Book Image

Red Hat Enterprise Linux Server Cookbook

By : Jakub Gaj, William Leemans
Book Image

Red Hat Enterprise Linux Server Cookbook

By: Jakub Gaj, William Leemans

Overview of this book

Dominating the server market, the Red Hat Enterprise Linux operating system gives you the support you need to modernize your infrastructure and boost your organization’s efficiency. Combining both stability and flexibility, RHEL helps you meet the challenges of today and adapt to the demands of tomorrow. This practical Cookbook guide will help you get to grips with RHEL 7 Server and automating its installation. Designed to provide targeted assistance through hands-on recipe guidance, it will introduce you to everything you need to know about KVM guests and deploying multiple standardized RHEL systems effortlessly. Get practical reference advice that will make complex networks setups look like child’s play, and dive into in-depth coverage of configuring a RHEL system. Also including full recipe coverage of how to set up, configuring, and troubleshoot SELinux, you’ll also discover how secure your operating system, as well as how to monitor it.

Related Content you might be interested in

Current Title:

Small book image
Red Hat Enterprise Linux Server Cookbook
Jakub Gaj | William Leemans
Dec, 2015 | 250 pages
No titles found
Table of Contents (17 chapters)
Red Hat Enterprise Linux Server Cookbook
Red Hat Enterprise Linux Server Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Working with KVM Guests
Working with KVM Guests
Introduction
Installing and configuring a KVM
Configuring resources
Building guests
Adding CPUs on the fly
Adding RAM on the fly
Adding disks on the fly
Moving disks to another storage
Moving VMs
Backing up your VM metadata
2
Deploying RHEL "En Masse"
Deploying RHEL "En Masse"
Introduction
Creating a kickstart file
Publishing your kickstart file using httpd
Deploying a system using PXE
Deploying a system using a custom boot ISO file
3
Configuring Your Network
Configuring Your Network
Introduction
Creating a VLAN interface
Creating a teamed interface
Creating a bridge
Configuring IPv4 settings
Configuring your DNS resolvers
Configuring static network routes
4
Configuring Your New System
Configuring Your New System
Introduction
The systemd service and setting runlevels
Starting and stopping systemd services
Configuring the systemd journal for persistence
Monitoring services using journalctl
Configuring logrotate
Managing time
Configuring your boot environment
Configuring smtp
5
Using SELinux
Using SELinux
Introduction
Changing file contexts
Configuring SELinux booleans
Configuring SELinux port definitions
Troubleshooting SELinux
Creating SELinux policies
Applying SELinux policies
6
Orchestrating with Ansible
Orchestrating with Ansible
Introduction
Install Ansible
Configuring the Ansible inventory
Creating a template for a kickstart file
Creating a playbook to deploy a new VM with kickstart
Creating a playbook to perform system configuration tasks
Troubleshooting Ansible
7
Puppet Configuration Management
Puppet Configuration Management
Introduction
Installing and configuring Puppet Master
Installing and configuring the Puppet agent
Defining a simple module to configure time
Defining nodes and node grouping
Deploying modules to single nodes and node groups
8
Yum and Repositories
Yum and Repositories
Introduction
Managing yum history
Creating a copy of an RHN repository
Configuring additional repositories
Setting up yum to automatically update
Configuring logrotate for yum
Recovering from a corrupted RPM database
9
Securing RHEL 7
Securing RHEL 7
Introduction
Installing and configuring IPA
Securing the system login
Configuring privilege escalation with sudo
Secure the network with firewalld
Using kdump and SysRq
Using ABRT
Auditing the system
10
Monitoring and Performance Tuning
Monitoring and Performance Tuning
Introduction
Tuning your system's performance
Setting up PCP – Performance Co-Pilot
Monitoring basic system performance
Monitoring CPU performance
Monitoring RAM performance
Monitoring storage performance
Monitoring network performance
Index
Index

Applying SELinux policies

We've learned how to create SELinux policies in the previous recipe. This recipe will show you how to apply your newly created SELinux policies.

Getting ready

In order to apply a policy, we need a policy package file (pp). This can be obtained by parsing AVC denials to audit2allow or compiling your own policy package file, as explained in the Create SELinux policies recipe.

How to do it...

Follow these steps:

  1. Activate the policy (this can take quite a while, depending on the number of policies applied to your system) by running the following command:

    ~# semodule -i example_policy.pp
~#

  2. Next, verify that the policy is actually activated via these commands:

    ~# semodule -l |grep example_policy
example_policy  1.0
~#

How it works…

When executing the semodule command, the policy file is copied to /etc/selinux/targeted/modules/active/modules/, and the complete SELinux policy is recompiled and applied.

Tip

Be careful when applying custom-made policies as these may allow more access...

Previous Section
End of Chapter 5
Next Chapter