Product SiteDocumentation Site

Fedora Draft Documentation

System Administrator's Guide

Deployment, Configuration, and Administration of Fedora 20

Edition 20.0.1

Jaromír Hradílek

Red Hat Engineering Content Services

Douglas Silas

Red Hat Engineering Content Services

Martin Prpič

Red Hat Engineering Content Services

Stephen Wadeley

Red Hat Engineering Content Services

Eliška Slobodová

Red Hat Engineering Content Services

Tomáš Čapek

Red Hat Engineering Content Services

Petr Kovář

Red Hat Engineering Content Services

Miroslav Svoboda

Red Hat Engineering Content Services

John Ha

Red Hat Engineering Content Services

David O'Brien

Red Hat Engineering Content Services

Michael Hideo

Red Hat Engineering Content Services

Don Domingo

Red Hat Engineering Content Services

Legal Notice

Copyright © 2014 Red Hat, Inc. and others.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
For guidelines on the permitted uses of the Fedora trademarks, refer to https://fedoraproject.org/wiki/Legal:Trademark_guidelines.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
All other trademarks are the property of their respective owners.

Abstract

The System Administrator's Guide documents relevant information regarding the deployment, configuration, and administration of Fedora 20. It is oriented towards system administrators with a basic understanding of the system.
Preface
1. Target Audience
2. How to Read this Book
3. Document Conventions
3.1. Typographic Conventions
3.2. Pull-quote Conventions
3.3. Notes and Warnings
4. We Need Feedback!
5. Acknowledgments
I. Basic System Configuration
1. Opening Graphical Applications
1.1. Opening graphical applications from the command line
1.2. Launching Applications with Alt+F2
1.3. Launching applications from the Desktop Menu
1.3.1. Using GNOME menus
1.3.2. Using KDE menus
1.3.3. Using menus in LXDE, MATE, and XFCE
2. Configuring the Language and Keyboard
2.1. Changing the Language
2.2. Changing the Date, Time, and Numeric Format
2.3. Changing the Keyboard Layout
2.4. Viewing the Current Configuration
3. Configuring the Date and Time
3.1. Using the Date and Time Configuration Tool
3.2. Using the Command Line Tools
3.2.1. Changing the Date
3.2.2. Changing the Time
3.2.3. Configuring the Network Time Protocol
3.3. Additional Resources
3.3.1. Installed Documentation
4. Managing Users and Groups
4.1. Introduction to Users and Groups
4.1.1. User Private Groups
4.1.2. Shadow Passwords
4.2. Using the User Accounts Tool
4.2.1. Configuring an Account
4.2.2. Adding a New User
4.2.3. Removing a User
4.3. Using the User Manager Tool
4.3.1. Viewing Users and Groups
4.3.2. Adding a New User
4.3.3. Adding a New Group
4.3.4. Modifying User Properties
4.3.5. Modifying Group Properties
4.4. Using Command Line Tools
4.4.1. Adding a New User
4.4.2. Adding a New Group
4.4.3. Enabling Password Aging
4.4.4. Enabling Automatic Logouts
4.4.5. Creating Group Directories
4.5. Additional Resources
4.5.1. Installed Documentation
II. Package Management
5. Yum
5.1. Checking For and Updating Packages
5.1.1. Checking For Updates
5.1.2. Updating Packages
5.1.3. Preserving Configuration File Changes
5.2. Packages and Package Groups
5.2.1. Searching Packages
5.2.2. Listing Packages
5.2.3. Displaying Package Information
5.2.4. Installing Packages
5.2.5. Removing Packages
5.2.6. Working with Transaction History
5.3. Configuring Yum and Yum Repositories
5.3.1. Setting [main] Options
5.3.2. Setting [repository] Options
5.3.3. Using Yum Variables
5.3.4. Viewing the Current Configuration
5.3.5. Adding, Enabling, and Disabling a Yum Repository
5.3.6. Creating a Yum Repository
5.4. Yum Plug-ins
5.4.1. Enabling, Configuring, and Disabling Yum Plug-ins
5.4.2. Installing Additional Yum Plug-ins
5.4.3. Plug-in Descriptions
5.5. Additional Resources
III. Infrastructure Services
6. Services and Daemons
6.1. Configuring Services
6.1.1. Enabling the Service
6.1.2. Disabling the Service
6.2. Running Services
6.2.1. Checking the Service Status
6.2.2. Running the Service
6.2.3. Stopping the Service
6.2.4. Restarting the Service
6.3. Additional Resources
6.3.1. Installed Documentation
6.3.2. Related Books
7. Configuring Authentication
7.1. Configuring System Authentication
7.1.1. Launching the Authentication Configuration Tool UI
7.1.2. Selecting the Identity Store for Authentication
7.1.3. Configuring Alternative Authentication Features
7.1.4. Setting Password Options
7.1.5. Configuring Authentication from the Command Line
7.1.6. Using Custom Home Directories
7.2. Using and Caching Credentials with SSSD
7.2.1. About the sssd.conf File
7.2.2. Starting and Stopping SSSD
7.2.3. Configuring SSSD to Work with System Services
7.2.4. Creating Domains
7.2.5. Configuring Access Control for SSSD Domains
7.2.6. Configuring Domain Failover
7.2.7. Managing the SSSD Cache
7.2.8. Configuring OpenSSH to Check SSSD for Cached Keys (TECH PREVIEW)
7.2.9. Using NSCD with SSSD
7.2.10. Troubleshooting SSSD
8. OpenSSH
8.1. The SSH Protocol
8.1.1. Why Use SSH?
8.1.2. Main Features
8.1.3. Protocol Versions
8.1.4. Event Sequence of an SSH Connection
8.2. An OpenSSH Configuration
8.2.1. Configuration Files
8.2.2. Starting an OpenSSH Server
8.2.3. Requiring SSH for Remote Connections
8.2.4. Using a Key-Based Authentication
8.3. OpenSSH Clients
8.3.1. Using the ssh Utility
8.3.2. Using the scp Utility
8.3.3. Using the sftp Utility
8.4. More Than a Secure Shell
8.4.1. X11 Forwarding
8.4.2. Port Forwarding
8.5. Additional Resources
8.5.1. Installed Documentation
8.5.2. Useful Websites
IV. Servers
9. Web Servers
9.1. The Apache HTTP Server
9.1.1. Notable Changes
9.1.2. Updating the Configuration
9.1.3. Running the httpd Service
9.1.4. Editing the Configuration Files
9.1.5. Working with Modules
9.1.6. Setting Up Virtual Hosts
9.1.7. Setting Up an SSL Server
9.1.8. Additional Resources
10. Mail Servers
10.1. Email Protocols
10.1.1. Mail Transport Protocols
10.1.2. Mail Access Protocols
10.2. Email Program Classifications
10.2.1. Mail Transport Agent
10.2.2. Mail Delivery Agent
10.2.3. Mail User Agent
10.3. Mail Transport Agents
10.3.1. Postfix
10.3.2. Sendmail
10.3.3. Fetchmail
10.3.4. Mail Transport Agent (MTA) Configuration
10.4. Mail Delivery Agents
10.4.1. Procmail Configuration
10.4.2. Procmail Recipes
10.5. Mail User Agents
10.5.1. Securing Communication
10.6. Additional Resources
10.6.1. Installed Documentation
10.6.2. Useful Websites
10.6.3. Related Books
11. Directory Servers
11.1. OpenLDAP
11.1.1. Introduction to LDAP
11.1.2. Installing the OpenLDAP Suite
11.1.3. Configuring an OpenLDAP Server
11.1.4. Running an OpenLDAP Server
11.1.5. Configuring a System to Authenticate Using OpenLDAP
11.1.6. Additional Resources
12. File and Print Servers
12.1. Samba
12.1.1. Introduction to Samba
12.1.2. Samba Daemons and Related Services
12.1.3. Connecting to a Samba Share
12.1.4. Configuring a Samba Server
12.1.5. Starting and Stopping Samba
12.1.6. Samba Server Types and the smb.conf File
12.1.7. Samba Security Modes
12.1.8. Samba Account Information Databases
12.1.9. Samba Network Browsing
12.1.10. Samba with CUPS Printing Support
12.1.11. Samba Distribution Programs
12.1.12. Additional Resources
12.2. FTP
12.2.1. The File Transfer Protocol
12.2.2. FTP Servers
12.2.3. Files Installed with vsftpd
12.2.4. Starting and Stopping vsftpd
12.2.5. vsftpd Configuration Options
12.2.6. Additional Resources
12.3. Printer Configuration
12.3.1. Starting the Printer Configuration Tool
12.3.2. Starting Printer Setup
12.3.3. Adding a Local Printer
12.3.4. Adding an AppSocket/HP JetDirect printer
12.3.5. Adding an IPP Printer
12.3.6. Adding an LPD/LPR Host or Printer
12.3.7. Adding a Samba (SMB) printer
12.3.8. Selecting the Printer Model and Finishing
12.3.9. Printing a test page
12.3.10. Modifying Existing Printers
12.3.11. Additional Resources
13. Configuring NTP Using the chrony Suite
13.1. Introduction to the chrony Suite
13.1.1. Differences Between ntpd and chronyd
13.1.2. Choosing Between NTP Daemons
13.2. Understanding chrony and Its Configuration
13.2.1. Understanding chronyd
13.2.2. Understanding chronyc
13.2.3. Understanding the chrony Configuration Commands
13.2.4. Security with chronyc
13.3. Using chrony
13.3.1. Checking if chrony is Installed
13.3.2. Installing chrony
13.3.3. Checking the Status of chronyd
13.3.4. Starting chronyd
13.3.5. Stopping chronyd
13.3.6. Checking if chrony is Synchronized
13.3.7. Manually Adjusting the System Clock
13.4. Setting Up chrony for Different Environments
13.4.1. Setting Up chrony for a System Which is Infrequently Connected
13.4.2. Setting Up chrony for a System in an Isolated Network
13.5. Using chronyc
13.5.1. Using chronyc to Control chronyd
13.5.2. Using chronyc for Remote Administration
13.6. Additional Resources
13.6.1. Installed Documentation
13.6.2. Online Documentation
14. Configuring NTP Using ntpd
14.1. Introduction to NTP
14.2. NTP Strata
14.3. Understanding NTP
14.4. Understanding the Drift File
14.5. UTC, Timezones, and DST
14.6. Authentication Options for NTP
14.7. Managing the Time on Virtual Machines
14.8. Understanding Leap Seconds
14.9. Understanding the ntpd Configuration File
14.10. Understanding the ntpd Sysconfig File
14.11. Disabling chrony
14.12. Checking if the NTP Daemon is Installed
14.13. Installing the NTP Daemon (ntpd)
14.14. Checking the Status of NTP
14.15. Configure the Firewall to Allow Incoming NTP Packets
14.15.1. Change the Firewall Settings
14.15.2. Open Ports in the Firewall for NTP Packets
14.16. Configure ntpdate Servers
14.17. Configure NTP
14.17.1. Configure Access Control to an NTP Service
14.17.2. Configure Rate Limiting Access to an NTP Service
14.17.3. Adding a Peer Address
14.17.4. Adding a Server Address
14.17.5. Adding a Broadcast or Multicast Server Address
14.17.6. Adding a Manycast Client Address
14.17.7. Adding a Broadcast Client Address
14.17.8. Adding a Manycast Server Address
14.17.9. Adding a Multicast Client Address
14.17.10. Configuring the Burst Option
14.17.11. Configuring the iburst Option
14.17.12. Configuring Symmetric Authentication Using a Key
14.17.13. Configuring the Poll Interval
14.17.14. Configuring Server Preference
14.17.15. Configuring the Time-to-Live for NTP Packets
14.17.16. Configuring the NTP Version to Use
14.18. Configuring the Hardware Clock Update
14.19. Configuring Clock Sources
14.20. Additional Resources
14.20.1. Installed Documentation
14.20.2. Useful Websites
15. Configuring PTP Using ptp4l
15.1. Introduction to PTP
15.1.1. Understanding PTP
15.1.2. Advantages of PTP
15.2. Using PTP
15.2.1. Checking for Driver and Hardware Support
15.2.2. Installing PTP
15.2.3. Starting ptp4l
15.3. Specifying a Configuration File
15.4. Using the PTP Management Client
15.5. Synchronizing the Clocks
15.6. Verifying Time Synchronization
15.7. Serving PTP Time with NTP
15.8. Serving NTP Time with PTP
15.9. Improving Accuracy
15.10. Additional Resources
15.10.1. Installed Documentation
15.10.2. Useful Websites
V. Monitoring and Automation
16. System Monitoring Tools
16.1. Viewing System Processes
16.1.1. Using the ps Command
16.1.2. Using the top Command
16.1.3. Using the System Monitor Tool
16.2. Viewing Memory Usage
16.2.1. Using the free Command
16.2.2. Using the System Monitor Tool
16.3. Viewing CPU Usage
16.3.1. Using the System Monitor Tool
16.4. Viewing Block Devices and File Systems
16.4.1. Using the lsblk Command
16.4.2. Using the blkid Command
16.4.3. Using the partx Command
16.4.4. Using the findmnt Command
16.4.5. Using the df Command
16.4.6. Using the du Command
16.4.7. Using the System Monitor Tool
16.5. Viewing Hardware Information
16.5.1. Using the lspci Command
16.5.2. Using the lsusb Command
16.5.3. Using the lspcmcia Command
16.5.4. Using the lscpu Command
16.6. Monitoring Performance with Net-SNMP
16.6.1. Installing Net-SNMP
16.6.2. Running the Net-SNMP Daemon
16.6.3. Configuring Net-SNMP
16.6.4. Retrieving Performance Data over SNMP
16.6.5. Extending Net-SNMP
16.7. Additional Resources
16.7.1. Installed Documentation
17. Viewing and Managing Log Files
17.1. Configuring rsyslog
17.1.1. Global Directives
17.1.2. Modules
17.1.3. Rules
17.1.4. rsyslog Command Line Configuration
17.2. Locating Log Files
17.2.1. Configuring logrotate
17.3. Viewing Log Files
17.4. Adding a Log File
17.5. Monitoring Log Files
17.6. Additional Resources
17.6.1. Installed Documentation
17.6.2. Useful Websites
18. Automating System Tasks
18.1. Cron and Anacron
18.1.1. Starting and Stopping the Service
18.1.2. Configuring Anacron Jobs
18.1.3. Configuring Cron Jobs
18.1.4. Controlling Access to Cron
18.1.5. Black/White Listing of Cron Jobs
18.2. At and Batch
18.2.1. Configuring At Jobs
18.2.2. Configuring Batch Jobs
18.2.3. Viewing Pending Jobs
18.2.4. Additional Command Line Options
18.2.5. Controlling Access to At and Batch
18.2.6. Starting and Stopping the Service
18.3. Additional Resources
18.3.1. Installed Documentation
19. OProfile
19.1. Overview of Tools
19.2. Configuring OProfile
19.2.1. Specifying the Kernel
19.2.2. Setting Events to Monitor
19.2.3. Separating Kernel and User-space Profiles
19.3. Starting and Stopping OProfile
19.4. Saving Data
19.5. Analyzing the Data
19.5.1. Using opreport
19.5.2. Using opreport on a Single Executable
19.5.3. Getting more detailed output on the modules
19.5.4. Using opannotate
19.6. Understanding /dev/oprofile/
19.7. Example Usage
19.8. OProfile Support for Java
19.8.1. Profiling Java Code
19.9. Graphical Interface
19.10. OProfile and SystemTap
19.11. Additional Resources
19.11.1. Installed Docs
19.11.2. Useful Websites
VI. Kernel, Module and Driver Configuration
20. Manually Upgrading the Kernel
20.1. Overview of Kernel Packages
20.2. Preparing to Upgrade
20.3. Downloading the Upgraded Kernel
20.4. Performing the Upgrade
20.5. Verifying the Initial RAM Disk Image
20.6. Verifying the Boot Loader
20.6.1. Configuring the GRUB 2 Boot Loader
20.6.2. Configuring the OS/400 Boot Loader
20.6.3. Configuring the YABOOT Boot Loader
21. Working with Kernel Modules
21.1. Listing Currently-Loaded Modules
21.2. Displaying Information About a Module
21.3. Loading a Module
21.4. Unloading a Module
21.5. Setting Module Parameters
21.6. Persistent Module Loading
21.7. Additional Resources
21.7.1. Installed Documentation
21.7.2. Useful Websites
22. The kdump Crash Recovery Service
22.1. Installing the kdump Service
22.2. Configuring the kdump Service
22.2.1. Configuring the kdump at First Boot
22.2.2. Using the Kernel Dump Configuration Utility
22.2.3. Configuring kdump on the Command Line
22.2.4. Testing the Configuration
22.3. Analyzing the Core Dump
22.3.1. Running the crash Utility
22.3.2. Displaying the Message Buffer
22.3.3. Displaying a Backtrace
22.3.4. Displaying a Process Status
22.3.5. Displaying Virtual Memory Information
22.3.6. Displaying Open Files
22.3.7. Exiting the Utility
22.4. Additional Resources
22.4.1. Installed Documentation
22.4.2. Useful Websites
A. RPM
A.1. RPM Design Goals
A.2. Using RPM
A.2.1. Finding RPM Packages
A.2.2. Installing and Upgrading
A.2.3. Configuration File Changes
A.2.4. Uninstalling
A.2.5. Freshening
A.2.6. Querying
A.2.7. Verifying
A.3. Checking a Package's Signature
A.3.1. Importing Keys
A.3.2. Verifying Signature of Packages
A.4. Practical and Common Examples of RPM Usage
A.5. Additional Resources
A.5.1. Installed Documentation
A.5.2. Useful Websites
A.5.3. Related Books
B. The X Window System
B.1. The X Server
B.2. Desktop Environments and Window Managers
B.2.1. Desktop Environments
B.2.2. Window Managers
B.3. X Server Configuration Files
B.3.1. The Structure of the Configuration
B.3.2. The xorg.conf.d Directory
B.3.3. The xorg.conf File
B.4. Fonts
B.4.1. Adding Fonts to Fontconfig
B.5. Runlevels and X
B.5.1. Runlevel 3
B.5.2. Runlevel 5
B.6. Additional Resources
B.6.1. Installed Documentation
B.6.2. Useful Websites
C. Revision History
Index