Description
Linux administration involves a reasonable amount of interaction with the system hardware and kernel, as well as the implementation of numerous tools and applications. This course provides a hands-on approach to acquiring basic systems management and administration skills.
We examine administrative, networking and troubleshooting issues, while bringing together elements of good practice, performance and security aimed at achieving a high level of proficiency in working at the command line.
The training will be one of the Red Hat derivatives such as CentOS or ScientificLinux. However, the discussions and materials cover every major Linux chain, and wherever a particular tool, technique or method is relevant, features specific to SUSE, Debian and Ubuntu are covered.
About Education
Goals of Education:
- Compare various Linux distributions
- Understanding Linux administration versus UNIX administration
- Understanding the methods and ways to build a Linux system
- Use modular core architecture and reconfigure to fit a specific need
- Query, manage and configure hardware
- Install additional software (pre-packaged and from source code)
- Perform automatic software updates
- Configure and troubleshoot the boot and operating system initialization process
- Implement and manage partitions and file systems, including LVM
- Protecting file system security, including the use of Chattr and ACLs
- Understanding Mandatory Access Control with Selinux and Apparmour
- Enhancing user and session security with PAM
- Connecting with SAMBA and CIFS
- Using SSH for secure connection
- Perform basic network configuration, security and troubleshooting
- Manage packet filtering with iptables and firewalld
Training Content:
- Module 1: Introduction
Linux server market
Introduction to distributions : Red Hat, Debian (and derivatives) and SUSE
Understanding kernel versions
Web resources and forums
- Module 2: Preparing for Installation
Understanding PC hard disks: PC hard disk drives: IDE and SCSI
Disk preparation: primary, extended and logical partitions
Understanding memory
Linux swapping and paging: swap space planning, adding swaps
Disk tools: FDISK, PARTED, HDPARM
- Module 3: Installation Methods
Preparation for installation / Installation resources
System Selection “Personality”
Information gathering; Installation planning and process
Installing Linux from CD-ROM / Post-installation steps / Repeatable installation with installation script
- Module 4: Software Management
Linux Software and Source Code
Shared and Static Library
Library related tools: LDD, Idconfig; using ‘Tarballs’ and related tools
Packages in SUSE and Red Hat and derivatives
Packaging method: RPMs
Package management tools: RPM and YUM
SUSE administration tool: ZYPPER
Packages in Debian derivatives
Packaging method – DEBs
Package management tools: DPKG, APT-GET, APTUDE, TASKSEL
- Module 5: Boot Management
Boot procedure
Traditional BIOS and MBR
Comparison with modern UEFI and GPT
Using and configuring the GRUB “Legacy” bootloader / GRUB disk numbering / GRUB configuration
Using and configuring GRUB 2 / GRUB2 ‘global’ directive configuration; GRUB2 Tools
BOOT / GRUB / GRUB.CFG; INITRD and INITRAMFS
Recovering from boot problems
GRUB Legacy and GRUB 2 CLI commands comparison
- Module 6: Hardware and Architecture
The types of platforms Linux will run on
Minimum hardware requirements / Supported devices/
Configuring SYSFS devices with UDEV
Hardware troubleshooting tools
- Module 7: Core Configuration
Kernel runtime parameters: PROC / SYS / AND / ETC / SYSCTL.CONF
Device drivers in the kernel
Monolithic and modular design
Processing modules with LSMOD, DEPMOD and MODPROBE;
Create a customized Core;
Descriptive step sequence; places of interest in the kernel: USR / SRC / BOOT / LİB/MODULES / $ (UNAME -R)
- Module 8: System Service Control
SysVinit initialization sequence
Single and multi-user operation levels
INIT operation and configuration in ETC/INITTAB
SysVinit startup files (RC files)
SYSTEMD method for service control;
Configuration files; using the SYSTEMCTL tool; integration with the SysVinit method
- Module 9: System Logging
Auditing and logging / Basic Unix log files
Simple data tools for working with logs – touch, tail, tail -f, grep
Syslog daemon
A Brief Introduction to Journald
- Module 10: User accounts
User-related configuration files: /ETC/PASSWD, /ETC/GROUP, /ETC/SHADOW; Account creation / Basic properties / Secondary group membership / Password requirement / Customizing an account / User home directory / Startup files
- Module 11: User Account Security, including PAM
Security aspects of basic accounts
Terminal and shell control files
Testing account usage and effectiveness: LASTLOG, LAST, LASTB
Strength of identity issued by UID
Role-based identity
PAM
User authentication policies / User Account Control
- Module 12: Extended File Properties
Summary of basic file and directory permissions: R/W/X, SUID, SGID and Sticky Bit
File Access Control List (ACL)
Utilize individual user and group assignments
Understanding the Mask property
SETFACL and GETFACL for files and directories
Applying additional file attributes via CHATTR / Using CHATTR to set additional properties / Applying privileged attributes / Using LSATTR to explore extended attributes
- Module 13: Managing file systems
Linux native file systems: EXT*, REISERFS, XFS, BTRFS / Configuring file systems
Performance – MKFS command / Security – MOUNT command
File system troubleshooting and diagnostics: FSCK, TUNE2FS, DEBUGFS, FUSER, DUMPE2FS, XFS
Restrict disk assignments by user/group
- Module 14: Storage Management with LVM
Disk partitioning overview
Using FDISK to create physical partitions
LVM structure: PV, VG, LV
File system creation of logical volumes / Dynamically resize logical volumes
- Module 15: Network Infrastructure
Number crunching / Network-related files and directories: interface configuration files / name resolution
Modern tools – IP and SS command: general syntax and usage
Network parameters in the core
Configuring PROXY
Static routes; Interface parameters with ETHTOOL; Interface merging: modes and configuration
- Module 16: Perimeter Network Protection
Firewall concepts
Infrastructure and DMZ
The role of the nucleus
Network parameters in PROC/SYS/NET
Net Filter module
Linux firewalls: IPTABLES and Firewall
Understanding Firewall zones and the firewall-CMD tool
Alternative products: IPCop, Shorewall, UFW and others
- Module 17: Introduction to SELinux
DAC and MAC security policies
Products that provide mandatory access methods
SELinux features: Policies / sanctions / control; / Scope / availability;
SELinux configuration and management
SELinux states: Tagging and access policies / Policy database and runtime flow / Modifying existing policies and creating new policies
- Module 18: Network Services
Protocols and Services
Network super background programs: INETD, XINETD
TCPD / TCP
Network time protocol
Hardware and software clock
Daemons and configuration
- Module 20: Samba and CIFS
What is Samba
SMB and CIFS protocols
Install and configure Samba components
Configuration file: ETC/SAMBA/SMB.CONF
Private and user sections
[global] configuration of the department
Samba daemon and diagnostic tools: SMBD, NMBD, SMBSTATUS, TESTPARM, SWAT
Samba client tools: NMLOOKUP, SMBCIENT, SMBTREE, SMBTAR
View Samba shares in Windows
- Module 21: SSH Tips and Tricks
SSH purpose
Summary of basic SSH usage
SSH client and server configuration
Using SSH keys; Generating public/private key pairs; Configuring and using the SSH agent; Implementing tunneling X in SSH; Port forwarding; Local and remote port forwarding policies; Forwarding through a firewall and multiple gateways
Who Should Receive the Training?
- All existing managers, developers, analysts;
- All users who want to develop themselves in Linux,
- This course is suitable for experienced Unix Administrators who need to migrate their skills to Linux.
Requirements
The prerequisites for the course are a good command of Linux System Fundamentals and practical experience in working with Linux and/or experience in administering any version of Unix.
Plan this training institutionally!
This training can be planned in different durations and content specific to your organization. Please contact us for detailed rich content and planning to realize your training objectives.