Administration Guide - SUSE Linux Enterprise Server 12 SP4
Administration GuideSUSE Linux Enterprise Server 12 SP4
Administration GuideSUSE Linux Enterprise Server 12 SP4Covers system administration tasks like maintaining, monitoring and customizingan initially installed system.Publication Date: March 26, 2021SUSE LLC1800 South Novell PlaceProvo, UT 84606USAhttps://documentation.suse.comCopyright 2006– 2021 SUSE LLC and contributors. All rights reserved.Permission is granted to copy, distribute and/or modify this document under the terms of the GNU FreeDocumentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being thiscopyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNUFree Documentation License”.For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are theproperty of their respective owners. Trademark symbols ( , etc.) denote trademarks of SUSE and itsaffiliates. Asterisks (*) denote third-party trademarks.All information found in this book has been compiled with utmost attention to detail. However, this doesnot guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall beheld liable for possible errors or the consequences thereof.
ContentsAbout This Guide xxiiSupport Statement for SUSE Linux Enterprise Server xxviii TechnologyPreviews xxixI11.1COMMON TASKS 1Bash and Bash Scripts 2What is “The Shell”? 2Knowing the Bash Configuration Files 2 The Directory Structure 41.2Writing Shell Scripts 81.3Redirecting Command Events 91.4Using Aliases 101.5Using Variables in Bash 10Using Argument Variables 11 Using Variable Substitution 121.6Grouping and Combining Commands 131.7Working with Common Flow Constructs 14The if Control Command 14 Creating Loops with the for Command 151.822.1For More Information 15sudo 16Basic sudo Usage 16Running a Single Command 16 Starting a Shell 17 EnvironmentVariables 182.2Configuring sudo 18Editing the Configuration Files 19 Basic sudoers ConfigurationSyntax 19 Rules in sudoers 21iiiAdministration Guide
2.3Common Use Cases 22Using sudo without root Password 23 Using sudo with X.OrgApplications 242.43More Information 24YaST Online Update 253.1The Online Update Dialog 263.2Installing Patches 273.3Automatic Online Update 2844.15YaST 30Advanced Key Combinations 30YaST in Text Mode 325.1Navigation in Modules 335.2Advanced Key Combinations 355.3Restriction of Key Combinations 355.4YaST Command Line Options 36Starting the Individual Modules 36 Installing Packages from the CommandLine 36 Command Line Parameters of the YaST Modules 3766.1Managing Software with Command Line Tools 38Using Zypper 38General Usage 38 Using Zypper Subcommands 40 Installingand Removing Software with Zypper 40 Updating Software withZypper 45 Identifying Processes and Services Using DeletedFiles 48 Managing Repositories with Zypper 50 QueryingRepositories and Packages with Zypper 52 ConfiguringZypper 54 Troubleshooting 54 Zypper Rollback Feature on Btrfs FileSystem 54 For More Information 55ivAdministration Guide
6.2RPM—the Package Manager 55Verifying Package Authenticity 56 Managing Packages: Install,Update, and Uninstall 56 Delta RPM Packages 57 RPMQueries 58 Installing and Compiling Source Packages 61 CompilingRPM Packages with build 63 Tools for RPM Archives and the RPMDatabase 6377.1System Recovery and Snapshot Management withSnapper 65Default Setup 66Types of Snapshots 67 Directories That Are Excluded fromSnapshots 67 Customizing the Setup 697.2Using Snapper to Undo Changes 72Undoing YaST and Zypper Changes 73 Using Snapper to RestoreFiles 787.3System Rollback by Booting from Snapshots 80Snapshots after Rollback 82 Accessing and Identifying Snapshot BootEntries 83 Limitations 847.4Enabling Snapper in User Home Directories 85Installing pam snapper and Creating Users 86 RemovingUsers 87 Manually Enabling Snapshots in Home Directories 877.5Creating and Modifying Snapper Configurations 87Managing Existing Configurations 897.6Manually Creating and Managing Snapshots 92Snapshot Metadata 92 Creating Snapshots 94 Modifying SnapshotMetadata 95 Deleting Snapshots 967.7Automatic Snapshot Clean-Up 97Cleaning Up Numbered Snapshots 98 Cleaning Up TimelineSnapshots 99 Cleaning Up Snapshot Pairs That Do NotDi er 101 Cleaning Up Manually Created Snapshots 101 Adding DiskQuota Support 1027.8vFrequently Asked Questions 103Administration Guide
88.1Remote Access with VNC 105The vncviewer Client 105Connecting Using the vncviewer CLI 105 Connecting Using the vncviewerGUI 106 Notification of Unencrypted Connections 1068.2Remmina: the Remote Desktop Client 106Installation 106 Main Window 107 Adding RemoteSessions 107 Starting Remote Sessions 109 Editing, Copying, andDeleting Saved Sessions 110 Running Remote Sessions from the CommandLine 1108.3One-time VNC Sessions 111Available Configurations 112 Initiating a One-time VNCSession 113 Configuring One-time VNC Sessions 1138.4Persistent VNC Sessions 114VNC Session Initiated Using vncserver 114 VNC Session Initiated Usingvncmanager 1168.5Encrypted VNC Communication 1199File Copying with RSync 1229.1Conceptual Overview 1229.2Basic Syntax 1229.3Copying Files and Directories Locally 1239.4Copying Files and Directories Remotely 1249.5Configuring and Using an Rsync Server 1249.6For More Information 127II1010.1viBOOTING A LINUX SYSTEM 128Introduction to the Boot Process 129Terminology 129Administration Guide
10.2The Linux Boot Process 130The Initialization and Boot Loader Phase 130 The KernelPhase 131 The init on initramfs Phase 134 The systemd Phase 1361111.1UEFI (Unified Extensible Firmware Interface) 137Secure Boot 137Implementation on SUSE Linux Enterprise Server 138 MOK (MachineOwner Key) 140 Booting a Custom Kernel 141 Using Non-InboxDrivers 143 Features and Limitations 14411.212For More Information 145The Boot Loader GRUB 2 14612.1Main Di erences between GRUB Legacy and GRUB 2 14612.2Configuration File Structure 146The File /boot/grub2/grub.cfg 147 The File /etc/default/grub 148 Scripts in /etc/grub.d 151 Mapping between BIOSDrives and Linux Devices 152 Editing Menu Entries during the BootProcedure 153 Setting a Boot Password 15412.3Configuring the Boot Loader with YaST 155Boot Loader Location and Boot Code Options 157 Adjusting the DiskOrder 158 Configuring Advanced Options 15912.4Di erences in Terminal Usage on z Systems 161Limitations 161 Key Combinations 16212.5Helpful GRUB 2 Commands 16412.6More Information 1651313.1The systemd Daemon 166The systemd Concept 166What Is systemd 166 Unit File 16713.2Basic Usage 168Managing Services in a Running System 168 Permanently Enabling/Disabling Services 170viiAdministration Guide
13.3System Start and Target Management 172Targets Compared to Runlevels 172 Debugging System StartUp 175 System V Compatibility 17813.4Managing Services with YaST 17913.5Customization of systemd 180Customizing Service Files 181 Creating “Drop-in” Files 181 CreatingCustom Targets 18113.6Advanced Usage 182Cleaning Temporary Directories 182 SystemLog 183 Snapshots 183 Loading Kernel Modules 184 PerformingActions before Loading a Service 184 Kernel Control Groups(cgroups) 185 Terminating Services (Sending Signals) 186 DebuggingServices 18713.7III1414.114.215More Information 188SYSTEM 18932-Bit and 64-Bit Applications in a 64-Bit SystemEnvironment 190Runtime Support 190Kernel Specifications 191journalctl: Query the systemd Journal 19215.1Making the Journal Persistent 19215.2journalctl Useful Switches 19315.3Filtering the Journal Output 194Filtering Based on a Boot Number 194 Filtering Based on TimeInterval 194 Filtering Based on Fields 19515.4viiiInvestigating systemd Errors 196Administration Guide
15.5Journald Configuration 197Changing the Journal Size Limit 197 Forwarding the Journal to /dev/ttyX 197 Forwarding the Journal to Syslog Facility 19815.61616.1Using YaST to Filter the systemd Journal 198Basic Networking 200IP Addresses and Routing 203IP Addresses 203 Netmasks and Routing 20316.2IPv6—The Next Generation Internet 205Advantages 206 Address Types and Structure 207 Coexistence of IPv4and IPv6 211 Configuring IPv6 212 For More Information 21316.3Name Resolution 21416.4Configuring a Network Connection with YaST 215Configuring the Network Card with YaST 215 IBM z Systems: ConfiguringNetwork Devices 22716.5Configuring a Network Connection Manually 229The wicked Network Configuration 229 ConfigurationFiles 236 Testing the Configuration 247 Unit Files and Start-UpScripts 25216.6Basic Router Setup 25316.7Setting Up Bonding Devices 254Hotplugging of Bonding Slaves 25716.8Setting Up Team Devices for Network Teaming 258Use Case: Loadbalancing with Network Teaming 262 Use Case: Failover withNetwork Teaming 263 Use Case: VLAN over Team Device 26416.9Software-Defined Networking with Open vSwitch 266Advantages of Open vSwitch 266 Installing Open vSwitch 267 Overviewof Open vSwitch Daemons and Utilities 267 Creating a Bridge with OpenvSwitch 268 Using Open vSwitch Directly with KVM 269 Using OpenvSwitch with libvirt 271 For More Information 272ixAdministration Guide
17Printer Operation 27317.1The CUPS Workflow 27417.2Methods and Protocols for Connecting Printers 27517.3Installing the Software 27517.4Network Printers 27617.5Configuring CUPS with Command Line Tools 27717.6Printing from the Command Line 27917.7Special Features in SUSE Linux Enterprise Server 279CUPS and Firewall 279 Browsing for Network Printers 280 PPD Files inVarious Packages 28017.8Troubleshooting 281Printers without Standard Printer Language Support 281 NoSuitable PPD File Available for a PostScript Printer 282 NetworkPrinter Connections 282 Defective Printouts without ErrorMessage 284 Disabled Queues 285 CUPS Browsing: Deleting PrintJobs 285 Defective Print Jobs and Data Transfer Errors 285 DebuggingCUPS 286 For More Information 2861818.1The X Window System 287Installing and Configuring Fonts 287Showing Installed Fonts 288 Viewing Fonts 289 QueryingFonts 289 Installing Fonts 290 Configuring the Appearance ofFonts 29118.219xFor More Information 299Accessing File Systems with FUSE 30019.1Configuring FUSE 30019.2Mounting an NTFS Partition 30019.3For More Information 301Administration Guide
20Managing Kernel Modules 30220.1Listing Loaded Modules with lsmod and modinfo 30220.2Adding and Removing Kernel Modules 303Loading Kernel Modules Automatically on Boot 303 Blacklisting KernelModules with modprobe 30421Dynamic Kernel Device Management with udev 30621.1The /dev Directory 30621.2Kernel uevents and udev 30621.3Drivers, Kernel Modules and Devices 30721.4Booting and Initial Device Setup 30721.5Monitoring the Running udev Daemon 30821.6Influencing Kernel Device Event Handling with udev Rules 309Using Operators in udev Rules 311 Using Substitutions in udevRules 312 Using udev Match Keys 313 Using udev Assign Keys 31421.7Persistent Device Naming 31521.8Files used by udev 31621.9For More Information 31722Live Patching the Linux Kernel Using kGraft 31822.1Advantages of kGraft 31822.2Low-level Function of kGraft 31922.3Installing kGraft Patches 320Activation of SLE Live Patching 320 Updating System 320xi22.4Patch Lifecycle 32122.5Removing a kGraft Patch 32222.6Stuck Kernel Execution Threads 32222.7The kgr Tool 322Administration Guide
22.8Scope of kGraft Technology 32322.9Scope of SLE Live Patching 32322.102323.1Interaction with the Support Processes 323Special System Features 325Information about Special Software Packages 325The bash Package and /etc/profile 325 The cronPackage 326 Stopping Cron Status Messages 327 Log Files:Package logrotate 327 The locate Command 327 The ulimitCommand 328 The free Command 329 Man Pages and InfoPages 329 Selecting Man Pages Using the man Command 329 Settingsfor GNU Emacs 33023.2Virtual Consoles 33123.3Keyboard Mapping 33123.4Language and Country-Specific Settings 332Some Examples 333 Locale Settings in /.i18n 334 Settings forLanguage Support 334 For More Information 33524Persistent Memory 33624.1Introduction 33624.2Terms 33724.3Use Cases 339PMEM with DAX 339 PMEM with BTT 340 BLK storage 34024.4Tools for Managing Persistent Memory 34024.5Setting Up Persistent Memory 342Viewing Available NVDIMM Storage 342 Configuring the Storage as aSingle PMEM Namespace with DAX 343 Creating a PMEM Namespace withBTT 345 Creating BLK Namespaces 34724.6xiiFor More Information 348Administration Guide
IV2525.1SERVICES 350Time Synchronization with NTP 351Configuring an NTP Client with YaST 351Basic Configuration 351 Changing Basic Configuration 35225.2Manually Configuring NTP in the Network 35525.3Setting Up a Local Reference Clock 35525.4Clock Synchronization to an External Time Reference (ETR) 35626The Domain Name System 35726.1DNS Terminology 35726.2Installation 35826.3Configuration with YaST 358Wizard Configuration 358 Expert Configuration 36126.4Starting the BIND Name Server 36926.5The /etc/named.conf Configuration File 371Important Configuration Options 372 Logging 373 Zone Entries 37426.6Zone Files 37526.7Dynamic Update of Zone Data 37926.8Secure Transactions 37926.9DNS Security 38126.102727.1For More Information 381DHCP 382Configuring a DHCP Server with YaST 383Initial Configuration (Wizard) 383 DHCP Server Configuration (Expert) 38827.2xiiiDHCP Software Packages 393Administration Guide
27.3The DHCP Server dhcpd 394Clients with Fixed IP Addresses 396 The SUSE Linux Enterprise ServerVersion 39727.428For More Information 397Sharing File Systems with NFS 39828.1Overview 39828.2Installing NFS Server 39928.3Configuring NFS Server 400Exporting File Systems with YaST 400 Exporting File SystemsManually 401 NFS with Kerberos 40428.4Configuring Clients 404Importing File Systems with YaST 404 Importing File SystemsManually 405 Parallel NFS (pNFS) 40728.529For More Information 408Samba 40929.1Terminology 40929.2Installing a Samba Server 41029.3Starting and Stopping Samba 41129.4Configuring a Samba Server 411Configuring a Samba Server with YaST 411 Configuring the ServerManually 41329.5Configuring Clients 417Configuring a Samba Client with YaST 41829.6Samba as Login Server 41829.7Samba Server in the Network with Active Directory 41929.8Advanced Topics 421Transparent File Compression on Btrfs 421 Snapshots 422xivAdministration Guide
29.930For More Information 430On-Demand Mounting with Autofs 43130.1Installation 43130.2Configuration 431The Master Map File 431 Map Files 43330.3Operation and Debugging 434Controlling the autofs Service 434 Debugging the AutomounterProblems 43530.4Auto-Mounting an NFS Share 43630.5Advanced Topics 437/net Mount Point 437 Using Wild Cards to Auto-MountSubdirectories 437 Auto-Mounting CIFS File System 43831SLP 43931.1The SLP Front-End slptool 43931.2Providing Services via SLP 440Setting up an SLP Installation Server 44231.33232.1For More Information 442The Apache HTTP Server 443Quick Start 443Requirements 443 Installation 444 Start 44432.2Configuring Apache 445Apache Configuration Files 445 Configuring ApacheManually 448 Configuring Apache with YaST 45332.3Starting and Stopping Apache 45932.4Installing, Activating, and Configuring Modules 461Module Installation 462 Activation and Deactivation 462 Base andExtension Modules 462 Multiprocessing Modules 465 ExternalModules 466 Compilation 468xvAdministration Guide
32.5Enabling CGI Scripts 468Apache Configuration 469 Running an Example Script 469 CGITroubleshooting 47032.6Setting Up a Secure Web Server with SSL 471Creating an SSL Certificate 471 Configuring Apache with SSL 47532.7Running Multiple Apache Instances on the Same Server 47732.8Avoiding Security Problems 480Up-to-Date Software 480 DocumentRoot Permissions 480 File SystemAccess 481 CGI Scripts 481 User Directories 48132.932.10Troubleshooting 482For More Information 483Apache 2.4 483 ApacheModules 483 Development 484 Miscellaneous Sources 48433Setting Up an FTP Server with YaST 48533.1Starting the FTP Server 48633.2FTP General Settings 48633.3FTP Performance Settings 48733.4Authentication 48733.5Expert Settings 48833.6For More Information 48834The Proxy Server Squid 48934.1Some Facts about Proxy Caches 489Squid and Security 490 Multiple Caches 490 Caching InternetObjects 49134.2System Requirements 491RAM 492 CPU 492 Size of the Disk Cache 492 Hard Disk/SSDArchitecture 493xviAdministration Guide
34.3Basic Usage of Squid 493Starting Squid 493 Checking Whether Squid Is Working 494 Stopping,Reloading, and Restarting Squid 496 Removing Squid 496 Local DNSServer 49734.4The YaST Squid Module 49834.5The Squid Configuration File 498General Configuration Options 499 Options for Access Controls 50234.6Configuring a Transparent Proxy 50434.7Using the Squid Cache Manager CGI Interface (cachemgr.cgi) 50734.8squidGuard 51034.9Cache Report Generation with Calamaris 51134.1035For More Information 512Web Based Enterprise Management Using SFCB 51335.1Introduction and Basic Concept 51335.2Setting Up SFCB 514Installing Additional Providers 516 Starting, Stopping and Checking Statusfor SFCB 517 Ensuring Secure Access 51835.3SFCB CIMOM Configuration 520Environment Variables 520 Command Line Options 521 SFCBConfiguration File 52235.4Advanced SFCB Tasks 533Installing CMPI Providers 534 Testing SFCB 538 Command Line CIMClient: wbemcli 54035.5xviiFor More Information 542Administration Guide
V3636.1MOBILE COMPUTERS 543Mobile Computing with Linux 544Laptops 544Power Conservation 544 Integration in Changing OperatingEnvironments 545 Software Options 547 Data Security 55236.2Mobile Hardware 55336.3Cellular Phones and PDAs 55436.4For More Information 55437Using NetworkManager 55537.1Use Cases for NetworkManager 55537.2Enabling or Disabling NetworkManager 55537.3Configuring Network Connections 556Managing Wired Network Connections 558 Managing Wireless NetworkConnections 558 Configuring Your Wi-Fi/Bluetooth Card as an AccessPoint 559 NetworkManager and VPN 55937.4NetworkManager and Security 561User and System Connections 561 Storing Passwords and Credentials 56137.5Frequently Asked Questions 56237.6Troubleshooting 56337.7For More Information 56438Power Management 56538.1Power Saving Functions 56538.2Advanced Configuration and Power Interface (ACPI) 566Controlling the CPU Performance 567 Troubleshooting 56738.3Rest for the Hard Disk 56938.4Troubleshooting 570CPU Frequency Does Not Work 570xviiiAdministration Guide
38.5VI3939.1For More Information 571TROUBLESHOOTING 572Help and Documentation 573Documentation Directory 573SUSE Manuals 574 Package Documentation 57439.2Man Pages 57539.3Info Pages 57639.4Online Resources 57740Gathering System Information for Support 57940.1Displaying Current System Information 57940.2Collecting System Information with Supportconfig 580Creating a Service Request Number 580 Upload Targets 581 Creating aSupportconfig Archive with YaST 581 Creating a Supportconfig Archive fromCommand Line 583 Common Supportconfig Options 58340.3Submitting Information to Global Technical Support 58440.4Analyzing System Information 586SCA Command Line Tool 587 SCA Appliance 589 Developing CustomAnalysis Patterns 60040.5Gathering Information during the Installation 60040.6Support of Kernel Modules 601Technical Background 602 Working with Unsupported Modules 60240.741For More Information 603Common Problems and Their Solutions 60441.1Finding and Gathering Information 60441.2Installation Problems 607Checking Media 607 No Bootable DVD Drive Available 608 Bootingfrom Installation Media Fails 609 Fails to Boot 610 Fails to LaunchxixAdministration Guide
Graphical Installer 612 Only Minimalistic Boot Screen Started 614 LogFiles 61441.3Boot Problems 615The GRUB 2 Boot Loader Fails to Lo
Implementation on SUSE Linux Enterprise Server138 MOK (Machine Owner Key)140 Booting a Custom Kernel141 Using Non-Inbox Drivers143 Features and Limitations144 11.2 For More Information145 12 The Boot Loader GRUB 2146 12.1 Main Dierences between GRUB Legacy and GRUB 2146 12.2 Configuration File Structure146
Hardening Guide SUSE Linux Enterprise Server 12 SP5 Deals with the particulars of installing and setting up a secure SUSE Linux Enter-prise Server, and additional post-installation processes required to further secure . The SUSE Linux Enterprise Server Security and Hardening Guide deals with the particulars of in-
Sep 25, 2009 · Oracle Enterprise Linux 5 Update 2 (Kernel 2.6.18 or later) Red Hat Enterprise Linux 4 Update 7 (Kernel 2.6.9 or later) Red Hat Enterprise Linux 5 Update 2 (Kernel 2.6.18 or later) SUSE Linux Enterprise Server 10 SP2 (Kernel 2.6.16.21 or later) SUSE Linux Enterprise Server 11 (2.6.27.19 or later)!! ACFS and ADVM are ONLY supported on RHEL 5 and .
Linux in a Nutshell Linux Network Administrator’s Guide Linux Pocket Guide Linux Security Cookbook Linux Server Hacks Linux Server Security Running Linux SELinux Understanding Linux Network Internals Linux Books Resource Center linux.oreilly.comis a complete catalog of O’Reilly’s books on Linux and Unix and related technologies .
OpenStack Juno Big Data service SUSE Storage integration SUSE Linux Enterprise Server 12 Compute Node GA GA GA SUSE Cloud 5 High Availability Guests Docker support (tech preview) SUSE Cloud 6 OpenStack Kilo Install
Red Hat Enterprise Linux 7 - IBM Power System PPC64LE (Little Endian) Red Hat Enterprise Linux 7 for IBM Power LE Supplementary (RPMs) Red Hat Enterprise Linux 7 for IBM Power LE Optional (RPMs) Red Hat Enterprise Linux 7 for IBM Power LE (RPMs) RHN Tools for Red Hat Enterprise Linux 7 for IBM Power LE (RPMs) Patch for Red Hat Enterprise Linux - User's Guide 1 - Overview 4 .
the way your SUSE LINUX system operates. This manual introduces you to Linux system administration basics, such as file systems, kernels, boot processes, and the configuration of the Apache Web server. The SUSE LINUX Administration Guide has five major categories: Installation System installation and configuration with YaST, special .
Operating System SUSE Linux Enterprise Server 12 with service pack 4 or SUSE Linux Enterprise Server 15 with service pack 1, Red Hat Enterprise Linux 6.x or 7.x (7.2 or higher) or 8.x, CentOS 6.x or 7.x (7.2 or higher) or 8.x, Debian GNU/Linux 9.x, 10.x and Ubuntu Server 16.04 LTS or 18.04 L
Advanced SUSE Linux Enterprise Server Administration (Course 3038) 10 Analyze the Protection Requirements . User logs into a Linux system on a virtual terminal . File systems used in Linux - Structurally similar to UNIX file systems - Support the typical UNIX file access permissions (read, write, execute, sticky bit, SUID, SGID .
