Book Image

Mastering CentOS 7 Linux Server

By : Mohamed Alibi, BHASKARJYOTI ROY
Book Image

Mastering CentOS 7 Linux Server

By: Mohamed Alibi, BHASKARJYOTI ROY

Overview of this book

Most server infrastructures are equipped with at least one Linux server that provides many essential services, both for a user's demands and for the infrastructure itself. Setting up a sustainable Linux server is one of the most demanding tasks for a system administrator to perform. However, learning multiple, new technologies to meet all of their needs is time-consuming. CentOS 7 is the brand new version of the CentOS Linux system under the RPM (Red Hat) family. It is one of the most widely-used operating systems, being the choice of many organizations across the world. With the help of this book, you will explore the best practices and administration tools of CentOS 7 Linux server along with implementing some of the most common Linux services. We start by explaining the initial steps you need to carry out after installing CentOS 7 by briefly explaining the concepts related to users, groups, and right management, along with some basic system security measures. Next, you will be introduced to the most commonly used services and shown in detail how to implement and deploy them so they can be used by internal or external users. Soon enough, you will be shown how to monitor the server. We will then move on to master the virtualization and cloud computing techniques. Finally, the book wraps up by explaining configuration management and some security tweaks. All these topics and more are covered in this comprehensive guide, which briefly demonstrates the latest changes to all of the services and tools with the recent shift from CentOS 6 to CentOS 7.

Related Content you might be interested in

Current Title:

Small book image
Mastering CentOS 7 Linux Server
Mohamed Alibi | BHASKARJYOTI ROY
Jan, 2016 | 298 pages
No titles found
Table of Contents (16 chapters)
Mastering CentOS 7 Linux Server
Mastering CentOS 7 Linux Server
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Advanced User Management
Advanced User Management
Managing users and groups from GUI and the command line
Quotas
Password aging
Sudoers
Reference
Summary
2
Security
Security
Introducing SELinux
Domain transition
SELinux users
Restricting access to su or sudo
SELinux audit logs
SELinux troubleshooting
Summary
3
Linux for Different Purposes
Linux for Different Purposes
Configuring a gateway server
Setting up a VPN server
Implementing BIND as a DNS server
Setting up a web server using Apache-MySQL-PHP
Setting up an FTP server
Securing Apache and FTP with OpenSSL
References
Summary
4
Mail Server with Postfix
Mail Server with Postfix
Setting up and configuring of Postfix mail server
Setting up MariaDB for virtual domains and users
Setting up a mail tool (Dovecot) to retrieve mails
Configuring the OpenLDAP Active Directory with Postfix
Securing the mail server using SSL/TLS
References
Summary
5
Monitoring and Logging
Monitoring and Logging
Open source monitoring tools
Setting up Nagios as a monitoring server
Tools to set up a logging server
Setting up and configuring Syslog-ng
References
Summary
6
Virtualization
Virtualization
The basics of virtualization on Linux
Full virtualization
Paravirtualization
Setting up Xen on CentOS 7
Setting up KVM for full virtualization on CentOS 7
Setting up OpenVZ virtualization on CentOS 7
Setting up VirtualBox virtualization on CentOS 7
Setting up Docker on CentOS 7
Establishing services' high availability using HAProxy
References
Summary
7
Cloud Computing
Cloud Computing
An overview of cloud computing
Cloud computing services
Introducing OpenStack
Components of OpenStack
Installing and configuring OpenStack
References
Summary
8
Configuration Management
Configuration Management
Introducing configuration management
Open source configuration management tools
References
Summary
9
Some Additional Tricks and Tools
Some Additional Tricks and Tools
SSH for remote connection
Securing SSH and the root login configuration
SSH key-based authentication
Installing and configuring SpamAssassin
Setting up the Clamav antivirus
Configuring Mytop for a MySQL database
Setting up Samba and NFS for file sharing
Introducing the Linux system and network monitoring tools
References
Summary
Index
Index

Managing users and groups from GUI and the command line

We can add a user to the system using useradd from the command line with a simple command, as follows:

useradd testuser

This creates a user entry in the /etc/passwd file and automatically creates the home directory for the user in /home. The /etc/passwd entry looks like this:

testuser:x:1001:1001::/home/testuser:/bin/bash

But, as we all know, the user is in a locked state and cannot log in to the system unless we add a password for the user using the command:

passwd testuser

This will, in turn, modify the /etc/shadow file, at the same time unlock the user, and the user will be able to log in to the system.

By default, the preceding set of commands will create both a user and a group for the testuser user on the system. What if we want a certain set of users to be a part of a common group? We will use the -g option along with the useradd command to define the group for the user, but we have to make sure that the group already exists. So, to create users such as testuser1, testuser2, and testuser3 and make them part of a common group called testgroup, we will first create the group and then we create the users using the -g or -G switches. So, we will do this:

# To create the group :
groupadd testgroup
# To create the user with the above group and provide password and unlock
user at the same time :

useradd testuser1 -G testgroup
passwd testuser1

useradd testuser2 -g 1002
passwd testuser2

Here, we have used both -g and -G. The difference between them is: with -G, we create the user with its default group and assign the user to the common testgroup as well, but with -g, we create the user as part of the testgroup only. In both cases, we can use either the gid or the group name obtained from the /etc/group file.

There are a couple more options that we can use for an advanced level user creation; for example, for system users with uid less than 500, we have to use the -r option, which will create a user on the system, but the uid will be less than 500. We also can use -u to define a specific uid, which must be unique and greater than 499. Common options that we can use with the useradd command are:

  • -c: This option is used for comments, generally to define the user's real name, such as -c "John Doe".

  • -d: This option is used to define home-dir; by default, the home directory is created in /home such as -d /var/<user name>.

  • -g: This option is used for the group name or the group number for the user's default group. The group must already have been created earlier.

  • -G: This option is used for additional group names or group numbers, separated by commas, of which the user is a member. Again, these groups must also have been created earlier.

  • -r: This option is used to create a system account with a UID less than 500 and without a home directory.

  • -u: This option is the user ID for the user. It must be unique and greater than 499.

There are few quick options that we use with the passwd command as well. These are:

  • -l: This option is to lock the password for the user's account

  • -u: This option is to unlock the password for the user's account

  • -e: This option is to expire the password for the user

  • -x: This option is to define the maximum days for the password lifetime

  • -n: This option is to define the minimum days for the password lifetime

Previous Section
End of Section 2
Next Section