Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
www.novell.com
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents
or use of this documentation, and specifically disclaims any express or implied
warranties of merchantability or fitness for any particular purpose. Further,
Novell, Inc., reserves the right to revise this publication and to make changes to
its content, at any time, without obligation to notify any person or entity of such
revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any
software, and specifically disclaims any express or implied warranties of
merchantability or fitness for any particular purpose. Further, Novell, Inc.,
reserves the right to make changes to any and all parts of Novell software, at any
time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be
subject to U.S. export controls and the trade laws of other countries. You agree to
comply with all export control regulations and to obtain any required licenses or
classification to export, re-export or import deliverables. You agree not to export
or re-export to entities on the current U.S. export exclusion lists or to any
embargoed or terrorist countries as specified in the U.S. export laws. You agree
to not use deliverables for prohibited nuclear, missile, or chemical biological
weaponry end uses. See the Novell International Trade Services Web page (http:/
/www.novell.com/info/exports/) for more information on exporting Novell
software. Novell assumes no responsibility for your failure to obtain any
necessary export approvals.
Copyright 2008 Novell, Inc. All rights reserved. No part of this publication
may be reproduced, photocopied, stored on a retrieval system, or transmitted
without the express written consent of the publisher.
Novell, Inc., has intellectual property rights relating to technology embodied in
the product that is described in this document. In particular, and without
limitation, these intellectual property rights may include one or more of the U.S.
patents listed on the Novell Legal Patents Web page (http://www.novell.com/
company/legal/patents/) and one or more additional patents or pending patent
applications in the U.S. and in other countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Online Documentation: To access the latest online documentation for
this and other Novell products, see the Novell Documentation Web
page (http://www.novell.com/documentation).
Novell Trademarks
For Novell trademarks, see the Novell Trademark and Service Mark list (http://
www.novell.com/company/legal/trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 1
Exercise 1-1
SECTION 2
Exercise 2-1
SECTION 3
Exercise 3-1
SECTION 4
Exercise 4-1
SECTION 5
Exercise 5-1
Exercise 5-2
Exercise 5-3
SECTION 6
Exercise 6-1
SECTION 7
Exercise 7-1
Exercise 7-2
Exercise 7-3
Exercise 7-4
Version 1
Introduction
Manage Hardware
8
8
8
8
13
19
33
34
34
36
36
38
38
41
Configure IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Detailed Steps to Complete this Exercise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
45
46
46
50
50
55
55
56
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Contents
SECTION 8
Exercise 8-1
Exercise 8-2
Exercise 8-3
Exercise 8-4
59
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
60
60
63
63
65
65
66
66
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Introduction
This workbook is designed to help you practice the skills associated with Upgrading
To Novell Certified Linux Professional 11 (course 3100) objectives.
These skills prepare a Novell Certified Linux Professional 10 to take the Novell
Certified Linux Professional 11 (Novell CLP11) certification practicum test.
NOTE: Instructions for setting up a self-study environment are in the directory Setup on the Course
DVD.
Before starting the exercises in this workbook, you need to review the following:
Course Scenario
The exercises in this course center around the fictional Digital Airlines Company that
has offices at various airports around the globe.
The Digital Airlines management has made the decision to migrate several back-end
services to Linux servers running SUSE Linux Enterprise Server 11.
You have already installed SUSE Linux Enterprise Server 10 before and are familiar
with administering SUSE Linux Enterprise Server 10. You need to become familiar
with SUSE Linux Enterprise Server 11 and SUSE Linux Enterprise Desktop 11
The migration plan includes the following:
Introducing IPv6
Your task is to set up a test server in the lab to enhance your skills in these areas.
Exercise Conventions
When working through an exercise, you will see conventions that indicate
information you need to enter that is specific to your server.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Introduction
italicized text: This is refers to your unique situation, such as the hostname of
your server.
For example, supposing the hostname of your server is da50 and you see the
following
hostname.digitalairlines.com
You would enter
da50.digitalairlines.com
Select: The word select is used in exercise steps with reference to menus where
you can choose between different entries, such as drop-down menus.
Enter and Type: The words enter and type have distinct meanings.
The word enter means to type text in a field or at a command line and press the
Enter key when necessary. The word type means to type text without pressing the
Enter key.
If you are directed to type a value, make sure you do not press the Enter key or
you might activate a process that you are not ready to start.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 1
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 1-1
2.
3.
4.
Add the new installation source with an alias by entering the following
command:
zypper ar http://172.17.8.101/suse repo1
5.
2.
Check the status of the package joe using the following command:
zypper info joe
2.
3.
(End of Exercise)
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 2
Manage Hardware
In this section of the workbook, you can find the following exercises:
n
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Manage Hardware
Exercise 2-1
If necessary, power on your DA1 virtual server and log in as geeko with a
password of novell.
2.
Open a terminal window and switch to the root user account by entering su followed by a password of novell.
3.
4.
5.
Locate and scroll down to the line that sets the name of your network interface to
eth0.
6.
7.
8.
Reboot your DA1 virtual server by entering init 6 at the shell prompt.
9.
When the system starts to boot, press Esc so you can view your systems boot
messages.
You should see a message indicating eth0 is being renamed to eth1 by udev, as
shown below:
Figure 2-1
10
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
You should also see a message indicating the eth1 interface has not been
configured, as shown below:
Figure 2-2
password of novell.
12. At the shell prompt, enter cd /etc/udev/rules.d.
13. Open the 70-persistent-net.rules file in the vi editor .
14. Change the NAME= eth1 parameter back to NAME=eth0.
15. Save your changes and exit vi.
16. Reboot your DA1 virtual server by entering init 6 at the shell prompt.
17. When the system starts to boot, press Esc so you can view your systems boot
messages.
18. Verify that your network interface is now named eth0 and that the appropriate
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
11
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Manage Hardware
Figure 2-3
(End of Exercise)
12
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 3
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
13
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 3-1
Part II: Add a Remote File System to the NFS Client on page 15
2.
3.
Copy some files into that directory using the following commands
cd /export/documentation
cp /usr/share/doc/manual/sles-admin_en-pdf/* .
4.
14
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
5.
Select the Start button in the NFS server section of the dialog.
6.
Deselect the Enable NFSv4 check box, then continue by selecting Next.
A Directories to Export dialog appears.
7.
b.
c.
Change the preset values to match the following, then select OK.
n
9.
At the terminal window, verify that the file system was exported by entering the
following:
showmount -e localhost
10. View the entry made by YaST to the file /etc/exports by entering cat /etc/
exports.
You should see the settings you entered in YaST.
Part II: Add a Remote File System to the NFS Client
This exercise uses localhost as the NFS server. This does not require a separate NFS
server. On da-host, do the following:
1.
In the terminal window where you switched to the root account, create a
mountpoint named /import/docs for the remote file system to be mounted on your
server by entering the following:
mkdir -p /import/docs
2.
Start the NFS Client Configuration from the terminal window by entering
yast2 nfs &.
Mount a remote file system by selecting the NFS Shares tab, then click
Add.
A dialog appears for adding the remote file system.
b.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
15
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Options: defaults,soft
You are returned to the NFS Client Configuration dialog which now lists
the remote Directory.
3.
4.
5.
At the terminal window, verify that the file system is mounted by entering
mount.
You see the remote hosts directory mounted on /import/docs.
6.
7.
Do the following:
1.
If your da1 virtual machine is not running, start the VMware player and the da1
virtual machine.
2.
3.
On da1, create the /data directory and some files in it using these commands:
mkdir /data
touch /data/file{1,2,3}
4.
Edit the /etc/exports file so it contains the following lines (delete any lines
that might already exist in the file first):
/export
*(fsid=0,crossmnt,ro,no_subtree_check,sync)
/export/data
*(ro,no_subtree_check,sync,bind=/data)
5.
6.
16
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
7.
8.
9.
10. On da-host, open a terminal window, su - to root, and mount the directories
the client.
Part IV: Configure the automounter
Do the following:
1.
If your da1 virtual machine is not running, start the VMware player and the
virtual machine.
2.
3.
On da1, open the /etc/exports file in an editor to include the following two
lines (the first line should already exist from Part III of this exercise, and the line
starting with /export/data can remain in the file):
/export *(fsid=0,crossmnt,ro,root_squash,sync,no_subtree_check)
/export/home *(rw,root_squash,sync,no_subtree_check,bind=/home)
4.
5.
On da1, restart the NFS server with the command rcnfsserver restart.
6.
On da1, make sure the NFS server is started automatically when the system boots
by entering the command chkconfig nfsserver on.
7.
8.
9.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
17
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
mkdir /remote-home
11. Create the new /etc/auto.remote-home file by entering
vi /etc/auto.remote-home
then add the following line to it:
*
-fstype=nfs4,rw,nosuid,nodev
172.17.8.101:/home/&
(End of Exercise)
18
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 4
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
19
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 4-1
First, you need to install and configure an LDAP directory server on da-host:
1.
On da-host, start YaST and select Network Services > LDAP Server.
2.
3.
4.
b.
c.
Select Next.
an LDAP Server Configuration, TLS Settings dialog appears.
5.
b.
c.
6.
Select Next.
The Basic Database Settings screen is displayed:
20
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Figure 4-1
7.
b.
Verify that dc=digitalairlines,dc=com has been entered for you in the Base
DN field.
c.
d.
e.
In the Password fields, type the password novell for the Administrator user.
8.
Select Next.
9.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
21
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Configuration.
The following is displayed:
Figure 4-2
22
a.
b.
c.
d.
e.
f.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
g.
Figure 4-3
Version 1
h.
i.
j.
k.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
23
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
l.
Figure 4-4
o.
p.
q.
Select OK.
24
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
With the LDAP server running on da-host, you now need to configure the LDAP
client on da-host such that authentication can occur via either the local files (/etc/
passwd, /etc/shadow, and so on) or the LDAP directory on da-host.
Do the following on da-host:
1.
Figure 4-5
Version 1
2.
3.
4.
5.
6.
7.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
25
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
8.
Figure 4-6
9.
26
a.
b.
c.
When prompted that the ldapconfig organizational unit doesnt exist, select
Yes to created it now.
d.
Select New.
e.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
f.
In the Name of New Module field, type Users; then select OK.
You should see the following:
Configuring LDAP Modules
Figure 4-7
g.
h.
i.
In the Name of New Module field, type Groups; then select OK.
j.
k.
when prompted.
Part III: Configure the LDAP Client on da1
Next, you need to configure the LDAP client on da1such that authentication can
occur via either the local files (/etc/passwd, /etc/shadow) or the LDAP
directory on da-host.
Do the following on da1:
Version 1
1.
2.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
27
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
3.
4.
5.
6.
7.
8.
9.
when prompted.
Part IV: Manage Entries in the LDAP Directory
With LDAP configured on your server and your server and workstation configured to
use LDAP for authentication, you can now manage users and groups in the directory
tree.
Complete the following on either da1 or da-host:
1.
Create a new user using the YaST User and Group Management module.
a.
In YaST, select Security and Users > User and Group Management.
b.
c.
d.
e.
In the New LDAP User dialog, select the User Data tab and enter the
following user information:
Username: tux
Password: novell
f.
Select OK.
g.
When prompted that the password is too simple, select Yes > Yes.
In the User and Group Adminstration dialog, you should see the tux user
account added.
28
h.
Select OK.
i.
Close YaST.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
2.
b.
geeko@da-host:~/Desktop> su tux
Password:
Creating directory /home/tux.
Creating directory /home/tux/.fonts.
Creating directory /home/tux/bin.
Creating directory /home/tux/.mozilla.
tux@da-host:/home/geeko/Desktop>
c.
3.
Create an LDIF file to create a new LDAP user account from the shell prompt by
doing the following:
a.
b.
c.
4.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
29
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
5.
da-host:~ # vi newuser.ldif
da-host:~ # ldapadd -x -D
cn=Administrator,dc=digitalairlines,dc=com -W -f newuser.ldif
Enter LDAP Password:
adding new entry "cn=trixi,ou=People,dc=digitalairlines,dc=com"
da-host:~ #
6.
30
View your LDAP directory tree using the YaST LDAP Browser module.
a.
b.
c.
d.
e.
f.
g.
h.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
i.
Expand ou=people.
You should see the trixi and tux users, as shown below:
Viewing LDAP Users in the LDAP Browser
Figure 4-8
j.
If time permits, explore the attributes and values associated with the two
users you added.
k.
l.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
31
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
32
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 5
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
33
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 5-1
In this part of the exercise, you configure global settings for the Samba service on dahost.
Complete the following:
1.
2.
3.
Under Samba Server Type, select Not a Domain Controller, then select Next.
4.
During Boot
5.
6.
7.
8.
Deselect Retrieve WINS Server via DHCP, then select Use WINS for
Hostname Resolution.
9.
10. Verify that security is set to user and that printing is set to cups.
11. Select OK.
12. Select OK to close the Samba Configuration module.
In this part of the exercise, you create a share named geeko-data that points to the
/srv/samba/geeko-data directory.
34
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
2.
b.
c.
Adjust the permissions assigned to the directory and file to allow access by
the geeko user by entering chown -R geeko: /srv/samba/geekodata/ at the shell prompt.
b.
c.
d.
Select OK.
e.
f.
g.
In the Selected Option drop-down list, select valid users; then select OK.
h.
i.
j.
3.
Close YaST.
4.
Test the configuration of the Samba server and the [geeko-data] share by
entering testparm at the shell prompt.
You should see no error messages.
5.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
35
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 5-2
2.
Figure 5-1
3.
4.
When prompted that all values will be rewritten, select Yes to continue.
The various fields in this interface are automatically populated for you using the
default values found in your servers /etc/openldap/ldap.conf file.
5.
36
Verify that the following settings are set to the following values:
n
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
6.
7.
8.
9.
b.
c.
d.
Select OK.
e.
Expand dc=digitalairlines,dc=com.
You should see the following objects and containers added:
f.
ou=Idmap
ou=Machines
ou=group
sambaDomainName=DA-HOST
Open a terminal session and switch to root using the su - command and a
password of novell.
b.
c.
You should see that the geeko user has a variety of Samba-related attributes
added.
17. Select Close.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
37
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 5-3
2.
3.
4.
5.
6.
7.
8.
9.
Copy the my_file file to the current directory by entering get my_file at the
smb:\ prompt.
You should see the my_file file appear on the desktop.
38
On your da1 server, open a terminal window and switch to root using the su command and a password of novell.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
2.
Mount the data share in the /mnt directory by entering the following command at
the shell prompt:
mount -t cifs -o username=geeko //da-host/geeko-data /
mnt
When prompted for a password, enter novell.
3.
4.
Display the content of the mounted share by entering ls /mnt/ at the shell
prompt.
You should see the my_file file.
5.
6.
7.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
39
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
40
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 6
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
41
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 6-1
Configure IPv6
In this exercise, you configure and use different aspects of IPv6.
This exercise has two parts.
In the first part you ping6 da1 from da-host, using the link local IPv6 address. In the
second part, you set a globally unique IPv6 address and configure the router
advertisement daemon to distribute your IPv6 prefix to other machines.
Part I: Use Link Local Addresses to ping6 Other Hosts. on page 42.
If necessary, start the VMware player and the da1 virtual machine.
2.
3.
In the terminal window on da1, enter ip address show and note the IPv6
link local address of the eth0 interface (inet6 fe80... scope link).
4.
On your host da-host, log in as geeko, open a terminal window, and su - to root
(password: novell).
5.
In the terminal window on da-host, enter ip address show and note the
IPv6 link local address of the vmnet1 interface.
vmnet1 is the VMware interface that is used to connect to da1 using a host-only
network.
6.
7.
Ping da1 using the IPv6 address established in step 3 and the command
ping6 -I vmnet1 ipv6_address_of_eth0-da1
Stop the ping6 by enetering Ctrl+c.
42
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
This exercise you set an IPv6 address and configure radvd on da1.
Do the following:
1.
On da1, in a terminal window as root, install the radvd package using the
command
yast2 -i radvd
2.
On da1, add an IPv6 address (from the range reserved for examples and
documentation) to the eth0 interface with the command
ip address add 3fff:ffff::1/64 dev eth0
3.
View the IPv6 addresses of the eth0 interface with the command
ip address show dev eth0
The address you just added has the scope global.
4.
In an editor, open the /etc/radvd.conf file and scroll down to the following
lines.
#
# example of a standard prefix
#
prefix 2001:db8:1:0::/64
5.
6.
Delete all lines below the above section, with the exception of the last line that
reads
};
8.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
43
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
9.
rcradvd start
11. On da-host, in a terminal window, enter
ip -6 a s dev vmnet1
You should see that the interface has now an additional IPv6 address with the
prefix 3fff:ffff and the scope global dynamic.
12. On da-host, ping6 da1 using the IP address you added in step 1 with the
command
ping6 3fff:ffff::1
13. From da-host, log in to da1 using the IP address you added in step 1 with the
command
ssh 3fff:ffff::1
Enter yes when prompted and the password novell.
You are logged in to da1.
14. Log out from da1 by entering exit.
(End of Exercise)
44
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 7
Activate PXE Booting and Install SUSE Linux Enterprise Server on page 56
Boot your machine using PXE and start the installation of SUSE Linux
Enterprise Server 11.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
45
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 7-1
2.
3.
Insert the SUSE Linux Enterprise Server 11 DVD, then copy the content of the
DVD to the directory you just created using the command
cp -a /media/SUSE_SLES-11-0-0.001/* /srv/install-repo/
sles11/CD1
NOTE: Some steps in this exercise refer to the /srv/install-repo/sles11/CD1
directory as the root of the installation directory.
4.
As copying the content will take some time, open another terminal window, su
- to root (password: novell).
5.
6.
*(ro,sync,no_subtree_check)
7.
Make sure the NFS server is started every time the system starts up by entering
insserv nfsserver
NOTE: You can also use the YaST Installation Server module to accomplish the above.
46
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
To add a repository for add-on products or RPMs of your own, do the following:
1.
2.
Create the directory structure for the files you want to make available, using the
command
create_update_source.sh /srv/install-repo/sles11/CD1
3.
4.
5.
Insert the Student DVD from your Student Kit into the DVD drive and copy the
Exercises/Section_09/tree-1.5.1-2.8.i586.rpm file from the
Student DVD to the /srv/install-repo/sles11/CD1/updates/
suse/i586 directory.
6.
7.
8.
9.
In the /srv/install-repo/sles11/CD1/updates/suse/setup/
descr/ directory run
ls > directory.yast
repository).
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
47
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
14. In the root of the installation repository, use a text editor to create an
gpg --gen-key
Use the default values and answer the questions (name, e-mail address,
comment) appropriately. For the purposes of this exercise you can use a simple
password like secret.
If you get a Cant connect to /root/.gnupg/S.gpg-agent message, switch to a
text console (Ctrl+F1), log in as root, enter the gpg command as above, then
switch back to the graphical interfacd (Ctrl+F7).
18. Sign the SHA1SUMS file with the command
command (with, for instance, the e-mail address you entered in Step 17 on
page 48 as your_keyID):
48
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
cd updates/
gpg -b --sign --armor content
This will create the content.asc file.
If you get a Cant connect to /root/.gnupg/S.gpg-agent message, switch to a
text console (Ctrl+F1), log in as root, change to the /srv/install-repo/
sles11/CD1/updates directory, enter the gpg command as above, and
switch back to the graphical interfacd (Ctrl+F7).
22. If you want to use a different name or location for the updates directory, such
b.
c.
d.
Sign the SHA1SUMS file as in Step 18 on page 48, overwriting the existing
SHA1SUMS.asc file.
23. To include your GPG public key in the initrd, enter the following commands:
cd /tmp
cp /srv/install-repo/sles11/CD1/SHA1SUMS.key mykey.gpg
cp /srv/install-repo/sles11/CD1/boot/i386/loader/
initrd .
mv initrd initrd.gz
gunzip initrd.gz
find my-key.gpg | cpio -o -A -F initrd -H newc
gzip initrd
You will copy the new initrd.gz file you just created to the /tftpboot
directory in a later exercise.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
49
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 7-2
2.
3.
Create the directory to hold the files that will be served by the TFTP server by
entering the command
mkdir /tftpboot
4.
Edit the /etc/xinetd.d/tftp file to put a comment sign in front of the line
disable = yes and add -r blksize to the server_args line.
The file should then look similar to the following:
# default: off
# description: tftp service is provided primarily for
# booting or when a router need an upgrade. Most sites
# run this only on machines acting as "boot servers".
service tftp
{
socket_type
= dgram
protocol
= udp
wait
= yes
50
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
#
}
5.
user
server
server_args
disable
=
=
=
=
root
/usr/sbin/in.tftpd
-s /tftpboot -r blksize
yes
6.
Make sure xinetd is started every time the system starts up by entering
insserv xinetd
2.
||
yast -i syslinux
3.
4.
5.
0
message
1
100
Adapt the IP address of the NFS server according to your setup and make sure
that the options after append are written in one line.
6.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
51
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
2.
3.
Search for dhcp, select dhcp-server from the search results, then select
Accept.
4.
5.
Edit the /etc/sysconfig/dhcpd file and add the name of your interface to
the DHCPD_INTERFACE parameter.
The line should look like the following:
DHCPD_INTERFACE=eth0
6.
7.
NOTE: You can ping your partners IP address and then use the arp command in a terminal
window to find out the MAC address of his network interface card.
8.
52
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
#
# /etc/dhcpd.conf
#
ddns-update-style none;
#
# specify default and maximum lease time
#
default-lease-time 600;
max-lease-time 7200;
#
# What is the DNS domain and where is the name server?
#
option domain-name "digitalairlines.com";
option domain-name-servers 172.17.8.101;
#
# This is a router - adapt to your network
#
option routers 172.17.8.1;
#
# A subnet
# (Use the values that fit your eth0 device)
#
subnet 172.17.0.0 netmask 255.255.0.0 {
}
#
# This dhcp server serves just one machine
# Use the values established in the previous step
#
host da49 {
fixed-address 172.17.8.149;
hardware ethernet 00:11:22:33:44:55;
}
#
# Parameters necessary for bootp and PXE
#
allow bootp;
# your machines IP:
next-server 172.17.8.110;
server-name "da-host.digitalairlines.com";
filename "pxelinux.0";
9.
Start the DHCP server with the rcdhcpd start command and watch for any
error messages and correct your /etc/dhcpd.conf file as needed.
10. Make sure the DHCP server is started every time the system starts up by entering
insserv dhcpd
Part IV: Test Your Setup
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
53
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
2.
3.
On the machine that acts as installation server, check in YaST if the eth0 interface
uses DHCP; if so, change the configuration to a fixed IP address using the IP
address DHCP assigned to your machine for eth0, as established in Part III, Step
6 on page 52.
4.
5.
Enter SLES11 at the prompt. The computer should fetch the necessary files via
TFTP and should start YaST.
A possible source of errors is SuSEfirewall running on the installation server,
forbidding access to the TFTP service. Check this by entering as root at a
terminal window rcSuSEfirewall status and if SuSEfirewall is running,
stop it with rcSuSEfirewall stop.
6.
To test your add-on repository, proceed with the installation workflow up to the
Installation Settings dialog, accepting the suggested default values (at the
Installation Mode Screen, do not select Include Add-On Products).
7.
In the Installation Settings dialog, select Software > Details and in the Filter
drop-down menu select Search. In the Search text box, type tree and click
Search.
The tree package should appear in the upper right pane of the dialog.
If it does not appear, there is an error in the configuration of your add-on
repository (see Set Up an Installation Server, Part II: Set Up an Add-on
Products Repository on page 47.
8.
Do not procede with the installation, but reset the computer and boot SUSE
Linux Enterprise Server 11 from the hard disk.
9.
Once the server is running again, switch roles and reboot the machine that acted
as the DHCP server before.
(End of Exercise)
54
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 7-3
2.
3.
In the Create Reference Control File dialog, select the following entries, then
click Create.
4.
Boot Loader
Package Selection
Partitioning
Browse through the created profile by selecting sections of the tree on the left
side of the dialog and selecting entries in the main window.
Change the configuration if you like.
5.
Save the file by selecting File > Save, typing sles11.xml as the filename,
then selecting Save.
6.
7.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
55
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 7-4
Decide with a fellow student whose machine you will use as the installation
server and which of you will reboot his computer.
2.
3.
4.
The following steps apply to the student who reboots his machine:
a.
b.
Consult the manual that came with the computer hardware on how to change
the respective setting in the BIOS.
If everything is set up correctly, the computer will get an IP address from the
DHCP server and load the pxelinux.0 file, as well as the message file.
5.
The kernel and initrd are transfered from the TFTP server. YaST will start, fetch
the sles11.xml file, and automatically install SLES11, based on the
configuration contained in the sles11.xml file.
56
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
57
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
58
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
SECTION 8
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
59
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 8-1
In the first part, install the software necessary to run a Xen virtual machine server.
In the second part, change the grub menu to load the Xen kernel by default, turn off
the firewall, and reboot your machine. Then use xm list to find out if domain0 is
running as expected.
In the third part, create a virtual machine for SUSE Linux Enterprise Server 11 and
install it, using the installation server created in the previous section.
Do the following:
1.
If the VMware player is running, shut down da1 and close the VMware player.
2.
3.
4.
Make sure the modules are not loaded automatically using the command
chkconfig vmware off
5.
Insert the SUSE Linux Enterprise Server 11 DVD into the DVD drive.
6.
Start the YaST and select Virtualization > Install Hypervisor and Tools.
7.
Select Accept and let YaST install all required software packages.
Confirm the installation of any automatically selected packages by selecting
Continue.
60
8.
9.
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Do the following:
1.
2.
3.
Make sure the file contains a section with the title Xen.
4.
In the Xen section, make sure that the root= parameter points to the root
partition of your installation.
5.
6.
7.
8.
9.
10. At the boot menu, make sure the Xen entry is selected and press Enter.
11. When the system has booted, log in as user geeko with the password novell.
12. Open a terminal window and su - to root.
13. Enter the command xm list.
In the output, you should see one domain (Domain-0) with the status running.
Part III: Install a Guest Domain
Do the following:
1.
2.
3.
4.
5.
6.
7.
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
61
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
8.
9.
Select Specified MAC address and enter some random hexadecimal numbers,
such as 01:cf:43, in the spaces provided.
A VNC window opens with the SLES11 installation system starting up.
16. Within the VNC window, follow the installation workflow, using the following
values in the respective dialogs (use the suggested defaults for items not
mentioned here):
Time zone: USA Mountain
Root password: novell
Hostname: da-xen
Domain Name: digitalairlines.com
Change Hostname via DHCP: Uncheck
Write Hostname to /etc/hosts: Check
Firewall: Disable by selecting enabled
Skip the Internet connection test.
Local user:
Username: geeko
Password: novell
in to the your SLES 11 server as user geeko with the password novell at the login
screen that appears.
(End of Exercise)
62
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 8-2
2.
3.
Enter
virt-manager &
4.
In Virt-Manager, double-click the localhost entry, select the da-xen entry with
the right mouse button, then select Details.
5.
6.
7.
Select Apply.
8.
9.
10. In the Virtual Machine Manager window, double-click the da-xen virtual
machine entry.
A VNC window opens up.
11. Start the virtual machine by selecting Run.
12. Log in to the virtual machine as geeko (password: novell) and open a terminal
window.
13. Enter the top command and note the Mem (total) value.
14. In the Virtual Machine Details window, change the memory allocation
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
63
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Note that the value is increased only to the 600 MB set when you started the
virtual machine.
17. In the Virtual Machine Manager Details window, change the memory
allocation (Change allocation field) back to 512 MB, then select Apply.
(End of Exercise)
64
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 8-3
2.
3.
4.
Wait a moment and verify with the xm list command that the domain has been
shut down.
Continue with the next step when the domain da-xen is no longer listed as
running.
5.
6.
7.
When the system has been started up, log in to the graphical interface as user
geeko with the password novell.
8.
9.
rm /etc/xen/auto/da-xen
11. Optional: Create a start script based on /etc/init.d/skeleton that uses
(End of Exercise)
Version 1
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
65
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.
Exercise 8-4
2.
3.
4.
5.
6.
Wait a moment, then enter xm list to verify that the domain has been shut
down. Continue with next step when the da-xen domain is no longer listed as
running.
7.
8.
9.
10. Enter brctl show to determine if the interface of da-xen has been added
again.
(End of Exercise)
66
Copying all or part of this manual, or distributing such copies, is strictly prohibited.
To report suspected copying, please call 1-800-PIRATES.
Version 1
Novell, Inc. Copyright 2009-1 HARDCOPY PERMITTED. NO OTHER PRINTING, COPYING, OR DISTRIBUTION ALLOWED.