openSUSE

Reference

Legal Notice

Contents

About This Guide
1. Feedback
2. Additional Documentation
3. Documentation Conventions
4. About the Making of This Manual
5. Source Code
6. Acknowledgments
I. Advanced Deployment Scenarios
1. Remote Installation
1.1. Installation Scenarios for Remote Installation
1.2. Setting Up the Server Holding the Installation Sources
1.3. Preparing the Boot of the Target System
1.4. Booting the Target System for Installation
1.5. Monitoring the Installation Process
2. Advanced Disk Setup
2.1. Using the YaST Partitioner
2.2. LVM Configuration
2.3. Soft RAID Configuration
II. Administration
3. Online Update
3.1. Definition of Terms
3.2. YaST Online Update
3.3. Update from the Command Line with zypper
4. YaST in Text Mode
4.1. Navigation in Modules
4.2. Restriction of Key Combinations
4.3. YaST Command Line Options
5. Updating the System and System Changes
5.1. Updating the System
5.2. Software Changes from Version to Version
6. System Monitoring Utilities
6.1. Debugging
6.2. Files and File Systems
6.3. Hardware Information
6.4. Networking
6.5. The /proc File System
6.6. Processes
6.7. System Information
6.8. User Information
6.9. Time and Date
III. System
7. 32-Bit and 64-Bit Applications in a 64-Bit System Environment
7.1. Runtime Support
7.2. Software Development
7.3. Software Compilation on Biarch Platforms
7.4. Kernel Specifications
8. Booting and Configuring a Linux System
8.1. The Linux Boot Process
8.2. The init Process
8.3. System Configuration via /etc/sysconfig
9. The Boot Loader
9.1. Selecting a Boot Loader
9.2. Booting with GRUB
9.3. Configuring the Boot Loader with YaST
9.4. Uninstalling the Linux Boot Loader
9.5. Creating Boot CDs
9.6. The Graphical SUSE Screen
9.7. Troubleshooting
9.8. For More Information
10. Special System Features
10.1. Information about Special Software Packages
10.2. Virtual Consoles
10.3. Keyboard Mapping
10.4. Language and Country-Specific Settings
11. Dynamic Kernel Device Management with udev
11.1. The /dev Directory
11.2. Kernel uevents and udev
11.3. Drivers, Kernel Modules, and Devices
11.4. Booting and Initial Device Setup
11.5. Monitoring the Running udev Daemon
11.6. Influencing Kernel Device Event Handling with udev Rules
11.7. Persistent Device Naming
11.8. Files used by udev
11.9. For More Information
12. Access Control Lists in Linux
12.1. Traditional File Permissions
12.2. Advantages of ACLs
12.3. Definitions
12.4. Handling ACLs
12.5. ACL Support in Applications
12.6. For More Information
13. Authentication with PAM
13.1. Structure of a PAM Configuration File
13.2. The PAM Configuration of sshd
13.3. Configuring PAM Using pam-config
13.4. For More Information
IV. Services
14. Basic Networking
14.1. IP Addresses and Routing
14.2. IPv6—The Next Generation Internet
14.3. Name Resolution
14.4. Configuring a Network Connection with YaST
14.5. NetworkManager
14.6. Configuring a Network Connection Manually
14.7. smpppd as Dial-up Assistant
15. SLP Services in the Network
15.1. Installation
15.2. Activating SLP
15.3. SLP Front-Ends in openSUSE
15.4. Installation over SLP
15.5. Providing Services via SLP
15.6. For More Information
16. The Domain Name System
16.1. DNS Terminology
16.2. Installation
16.3. Configuration with YaST
16.4. Starting the Name Server BIND
16.5. The Configuration File /etc/named.conf
16.6. Zone Files
16.7. Dynamic Update of Zone Data
16.8. Secure Transactions
16.9. DNS Security
16.10. For More Information
17. DHCP
17.1. Configuring a DHCP Server with YaST
17.2. DHCP Software Packages
17.3. The DHCP Server dhcpd
17.4. For More Information
18. Time Synchronization with NTP
18.1. Configuring an NTP Client with YaST
18.2. Configuring xntp in the Network
18.3. Setting Up a Local Reference Clock
19. Using NIS
19.1. Configuring NIS Servers
19.2. Configuring NIS Clients
20. LDAP—A Directory Service
20.1. LDAP versus NIS
20.2. Structure of an LDAP Directory Tree
20.3. Configuring an LDAP Server with YaST
20.4. Configuring an LDAP Client with YaST
20.5. Configuring LDAP Users and Groups in YaST
20.6. Browsing the LDAP Directory Tree
20.7. Manually Configuring an LDAP Server
20.8. Manually Administering LDAP Data
20.9. For More Information
21. Sharing File Systems with NFS
21.1. Installing the Required Software
21.2. Importing File Systems with YaST
21.3. Importing File Systems Manually
21.4. Exporting File Systems with YaST
21.5. Exporting File Systems Manually
21.6. NFS with Kerberos
21.7. For More Information
22. The Apache HTTP Server
22.1. Quick Start
22.2. Configuring Apache
22.3. Starting and Stopping Apache
22.4. Installing, Activating, and Configuring Modules
22.5. Getting CGI Scripts to Work
22.6. Setting Up a Secure Web Server with SSL
22.7. Avoiding Security Problems
22.8. Troubleshooting
22.9. For More Information
23. Setting up a FTP server with YaST
23.1. Starting the FTP server
23.2. FTP General Settings
23.3. FTP Performance Settings
23.4. Authentication
23.5. Expert Settings
23.6. For more information
V. Mobility
24. Power Management
24.1. Power Saving Functions
24.2. ACPI
24.3. Rest for the Hard Disk
24.4. The powersave Package
25. Wireless Communication
25.1. Wireless LAN
26. Using Tablet PCs
26.1. Installing Tablet PC Packages
26.2. Configuring Your Tablet Device
26.3. Using the Virtual Keyboard
26.4. Rotating Your Display
26.5. Using Gesture Recognition
26.6. Taking Notes and Sketching with the Pen
26.7. Troubleshooting
26.8. For More Information
27. Using the Fingerprint Reader
27.1. Supported Applications and Actions
27.2. Managing Fingerprints with YaST
27.3. Managing Fingerprints with tf-tool
27.4. For More Information
VI. Security
28. Masquerading and Firewalls
28.1. Packet Filtering with iptables
28.2. Masquerading Basics
28.3. Firewalling Basics
28.4. SuSEfirewall2
28.5. For More Information
29. SSH: Secure Network Operations
29.1. The OpenSSH Package
29.2. The ssh Program
29.3. scp—Secure Copy
29.4. sftp—Secure File Transfer
29.5. The SSH Daemon (sshd)—Server-Side
29.6. SSH Authentication Mechanisms
29.7. X, Authentication, and Forwarding Mechanisms
30. Managing X.509 Certification
30.1. The Principles of Digital Certification
30.2. YaST Modules for CA Management
31. Encrypting Partitions and Files
31.1. Setting Up an Encrypted File System with YaST
31.2. Using Encrypted Home Directories
31.3. Using vi to Encrypt Single ASCII Text Files
32. Confining Privileges with AppArmor
32.1. Installing Novell AppArmor
32.2. Enabling and Disabling Novell AppArmor
32.3. Getting Started with Profiling Applications
33. Security and Confidentiality
33.1. Local Security and Network Security
33.2. Some General Security Tips and Tricks
33.3. Using the Central Security Reporting Address
A. An Example Network
B. GNU Licenses
B.1. GNU General Public License
B.2. GNU Free Documentation License

List of Figures

2.1. The YaST Partitioner
2.2. Physical Partitioning versus LVM
2.3. Creating a Volume Group
2.4. Physical Volume Setup
2.5. Logical Volume Management
2.6. Creating Logical Volumes
2.7. RAID Partitions
2.8. File System Settings
3.1. YaST Online Update
4.1. Main Window of YaST in Text Mode
4.2. The Software Installation Module
8.1. System Services (Runlevel)
8.2. System Configuration Using the sysconfig Editor
9.1. Boot Loader Settings
12.1. Minimum ACL: ACL Entries Compared to Permission Bits
12.2. Extended ACL: ACL Entries Compared to Permission Bits
14.1. Simplified Layer Model for TCP/IP
14.2. TCP/IP Ethernet Packet
14.3. Configuring Network Settings
14.4. Modem Configuration
14.5. ISDN Configuration
14.6. ISDN Interface Configuration
14.7. DSL Configuration
16.1. DNS Server Installation: Forwarder Settings
16.2. DNS Server Installation: DNS Zones
16.3. DNS Server Installation: Finish Wizard
16.4. DNS Server: Logging
16.5. DNS Server: Slave Zone Editor
16.6. DNS Server: Zone Editor (NS Records)
16.7. DNS Server: Zone Editor (MX Records)
16.8. DNS Server: Zone Editor (SOA)
17.1. DHCP Server: Card Selection
17.2. DHCP Server: Global Settings
17.3. DHCP Server: Dynamic DHCP
17.4. DHCP Server: Start-Up
17.5. DHCP Server: Host Management
17.6. DHCP Server: Chroot Jail and Declarations
17.7. DHCP Server: Selecting a Declaration Type
17.8. DHCP Server: Configuring Subnets
17.9. DHCP Server: TSIG Configuration
17.10. DHCP Server: Interface Configuration for Dynamic DNS
17.11. DHCP Server: Network Interface and Firewall
18.1. YaST: NTP Configuration
18.2. Advanced NTP Configuration: General Settings
18.3. Advanced NTP Configuration: Security Settings
19.1. NIS Server Setup
19.2. Master Server Setup
19.3. Changing the Directory and Synchronizing Files for a NIS Server
19.4. NIS Server Maps Setup
19.5. Setting Request Permissions for a NIS Server
19.6. Setting Domain and Address of a NIS Server
20.1. Structure of an LDAP Directory
20.2. YaST LDAP Server Configuration
20.3. YaST: Configuration of the LDAP Client
20.4. YaST: Advanced Configuration
20.5. YaST: Module Configuration
20.6. YaST: Configuration of an Object Template
20.7. YaST: Additional LDAP Settings
20.8. Browsing the LDAP Directory Tree
20.9. Browsing the Entry Data
21.1. NFS Client Configuration with YaST
21.2. NFS Server Configuration Tool
21.3. Configuring an NFS Server with YaST
21.4. Exporting Directories with NFSv4
21.5. Exporting Directories with NFSv2 and v3
22.1. HTTP Server Wizard: Default Host
22.2. HTTP Server Wizard: Summary
22.3. HTTP Server Configuration: Listen Ports and Addresses
22.4. HTTP Server Configuration: Server Modules
23.1. FTP Server Configuration — Start-Up
25.1. YaST: Configuring the Wireless Network Card
26.1. xvkbd Virtual Keyboard
26.2. Annotating a PDF with Xournal
26.3. Editing Texts with Dasher
28.1. iptables: A Packet's Possible Paths
28.2. The YaST Firewall Configuration
30.1. YaST CA Module—Basic Data for a Root CA
30.2. YaST CA Module—Using a CA
30.3. Certificates of a CA
30.4. YaST CA Module—Extended Settings

List of Tables

1.1. Installation (Boot) Scenarios Used in This Chapter
8.1. Available Runlevels
8.2. Possible init Script Options
10.1. ulimit: Setting Resources for the User
12.1. ACL Entry Types
12.2. Masking Access Permissions
14.1. Several Protocols in the TCP/IP Protocol Family
14.2. Specific Addresses
14.3. Private IP Address Domains
14.4. Various IPv6 Prefixes
14.5. Manual Network Configuration Scripts
14.6. Parameters for /etc/host.conf
14.7. Databases Available via /etc/nsswitch.conf
14.8. Configuration Options for NSS “Databases
14.9. Some Start-Up Scripts for Network Programs
20.1. Commonly Used Object Classes and Attributes
20.2. User Groups and Their Access Grants
20.3. Types of Access
30.1. X.509v3 Certificate
30.2. X.509 Certificate Revocation List (CRL)
30.3. Passwords during LDAP Export

List of Examples

2.1. /etc/fstab: Partition Data
5.1. List with df -h
8.1. A Minimal INIT INFO Block
10.1. Entry in /etc/crontab
10.2. /etc/crontab: Remove Time Stamp Files
10.3. Example for /etc/logrotate.conf
10.4. ulimit: Settings in ~/.bashrc
11.1. Example udev Rules
13.1. PAM Configuration for sshd
13.2. Default Configuration for the auth Section
13.3. Default Configuration for the account Section
13.4. Default Configuration for the password Section
13.5. Default Configuration for the session Section
14.1. Writing IP Addresses
14.2. Linking IP Addresses to the Netmask
14.3. Sample IPv6 Address
14.4. IPv6 Address Specifying the Prefix Length
14.5. /etc/resolv.conf
14.6. /etc/hosts
14.7. /etc/networks
14.8. /etc/host.conf
14.9. /etc/nsswitch.conf
14.10. Output of the Command ping
14.11. Output of the ifconfig Command
14.12. Output of the route -n Command
16.1. Forwarding Options in named.conf
16.2. A Basic /etc/named.conf
16.3. Entry to Disable Logging
16.4. Zone Entry for example.com
16.5. Zone Entry for example.net
16.6. File /var/lib/named/example.com.zone
16.7. Reverse Lookup
17.1. The Configuration File /etc/dhcpd.conf
17.2. Additions to the Configuration File
20.1. Excerpt from schema.core
20.2. slapd.conf: Include Directive for Schemes
20.3. slapd.conf: pidfile and argsfile
20.4. slapd.conf: Access Control
20.5. slapd.conf: Example for Access Control
20.6. slapd.conf: Database-Specific Directives
20.7. Example for an LDIF File
20.8. ldapadd with example.ldif
20.9. LDIF Data for Tux
20.10. Modified LDIF File tux.ldif
22.1. Variations of Name-Based VirtualHost Entries
22.2. Name-Based VirtualHost Directives
22.3. IP-Based VirtualHost Directives
22.4. Basic VirtualHost Configuration
22.5. VirtualHost CGI Configuration
32.1. Output of aa-unconfined