SUSE Linux


AuthorsJörg Arndt, Stefan Behlert, Frank Bodammer, James Branam, Volker Buzek, Klara Cihlarova, Stefan Dirsch, Olaf Donjak, Roman Drahtmüller, Thorsten Dubiel, Torsten Duwe, Thomas Fehr, Stefan Fent, Werner Fink, Jakub Friedl, Kurt Garloff, Joachim Gleißner, Carsten Groß, Andreas Grünbacher, Berthold Gunreben, Franz Hassels, Andreas Jaeger, Jana Jaeger, Klaus Kämpf, Andi Kleen, Hubert Mantel, Lars Marowsky-Bree, Chris Mason, Johannes Meixner, Lars Müller, Matthias Nagorni, Anas Nashif, Siegfried Olschner, Edith Parzefall, Peter Pöml, Thomas Renninger, Hannes Reinecke, Scott Rhoades, Thomas Rölz, Heiko Rommel, Tanja Roth, Marcus Schäfer, Thomas Schraitle, Klaus Singvogel, Frank Sundermeyer, Elisabeth Tobiasson, Hendrik Vogelsang, Klaus G. Wagner, Rebecca Walter, Christian Zoz
Legal Notice


About This Guide
1. Feedback
2. Additional Documentation
3. Documentation Conventions
4. About the Making of This Manual
5. Acknowledgment
I. Advanced Deployment Scenarios
1. Remote Installation
1.1. Installation Scenarios for Remote Installation
1.2. Setting Up the Server Holding the Installation Sources
1.3. Preparing the Boot of the Target System
1.4. Booting the Target System for Installation
1.5. Monitoring the Installation Process
2. Advanced Disk Setup
2.1. LVM Configuration
2.2. Soft RAID Configuration
3. Updating the System and Package Management
3.1. Updating SUSE Linux
3.2. Software Changes from Version to Version
3.3. RPM—the Package Manager
II. Administration
4. Security in Linux
4.1. Masquerading and Firewalls
4.2. SSH: Secure Network Operations
4.3. Encrypting Partitions and Files
4.4. Confining Privileges with AppArmor
4.5. Security and Confidentiality
5. Access Control Lists in Linux
5.1. Traditional File Permissions
5.2. Advantages of ACLs
5.3. Definitions
5.4. Handling ACLs
5.5. ACL Support in Applications
5.6. For More Information
6. System Monitoring Utilities
6.1. List of Open Files: lsof
6.2. User Accessing Files: fuser
6.3. File Properties: stat
6.4. USB Devices: lsusb
6.5. Information about a SCSI Device: scsiinfo
6.6. Processes: top
6.7. Process List: ps
6.8. Process Tree: pstree
6.9. Who Is Doing What: w
6.10. Memory Usage: free
6.11. Kernel Ring Buffer: dmesg
6.12. File Systems and Their Usage: mount, df, and du
6.13. The /proc File System
6.14. PCI Resources: lspci
6.15. System Calls of a Program Run: strace
6.16. Library Calls of a Program Run: ltrace
6.17. Specifying the Required Library: ldd
6.18. Additional Information about ELF Binaries
6.19. Interprocess Communication: ipcs
6.20. Time Measurement with time
III. System
7. 32-Bit and 64-Bit Applications in a 64-Bit System Environment
7.1. Runtime Support
7.2. Software Development
7.3. Software Compilation on Biarch Platforms
7.4. Kernel Specifications
8. Booting and Configuring a Linux System
8.1. The Linux Boot Process
8.2. The init Process
8.3. System Configuration via /etc/sysconfig
9. The Boot Loader
9.1. Selecting a Boot Loader
9.2. Booting with GRUB
9.3. Configuring the Boot Loader with YaST
9.4. Uninstalling the Linux Boot Loader
9.5. Creating Boot CDs
9.6. The Graphical SUSE Screen
9.7. Troubleshooting
9.8. For More Information
10. Special Features of SUSE Linux
10.1. Information about Special Software Packages
10.2. Virtual Consoles
10.3. Keyboard Mapping
10.4. Language and Country-Specific Settings
11. Printer Operation
11.1. Workflow of the Printing System
11.2. Methods and Protocols for Connecting Printers
11.3. Installing the Software
11.4. Configuring the Printer
11.5. Configuration for Applications
11.6. Special Features in SUSE Linux
11.7. Troubleshooting
12. Dynamic Kernel Device Management with udev
12.1. The /dev Directory
12.2. Kernel uevents and udev
12.3. Drivers, Kernel Modules, and Devices
12.4. Booting and Initial Device Setup
12.5. Debugging udev Events
12.6. Influencing Kernel Device Event Handling with udev Rules
12.7. Persistent Device Naming
12.8. The Replaced hotplug Package
12.9. For More Information
13. File Systems in Linux
13.1. Terminology
13.2. Major File Systems in Linux
13.3. Some Other Supported File Systems
13.4. Large File Support in Linux
13.5. For More Information
14. The X Window System
14.1. X11 Setup with SaX2
14.2. Optimizing the X Configuration
14.3. Installing and Configuring Fonts
14.4. OpenGL—3D Configuration
15. FreeNX: Remotely Controlling Another Computer
15.1. Getting Started with NX
15.2. Advanced FreeNX Configuration
15.3. Troubleshooting
15.4. For More Information
16. Authentication with PAM
16.1. Structure of a PAM Configuration File
16.2. The PAM Configuration of sshd
16.3. Configuration of PAM Modules
16.4. For More Information
17. Virtualization with Xen
17.1. Xen Installation
17.2. Domain Installation
17.3. Starting and Controlling Xen Domains with xm
17.4. Troubleshooting
17.5. For More Information
IV. Services
18. Basic Networking
18.1. IP Addresses and Routing
18.2. IPv6—The Next Generation Internet
18.3. Name Resolution
18.4. Configuring a Network Connection with YaST
18.5. Managing Network Connections with NetworkManager
18.6. Configuring a Network Connection Manually
18.7. smpppd as Dial-up Assistant
19. SLP Services in the Network
19.1. Registering Your Own Services
19.2. SLP Front-Ends in SUSE Linux
19.3. Activating SLP
19.4. For More Information
20. The Domain Name System
20.1. DNS Terminology
20.2. Configuration with YaST
20.3. Starting the Name Server BIND
20.4. The Configuration File /etc/named.conf
20.5. Zone Files
20.6. Dynamic Update of Zone Data
20.7. Secure Transactions
20.8. DNS Security
20.9. For More Information
21. Using NIS
21.1. Configuring NIS Servers
21.2. Configuring NIS Clients
22. Sharing File Systems with NFS
22.1. Importing File Systems with YaST
22.2. Importing File Systems Manually
22.3. Exporting File Systems with YaST
22.4. Exporting File Systems Manually
22.5. For More Information
23. DHCP
23.1. Configuring a DHCP Server with YaST
23.2. DHCP Software Packages
23.3. The DHCP Server dhcpd
23.4. For More Information
24. Time Synchronization with NTP
24.1. Configuring an NTP Client with YaST
24.2. Configuring xntp in the Network
24.3. Setting Up a Local Reference Clock
25. LDAP—A Directory Service
25.1. LDAP versus NIS
25.2. Structure of an LDAP Directory Tree
25.3. Server Configuration with slapd.conf
25.4. Data Handling in the LDAP Directory
25.5. The YaST LDAP Client
25.6. Configuring LDAP Users and Groups in YaST
25.7. For More Information
26. The Apache HTTP Server
26.1. Quick Start
26.2. Configuring Apache
26.3. Starting and Stopping Apache
26.4. Installing, Activating, and Configuring Modules
26.5. Getting CGI Scripts to Work
26.6. Setting Up a Secure Web Server with SSL
26.7. Avoiding Security Problems
26.8. Troubleshooting
26.9. For More Information
27. File Synchronization
27.1. Available Data Synchronization Software
27.2. Determining Factors for Selecting a Program
27.3. Introduction to Unison
27.4. Introduction to CVS
27.5. Introduction to Subversion
27.6. Introduction to rsync
27.7. Introduction to mailsync
28. Samba
28.1. Terminology
28.2. Starting and Stopping Samba
28.3. Configuring a Samba Server
28.4. Configuring Clients
28.5. Samba as Login Server
28.6. For More Information
29. The Proxy Server Squid
29.1. Some Facts about Proxy Caches
29.2. System Requirements
29.3. Starting Squid
29.4. The Configuration File /etc/squid/squid.conf
29.5. Configuring a Transparent Proxy
29.6. cachemgr.cgi
29.7. squidGuard
29.8. Cache Report Generation with Calamaris
29.9. For More Information
V. Mobility
30. Mobile Computing with Linux
30.1. Laptops
30.2. Mobile Hardware
30.3. Cellular Phones and PDAs
30.4. For More Information
31.1. Controlling PCMCIA Cards Using pccardctl
31.2. PCMCIA in Detail
31.3. Troubleshooting
32. System Configuration Profile Management
32.1. Terminology
32.2. Setting up SCPM
32.3. Configuring SCPM Using a Graphical User Interface
32.4. Configuring SCPM Using the Command Line
32.5. Troubleshooting
32.6. For More Information
33. Power Management
33.1. Power Saving Functions
33.2. APM
33.3. ACPI
33.4. Rest for the Hard Disk
33.5. The powersave Package
33.6. The YaST Power Management Module
34. Wireless Communication
34.1. Wireless LAN
34.2. Bluetooth
34.3. Infrared Data Transmission

List of Figures

2.1. Physical Partitioning versus LVM
2.2. Creating a Volume Group
2.3. Physical Volume Setup
2.4. Logical Volume Management
2.5. Creating Logical Volumes
2.6. RAID Partitions
2.7. File System Settings
4.1. iptables: A Packet's Possible Paths
4.2. The YaST Firewall Configuration
4.3. Enabling Novell AppArmor Using YaST
5.1. Minimum ACL: ACL Entries Compared to Permission Bits
5.2. Extended ACL: ACL Entries Compared to Permission Bits
8.1. System Services (Runlevel)
8.2. System Configuration Using the sysconfig Editor
9.1. Configuring the Boot Loader with YaST
11.1. Selecting the Printer Model
14.1. The Main Window of SaX2
17.1. Xen Overview
18.1. Simplified Layer Model for TCP/IP
18.2. TCP/IP Ethernet Packet
18.3. Configuration of the Network Card
18.4. Modem Configuration
18.5. ISDN Configuration
18.6. ISDN Interface Configuration
18.7. DSL Configuration
20.1. DNS Server Installation: Forwarder Settings
20.2. DNS Server Installation: DNS Zones
20.3. DNS Server Installation: Finish Wizard
20.4. DNS Server: Logging
20.5. DNS Server: Slave Zone Editor
20.6. DNS Server: Zone Editor (NS Records)
20.7. DNS Server: Zone Editor (MX Records)
20.8. DNS Server: Zone Editor (SOA)
21.1. NIS Server Setup
21.2. Master Server Setup
21.3. Changing the Directory and Synchronizing Files for a NIS Server
21.4. NIS Server Maps Setup
21.5. Setting Request Permissions for a NIS Server
21.6. Setting Domain and Address of a NIS Server
22.1. NFS Client Configuration with YaST
22.2. NFS Server Configuration Tool
22.3. Configuring an NFS Server with YaST
23.1. DHCP Server: Card Selection
23.2. DHCP Server: Global Settings
23.3. DHCP Server: Dynamic DHCP
23.4. DHCP Server: Start-Up
24.1. YaST: Configuring an NTP Client
24.2. YaST: Complex NTP Client Configuration
25.1. Structure of an LDAP Directory
25.2. YaST: Configuration of the LDAP Client
25.3. YaST: Advanced Configuration
25.4. YaST: Module Configuration
25.5. YaST: Configuration of an Object Template
25.6. YaST: Additional LDAP Settings
26.1. HTTP Server Wizard: Default Host
26.2. HTTP Server Wizard: Summary
26.3. HTTP Server Configuration: Listen Ports and Addresses
26.4. HTTP Server Configuration: Server Modules
30.1. Integrating a Laptop in a Network
30.2. Monitoring the Battery State with KSysguard
32.1. YaST: Basic SCPM Configuration
32.2. YaST: Configure SCPM Users
32.3. Configuring Resource Groups
33.1. Scheme Selection
33.2. Overview of Existing Schemes
33.3. Configuring a Scheme
33.4. Battery Charge Level
33.5. ACPI Settings
34.1. YaST: Configuring the Wireless Network Card
34.2. YaST Bluetooth Configuration

List of Tables

1.1. F Keys During Installation
1.2. Installation (Boot) Scenarios Used in This Chapter
3.1. Commands
3.2. Log Files in /var/log
3.3. Split Configuration Files in /etc/sysconfig/powersave
3.4. Wrapper
3.5. Backup Files
3.6. The Most Important RPM Query Options
3.7. RPM Verify Options
5.1. ACL Entry Types
5.2. Masking Access Permissions
8.1. Available Runlevels
8.2. Possible init Script Options
10.1. ulimit: Setting Resources for the User
13.1. File System Types in Linux
13.2. Maximum Sizes of File Systems (On-Disk Format)
14.1. Sections in /etc/X11/xorg.conf
14.2. Parameters of fc-list
14.3. Supported 3D Hardware
17.1. xm Commands
18.1. Several Protocols in the TCP/IP Protocol Family
18.2. Specific Addresses
18.3. Private IP Address Domains
18.4. Various IPv6 Prefixes
18.5. Manual Network Configuration Scripts
18.6. Parameters for /etc/host.conf
18.7. Databases Available via /etc/nsswitch.conf
18.8. Configuration Options for NSS “Databases
18.9. Some Start-Up Scripts for Network Programs
22.1. Permissions for Exported File System
25.1. Commonly Used Object Classes and Attributes
25.2. User Groups and Their Access Grants
25.3. Types of Access
27.1. Features of the File Synchronization Tools: -- = very poor, - = poor or not available, o = medium, + = good, ++ = excellent, x = available
30.1. Use Cases for NetworkManager
34.1. Overview of Various WLAN Standards

List of Examples

3.1. List with df -h
3.2. rpm -q -i wget
3.3. Script to Search for Packages
4.1. Output of unconfined
8.1. A Minimal INIT INFO Block
10.1. Entry in /etc/crontab
10.2. /etc/crontab: Remove Time Stamp Files
10.3. Example for /etc/logrotate.conf
10.4. ulimit: Settings in ~/.bashrc
11.1. /etc/modprobe.conf: Interrupt Mode for the First Parallel Port
11.2. Error Message from the lpd
11.3. Broadcast from the CUPS Network Server
14.1. Screen Section of the File /etc/X11/xorg.conf
16.1. PAM Configuration for sshd
16.2. Default Configuration for the auth Section
16.3. Default Configuration for the account Section
16.4. Default Configuration for the password Section
16.5. Default Configuration for the session Section
16.6. pam_unix2.conf
16.7. pam_env.conf
16.8. pam_pwcheck.conf
18.1. Writing IP Addresses
18.2. Linking IP Addresses to the Netmask
18.3. Sample IPv6 Address
18.4. IPv6 Address Specifying the Prefix Length
18.5. /etc/resolv.conf
18.6. /etc/hosts
18.7. /etc/networks
18.8. /etc/host.conf
18.9. /etc/nsswitch.conf
20.1. Forwarding Options in named.conf
20.2. A Basic /etc/named.conf
20.3. Entry to Disable Logging
20.4. Zone Entry for
20.5. Zone Entry for
20.6. File /var/lib/named/
20.7. Reverse Lookup
22.1. /etc/exports
23.1. The Configuration File /etc/dhcpd.conf
23.2. Additions to the Configuration File
25.1. Excerpt from schema.core
25.2. slapd.conf: Include Directive for Schemes
25.3. slapd.conf: pidfile and argsfile
25.4. slapd.conf: Access Control
25.5. slapd.conf: Example for Access Control
25.6. slapd.conf: Database-Specific Directives
25.7. Example for an LDIF File
25.8. ldapadd with example.ldif
25.9. LDIF Data for Tux
25.10. Modified LDIF File tux.ldif
25.11. pam_unix2.conf Adapted to LDAP
25.12. Adaptations in nsswitch.conf
26.1. Variations of Name-Based VirtualHost Entries
26.2. Name-Based VirtualHost Directives
26.3. IP-Based VirtualHost Directives
26.4. Basic VirtualHost Configuration
26.5. VirtualHost CGI Configuration
27.1. The file ~/.unison/example.prefs
28.1. A CD-ROM Share
28.2. homes Share
28.3. Global Section in smb.conf
28.4. Setting Up a Machine Account
28.5. Automated Setup of a Machine Account
29.1. Firewall Configuration: Option 15
29.2. Access Rules
29.3. Access Rules
34.1. Output of irdadump