Book Image

Red Hat Enterprise Linux 9 Administration - Second Edition

By : Pablo Iranzo Gómez, Pedro Ibáñez Requena, Miguel Pérez Colino, Scott McCarty
2 (2)
Book Image

Red Hat Enterprise Linux 9 Administration - Second Edition

2 (2)
By: Pablo Iranzo Gómez, Pedro Ibáñez Requena, Miguel Pérez Colino, Scott McCarty

Overview of this book

With Red Hat Enterprise Linux 9 becoming the standard for enterprise Linux used from data centers to the cloud, Linux administration skills are in high demand. With this book, you’ll learn how to deploy, access, tweak, and improve enterprise services on any system on any cloud running Red Hat Enterprise Linux 9. Throughout the book, you’ll get to grips with essential tasks such as configuring and maintaining systems, including software installation, updates, and core services. You’ll also understand how to configure the local storage using partitions and logical volumes, as well as assign and deduplicate storage. You’ll learn how to deploy systems while also making them secure and reliable. This book provides a base for users who plan to become full-time Linux system administrators by presenting key command-line concepts and enterprise-level tools, along with essential tools for handling files, directories, command-line environments, and documentation for creating simple shell scripts or running commands. With the help of command line examples and practical tips, you’ll learn by doing and save yourself a lot of time. By the end of the book, you’ll have gained the confidence to manage the filesystem, users, storage, network connectivity, security, and software in RHEL 9 systems on any footprint.

Related Content you might be interested in

Current Title:

Small book image
Red Hat Enterprise Linux 9 Administration - Second Edition
Pablo Iranzo Gómez | Pedro Ibáñez Requena | Miguel Pérez Colino | Scott McCarty
Nov, 2022 | 530 pages
Small book image
Oracle Linux Cookbook
Jonathan Spindel | Erik Benner | Erik B Thomsen
Jan, 2024 | 548 pages
Small book image
CentOS 8 Essentials
Neil Smyth
May, 2020 | 261 pages
Small book image
CentOS Quick Start Guide
Shiwang Kalkhanda
Dec, 2018 | 320 pages
Table of Contents (26 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share your thoughts
Download a free PDF copy of this book
1
Part 1 – Systems Administration – Software, User, Network, and Services Management
Part 1 – Systems Administration – Software, User, Network, and Services Management
Free Chapter
2
Chapter 1: Getting RHEL Up and Running
Chapter 1: Getting RHEL Up and Running
Technical requirements
Obtaining RHEL and a subscription
Installing RHEL 9
Summary
3
Chapter 2: RHEL 9 Advanced Installation Options
Chapter 2: RHEL 9 Advanced Installation Options
Technical requirements
Automating RHEL deployments with Anaconda
Deploying RHEL on the cloud
Installation best practices
Summary
4
Chapter 3: Basic Commands and Simple Shell Scripts
Chapter 3: Basic Commands and Simple Shell Scripts
Logging in as a user and managing multi-user environments
Changing users with the su command
Understanding users, groups, and basic permissions
Using the command line, environment variables, and navigating through the filesystem
Understanding I/O redirection on the command line
Filtering output with grep and sed
Listing, creating, copying, and moving files, directories, links, and hard links
Using tar and gzip
Creating basic shell scripts
Using system documentation resources
Summary
5
Chapter 4: Tools for Regular Operations
Chapter 4: Tools for Regular Operations
Technical requirements
Managing system services with systemd
Scheduling tasks with cron and systemd
Learning about time synchronization with chrony and NTP
Checking for free resources – memory and disk (free and df)
Finding logs, using journald, and reading log files, including log preservation and rotation
Summary
6
Chapter 5: Securing Systems with Users, Groups, and Permissions
Chapter 5: Securing Systems with Users, Groups, and Permissions
Creating, modifying, and deleting local user accounts and groups
Managing groups and reviewing assignments
Adjusting password policies
Configuring sudo access for administrative tasks
Checking, reviewing, and modifying file permissions
Using special permissions
Summary
7
Chapter 6: Enabling Network Connectivity
Chapter 6: Enabling Network Connectivity
Technical requirements
Exploring network configuration in RHEL
Getting to know the configuration files and NetworkManager
Configuring network interfaces with IPv4 and IPv6
Configuring hostname and hostname resolutions (DNS)
An overview of firewall configuration
Testing network connectivity
Summary
8
Chapter 7: Adding, Patching, and Managing Software
Chapter 7: Adding, Patching, and Managing Software
RHEL subscription registration and management
Managing repositories and signatures with yum/dnf
Doing software installations, updates, and rollbacks with YUM/DNF
Creating and syncing repositories with createrepo and reposync
Understanding RPM internals
Summary
9
Part 2 – Security with SSH, SELinux, a Firewall, and System Permissions
Part 2 – Security with SSH, SELinux, a Firewall, and System Permissions
10
Chapter 8: Administering Systems Remotely
Chapter 8: Administering Systems Remotely
Technical requirements
SSH and OpenSSH overview and base configuration
Enabling root access via SSH (and when not to do it)
Accessing remote systems with SSH
Key-based authentication with SSH
Remote file management with SCP/rsync
Advanced remote management – SSH tunnels and SSH redirections
Remote terminals with tmux
Introduction to Ansible automation
Summary
11
Chapter 9: Securing Network Connectivity with firewalld
Chapter 9: Securing Network Connectivity with firewalld
Introduction to the RHEL firewall – firewalld
Enabling firewalld in the system and reviewing the default zones
Enabling and managing services and ports
Creating and using service definitions for firewalld
Configuring firewalld with the web interface
Summary
12
Chapter 10: Keeping Your System Hardened with SELinux
Chapter 10: Keeping Your System Hardened with SELinux
Technical requirements
SELinux usage in enforcing and permissive modes
Reviewing the SELinux context for files and processes
Tweaking the policy with semanage
Restoring changed file contexts to the default policy
Using SELinux Boolean settings to enable services
SELinux troubleshooting and common fixes
Integrity Measurement Architecture, digital hashes, and signatures for enhancing security
Summary
13
Chapter 11: System Security Profiles with OpenSCAP
Chapter 11: System Security Profiles with OpenSCAP
Getting started with OpenSCAP and discovering system vulnerabilities
Using OpenSCAP with security profiles for OSPP and PCI DSS
Summary
14
Part 3 – Resource Administration – Storage, Boot Process, Tuning, and Containers
Part 3 – Resource Administration – Storage, Boot Process, Tuning, and Containers
15
Chapter 12: Managing Local Storage and Filesystems
Chapter 12: Managing Local Storage and Filesystems
Technical requirements
Partitioning disks (MBR and GPT disks)
Formatting and mounting filesystems
Setting default mounts and options in fstab
Using network filesystems with NFS
Summary
16
Chapter 13: Flexible Storage Management with LVM
Chapter 13: Flexible Storage Management with LVM
Technical requirements
Understanding LVM
Creating, moving, and removing physical volumes
Combining physical volumes into volume groups
Creating and extending logical volumes
Adding new disks to a volume group and extending an logical volume
Removing logical volumes, volume groups, and physical volumes
Reviewing LVM commands
Summary
17
Chapter 14: Advanced Storage Management with Stratis and VDO
Chapter 14: Advanced Storage Management with Stratis and VDO
Technical requirements
Understanding Stratis
Installing and enabling Stratis
Managing storage pools and filesystems with Stratis
Preparing systems to use VDO
Creating and using a VDO volume
Testing a VDO volume and reviewing the stats
Summary
18
Chapter 15: Understanding the Boot Process
Chapter 15: Understanding the Boot Process
Understanding the boot process – BIOS and UEFI booting
Working with GRUB, the bootloader, and the initrd system images
Managing the boot sequence with systemd
Intervening in the boot process to gain access to a system
Summary
19
Chapter 16: Kernel Tuning and Managing Performance Profiles with tuned
Chapter 16: Kernel Tuning and Managing Performance Profiles with tuned
Technical requirements
Identifying processes, checking memory usage, and killing processes
Adjusting kernel scheduling parameters to better manage processes
Installing tuned and managing tuning profiles
Creating a custom tuned profile
Using the web console for observing performance metrics
Summary
20
Chapter 17: Managing Containers with Podman, Buildah, and Skopeo
Chapter 17: Managing Containers with Podman, Buildah, and Skopeo
Technical requirements
Introduction to containers
Running a container using Podman and UBI
When to use Buildah and Skopeo
Summary
21
Part 4 – Practical Exercises
Part 4 – Practical Exercises
22
Chapter 18: Practice Exercises – 1
Chapter 18: Practice Exercises – 1
Technical requirements
Tips for the exercise
Practice exercise 1
Exercise 1 solution
23
Chapter 19: Practice Exercise – 2
Chapter 19: Practice Exercise – 2
Technical requirements
Tips for the exercise
Practice exercise 2
Exercise 2 resolution
24
Index
Index
Why subscribe?
25
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts
Download a free PDF copy of this book

Reviewing the SELinux context for files and processes

SELinux uses labels, also referred to as the security context attached to each file, and defines several aspects. Let’s check one example in our home folder with the ls –l command, but with a special modifier, Z, that will show SELinux attributes as well, as we can see in the following screenshot:

Figure 10.3 – File listing showing SELinux attributes

Let’s focus on the output for one of the files:

-rw-r--r--.  1 root unconfined_u:object_r:admin_home_t:s0     540 Mar  6 19:33 term.sh

The SELinux attributes are the ones listed as unconfined_u:object_r:admin_home_t:s0:

  • The first part is the user mapping: unconfined_u
  • The second part is the role: object_r
  • The third part is the type: admin_home_t
  • The fourth part is used for the level: s0 in multi-level security and multi-category security

Something similar...

Previous Section
End of Section 4
Next Section