Наши партнеры

Книги по Linux (с отзывами читателей)

Библиотека сайта rus-linux.net

Purchase	Copyright © 2002 Paul Sheer. Click here for copying permissions.	Home

Next: D. LINUX Advocacy FAQ Up: rute Previous: B. LPI Certification Cross-Reference Contents

Subsections

C.1 RH020, RH030, RH033, RH120, RH130, and RH133
C.2 RH300
C.3 RH220 (RH253 Part 1)
C.4 RH250 (RH253 Part 2)

C. RedHat Certified Engineer Certification Cross-Reference

RedHat has encouraged a larger number of overlapping courses, some of which contain lighter and more accessible material. They concentrate somewhat on RedHat specific issues that are not always applicable to other distributions. In some areas they expect more knowledge than the LPI, so it is worth at least reviewing RedHat's requirements for purposes of self-evaluation. The information contained in this appendix was gathered from discussions with people who had attended the RedHat courses. This is intended purely for cross-referencing purposes and is possibly outdated. By no means should it be taken as definitive. Visit http://redhat.com/training/rhce/courses/ for the official guide.

For each objective, the relevant chapter or section from this book is referenced in parentheses.

C.1 RH020, RH030, RH033, RH120, RH130, and RH133

These courses are beneath the scope of this book: They cover LINUX from a user and desktop perspective. Although they include administrative tasks, they keep away from technicalities. They often prefer graphical configuration programs to do administrative tasks. One objective of one of these courses is configuring Gnome panel applets; another is learning the pico text editor.

C.2 RH300

This certification seems to be for administrators of non-LINUX systems who want to extend their knowledge. The requirements below lean toward understanding available LINUX alternatives and features, rather than expecting the user to actually configure anything complicated. Note that I abbreviate the RedHat Installation Guide(s) as RHIG. This refers to the install help in the installation program itself or, for RedHat 6.2 systems, the HTML installation guide on the CD. It also refers to the more comprehensive online documentation at http://www.redhat.com/support/manuals/.

Unit 1: Hardware selection and RedHat installation

-: Finding Web docs. Using HOWTOs to locate supported hardware (Chapter 16).
-: Knowledge of supported architectures and SMP support (Chapter 42).
-: Use of kudzu (I do not cover kudzu and recommend that you uninstall it).
-: Hardware concepts--IRQ, PCI, EISA, AGP, and I/O ports (Chapters 3 and 42).
-: isapnp, pciscan (Chapter 42).
-: Concepts of LINUX support for PCMCIA, PS/2, tapes, scanners, USB (Chapter 42).
-: Concepts of serial, parallel, SCSI, IDE, CD-ROM and floppy devices, and their /dev/ listings (Chapter 18).
-: hdparm (hdparm(8)).
-: Concepts of IDE geometry, BIOS limitations (Chapter 19).
-: Disk sector and partition structure. Use of fdisk, cfdisk, and diskdruid (Chapter 19).
-: Creation of a partitioning structure (Chapter 19).
-: Management of swap, native, and foreign partitions during installation (RHIG).
-: Concept of distribution of directories over different partitions (Chapter 19).
-: Configuring lilo on installation (Chapter 31 refers to general use of lilo).
-: BIOS configuration (Chapter 3).
-: Conceptual understanding of different disk images. Creating and booting disk images from their boot.img, bootnet.img, or pcmcia.img (RHIG).
-: Use of the installer to create RAID devices (RHIG).
-: Package selection (RHIG).
-: X video configuration (Chapter 43 and RHIG).

Unit 2: Configuring and administration

-: Using setup, mouseconfig, Xconfigurator, kbdconfig, timeconfig, netconfig, authconfig, sndconfig. (These are higher level interactive utilities than the ones I cover in Chapter 42 and elsewhere. Run each of these commands for a demo.)
-: Understanding /etc/sysconfig/network-scripts/ifcfg-* (Chapter 25).
-: Using netcfg or ifconfig (Chapter 25).
-: Using ifup, ifdown, rp3, usernet, and usernetctl (Chapter 25).
-: Using pnpdump, isapnp and editing /etc/isapnp.conf (Chapter 42).
-: Conceptual understanding of /etc/conf.modules, esd, and kaudioserver (Chapter 42; man pages for same).
-: Using mount, editing /etc/fstab (Chapter 19).
-: Using lpr, lpc, lpq, lprm, printtool and understanding concepts of /etc/printcap (Chapter 21).
-: Virtual consoles concepts: changing in /etc/inittab (Chapter 32).
-: Using useradd, userdel, usermod, and passwd (Chapter 11).
-: Creating accounts manually and with userconf and with linuxconf. (The use of graphical tools is discouraged by this book.)
-: Understanding concepts of the /etc/passwd and /etc/group files and /etc/skel and contents (Chapter 11).
-: Editing bashrc, .bashrc, /etc/profile, /etc/profile.d (Chapter 20).
-: General use of linuxconf. (The use of graphical tools is discouraged by this book.)
-: Using cron, anacron, editing /var/spool/cron/<username> and /etc/crontab. tmpwatch, logrotate, and locate cron jobs.
-: Using syslogd, klogd, /etc/syslog.conf, swatch, logcheck.
-: Understanding and using rpm. Checksums, file listing, forcing, dependencies, querying, verifying querying tags, provides, and requires. FTP and HTTP installs, rpmfind, gnorpm, and kpackage (Chapter 24).
-: Building .src.rpm files. Customizing and rebuilding packages. (See the RPM-HOWTO.)
-: /usr/sbin/up2date. (The use of package is discouraged by this book.)
-: Finding documentation (Chapter 16).

Unit 3: Alternative installation methods

-: Laptops, PCMCIA, cardmanager, and apm. (See the RHIG, PCMCIA-HOWTO and Laptop-HOWTO.)
-: Multiboot systems, boot options, and alternative boot image configuration (Chapter 31).
-: Network installations using netboot.img (RHIG).
-: Serial console installation (RHIG?).
-: Kickstart concepts.

Unit 4: Kernel

-: /proc file system concepts and purpose of various subdirectories (see Section 42.4 and the index entries for /proc/). Tuning parameters with /etc/sysctl.conf (see sysctl.conf(5)).
-: Disk quotas. quota, quotaon, quotaoff, edquota, repquota, quotawarn, quotastats. (Quotas are not covered but are easily learned form the Quota mini-HOWTO.)
-: System startup scripts' initialization sequences. inittab, switching run levels. Conceptual understanding of various /etc/rc.d/ files. SysV scripts, chkconfig, ntsysv, tksysv, ksysv (Chapter 32).
-: Configuring software RAID. Using raidtools to activate and test RAID devices (see the RAID-HOWTO).
-: Modules Management. modprobe, depmod, lsmod, insmod, rmmod commands. kernelcfg. Editing of /etc/conf.modules, aliasing and optioning modules (Chapter 42).
-: Concepts of kernel source, .rpm versions, kernel versioning system. Configuring, compiling and installing kernels (Chapter 42).

Unit 5: Basic network services

-: TCP/IP concepts. inetd. Port concepts and service-port mappings (Chapters 25 and 26).
-: apache, config files, virtual hosts (Chapter 36).
-: sendmail, config files, mailconf, m4 macro concepts (Chapter 30).
-: POP and IMAP concepts (Chapters 29 and 30).
-: named configuration (Chapter 40).
-: FTP configuration. (I did not cover FTP because of the huge number of FTP services available. It is recommended that you try the vsftpd package.)
-: configuration, /etc/rc.d/init.d/netfs (Chapter 28).
-: smbd, file-sharing and print-sharing concepts. Security concepts config file overview. Use of testparam, smbclient, nmblookup, smbmount, Windows authentication concepts (Chapter 39).
-: dhcpd and BOOTP, config files and concepts. Configuration with netcfg, netconfig or linuxconf. using pump (see the DHCP mini-HOWTO).
-: Understanding squid caching and forwarding concepts. (The squid configuration file /etc/squid/squid.conf provides ample documentation for actually setting up squid.)
-: Overview of lpd, mars-nwe, time services, and news services (Chapter 21).

Unit 6: X Window System

-: X client server architecture (Section 43.1).
-: Use of Xconfigurator, xf86config, XF86Setup, and concepts of /etc/X11/XF86Config (Section 43.6.3).
-: Knowledge of various window managers, editing /etc/sysconfig/desktop. Understanding of concepts of different user interfaces: Gnome, KDE. Use of switchdesk (Section 43.3.4).
-: init run level 5 concepts, xdm, kdm, gdm, prefdm alternatives (Section 43.9).
-: xinit, xinitrc concepts. User config files .xsession and .Xclients (see xinit(1), xdm(1), startx(1), and read the scripts under /etc/X11/xinit/ and /etc/X11/xdm).
-: Use of xhost (Section 43.3.5). Security issues. DISPLAY environment variable. Remote displays (Section 43.3.2).
-: xfs concepts (Section 43.12).

Unit 7: Security

-: Use of tcp_wrappers (Chapter 29). User and host based access restrictions. PAM access. Port restriction with ipchains (see the Firewall-HOWTO).
-: PAM concepts. Editing of /etc/pam.d, /etc/security config files. PAM documentation (see /usr/share/doc/pam-0.72/txts/pam.txt).
-: NIS concepts and config files. ypbind, yppasswd ypserv, yppasswdd, makedbm, yppush (see the NIS-HOWTO).
-: LDAP concepts. OpenLDAP package, slapd, ldapd, slurpd, and config files. PAM integration.
-: inetd concepts. Editing of /etc/inetd.conf, interface to tcp_wrappers. Editing of /etc/hosts.allow and /etc/hosts.deny. portmap, tcpdchk, tcpdmatch, twist (see the LDAP-HOWTO).
-: ssh client server and security concepts (Chapters 12 and 44).

Unit 8: Firewalling, routing and clustering, troubleshooting

-: Static and dynamic routing with concepts. /etc/sysconfig/static-routes. Use of linuxconf and netcfg to edit routes. (Use of graphical tools is discouraged by this book.)
-: Forwarding concepts. Concepts of forwarding other protocols: X.25, frame-relay, ISDN, and PPP. (By ``concepts of'' I take it to mean that mere knowledge of these features is sufficient. See also Chapter 41.)
-: ipchains and ruleset concepts. Adding, deleting, listing, flushing rules. Forwarding, masquerading. Protocol-specific kernel modules (see the Firewall-HOWTO).
-: High availability concepts. Concepts of lvs, pulse, nanny, config files, and web-based configuration. Piranha, failover concepts. (A conceptual understanding again.)
-: High performance clustering concepts. Parallel virtual machine for computational research (conceptual understanding only).
-: Troublshooting: Networking (Chapter 25), X (Chapter 43), booting (Chapter 31), DNS (Chapters 27 and 40), authentication (Chapter 11), file system corruption (Section 19.5).
-: mkbootdisk and rescue floppy concepts. Use of the rescue disk environment and available commands (see mkbootdisk(8)).

C.3 RH220 (RH253 Part 1)

RH220 is the networking module. It covers services sparsely, possibly intending that the student learn only the bare bones of what is necessary to configure a service.

Unit 1: DNS

A treatment of


bind

, analogous to Topic 1.13, Obj 5 of LPI (page

). Expects exhaustive understanding of the Domain Name System, an understanding of

SOA

NS


CNAME

PTR

MX

and


HINFO

records, ability to create master domain servers from scratch, caching-only servers, and round-robin load sharing configuration (Chapter 40).

Unit 2: Samba

Overview of SMB services and concepts. Configuring Samba for file and print sharing. Using Samba client tools. Using


linuxconf

and


swat

. Editing


/etc/smb.conf

. Understanding types of shares. Support Wins. Setting authentication method. Using client utilities (Chapter 39).

Unit 3: NIS

Conceptual understanding of NIS. NIS master and slave configure. Use of client utilities. LDAP concepts. OpenLDAP package,


slapd


ldapd


slurpd

, and config files (see the NIS-HOWTO).

Unit 4: Sendmail and procmail

Understanding of mail spooling and transfer. Understanding the purpose of all


sendmail

config files. Editing config file for simple client (i.e., forwarding) configuration. Editing


/etc/sendmail.mc


/etc/mail/virtusertable


/etc/mail/access

. Restricting relays. Viewing log files. Creating simple


.procmail

folder and email redirectors. (Chapter 30. Also see The Sendmail FAQ <http://www.sendmail.org/faq/> as well as


procmail

(1),


procmailrc

(6), and


procmailex

(5).)

Unit 5: Apache

Configuring virtual hosts. Adding MIME types. Manipulating directory access and directory aliasing. Allowing restricting of CGI access. Setting up user and password databases. Understanding important modules (Chapter 36).

Unit 6: `pppd` and DHCP

Setting up a basic


pppd

server. Adding dial-in user accounts. Restricting users. Understanding


dhcpd

and BOOTP config files and concepts. Configuring with


netcfg


netconfig

, or


linuxconf

. Using


pump

. Editing


/etc/dhcpd.conf

. (Chapter 41. See also the DHCP-HOWTO.)

C.4 RH250 (RH253 Part 2)

RH250 is the security module. It goes through basic administration from a security perspective.

Unit 1: Introduction

Understanding security requirements. Basic terminology: hacker, cracker, denial of service, virus, trojan horse, worm. Physical security and security policies (Chapter 44).

Unit 2: Local user security

Understanding user accounts concepts, restricting access based on groups. Editing

pam

config files.


/etc/nologin

; editing


/etc/security/

files. Using console group,

cug

; configuring and using


clobberd

and


sudo

. Checking logins in log files. Using


last

(Chapters 11 and 44).

Unit 3: Files and file system security

Exhaustive treatment of groups and permissions.


chattr

and


lsattr

commands. Use of


find

to locate permission problems. Use of


tmpwatch

. Installation of


tripwire

. Managment of NFS exports for access control (Chapters 14, 28, and 44).

Unit 4: Password security and encryption

Encryption terms: Public/Private Key, GPG, one-way hash, MD5.


xhost


xauth

ssh

concepts and features. Password-cracking concepts (Section 11.3 and Chapter 12).

Unit 5: Process security and monitoring

Use PAM to set resource limits (Section 11.7.5). Monitor process memory usage and CPU consumption;

top


gtop

kpm


xosview


xload


xsysinfo


last

ac


accton


lastcomm

(Chapter 9). Monitor logs with


swatch

(see


swatch

(5) and


swatch

(8)).

Unit 6: Building firewalls


ipchains

and ruleset concepts. Adding, deleting, listing, flushing rules. Forwarding, many-to-one and one-to-one masquerading. Kernels options for firewall support. Static and dynamic routing with concepts (see the Firewall-HOWTO).


/etc/sysconfig/static-routes

. Use of


linuxconf

and


netcfg

to edit routes.


tcp_wrappers

(Chapter 29).

Unit 7: Security tools

Concepts of


nessus

, SAINT, SARA, SATAN. Concepts of


identd

. Use of


sniffit


tcpdump


traceroute


ping -f


ethereal


iptraf


mk-ftp-stats


lurkftp


mrtg


netwatch


webalizer


trafshow

. (These tools may be researched on the web.)

Next: D. LINUX Advocacy FAQ Up: rute Previous: B. LPI Certification Cross-Reference Contents