.1. Finding and Gathering Information
51.2. Installation Problems
51.3. Boot Problems
51.4. Login Problems
51.5. Network Problems
51.6. Data Problems
51.7. IBM System z: Using initrd as a Rescue System

List of Figures

3.1. IBM System z: Selecting a DASD
3.2. IBM System z: Activating a DASD
3.3. IBM System z: Overview of Available ZFCP Disks
3.4. Installation Settings
3.5. Installing and Removing Software with the YaST Package Manager
3.6. Proposed Setup for Network Services
5.1. Editing an AutoYaST Profile with the AutoYaST Front-End
5.2. AutoYaST Rules
7.1. Physical Partitioning versus LVM
7.2. Creating a Volume Group
7.3. Physical Volume Setup
7.4. Logical Volume Management
7.5. Creating Logical Volumes
7.6. RAID Partitions
7.7. File System Settings
8.1. The YaST Control Center
8.2. YaST Package Manager
8.3. Conflict Management of the Package Manager
8.4. YaST Online Update
8.5. Sound Configuration
8.6. The YaST Partitioner
8.7. Adding a PCI ID
8.8. Setting the Language
8.9. Main Window of YaST in Text Mode
8.10. The Software Installation Module
8.11. Card and Monitor Properties
9.1. Selecting the Software Updates
10.1. Update to Service Pack 1
14.1. Minimum ACL: ACL Entries Compared to Permission Bits
14.2. Extended ACL: ACL Entries Compared to Permission Bits
17.1. Example of a Bash Terminal Window
17.2. The ls Command
17.3. The ls -l Command
17.4. Excerpt from a Standard Directory Tree
19.1. System Services (Runlevel)
19.2. System Configuration Using the sysconfig Editor
20.1. Boot Loader Settings
22.1. Virtualization Architecture
23.1. Printer Configuration Summary
28.1. Scheme Selection
28.2. Overview of Existing Schemes
28.3. Configuring a Scheme
28.4. Battery Charge Level
28.5. ACPI Settings
29.1. YaST: Configuring the Wireless Network Card
30.1. Simplified Layer Model for TCP/IP
30.2. TCP/IP Ethernet Packet
30.3. Configuring a Network Card
30.4. Modem Configuration
30.5. ISDN Configuration
30.6. ISDN Interface Configuration
30.7. DSL Configuration
32.1. YaST: Configuring an NTP Client
32.2. YaST: Complex NTP Configuration
33.1. DNS Server Installation: Forwarder Settings
33.2. DNS Server Installation: DNS Zones
33.3. DNS Server Installation: Finish Wizard
33.4. DNS Server: Logging
33.5. DNS Server: Slave Zone Editor
33.6. DNS Server: Zone Editor (Basic)
33.7. DNS Server: Zone Editor (NS Records)
33.8. DNS Server: Zone Editor (MX Records)
33.9. DNS Server: Zone Editor (SOA)
34.1. DHCP Server: Card Selection
34.2. DHCP Server: Global Settings
34.3. DHCP Server: Dynamic DHCP
34.4. DHCP Server: Start-Up
34.5. DHCP Server: Host Management
34.6. DHCP Server: Chroot Jail and Declarations
34.7. DHCP Server: Selecting a Declaration Type
34.8. DHCP Server: Configuring Subnets
34.9. DHCP Server: TSIG Configuration
34.10. DHCP Server: Interface Configuration for Dynamic DNS
34.11. DHCP Server: Network Interface and Firewall
35.1. NIS Server Setup
35.2. Master Server Setup
35.3. Changing the Directory and Synchronizing Files for a NIS Server
35.4. NIS Server Maps Setup
35.5. Setting Request Permissions for a NIS Server
35.6. Setting Domain and Address of a NIS Server
36.1. Structure of an LDAP Directory
36.2. YaST LDAP Server Configuration
36.3. YaST: Configuration of the LDAP Client
36.4. YaST: Advanced Configuration
36.5. YaST: Module Configuration
36.6. YaST: Configuration of an Object Template
36.7. YaST: Additional LDAP Settings
36.8. Browsing the LDAP Directory Tree
36.9. Browsing the Entry Data
37.1. Determining Windows Domain Membership
37.2. Providing Administrator Credentials
38.1. NFS Client Configuration with YaST
38.2. NFS Server Configuration Tool
38.3. Configuring an NFS Server with YaST
38.4. Exporting Directories with NFSv4
38.5. Exporting Directories with NFSv2 and v3
40.1. HTTP Server Wizard: Default Host
40.2. HTTP Server Wizard: Summary
40.3. HTTP Server Configuration: Listen Ports and Addresses
40.4. HTTP Server Configuration: Server Modules
42.1. YaST CA Module—Basic Data for a Root CA
42.2. YaST CA Module—Using a CA
42.3. Certificates of a CA
42.4. YaST CA Module—Extended Settings
43.1. iptables: A Packet's Possible Paths
46.1. YaST: Basic Configuration of a Kerberos Client
46.2. YaST: Advanced Configuration of a Kerberos Client
50.1. The Main Window of the SUSE Help Center
50.2. Configuring the Search Function
50.3. Generating a Search Index
51.1. US Keyboard Layout
51.2. Automatic Repair Mode

List of Tables

2.1. Installing from the SUSE Linux Enterprise Media
2.2. Installing from a Network Server Using SLP
2.3. Installing from a Network Server
2.4. Simple Remote Installation via VNC—Static Network Configuration
2.5. Simple Remote Installation via VNC—Dynamic Network Configuration
2.6. Remote Installation via VNC—PXE Boot and Wake on LAN
2.7. Simple Remote Installation via SSH—Static Network Configuration
2.8. Remote Installation via SSH—Dynamic Network Configuration
2.9. Remote Installation via SSH—PXE Boot and Wake on LAN
2.10. Simple Mass Installation
2.11. Rule-Based Autoinstallation
3.1. Boot Options
4.1. F Keys During Installation
4.2. Installation (Boot) Scenarios Used in This Chapter
10.1. Backup Files
10.2. Commands
10.3. Log Files in /var/log
10.4. Wrapper
10.5. Split Configuration Files in /etc/sysconfig/powersave
11.1. Commands for Managing owcimomd
11.2. Port Communication Setup and Recommended Configurations
11.3. Additional Color Codes for the log.debug.format Command
13.1. O2CB Cluster Service Stack
13.2. In-Memory File Systems Used by OCFS2
13.3. OCFS2 Utilities
13.4. O2CB Commands
14.1. ACL Entry Types
14.2. Masking Access Permissions
15.1. The Most Important RPM Query Options
15.2. RPM Verify Options
17.1. Overview of a Standard Directory Tree
17.2. Simple Commands of the vi Editor
19.1. Available Runlevels
19.2. Possible init Script Options
21.1. ulimit: Setting Resources for the User
22.1. Popular Operating Systems Tested to Run in Full Virtualization Mode
22.2. Modified Operating Systems Tested to Run in Paravirtual Mode
22.3. xm Commands
25.1. File System Types in Linux
25.2. Maximum Sizes of File Systems (On-Disk Format)
26.1. Sections in /etc/X11/xorg.conf
26.2. Parameters of fc-list
29.1. Overview of Various WLAN Standards
30.1. Several Protocols in the TCP/IP Protocol Family
30.2. Specific Addresses
30.3. Private IP Address Domains
30.4. Various IPv6 Prefixes
30.5. Manual Network Configuration Scripts
30.6. Parameters for /etc/host.conf
30.7. Databases Available via /etc/nsswitch.conf
30.8. Configuration Options for NSS “Databases”
30.9. Some Start-Up Scripts for Network Programs
36.1. Commonly Used Object Classes and Attributes
36.2. User Groups and Their Access Grants
36.3. Types of Access
39.1. Features of the File Synchronization Tools: -- = very poor, - = poor or not available, o = medium, + = good, ++ = excellent, x = available
42.1. X.509v3 Certificate
42.2. X.509 Certificate Revocation List (CRL)
42.3. Passwords during LDAP Export
50.1. Man Pages—Categories and Descriptions
51.1. Log Files
51.2. System Information

List of Examples

6.1. Configuring the Proposal Screens
6.2. Configuring the Workflow Section
6.3. Configuring the List of Workflow Components
8.1. /etc/fstab: Partition Data
8.2. Adding Multiple Users
8.3. Removing Multiple Users
8.4. Sample Output of yast lan list
10.1. List with df -h
15.1. rpm -q -i wget
15.2. Script to Search for Packages
17.1. Sample Output Showing File Permissions
17.2. Sample Output Showing Directory Permissions
19.1. A Minimal INIT INFO Block
21.1. Entry in /etc/crontab
21.2. /etc/crontab: Remove Time Stamp Files
21.3. Example for /etc/logrotate.conf
21.4. ulimit: Settings in ~/.bashrc
23.1. /etc/modprobe.conf: Interrupt Mode for the First Parallel Port
23.2. Error Message from lpd
23.3. Broadcast from the CUPS Network Server
26.1. Screen Section of the File /etc/X11/xorg.conf
27.1. PAM Configuration for sshd
27.2. Default Configuration for the auth Section
27.3. Default Configuration for the account Section
27.4. Default Configuration for the password Section
27.5. Default Configuration for the session Section
27.6. pam_unix2.conf
27.7. pam_env.conf
27.8. pam_pwcheck.conf
30.1. Writing IP Addresses
30.2. Linking IP Addresses to the Netmask
30.3. Sample IPv6 Address
30.4. IPv6 Address Specifying the Prefix Length
30.5. /etc/resolv.conf
30.6. /etc/hosts
30.7. /etc/networks
30.8. /etc/host.conf
30.9. /etc/nsswitch.conf
30.10. Output of the Command ping
30.11. Output of the ifconfig Command
30.12. Output of the route -n Command
33.1. Forwarding Options in named.conf
33.2. A Basic /etc/named.conf
33.3. Entry to Disable Logging
33.4. Zone Entry for my-domain.de
33.5. Zone Entry for other-domain.de
33.6. File /var/lib/named/world.zone
33.7. Reverse Lookup
34.1. The Configuration File /etc/dhcpd.conf
34.2. Additions to the Configuration File
36.1. Excerpt from schema.core
36.2. slapd.conf: Include Directive for Schemes
36.3. slapd.conf: pidfile and argsfile
36.4. slapd.conf: Access Control
36.5. slapd.conf: Example for Access Control
36.6. slapd.conf: Database-Specific Directives
36.7. Example for an LDIF File
36.8. ldapadd with example.ldif
36.9. LDIF Data for Tux
36.10. Modified LDIF File tux.ldif
36.11. pam_unix2.conf Adapted to LDAP
36.12. Adaptations in nsswitch.conf
37.1. A CD-ROM Share
37.2. homes Share
37.3. Global Section in smb.conf
37.4. Setting Up a Machine Account
37.5. Automated Setup of a Machine Account
37.6. Example Script initGroups.sh
40.1. Variations of Name-Based VirtualHost Entries
40.2. Name-Based VirtualHost Directives
40.3. IP-Based VirtualHost Directives
40.4. Basic VirtualHost Configuration
40.5. VirtualHost CGI Configuration
41.1. Firewall Configuration: Option 15
41.2. Access Rules
41.3. Access Rules
48.1. Output of aa-unconfined
51.1. Output of the Mount Command
51.2. chroot to the Mounted File System
51.3. Installing the IPL Record with zipl
51.4. Unmounting the File System

Home

About This Guide

Next