24.8. Networking Services (Topic 1.113) 24.8.1. Objective 1: Configure and Manage inetd, xinetd, and Related Services inetd is the Internet superdaemon; it listens on multiple inbound ports and launches the appropriate child daemon to service the requests. inetd uses TCP wrappers (tcpd) to add access security to services . inetd is configured in /etc/inetd.conf. You can eliminate an inbound service managed by inetd simply by commenting out its declaration in /etc/inetd.conf and restarting or signaling inetd. TCP wrappers allow the administrator to define access rules for hosts. The configuration files are /etc/hosts.allow and /etc/hosts.deny.
24.8.2. Objective 2: Operate and Perform Basic Configuration of Mail Transfer Agent (MTA) Sendmail is a Mail Transfer Agent (MTA). Sendmail is configured in /etc/sendmail.cf. This file is generally regarded as difficult to configure. The "smart host" parameter is used to configure a local Sendmail daemon to transfer mail to a site's official mail system. /etc/aliases is a file that stores aliases for inbound mail addresses; it can redirect mail to one or more users. Whenever /etc/aliases is modified, newaliases must be executed. Each user can forward his own mail using a .forward file, containing the forwarding email address, in his home directory. Outbound mail that is trapped due to a network or other problem will remain queued; it can be examined using the mailq command.
24.8.3. Objective 3: Operate and Perform Basic Configuration of Apache Apache is configured using httpd.conf, srm.conf, and access.conf. On some installations, these may all be combined into httpd.conf. The configuration files contain configuration directives, one per line, consisting of a keyword and an argument list. For example: DocumentRoot /home/httpd/html sets the root directory for HTML files on the system. Apache is typically started at boot time using the system's startup methods.
24.8.4. Objective 4: Properly Manage the NFS and Samba Daemons 24.8.4.1. NFS Traditional Unix file sharing is done with NFS, originally developed by Sun Microsystems. NFS is a client/server package, and any system can hold both roles simultaneously. Exporting (sharing) a local filesystem with NFS is done by including a line in the /etc/exports file, consisting of a directory and list of allowed systems, along with NFS options. For example: /usr (ro) orion.mydomain.com(rw) /home *.mydomain.com(rw) Remote NFS filesystems are mounted using the mount command: # mount -t nfs server1:/home /mnt/server1 NFS is typically started at boot time using the system's startup methods.
24.8.4.2. Samba The Samba suite implements Server Message Block (SMB) protocols used on Microsoft and IBM LANs. smbd handles file and printer sharing and authentication. nmbd implements the WINS service. Samba is configured in /etc/smb.conf. The file consists of sections, each with a series of keyword = value pairs. Samba 2.0 and later comes with a web-based configuration tool called SWAT; it is usually configured to be monitored by inetd.
24.8.5. Objective 5: Set Up and Configure Basic DNS Services 24.8.5.1. The resolver The resolver is a library used by networked applications when a domain name needs to be translated into an IP address. The resolver uses local files, NIS, and DNS to resolve hostnames as directed by /etc/resolv.conf.
24.8.5.2. Domain registration Domain names are assigned through a registration process with one of the domain name registrars on the Internet. The DNS server daemon is named, part of the BIND package. named can be configured to speed up a local system by acting as a nonauthoritative caching-only name server. named is configured using /etc/named.conf. The nslookup, host, and dig utilities can be used to retrieve information from DNS servers. BIND Version 4 and Version 8 have significantly different configuration file formats, although the information contained in the files is similar.
24.8.6. Objective 7: Set Up Secure Shell (OpenSSH) |