Professional Documents
Culture Documents
LAB MANUAL-SLE201-SUSE Linux Enterprise Administration - LMS PDF
LAB MANUAL-SLE201-SUSE Linux Enterprise Administration - LMS PDF
nl
O
e
te Us
SUSE Linux Enterprise 12
Administration
bu r
tri ne
-Workbook-
is rt
D Pa
Course ID: SLE201v12
Version: 12.2.4
ot d
N an
Date: 2018-09-06
D al
rn
te
o
In
SE
SU
Proprietary Statement Disclaimer
Copyright © 2015 SUSE LLC. All rights reserved. SUSE LLC, makes no representations or warranties
with respect to the contents or use of this
documentation, and specifically disclaims any express
SUSE LLC, has intellectual property rights relating to
or implied warranties of merchantability or fitness for
technology embodied in the product that is described in
any particular purpose.
this document.
y
such revisions or changes. Further, SUSE LLC, makes
publisher.
nl
no representations or warranties with respect to any
software, and specifically disclaims any express or
O
SUSE implied warranties of merchantability or fitness for any
Maxfeldstrasse 5 particular purpose. Further, SUSE LLC, reserves the
right to make changes to any and all parts of SUSE
e
90409 Nuremberg
software, at any time, without any obligation to notify
te Us
Germany any person or entity of such changes.
www.suse.com
Any products or technical information provided under
bu r
(C) 2013 SUSE LLC. All Rights Reserved. SUSE and this Agreement may be subject to U.S. export controls
tri ne
the SUSE logo are registered trademarks of SUSE LLC and the trade laws of other countries. You agree to
in the United States and other countries. All third-party comply with all export control regulations and to obtain
trademarks are the property of their respective owners. any required licenses or classification to export, re-
is rt export or import deliverables. You agree not to export
D Pa
or re-export to entities on the current U.S. export
If you know of illegal copying of software, contact your
exclusion lists or to any embargoed or terrorist
local Software Antipiracy Hotline.
countries as specified in the U.S. export laws. You
agree to not use deliverables for prohibited nuclear,
ot d
applications.
y
Task 3: Change the Time and Date........................................................................................................11
nl
Task 4: Start the ncurses interface of YaST...........................................................................................11
O
Task 5: View the Content of a System Log File......................................................................................12
Exercise 2 : Manage Favorite Applications............................................................................13
e
Task 1: Log into the Desktop (if required)..............................................................................................13
te Us
Task 2: Add an Application to your Favorite Applications.......................................................................13
Task 3: Remove an Application from your Favorite Applications...........................................................13
Exercise 3 : Use Nautilus File Manager.................................................................................14
bu r
Task 1: Copy a File with Nautilus...........................................................................................................14
tri ne
Task 2: Rename a copied File................................................................................................................14
Task 3: Delete a File...............................................................................................................................14
is rt
Exercise 4 : Change Screen Settings....................................................................................16
D Pa
Task 1: Change Screen Settings............................................................................................................16
Section 2 : The Linux Filesystem......................................................17
ot d
y
Exercise 2 : Configure Key Based Authentication in OpenSSH............................................42
nl
Task 1: Generate an SSH Key Pair........................................................................................................42
O
Task 2: Upload the Public Key to a Remote Server...............................................................................42
Task 3: Verify Key Based Login and Store the Private Key in the SSH Agent.......................................42
e
Task 4: Disable Password Based Logins...............................................................................................43
te Us
Exercise 3 : Remote Administration using VNC.....................................................................45
Task 1: Check remote administration is not enabled on server2...........................................................45
Task 2: Try to remotely administer server1 from server2.......................................................................45
bu r
tri ne
Task 3: Enable remote management on server2...................................................................................45
Task 4: Remotely administer server2 from server1................................................................................46
is rt
Section 6 : System Initialization........................................................47
D Pa
Exercise 1 : Secure GRUB with a Password.........................................................................48
Task 1: Secure Access to GRUB with a Password................................................................................48
Task 2: Test the GRUB Password.........................................................................................................48
ot d
y
Task 4: Remove the New User Account.................................................................................................73
nl
Exercise 2 : Manage Users and Groups from the Command Line........................................74
O
Task 1: Create a Local User Account from the Command Line.............................................................74
Task 2: Create and Add Users to a New Local Group...........................................................................75
e
Task 3: Create a New User Account with a Valid Password Automatically............................................75
te Us
Exercise 3 : Manage File Permissions...................................................................................77
Task 1: Create a Private and a Public Directory....................................................................................77
Task 2: Create a File as a Normal User in both Directories...................................................................77
bu r
Exercise 4 : Configure Posix ACLs.........................................................................................79
tri ne
Task 1: Configure the ACLs of a Directory.............................................................................................79
Task 2: Configure Default ACLs for a Directory.....................................................................................80
is rt
Task 3: Delete ACLs...............................................................................................................................81
D Pa
Exercise 5 : Use the su Command to Elevate Privileges.......................................................82
Task 1: Use the su Command................................................................................................................82
Exercise 6 : Configure sudo for Delegation of Administration................................................84
ot d
Task 4: Grant the Tux User the Ability to Change Users Passwords.....................................................85
Exercise 7 : Grant Administrative Privilege with PolicyKit......................................................86
rn
Task 2: Grant the Privilege to Use GNOME Date & Time Tool..............................................................86
o
5
SUSE Linux Enterprise 12 Administration
Task 4: Remove an Installation Source with zypper..............................................................................95
Exercise 4 : Manage Software with YaST..............................................................................96
Task 1: Install Software Packages with YaST........................................................................................96
Task 2: Remove Software Packages with YaST....................................................................................96
Section 10 : Network Administration...............................................98
Exercise 1 : Configure the Network Connection Manually.....................................................99
Task 1: Note the Current Network Configuration...................................................................................99
y
Task 2: Delete the Current Network Setup with YaST............................................................................99
nl
Task 3: Configure the Network Manually.............................................................................................100
O
Exercise 2 : Configure Local Name Resolution...................................................................101
Task 1: Configure Local Name Resolution...........................................................................................101
e
Task 2: Test Name Resolution..............................................................................................................101
te Us
Exercise 3 : Save the Network Configuration to a File.........................................................102
Task 1: Save the Network Configuration to a File................................................................................102
Task 2: Test the Network Configuration................................................................................................102
bu r
Exercise 4 : Manage Network Configuration with Wicked...................................................104
tri ne
Task 1: Manage Network Configuration with Wicked...........................................................................104
Exercise 5 : Configure a Host Based Firewall with SuSEfirewall2.......................................106
is rt
Task 1: Use SuSEfirewall2 to Configure the Firewall...........................................................................106
D Pa
Section 11 : Storage Administration..............................................108
Exercise 1 : Manage Partitions with YaST...........................................................................109
ot d
6
SUSE Linux Enterprise 12 Administration
Exercise 7 : Create a Btrfs File System...............................................................................126
Task 1: Create some free space for a BtrFS filesystem.......................................................................126
Task 2: Create a BtrFS filesystem........................................................................................................126
Exercise 8 : Convert an Existing Directory into a Subvolume..............................................128
Task 1: Convert an Existing Directory into a Subvolume.....................................................................128
Exercise 9 : Work with Btrfs.................................................................................................130
Task 1: Work with BtrFS.......................................................................................................................130
y
Task 2: Work with BtrFS Subvolumes..................................................................................................133
nl
Exercise 10 : BtrFS: In-Place Migration and Maintenance..................................................136
Task 1: Convert an ext4 Filesystem to BtrFS.......................................................................................136
O
Task 2: Perform BtrFS Maintenance Tasks..........................................................................................137
Exercise 11 : Configure NFS................................................................................................139
e
te Us
Task 1: Setup and NFS Server.............................................................................................................139
Task 2: Setup and NFS Client..............................................................................................................140
Section 12 : Administration and Monitoring.................................142
bu r
Exercise 1 : Configure the NTP Service...............................................................................143
tri ne
Task 1: Configure the NTP Server.......................................................................................................143
is rt
Exercise 2 : Manage System Logging..................................................................................144
Task 1: Modify the rsyslog Configuration.............................................................................................144
D Pa
Task 2: Configure logrotate..................................................................................................................145
Section 13 : install SUSE Linux Enterprise..................................147
ot d
Lab Variables:.......................................................................................................................................151
rn
te
o
In
SE
SU
7
SUSE Linux Enterprise 12 Administration
Documentation Conventions:
y
nl
Bold Represents things you should pay attention to or buttons you
click, text or options that you should click/select/type in a
O
GUI.
e
te Us
Bold Gray Represents the name of a Task or in the context of what is
seen on the screen, the screen name, a tab name, column
name, field name, etc.
bu r
tri ne
Bold Red Represents warnings or very important information.
is rt
D Pa
Option > Option > Option Represents a chain of items selected from a menu.
ot d
8
SU
SE
In
te
rn
D al
o
N an
9
ot d
D Pa
is rt
tri ne
SUSE Linux Enterprise 12 Administration
bu r
te Us
e
O
nl
y
SUSE Linux Enterprise 12 Administration
Description:
y
In this section you will be introduced to YaST, manage the Linux Desktop and use
nl
Nautilus to manage the filesystem.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
10
SUSE Linux Enterprise 12 Administration
1- 1 Understand YaST
Description:
In this exercise, you learn how to use the different interfaces of YaST and how to start
some YaST modules.
y
nl
O
Task 1: Start YaST
1. Using server1 make sure you are logged in as tux.
e
te Us
2. To start YaST, from the Applications menu select system Tools > YaST and enter the
root password of linux when prompted.
The YaST Control Center appears
bu r
tri ne
Task 2: View the contents of a System Log File
1. is rt
Start the YaST System Log module by selecting Miscellaneous > System Log
D Pa
2. The messages log is displayed by default
3. If you like you can view other log files by selecting other entries from the drop-down list
4. Close the log window by selecting OK
ot d
N an
1. With the YaST Control Center open select System > Date and Time
rn
Region: Global
o
su –
in the terminal window enter the root password linux when prompted
11
SUSE Linux Enterprise 12 Administration
3. To view a list of the available YaST modules enter the following command:
yast -l
4. To start the ncurses interface of YaST enter the following command:
yast
Task 5: View the Content of a System Log File
y
1. Press the down-arrow key until the following is highlighted in the left frame:
nl
Miscellaneous
O
and press Tab
2. Press the down-arrow key until the following is highlighted in the left frame:
e
System Log
te Us
and press Enter
3. Press the down-arrow key until the following is highlighted:
bu r
/var/log/messages.log
tri ne
And press Enter
is rt
4. Press the Tab key until OK is highlighted and press Enter
D Pa
5. Press Alt+Q to Quit
6. Log out from the root account by entering:
exit
ot d
N an
Summary:
te
o
You should now be familiar with using the graphical and text versions of YaST to view
In
(End of Exercise)
SU
12
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you add and remove an application to your favorite applications.
nl
O
Task 1: Log into the Desktop (if required)
e
1. If not already logged in on server1, in the log in screen, click Tux Penguin
te Us
and enter the password linux.
2. Click Sign In and the GNOME desktop should start
bu r
tri ne
Task 2: Add an Application to your Favorite Applications
1. To open the main menu click Applications in the bottom left corner
is rt
2. Move the mouse pointer over System Tools and right-click the Terminal icon on the
D Pa
right
3. Select Add to Favorites from the pop-up menu and the Terminal icon should appear
under Favorites in the main menu
ot d
N an
1. To open the main menu, click Applications in the bottom left corner
rn
2. Move the mouse pointer over Favorites and right-click the Help icon on the right
3. Select Remove from Favorites from the pop-up menu the Help icon should disappear
te
o
Summary:
In this exercise, you added an application to your favorite applications. You also
SU
(End of Exercise)
13
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you practice using the Nautilus file manager.
nl
O
Task 1: Copy a File with Nautilus
e
1. Make sure you are logged in to server1 as tux
te Us
2. To start the Nautilus file manager double-click the Home icon on the desktop
3. To view the contents of the /etc directory, select Other Locations then from the right
frame select Computer
bu r
tri ne
4. Double-click the /etc icon
5. To copy the /etc/DIR_COLORS file onto the desktop, scroll down to the DIR_COLORS
is rt
file icon and right-click the icon. From the pop-up menu, select Copy To
D Pa
In the Select Destination window click the Home icon in the left frame and then
double-click the Desktop icon in the right frame. Then press the Select button
6. Switch back to your home directory by selecting Home folder in the left side panel
ot d
7. To move the DIR_COLORS file from the Desktop directory into your home directory do
N an
the following:
Double-click the Desktop icon in the right frame to see the content of the directory
D al
Click the DIR_COLORS file icon and keep the mouse button pressed
Drag the mouse pointer with the file icon over the Home icon in the left side panel
rn
2. Rename the copied file by right-clicking the DIR_COLORS file icon and select Rename
from the context menu
SU
3. For the new file name type example.txt and then press Enter
14
SUSE Linux Enterprise 12 Administration
In the confirmation dialog select Empty Trash
Summary:
In this exercise, you copied a file, renamed it and moved it into the trash.
y
(End of Exercise)
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
15
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you change the screen settings.
nl
O
Task 1: Change Screen Settings
e
1. Make sure you are logged in to server1 as tux
te Us
2. To start the display configuration tool from the Applications menu select System Tools
> Settings and in the Hardware section click Displays
3. In the display configuration tool there should be one display labeled “Unknown
bu r
tri ne
Display” listed. Select this item by clicking on it.
4. From the Resolution menu, select 1440x900 (16:10) and select Apply
is rt
5. In the confirmation dialog select Keep Changes
D Pa
6. Close the Displays window
Summary:
ot d
N an
(End of Exercise)
rn
te
o
In
SE
SU
16
SUSE Linux Enterprise 12 Administration
Description:
y
nl
There are no labs in this section.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
17
SUSE Linux Enterprise 12 Administration
y
Description:
nl
O
In this section you will learn how to use the available help systems. You will then
become familiar with using the shell. You will then use the command line to manage files
e
and folders.
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
18
SUSE Linux Enterprise 12 Administration
Description:
In this exercise, you use the whatis, man and info commands and navigate through
y
nl
the help text.
O
Task 1: Use the whatis and man Commands
e
te Us
1. Using server1 logged in as tux, right-click on the GNOME desktop, and select Open
Terminal from the context menu
2. Find the sections of the man pages for the info command by entering:
bu r
tri ne
whatis info
3. Read the first section (user commands) of the man pages of the info command by
entering: is rt
D Pa
man 1 info
4. To look for “filename,” enter:
ot d
/filename
N an
5. Scroll through the text with the up and down arrow keys.
6. When you finish viewing the information exit (quit) the man page by typing q
D al
rn
1. From the terminal window display the info pages for the info command by entering:
In
info info
SE
2. Move the cursor to the third reference (Invoking Info) by pressing Tab three times
3. Follow the reference by pressing Enter
4. Move the cursor to the reference Note Custom Key Bindings: by pressing Tab four
SU
times
5. Follow the reference by pressing Enter
6. Return to the page Note Custom Key Bindings: by typing l (lowercase L)
7. Exit the info file by typing q
8. Close the terminal window
19
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise, you used the whatis, man and info commands and navigated
through the help text.
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
20
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you use the shell history to retrieve and execute previously entered
nl
commands.
O
e
Task 1: Use the Shell History
te Us
1. Using server1 make sure you are logged in as tux, right-click on the GNOME desktop,
and select Open Terminal from the context menu
2. To view the history cache in a terminal window enter:
bu r
tri ne
history
3. Press the Up-arrow until you see a command you would like to execute then press
Enter
is rt
D Pa
4. Type h and press Page Up once, you should see the history command at the
command line again
ot d
Summary:
D al
In this exercise, you used the history command to retrieve and execute previously
rn
entered commands.
te
o
(End of Exercise)
In
SE
SU
21
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you redirect the output of commands into files and pipe the output of
nl
commands to other commands.
O
e
Task 1: Use Piping and Redirection
te Us
1. Using server1 logged in as tux In a terminal window pipe the output of the ls
command for the home directory (“~”) to a file by entering the following:
bu r
ls ~ > home_directory.txt
tri ne
2. Display the content of the file by entering:
is rt
cat home_directory.txt
D Pa
3. Append the output of the ls command for the root directory (“/”) to the
home_directory.txt file by entering the following:
ot d
ls / >> home_directory.txt
N an
ls / > home_directory.txt
o
In
7. Write the output of the ls command on the screen and into the home_directory.txt
file by entering the following:
SU
ls ~ | tee home_directory.txt
8. Display the content of the file by entering:
cat home_directory.txt
9. Remove the home_directory.txt file by entering:
rm home_directory.txt
10. Verify that the file was removed by entering:
22
SUSE Linux Enterprise 12 Administration
ls -l
11. Close the terminal window
Summary:
y
In this exercise, you redirected the output of a command.
nl
O
(End of Exercise)
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
23
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you learn how to use the cd, pwd, and ls commands, change the
nl
current directory and list the directory contents.
O
e
Task 1: Change Directories and List Directory Contents
te Us
1. On server1 logged in as tux describe what directories the following characters refer to:
.
bu r
..
tri ne
2. Launch a Gnome Terminal window and change to the /tmp directory by entering:
cd /tmp is rt
D Pa
3. Display the name of the current directory by entering:
pwd
ot d
cd ~
D al
cd /usr/share/doc
In
pwd
8. Change back to tux’s home directory by entering:
SU
cd -
9. Display the name of the current directory by entering:
pwd
10. Display the content of the current directory by entering:
ls
11. Display the content of the current directory, including the hidden files, by entering:
24
SUSE Linux Enterprise 12 Administration
ls -a
12. View the permissions and the file sizes of all the files in the current directory by
entering:
ls -la
y
Summary:
nl
In this exercise, you the file system and displayed the content of the current directory.
O
e
(End of Exercise)
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
25
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you copy and move files with the cp and mv commands, create
nl
directories with the mkdir command, delete files and directories with the rm and
O
rmdir commands and link files with the ln command.
e
te Us
Task 1: Use the cp and mv Commands
1. Logged to server1 as tux open a terminal window
bu r
2. Create a new_file file, if it does not exist use the following command:
tri ne
cd ; touch new_file
is rt
3. Rename new_file to my_file by entering the following:
D Pa
mv new_file my_file
4. Verify that the file was renamed by entering:
ot d
ls -l
N an
cp my_file my_file1
rn
ls -l /tmp
9. Move the /tmp/tac file to the home directory (~) by entering the following:
mv /tmp/tac ~
10. Verify the move by entering:
ls -l
11. Move and rename the /tmp/rename file to ~/my_file2 by entering the following:
26
SUSE Linux Enterprise 12 Administration
mv /tmp/rename ~/my_file2
12. Verify that the my_file2 file exists by entering:
ls -l
13. Copy the complete /bin/ directory to the home directory with the new directory being
named my_dir by entering the following:
cp -r /bin ~/my_dir
y
nl
14. Verify that the files were copied by entering:
O
ls -l ~/my_dir
e
te Us
Task 2: Create Directories
1. Create a directory named new_dir inside the my_dir directory by entering the
following:
bu r
tri ne
mkdir ~/my_dir/new_dir
2. Verify that the directory was created by entering the following:
is rt
D Pa
ls ~/my_dir
3. Create a directory tux_dir including a new directory empty_dir by entering the
following:
ot d
N an
mkdir -p ~/tux_dir/empty_dir
4. Verify that tux_dir was created by entering:
D al
ls
rn
ls tux_dir
o
In
rmdir tux_dir
A message is displayed indicating that the directory cannot be removed. This is
because the directory is not empty.
2. Remove the ~/tux_dir/empty_dir directory by entering the following:
rmdir ~/tux_dir/empty_dir
3. Verify that the empty_dir directory has been removed by entering:
ls tux_dir
27
SUSE Linux Enterprise 12 Administration
4. Remove the ~/tux_dir directory by entering:
rmdir tux_dir
5. Verify that the directory was removed by entering:
ls
6. Remove the ~/my_dir/login file by entering:
y
rm ~/my_dir/login
nl
7. Verify that the file has been removed by entering:
O
ls ~/my_dir/login
e
8. Remove all files with names that begin with “a” in the /home/tux/my_dir/ directory
te Us
by entering the following:
rm -i ~/my_dir/a*
bu r
Confirm every warning by entering:
tri ne
y
is rt
9. Remove the /home/tux/my_dir/ directory including its content by entering the
D Pa
following:
rm -r ~/my_dir
ot d
y
10. Verify that the directory has been removed by entering:
D al
ls ~/my_dir
rn
te
o
1. Enter the following to create a symbolic link to the my_file file in your home directory:
ln -s ~/my_file symlink
SU
2. Enter the following to create a hard link to the my_file1 file in your home directory:
ln ~/my_file1 hardlink
3. Display the links by entering:
ls -l
Notice that the symbolic link identifies the file it is linked to
28
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise, you copied and moved files. You also created and deleted directories
and links.
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
29
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you create an empty file and view the content of a file by using the
nl
cat, less, head, and tail commands.
O
e
Task 1: Use Shell Command to Work with Files
te Us
1. Make sure you are logged in as tux and open a terminal window
2. Open a second terminal window and log in as root (su -).
bu r
3. In the second terminal session display the content of the /var/log/messages file by
tri ne
entering:
cat /var/log/messages
is rt
D Pa
4. Display the content of /var/log/messages page-by-page by entering:
less /var/log/messages
ot d
/root
and find the next occurrence of the word “root” by typing:
D al
n
rn
6. Navigate through the output by using the cursor keys and the Page Up and the Page
te
Down keys
o
q
SE
9. View a continuously updated display of the last lines of the /var/log/messages file
by entering:
tail -f /var/log/messages
10. Arrange the terminal windows on the desktop so that you can see the content of both
11. In the first terminal window you opened in Step 1, log in as root (su -) entering an
invalid password such as blah
12. Notice that the login attempt is logged in the second terminal window
30
SUSE Linux Enterprise 12 Administration
13. In the first terminal window, log in as root (su -) using the correct password
14. The login is logged in the second terminal window
15. Log out as root in the first terminal window by entering:
exit
16. Close the first terminal window by entering:
exit
y
nl
17. Stop the tail process in the second terminal window by pressing:
Ctrl+C
O
18. Log out as root by entering:
e
exit
te Us
19. Close the terminal window
bu r
tri ne
Summary: is rt
D Pa
In this exercise, you viewed files. You also created and deleted directories and links.
ot d
(End of Exercise)
N an
D al
rn
te
o
In
SE
SU
31
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you will create archives using the tar command and sync these archives to
nl
another directory using rsync.
O
e
Task 1: Create a Tar Archive
te Us
1. Make sure you are logged as tux and open a terminal window
2. To create an empty directory, enter:
bu r
mkdir ~/source_dir
tri ne
3. To change into the new directory enter:
cd ~/source_dir is rt
D Pa
4. To create a tar archive out of the files in the /bin directory, enter the following:
tar cvf tar-archive.tar /bin
ot d
5. To create a gzipped tar archive out of the files in the /bin directory, enter the following:
N an
6. To create a bz2-zipped tar archive out of the files in the /bin directory, enter the
following:
rn
la
SE
mkdir /tmp/destination_dir
2. To sync the content of the source_dir directory into the destination_dir directory
enter:
rsync -av ~/source_dir/* /tmp/destination_dir/
3. To verify that the files were copied enter:
32
SUSE Linux Enterprise 12 Administration
la /tmp/destination_dir
1. To create new files in the source_dir directory, you can extract the file bin/login
from the gzip-archive.tar.gz archive. Enter the following:
y
tar xzvf gzip-archive.tar.gz bin/login
nl
2. To test if the extraction was successful enter:
O
ls -a ~/source_dir
e
3. You should see a new directory bin
te Us
4. To display the content of the bin directory enter:
ls -a ~/source_dir/bin
bu r
tri ne
5. You should see the extracted file login
6. To sync the content of the source_dir directory into the destination_dir directory
enter: is rt
D Pa
rsync -av ~/source_dir/* /tmp/destination_dir/
In the output on the screen you should see that only the bin directory and the login
ot d
Summary:
D al
rn
In this exercise, you created archives using the tar command and synchronized these
archives to another directory using rsync.
te
o
In
(End of Exercise)
SE
SU
33
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you find a special character combination in a file with the grep and
nl
egrep commands.
O
e
Task 1: Search File Content
te Us
1. Use server1 logged in as tux
2. From a terminal window find all HTML headings of hierarchy 2 in the
/usr/share/doc/packages/yast2-users/users.html file by entering the
bu r
tri ne
following (on one line):
grep "<h2>" /usr/share/doc/packages/yast2-users/users.html
is rt
The output may appear similar to this:
D Pa
<h2>Features (SL9.3)</h2>
<h2>Implementation</h2>
ot d
<h2>The files</h2>
N an
34
SUSE Linux Enterprise 12 Administration
Summary:
In this task you used grep and egrep to search for the string “<h2>” in a HTML file.
You then searched for all TXT files that include lines beginning with a number and
finally you searched for TXT files that include lines beginning with the letter “m” or “n”.
y
nl
(End of Exercise)
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
35
SUSE Linux Enterprise 12 Administration
Description:
y
nl
You will learn the basic functions of the Vim editor.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
36
SUSE Linux Enterprise 12 Administration
Description:
In this exercise, you use the vimtutor application to learn more about vim.
y
nl
O
Task 1: Run vimtutor
e
1. Make sure you are logged in to server1 as tux
te Us
2. Right-click on the GNOME desktop and select Open Terminal from the context menu
3. To run vimtutor enter:
vimtutor
bu r
tri ne
4. Follow the instructions in the vimtutor
is rt
D Pa
Summary:
In this exercise, you used the vimtutor application to learn more about vim.
ot d
N an
(End of Exercise)
D al
rn
te
o
In
SE
SU
37
SUSE Linux Enterprise 12 Administration
5 Remote Administration
Description:
y
nl
You will use SSH and VNC to remotely manage systems.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
38
SUSE Linux Enterprise 12 Administration
Description:
In this exercise, you practice using the SSH suite of utilities.
y
nl
O
Task 1: Access a remote server using SSH
e
1. Using server2 logged in as tux
te Us
2. Open a terminal window and enter the following command to connect to the server1
machine:
ssh tux@server1
bu r
tri ne
If prompted accept server1's host key by entering:
yes is rt
D Pa
3. When prompted enter tux's password for server1 (linux)
You are now logged in to server1 as tux
4. Log out by entering:
ot d
exit
N an
After entering tux's password, a list of all processes currently running on server2 should
be displayed
SE
39
SUSE Linux Enterprise 12 Administration
You should see the hosts file from the server2 server in your /tmp directory
4. Enter the following command on server1 to copy the /etc/hosts file from server1 to
tux’s home directory on server2:
scp /etc/hosts tux@172.17.2.22:~
When prompted enter tux's password for server2
5. On server2 browse to the tux user's home directory (/home/tux) to verify that the file
y
was copied
nl
You should see the hosts file from the server1 in the tux user’s home directory on
server2
O
e
Task 3: Use sftp
te Us
1. Do the following on server1
2. Enter the following command to connect via sftp to server2:
bu r
sftp tux@172.17.2.22
tri ne
When prompted enter tux's password for server2
is rt
3. You should be at an sftp> prompt on server2
D Pa
4. Enter the following command to copy the /bin/date program from server2 to tux’s
home directory:
get /bin/date /home/tux/
ot d
N an
6. Browse to the tux user's home directory to verify that the file was transferred
rn
te
o
Summary:
In
(End of Exercise)
SU
40
SU
SE
In
te
rn
D al
o
N an
41
ot d
D Pa
is rt
tri ne
SUSE Linux Enterprise 12 Administration
bu r
te Us
e
O
nl
y
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you practice using SSH with public key authentication.
nl
O
Task 1: Generate an SSH Key Pair
e
1. Using server1 logged in as tux
te Us
2. Open a terminal window and enter the following command to generate an SSH key pair:
ssh-keygen -t rsa -b 4096
bu r
3. Accept the default location for the key (/home/tux/.ssh/id_rsa)
tri ne
4. Enter a passphrase of:
sles12 is rt
D Pa
Information about your key pair, such as the location of your identification and the public
key, is displayed
ot d
N an
2. Enter the following command to upload your public key to tux on server2:
ssh-copy-id -i ~/.ssh/id_rsa.pub tux@172.17.2.22
rn
3. After authentication you should see a message that the key was uploaded successfully
In
SE
Task 3: Verify Key Based Login and Store the Private Key in the SSH Agent
1. Using server1 enter the following command to connect to server2 via ssh as tux:
SU
ssh tux@172.17.2.22
You should be prompted for a passphrase to unlock the private key (sles12)
2. Log in then log out by entering:
exit
3. On server1, enter the following command to determine if the SSH Agent has been
started:
ps aux | grep -i ssh-agent
42
SUSE Linux Enterprise 12 Administration
You should see an ssh-agent process for your user account. If the SSH Agent is not yet
running for your account, start it by entering the following command:
eval $(ssh-agent -s)
4. Enter the following command to add your key to the SSH Agent:
ssh-add
5. When prompted, enter the passphrase of each of the keys that are being added to the
y
ssh-agent (sles12)
nl
6. On server1, enter the following command to connect to server2 via ssh as tux again:
O
ssh tux@172.17.2.22
e
This time you are not prompted for a password or passphrase because the ssh-agent
provided the key for you
te Us
7. Stay logged into server2 for the next task
bu r
tri ne
Task 4: Disable Password Based Logins
1. Using server2 enter:
is rt
D Pa
su –
with password linux to become root
In the text editor of your choice, open the /etc/ssh/sshd_config file to be edited
ot d
2.
N an
no
rn
no
5. Save the file and close the text editor
SE
7. While still on server2, enter the following command to connect back to localhost:
ssh tux@localhost
and when asked whether you want to continue connecting, enter:
yes
You should see an error message and no prompt for a password
8. On server2, log out as root by entering:
43
SUSE Linux Enterprise 12 Administration
exit
9. Log out from server2 by entering:
exit
10. From your tux account on server1, log back in to server2 by entering:
ssh tux@172.17.2.22
y
11. Despite your changes of the sshd configuration on server2 you should still be able to
nl
log in because you are using public key authentication
12. Switch to the root user account on server2 with the su – command and in the text
O
editor of your choice, open the /etc/ssh/sshd_config file and undo the changes
made at the beginning of this task
e
13. Restart the ssh daemon:
te Us
systemctl restart sshd
14. On server2, log out as root by entering:
bu r
tri ne
exit
is rt
15. Log out from server2 by entering:
D Pa
exit
ot d
Summary:
N an
In this exercise, you practiced using SSH with public key authentication.
D al
rn
(End of Exercise)
te
o
In
SE
SU
44
SUSE Linux Enterprise 12 Administration
Description:
y
Configure and use remote administration. In this lab you will remotely manage server2
nl
from server1 using VNC.
O
e
Task 1: Check remote administration is not enabled on server2
te Us
1. Logged in as tux to server2 run Yast2 and when prompted enter the root's password:
linux
2. Open the Remote Administration (VNC) module. Notice that Remote Administration is
bu r
tri ne
currently disabled.
3. Cancel the Remote Administration configuration dialogue box
is rt
D Pa
Task 2: Try to remotely administer server1 from server2
1. On server1 logged in as tux open a terminal window
ot d
2. In the terminal window run the vncviewer and attempt to connect to server2:
N an
vncviewer server2.suse.com:1
The session does not connect.
3. Terminate the vncviewer:
D al
Press Enter
rn
At this point we know the remote administration is disabled on server2 but there could
also be firewall issues.
te
o
2. Select:
Remote Administration (VNC)
SU
45
SUSE Linux Enterprise 12 Administration
5. Read the warning and select:
OK
6. Change to the first virtual console:
From the menu select Send Key → CTRL + ALT + F1
7. Login as root and change the target to 3:
y
systemctl isolate runlevel3
nl
8. Now change the target back to 5:
O
systemctl isolate runlevel5
e
9. Logout as root
te Us
10. Use the Send Key option and select Ctrl + Alt + F7 to return to the graphical interface
bu r
Task 4: Remotely administer server2 from server1
tri ne
1. On server1 in a terminal window as tux start the vncviewer and connect to server2:
is rt
vncviewer server2.suse.com:1
D Pa
2. At the certificate warning click:
Yes
ot d
to continue
N an
Yes
rn
Summary:
SE
Server2 was configured to allow remote administration and the port in the firewall was
opened. A remote session was initiated from server1 using the vncviewer client.
SU
(End of Exercise)
46
SUSE Linux Enterprise 12 Administration
6 System Initialization
Description:
y
nl
Yo will examine the boot process. You will then manage services using systemd.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
47
SUSE Linux Enterprise 12 Administration
y
nl
Task 1: Secure Access to GRUB with a Password
O
1. Using server1 open a terminal window and if not already logged in as the root user,
enter:
e
te Us
su –
to become root
2. Enter the following command to generate an encrypted password to be used for GRUB:
bu r
tri ne
grub2-mkpasswd-pbkdf2
is rt
3. Enter the following password:
D Pa
secret
4. Copy the whole password from the terminal window into the clipboard
ot d
Attention: The password starts with grub.pbkdf2.sha512 and looks like this:
N an
grub.pbkdf2.sha512.10000.B9CEAE5D663870390C7ACD3BF6C0C926B0715D0BAF2
7726FA211925712D0D38B9D573037D42B1C4B32029AF5AD3E9F641594C1181653D
C2324F91F0D6CDA761D.9B5CCAADF00BD2C1DBC03FD80060EE1F8B9AB2F81F2
D al
BD927F3B99C21406EA8D04BDD5E59336D89756A3BDB5A622365AB4BAD3575AC7
A2F44B35BC8A9D4E5D9BF
rn
5. In the text editor of your choice, open the /etc/grub.d/40_custom file to be edited
te
o
set superusers="root"
password_pbkdf2 root GRUB_PW
SE
48
SUSE Linux Enterprise 12 Administration
e
You should be prompted to enter a username
4. Enter:
root
and press Enter
5. You should be prompted to enter a password. Enter the password you set previously
y
(secret)
nl
6. You should now be able to edit the menu items
O
7. To return to the GRUB menu, press:
Esc
e
te Us
8. Select the default boot entry and continue to boot
9. Log in as root and undo the changes made previously in this task
bu r
tri ne
Summary:
is rt
In this exercise, you set a password on GRUB.
D Pa
(End of Exercise)
ot d
N an
D al
rn
te
o
In
SE
SU
49
SUSE Linux Enterprise 12 Administration
2 Manage Services
Description:
y
In this exercise, you manage services with the systemctl command.
nl
O
Task 1: Manage Services
e
1. Using server2 logged in as tux open a terminal window and enter:
te Us
su -
to become root.
bu r
tri ne
2. View the status of the Network Time Protocol (NTP) daemon:
systemctl status ntpd
is rt
3. Unless it has been changed from the default installation, it is not enabled and not active.
D Pa
The output should look like this:
ntpd.service - NTP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled)
ot d
Docs: man:ntpd(1)
4. Start the NTP daemon:
D al
or
In
rcntpd start
6. Check the status again:
SE
50
SUSE Linux Enterprise 12 Administration
CGroup: /system.slice/ntpd.service
└─5474 /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -i
/v...
8. Check to see if the NTP daemon is enabled:
systemctl is-enabled ntpd
Notice that the service is marked as disabled
9. Enable the NTP daemon to make sure it starts when the system boots:
y
systemctl enable ntpd
nl
10. Check the status again:
O
systemctl status ntpd
e
11. The output should begin like this:
te Us
ntpd.service - NTP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled)
bu r
Notice that the service is now marked as enabled
tri ne
12. Review systemd information regarding NTP daemon:
is rt
systemctl show ntpd.service | less
D Pa
13. To exit less press:
q
ot d
51
SUSE Linux Enterprise 12 Administration
Notice that the service is now marked as disabled, but it is still running
21. Stop the NTP daemon:
systemctl stop ntpd
22. Check the status again:
systemctl status ntpd
y
23. The output should begin like this:
nl
ntpd.service - NTP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; disabled)
O
Active: inactive (dead)
e
24. Mask the NTP daemon unit file:
te Us
systemctl mask ntpd
25. Check the status again:
bu r
systemctl status ntpd
tri ne
26. The output should begin like this:
ntpd.service is rt
Loaded: masked (/dev/null)
D Pa
Active: inactive (dead)
27. Try to start ntpd again:
ot d
Summary:
In this exercise you started, stopped, enabled, disabled, masked and unmasked the
NTP service using the applicable systemctl commands.
(End of Exercise)
52
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you work with systemd's target units.
nl
O
Task 1: Change to Different Targets
e
1. Using server2 logged in as tux open a terminal window and switch to the root user
te Us
account:
su -
bu r
2. View the configured targets:
tri ne
systemctl list-units --type target
is rt
3. In the terminal window, enter:
D Pa
systemctl isolate multi-user.target
The graphical interface shuts down and you are switched to the first virtual console
ot d
4. From the menu select Send Key → Ctrl+Alt+F2 to switch to the second virtual console
N an
You see a brief list of instructions on how to change to a different target or how to reboot
the system
te
o
1. Reboot server2
2. When the boot screen appears, press
SU
e
to edit the kernel command line
3. (Conditional) If you are prompted to enter a boot password, enter:
secret
4. Move the cursor down to the line that starts with linux and move the cursor to the end
of that line. Add the following text at the end:
systemd.unit=emergency.target
5. From the virtual machine window select Send Key → F10 to boot
53
SUSE Linux Enterprise 12 Administration
6. If requested at the prompt, enter the root password
7. Start the graphical user interface:
systemctl isolate graphical.target
8. Conditional: Sometimes there is a problem starting the graphical interface on the kvm
machine, if you have a problem restart server2
9. Log in to the graphical environment as tux
y
nl
Task 3: Add Services to and Remove Services from a Target Unit
O
1. Using server2, as root log in to a virtual terminal, or, in the graphical environment, open
a terminal window and su - to root
e
2. Enter the following:
te Us
la /etc/systemd/system/multi-user.target.wants/ | grep sshd
You should see in the output that ssh.service is a link to
bu r
tri ne
/usr/lib/systemd/system/sshd.service
3. To copy the existing sshd.service file to /etc/systemd/system/, enter the
is rt
following in one line:
D Pa
cp /usr/lib/systemd/system/sshd.service /etc/systemd/system/
4. Open the /etc/systemd/system/sshd.service file in an editor such as vi and
ot d
WantedBy=multi-user.target
by
D al
WantedBy=graphical.target
rn
54
SUSE Linux Enterprise 12 Administration
reenable the service again:
rm /etc/systemd/system/sshd.service
systemctl reenable sshd
As there is no /etc/systemd/service/sshd.service file anymore, the installed
configuration in /usr/lib/systemd/system/sshd.service is used again
y
nl
Summary:
O
In this exercise, you worked with systemd's target units.
e
te Us
(End of Exercise)
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
55
SUSE Linux Enterprise 12 Administration
7 Process Management
Description:
y
nl
In this section you will manage processes, schedule jobs and use xinetd.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
56
SUSE Linux Enterprise 12 Administration
Description:
In this exercise you modify process priorities using the nice and renice commands.
y
nl
O
Task 1: Modify Process Priority
e
1. On server1 logged in as tux start the GNOME System Monitor tool:
te Us
From the Applications menu select Utilities > System Monitor
2. In the System Monitor dialog, click the Processes tab and search for the gnome-
system-monitor entry in the list of processes. Record the PID (column ID) for gnome-
bu r
system-monitor:
tri ne
3. _________
4. Open a terminal window
is rt
5. To view all running processes enter:
D Pa
ps xl (lower case L)
Notice that the nice value (NI) is currently at 0
ot d
N an
renice -5 -p <PID_OF_SYSTEM-MONITOR_PROCESS>
te
Note: A regular user can change the nice value but is only allowed to decrease the
o
priority.
In
renice -5 -p <PID_OF_SYSTEM-MONITOR_PROCESS>
10. Check that the setting is effective by entering:
SU
ps xl (lower case L)
Notice that the process is not displayed, because ps xl only displays processes
started by the current user. The System Monitor program was started by tux not root
11. View all processes by entering:
ps axl (with a lower case L)
The System Monitor process is now displayed, with a nice value of -5
57
SUSE Linux Enterprise 12 Administration
12. Change the nice value for the System Monitor process to a higher priority by entering:
renice -10 -p <PID_OF_SYSTEM-MONITOR_PROCESS>
13. Verify that the gnome-system-monitor process nice value is set to -10 by entering:
ps axl (with a lower case L
14. Exit the shell running as root by entering:
y
exit
nl
15. You should now be user tux again
O
Task 2: Specify Process Priority at Program Start
e
te Us
1. Start the xeyes program in the background with the nice value of +10 by entering:
nice xeyes &
bu r
2. Verify that the xeyes process nice value is set to +10 by entering:
tri ne
ps axl
is rt
D Pa
Task 3: Terminate Processes
1. To kill the gnome-system-monitor, enter:
ot d
kill <PID_OF_SYSTEM-MONITOR_PROCESS>
N an
Summary:
In this exercise, you modifed process priorities using the nice and renice
SE
commands.
SU
(End of Exercise)
58
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you practice starting and stopping processes.
nl
O
Task 1: Display Linux Processes
e
1. Using server1 open a terminal window and enter:
te Us
su –
to become root
bu r
tri ne
2. At the command line, display the processes that are currently owned by tux by entering:
ps -lu tux (with a lowercase L)
is rt
D Pa
3. Display the processes that are currently owned by root by entering:
ps -lu root
ot d
1. In the terminal window, start the GNOME System Monitor program by entering:
gnome-system-monitor
D al
Notice that the terminal is not available to receive new commands because no
rn
command line is displayed. This is because the GNOME System Monitor program is
running in the foreground
te
o
2. Arrange the GNOME System Monitor window and the terminal window so that you can
In
Ctrl+Z
4. Try using the System Monitor tool display processes
SU
Because its process was suspended, the tool does not respond
5. View the job in the background by entering:
jobs
You should see that the gnome-system-monitor job is stopped
6. View the gnome-system-monitor process running from the current terminal by entering:
ps -l
The process shows a status of T, which indicates that it is being traced or stopped
59
SUSE Linux Enterprise 12 Administration
7. Resume the System Monitor program running in the background by entering:
bg 1
Notice that the System Monitor program is running again. Because it’s running in the
background, you can now use the terminal window to enter other commands
8. Verify that the job status is running by entering:
jobs
y
You should see that the gnome-system-monitor job is now running
nl
9. View the GNOME System Monitor branch in the process tree by entering
O
pstree -p | grep -C 5 gnome-system-mo
e
(-C 5 displays 5 lines above and 5 lines below the line that matches)
te Us
Notice that the gnome-system-monitor process is listed at the end of the tree
10. Bring the gnome-system-monitor process into the foreground by entering:
bu r
fg 1
tri ne
11. Close the System Monitor program
is rt
Task 3: Start Processes that Ignore HANGUP
D Pa
1. Start the System Monitor in the background by entering:
nohup gnome-system-monitor &
ot d
N an
NOTE: The nohup command runs a command in such a way that it ignores any
HANGUP kill signals sent to it.
D al
4. Open a new terminal window and as user tux start the top program by entering:
In
top
SE
then entering:
root
6. Check for the System Monitor program (gnome-system-monitor) listed in top
(Conditional) If you cannot find the gnome-system-monitor process, try maximizing the
terminal window. You can also activate the System Monitor window and switch between
the Processes, Resources and File Systems lists. This should cause the gnome-
system-monitor process to be moved near the top of the output in top
7. You can also enter F in top and select PID as the sort column. If needed, you can also
60
SUSE Linux Enterprise 12 Administration
reverse the sort order by pressing R
8. Record the PID of the gnome-system-monitor process:
9. ______________
10. Exit top by typing:
q
11. View information about the gnome-system-monitor process by entering:
y
ps <PID_OF_SYSTEM-MONITOR_PROCESS>
nl
Task 4: Terminate Linux Processes
O
1. Switch to your root user account using the su – command
e
2. Stop the System Monitor program and check the status by entering the following
te Us
commands:
kill <PID_OF_SYSTEM-MONITOR_PROCESS>
ps aux | grep gnome-system-monitor
bu r
tri ne
3. Start the xeyes program in the background by entering:
xeyes & is rt
D Pa
4. Start a second xeyes program in the background by entering:
xeyes &
ot d
killall xeyes
D al
rn
Summary:
te
o
(End of Exercise)
SE
SU
61
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you use the screen command to launch processes in new pseudo
nl
terminals and then detach from and reattach to these pseudo terminals.
O
e
Task 1: Use the screen Command
te Us
1. Using server1 logged in as tux open a terminal window
2. To log in server2 via SSH enter:
bu r
ssh 172.17.2.22
tri ne
3. Enter the following command to launch a new screen session:
screen is rt
D Pa
4. Press Enter to close the welcome screen and to see a command prompt
5. Enter the following command to launch the top process in the screen session:
ot d
top
N an
Ctrl+A, Ctrl+D
rn
8. Enter the following command to view the list of currently running screen sessions:
o
In
screen -list
You should see only one screen session running. Its name is <PID>.<session_name>,
SE
where <PID> is the process ID and <session_name> is the name of the pseudo
terminal and host name.
9. Enter the following command to reattach to the running screen session:
SU
screen -r
You should be reattached to the screen session and should see the top command still
running
10. Detach from the screen session again (Ctrl+A, Ctrl+D), and log out of server2 by
entering:
exit
62
SUSE Linux Enterprise 12 Administration
11. To log back into server2 again, enter:
ssh 172.17.2.22
12. Open a terminal window and list the running screen session:
screen -list
You should see the screen sessions is still running
13. Install the sysstat package:
y
nl
sudo zypper in sysstat
O
and answer:
y
e
to install the package.
te Us
14. Enter the following command to launch a new command in a new screen session, give
the screen session a descriptive name and then immediately detach from the screen
session:
bu r
tri ne
screen -S mpstat -d -m mpstat
15. List the currently running screen sessions again:
is rt
D Pa
screen -list
You should see two screen sessions running with the new one having the descriptive
name of “mpstat” rather than the pseudo terminal number and host name
ot d
16. Enter the following command to reattach to the “top” screen session:
N an
screen -r <PID>.<sessions_name>
(Where the <PID> is the process ID and <session_name> is the pseudo terminal
D al
q
In
You should see that you are still attached to the “top” screen session
19. Enter the following command to terminate the screen session you are attached to:
exit
20. List the screen sessions again:
screen -list
You should see that the screen session you were previously attached to is gone
21. Reattach to the other screen session:
63
SUSE Linux Enterprise 12 Administration
screen -r
22. Terminate the mpstat command by pressing:
Ctrl+C
You should see the command terminating and the screen session terminating as well
Note: Terminating a command that was launched in a detached screen session
terminates the screen session at the same time.
y
23. List the current running screen sessions again:
nl
screen -list
O
You should see that there are no screen sessions running
e
24. To log out of server2, enter:
te Us
exit
bu r
tri ne
Summary:
is rt
In this exercise you used the screen command to launch processes in new pseudo
D Pa
terminals and then detached from and reattached to these pseudo terminals.
ot d
N an
(End of Exercise)
D al
rn
te
o
In
SE
SU
64
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you practice scheduling jobs using the at and cron daemons.
nl
O
Task 1: Schedule Jobs with at
e
1. Using server1 open a terminal window as tux
te Us
2. Switch to root using the su - command
3. Check to see if the at service is running by entering the following at the shell prompt:
bu r
systemctl status atd.service
tri ne
If the command returns that the status is inactive, enter the following at the shell prompt:
is rt
systemctl start atd.service
D Pa
4. Display the current date and time by entering the following at the shell prompt:
date
ot d
5. Three minutes from now, log who is currently logged in to the /var/log/messages file
N an
(Replace "HH:MM" with an hour and minute setting 3 minutes from now)
rn
Ctrl+D
SE
or
at -l
Note the job number listed:
8. ______________
9. Enter the following at the shell prompt:
tail -f /var/log/messages
10. Wait for the rest of the three minutes to pass
65
SUSE Linux Enterprise 12 Administration
Login information for tux is listed at the end of the file
11. Stop the tail command by entering:
Ctrl+C
12. Schedule the same job to run tomorrow at noon by entering the following commands:
at noon tomorrow
finger >> /var/log/messages
y
13. Exit the at editor by pressing:
nl
Ctrl+D
O
14. Schedule the date to be logged tomorrow at 2:00 p.m. to the /var/log/messages file
e
by entering the following:
te Us
at 14:00 tomorrow
date >> /var/log/messages
bu r
15. Exit the at editor by pressing:
tri ne
Ctrl+D
is rt
16. View the scheduled at jobs by entering:
D Pa
atq
or
ot d
at -l
N an
Notice that the two jobs are listed, each with an individual job number
17. Remove the job scheduled for tomorrow at 2:00 p.m. by entering:
D al
atrm JOB_NUMBER
rn
Replace JOB_NUMBER with the job number listed from the atq command, above
te
o
atq
SE
or
at -l
SU
Only the job scheduled for 12:00 p.m. should still be listed
66
SUSE Linux Enterprise 12 Administration
3. Press the Insert key to enter insert mode
4. To schedule finger to run every minute and write the output to the ~/users.log file by
enter the following:
* * * * * finger >> ~/users.log
and press:
Esc
y
5. To save the file and exit the vi editor by enter:
nl
:wq
O
6. Watch the users.log file for a few minutes and validate that it is being updated by
entering the following at the shell prompt:
e
te Us
tail -F ~/users.log
The -F option is a shortcut for -f --retry that keeps trying to open a file even if it is
inaccessible when tail starts
bu r
tri ne
7. When finished, press:
Ctrl+C
is rt
to break out of tail
D Pa
8. Remove tux’s crontab file by entering the following at the shell prompt:
crontab -r
ot d
N an
9. Verify that the crontab file no longer exists by entering the following at the shell
prompt:
D al
crontab -l
rn
10. Verify that the cron job you defined in Step 2 is no longer active by entering the
following at the shell prompt:
te
o
tail -f ~/users.log
In
Ctrl+C
SU
67
SUSE Linux Enterprise 12 Administration
4. Add a job that runs at 2:00 a.m. every Tuesday and creates a tarball of /etc that is
saved in /tmp by entering the following:
0 2 * * 2 tar czvf /tmp/etc.tgz /etc
5. Press:
Esc
6. To save the file and exit the vi editor by enter:
y
nl
:wq
O
7. Verify that the job is in the crontab file for root by entering the following at the shell
prompt:
e
crontab -l
te Us
8. Remove root’s crontab file by entering the following at the shell prompt:
crontab -r
bu r
tri ne
9. Verify that the crontab file no longer exists by entering the following at the shell
prompt:
crontab -l
is rt
D Pa
10. Close all open windows
ot d
N an
Summary:
In this exercise you scheduled jobs using the at and cron daemons.
D al
rn
(End of Exercise)
te
o
In
7- 5
SE
Configure xinetd
SU
Description:
In this exercise you will use the YaST Network Services (xinetd) module to set
services. You then manually setup a service with xinetd.
68
SUSE Linux Enterprise 12 Administration
cnf tftp
2. Install the tftp packages:
sudo zypper --non-interactive in tftp
3. Enter the root password (linux) when prompted
4. Launch the YaST Control Center and enter the root users password
5. In YaST select Network Services > Network Services (xinetd)
The Network Services Configuration (xinetd) dialog appears
y
6. Select Enable
nl
The list of currently available services becomes active
O
7. Scroll down and select the service tfpd (Server: /usr/sbin/in.tftpd), then set the
service to On by selecting Toggle Status (On or Off)
e
If the tftpd package was not installed, it would be installed now.
te Us
8. Save the configuration to the system by clicking Finish
9. Review the /etc/xinetd.d/tftp file. Look for the server-args line and note the
server directory after the -s option: /srv/tftpboot
bu r
tri ne
10. Change to the root user:
su -
is rt
and enter the root users password, linux
D Pa
11. Copy some file to that directory:
cp /etc/motd /srv/tftpboot
ot d
tftp localhost
get motd
quit
D al
ls motd
te
o
In
disable = yes
to
disable = no
4. Save the changes and close the text editor
5. In the text editor of your choice open the /etc/rsyncd.conf file
6. Add the following at the end of the file:
[Home]
path = /home
69
SUSE Linux Enterprise 12 Administration
comment = Home Directories
7. Save the file and close the text editor
8. Restart the xinetd service:
systemctl restart xinetd.service
9. To test the rsync service, open a terminal window and enter:
rsync localhost::
y
10. You should see the Home module defined above
nl
O
Summary:
e
In this exercise you used the YaST Network Services (xinetd) module to set up a tftp
te Us
server on your computer. You then manually configured the rsync server in
/etc/xinetd.d/ to activate the service.
bu r
tri ne
(End of Exercise)
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
70
SUSE Linux Enterprise 12 Administration
Description:
y
nl
In this section you will manage users and groups. You will also manage permissions and
access control lists. You will then configure user privileges.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
71
SUSE Linux Enterprise 12 Administration
Description:
In this exercise you will use YaST to create and delete user accounts.
y
nl
O
Task 1: Create a New User Account with YaST
e
1. Using server1 log in as tux
te Us
2. To start YaST:
From the Applications menu select System Tools > YaST
3. When prompted enter the root password (linux)
bu r
tri ne
4. Scroll down to the Security and Users section and select User and Group
Management
is rt
5. On the Users tab, add a new user by selecting Add
D Pa
6. Enter the following information:
User’s Full Name: Emperor Penguin
Username: emperor
ot d
Password: linux
N an
Click on the Power icon at the bottom right hand end of the taskbar, select Tux Penguin
→ Logout → Logout
SU
72
SUSE Linux Enterprise 12 Administration
Notice there are directories for users emperor and tux
3. Browse the File System to the /etc directory (Other Locations → Computer > etc)
4. Open the passwd file by double-clicking it
Notice the entries for users emperor and tux at the end of the file
5. Close all windows
Task 4: Remove the New User Account
y
1. Log out as user emperor
nl
2. Log in as Tux Penguin
O
3. Start YaST and enter the root password (linux)
4. Select Security and Users section select User and Group Management
e
5. From the list of users, select emperor then click Delete
te Us
6. Select Delete Home Directory /home/emperor, click Yes and then OK
7. Close the YaST Control Center window
8. To confirm that the user emperor has been removed continue with the next steps
bu r
tri ne
9. Start the Nautilus file manager
10. Browse the File System to the /home directory
is rt
Notice there is only one entry for user tux
D Pa
11. Browse to the /etc directory and open the passwd file
Note that the entry for emperor has been removed from the end of the file
ot d
Summary:
D al
rn
In this exercise you used YaST to create and delete user accounts.
te
o
(End of Exercise)
In
SE
SU
73
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you add, modify and remove local users and groups using the
nl
command line utilities.
O
e
Task 1: Create a Local User Account from the Command Line
te Us
1. Using server1 open a terminal window and if not already logged in as the root user,
enter:
su –
bu r
tri ne
to become root.
2. Enter the following command to create a new local user:
is rt
D Pa
useradd -m -c "Emperor Penguin" emperor
3. Enter the following command to verify that the user was created:
ot d
You should see the new emperor user listed (getent is a command to get entries from
an administrative database, such as the user database)
D al
4. Enter the following command to verify that the emperor user's home directory was
created:
rn
ls -l /home
te
o
5. Enter the following command to view the emperor user entry in the /etc/passwd file:
grep emperor /etc/passwd
SE
74
SUSE Linux Enterprise 12 Administration
8. Look at the emperor entry in the /etc/shadow file again:
grep emperor /etc/shadow
You should see the encrypted password in the emperor user line now
y
nl
groupadd admins
O
2. Enter the following command to verify that the group was created:
getent group
e
te Us
You should see the new admins group listed
3. Enter the following command to view the admins group line of the /etc/group file:
grep admins /etc/group
bu r
tri ne
Notice that there are currently no members of the group admins
4. Enter the following command to add the emperor user to the admins group:
is rt
D Pa
usermod -a -G admins emperor
If you don't use option -a the previous members of the group are removed from the
group
ot d
You should see that the emperor user is now a member of the admins group
rn
1. This is a challenge task. You are not given the step-by-step instructions to perform the
In
task. Rather you must use knowledge previously gained to successfully complete the
task.
SE
There are some methods available that can be used to create a user account and set a
valid password for the account without being prompted to enter the password
interactively. These methods can be used in scripting to automate the user account
SU
75
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise you added, modified and removed local users and groups using
command line commands.
y
nl
O
(End of Exercise)
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
76
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you will manage different file permissions.
nl
O
Task 1: Create a Private and a Public Directory
e
1. Using server1 logged in as tux, open a terminal window, and switch to root (su -)
te Us
2. Create the /files directory by entering:
mkdir /files
bu r
tri ne
3. Change to the /files/ directory by entering:
cd /files
is rt
4. To create the private and public subdirectories under /files/, enter:
D Pa
mkdir private public
5. Change the permissions on the private directory so that only root has read, write,
ot d
6. Change permissions on the public directory so that everyone has rights to the
directory by entering:
rn
ls -l
SE
77
SUSE Linux Enterprise 12 Administration
and you receive the message Permission is denied
3. Try to create a file named tuxfile in the public directory by entering:
touch public/tuxfile
4. Verify that the file is created by entering:
ls public
5. Change to the public directory by entering:
y
nl
cd public
O
6. List the permissions of the tuxfile file by entering:
ls -l tuxfile
e
te Us
Notice that members of the users group and others have only read permission for the
file
7. Change permissions so that members of the users group have write permissions and
bu r
others do not have any permissions by entering the following:
tri ne
chmod g+w,o-r tuxfile
is rt
8. Verify the change by entering:
D Pa
ls -l
9. Close the terminal window
ot d
N an
Summary:
D al
(End of Exercise)
In
SE
SU
78
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you will practice using ACLs.
nl
In the first task, you will create the /tmp/acl_test/ directory as root and set rwx
O
rights for the owner only. You then set ACLs to allow the tux user to change into that
directory.
e
te Us
In the second task, you will create a file in the /tmp/acl_test/ directory as root
using touch. Then you change the default ACLs for the /tmp/acl_test/ directory to
give tux both read and write access to files and directories and create another file in
bu r
tri ne
that directory to compare the different permissions set for the two files.
In the third task of this exercise, you will practice removing the ACLs that you have set.
is rt
D Pa
Task 1: Configure the ACLs of a Directory
ot d
1. Log in to server1 as tux (password linux) and open a terminal window and switch to
N an
cd /tmp
te
o
3. Create a acl_test directory and set the permissions to rwx for the owner (700):
In
The command fails because tux (who is not the owner of the directory) has no
permission to read and change into the directory
6. Switch to the root terminal session. Display the minimum ACL of the directory:
getfacl acl_test
It should should show the rwx permissions for the owning user and no permission for
anyone else
7. Add an extended ACL:
setfacl -m u:tux:rwx acl_test
79
SUSE Linux Enterprise 12 Administration
8. Switch to the tux terminal and try to access the directory again by entering:
cd /tmp/acl_test
Because of the extended ACL, you can now change into the directory
9. Switch to the root terminal and display the extended ACL of the directory:
getfacl /tmp/acl_test/
It should show the additional permissions for the named user tux
10. View the regular permissions of the /tmp/acl_test/ directory:
y
ls -ld /tmp/acl_test
nl
The + sign signifies that ACLs are set for this file. Note the group permissions – when
O
there is a + sign, the group permissions no longer reflect the permissions of the owning
group but the setting of the ACL mask.
e
te Us
Task 2: Configure Default ACLs for a Directory
1. In the root terminal window, change to the directory acl_test:
bu r
tri ne
cd /tmp/acl_test
2. Create a file:
is rt
touch without_default_acl
D Pa
3. Display the ACL of the new file:
getfacl without_default_acl
ot d
Because there is no default ACL for the parent directory, the new file does not have an
extended ACL either
N an
getfacl /tmp/acl_test/
te
touch with_default_acl
In
Because this file was created after the default ACL of the parent directory was set, the
new file inherited the ACL. It has an entry for the named user tux
SU
80
SUSE Linux Enterprise 12 Administration
Task 3: Delete ACLs
1. In the root terminal window, remove the ACL:
setfacl -x u:tux with_default_acl
2. Display the ACL again:
getfacl with_default_acl
The ACL for the user tux has been removed. If there were ACLs for other users, they
would remain unaffected
y
nl
3. Repeat the same for subdirectory:
setfacl -x u:tux subdirectory
O
getfacl subdirectory
e
The ACL for the user tux has been removed. The default ACLs remained unaffected
te Us
4. View the file attributes of with_default_acl:
ls -l with_default_acl
The + sign signifies that there are still extended attributes (such as the mask) set for the
bu r
tri ne
file
5. Remove all ACLs by entering:
is rt
setfacl -b with_default_acl
D Pa
6. Display the ACL again by entering the following commands:
getfacl with_default_acl
ls -l with_default_acl
ot d
Summary:
te
In the first task you created the /tmp/acl_test/ directory as root and set rwx rights
for the owner only. You then set ACLs to allow the tux user to change into that
SE
directory.
In the second task you created a file in the /tmp/acl_test/ directory as root using
SU
touch. Then you changed the default ACLs for the /tmp/acl_test/ directory to give
tux both read and write access to files and directories and created another file in that
directory to compare the different permissions set for the two files.
In the third task of this exercise you practiced removing the ACLs that you have set.
(End of Exercise)
81
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you use the su command to gain root permissions at the command
nl
line.
O
e
Task 1: Use the su Command
te Us
1. Using server1 logged in as tux open a terminal window
2. Try to Start YaST by entering:
bu r
/sbin/yast
tri ne
You should see YaST running in ncurses mode
is rt
3. In the warning dialog press:
D Pa
Enter
You should see that YaST has only a limited set of modules available
4. Quit YaST by pressing:
ot d
ALT + q
N an
id
te
o
yast
8. You should see YaST running in ncurses mode with all modules available
SE
Summary:
In this exercise, you used the su command to gain root permissions at the command
line.
82
SUSE Linux Enterprise 12 Administration
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
83
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you configure sudo to delegate administrative privileges to a non-root
nl
user.
O
e
Task 1: Configure sudo
te Us
1. Using server1 open a terminal window and if not already logged in as the root user,
enter su – to become root
2. At the shell prompt enter:
bu r
tri ne
visudo
This opens the /etc/sudoers file in the VIM editor
is rt
3. Scroll down to the line that starts with:
D Pa
Defaults targetpw.
4. Comment out the following lines by placing a # at the beginning of the following two
ot d
lines:
N an
tux user account by adding the following line to the end of the file:
In
2. Define a Cmnd_Alias named KPROCS that contains the kill and killall commands by
adding the following line to the end of the file:
SU
84
SUSE Linux Enterprise 12 Administration
5. To save your changes and close the text editor press:
Esc
6. Then enter:
:wq
Task 3: Test the sudo Aliases
1. At the shell prompt (as root), enter:
y
nl
top
O
to start the top process running
2. Open a new terminal window
e
3. At the shell prompt in the new terminal window (as tux), enter:
te Us
sudo killall top
and when prompted, enter tux’s password
bu r
You should see that top is unloaded in the first terminal window
tri ne
4. Close all open windows on the desktop
is rt
Task 4: Grant the Tux User the Ability to Change Users Passwords
D Pa
1. This is a challenge task. You are not given the step-by-step instructions to perform the
task. Rather you must use knowledge previously gained to successfully complete the
task.
ot d
N an
Use the knowledge and skills you have learned in the previous tasks to grant the tux
user the ability to change other users' passwords. tux should be able to change the
password of any user but the root user without having to know their previous password.
D al
rn
Summary:
In
user.
SU
(End of Exercise)
85
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you use PolicyKit to grant the ability to change the system time to a
nl
non-root user.
O
e
Task 1: Try to Use the GNOME Date & Time Tool
te Us
1. Using server1 logged into GNOME as the tux user open the GNOME Control Center
and select Applications > System Tools > Settings
2. To open the Date & Time tool, select Date & Time under System
bu r
tri ne
Note most of the buttons are not active
3. Click the Unlock button at the top right corner in the Date & Time window
is rt
4. You should be presented with an Authenticate window prompting you for the root
D Pa
password
5. Click Cancel to close the Authenticate window and then close the Date & Time
window
ot d
N an
Task 2: Grant the Privilege to Use GNOME Date & Time Tool
1. As user tux open a terminal window and switch to user root (su -)
D al
2. To view the default PolKit settings for the GNOME Date & Time Tool enter the following
rn
command:
less /etc/polkit-1/rules.d/90-default-privs.rules
te
o
org.gnome.controlcenter.datetime.configure yes
7. Save your changes and exit the editor
8. As root execute the following command:
set_polkit_default_privs
9. To view your changes run the following command:
less /etc/polkit-1/rules.d/90-default-privs.rules
10. Search for “org.gnome.controlcenter.datetime.configure”
86
SUSE Linux Enterprise 12 Administration
The privileges should be yes three times
11. To test your changes, do the following:
12. Open the GNOME Control Center by selecting Applications > System Tools >
Settings.
13. Open the Date & Time tool by selecting Date & Time under System
14. Note most of the buttons are active now
Note there is no Unlock button in the top right corner
y
15. Close the Date & Time window
nl
Task 3: Execute a Command as Another User
O
1. Make sure you are logged in a terminal window as user tux
e
2. To try to start YaST, enter:
te Us
/sbin/yast
A warning should appear, that you need root privileges
3. Press Enter to select OK
bu r
4. The YaST dialog lists only a few modules.
tri ne
5. Press:
6. Alt+Q is rt
D Pa
to quit YaST
7. To start YaST as root user, enter:
ot d
pkexec /sbin/yast
N an
Alt+Q
te
o
In
Summary:
SE
In this exercise you used PolicyKit to grant the ability to change the system time to a
non-root user.
SU
(End of Exercise)
87
SUSE Linux Enterprise 12 Administration
9 Software Management
Description:
y
nl
You will manage software.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
88
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you practice gathering information on installed software and installing
nl
software packages.
O
e
Task 1: Get Information on Software Packages
te Us
1. Using sever1 log into GNOME as tux
2. Open a terminal window and become root by entering:
bu r
tri ne
su –
password linux
is rt
3. To find out information on the wget package enter:
D Pa
rpm -qf /usr/bin/wget
Notice that the wget package installed the wget file
ot d
Where can you find information on the wget package? (Notice the location of the
te
o
README files)
Notice that the information includes the install date and a description
In
6. To see what has changed in the files on your hard drive since the wget RPM was
originally installed enter:
SE
rpm -V wget
SU
89
SUSE Linux Enterprise 12 Administration
9. To exit vi press:
Esc
and type:
:wq
You are returned to the command prompt
10. To see what has changed in the files contained in the wget package on your hard drive
y
since the wget RPM was originally installed enter:
nl
rpm -V wget
O
11. The following is displayed:
e
S.5....T c /etc/wgetrc
te Us
12. To view the documentation files for the wget program enter:
rpm -qd wget
bu r
Notice that some of the files are still compressed (*.gz)
tri ne
is rt
Task 2: Install Software with RPM
D Pa
1. Mount the SLES12 SP2 installation medium:
mount -o loop /source/SLE-12-SP2-Server-DVD_x86_642192 /mnt
ot d
gvim
o
In
90
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise, you practiced gathering information on installed software, installing
and removing software packages.
y
nl
(End of Exercise)
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
91
SUSE Linux Enterprise 12 Administration
Description:
y
In this lab you will install and remove software packages using the zypper command
nl
line tool.
O
e
Task 1: Install a Software Package with zypper
te Us
1. Using server1 logged in a terminal windows as root complete the following steps
2. List the available repositories:
bu r
zypper lr
tri ne
Note the number of the repository is 1 (one)
is rt
3. Selectively refresh the metadata for the installation source by entering the following
command:
D Pa
zypper ref 1
4. To search for a single package in the active Installation Sources enter the following
ot d
command:
N an
zypper se gv
Packages that contain the string gv in their name are listed
D al
5. Lets learn some zypper options. To install a package enter the following command:
rn
zypper in gvim
Answer n when prompted to stop the installation
te
o
92
SUSE Linux Enterprise 12 Administration
Task 2: Use zypper to Install a Pattern
1. This is a challenge task. You are not given the step-by-step instructions to perform the
task. Rather you must use knowledge previously gained to successfully complete the
task.
zypper has the ability to install entire patterns as well as single packages. Your task is
to install the Mail and News Server pattern using the zypper command.
y
nl
Summary:
O
In this lab you installed and removed software packages using the zypper command
e
line tool.
te Us
(End of Exercise)
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
93
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you add, remove, and rename software installation sources using the
nl
zypper command.
O
e
Task 1: Add an Installation source with zypper
te Us
1. Using server1 open a terminal prompt and if not already logged in as the root user,
enter su – to become root
2. List your existing installation sources by entering the following command:
bu r
tri ne
zypper lr
3. Add the new installation source by entering the following command:
is rt
D Pa
zypper ar /mnt sles12-sp2
4. List your installation sources again:
ot d
zypper lr
N an
zypper mr -d SLE-12-SP2-Server-DVD_x86_642192
2. Check the original repository is disabled:
SU
zypper lr
3. The package emacs from the only enabled repository:
zypper install emacs
zypper identifies the dependencies installs all required packages
Task 3: Rename an Installation Source with zypper
1. To rename an installation source enter the following command:
94
SUSE Linux Enterprise 12 Administration
zypper nr sles12-sp2 sles12-sp2-new
2. List the installation sources again to see the change:
zypper lr
You should see that the alias for the repository has changed
Task 4: Remove an Installation Source with zypper
y
1. To remove the installation source enter the following command:
nl
zypper rr sles12-sp2-new
O
2. List the installation sources again to see the change:
e
zypper lr
te Us
You should no longer see the repository in the list
3. Enable the original repository:
bu r
zypper mr -e 1
tri ne
4. Check the repository has been enabled:
zypper lr is rt
D Pa
ot d
Summary:
N an
In this exercise, you added, removed, and renamed software installation sources using
the zypper command.
D al
rn
(End of Exercise)
te
o
In
SE
SU
95
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you install and remove software with YaST.
nl
O
Task 1: Install Software Packages with YaST
e
1. On server1 launch the YaST Software Management module:
te Us
Applications > System Tools > YaST > Software > Software Management
2. In the search field at the top left, enter xosview
bu r
Notice that the icon in front of the xosview entry on the right shows an empty box. This
tri ne
indicates that the package is not yet installed
is rt
3. From the list on the right select xosview
D Pa
The icon changes to a green check mark
4. Click Accept to install the xosview package
ot d
Applications > System Tools > YaST > Software > Software Management
SE
96
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise you installed and removed software with YaST.
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
97
SUSE Linux Enterprise 12 Administration
10 Network Administration
Description:
y
nl
You will learn to configure networking manually and using Wicked. You will then
configure the SUSE firewall.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
98
SUSE Linux Enterprise 12 Administration
Description:
The purpose of this exercise is to familiarize you with manually configuring network
y
nl
settings.
O
Task 1: Note the Current Network Configuration
e
te Us
1. Using server1 and if not already logged in as the root user, open a terminal window and
enter su – to become root
2. To test the network connection at the shell prompt enter:
bu r
tri ne
ping 172.17.2.22
You should see that the network connection is working
is rt
3. To exit ping press:
D Pa
Ctrl+C
4. Enter:
ot d
ip address show
N an
5. Under eth0 find the line starting with inet and record the IP address with the subnet
mask displayed in that line:
D al
IP_ADDR: ___________________________
rn
Subnet mask:__________________________
te
6. Enter:
o
ip route show
In
7. Find the line starting with default and record the IP address of the default router:
SE
Router address:__________________________
8. Enter:
SU
99
SUSE Linux Enterprise 12 Administration
3. Select eth0 then click Delete
4. Click OK
5. Close YaST
6. To test the network connection at the shell prompt enter:
ping 172.17.2.22
You should see a message indicating that the network is unreachable
y
7. At the shell prompt enter:
nl
ip address show
O
Note that the state of your eth0 device is DOWN
e
Task 3: Configure the Network Manually
te Us
1. At the shell prompt enter:
ip address add 172.17.2.21/24 brd + dev eth0
bu r
2. To activate the network device enter:
tri ne
ip link set eth0 up
is rt
3. To set the default route enter:
D Pa
ip route add default via 172.17.2.22
4. Verify that the network connection is working again by entering:
ot d
ping 172.17.2.22
N an
D al
Summary:
rn
In this exercise you have manually configured your network using command line tools.
te
o
In
(End of Exercise)
SE
SU
100
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you configure and test a local host name resolution.
nl
O
Task 1: Configure Local Name Resolution
e
1. Using server1 logged in as root open a terminal window
te Us
2. To open /etc/hosts in the vi editor enter:
vi /etc/hosts
bu r
tri ne
3. At the end of the file there should be a line like the following:
172.17.2.21 server1.suse.com server1
is rt
4. Add the following line at the end of the file:
D Pa
172.17.2.22 server2.suse.com server2
5. Save the file and exit vi
ot d
N an
ping server2.suse.com
o
In
Summary:
SU
In this exercise you have manually configured your network using command line tools.
(End of Exercise)
101
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you save your network configuration to a file.
nl
O
Task 1: Save the Network Configuration to a File
e
1. Using server1 open a terminal window and enter su – to become root
te Us
2. In the terminal window enter:
cd /etc/sysconfig/network
bu r
3. Make a copy of the network configuration template by entering:
tri ne
cp ifcfg.template ifcfg-eth0
is rt
4. Open the copied file in a text editor by entering:
D Pa
vi ifcfg-eth0
5. Find the following options, press the Insert and enter the indicated values:
ot d
STARTMODE='auto'
N an
BOOTPROTO='static'
IPADDR='172.17.2.21'
NETMASK=’255.255.255.0’
D al
BROADCAST=’172.17.2.255’
rn
6. Press:
te
Esc
o
:wq
7. View the /etc/sysconfig/network/routes file with less by entering:
SE
less routes
SU
102
SUSE Linux Enterprise 12 Administration
ip address show eth0
ip route show
3. Verify that the network connection is working properly by entering:
ping server1
4. Close all open windows
5. NOTE: If the network configuration doesn’t work properly, use the YaST Network
Settings module to reconfigure the network card with the proper settings recorded
y
earlier in the lab.
nl
O
Summary:
e
te Us
In this exercise you saved your network configuration to a file.
bu r
(End of Exercise)
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
103
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you manage your network interface using wicked.
nl
O
Task 1: Manage Network Configuration with Wicked
e
1. Using server1 open a terminal window and enter su – to become root
te Us
2. To display the status of your network interfaces enter:
systemctl status wicked.service
bu r
tri ne
3. To display the status of your network enter:
systemctl status wickedd.service
is rt
4. To display detailed information about your network interfaces, enter
D Pa
wicked show all
5. To bring down your eth0 interface enter:
ot d
N an
ping 172.17.2.22
In
104
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise you managed your network interface using wicked.
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
105
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you use SuSEfirewall2 to configure a host based firewall.
nl
O
Task 1: Use SuSEfirewall2 to Configure the Firewall
e
1. Using server2 launch the Firewall YaST module:
te Us
YaST > Security and Users > Firewall
2. On the Start-Up screen make sure Enable Firewall Automatic Starting is selected
3. From the list on the left select Interfaces
bu r
tri ne
4. From the list of interfaces on the right select eth0 and click Change
5. On the Zone for Network Interface pop-up window select External Zone from the
is rt
drop-down list and then click OK
D Pa
6. From the list on the left select Allowed Services
7. On the right, from the Allowed Services for Selected Zone drop-down list select
External Zone
ot d
8. If Secure Shell Server is not already in the list of allowed services, from the Service to
N an
Allow drop-down list select Secure Shell Server and then click Add
9. From the Service to Allow drop-down list select NFS Server Service and then click
Add
D al
10. From the Service to Allow drop-down list select Samba Server and then click Add
rn
11. From the Service to Allow drop-down list select VNC and then click Add
te
12. From the Service to Allow drop-down list select xntp Server and then click Add
o
14. Review the Summary screen and then if everything is correct click Finish
15. Open a terminal window and enter su – to become root
SE
17. Press:
Q
to quit less
18. Enter:
iptables -L -nv
to view the filter rules set by SUSEfirewall2
19. Close all open windows
106
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise you used SuSEfirewall2 to configure a host based firewall.
y
(End of Exercise)
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
107
SUSE Linux Enterprise 12 Administration
11 Storage Administration
Description:
y
nl
You will learn to partitions disks, create filesystems, You will then configure disks using
LVM. You will setup a software RAID. You will use the configure and use the features of
O
Btrfs. The last topic will conver configuring and using NFS
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
108
SUSE Linux Enterprise 12 Administration
Description:
In this exercise you create some partitions using YaST.
y
nl
O
Task 1: Manage partitions with YaST
1. Using server1 start YaST. When prompted for authentication, enter the root password
e
2. In the System section click on Partitioner
te Us
3. In the warning dialog, click Yes
4. In the System View panel on the left, click the arrow icon in front of the Hard Disks item
bu r
5. You should see three hard disks, vda, vdb and vdc
tri ne
6. Click on the vdb item in the left System View panel. This disk currently has no
partitions on it
is rt
7. To add a new primary partition, do the following:
D Pa
Click the Add button
8. Make sure that Primary Partition is selected, then click Next
ot d
9. Make sure that Custom Size is selected and enter 2GiB in the Size text box, then click
N an
Next
10. Make sure that Data and ISV Applications is selected, then click Next
11. Make sure that Format partition is selected and the file system is XFS
D al
12. Select Mount partition and for the Mount Point enter:
rn
/data1
13. Click Finish
te
o
14. To add a new extended partition to the same disk, make sure vdb is still select in the
In
16. Make sure that Maximum Size is selected, then click Finish
17. To add a new logical partition click the Add button
SU
18. Make sure that Custom Size is selected and enter 3GiB in the Size text box, then click
Next
19. Make sure that Data and ISV Applications is selected, then click Next
20. Make sure that Format partition is selected and the file system is XFS
21. Select Mount partition and for the Mount Point enter:
/data2
22. Click Finish
23. To add a second logical partition, do the following:
109
SUSE Linux Enterprise 12 Administration
24. Click the Add button
25. Select Maximum Size, then click Next
26. Make sure that Data and ISV Applications is selected, then click Next
27. Make sure that Format partition is selected and the file system is XFS
28. Select Mount partition and for the Mount Point enter:
29. /data3 and click Finish
30. In the Expert Partitioner dialog, click Next
y
31. In the Summary dialog, click Finish
nl
32. Close the YaST dialog
O
Task 2: View the new partitions and filesystems
e
1. Open a terminal window as tux
te Us
2. To view the mounted filesystems enter:
mount
bu r
tri ne
3. At the bottom of the list the following three mounted files systems are listed:
/dev/vdb1 on /data1
is rt
D Pa
/dev/vdb5 on /data2
/dev/vdb6 on /data3
ot d
There can be either a maximum of four primary partitions per disk or three primary
N an
partitions and one extended partition which can contain multiple logical partitions.
4. Change to the root user:
D al
su -
rn
110
SUSE Linux Enterprise 12 Administration
Summary:
In this exercise you create a new primary partition, added a xfs filesystem to it and
configured it to automatically mount on /data1. You then created an extended parition
and put two logical partitions in it, formatted both with the xfs filesystem and mounted
y
nl
them on /data2 and /data3.
O
(End of Exercise)
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
111
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you create a new partition using parted.
nl
O
Task 1: View the Existing Partitions
e
1. Using server2 logged in as tux open a terminal window and su to the root user
te Us
2. List the block devices:
lsblk
bu r
You can see four virtual disk, (vdx) devices
tri ne
3. To start parted and access the first disk enter:
parted /dev/vda
is rt
D Pa
4. To view the existing partitions enter:
print
ot d
quit
D al
parted /dev/vdb
In
mklabel msdos
112
SUSE Linux Enterprise 12 Administration
mkpart primary 0 20%
A warning is displayed about the partition not being aligned for best performance.
Enter:
to cancel
y
nl
5. In a second terminal window as root run the following commands to obtain the
information required to aligned the partition:
O
cat /sys/block/vdb/queue/optimal_io_size
e
cat /sys/block/vdb/alignment_offset
te Us
cat /sys/block/vdb/queue/physical_block_size
bu r
6. The formula:
tri ne
(optimal_io_size + alignment_offset)/physical_block_size
(0 + 512)/512 = 1
is rt
D Pa
7. IMPORTANT Note on alignment: Older disks used 512 byte sectors but newer disks
such as SSD drives use 4k sectors. If a partition is offset by 512b from the start of a disk
ot d
and uses 4k blocks in the files system the file system block does not align with the
N an
underlying 4k sector on the SSD drive. This results in the drive reading two 4k sectors
to retrieve the data from one 4k file system block. The result of this is two disk reads to
D al
access one block in the file system which will lead to degraded performance.
rn
8. To create a new primary partition using 20% of the available space in /dev/vdb enter:
mkpart primary 1 20%
te
o
You can use -1 as end value of a partition if you want the partition to use the whole left
In
print
SU
12. Change the units used to sectors. This is used to both display output and the default
unit used to enter data if not specified):
113
SUSE Linux Enterprise 12 Administration
unit s
13. Print the partition details and compare the units with the previous output:
14. print
Notice the letter s after the Start, End and Size which indicates sectors
15. Before you create a new extended partition you need to check where the free space is:
y
print free
nl
O
16. Use the sector numbers displayed in the previous command to create an extended
partition:
e
mkpart extended <enter-start-sector-of free-space> <end-sector-
te Us
of-free-space>
bu r
tri ne
print free
Notice there is still some free space available.
is rt
18. Create a logical partition within the free space in the extended partition:
D Pa
mkpart logical <start-sector-of -free-space> 30%
19. At the warning message enter:
ot d
I
N an
to ignore.
Note: Upper or lowercase I will work
20. Check the results:
D al
print free
rn
21. Create a second logical partition using 50% of the remaining space in the extended
partition:
te
o
to ignore
24. View the existing partitions enter:
print free
25. Create a final logical partition using all the remaining disk space:
114
SUSE Linux Enterprise 12 Administration
26. At the warning message enter:
Y
27. At the second warning message enter:
I
to ignore
28. View the existing partitions enter:
print free
y
nl
29. change the units to the default:
O
unit compact
e
30. Display the partition details and free space:
te Us
print free
You need the number of the extended partition for the next command
bu r
tri ne
31. To check the alignment of your extended partition enter:
is rt
D Pa
align-check optimal <extended-partition-number>
quit
In
SE
Summary:
SU
In this exercise you created a new primary and extended partitions and checked they
are aligned for best performance. You then changed the default units used by parted
for displaying data and accepting input. Finally three logical partitions were added to
the extended partition. You have not created any filesystems on any of the partitions
you created.
(End of Exercise)
115
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you create a new ext4 file system in an empty partition.
nl
O
Task 1: Create and ext3 File System
e
1. Using server2 logged in as tux open a terminal window use the su - command to
te Us
switch to your root account
2. View the partitions available on /dev/vdb:
parted /dev/vdb print
bu r
tri ne
Notice there are no file systems listed in the partitions
3. Enter the following commands to create a new ext3 file system on /dev/vdb1 and to
is rt
give it the label "data1":
D Pa
mkfs.ext4 -L data1 /dev/vdb1
Make sure you specify the correct device in the above command. If you specify the
wrong device, no warning message will be displayed and the file system on the device
ot d
will be overwritten.
N an
6. Enter the following to create the directory named data1 under /export/:
te
mkdir -p /export/data1
o
ls -l /export
SE
8. As root, add entries to the /etc/fstab file for the new file systems. At the terminal
prompt, enter the following to open the file /etc/fstab in the vi editor:
SU
vi /etc/fstab
9. To open a new line at the bottom of the file enter:
G
o
10. Add the following new lines:
UUID=<UUID_of_vdb1> /export/data1 ext4 defaults 1 2
These new entries ensure the vdb1 partition is mounted when starting or rebooting the
system
116
SUSE Linux Enterprise 12 Administration
11. Save the changes to /etc/fstab by pressing:
Esc
and then entering:
:wq
12. In the terminal window, enter the following to reread the /etc/fstab file and mount all
of the new file systems:
y
nl
mount -a
O
13. Enter the following to view the information about mounted file systems as listed in
/etc/mtab:
e
mount
te Us
14. You should see an entry for the new partition you just created at the end of the output:
/dev/vdb1 on /export/data1 type ext4 (rw,relatime,data=ordered)
bu r
15. Enter to show the kernel's view of mounted file systems:
tri ne
cat /proc/mounts
is rt
16. You should see an entry for the new partition you just created at the end of the output:
D Pa
/dev/vdb1 /export/data1 ext4 rw,relatime,data=ordered 0 0
The mount and umount commands maintain the entries in the /etc/mtab table. The
/etc/mtab table contains more information than /proc/mounts, but may not be as
ot d
up-to-date as the kernel's view. Whenever there is a question about whether a file
N an
Summary:
te
In this task you created an ext4 file system labeled “data1” on vdb1. The partition will
o
(End of Exercise)
SU
117
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you will use the LVM command line commands to create a LVM volume
nl
group and a basic logical volume.
O
e
Task 1: Add partitions to a disk
te Us
1. Logged in as tux on server1 open a terminal window as the root user.
2. List the block devices on server1:
lsblk
bu r
tri ne
Notice /dev/vdc contains no partitions
3. Start YaST and enter the roots password when prompted
is rt
4. Run the Partitioner module and click Yes at the warning
D Pa
5. From the System View select vdc and add the following partitions:
Primary, 10GB, Raw Volume (unformatted)
ot d
lsblk
o
1. Some of the commands in this task will produce more output than can be displayed on
SE
the screen. Remember to pipe the output to less so you can navigate the output.
2. View the current LVM physical volumes on server1:
pvscan
SU
3. Enter the following command to create LVM Physical Volume(s), using the partitions
vdc1, vdc5 and vdc6 created above:
pvcreate /dev/vdc1 /dev/vdc5 /dev/vdc6
4. View the LVM physical volumes:
pvscan
5. View details of the new LVM physical volumes:
pvdisplay
118
SUSE Linux Enterprise 12 Administration
Notice that there is no Volume Group name listed
6. Use the following command to create an LVM Volume Group named vg0 using the
physical volumes you just created:
vgcreate vg0 /dev/vdc1 /dev/vdc5 /dev/vdc6
7. Verify that the volume group was created successfully by entering the following
commands (notice the similarities and differences in their outputs):
vgs
y
vgdisplay
nl
8. To see how the physical volumes created are being used, enter the following commands
(notice the similarities and differences in their outputs):
O
pvs
e
pvdisplay
te Us
Notice the Alloc PE/Size is 0 and the Free PE/Size is approximately 23GB
bu r
tri ne
1. View the current LVM logical volumes, (there are none at present):
lvs
lvdisplay
is rt
D Pa
2. In the terminal window as the root user use the following command to create one
Logical Volume in the vg0 Volume Group:
ot d
3. Verify that the logical volume was created by entering the following commands:
lvs
lvdisplay
D al
1. Enter the following command to create a file system in the lv_basic0 logical volume:
te
o
mkfs.ext4 /dev/vg0/lv_basic0
In
2. Enter the following command to create a mount point for the logical volume and mount
it:
SE
mkdir -p /export/data
mount /dev/vg0/lv_basic0 /export/data
3. To see that the volume successfully mounted, enter the following command:
SU
mount
4. To specify the UUID of the logical volume enter:
blkid /dev/mapper/vg0-lv_basic0
Copy the UUID to the clipboard
5. Open /etc/fstab in an editor of your choice
6. Add the following line at the end of the file:
UUID=<UUID_of_/dev/mapper/vg0-lv_basic0> /export/data ext4
119
SUSE Linux Enterprise 12 Administration
defaults 1 2
and save fstab
7. Unmount /export/data:
umount /export/data
8. To activate the new /etc/fstab configuration, enter:
mount -a
y
9. To check the correct mounting enter:
nl
mount
At the end of the output the logical volume should be listed
O
Task 5: Resize the volumegroup and ext4 file system
e
1. When you created the volume group vg0 you did not use all the available space in the
te Us
three partitions. Check for free space in the volume group:
vgdisplay
bu r
tri ne
Look at the Alloc PE/Size and the Free PE/Size. There is approximately 14GB of free
space in the physical extent (PE)
is rt
2. Check the size of the file system mounted on /export/data:
D Pa
df -h /export/data
ot d
vgdisplay
te
o
df -h /export/data
The size is still approximately 7.8GB
SU
120
SUSE Linux Enterprise 12 Administration
Task 6: Rename an Existing Logical Volume
1. This is a challenge task. You are not given the step-by-step instructions to perform the
task. Rather you must use knowledge previously gained to successfully complete the
task.
2. Logical Volumes can be renamed after they are created. Your task is to rename the
logical volume you just created using only the CLI LVM utilities.
y
nl
Summary:
O
In this exercise you used the LVM command line commands to create a LVM volume
e
group and a basic logical volume. You then configured the volume to mount using the
te Us
UUID when the system starts. You then increased the size of the logical volume and
the ext4 file system.
bu r
tri ne
(End of Exercise)
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
121
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise, you use the mdadm command line utility to create a linear RAID1
nl
array.
O
e
Task 1: Prepare the disks
te Us
1. Using server2 open a terminal as the root user
2. Run YaST → Partitioner
3. Answer Yes to the warning
bu r
tri ne
4. From the System View select vdb. It should contain /dev/vdb1 formatted with ext4 and
three logical partitions in an extended partition.
5. is rt
Click on the Expert button and select:
D Pa
Create New Partition Table
6. Leave the type as MSDOS and click OK
7. At the warning click Yes to remove everything from /dev/vdb
ot d
modprobe md_mod
te
o
/dev/vdd
6. If prompted to “Continue creating array” enter:
7. yes
8. In the other terminal window, you should see the newly created array listed along with
its status and component devices. Depending on the size of the component devices,
you may see that the array is still syncing.
9. Enter the following command to create the mdadm.conf file:
10. mdadm -E -s >> /etc/mdadm.conf
122
SUSE Linux Enterprise 12 Administration
11. To see the content of the /etc/mdadm.conf file enter:
12. less /etc/mdadm.conf
13. Press:
14. q
15. to quit less
16. Enter the following command to ensure that the RAID devices are activated at boot
time:
y
17. systemctl enable dmraid-activation.service
nl
O
Task 2: Mount the RAID Array into the Filesystem
e
1. Enter the following command to create a mount point for the RAID device:
te Us
mkdir /raiddev
2. Enter the following command to create a filesystem on the RAID device:
bu r
mkfs.ext4 /dev/md0
tri ne
3. Enter the following command to mount the array into the filesystem:
mount /dev/md0 /raiddev
is rt
4. Enter the following command to verify that the device is mounted:
D Pa
mount
You should see the device listed as mounted
ot d
N an
Summary:
D al
In this task you created a RAID1 array /dev/md0 that includes two raid devices and
rn
one spare device. You then created the mdadm.conf configuration file. You completed
the task by creating and ext3 file system on the RAID device and mounted it into the
te
o
/raiddev directory.
In
SE
(End of Exercise)
SU
123
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you simulate a failing disk in the RAID. You then add the disk back into
nl
the array as a spare.
O
e
Task 1: Simulate a Failing Disk in the RAID
te Us
1. Using server2 logged in as tux
2. Open a terminal window and switch to the root account:
bu r
su -
tri ne
3. View the current RAID status:
is rt
watch -d cat /proc/mdstat
D Pa
The RAID devices have names such as vdb[0] and vdc[1] and their status [UU]
The first U refers to the first device, indicated by [0], the second U to the second,
indicated by [1]. If a device failed, it would be displayed as [_U] if the first device failed,
ot d
6. In the other terminal window you should see the device you marked faulty is designated
rn
with an underscore instead of a U. You will also see that the spare device became
active and the array began to resync. When the resync is finished you should see the
te
o
status return to UU
In
Note: As both devices were currently working, it does not matter which one you chose,
but if you are dealing with a damaged hard disk, you have to mark the device faulty that
SE
124
SUSE Linux Enterprise 12 Administration
directory
y
2. Enter the following command to add the device back into the array:
nl
mdadm --manage /dev/md0 --add /dev/vdc
O
In the other terminal window you should see the device listed in the array as a spare (S)
3. Enter:
e
ctrl + c
te Us
to stop the raid monitoring
bu r
tri ne
Summary:
In this task you marked /dev/vdc as faulty and removed the failed disk from the RAID
is rt
array. You then wiped the existing superblock of /dev/vdc to remove the existing
D Pa
RAID metadata. Then you will added a new /dev/vdc hard drive to the array.
ot d
N an
(End of Exercise)
D al
rn
te
o
In
SE
SU
125
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you convert an existing directory into a BtrFS subvolume.
nl
O
Task 1: Create some free space for a BtrFS filesystem
e
1. Using server1 logged is as tux run YaST and enter roots password when prompted
te Us
2. Run the Partitioner and at the warning click Yes
3. In the System View expand Hard Disks and select vdb – it currently has no free space
on it
bu r
tri ne
4. Remove /dev/vdb5 and /dev/vdb6:
From the right select /dev/vdb6 and click Delete
is rt
5. At the warning click Unmount
D Pa
6. At the Really Delete warning click Yes
7. From the right select /dev/vdb5 and click Delete
8. At the warning click Unmount
ot d
5. Click Next
6. For the Role leave Data and ISV Applications selected and click Next
SU
7. Under the Formatting Options for the File System select BtrFS
8. Under the Mounting Options select Mount partition and for the mount point enter:
/mybtrfs
9. Click Finish → Next → Finish
10. Close YaST
126
SUSE Linux Enterprise 12 Administration
11. Check the filesystem is mounted:
mount
Summary:
In this task you created a new BtrFS filesystem and mounted it on /mybtrfs.
y
nl
O
(End of Exercise)
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
127
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you convert an existing directory into a BtrFS subvolume.
nl
O
Task 1: Convert an Existing Directory into a Subvolume
e
1. Using server1 in a terminal window as root create an example directory. To create a
te Us
new directory, enter:
mkdir /btrfssubvol
bu r
2. To create some content for the data directory, enter
tri ne
cp /bin/* /btrfssubvol
3. Open a terminal window and enter the following command to list the existing
is rt
subvolumes in /:
D Pa
btrfs subvolume list /
You may have to scroll back to view the subvolumes that are not snapshots
ot d
4. Enter the following command to view the contents of the /btrfssubvol directory:
N an
ls -l /btrfssubvol
5. Enter the following command to convert an existing directory into a subvolume:
D al
mv /btrfssubvol /mybtrfs-orig
btrfs subvolume create /btrfssubvol
rn
cp -a /mybtrfs-orig/. /btrfssubvol/
te
o
rm -r /mybtrfs-orig
In
7. You should see the same contents in the /btrfssubvol subvolume as was in the
original /btrfssubvol directory.
SU
128
SUSE Linux Enterprise 12 Administration
Summary:
In this task you created a new directory /btrfssubvol and copied the content of the
/bin directory into it. This directory was then converted into a BtrFS subvolume.
y
nl
(End of Exercise)
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
129
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you will work with BtrFS.
nl
O
Task 1: Work with BtrFS
e
1. Log in to server1 as tux, open a terminal window as root
te Us
2. Enter:
mount
bu r
Notice that /dev/vda2 appears to be mounted many times, but with different mount
tri ne
points
3. List the subvolumes of the root filesystem:
is rt
btrfs subvolume list /
D Pa
The output will look similar to that below:
ot d
5. Look at the output from the command on your system and see how the subvolumes are
linked together.
6. View the /etc/fstab file:
cat /etc/fstab
Look for the subvol= in the options column
7. View how file systems are mounted by systemd mount units:
systemctl list-units --type mount
8. Create a new subvolume using YaST
130
SUSE Linux Enterprise 12 Administration
Start YaST and enter the root users password when prompted
9. Select System > Partitioner. In the Warning dialog, select Yes
10. In the left pane, select Btrfs
11. In the right pane, select /dev/vda2
12. Click Edit
13. In the Edit Btrfs dialog, click Subvolume Handling
14. In the New Subvolume field, type
y
@/data2
nl
and click Add new, then click OK
O
15. In the Edit Btrfs dialog, click Finish
16. In the Expert Partitioner dialog, click Next, review the Summary and click Finish
e
17. Close YaST
te Us
18. View the content of the / directory:
ls /
bu r
As a subvolume appears as a directory in the filesystem, the /data2 directory exists
tri ne
19. Create a file in /root and try to create a hardlink to /data2/mytest-link:
is rt
touch /root/mytestfile
D Pa
ln /root/mytestfile /data2/mytest-link
Despite the fact that /root and /data2 reside on the same harddisk partition, the
creation of the link fails because hardlinks cannot cross subvolumes
ot d
20. To mount the new subvolume automatically even after a system rollback, open the
N an
/etc/fstab file in vi, copy the line that mounts the /var/tmp subvolume, paste it
and edit it so it looks similar to this:
D al
mount -a
o
In
131
SUSE Linux Enterprise 12 Administration
27. Compare the content of /data2 and /data2-snapshot
ls /data2
ls /data2-snapshot
You should see the newfile file in both directories
28. Remove the file just created:
rm /data2/newfile
29. Compare the content of /data2 and /data2-snapshot again:
y
nl
ls /data2
ls /data2-snapshot
O
You should see the newfile file in the /data2-snapshot directory only.
e
Deleting a file does not free any disk space as long as there is a snapshot of that
te Us
subvolume. This is a reason why you need to allocate more hard disk space with BtrFS
when using snapshots than you would need with ext3, for instance
30. Remove the snapshot:
bu r
btrfs subvolume delete /data2-snapshot
tri ne
31. To amplify the fact mentioned in the note above, enter the following:
is rt
Note that it can sometimes take a few moments for the utilization values to become
updated, so you may have to wait and enter the btrfs commands again to see the
D Pa
effects.
df -h
ot d
btrfs filesystem df /
btrfs filesystem usage /
D al
32. Create a big file and compare the new “used” values to those from the above step:
dd if=/dev/urandom of=/data2/bigfile bs=1M count=250
rn
df -h
te
o
btrfs filesystem df /
btrfs filesystem usage /
SE
ls -l /data2
ls -l /data2-snapshot
34. Remove /data2/bigfile and compare again:
rm /data2/bigfile
df -h
btrfs filesystem show /
btrfs filesystem df /
132
SUSE Linux Enterprise 12 Administration
Note that the “used” values have not significantly changed compared to the call of the
commands in the previous step, despite the fact that you deleted a 250 MB file.
btrfs filesystem usage /
35. Remove the /data2-snapshot subvolume and compare again:
btrfs subvolume delete /data2-snapshot
df -h
btrfs filesystem show /
y
btrfs filesystem df /
nl
btrfs filesystem usage /
O
36. To observe ref-linked copies and how they influence disk space utilization and the
values displayed by various utilities, do the following:
e
Note that it can sometimes take a few moments for the utilization values to become
te Us
updated, so you may have to wait and enter the btrfs commands again to see the
effects.
bu r
df -h / ; btrfs filesystem show /
tri ne
btrfs filesystem df / ; btrfs filesystem usage /
37. Create a file with a size of 250 MB and compare the new “used” values to those from
the above step: is rt
D Pa
dd if=/dev/urandom of=/data2/bigfile bs=1M count=250
df -h / ; btrfs filesystem show /
ot d
38. Create a ref-linked copy of the file and compare the values again:
cp --reflink=always /data2/bigfile /data2/reflinkedcopy
df -h / ; btrfs filesystem show /
D al
39. Remove the original file and check the values again:
te
rm /data2/bigfile
o
40. Remove the /data2/reflinkedcopy file and check the values again:
rm /data2/reflinkedcopy
SU
133
SUSE Linux Enterprise 12 Administration
BtrFS and mount it on /btrfs
3. Create two subvolumes, subvol1 and subvol2 on /btrfs:
btrfs subvolume create /btrfs/subvol1
btrfs subvolume create /btrfs/subvol2
4. Create a few files in /btrfs and the subvolumes:
touch /btrfs/btrfsmain.txt
y
touch /btrfs/subvol1/fileinsubvol1.txt
nl
touch /btrfs/subvol2/fileinsubvol2.txt
O
5. List the currently available subvolumes in /btrfs:
btrfs subvolume list /btrfs
e
6. Unmount /btrfs:
te Us
umount /btrfs
7. Make subvol1 the default subvolume instead of the current root volume:
bu r
tri ne
mount /dev/vdb6 /btrfs
btrfs subvolume list /btrfs
is rt
Note the ID of subvol1
D Pa
8. Make subvol1 the default subvolume:
btrfs subvolume set-default <ID> /btrfs
ot d
umount /btrfs
N an
ls -l /btrfs
rn
umount /btrfs
12. Make sure to not add any subvol= option:
mount /dev/vdb6 /btrfs
ls -l /btrfs
You should see the subvolumes again and btrfsmain.txt
Summary:
134
SUSE Linux Enterprise 12 Administration
In this lab you viewed BtrFS subvolume information including disk space. You then
created a snapshot. Finally you changed the default so a snapshot volume was
mounted.
(End of Exercise)
y
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
135
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you will perform an in-place migration from ext4 to BtrFS and perform
nl
maintenance tasks.
O
e
Task 1: Convert an ext4 Filesystem to BtrFS
te Us
1. Log in to server1 as tux, open a terminal window as root
2. Using YaST, create an additional partition on /dev/vdb using the following details:
Use all the available space (approximately 1GB)
bu r
tri ne
For the Role select: Data and ISV Applications
Format: ext4
is rt
Mount point: /toconvert
D Pa
3. Create a few directories and files within the filesystem:
mkdir /toconvert/dir-{a,b,c}
ot d
touch /toconvert/dir-{a,b,c}/file{a,b,c}
N an
136
SUSE Linux Enterprise 12 Administration
file /toconvert/ext2_saved/image
13. (Conditional)You can mount (and unmount) this image:
mount -o loop /toconvert/ext2_saved/image /mnt
mount
14. (Filesystem: ext4)
ls /mnt
y
umount /mnt
nl
15. (Conditional) You can also mount (and unmount) the subvolume:
O
mount -o subvol=ext2_saved /dev/vdb7 /mnt
mount
e
te Us
16. (Filesystem: btrfs)
ls /mnt
umount /mnt
bu r
tri ne
17. Create a few more files:
is rt
mkdir /toconvert/dir-{d,e,f}
touch /toconvert/dir-{d,e,f}/btrfsfile
D Pa
18. Check the files exist:
ls -al /toconvert/dir-d/
ot d
umount /toconvert
btrfs-convert -r /dev/vdb7
D al
mount
In
Note that the directories you created on the BtrFS are gone, only those created initially
on the ext4 file system are there
23. Unmount the filesystem:
umount /toconvert
137
SUSE Linux Enterprise 12 Administration
to root in both of them
2. In one of the terminals, enter
watch btrfs scrub status /
3. Switch to the other terminal window and enter:
btrfs scrub start /
The watch at the first prompt will show the scrubbing progress
4. In the terminal running watch press Ctrl+c to end the watch process
y
nl
5. Defragment the filesystem recursively, starting from /:
btrfs filesystem defragment -r /
O
6. Review the content of the btrfsmaintenance package:
e
rpm -ql btrfsmaintenance
te Us
7. Review the parameters that can be set in /etc/sysconfig/btrfsmaintenance:
less /etc/sysconfig/btrfsmaintenance
8. In one of the terminals, enter :
bu r
tri ne
watch btrfs balance status /
For now the output will just be “No balance found on /”
9. is rt
In the other terminal, start a BtrFS tree balance:
D Pa
btrfs balance start /
It takes some time for the prompt to return with a message of how many chunks were
relocated. Leave the balance running
ot d
N an
Summary:
D al
In this lab you converted a ext4 fileystem to btrfs. You then converted from BtrFS to
rn
ext4 proving you can reverse the conversion. You then performed some basic BtrFS
te
maintenance.
o
In
(End of Exercise)
SE
SU
138
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you will configure server1 to export directories using NFSv4 and use
nl
server2 as a client to import them.
O
e
Task 1: Setup and NFS Server
te Us
1. On server1, as the tux user, open a terminal window and switch to root using the su -
command (password linux)
2. Create the /export/documentation/ directory:
bu r
tri ne
mkdir -p /export/documentation
setfacl -m g:users:rwx /export/documentation
is rt
setfacl -d -m g:users:rwx /export/documentation
D Pa
3. Copy some files into the documentation directory:
cd /export/documentation
ot d
cp /usr/share/doc/manual/sles-admin_en-pdf/* .
N an
5. In the NFS Server Configuration dialog, in the NFS Server pane make sure the radio
button has Start selected
rn
6. Make sure that the Enable NFSv4 check box is enabled, change the NFSv4 domain
name to suse.com and click Next
te
o
7. Now you will add the /export/documentation/ directory to the list of directories:
In
12. Change the preset values to match the following, then select OK
Hosts Wild Card: *
Options: rw,root_squash,sync,no_subtree_check
(make sure you replace “ro” with “rw”)
When completed click OK
The directory is added to the list
13. Repeat the above step to export the /home directory
14. Save the changes to the system by selecting Finish
139
SUSE Linux Enterprise 12 Administration
15. At the terminal window, verify that the file system was exported:
showmount -e localhost
16. View the entry made by YaST to the /etc/exports file
cat /etc/exports
You should see the settings you entered in YaST
y
Task 2: Setup and NFS Client
nl
1. On server2, as the tux user, open a terminal window and switch to root using the su -
O
command (password linux)
2. Create the /import/ directory:
e
mkdir /import
te Us
3. Start the NFS Client Configuration from the terminal window:
yast2 nfs &
bu r
The NFS Client Configuration dialog appears
tri ne
4. Select the NFS Shares tab and click Add
5. Enter the following values, then click OK
is rt
NFS Server Hostname: server1.suse.com
D Pa
Remote Directory: /export/documentation
NFSv4 Share: select
ot d
Options: defaults
and click OK
6. Select the NFS Settings tab, make sure that the Enable NFSv4 check box is enabled
D al
and change:
rn
ls /import/docs
8. Find out if tux can write to the directory (in a terminal as tux user):
SE
touch /import/docs/file
9. View the /etc/fstab file:
SU
cat /etc/fstab
10. From a terminal as root mount the pseudo root directory from server1 to /mnt:
mount server1.suse.com:/ /mnt
11. Have a look at the content of /mnt:
ls /mnt
You can see export, home and source
12. Unmount /mnt again:
140
SUSE Linux Enterprise 12 Administration
umount /mnt
Summary:
In this lab you configured two directories to be exported from server1. You also
configured extended ACL on the exported folders. You then imported to documentation
y
nfs export into server2 and tested tux’s permissions to the nfs share.
nl
O
(End of Exercise)
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
141
SUSE Linux Enterprise 12 Administration
Description:
y
nl
You will configure time synchronization with NTP. You will then configure logging.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
142
SUSE Linux Enterprise 12 Administration
Description:
In this exercise you use the YaST NTP Configuration module to configure an NTP
y
nl
server. Note: In the classroom server2 has no internet access so the connection to the
public ntp server will fail.
O
e
Task 1: Configure the NTP Server
te Us
1. Using server2 launch YaST:
YaST > System > Time and Date
bu r
tri ne
2. Click on Other Settings
3. Select Synchronize with NTP Server and select any public NTP server from the NTP
is rt
Server Address list.
D Pa
4. Click Synchronize now
Note: You will receive an error because the virtual machine does not have internet
access
ot d
Summary:
SE
In this exercise you used the YaST NTP Configuration module to configure an NTP
server. Note: In the classroom server2 has no internet access so the connection to the
SU
(End of Exercise)
143
SUSE Linux Enterprise 12 Administration
Description:
y
In this exercise you practice configuring rsyslog and logrotate.
nl
O
Task 1: Modify the rsyslog Configuration
e
1. Using server1 as the tux user open a terminal window and switch to root:
te Us
su -
2. In the text editor of you choice, open the /etc/rsyslog.conf file
bu r
tri ne
3. Add the following lines at the bottom of the file to create entries for the messages you
want to log:
local4.=debug is rt -/var/log/local4.debug
D Pa
local4.=info -/var/log/local4.info
local4.* -/var/log/local4
Save the changes and close the editor
ot d
su –
rn
to become root
6. Now lets check the configuration by logging an entry to the info level in the local4
te
o
facility. Enter the following in one of your terminal sessions to monitor the activity of the
log file:
In
tail -F /var/log/local4.info
SE
You will see a warning regarding the fact that the file does not yet exist. You can
disregard this error as the file will be created when you complete the next step.
7. In the other terminal window, log an entry to the info level in the local4 facility by
SU
entering:
logger -p local4.info "Info message 1"
Check the results in the second terminal window
The message should also be logged in the /var/log/local4 file and, because of
other entries in /etc/rsyslog.conf, in /var/log/localmessages
8. In the terminal window where the log activity is being monitored with tail, stop the
monitoring by pressing:
Ctrl+c
144
SUSE Linux Enterprise 12 Administration
9. Repeat this process for the debug log level by using the following command in the first
terminal window:
tail -F /var/log/local4.debug
10. Use the following command in the second terminal window:
logger -p local4.debug “Debug Info message 2”
Only those level4 log files with entries will be compressed during log rotation in Task II
of this exercise.
y
11. In the terminal window where the log activity is being monitored with tail, stop the
nl
monitoring by pressing:
O
Ctrl+c
e
Task 2: Configure logrotate
te Us
1. Using server1 at the shell prompt as the root user, in the text editor of your choice,
open:
bu r
/etc/logrotate.d/local4
tri ne
2. Add the following content to the file making sure the directories in the first line are
separated with spaces:
is rt
D Pa
/var/log/local4.debug /var/log/local4.info /var/log/local4
{
compress
ot d
dateext
N an
maxage 1
rotate 5
size 20
D al
postrotate
rn
}
In
145
SUSE Linux Enterprise 12 Administration
local4.info will be local4.info-20141115.xz
8. The .xz extension is used because the command to compress files is set to
/usr/bin/xz in /etc/logrotate.conf
Only those log files with entries are compressed
9. Exit less by entering:
q
10. Check the contents of the local4.info zipped archive:
y
less /var/log/local4.info-<current_date>.xz
nl
11. Press:
O
q
e
to exit the pager program
te Us
12. Log out as root by entering:
exit
13. Return to the GNOME desktop by pressing:
bu r
tri ne
Ctrl+Alt+F7
14. Close all open windows
is rt
D Pa
Summary:
ot d
N an
(End of Exercise)
D al
rn
te
o
In
SE
SU
146
SUSE Linux Enterprise 12 Administration
Description:
y
nl
You wil install and configure SUSE Linux Enterprise 12.
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
147
SUSE Linux Enterprise 12 Administration
Description:
In this exercise, you install a SUSE Linux Enterprise Server 12 system. The instructor
y
will provide the path to the sles12 installation media.
nl
O
e
Task 1: Power on an Empty Virtual Machine
te Us
1. Your instructor will provided the path to the SLES12 SP2 iso required to install SLES12
SP2 on server3
bu r
2. If virt-manager is not running from a terminal session on the KVM host run:
tri ne
virt-manager
3. In virt-manager, select the server3
4. Select:
is rt
D Pa
Open
5. From server3 virtual machines menu click View → Details
ot d
10. From the right select Boot Options and enable booting from the CDROM by checking
o
the box
In
11. With the CDROM selected use the arrows to move it to the top of the list of boot devices
12. Click Apply
SE
148
SUSE Linux Enterprise 12 Administration
the following:
Press F2 for language settings.
Using the arrow keys, select Keyboard from the pop-up menu and press Enter.
Select your keyboard layout and press Enter.
6. In the boot menu, use the arrow keys to select Installation and press Enter.
Wait while Linux is loaded and the YaST Installation module starts.
7. In the License Agreement dialog, select your language and your keyboard layout.
y
NOTE: Although you can select any available language, the exercises in this manual
nl
are written for English US.
O
8. Select I Agree to the License Terms and click Next.
9. To set up the network settings, proceed the following steps:
e
10. In the Network Configuration dialogue make sure the Overview tab is selected and
te Us
make sure your network card is selected then click Edit.
Make sure that Statically Assigned IP Address is selected and enter the following:
IP Address: 172.17.2.23
bu r
tri ne
Subnet Mask: 255.255.255.0
Hostname: server3.digitalairlines.com
Click Next. is rt
D Pa
11. In the Network Settings dialog, select the Hostname/DNS tab and enter the following:
Hostname: server3.
Domain Name: digitalairlines.com
ot d
N an
Click Next.
rn
13. In the Registration dialog select Skip Registration and in the Warining confirmation
dialog select OK → Next
te
15. In the System Role dialogue box leave selection at Default System and click Next
In
17. In the Clock and Time Zone dialog select your time zone and adjust the date and
time to the correct parameters if required
When done, click Next.
SU
149
SUSE Linux Enterprise 12 Administration
19. Confirm the password warning by clicking Yes.
20. In the Installation Settings dialog under Firewall and SSH do the following:
Click open link to the right of the SSH port will be blocked text
Click Install.
21. In the confirmation dialog select Install
22. Wait while the disk is partitioned and the packages are installed
y
23. The machine will reboot and the login dialog will appear
nl
O
Summary:
e
In this exercise, you installed SUSE Linux Enterprise Server on an empty virtual
te Us
machine.
bu r
tri ne
(End of Exercise)
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
150
SUSE Linux Enterprise 12 Administration
Lab Variables:
LAB_VAR_1=______________________________________________________________
LAB_VAR_2=______________________________________________________________
y
LAB_VAR_3=______________________________________________________________
nl
O
e
te Us
bu r
tri ne
is rt
D Pa
ot d
N an
D al
rn
te
o
In
SE
SU
151
SU
SE
In
te
rn
D al
o
N an
ot d
152
D Pa
is rt
tri ne
SUSE Linux Enterprise 12 Administration
bu r
te Us
e
O
nl
y
SU
SE
In
te
rn
D al
o
N an
ot d
153
D Pa
is rt
tri ne
SUSE Linux Enterprise 12 Administration
bu r
te Us
e
O
nl
y