Author: Corey Hynes

Using RPMs to Install Linux Software

Perhaps one of the most challenging and intimidating tasks a new Linux administrator can perform is to manage and install software. Although application developers are moving more and more towards the newer, easier to use technologies, many applications are still installed using very manual techniques. Below is a list of some of the more common application installation methods.

RPM (RedHat Package Manager): Similar to the Add/Remove Programs in the Windows control panel. This is becoming the de-facto standard for application installation. RPM maintains a database of applications, allowing for easy installation and removal.

DPKG (Debian Package): Application standard for Debian Linux. Very similar to RPM in functionality, but not nearly as common.

Tarball: Refers to a package that has been shipped as a single file. Tarballs may also be zipped. A zipped Tarball is very similar to a self extracting WinZip archive. Files are unpackaged to a location, and the administrator must manually create links, or desktop items to launch applications.

Library: Similar to a Windows DLL, a library is a collection of code that performs common tasks, such as transmit data, or write to a device. Many applications rely on the presence of certain libraries to run. This is referred to as a dependency.

Binary Package: Refers to an application that has been compiled from source code to executable code. Since Linux can run on multiple processor architectures, you must find a binary package for your processor.

Source Code Package: A package that is shipping in it native source code. Before the application can be run it must be compiled on your computer. This involved some extra work on your part. SRPM files are RPM packages containing source code.

Understanding RPM

An RPM package is very similar to an MSI file in Windows. It is a single file that contains the application in binary format, along with information used to query the application, and in some cases, contains signatures that can be used to validate the integrity of the application. RPM’s have a very specific naming format which is interpreted as follows;

[Package Name]-[Version(1.2.3)]-[Release]-[Architecture]-rpm

By looking at the value of architecture (i386/ppc/alpha) you can determine if a package is correct for your processor.

When an RPM package is installed, database information is maintained in the file system in a binary format. There is no reason to modify this data. In order to install software using RPM you must be logged on as a root level account. This is necessary as RPM sometimes updates shared system libraries.

Pages: Page 1, Page 2

SAMBA Configuring NetBIOS Support in Linux

Many people are under the misimpression that simply having a network protocol such as TCP/IP in common is sufficient for two operating systems to communicate. The fact is that nothing is further from the truth. Although a common protocol is required, that is only part of the picture. Let’s look at a simple example – the web.

In order to browse a web site you must have a network/transport layer protocol in common. This protocol provides connectivity and routing functionality, but it does not allow to applications to communicate. In order for a web client, such as Netscape to browse a web server such as Apache, there must be a common application layer protocol. In this case, the application layer protocol is HTTP. HTTP provides the basic set of commands for retrieving and posting information on the web, but it does not actually transport the data. That is provided by the lower layer protocols. File sharing is no exception. In order to browse the file system of a remote system, there must be a common application layer protocol. On Windows systems, this protocol is the Server Message Block (SMB) protocol.

Windows provides a SMB client built into all Windows Operating Systems, and hidden in the functionality of Explorer. This client is managed via the Workstation Service and the Client for Microsoft Networks. Windows also provides an SMB server in the form of File and Print Sharing for Microsoft Networks and the Server Service. If any of these components is uninstalled or disabled, then SMB, and thus file sharing, functionality is not available.

The common Open Source alternative/supplement to the Client for Microsoft Networks, and File and Print Sharing for Microsoft Networks is Samba. Samba provides a Server and Client component that when installed, allow a Linux computer to appear in “My Network Places” and expose shares, as well as connect to and work with shares based on Windows.

Pages: Page 1, Page 2, Page 3, Page 4, Page 5, Page 6, Page 7

Linux Security Fundamentals

This article will cover the basic principals behind Linux security. As with any secure system, fundamental Linux security is achieved with user authentication and file permissions. This article will discuss the basics of user and group management, as well as file permissions.

Creating User Accounts

User accounts are created by making entries in the /etc/passwd file. In early versions of Unix, administrators would manually add lines to this file whenever a new user account was required. Since that time, many utilities to ease this process have been developed, with the most common being the [useradd] command. Recent distributions of Linux include the linuxconf utility, a GUI tool that mimics the functionality of Windows’ User Manager. Most distributions also include the text version of linuxconf.

Here are some common parameters for the [useradd] command:

-u: User ID number to use, similar to a SID. Any user with a user ID number of 0 is considered root. Generally system users have this number set greater than 500. If you do not provide this value, it will default to an incrementing number greater than 500.

-g: Group the user belongs to. Linux recognizes a primary group membership. Although you can belong to many groups, when you create a file, your primary group is set as the group owner of the file. If you omit this value, Linux will automatically create a group with the same name as the user and set that group as the primary group.

-G: Additional group memberships, comma separated

-s: Preferred logon shell. Provide this value as a path to the shell. For example, a C programmer might have a shell value of /bin/csh

-d: Path to users’ home directory, if other than /home. The home directory is created as a copy of /etc/skel, if it exists. Any files or scripts in this directory are automatically copied to the new users’ home.

-e: Expiration date on account, if any

All of these parameters are optional. The general syntax is as follows:

useradd -s value username

Each parameter is separated by a space, and the last value is the name of the user. Parameters take the default value when they are not provided. Default values for the [useradd] command are stored in the /etc/default/useradd file. Any modifications to this file affect future executions of the [useradd] command. You can directly modify this file with a tool such as vi, or you can run the [useradd] command with the –D option. This switch will interpret any information you provide as default values, and will write those values to the useradd file.

Before a user can log on a password value must be set. To do this use the [passwd] command. When a regular user runs this command they must adhere to strict security rules governing passwords. In order for Linux to accept the password, it must be at least 6 characters long, not be based on any variation of a dictionary word, and contain multi-case characters, with at least one special character or number.

The modern passwd utility works though the Linux-PAM API.

Pages: Page 1, Page 2, Page 3, Page 4, Page 5

Exploring Your Linux System

This article focuses becoming familiar with a standard Linux Installation, and covers tasks such as logging on, exploring the file system, and accessing system resources, such as your CD-ROM drive. It also discusses basic console commands and the use of vi.

Logging on

Linux requires that every user be identified by a username and password. During most installation programs, you have the option of creating user accounts, which can be used to log onto the system. You can also log on as root, using the password you specified during setup. If you log on as root, be very careful as root has unlimited, unrestricted access to the system. A mistyped command can cause serious damage, for that reason it is recommended that you log on as a regular user whenever possible.

Once you have logged on, you can end your session by typing [exit]. This will log you off the system.

Linux differentiates between root users and regular users by changing the console prompt. If you are logged on as a regular user the console prompt will display the [$] symbol. When logged on as root, the [#] symbol is presented.

If you are logging on using Telnet, you may notice that Linux will not allow you to directly log on as root. This is a security measure, and a can be bypassed by logging on as a regular user, and switching to root. Once you have logged on, enter [su -] at the console. You will be prompted for the root password, and then authenticated as root. Note the following regarding the Switch User command:

  • If you do not include the dash (-), you will only inherit the context of root, not the environment.
  • To switch back to your own account, type [exit], not su again. Switching back to your own account will mean you have logged on as you switched to root switched to you, essentially 3 consoles.
  • You can switch to any user on the system.

Tip – If you did not create any users when you installed Linux, you can quickly create a user named joe, with default settings, by typing [useradd joe] at any console prompt. You will not be able to log on as joe until you set a password on the account. Do this by typing [passwd joe] and entering a password.

Pages: Page 1, Page 2, Page 3, Page 4, Page 5, Page 6, Page 7

Linux Fundamentals

In this article I will cover some general technical concepts that relate to Linux. You will need this information to understand and perform an installation, which I will cover in the next article. This article covers some of the major terms used in Linux, as well as the fundamentals of how the system operates. Finally I discuss partitioning and formatting of file systems.

Linux is a different than Windows, and therefore a lot of the terminology changes as well. Listed below are some terms that you must know to effectively learn Linux, along with a general definition of each.

Unix: Refers to a classification of operating system, not a specific version or vendor’s operating system. Sun Solaris, SCO Unix, FreeBSD, and Linux are all types of Unix.

Linux: A specific implementation of Unix, written using open source code and protected under the GPL.

Distribution: A specific vendors implementation of Linux. Consists of the core Linux kernel and a collection of utilities and applications provided by the vendor. Many distributions also contain an implementation of XWindows.

XWindows: The common name for XFree86.

XFree86: A series of programming models and libraries that are used to provide a GUI desktop that runs on Linux. Gnome and KDE are all built on the XFree86 model. A desktop consists of two things – the window manager which provides for the operation of the GUI, and the desktop environment, which is a collection of GUI based tools and provides a look and feel. Gnome and several others use SawFish as the Window manager, KDE provides it’s own, called KWM.

Kernel: The core of Linux. The Kernel controls access to the processor and controls the execution of processes on the computer. The kernel is a single file, usually stored in the /boot folder and can be upgraded independently of the Operating System. All distributions of Linux use the same Kernel.

Root: The “super-user” account. All Linux systems have a root user account that has unlimited access to the systems resources. It can also refer to the root of the file system, denoted by “/”.

Daemon: A service that runs on a Unix computer. Daemons typically listen to a TCP/IP port for network requests and then respond. Servers are collections of daemons. Some examples of daemons include named (Name Daemon or DNS), telnetd (Telnet Daemon), inetd (Internet Daemon), and httpd (Web Server Daemon).

Process: An instance of an application that runs on a Unix computer. A server that provides HTTP services and Telnet services has a process for both httpd and telnetd.

Shell: A command interpreter, commonly accessible through a text terminal (command prompt). Different shells have different capabilities and limitations. Some examples include the Bourne Shell (sh), the Bourne Again Shell (bash), the Korn Shell (ksh) and the C Shell (tcsh). Most Linux distributions install multiple shells, with bash being the shell activated by default. You can activate another shell by typing it’s name, assuming it’s installed.

Shell Script: A series of shell commands saved in a file. Similar to a Batch file in DOS, but with more functionality. Commands available in Shell Scripts are dependant on the shell they are written in. The C Shell allows C language code to be written in Shell Scripts, while bash is limited to basic conditional logic and file manipulation. Many of the core functions on a Linux system are nothing more than complex shell scripts.

Open Source: Applications that are open source make the source code freely available for modification and redistribution by anyone. Open source code is protected by the GPL.

GPL: General Protection License – mandates that open source code may be freely modified and redistributed provided that all modifications to code are distributed as well. This means that if an organization used open source code in an application, although they many resell the application for profit, they must also provide the source code of the application at no charge.

Pages: Page 1, Page 2, Page 3, Page 4