openSUSE Documentation Reference
			About This Guide

openSUSE

Copyright © 2006-2007 Novell, Inc.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with the Invariant Section being this copyright notice and license. A copy of the license is included in the section entitled “GNU Free Documentation License”.

SUSE®, openSUSE®, the openSUSE® logo, Novell®, the Novell® logo, the N® logo, are registered trademarks of Novell, Inc. in the United States and other countries. Linux* is a registered trademark of Linus Torvalds. All other third party trademarks are the property of their respective owners. A trademark symbol (® , ™, etc.) denotes a Novell trademark; an asterisk (*) denotes a third-party trademark.

All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither Novell, Inc., SUSE LINUX Products GmbH, the authors, nor the translators shall be held liable for possible errors or the consequences thereof.

Contents

About This Guide

1. Feedback
2. Additional Documentation
3. Documentation Conventions
4. About the Making of This Manual
5. Source Code
6. Acknowledgments

I. Advanced Deployment Scenarios

1. Remote Installation

1.1. Installation Scenarios for Remote Installation
1.2. Setting Up the Server Holding the Installation Sources
1.3. Preparing the Boot of the Target System
1.4. Booting the Target System for Installation
1.5. Monitoring the Installation Process

2. Advanced Disk Setup

2.1. Using the YaST Partitioner
2.2. LVM Configuration
2.3. Soft RAID Configuration

II. Administration

3. Online Update

3.1. YaST Online Update
3.2. Update from the Command Line with zypper

4. YaST in Text Mode

4.1. Navigation in Modules
4.2. Restriction of Key Combinations
4.3. YaST Command Line Options

5. Updating the System and System Changes

5.1. Updating the System
5.2. Software Changes from Version to Version

6. RPM—the Package Manager

6.1. Verifying Package Authenticity
6.2. Managing Packages: Install, Update, and Uninstall
6.3. RPM and Patches
6.4. Delta RPM Packages
6.5. RPM Queries
6.6. Installing and Compiling Source Packages
6.7. Compiling RPM Packages with build
6.8. Tools for RPM Archives and the RPM Database

7. Printer Operation

7.1. The Workflow of the Printing System
7.2. Methods and Protocols for Connecting Printers
7.3. Installing the Software
7.4. Network Printers
7.5. Graphical Printing Interfaces
7.6. Printing from the Command Line
7.7. Special Features in openSUSE
7.8. Troubleshooting

8. The X Window System

8.1. Manually Configuring the X Window System
8.2. Installing and Configuring Fonts
8.3. For More Information

9. Xen Virtualization

9.1. Basic Components
9.2. Setting Up a Virtual Machine Host
9.3. Setting Up Virtual Machines
9.4. Managing a Virtualization Environment

10. System Monitoring Utilities

10.1. Debugging
10.2. Files and File Systems
10.3. Hardware Information
10.4. Networking
10.5. The /proc File System
10.6. Processes
10.7. System Information
10.8. User Information
10.9. Time and Date

III. System

11. 32-Bit and 64-Bit Applications in a 64-Bit System Environment

11.1. Runtime Support
11.2. Software Development
11.3. Software Compilation on Biarch Platforms
11.4. Kernel Specifications

12. Booting and Configuring a Linux System

12.1. The Linux Boot Process
12.2. The init Process
12.3. System Configuration via /etc/sysconfig

13. The Boot Loader

13.1. Selecting a Boot Loader
13.2. Booting with GRUB
13.3. Configuring the Boot Loader with YaST
13.4. Uninstalling the Linux Boot Loader
13.5. Creating Boot CDs
13.6. The Graphical SUSE Screen
13.7. Troubleshooting
13.8. For More Information

14. Special System Features

14.1. Information about Special Software Packages
14.2. Virtual Consoles
14.3. Keyboard Mapping
14.4. Language and Country-Specific Settings

15. Dynamic Kernel Device Management with udev

15.1. The /dev Directory
15.2. Kernel uevents and udev
15.3. Drivers, Kernel Modules, and Devices
15.4. Booting and Initial Device Setup
15.5. Monitoring the Running udev Daemon
15.6. Influencing Kernel Device Event Handling with udev Rules
15.7. Persistent Device Naming
15.8. Files used by udev
15.9. For More Information

16. File Systems in Linux

16.1. Terminology
16.2. Major File Systems in Linux
16.3. Some Other Supported File Systems
16.4. Large File Support in Linux
16.5. For More Information

17. Access Control Lists in Linux

17.1. Traditional File Permissions
17.2. Advantages of ACLs
17.3. Definitions
17.4. Handling ACLs
17.5. ACL Support in Applications
17.6. For More Information

18. Authentication with PAM

18.1. Structure of a PAM Configuration File
18.2. The PAM Configuration of sshd
18.3. Configuring PAM Using pam-config
18.4. For More Information

19. Working with the Shell

19.1. Using the Bash Shell
19.2. Users and Access Permissions
19.3. Important Linux Commands
19.4. The vi Editor

IV. Services

20. Basic Networking

20.1. IP Addresses and Routing
20.2. IPv6—The Next Generation Internet
20.3. Name Resolution
20.4. Configuring a Network Connection with YaST
20.5. Configuring a Network Connection Manually
20.6. smpppd as Dial-up Assistant

21. SLP Services in the Network

21.1. Installation
21.2. Activating SLP
21.3. SLP Front-Ends in openSUSE
21.4. Installation over SLP
21.5. Providing Services via SLP
21.6. For More Information

22. The Domain Name System

22.1. DNS Terminology
22.2. Installation
22.3. Configuration with YaST
22.4. Starting the Name Server BIND
22.5. The Configuration File /etc/named.conf
22.6. Zone Files
22.7. Dynamic Update of Zone Data
22.8. Secure Transactions
22.9. DNS Security
22.10. For More Information

23.1. Configuring a DHCP Server with YaST
23.2. DHCP Software Packages
23.3. The DHCP Server dhcpd
23.4. For More Information

24. Time Synchronization with NTP

24.1. Configuring an NTP Client with YaST
24.2. Configuring xntp in the Network
24.3. Setting Up a Local Reference Clock

25. Using NIS

25.1. Configuring NIS Servers
25.2. Configuring NIS Clients

26. LDAP—A Directory Service

26.1. LDAP versus NIS
26.2. Structure of an LDAP Directory Tree
26.3. Configuring an LDAP Server with YaST
26.4. Configuring an LDAP Client with YaST
26.5. Configuring LDAP Users and Groups in YaST
26.6. Browsing the LDAP Directory Tree
26.7. Manually Configuring an LDAP Server
26.8. Manually Administering LDAP Data
26.9. For More Information

27. Active Directory Support

27.1. Integrating Linux and AD Environments
27.2. Background Information for Linux AD Support
27.3. Configuring a Linux Client for Active Directory
27.4. Logging In to an AD Domain
27.5. Changing Passwords

28. Sharing File Systems with NFS

28.1. NFS Client Configuration
28.2. Exporting File Systems over NFS
28.3. Exporting File Systems Manually
28.4. NFS with Kerberos
28.5. For More Information

29.1. Terminology
29.2. Installing a Samba Server
29.3. Starting and Stopping Samba
29.4. Configuring a Samba Server
29.5. Configuring Clients
29.6. Samba as Login Server
29.7. For More Information

30. The Apache HTTP Server

30.1. Quick Start
30.2. Configuring Apache
30.3. Starting and Stopping Apache
30.4. Installing, Activating, and Configuring Modules
30.5. Getting CGI Scripts to Work
30.6. Setting Up a Secure Web Server with SSL
30.7. Avoiding Security Problems
30.8. Troubleshooting
30.9. For More Information

31. Setting up a FTP server with YaST

31.1. Starting the FTP server
31.2. FTP General Settings
31.3. FTP Performance Settings
31.4. Authentication
31.5. Expert Settings
31.6. For more information

V. Mobility

32. Power Management

32.1. Power Saving Functions
32.2. ACPI
32.3. Rest for the Hard Disk
32.4. The powersave Package

33. Wireless Communication

33.1. Wireless LAN
33.2. Bluetooth
33.3. Infrared Data Transmission

34. Using Tablet PCs

34.1. Installing Tablet PC Packages
34.2. Configuring Your Tablet Device
34.3. Using the Virtual Keyboard
34.4. Rotating Your Display
34.5. Using Gesture Recognition
34.6. Taking Notes and Sketching with the Pen
34.7. Troubleshooting
34.8. For More Information

VI. Security

35. Masquerading and Firewalls

35.1. Packet Filtering with iptables
35.2. Masquerading Basics
35.3. Firewalling Basics
35.4. SuSEfirewall2
35.5. For More Information

36. SSH—Secure Network Operations

36.1. The OpenSSH Package
36.2. The ssh Program
36.3. scp—Secure Copy
36.4. sftp—Secure File Transfer
36.5. The SSH Daemon (sshd)—Server-Side
36.6. SSH Authentication Mechanisms
36.7. X, Authentication, and Forwarding Mechanisms
36.8. Configuring An SSH Daemon with YaST

37. Managing X.509 Certification

37.1. The Principles of Digital Certification
37.2. YaST Modules for CA Management

38. Network Authentication—Kerberos

38.1. Kerberos Terminology
38.2. How Kerberos Works
38.3. Users' View of Kerberos
38.4. For More Information

39. Installing and Administering Kerberos

39.1. Kerberos Network Topology
39.2. Choosing the Kerberos Realms
39.3. Setting Up the KDC Hardware
39.4. Configuring Time Synchronization
39.5. Configuring the KDC
39.6. Configuring Kerberos Clients
39.7. Configuring Remote Kerberos Administration
39.8. Creating Kerberos Service Principals
39.9. Enabling PAM Support for Kerberos
39.10. Configuring SSH for Kerberos Authentication
39.11. Using LDAP and Kerberos

40. Encrypting Partitions and Files

40.1. Setting Up an Encrypted File System with YaST
40.2. Using Encrypted Home Directories
40.3. Using vi to Encrypt Single Files

41. Confining Privileges with AppArmor

41.1. Installing Novell AppArmor
41.2. Enabling and Disabling Novell AppArmor
41.3. Getting Started with Profiling Applications

42. Security and Confidentiality

42.1. Local Security and Network Security
42.2. Some General Security Tips and Tricks
42.3. Using the Central Security Reporting Address

A. An Example Network

B. GNU Licenses

B.1. GNU General Public License
B.2. GNU Free Documentation License

List of Figures

2.1. The YaST Partitioner
2.2. Physical Partitioning versus LVM
2.3. Creating a Volume Group
2.4. Physical Volume Setup
2.5. Logical Volume Management
2.6. Creating Logical Volumes
2.7. RAID Partitions
2.8. File System Settings
3.1. YaST Online Update
4.1. Main Window of YaST in Text Mode
4.2. The Software Installation Module
9.1. Virtualization Architecture
9.2. Virtual Machine Manager Main Console
9.3. Virtual Machine Summary Screen
12.1. System Services (Runlevel)
12.2. System Configuration Using the sysconfig Editor
13.1. Boot Loader Settings
17.1. Minimum ACL: ACL Entries Compared to Permission Bits
17.2. Extended ACL: ACL Entries Compared to Permission Bits
19.1. Example of a Bash Terminal Window
20.1. Simplified Layer Model for TCP/IP
20.2. TCP/IP Ethernet Packet
20.3. Configuring Network Settings
20.4. Modem Configuration
20.5. ISDN Configuration
20.6. ISDN Interface Configuration
20.7. DSL Configuration
22.1. DNS Server Installation: Forwarder Settings
22.2. DNS Server Installation: DNS Zones
22.3. DNS Server Installation: Finish Wizard
22.4. DNS Server: Logging
22.5. DNS Server: Slave Zone Editor
22.6. DNS Server: Zone Editor (NS Records)
22.7. DNS Server: Zone Editor (MX Records)
22.8. DNS Server: Zone Editor (SOA)
23.1. DHCP Server: Card Selection
23.2. DHCP Server: Global Settings
23.3. DHCP Server: Dynamic DHCP
23.4. DHCP Server: Start-Up
23.5. DHCP Server: Host Management
23.6. DHCP Server: Chroot Jail and Declarations
23.7. DHCP Server: Selecting a Declaration Type
23.8. DHCP Server: Configuring Subnets
23.9. DHCP Server: TSIG Configuration
23.10. DHCP Server: Interface Configuration for Dynamic DNS
23.11. DHCP Server: Network Interface and Firewall
24.1. YaST: Configuring an NTP Client
24.2. Advanced NTP Client Configuration: General Settings
24.3. Advanced NTP Client Configuration: Security Settings
25.1. NIS Server Setup
25.2. Master Server Setup
25.3. Changing the Directory and Synchronizing Files for a NIS Server
25.4. NIS Server Maps Setup
25.5. Setting Request Permissions for a NIS Server
25.6. Setting Domain and Address of a NIS Server
26.1. Structure of an LDAP Directory
26.2. YaST LDAP Server Configuration
26.3. YaST: Configuration of the LDAP Client
26.4. YaST: Advanced Configuration
26.5. YaST: Module Configuration
26.6. YaST: Configuration of an Object Template
26.7. YaST: Additional LDAP Settings
26.8. Browsing the LDAP Directory Tree
26.9. Browsing the Entry Data
27.1. Active Directory Authentication Schema
27.2. Determining Windows Domain Membership
27.3. Providing Administrator Credentials
28.1. NFS Client Configuration with YaST
28.2. NFS Server Configuration Tool
28.3. Configuring an NFS Server with YaST
28.4. Exporting Directories with NFSv2 and v3
30.1. HTTP Server Wizard: Default Host
30.2. HTTP Server Wizard: Summary
30.3. HTTP Server Configuration: Listen Ports and Addresses
30.4. HTTP Server Configuration: Server Modules
31.1. FTP Server Configuration — Start-Up
33.1. YaST: Configuring the Wireless Network Card
34.1. xvkbd Virtual Keyboard
34.2. Annotating a PDF with Xournal
34.3. Editing Texts with Dasher
35.1. iptables: A Packet's Possible Paths
35.2. The YaST Firewall Configuration
37.1. YaST CA Module—Basic Data for a Root CA
37.2. YaST CA Module—Using a CA
37.3. Certificates of a CA
37.4. YaST CA Module—Extended Settings
39.1. Kerberos Network Topology
39.2. YaST: Basic Configuration of a Kerberos Client
39.3. YaST: Advanced Configuration of a Kerberos Client

List of Tables

1.1. F Keys During Installation
1.2. Installation (Boot) Scenarios Used in This Chapter
6.1. The Most Important RPM Query Options
6.2. RPM Verify Options
8.1. Sections in /etc/X11/xorg.conf
8.2. Parameters of fc-list
9.1. Hardware Requirements
12.1. Available Runlevels
12.2. Possible init Script Options
14.1. ulimit: Setting Resources for the User
16.1. File System Types in Linux
16.2. Maximum Sizes of File Systems (On-Disk Format)
17.1. ACL Entry Types
17.2. Masking Access Permissions
19.1. Overview of a Standard Directory Tree
19.2. Simple Commands of the vi Editor
20.1. Several Protocols in the TCP/IP Protocol Family
20.2. Specific Addresses
20.3. Private IP Address Domains
20.4. Various IPv6 Prefixes
20.5. Manual Network Configuration Scripts
20.6. Parameters for /etc/host.conf
20.7. Databases Available via /etc/nsswitch.conf
20.8. Configuration Options for NSS “Databases”
20.9. Some Start-Up Scripts for Network Programs
26.1. Commonly Used Object Classes and Attributes
26.2. User Groups and Their Access Grants
26.3. Types of Access
33.1. Overview of Various WLAN Standards
37.1. X.509v3 Certificate
37.2. X.509 Certificate Revocation List (CRL)
37.3. Passwords during LDAP Export

List of Examples

2.1. /etc/fstab: Partition Data
5.1. List with df -h
6.1. rpm -q -i wget
6.2. Script to Search for Packages
7.1. /etc/modprobe.conf: Interrupt Mode for the First Parallel Port
7.2. Error Message from lpd
7.3. Broadcast from the CUPS Network Server
8.1. Screen Section of the File /etc/X11/xorg.conf
12.1. A Minimal INIT INFO Block
14.1. Entry in /etc/crontab
14.2. /etc/crontab: Remove Time Stamp Files
14.3. Example for /etc/logrotate.conf
14.4. ulimit: Settings in ~/.bashrc
15.1. Example udev Rules
18.1. PAM Configuration for sshd
18.2. Default Configuration for the auth Section
18.3. Default Configuration for the account Section
18.4. Default Configuration for the password Section
18.5. Default Configuration for the session Section
19.1. Sample Output Showing File Permissions
19.2. Sample Output Showing Directory Permissions
20.1. Writing IP Addresses
20.2. Linking IP Addresses to the Netmask
20.3. Sample IPv6 Address
20.4. IPv6 Address Specifying the Prefix Length
20.5. /etc/resolv.conf
20.6. /etc/hosts
20.7. /etc/networks
20.8. /etc/host.conf
20.9. /etc/nsswitch.conf
20.10. Output of the Command ping
20.11. Output of the ifconfig Command
20.12. Output of the route -n Command
22.1. Forwarding Options in named.conf
22.2. A Basic /etc/named.conf
22.3. Entry to Disable Logging
22.4. Zone Entry for example.com
22.5. Zone Entry for example.net
22.6. File /var/lib/named/example.com.zone
22.7. Reverse Lookup
23.1. The Configuration File /etc/dhcpd.conf
23.2. Additions to the Configuration File
26.1. Excerpt from schema.core
26.2. slapd.conf: Include Directive for Schemes
26.3. slapd.conf: pidfile and argsfile
26.4. slapd.conf: Access Control
26.5. slapd.conf: Example for Access Control
26.6. slapd.conf: Database-Specific Directives
26.7. Example for an LDIF File
26.8. ldapadd with example.ldif
26.9. LDIF Data for Tux
26.10. Modified LDIF File tux.ldif
29.1. A CD-ROM Share (deactivated)
29.2. homes Share
29.3. Global Section in smb.conf
29.4. Setting Up a Machine Account
29.5. Automated Setup of a Machine Account
30.1. Variations of Name-Based VirtualHost Entries
30.2. Name-Based VirtualHost Directives
30.3. IP-Based VirtualHost Directives
30.4. Basic VirtualHost Configuration
30.5. VirtualHost CGI Configuration
33.1. Output of irdadump
41.1. Output of aa-unconfined

Home

About This Guide

Next