Book Image

Mastering CentOS 7 Linux Server

By : Mohamed Alibi, BHASKARJYOTI ROY
Book Image

Mastering CentOS 7 Linux Server

By: Mohamed Alibi, BHASKARJYOTI ROY

Overview of this book

Most server infrastructures are equipped with at least one Linux server that provides many essential services, both for a user's demands and for the infrastructure itself. Setting up a sustainable Linux server is one of the most demanding tasks for a system administrator to perform. However, learning multiple, new technologies to meet all of their needs is time-consuming. CentOS 7 is the brand new version of the CentOS Linux system under the RPM (Red Hat) family. It is one of the most widely-used operating systems, being the choice of many organizations across the world. With the help of this book, you will explore the best practices and administration tools of CentOS 7 Linux server along with implementing some of the most common Linux services. We start by explaining the initial steps you need to carry out after installing CentOS 7 by briefly explaining the concepts related to users, groups, and right management, along with some basic system security measures. Next, you will be introduced to the most commonly used services and shown in detail how to implement and deploy them so they can be used by internal or external users. Soon enough, you will be shown how to monitor the server. We will then move on to master the virtualization and cloud computing techniques. Finally, the book wraps up by explaining configuration management and some security tweaks. All these topics and more are covered in this comprehensive guide, which briefly demonstrates the latest changes to all of the services and tools with the recent shift from CentOS 6 to CentOS 7.

Related Content you might be interested in

Current Title:

Small book image
Mastering CentOS 7 Linux Server
Mohamed Alibi | BHASKARJYOTI ROY
Jan, 2016 | 298 pages
No titles found
Table of Contents (16 chapters)
Mastering CentOS 7 Linux Server
Mastering CentOS 7 Linux Server
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Advanced User Management
Advanced User Management
Managing users and groups from GUI and the command line
Quotas
Password aging
Sudoers
Reference
Summary
2
Security
Security
Introducing SELinux
Domain transition
SELinux users
Restricting access to su or sudo
SELinux audit logs
SELinux troubleshooting
Summary
3
Linux for Different Purposes
Linux for Different Purposes
Configuring a gateway server
Setting up a VPN server
Implementing BIND as a DNS server
Setting up a web server using Apache-MySQL-PHP
Setting up an FTP server
Securing Apache and FTP with OpenSSL
References
Summary
4
Mail Server with Postfix
Mail Server with Postfix
Setting up and configuring of Postfix mail server
Setting up MariaDB for virtual domains and users
Setting up a mail tool (Dovecot) to retrieve mails
Configuring the OpenLDAP Active Directory with Postfix
Securing the mail server using SSL/TLS
References
Summary
5
Monitoring and Logging
Monitoring and Logging
Open source monitoring tools
Setting up Nagios as a monitoring server
Tools to set up a logging server
Setting up and configuring Syslog-ng
References
Summary
6
Virtualization
Virtualization
The basics of virtualization on Linux
Full virtualization
Paravirtualization
Setting up Xen on CentOS 7
Setting up KVM for full virtualization on CentOS 7
Setting up OpenVZ virtualization on CentOS 7
Setting up VirtualBox virtualization on CentOS 7
Setting up Docker on CentOS 7
Establishing services' high availability using HAProxy
References
Summary
7
Cloud Computing
Cloud Computing
An overview of cloud computing
Cloud computing services
Introducing OpenStack
Components of OpenStack
Installing and configuring OpenStack
References
Summary
8
Configuration Management
Configuration Management
Introducing configuration management
Open source configuration management tools
References
Summary
9
Some Additional Tricks and Tools
Some Additional Tricks and Tools
SSH for remote connection
Securing SSH and the root login configuration
SSH key-based authentication
Installing and configuring SpamAssassin
Setting up the Clamav antivirus
Configuring Mytop for a MySQL database
Setting up Samba and NFS for file sharing
Introducing the Linux system and network monitoring tools
References
Summary
Index
Index

Domain transition

Now, let's find out how a process accesses other processes.

Let's consider that the vsftpd process is running; if it's not started, we can start it using the following command:

systemctl start vsftpd

The vsftpd process is started by the systemd process; this is a replacement of the Sys V init process and runs within a context of init_t:

ps -eZ | grep init

The systemd process running under the init_t domain is very short lived; it invokes /usr/sbin/vsftpd, which has a type context ftpd_exec_t, and when this binary executable starts, it becomes the vsftpd service itself and runs in the ftpd_t domain.

So, here's the systemd process running under the init_t domain executing a binary file with the ftpd_exec_t type. The binary file then starts a service within the ftpd_t domain.

Domain transition is followed by three strict rules:

  • The parent process of the source domain must have the permission to execute the application between both the domains

  • The file context for that application...

Previous Section
End of Section 3
Next Section