RH033读书笔记(16)-Lab 17 Installation and Administration Tools

Lab 17 Installation and Administration Tools

Goal: Become familiar with system configuration tools and successfully install Red Hat Enterprise Linux

Lab Setup: Ensure that a server1 repository is available.

Provide students with boot.iso disk.

Warning: If your system cannot boot from the provided boot.iso CD, you might need to change the boot order in the computer's BIOS; however, please do not change BIOS settings without being instructed to do so.

Sequence 1: Configuring Yum and Installing the Apache Web Server

Scenario: Configure a yum repository and use it to install the Apache Web Server.

Deliverable: The ability to install packages from server1's yum repository and an installed copy of the Apache web server.

Instructions:

1. Before you can use yum to install packages, you will need to tell it the location of a software repository. Such a repository is housed on server1, along with a yum configuration file describing it. Begin by using sudo and wget to download the repository's configuration file into /etc/yum.repos.d/.

[student@stationX ~]$ sudo wget -P /etc/yum.repos.d/ ftp://server1/pub/gls/server1.repo

2. From this point on, you can perform this lab from the command-line or with graphical tools. You only need to perform one of the instruction sets below.

• From a command-line

1). Use sudo to execute the yum package management tool with root privileges.

[student@stationX ~]$ sudo yum install httpd

2). Press y when prompted for confirmation.

• Using Graphical Tools

1). Applications->Add/Remove Software

2). Enter root's password if prompted

3). Click the Search tab

4). In the Search dialog box type "Apache"

5). Check the box next to httpd

6). Click "Apply"

7). Click "Continue" to start the installation.

8). Click "OK" to verify installation and close pirut.

Sequence 2: Create a simple web page

Deliverable: Display a web page in local browser from local web server

Instructions:

1. Use a text editor to create a file called /var/www/html/index.html with the content Welcome to StationX, where X is your station number.

Note that writing to this directory requires root privileges.

2. Start the Apache web server (httpd) and configure it to start automatically when the system boots. This can be done from a command-line or with graphical tools.

• From a command-line:

1). Check to see if the service is already running.

[student@stationX ~]$ sudo /sbin/service httpd status
... output omitted ...

2). If the httpd is not already running, start it.

[student@stationX ~]$ sudo /sbin/service httpd start
Starting httpd: [ OK ]

3). Ensure that httpd starts persistently across reboots.

[student@stationX ~]$ sudo /sbin/chkconfig httpd on

• Using graphical tools:

1). Click System->Administration->Services to start system-config-services.

2). Scroll to the httpd entry in the list at the left of the window and single-click the entry.

3). Note whether the service is running. This should be displayed in the status window in the lower-right.

4). If httpd is not running, click the Start icon.

5). You should be presented with a dialog confirming that httpd is now running. Click OK to dismiss the dialog. Note that the Status window has been updated as well.

6). Ensure that httpd starts persistently across reboots by checking the checkbox to the left of the httpd label.

7). Click the Save icon and close system-config-services.

3. Start the firefox web browser by clicking Applications->Internet->Firefox Web Browser

4. Enter http://stationX, where X is your station number, into the Location bar.

5. You should see the contents of your new document displayed. If you do not, double-check the location and permissions of your index.html file.

6. Have a neighbor attempt to access your web server. This should fail. It is important to remember that the iptables firewall as used by Red Hat Enterprise Linux blocks incoming connections to services other than sshd by default. The next sequence will enable access to httpd through the firewall.

Sequence 3: Secure access to the Apache Web Server

Deliverable: Use the Security Level Configuration menu tool to configure the iptables firewall so the Apache Web server can be accessed on your server.

Instructions:

1. Click System->Administration->Security Level and Firewall to start system-configsecuritylevel.

2. Set the Firewall drop-down to "Enabled", if it is not already.

3. Find and check the entries for WWW (HTTP) and Secure WWW (HTTPS) in the Trusted Services list.

4. Click OK to close system-config-securitylevel.

5. Have your neighbor try to access your web server again. This time it should succeed.

Sequence 4: Shutdown and un-install the Apache Web Server

Scenario: You have decided not to use this system as a web server. Since it is best practice to not run services you do not need, the httpd package will be uninstalled.

Deliverable: The Apache Web Server should no longer be installed on the system

Instructions:

1. First, httpd must be shut down.

• From a command-line:

1). Use the service command to shut the server down.

[student@stationX ~]$ sudo /sbin/service httpd stop
Stopping httpd: [ OK ]

2). Use the chkconfig command to ensure that it does not start on subsequent boots.

[student@stationX ~]$ sudo /sbin/chkconfig httpd off

• Using graphical tools:

1). Run system-config-services by clicking System->Administration->Services.

2). Highlight httpd and click the stop icon.

3). Uncheck the checkbox next to httpd and click the Save icon.

4). Close system-config-services.

2. Now Apache can be un-installed.

• From a command-line:

1). Use yum's remove command to un-install httpd.

[student@stationX ~]$ sudo yum remove httpd
... output omitted ...

Press y if you are prompted for confirmation.

• Using graphical tools:

1). Run pirut by clicking Applications->Add/Remove Software

2). Enter root's password if prompted

3). Click the Search tab

4). In the Search dialog box, Enter Apache. After some searching, a number of packages related to the web server should be displayed.

5). Uncheck the box next to Apache HTTP Server.

6). Click Apply.

7). Click Continue to begin the un-install process.

8). Click OK to close pirut.

• Do not forget to close up the holes you made in the firewall. Start by clicking System->Administration->Security Level and Firewall

• Uncheck the boxes for WWW (HTTPS) and Secure WWW (HTTPS) in the Trusted Services list.

• Click OK to close system-config-securitylevel.

Sequence 5: Installing Red Hat Enterprise Linux in Graphical Mode

Scenario: A new server was just delivered. Before moving it into production, you plan to perform a test installation.

Deliverable: A basic system with only default set of packages, installed from an NFS-based network-installation server.

Instructions:

1. Boot your system from the CD your instructor will provide. This will start Anaconda, the Red Hat Enterprise Linux installer.

2. Press Enter at the boot: prompt.

3. Choose the appropriate language for your region.

4. Choose the appropriate keyboard layout for your region.

5. Choose NFS image for the installation method

6. You will now be prompted to do some network configuration. Select Use dynamic IP configuration (BOOTP/DHCP). Deselect Enable IPv6 support.

7. Enter the following information to configure the installation source:

• NFS Server Name: 192.168.0.254

• Red Hat Enterprise Linux directory: /var/ftp/pub

8. At this point Anaconda (the installer) will retrieve the necessary installation image and probe the system for its monitor and mouse type. When this is completed, you will be presented with a welcome screen.

Click Next.

9. Select Skip entering Installation Number and click Next. Confirm by clicking Skip.

10. Anaconda next checks if Red Hat Enterprise Linux is already installed on this system. If yes, it will offer you the option to perform an Upgrade instead of a fresh installation.

Choose Install Red Hat Enterprise Linux and Click Next.

11. Select Remove linux partitions on selected devices, Create default layout and Review and modify partitioning layout, then click Next.

12. Use the default Boot Loader settings unless the instructor advises otherwise. Do not create a Boot Loader password.

13. Choose DHCP for networking and check the activate on boot checkbox.

14. Set the time zone as appropriate for your location; implement UTC if the instructor suggests it

15. Set the root password to redhat (it is not a good password, but please use it anyway).

16. Use the default set of packages.

17. You should now be at the About to Install screen. Click Next to begin.

18. Track the progress of filesystem formatting by switching to tty5 (Ctrl-Alt-F5 will take you there; Ctrl-Alt-F6 will return you to the installer)

19. After the reboot following the installation, complete the initial set up tool. Create a user account of your choice. Do not register the machine with Red Hat Network. Select No, I prefer to register at a later time followed by No thanks, I"ll connect later. Select Enable Firewall when promtped to configure the firewall. Use the default values for all other settings.

20. Once you have completed the installation and the newly-installed system has booted, log in as root and examine the following:

• /root/install.log

• /var/log/messages

• /var/log/dmesg