Network Services

Web Servers. Printing, Directory and Mail Services

SoftUni Team
Technical Trainers
Software University
https://softuni.bg
Have a Question?

sli.do
#LSA-Advanced
facebook.com/groups/
LinuxSystemAdministrationAdvancedApril2022
2
Previous Module (M3)
Quick Overview
What We Covered

1. Samba
2. Network File System
3. iSCSCI
4. GlusterFS

4
Homework Progress
Solutions for M3
Uploaded Solutions could be submitted
60 57
until 23:59:59 on
27.04.2022
50
50

Solutions for M4
40
could be submitted
30
until 23:59:59 on
04.05.2022
20
16

10

0
M1 M2 M3

5
This Module (M4)
Topics
Table of Contents

1. Web Servers
2. Printing Services
3. Directory Services
4. Mail Services

7
Network Services 101
Web Servers
Web Servers

Server software or hardware (or combination) that serves client requests

on the World Wide Web
Network requests are mostly on HTTP/HTTPS and other related protocols

Proprietary:
Apache HTTP
nginx lighttpd IIS, LiteSpeed,
Server
GWS

Different server-side scripting like ASP, PHP, etc. are supported

https://en.wikipedia.org/wiki/Web_server 9
HTTP Requests and Responses

GET POST DELETE HEAD OPTIONS PUT

1xx 2xx 3xx 4xx 5xx

Request received Success Further action Unsatisfiable Server or

(101) (200) needed request environment
(301) (404) failure
(503)

10
Network Services 101
Apache
Apache

Most popular Naming (CentOS)

open source
Web Server Extensible • Package is httpd
via Modules • Service is httpd
• User is httpd
Part of
the LAMP Stack
mod_ssl Naming (Ubuntu)

Site Isolation mod_proxy • Package is apache2

via Virtual Hosts • Service is apache2
• User is www-data
mod_rewrite

https://httpd.apache.org/docs/2.4/ 12
Apache

Files & Folders (CentOS) Files & Folders (Ubuntu) Troubleshooting

Main configuration file Main configuration file • apachectl configtest

/etc/httpd/conf/httpd.conf /etc/apache2/apache2.conf • httpd -t | -S
Modules Modules • joutnalctl -u httpd
/etc/httpd/conf.modules.d/ /etc/apache2/mods-available/
/etc/apache2/mods-enabled/
Virtual hosts Virtual hosts Additional Tools
/etc/httpd/conf.d/ /etc/apache2/sites-available/
/etc/apache2/sites-enabled/ • htpasswd
Logs Logs
/var/log/httpd /var/log/apache2

13
Network Services 101
Nginx
Nginx

Naming (CentOS)
Almost in tie Site Isolation
with Apache via Virtual Hosts • Package is nginx
• Service is nginx
• User is nginx
Considered faster Can work
than Apache as Proxy
Naming (Ubuntu)

• Package is nginx
Part of Can work • Service is nginx
the LEMP Stack as a Load Balancer • User is www-data

https://nginx.org/en/docs/ 15
Nginx

Files & Folders (CentOS) Files & Folders (Ubuntu) Troubleshooting

Main configuration file Main configuration file • nginx -t

/etc/nginx/nginx.conf /etc/nginx/nginx.conf • joutnalctl -u nginx

Virtual hosts Virtual hosts

/etc/nginx/conf.d/ /etc/nginx/sites-available/
/etc/nginx/sites-enabled/

Logs Logs
/var/log/nginx /var/log/nginx

16
Network Services 101
Printing Services
Common UNIX Printing System (CUPS)

Spooler Utilities Service

Collects and Talk to the spooler cups

schedules jobs (send, query,
remove, etc.)

Back End Network Protocol Configuration

Talk to the printers Facilitates /etc/cups/cupsd.conf

communication
(HTTP/IPP)

18
Common UNIX Printing System (CUPS)

GUI Tools, One Printer Every Instance

Web Interface, can have has
and CLI Tools Multiple Instance a Queue

Accept Enable
Print Request Print Queue Printer
Reject Disable

cupsaccept
lp (lpr), lpq, lprm,
cupsreject
cupsctl lpstat, lpoptions,
cupsenable
lpadmin, …
cupsdisable

19
Practice: Network Services 101
Network Services 102
Domain Name System (DNS)
Domain Name System (DNS)

Hierarchical and decentralized naming system for computers, services, or other resources
connected to a network

DNS name server is a DNS name server DNS database is

BIND, DNSMasq,
server that stores the responds with traditionally stored in nslookup, dig,
Unbound, djbDNS,
DNS records for a answers to queries a structured text file, host
PowerDNS
domain against its database the zone file

Four basic types: master, slave, caching-only, and forwarding-only

https://en.wikipedia.org/wiki/Domain_Name_System 22
DNS Record Types

A PTR
SOA TXT
Host address IPv4 Pointer
Start of Authority Descriptive text
(host to address) (address to host)

AAAA
NS MX CNAME
Host address IPv6
Name Server Mail Exchange Canonical name
(Host to address)

23
Berkley Internet Name Domain (BIND)

Ports Files (CentOS) Files (Ubuntu) Tools

53/tcp Packages: bind, bind-utils Packages: bind9, bind9utils named, rndc

53/udp Service: named Service: bind9 named-checkconf
953/tcp Files: /etc/named.conf Files: /etc/bind/named.conf[.*] named-checkzone
/etc/rndc.key /etc/bind/rndc.key
/var/named/ /etc/bind/zones/

24
Network Services 102
Directory Services
Lightweight Directory Services

A directory service is Popular

just a database Usually acts as a
implementations Data is organized in
central repository for
include Microsoft entries. Each entry
login names,
Active Directory, consists of a set of
Lightweight Directory passwords, and other
OpenLDAP, 389 named attributes
Access Protocol account attributes
Directory Server, ect.
(LDAP)

Common attribute names are organization (o), organizational unit (ou), common name (cn), domain
component (dc), etc.

https://ldap.com/ 26
OpenLDAP

slurp runs on the

master and handles
slappasswd is used
slapd is the standard replication to slaves /etc/openldap/slapd.conf
to generate
LDAP server daemon in environments with /etc/openldap/ldap.conf
passwords
multiple OpenLDAP
servers

https://www.openldap.org/ 27
389 Directory Server

Alternative to
OpenLDAP with
Active Directory users Graphical console for
better Multi-master
and groups users, groups, and
documentation, replication
synchronization server management
support and active
development

http://www.port389.org/docs/389ds/documentation.html 28
Kerberos

Ticket-based Used as part of

authentication Microsoft Active krb5.conf klist
system with Directory and kdc.conf kinit
symmetric key Windows kadm5.acl kpasswd
cryptography authentication

https://web.mit.edu/kerberos/ 29
System Security Services Daemon (Sssd)

Provides
Supports
authentication,
Available for both authentication both Service: sssd
account mapping,
Linux and FreeBSD through LDAP and Config file: sssd.conf
credentials caching,
Kerberos
etc.

https://docs.pagure.org/SSSD.sssd/ 30
Network Services 102
FreeIPA
FreeIPA

Identity Policy
Authentication
(machine, user, (host-based access
(or Audit)*
groups, …) control)

389 Directory Server, Kerberos, NTP, DNS, and Dogtag + Both Web and
CLI tools

Best run on Fedora/CentOS/Red Hat. Can be installed on Debian,

Ubuntu, openSUSE, etc.

Offers server and client installation

https://www.freeipa.org/page/Main_Page 32
Practice: Network Services 102
Network Services 103
Mail Services
Mail Components

(Enhanced) Simple
Internet Message
Mail Transfer Post Office Protocol
Access Protocol Sendmail
Protocol or (E)SMTP version 3 or POP3(S)
version 4 or IMAP(S) Exim
Postfix
25 or 587/tcp, 110/tcp, 995/tcp
143/tcp, 993/tcp
465/tcp

Envelope Headers Body

Mail Message

35
 Mail Components
Sender Receiver
Mail User Mail Mail Mail
Agent Transport Transport Delivery
(MUA) Agent Agent Agent
(MTA) (MTA) (MDA)

Mail Access
Mail User Message Agent
Submission
Agent Store (AA)
Agent
(MUA)
(MSA)

Mail User
Agent
(MUA)
36
Postfix

postalias
pickup postcat
master sendmail
Watches for new postconf
Supervisor mailq
messages in the postfix
process newaliases
spool smtp postmap
lmtp postsuper
local
virtual
qmgr /etc/postfix/master.cf
cleanup pipe
Receives /etc/postfix/main.cf
& /var/spool/postfix/
messages and
trivial-rewrite /var/spool/mail/
sends them
/var/log/maillog | mail.log

http://www.postfix.org/documentation.html 37
Dovecot

Supports both
Secure and Supports both Supports both
mbox and
scalable IMAP and POP3 Postfix and Exim
Maildir formats

https://doc.dovecot.org/ 38
Practice: Network Services 103
Questions?

© SoftUni – https://about.softuni.bg. Copyrighted document. Unauthorized copy, reproduction or use is not permitted.
SoftUni Diamond Partners
Educational Partners

42
License

 This course (slides, examples, demos, exercises, homework,

documents, videos and other assets) is copyrighted content
 Unauthorized copy, reproduction or use is illegal
 © SoftUni – https://about.softuni.bg
 © Software University – https://softuni.bg

43
Trainings @ Software University (SoftUni)
 Software University – High-Quality Education,
Profession and Job for Software Developers
 softuni.bg, about.softuni.bg
 Software University Foundation
 softuni.foundation
 Software University @ Facebook
 facebook.com/SoftwareUniversity
 Software University Forums
 forum.softuni.bg
 4