Configuration management is a rather broad topic. It is essentially any aspect of the Linux operating system that allows you to configure the server. In previous chapters, we have covered configuration management as it applied to specific issues such as Web servers, startup processes, and scheduling tasks. In this chapter, we will explore the topic of general configuration management. Essentially, we will investigate any configuration issues that did not fit neatly into the preceding 19 chapters.
We will look at general utilities both from the shell and the desktop (GNOME and KDE). However, we will start off with just a series of shell commands that allow you to configure some aspect of your Linux server.
Our first task is to cover a variety of shell commands that you can use to monitor and alter the operation of some aspect of your system.
One very obvious way to configure your system is to add or remove software packages. Clearly, changing the software running on your system will reconfigure your system, but this process is a bit different in various Linux distributions.
The first step is to be aware of what packages you have on your system. As we will discuss next, the dpkg command can be used for this purpose.
This command is used to list packages installed on your system. You can use the dpkg -l to list all the packages on your system (see Figure 20.1).
When you list packages, you will also see the state of the package. There are several possible states:
not-installed:The package is not installed on your system.config-files:The package configuration files are the only files on the system.half-installed:This indicates that the installation of the package began but for some reason was aborted. This often is the result of an error during installation.unpacked:This indicates the package is uncompressed and ready to install but is not installed or configured.half-configured:This indicates that installation was complete but that configuration was aborted for some reason.triggers-awaited:This status indicates that the package is waiting for another package to install. This usually means that the current package is dependent upon another package.installed:This indicates that the package is installed, configured, and ready for use.
As with most shell commands, this one has a number of options. You have already seen the -l option that lists packages. Here are some of the most commonly used options:
-spackage-name: This causes the status of an individual package to be displayed. You can also accomplish this via--status.-Lpackage-name: This lists all the files installed related to a specific package. It can also be accomplished by using--listfiles.-x:This will extract the files in a package. This can also be accomplished with the--extractoption.-I:This option displays information about a package.-C:This option will display those packages that have only been partially installed. This is very important for an administrator.
There are certainly other options for dpkg, as this particular shell command has a large number of options, but those just listed are the most commonly used and the most useful to a new administrator.
You have seen apt-get used many times in this book. It is a common way to install new packages to a Debian system; however, we have not delved into the details of this command until now. To begin with, the apt in apt-get stands for Advanced Packaging Tool. You have already seen apt-get install, but there are other options to the apt-get command. Some of the most common are listed here:
-d:This will only download the named package but will not install that package.-f:If you have a problem with broken dependencies, then this option will attempt to fix those issues. Obviously, it is not always successful, but it is a good place to start when correcting package installation errors.check:This checks for any broken dependencies. It is useful for diagnosing problems with packages.install:This will install the named package.upgrade:This will upgrade all installed packages (see Figure 20.2).remove:Runningapt-get remove package namewill uninstall a specific package.
Like dpkg, apt-get has a number of other options, but the options we just listed are very commonly used, and are essential for any new network administrator. You can always consult the man pages to get more details on additional options.
You should also note that apt-get works for a number of distributions, not just Debian and Ubuntu. It also works in Kubuntu.
This program essentially provides a friendlier interface for package management (see Figure 20.3).
This program is basically a front end for the apt utility. Simply type aptitude at the shell, and you will get the interface.
This is a very interesting command. If you type tasksel from the shell, you will essentially be taken to the same screen you saw during installation for package selection (see Figure 20.4).
This can be very useful if you forget to include some items during installation. You can easily remedy that with the tasksel command.
You can accomplish the same tasks in Red Hat Enterprise Linux and Fedora that you can in Debian/Ubuntu.
The Red Hat Package Manager is the first and most obvious place to start. It handles those tasks that dpkg and apt-get handle for Debian. You can use rpm to install files or just to check if certain files are installed on the system (see Figure 20.5).
There are a number of options for this command. The most common are listed here:
-q:This simply queries to see if the specified package is already installed. You can also use--queryto accomplish the same task.-i:This option will install the designated package. You can also use--installto accomplish the same thing.-V:This is used to verify that the package exists and is installed properly.-U:This option allows you to upgrade an installed package. This can also be done with--upgrade.
You’ll find a wide range of additional options for this particular shell command. You can find them by consulting the rpm man page. The ones listed here will allow you to do the basic functions most commonly accomplished via rpm.
This is the Yellowdog Updater, Modified (YUM). It is yet another utility that can be used on various Linux distributions (including Fedora and Red Hat Enterprise Linux) to install and configure software (see Figure 20.6).
It has a number of command options, including the following:
install:This is used to install a specific application. For example,yuminstallsnmap.update:If you name a specific package, thenyumwill update that specific package; however, if no packages are specified, it will update all packages.search:This option is used to search for a specific string. Usually, this is used to find out if a particular package is already installed.-y:This is a useful option; you will often see this combined withinstallorupdate. It basically tellsyumto assume the answer to any question is “yes” so that you don’t have to manually answer installation questions.list:This option is used to list all the currently installed packages.-c:If your installation requires a configuration file, this command will specify its location.-remove:The purpose of this option is obvious; it will uninstall the named package.-clean:This is a pretty important option. Theyumcache gets cluttered over time, so the clean option is used to literally clean out that cache.
Clearly, there are many other options besides these few, but these provide the basic functionality of yum. In fact, each of these has additional options. You should consult the man page for yum for more details.
There are a variety of general commands that handle issues related to date and time. Date and time are fairly basic, but truly important aspects of managing your Linux server.
This is a basic command that will display the hardware date and time (see Figure 20.7).
The options most commonly used with this command are the following:
-set:This will set the date and time. It is used with the-dateoption to specify the date and time to set the hardware clock to.-localtime:This option causes the display to use the local time zone.-utc:This will cause thehwclockto display time according to universal time.
These are just a few of the many options with this command. You should consult the man page for hwclock for additional details.
This command simply displays the current date and time (see Figure 20.8). Unlike hwclock, this is an operating system variable, not a hardware variable.
The most common options for this command are the following:
-u:This will display universal time.-s:This will set the time based on the string passed to thedatecommand.-R:This causes the time to be displayed according to IETF standards outlined in RFC 2822.
You can find formatting commands and more options using the man page for date.
Most networks use the Network Time Protocol (NTP) so that all machines on that network have coordinated time. The shell command ntpdate is used to update your machine so that it is synchronized with the ntp server on your network.
The daemon ntpd is used to run the ntp service. This service uses port 123 by default so make sure that your firewall is not blocking that port. You can start the daemon simply by typing in service ntpd start (see Figure 20.9).
There are other shell commands related to ntp. Some of the most common are listed here:
ntpstat:This will display the status ofntpon your network, specifically whether or not machines are being synchronized with a centralizedntpserver.ntpq:This command is used to query thentpdaemon for information.ntptime:This command will display the Linux kernel time information.
Obviously, shell commands are quick and easy to run. In some cases, your server won’t have a desktop installed, so you will have to use shell commands, but there will be instances where you have a server that is using a desktop. Also, many people, particularly those new to Linux, find the desktop an easier way to manage and configure the system. In this section, we will look at the two most common desktops, KDE and GNOME, and explore configuration from those desktop environments.
GNOME has a number of configuration utilities that are very useful for network administrators. Most, if not all, of these tasks can be done from the shell, but some administrators prefer the desktop method.
If you look in GNOME, under System and Administration, you will find the Synaptic Package Manager (see Figure 20.10).
By default, the Sections button at the bottom is selected. If instead you select Status, you can view the various packages based on their status (see Figure 20.11). Notice that these are the same status options we discussed when we covered package management from the shell.
Of particular interest (and shown in Figure 20.11) are the uninstalled packages. This will list all the packages available that you can install. Obviously, there could be other packages that you can get directly from that vendor’s website; however, this option will show you all the packages that your distribution is aware of that you may want to install.
There are several other options, most of which are the same as you saw with the shell command, but simply executed via the desktop. For example, there is a Search button that allows you to search for packages. Once you select an individual package, you can select the package’s drop-down menu and pick options for that package, such as upgrade, install, or remove (see Figure 20.12).
Also found under System → Administration is the Services menu, which enables you to activate any services on the machine (see Figure 20.13).
Activating or deactivating a given service is as simple as checking (activating) or unchecking (deactivating) the service. If the service you want is not shown in the list, then you will need to install it.
When you attempt to install software on your system, you have two choices. You can download the software from the vendor’s website and install it, or you can simply tell your Linux system where it can locate trusted software. Under System → Administration, you will find a utility called Software Sources (see Figure 20.14).
The first tab is just the path to the website for your particular vendor (in this case Debian) to get software from that Linux distribution website. The second tab (shown in Figure 20.14) allows you to set third-party sources for software. The third tab sets update settings, including how often to check for updates. The default is daily. The fourth tab is for keys/digital certificates for third-party trusted vendors. The fifth and final tab gives you the option of sending statistics to the Linux distribution.
Preferred Applications is found under System → Preferences, and it is one of the few settings that cannot be done from the shell. This is where you set default programs, such as the default email client and default Web Browser (see Figure 20.15).
The primary configuration tool for openSUSE is YaST (see Figure 20.16). This is not really a KDE or GNOME utility, but rather an openSUSE utility, so we will discuss it separately. You have already seen this earlier in this book.
The word YaST stands for Yet Another Setup Tool. Since you have previously seen this tool, we won’t delve into all the areas. The network and hardware items have previously been discussed in this book, and the virtualization material will be covered in Chapter 23, “Virtualization.” However, the System area (see Figure 20.17) is worth discussing.
From this screen, you can do many things that you would normally do from the shell. You can set date and time settings, edit the boot loader, do a backup or restore, and even edit the sysconfig file. This is an area of YaST you should be familiar with.
KDE, like GNOME, offers ways for you to configure your system via the desktop without having to use shell commands.
This utility is found under Applications → System → Configuration → Software Management (KPackageKit). It is the primary method for managing packages from inside KDE (see Figure 20.18).
The three icons to the left are the main areas of interest. The first, Get and Remove Software, lets you search for packages by name. After you find the software, you can remove it. Or if the system recognizes the software but it is not installed, you can install it with the click of a button.
The Software Updates section checks for updates to individual packages or for all of your packages. The final section is general settings that configure how KPackageKit will function.
The System Settings screen is a generalized settings screen, much like the one we saw in GNOME (see Figure 20.19).
From this screen, you can set date and time, change power settings, and even set the login screen to use particular formats, images, and layouts.
Linux has a plethora of configuration files that can be used to configure one aspect or another of your Linux system. You have been introduced to some of these in previous chapters. In this section, we will list and briefly describe the most commonly used configuration files, but it is beyond the scope of any book to thoroughly cover all of these different configuration files.
/etc/host.conf:This is the file that determines how to look up hostnames. It is involved in name resolution./etc/resolv.conf:This file tells the system what DNS server should be used to resolve DNS Queries./etc/hosts:This is a list of known hosts, usually on your network. This file maps known names to their IP address.etc/hosts.allow:This file lists machines that are allowed to connect to this server./etc/hosts.deny:This is the counterpart tohosts.allow. It lists those machines that are expressly forbidden from connecting to this server./etc/mtab:This configuration file is very interesting. It is a list of mounted filesystems, so this configuration file will change as filesystems are mounted or unmounted./etc/group:This file contains all the group names on this system./etc/shells:This file contains the list of all shells that are available on this system. BASH is almost always on this list, but it might also contain the C-Shell or other shells./etc/motd:The message of the day provides a message that users see on login. This is a really great way to inform end users on your network of events.
Obviously, this list is not exhaustive. There were others that we dealt with in previous chapters, such as /etc/httpd.conf and /etc/inittab. This list is a good place to start familiarizing yourself with Linux configuration files.
In this chapter, we have explored basic configuration issues not covered in other chapters. After reading this chapter, you should be familiar with installing and managing packages from both KDE and GNOME, as well as from the shell. You should also know how to do basic configuration tasks, such as configuring date and time.