Red Hat Linux System Administration IV Bootcamp

Course ID

80040

Course Description

This is a very high level advanced class for experienced administrators of Red Hat and Linux based hosts on a network wanting a quick review to clarify concepts and understand configuration issues of network file services (NFS, SMB, FTP), Internet services (DHCP, DNS, HTTP server and Proxy, sendmail), IPv4 and IPv6 networking, and security configurations for said services (firewall, SELinux, TCP-Wrappers). This class builds concepts and techniques required to administrate a Red Hat Enterprise Linux host exposed to the Internet and assume significant knowledge related to standard commands and user management. This course is applicable to any version of Linux and is complaint to the Red Hat SA4 course, RHEL 6.3 and prepares students for the RHCSA/RHCE exam.

Prerequisites

LAN fundamentals or equivalent; Internetworking with TCP/IP or equivalent. 2+ months of solid hands on experience managing any other type of system is also ideal. Knowledge in the following is required:
  • Red Hat Systems Administration I
  • Red Hat Systems Administration II
  • Advanced Shell Programming

Audience

Anyone almost ready for RHCE and wanting to clarify their understanding of administering Red Hat Enterprise Linux (or any Linux based) servers and workstations that are directly connected or closely associated with the Internet. The coverage is fast and intense.

Course Content

    Hardware Requirements and Installing Linux
  • Supported hardware, driver requirements, install options
  • Step by step Installation Overview
  • Pre-configured Installation Options
  • Custom Installation Overview
  • Selecting Packages to Install
  • Basic Network Setup Parameters
  • Firewall and SELinux setup options
  • Video and Monitor Setup For X Window Configuration
  • Using kickstart to automate installation
  • Description of kickstart directives
  • Install a Server configuration
  • Create a kickstart script and test it

    Bootup and GRUB Boot Manager
  • Linux Bootup Overview
  • Grub.conf configuration, Grub Stages and Commands
  • Kernel Initialization, Log : /var/log/dmesg
  • The init Command Steps
  • Daemon Processes and System V Run Levels
  • Runlevel 1, 3, 5 defined
  • Run Level Service Management : chkconfig
  • Initialization management: /etc/inittab
  • The /etc/init.d/rc.local script
  • System Shutdown and Reboot
  • Configuring GRUB restricted access option
  • Managing initialization and startup of network services
  • Switching between run levels
  • Managing orderly shutdowns and reboots

    Partitions, Formating, LVM, RAID and swap
  • Adding a disk partition : fdisk
  • Formatting partitions : mkfs, ext2, ext3, swap
  • Mount and umount commands, /etc/fstab updates
  • Rebuilding broken file system: fsck
  • Linux Run Levels
  • Starting and Stopping System Services
  • Listing Run Level Services
  • Configuring Services in Various Run Levels
  • Overview Of RAID Levels and Features
  • Creating RAID Devices and Volumes
  • Info and Recovery Options For mdadm
  • Flexible File Systems With LVM
  • Creating Physical Volume, Volume Group and Logical Volume
  • Logical Volumes : lvcreate, lvextend, extende2fs
  • Physical Volumes : pvcreate, vgcreate, vgextend
  • Display LVM Information : pvdisplay, vgdisplay, lvdisplay
  • Create physical partitions for ext3
  • Configure a new partition, format and make it available after reboot
  • Configure a new swap partition, format and make it available after reboot
  • Format partitions, create permanent mount points in /etc/fstab
  • Configuring Services as ON or OFF
  • Create LVM and RAID partitions for ext3
  • Configure a new RAID device, format and make it available after reboot
  • Configure a new LVM device, format and make it available after reboot
  • Extend a logical volume while the logical volume is still attached

    RPM and YUM Package Management
  • Concepts of Packages and Package Managers
  • Using RPM
  • Displaying current packages installed
  • Adding, removing packages
  • Tar Balls of software
  • Installing tar balls of software
  • Configuring and using the YUM frontend to RPM
  • Viewing installed software
  • Installing software at the prompt and in X
  • Query packages, add a package, remove it using RPM and YUM

    Administering Users and Groups
  • Concepts of login control, users and groups
  • Shadow file - login restrictions
  • Securing the root account
  • Creation of basic user accounts
  • Choice of command shell to use: sh, ksh, bash
  • User tools: chsh, chgrp, passwd, chfn
  • Admin Tools : chown, sudo
  • Basic security settings, Access Control Lists, ACLs
  • Concepts of Security on files and directories
  • Overview of modes, umask and chmod
  • Creating a directory shared by a group of users
  • Pluggable Authentication Modules, PAM, configuration and use
  • Centralized user accounts from NIS and LDAP, client setup
  • Testing Name Services : getent
  • Creating, managing and monitoring file system quotas
  • Add, modify and remove user accounts
  • Managing file security settings
  • Change file ownership
  • Switch to different user accounts
  • Manipulate file security settings
  • Create a shared group directory
  • Create a public and a group restricted directory
  • Configure limited access using PAM
  • Configure access to NIS and LDAP services for additional users
  • Configure quotas for users and groups

    Admin Tools : IPv4, IPv6, cron, Logs, Process Control, CUPS
  • Concepts of Networking
  • LAN network settings, connection basics
  • Using Static or DHCP networking
  • Network files and parameters within files
  • Host Name Resolution, /etc/hosts, DNS Client set
  • Network Diagnostics: ping, netstat, traceroute, mtr
  • IPv6 features, setup and configuration
  • IPv6 utilities: DHCPv6, ping6, traceroute6, ip, DNS
  • Periodic Job Control: cron, crontab, at, anacron
  • Log Rotation controls and management
  • Configuring syslog options
  • Temp File and Log File Management: tmpwatch, logrotate
  • Process Monitoring: ps, top, gnome-system-monitor uptime, w, free and vmstat utilities
  • Controlling Processes : top, kill
  • Interpreting performance measurements
  • Printer configuration using CUPS
  • Configuring manual and DHCP IP settings
  • Forcing DHCP settings to release and renew
  • Testing network connectivity
  • Configuring and Testing IPv6 settings
  • Creating cron and at jobs to manage a host
  • Observing and managing log rotation
  • Observing and managing processes

    Kernel Concepts, Processes
  • Preparing To Update
  • Retrieving and Updating To A Newer Kernel RPM
  • /proc Virtual File System Features and Usage
  • /proc System Control Utility : sysctl
  • Kernel Modular Design and Commands lsmod, rmmod, insmod, modprobe
  • Modules Configuration /etc/modprobe.conf
  • Understanding and Managing SELinux
  • Managing ACLs and File Attributes
  • Install and use alternative kernel
  • Observe modules being loaded by kernel
  • Changing selective kernel parameters

    Web Services
  • Apache Overview
  • Apache Server Configuration
  • Server and Namespace Configuration
  • Creating Virtual Hosts
  • Apache .htaccess Usage
  • Apache Access Configuration
  • CGI Scripts Implementation and Issues
  • Apache Encrypted Web Server Certificates
  • Squid Web Proxy Cache Service
  • Hands-on Lab:
  • Implementing multiple web sites
  • Add password controlled directories
  • Restrict access to non web related directories
  • Use CGI scripts in web pages

    Network File Sharing Services
  • File Transfer Protocol (FTP)
  • Network File Service (NFS)
  • Samba Overview
  • Samba Services and Daemons
  • Configuring File Sharing, WINS Support
  • Authentication Methods
  • Printing to the Samba Server
  • Syntax checkers: testparm ~Samba Client Tools: smbclient
  • tools: nmblookup, mount, fstab
  • Firewall Requirements
  • Hands-on Lab:
  • Update FTP service, add NFS and SMB shares
  • Limit access to local net for all shares in firewall

    Organizing Networked Systems
  • Host Name Resolution
  • DNS-Specific Resolvers
  • Trace a DNS Query with dig
  • Exploring DNS with host
  • DNS Basics
  • Zones, Domains & Delegation
  • Internet DNS and Name Server Hierarchy
  • Client-side DNS, Server-side DNS
  • Berkeley Internet Name Daemon (BIND)
  • Configuring BIND : Configuration File Basics
  • bind-chroot Package
  • Address Match Lists and acl Usage
  • Zone Files, Main Record Types
  • Delegating Subdomains
  • Testing Utilities: named-checkconf, named-checkzone
  • Caching-only Name Server
  • Round Robin Load Sharing through DNS
  • Remote Name Daemon Control (rndc)
  • Delegating Subdomains
  • The DHCP Service Overview
  • Implement DNS Server, add subdomain, slave to a master domain

    Electronic Mail Services
  • A Review of Email Services and features
  • Basic sendmail Features
  • Main Configuration Files
  • Security and Anti-Spam Features
  • Blacklisting Recipients
  • Generating sendmail Configuration with m4
  • sendmail Client Configuration
  • Debugging sendmail
  • Using alternatives to Switch MTAs
  • Postfix version of sendmail
  • Using and configuring Postfix
  • Additional postfix Configuration Files
  • Mail Retrieval Protocols
  • Basics of procmail for Local Delivery
  • Configuring POP3 and IMAP
  • Configuring Secure POP3S and IMAPS
  • Creating Local Certificate for POP3S and IMAPS
  • Configuring no relay, open email
  • Adding POP3, POP3S, IMAP, IMAPS and certificate
  • Testing email services, configuring procmail

    Network Resource Access Controls
  • Internet Protocol and Routing
  • IPv6 Features, implementation
  • IPv6: Dynamic and Static Interface Configuration
  • IPv6: Routing Configuration
  • TCP_Wrappers and IPv6
  • Enabling and Disabling IPv6
  • Netfilter Firewall Overview
  • Firewall Rules: General Considerations
  • Firewall Port Options
  • Firewall Connection Tracking
  • Firewall Network Address Translation (NAT)
  • IPv6 and ip6tables
  • Viewing Ipv6 Settings
  • Securing Network With Netfilter (Firewall)

    Virtualization with KVM
  • Virtualization with KVM
  • Hardware Considerations
  • Preparing Hypervisor
  • Virtual Resources
  • Virtual Machine (VM) Configuration
  • VM Management
  • Activating A VM at bootup
  • Install KVM utilties
  • Create a virtual machine
  • Manage Virtual Machines

    Automated Installations and X Window System
  • XOrg Overview
  • File Locations and Configuration Tool
  • Modularity Of Design and Extensibility Built Into Design
  • Layers In X, Desktops and The X Protocol
  • VNC Remote X Display
  • Automated Installations using KickStart
  • Configuring a Kickstart file
  • Making a Kickstart file available at installation time Securing Data
  • The Need For Encryption
  • Random Numbers Needed
  • Symmetric Encryption
  • Asymmetric Encryption
  • Public Key Infrastructures
  • Digital Certificates
  • OpenSSH Authentication Overview
  • SSH Server and Client Configuration
  • Client Key Management
  • Hands-on Lab:
  • Using SSH keys with and without passphrases
  • Tunneling X Applications Through SSH

    Troubleshooting Your System
  • Concepts of Troubleshooting a Broken System
  • Creating an Emergency Boot Disk
  • Getting to Single User Mode
  • Getting to Rescue Mode
  • Using chroot in Rescue Mode
  • Where to start looking for trouble: log files
  • Examples of broken systems and what to do
  • Bad boot block, bad file system, bad fstab,
  • Network down, NFS not working
  • Emergency scenarios and how to repair them
  • Repairs from single user mode, executive mode
  • Using the chroot command within rescue mode

For More Information

For training inquiries, call 850-308-1376

or email us at eramos@gbsi.com

Course Details

Duration - 4 days
Price - $2995.00 USD


(Discounts may apply. Call for more information.)

Course Actions

Schedule

Acceletrain Collaborative Learning Environment (formerly know as VILT) places industry certified and expert instructors, peers, learners and multi-media components into a "borderless classroom", and interactive learning environment that can span multiple physical locations. VILT combines the benefits of the traditional brick-and-mortar classroom with innovative learning techniques and the cost savings of internet-based training.