Red Hat Linux 7.1

The Official Red Hat Linux Reference Guide

Red Hat, Inc.
2600 Meridian Parkway
Durham, NC 27713
Phone: +1 919 547 0012
Phone: 888 733 4281
Fax: +1 919 547 0024
PO Box 13588
Research Triangle Park, NC 27709

Table of Contents
Finding Appropriate Documentation
Documentation For First-Time Linux Users
For the More Experienced
Documentation for Linux Gurus
Document Conventions
Using the Mouse
Copying and Pasting Text With X
More to Come
We Need Feedback!
Sign Up for Support
I. System-Related Reference
1. Filesystem Structure
Why Share a Common Structure?
Overview of Filesystem Hierarchy Standard (FHS)
/proc and Its "Files"
Special Red Hat Linux File Locations
2. Users and Groups
Tools for User and Group Administration
Standard Users
Standard Groups
User Private Groups
3. Boot Process, Init, and Shutdown
Behind the Scenes of the Boot Process
Sysconfig Information
Init Runlevels
Initscript Utilities
Running Programs at Boot Time
Shutting Down
Differences in the Boot Process of Other Architectures
4. Lightweight Directory Access Protocol (LDAP)
What is LDAP?
Pros and Cons of LDAP
Uses for LDAP
LDAP Terminology
OpenLDAP 2.0 Enhancements
OpenLDAP Files
OpenLDAP Daemons and Utilities
Modules for Adding Extra Functionality to LDAP
LDAP How To: A Quick Overview
Configuring Your System to Authenticate Using OpenLDAP
Additional Resources
5. Credit Card Verification System (CCVS) Basics
Uses for CCVS
The Credit Card Verification Process
What You'll Need to Run CCVS
Installing CCVS
Before You Configure CCVS
Configuring CCVS
Multiple Merchant Accounts
Starting CCVS
Special Language Considerations
Support for CCVS
Additional Resources
6. Sendmail
Introduction to Sendmail
The Default Sendmail Installation
Common Configuration Changes
Stopping Spam
Using Sendmail with LDAP
Additional Resources
II. Security-Related Reference
7. Red Hat Security Primer
The Inescapable Security Dilemma
Active vs. Passive Approaches
Developing Security Policies
Beyond Protecting Root
The Importance of Secure Passwords
Network Security
Additional Resources
8. Pluggable Authentication Modules (PAM)
Advantages of PAM
PAM Configuration Files
Shadow Passwords
Using rlogin, rsh, and rexec with PAM
Additional Resources
9. Using Kerberos 5 on Red Hat Linux
Why Use Kerberos?
Why Not Use Kerberos?
Kerberos Terminology
How Kerberos Works
Setting Up a Kerberos 5 Server on Red Hat Linux 7.1
Setting Up a Kerberos 5 Client on Red Hat Linux 7.1
Kerberos and Pluggable Authentication Modules (PAM)
Additional Resources
10. Installing and Configuring Tripwire
How to Use Tripwire
Installation Instructions
File Locations
Tripwire Components
Modifying the Policy File
Selecting Passphrases
Initializing the Database
Running an Integrity Check
Printing Reports
Updating the Database after an Integrity Check
Updating the Policy File
Tripwire and Email
Additional Resources
11. SSH Protocol
Event Sequence of an SSH Connection
Layers of SSH Security
OpenSSH Configuration Files
More Than a Secure Shell
Requiring SSH for Remote Connections
12. Controlling Access and Privileges
Shadow Utilities
Configuring Console Access
The floppy Group
III. Apache-Related Reference
13. Using Apache as a Secure Web Server
An Overview of Security-Related Packages
How to Install the Secure Server
Installing the Secure Server with Red Hat Linux
Upgrading from a Previous Version of Red Hat Linux
Installing the Secure Server After Red Hat Linux
Upgrading from a Previous Version of Apache
An Overview of Certificates and Security
Using Pre-Existing Keys and Certificates
Types of Certificates
Generating a Key
Generating a Certificate Request to Send to a CA
Creating a Self-Signed Certificate
Testing Your Certificate
Accessing Your Secure Server
Additional Resources
14. Apache Directives and Modules
Starting and Stopping httpd
Configuration Directives in httpd.conf
Adding Modules to Your Server
Using Virtual Hosts
IV. Appendixes
A. General Parameters and Modules
Specifying Module Parameters
CD-ROM Module Parameters
SCSI parameters
Ethernet parameters
B. An Introduction to Disk Partitions
Hard Disk Basic Concepts
C. Driver Disks
Why Do I Need a Driver Disk?
D. RAID (Redundant Array of Independent Disks)
What is RAID?
E. PowerTools
What are PowerTools?
PowerTools Packages
Installing PowerTools Packages
Uninstalling PowerTools