Lesson 2

Welcome to Configuring Linux Components. This course introduces you to the system administration capabilities of Red Hat Linux and teaches you to use them to ensure system configuration and security. This course prepares you to perform system administration tasks such as

1. installing,
2. configuring, and
3. troubleshooting Red Hat Linux.

workstations and systems.

1. After completing the course, you will be able to:
2. Configure and compile the Linux kernel
3. Protect yourself against data loss
4. Partition filesystems appropriately
5. Administer local filesystems
6. Administer, configure, and maintain system and kernel logs
7. Use troubleshooting techniques to recognize and solve problems

• The Red Hat Series: Configure Linux Components is the third in the Red Hat Linux System Administration Series.
• Series Features: The following features are included in this series to better prepare you to apply your skills in a real-world environment.

Ensuring system configuration and security in Red Hat Enterprise Linux (RHEL) involves a variety of tasks that a system administrator must regularly perform. Here's a comprehensive guide:

1. User and Group Management:
   • Add/Remove Users:

     		 sudo useradd username
     		 sudo userdel username
     		 

   • Add/Remove Groups:

     		 sudo groupadd groupname
     		 sudo groupdel groupname
     		 

   • Modify User Accounts:

     	sudo usermod -aG groupname username  # Add user to a group
     	sudo passwd username  # Change user password
     	

2. File System Security:
   • Set File Permissions:

     		 chmod 755 file_or_directory
     		 chmod 644 file
     		 

   • Set File Ownership:

     		 chown user:group file_or_directory
     		 

3. Network Security:
   • Configure Firewall:

     		sudo firewall-cmd --permanent --add-port=80/tcp  # Allow HTTP
     		sudo firewall-cmd --reload  # Apply changes
     		

   • SELinux Configuration:
     Check Status:

     		sestatus
     		

   • Set to Enforcing/Permissive:

     		sudo setenforce 1  # Enforcing
     		sudo setenforce 0  # Permissive
     		

   • Modify SELinux Config:
     Edit `/etc/selinux/config` and set `SELINUX=enforcing` or `SELINUX=permissive`.
4. System Updates and Patching
   • Update Package List:

     	sudo yum check-update
     	

   • Install Updates:

     	sudo yum update
     	

5. Monitoring and Logs:
   • System Logs:

     	 sudo journalctl -xe  # View detailed system logs
     	 sudo tail -f /var/log/messages  # Monitor system log in real-time
     	 

   • Resource Usage:

     	 top  # Interactive process viewer
     	 vmstat  # Report virtual memory statistics
     	 iostat  # Report CPU and I/O statistics
     	 

6. Service Management:
   • Start/Stop Services:

     	sudo systemctl start service_name
     	sudo systemctl stop service_name
     	

   • Enable/Disable Services at Boot:

     	sudo systemctl enable service_name
     	sudo systemctl disable service_name
     	

   • Check Service Status:

     	sudo systemctl status service_name
     	

7. Configuration Management:
   • Edit Configuration Files: Use text editors like `vim` or `nano` to edit configuration files located in `/etc`.

     		 sudo vim /etc/your_config_file
     		 sudo nano /etc/your_config_file
     		 

8. Backup and Restore:
   • Create Backups:

     	tar -czvf backup.tar.gz /path/to/directory_or_file
     	

   • Restore from Backup:

     	tar -xzvf backup.tar.gz -C /path/to/extract
     	

9. Security Best Practices:
   • Regular Updates: Regularly update your system and apply patches.
   • Password Policies: Implement strong password policies using PAM (Pluggable Authentication Modules). Edit `/etc/pam.d/system-auth` to configure password policies.
   • Intrusion Detection: Use tools like `AIDE` (Advanced Intrusion Detection Environment) to monitor changes to system files.

     	sudo yum install aide
     	sudo aide --init
     	sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
     	sudo aide --check
     	

10. Audit and Compliance:
    • Enable Auditd Service:

      	sudo systemctl enable auditd
      	sudo systemctl start auditd
      	

    • Configure Audit Rules: Edit `/etc/audit/audit.rules` to define audit policies.

      	-w /etc/passwd -p wa -k identity
      	-w /var/log/ -p wa -k logins
      	

By following these practices and regularly monitoring and updating your system, you can ensure a secure and well-configured Red Hat Enterprise Linux environment.

Virtually any type of computer mouse is compatible with Linux desktops. This includes:

• Wired Mice: These connect directly to your computer via a USB port. They are generally more reliable and responsive due to the direct connection.
• Wireless Mice: These use either radio frequency (RF) or Bluetooth to connect to your computer. They offer more freedom of movement but may experience slight lag compared to wired mice.
• Gaming Mice: These are designed for gamers and often have additional buttons, higher DPI (dots per inch) for increased sensitivity, and customizable lighting.
• Ergonomic Mice: These are designed to reduce wrist strain and discomfort during extended use.

Specific brands and models known to work well with Linux include:

• Logitech: Most Logitech mice work seamlessly with Linux, including popular models like the MX Master series and the G series gaming mice.
• Razer: Many Razer mice are also compatible, although some features may require additional configuration.
• Microsoft: Microsoft mice generally work well with Linux.

In most cases, Linux will automatically detect and configure your mouse upon plugging it in. However, for some advanced features or customization, you may need to install additional drivers or software.

Question: What command do you use to change directories? (Type in cd and hit the Enter key.)
Explanation: This is where you will find an explanation of the question and answer. To change to your home directory, you type

cd 

to (change directory). As you may already know, Linux is case-sensitive. For example, the cd is not the same as CD.

We have discovered that if you truly wish to master a skill, nothing beats hands-on experience. To provide an opportunity to practice what you learn within a context, we have created exercises throughout the series in which you apply your knowledge to various scenarios.
We have included the lab feature to give you an opportunity to try these exercises in a live environment. You will learn more about how to use this exciting feature in a later lesson.
Although solutions to the problem-solver exercises will be submitted to tutors, you should also consider using the Discussion area as a forum for sharing responses.

This course includes a number of On Your Own exercises and Quizzes. You will be able to complete these exercises on any Linux system running X Window System. In the next lesson, the prerequisites for this course will be discussed.