Linux Network Servers pdf pdf

  Linux Network Servers

  

Table of Contents

Linux Network Servers......................................................................................................................1

Foreword............................................................................................................................................2

  Acknowledgments....................................................................................................................2

  

Introduction........................................................................................................................................4

  Who Should Buy This Book.....................................................................................................5 How This Book Is Organized...................................................................................................5

  Part 1: The Basics..............................................................................................................6 Chapter 1: The Boot Process.............................................................................................6 Chapter 2: The Network Interface......................................................................................6 Part 2: Internet Server Configuration.................................................................................6 Chapter 3: Login Services..................................................................................................6 Chapter 4: Linux Name Services.......................................................................................6 Chapter 5: Configuring a Mail Server.................................................................................7 Chapter 6: The Apache Web Server..................................................................................7 Chapter 7: Network Gateway Services..............................................................................7 Part 3: Departmental Server Configuration........................................................................7 Chapter 8: Desktop Configuration Servers........................................................................7 Chapter 9: File Sharing......................................................................................................7 Chapter 10: Printer Services..............................................................................................7 Chapter 11: More Mail Services.........................................................................................8 Part 4: Maintaining a Healthy Server.................................................................................8 Chapter 12: Security..........................................................................................................8 Chapter 13: Troubleshooting..............................................................................................8 Part 5: Appendices.............................................................................................................8 Appendix A: Installing Linux...............................................................................................8 Appendix B: BIND Reference.............................................................................................8 Appendix C: The m4 Macros for sendmail.........................................................................9 Conventions.............................................................................................................................9 Help Us Help You..................................................................................................................10

Part I: The Basics.............................................................................................................................11

Chapter List............................................................................................................................11 Part Overview........................................................................................................................11 Featuring:.........................................................................................................................11

Chapter 1: The Boot Process.........................................................................................................12

Overview................................................................................................................................12 Loading the Boot Sector........................................................................................................12 Loading Linux with GRUB......................................................................................................14 Loading the Kernel with LILO.................................................................................................17 LILO Configuration Options..............................................................................................17 The Linux Boot Prompt..........................................................................................................21 Hardware Device Driver Initialization.....................................................................................24 Loading Linux Services—The init Process............................................................................25 Understanding Runlevels.................................................................................................26 Special−Purpose Entries..................................................................................................28 Startup Scripts.......................................................................................................................29 System Initialization.........................................................................................................29

  

Table of Contents

  Chapter 1: The Boot Process Runlevel Initialization.......................................................................................................30 Controlling Scripts............................................................................................................31 The rc.local Script............................................................................................................33 Loadable Modules..................................................................................................................33 Listing the Loaded Modules.............................................................................................33 In Sum....................................................................................................................................35

Chapter 2: The Network Interface..................................................................................................36

Overview................................................................................................................................36 Configuring an Ethernet Interface..........................................................................................36 Loadable Ethernet Drivers...............................................................................................36 The ifconfig Command.....................................................................................................39 Network Interface Configuration Tools.............................................................................42 The Serial Interface................................................................................................................43 Connecting through the Serial Interface...........................................................................44 Running TCP/IP Over a Serial Port..................................................................................46 Installing PPP.........................................................................................................................46 The PPP Kernel Module...................................................................................................47 The PPP Daemon............................................................................................................48 Configuring a PPP Server......................................................................................................49 PPP Dial−Up Server Configuration..................................................................................49 PPP Security....................................................................................................................51 PPP Client Configuration.......................................................................................................53

  chat Scripts......................................................................................................................54 Using an X Tool to Configure a PPP Client......................................................................55

  In Sum....................................................................................................................................57

  

Part II: Internet Server Configuration.............................................................................................58

Chapter List............................................................................................................................58 Part Overview........................................................................................................................58 Featuring:.........................................................................................................................58

Chapter 3: Login Services..............................................................................................................59

Overview................................................................................................................................59 Starting Services On−Demand..............................................................................................60 Protocol and Port Numbers..............................................................................................60 Configuring inetd..............................................................................................................63 Configuring xinetd............................................................................................................65 Creating User Accounts.........................................................................................................70 The Steps to Creating a User Account.............................................................................70 The passwd File...............................................................................................................70 Tools to Create User Accounts........................................................................................75 Additional FTP Configuration.................................................................................................80 The ftpaccess File............................................................................................................82 In Sum....................................................................................................................................84

Chapter 4: Linux Name Services....................................................................................................86

Overview................................................................................................................................86 The hosts File........................................................................................................................86

  

Table of Contents

  Chapter 4: Linux Name Services Understanding DNS...............................................................................................................87 The DNS Hierarchy..........................................................................................................87 Answering Queries...........................................................................................................88 The BIND Software................................................................................................................88 Configuring the Resolver..................................................................................................89 The Lightweight Resolver.................................................................................................94 Configuring a Domain Name Server......................................................................................96 The named Configuration File..........................................................................................97 A Caching−Only Configuration.......................................................................................101 The Slave Server Configuration.....................................................................................106 The Master Server Configuration...................................................................................107 Running named....................................................................................................................119

  named Signal Processing..............................................................................................120 The named Control Tools...............................................................................................121 Using the Host Table with DNS......................................................................................124

  In Sum..................................................................................................................................127

  

Chapter 5: Configuring a Mail Server..........................................................................................128

Overview..............................................................................................................................128 Using Mail Aliases................................................................................................................128 Defining Personal Mail Aliases.......................................................................................131 Using sendmail to Receive Mail...........................................................................................131 The sendmail Configuration File..........................................................................................132 The Local Info Section...................................................................................................133 The Options Section.......................................................................................................134 The Message Precedence Section................................................................................135 The Trusted Users Section............................................................................................135 The Format of Headers Section.....................................................................................136 The Rewriting Rules Section..........................................................................................137 The Mailer Definitions Section.......................................................................................139 Configuring the sendmail.cf File.....................................................................................142 Testing Your New Configuration....................................................................................143 Using m4 to Configure sendmail..........................................................................................145 The m4 Macro Control File.............................................................................................146 The Linux OSTYPE File.................................................................................................147 Creating an m4 DOMAIN File........................................................................................148 Building the m4 Configuration File.................................................................................151 Building a sendmail Database........................................................................................152 Testing the m4 Configuration.........................................................................................152 In Sum..................................................................................................................................153

Chapter 6: The Apache Web Server.............................................................................................154

Overview..............................................................................................................................154 Installing Apache..................................................................................................................154 Running httpd.................................................................................................................156 Configuring the Apache Server............................................................................................158 The httpd.conf File...............................................................................................................159 Loading Dynamic Shared Objects..................................................................................161 Basic Server Directives..................................................................................................163

  

Table of Contents

  Chapter 6: The Apache Web Server Defining Where Things Are Stored................................................................................165 Creating a Fancy Index..................................................................................................166 Defining File Types........................................................................................................167 Managing Child Processes............................................................................................167 Performance Tuning Directives......................................................................................169 Caching Directives.........................................................................................................169 Defining Virtual Hosts.....................................................................................................170 Web Server Security............................................................................................................171 The CGI and SSI Threat................................................................................................172 Server Options for Documents and Directories..............................................................172 Directory−Level Configuration Controls.........................................................................174 Defining Access Controls...............................................................................................175 Requiring User Authentication.......................................................................................177 Configuring SSL...................................................................................................................179 Managing Your Web Server.................................................................................................186 Monitoring Your Server..................................................................................................187 Apache Logging.............................................................................................................188 In Sum..................................................................................................................................191

Chapter 7: Network Gateway Services........................................................................................192

Overview..............................................................................................................................192 Understanding Routing........................................................................................................194 Converting IP Addresses to Ethernet Addresses...........................................................194 Enabling IP Packet Forwarding......................................................................................196 The Linux Routing Table................................................................................................197 Defining Static Routes.........................................................................................................199 The route Command......................................................................................................200 Using Dynamic Routing.......................................................................................................201 Routing Protocols...........................................................................................................201 Running RIP with routed................................................................................................204 Routing with Zebra.........................................................................................................206 Using gated....................................................................................................................218 Network Address Translation...............................................................................................225 Configuring a Linux NAT Server....................................................................................226 In Sum..................................................................................................................................227

Part III: Departmental Server Configuration................................................................................228

Chapter List..........................................................................................................................228 Part Overview......................................................................................................................228 Featuring:.......................................................................................................................228

Chapter 8: Desktop Configuration Servers.................................................................................229

Overview..............................................................................................................................229 Understanding Configuration Protocols...............................................................................229 Bootstrap Protocol..........................................................................................................229 Dynamic Host Configuration Protocol............................................................................230 Reverse Address Resolution Protocol...........................................................................231 Installing the DHCP Server..................................................................................................231 Running dhcpd...............................................................................................................233

  

Table of Contents

  Chapter 8: Desktop Configuration Servers Initializing the dhcpd.leases File....................................................................................234 Configuring the DHCP Server..............................................................................................235 Controlling Server and Protocol Operations...................................................................235

  dhcpd Configuration Options..........................................................................................237 Creating a dhcpd.conf File.............................................................................................242

  Configuring a dhcrelay Server.............................................................................................243 Configuring a DHCP Client..................................................................................................246

  Using the dhcpcd Client.................................................................................................246 Using the pump DHCP Client.........................................................................................249 Running dhclient Software.............................................................................................251

  In Sum..................................................................................................................................255

  

Chapter 9: File Sharing.................................................................................................................256

Overview..............................................................................................................................256 Linux Filesystem..................................................................................................................256 Linux File Permissions...................................................................................................256 Changing File Permissions............................................................................................258 The chgrp Command.....................................................................................................260 Understanding NFS.............................................................................................................260 Installing NFS.................................................................................................................262 Configuring an NFS Server..................................................................................................264 Mapping User IDs and Group IDs..................................................................................265 The exportfs Command..................................................................................................267 Configuring an NFS Client...................................................................................................268 The mount Command....................................................................................................269 The umount Command..................................................................................................270 Using fstab to Mount NFS Directories............................................................................270 Automounter...................................................................................................................274 Understanding SMB and NetBIOS.......................................................................................276 NetBIOS Name Service.................................................................................................277 Installing Samba..................................................................................................................279 Configuring a Samba Server................................................................................................280 The smb.conf Variables.................................................................................................281 The smb.conf Global Section.........................................................................................282 The smb.conf Homes Section........................................................................................284 Sharing a Directory through Samba...............................................................................285 Using a Linux Samba Client.................................................................................................286 Using smbclient..............................................................................................................287 Using smbmount............................................................................................................287 In Sum..................................................................................................................................289

Chapter 10: Printer Services.........................................................................................................290

Installing Printers.................................................................................................................290 Configuring Remote Printers..........................................................................................295 Understanding printcap........................................................................................................297

  printcap Parameters.......................................................................................................298 A Sample printcap..........................................................................................................298

  Sharing Printers with lpd......................................................................................................300 Using lpr.........................................................................................................................301

  

Table of Contents

  Chapter 10: Printer Services Managing lpd..................................................................................................................301 Sharing Printers with Samba...............................................................................................304 Defining Printers in the smb.conf File............................................................................304 Printers Share Section...................................................................................................305

  smb.conf Printer Configuration Options.........................................................................306 Using an SMB Printer.....................................................................................................306

  In Sum..................................................................................................................................308

  

Chapter 11: More Mail Services....................................................................................................309

Overview..............................................................................................................................309 Understanding POP and IMAP............................................................................................309 The POP Protocol..........................................................................................................309 The IMAP Protocol.........................................................................................................311 Running the POP and IMAP Daemons................................................................................314 Using POP or IMAP from a Client..................................................................................315 Stopping Spam E−Mail........................................................................................................316 Don't Be a Spam Source................................................................................................317 Using sendmail to Block Spam......................................................................................319 Filtering Out Spam at the Mailer....................................................................................324 In Sum..................................................................................................................................331

Part IV: Maintaining a Healthy Server..........................................................................................332

Chapter List..........................................................................................................................332 Part Overview......................................................................................................................332 Featuring:.......................................................................................................................332

Chapter 12: Security......................................................................................................................333

Overview..............................................................................................................................333 Understanding the Threats..................................................................................................333 The Basic Threats..........................................................................................................333 A Reality Check..............................................................................................................334 Keeping Informed...........................................................................................................335 Closing the Holes.................................................................................................................337 Finding the Latest Software...........................................................................................337 Removing Unneeded Software......................................................................................339 Controlling Access with tcpd................................................................................................340 Tracking Remote Access...............................................................................................341

  tcpd Access Control Files...............................................................................................342 Controlling Network Access with xinetd.........................................................................347

  Controlling Access with iptables..........................................................................................350 Maintaining Firewall Rules with iptables........................................................................350 Sample iptables Commands..........................................................................................352

  Improving Authentication.....................................................................................................353 Shadow Passwords........................................................................................................354 One−Time Passwords....................................................................................................357 Secure Shell...................................................................................................................359

  Monitoring Your System.......................................................................................................370 Security Monitoring Tools...............................................................................................370

  In Sum..................................................................................................................................371

  

Table of Contents

  

Chapter 13: Troubleshooting........................................................................................................372

Overview..............................................................................................................................372 Configuring the Linux Kernel................................................................................................372 Configuring the Kernel with xconfig................................................................................373 Compiling and Installing the Kernel................................................................................377 Troubleshooting a Network Server......................................................................................378 Diagnostic Tools.............................................................................................................379 Checking the Network Interface...........................................................................................380 Checking an Ethernet Interface......................................................................................381 Resolving Address Conflicts..........................................................................................384 Checking a PPP Interface..............................................................................................388 Testing the Connection........................................................................................................390 The Message of a Successful ping................................................................................390 The Message of a Failed ping........................................................................................391 Testing Routing....................................................................................................................392 Using traceroute.............................................................................................................392 Analyzing Network Protocols...............................................................................................394 Checking Socket Status with netstat..............................................................................394 Watching the Protocols with tcpdump............................................................................397 Testing Services..................................................................................................................399 Testing DNS with nslookup............................................................................................400 Testing DNS with host....................................................................................................402 Testing DNS with dig......................................................................................................403 In Sum..................................................................................................................................404

Appendices....................................................................................................................................405

Appendix List.......................................................................................................................405

Appendix A: Installing Linux........................................................................................................406

Overview..............................................................................................................................406 Installation Planning.............................................................................................................407 Hardware Information.....................................................................................................407 Network Information.......................................................................................................408 Software Considerations................................................................................................409 Selecting an Installation Method....................................................................................409 Making a Boot Disk........................................................................................................410 Booting the Installation Program..........................................................................................411 Partitioning the Disk.............................................................................................................413 Partition Planning...........................................................................................................414 Partitioning with Disk Druid............................................................................................417 Partitioning with fdisk.....................................................................................................421 Installing the Boot Loader..............................................................................................424 Configuring the Ethernet Adapter...................................................................................425 Configuring the Firewall.................................................................................................426 Installing the Software..........................................................................................................429 X Windows.....................................................................................................................429 The Boot Floppy.............................................................................................................431 In Sum..................................................................................................................................432

  

Table of Contents

Appendix B: BIND Reference.......................................................................................................433

  Overview..............................................................................................................................433 named.conf Commands.......................................................................................................433 The options Statement...................................................................................................433 The logging Statement...................................................................................................440 The zone Statement.......................................................................................................442 The server Statement.....................................................................................................445 The key Statement.........................................................................................................446 The acl Statement..........................................................................................................447 The trusted−keys Statement..........................................................................................447 The controls Statement..................................................................................................448 BIND 9 view Statement..................................................................................................449

  

Appendix C: The m4 Macros for sendmail..................................................................................450

  Overview..............................................................................................................................450 define...................................................................................................................................452 FEATURE............................................................................................................................461 OSTYPE..............................................................................................................................465 DOMAIN...............................................................................................................................467 MAILER................................................................................................................................470 Local Code...........................................................................................................................471 DAEMON_OPTIONS...........................................................................................................472 LDAP Mail Routing...............................................................................................................473

  

List of Figures................................................................................................................................474

List of Tables..................................................................................................................................476

List of Listings...............................................................................................................................478

List of Sidebars..............................................................................................................................483

Linux Network Servers Craig Hunt

  Associate Publisher: Neil Edde Acquisitions and Developmental Editor: Maureen Adams Editor: Nancy Sixsmith Production Editor: Kylie Johnston Technical Editor: Matthew Miller Book Designer: Bill Gibson Graphic Illustrator: Tony Jonick Electronic Publishing Specialists: Judy Fung, Nila Nichols Proofreaders: Dave Nash, Laurie O'Connell, Nancy Riddiough Indexer: Ted Laux Cover Designer: Ingalls & Associates Cover Illustrator/Photographer: Ingalls & Associates

  Copyright © 2002 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501. World rights reserved. No part of this publication may be stored in a retrieval system, transmitted, or reproduced in any way, including but not limited to photocopy, photograph, magnetic, or other record, without the prior agreement and written permission of the publisher.

  An earlier version of this book was published under the title Linux Network Servers 24seven © 1999 SYBEX Inc. Library of Congress Card Number: 2002104868

  ISBN: 0−7821−4123−4 SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc. in the United States and/ or other countries.

  TRADEMARKS: SYBEX has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer. The author and publisher have made their best efforts to prepare this book, and the content is based upon final release software whenever possible. Portions of the manuscript may be based upon pre−release versions supplied by software manufacturer(s). The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including but not limited to performance, merchantability, fitness for any particular purpose, or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book. Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1

  To Norman Hunt and Frank McCafferty, they showed me what it means to be a man.