Linuxconf is a utility that allows you to configure and control various aspects of your system, and is capable of handling a wide range of programs and tasks. Fully documenting linuxconf could be a separate book in its own right and certainly more than we can cover in this chapter. So we'll focus on those areas that address common tasks such as adding new users and getting connected to the network.
More information on linuxconf, including its status, most recent release, and more can be found at the Linuxconf Project homepage (shown in Figure 55):
http://www.solucorp.qc.ca/linuxconf/
This website includes fairly extensive information on linuxconf including description, rationale, history, list of contacts and a lot of other information in addition to the software itself. It is maintained by linuxconf's creator, Jacques Gelinas, so it's the best source of linuxconf information on the Internet.
Accurately describing the location of specific screens within linuxconf is easy, but lengthy given linuxconf's hierarchical nature. If the structure was a family tree, most of the data entry screens are in the fourth generation. To describe the path to the screen where you would add new users to your system, we could write this out as:
``select the Config option from the main screen, then the users accounts option off of that; on the users accounts screen that appears, select the normal option and then select the user accounts option.''
Rather lengthy and not immediately accessible. Given the structural similarity to a family tree, we could write it as
``main window beget Users accounts tab, beget Normal tab...''
But that's an awful lot of begets. Instead, we'll use the following format:
[Config] -> [Users accounts] -> [Normal] -> [User accounts]
It's much more concise and clear. It assumes as its base the linuxconf entry screen. The other advantage to this approach is that it's not interface specific, so regardless of which interface you're using, you know exactly where the information is. You're happy, we're happy, and the trees who lobbied against lengthy descriptions are happy. What could be better?
To run linuxconf you must have root access. If you are logged in as something other than root, there are two easy ways to handle this situation. The first is to run Linuxconf by typing linuxconf. Linuxconf will then prompt you for root's password (see figure 56).
The other option is to use the su command to become root. In case you
aren't familiar with it yet, type su at the shell prompt and hit
[Enter]. The password it asks you for is the root account's. Once
you've entered that correctly you'll have phenomenal cosmic power! Well,
complete control of your system at any rate
Linuxconf will normally start in either character-cell or X mode, depending on the DISPLAY environment variable. The first time you run linuxconf, an introductory message will be displayed; although it is only displayed once, accessing help from the main screen will give you the same basic information.
Linuxconf has context-specific help available. For information on any specific aspect of linuxconf, please select Help from the screen you'd like help with. Note that not all help screens are complete at this time; as help screens are updated, they will be included in subsequent versions of linuxconf.
The new version of Linuxconf comes complete with a tree menu interface.
Finding the appropriate panel should be simple and fast! You can collapse and expand sections by clicking on the menu item icons. Click the icon once to activate it for that particular sub-menu. A single click will then collapse it; another single click will expand it again.
Selected entries will appear as tabs in the right-hand panel and will remain there until closed. This will greatly reduce the clutter of windows on your desktop that Linuxconf has typically caused. If you end up with more tabs open than you like, just hit Cancel on the bottom of each tab to close it without making any changes, or Accept to implement them.
Please Note: If you've grown fond of the previous X Windows interface, it's still available. To return to it:
For security reasons, web-based access to linuxconf is disabled by default. Before attempting to access linuxconf with a web browser, you'll need to enable access. Here's how to do it from the text-mode interface:
At this point, web-based access has been enabled. To test it out, go to one of the systems that you added to the access control list. Launch your web browser, and enter the following URL:
http://<host>:98/
(Replacing <host> with your system's hostname, of course.) You should see the main linuxconf page. Note that you will need to enter your system's root password to gain access beyond the first page.
Adding a user is one of the most basic tasks you will encounter in administering your system. To add a user:
The User account creation tab is where you enter all the information on the new account. There are a number of fields you should be aware of, some required, some optional.
Required Fields:
Optional Fields:
The User account creation screen has a number of fields; only the login name is required, though filling in the Full name field is strongly recommended. Once you have entered the login name and any other desired information select the Accept button at the bottom of the screen. If you decide against creating a new user, hit Cancel instead.
Upon hitting Accept linuxconf will prompt you to enter the password. There is also a field called Confirmation where you will need to type the password again. This is to prevent you from mistyping the password. Passwords must be at least 6 characters in length. They may contain numbers as well as a mix of lowercase and uppercase letters. Hit Accept when finished.
On the User information screen, the information can be changed as desired. To implement the changes select Accept. If you decide against making any changes select Cancel. This guarantees that no changes are made.
Linuxconf will then prompt you to enter the new password. There is also a field called Confirmation where you will need to type the password again. This is to prevent you from mistyping the password. Passwords must be at least 6 characters in length. They may contain numbers as well as a mix of lowercase and uppercase letters. If you decide against changing the password, just hit Cancel. Once you have entered the new password select Accept.
Changing the roots password isn't handled in the same manner as changing a user's password. Because of both the importance and security considerations surrounding root access, linuxconf requires you to verify that you currently have access to the root account.
The screen is a little confusing because neither the title, nor the description really explains the screen's purpose. Linuxconf seems to be asking for the new password, which isn't actually the case. Instead linuxconf wants the current root password to verify access to the root account. Linuxconf does require root access to run, but once running there's nothing to keep anyone from sitting down at the computer if the person using linuxconf steps out for a minute. The potential pitfalls are extensive! If the person who was originally using linuxconf, logs out of root, they won't be able to get back into it. A lack of validation would also give free reign over the computer to whoever had changed root's password.
Once you have entered root's current password, it will prompt you for a new password. There is also a field called Confirmation where you will need to type the password again (see figure 61). This is to prevent you from mistyping the password. Passwords must be at least 6 characters in length. They may contain numbers as well as a mix of lowercase and uppercase letters. If you decide against changing the root password, just hit Cancel. Once you have entered the new password select Accept. The change takes place immediately and is effective not only for logging in as root, but also for becoming root using the su command.
Why disable an account? Good question! There's no single answer, but we can provide some reasons why this option is available. The biggest reason is security. For example, you may have created a special account to be used by clients, coworkers, or friends to access specific files on your system. This account gets used from time to time, but should only be used when you know there's a need. Leaving an unused account around is a target for people who'd want to break into your system. Deleting it requires you to recreate it every time you want to use it. Disabling an account solves both problems by allowing you to simply select or de-select a check-box.
To disable an account:
The account is disabled and can be enabled later using a similar method.
By default, all newly-created user accounts are enabled. If you need to enable an account, you can use Linuxconf to do it.
Please Note: While there are a couple options that let you retain files associated with an account, any information or files deleted are gone and effectively unrecoverable. Take care when using this option!
To delete an account:
Linuxconf will then prompt you with a list of options.
The default option is to archive the account's data. The archive options has the following effects:
useraccount-1998-10-10-497.tar.gz
The date indicates when the account was deleted, and the number following it is the process ID of the process that actually performed the deletion. The oldaccounts directory is created in the same place as all of your user directories, and is created automatically the first time you remove a user account using this option.
Selecting Delete the account's data on the Deleting account <accountname> screen (see figure 64) will:
Please Note: Files not contained in the user's home directory, but owned by that user will remain on the system. The file will still be owned by the deleted account's user ID (Uid). If you create a new account and specifically assign it the Uid of a deleted account, it will then become the owner of any such ``orphaned'' files.
Selecting Leave the account's data in place on the Deleting account <accountname> screen (see figure 64) will:
Please Note: Files and directories owned by the deleted account's user ID (Uid) will remain on the system. If you create a new account and specifically assign it the Uid of a deleted account, it will then become the owner of these ``orphaned'' files.
All users belong to one or more groups. Just as each file has a specific owner, each file belongs to a particular group as well. The group might be specific to the owner of the file, or may be a group shared by all users. The ability to read, write or execute a file can be assigned to a group; this is separate from the owner's rights. For example, the owner of a file will be able to write to a document, while other group members may only be able to read it.
To create a new group:
If you have more than 15 groups, you will be given the option to select the groups by providing a prefix.
You may add a group directly from this screen, or move on to the User groups screen. To move on select choiceAccept with or without a prefix, to add a new group, hit choiceAdd.
Select Add at the bottom of the User groups screen.
Enter a group name. You may also wish to specify members of the group and can do so in the Alternate members field. The list of users should be space delimited, meaning that each username must have a space between it and the next one. When you're finished, select Accept and the group will be created.
To delete a group:
If you have more than 15 groups, you will be given a filter screen (see figure 65) to narrow your choice of groups by specifying a prefix.
The group's files will still remain and their respective owners will still have sole control over them. The group name will be replaced with the deleted group's ID. The files may be assigned to a new group by using the chgrp command. More information on chgrp can be found by typing the command info chgrp or man chgrp at the shell prompt. If a new group is created and the deleted group's ID is specified then the new group will have access to the deleted group's files. Don't worry, linuxconf doesn't recycle old group numbers any more than it does old user IDs, so it won't happen by accident.
There are two ways to modify the list of users that belong to a group. You can either update each user account itself, or you can update the group definitions. In general, the fastest way is to update each of the group definitions. If you're planning on changing more information for each user than just the group information, then updating each user account may prove easier.
5. Select Accept
Adjust the Supplementary groups field accordingly; make sure all the group names are separated with a space `` '' character
We'll start by detailing the group definitions method.
If you have more than 15 groups, you will be given a filter screen (see figure 65) to narrow your choice of groups by specifying a prefix.
This will automatically update each user account with the group showing up in the Supplementary groups field if added or absent if removed.
Adding and removing groups can also be done by modifying each individual user account.
If you have more than 15 accounts on the system, Linuxconf will provide you with a filter screen (see figure 58).
This will automatically update the group definitions. Repeat the process for each user.
A filesystem is composed of files and directories, all starting from a single root directory. The root directory may contain any number of files and other directories, with each directory in turn following suit. The average filesystem often looks like an inverted tree with the directories as branches and the files as leaves. Filesystems reside on mass storage devices such as diskette drives, hard drives, and CD-ROMs.
For example, a diskette drive on DOS and Windows machines is typically referenced by A:\. This describes both the device (A:), and the root directory on that device (\). The primary hard drive on the same systems is typically referred to as the ``C'' drive because the device specification for the first hard drive is C:. To specify the root directory on the C drive, you would use C:\.
Under this arrangement, there are two filesystems -- the one on A:, and the one on C:. In order to specify any file on a DOS/Windows filesystem, you must either explicitly specify the device on which the file resides, or it must be on the system's default drive (which is where DOS' infamous C prompt comes from -- that's the default drive in a system with a single hard drive).
Under Linux, it is possible to link the filesystems on several mass storage devices together into a single, larger, filesystem. This is done by placing one device's filesystem ``under'' a directory on another device's filesystem. So while the root directory of a diskette drive on a DOS machine may be referred to as A:\, the same drive on a Linux system may be accessible as /mnt/floppy.
The process of merging filesystems in this way is known as
mounting. When a device is mounted, it is then accessible to the
system's users. The directory ``under'' which a mounted device's
filesystem becomes accessible is known as the mount point. In
the previous paragraph's example, /mnt/floppy was the diskette
drive's mount point. Note that there are no restrictions (other than
common conventions) as to the naming of mount points. We could just as
easily mounted the floppy to
/long/path/to/the/floppy/drive.
One thing to keep in mind is that all of a device's files and directories are relative to its mount point. Consider the following example:
So, if the above describes the individual filesystems, and you mount the CD-ROM at /foo, the new operating system directory structure would be:
To mount a filesystem make sure to be logged in as root, or become root using the su command. For the latter, type su at the shell prompt and then enter the root password. Once you are root, type mount followed by the device and then the mount point. For example, to mount the first diskette drive on /mnt/floppy, you would type the command mount /dev/fd0 /mnt/floppy.
At installation, Red Hat Linux will create /etc/fstab. This file contains
information on devices and associated mount points. The advantage to this
file is that it allows you to shorten your mount commands
We'll start by looking at your current directory structure.
The fields are:
Please Note: Red Hat Linux 5.2 can access FAT32 filesystems using the vfat filesystem type.
Filesystems from other machines on a network may also be available. These can range from single small directories or entire volumes. No information on Size or Partition type is available for these partitions, either. Additional information on these filesystems (should you have any available) will be contained under:
[Config] -> [File systems] -> [Access nfs volume]
The screen is similar to the Local volume screen (see figure 68), with some notable differences in the information provided for each entry:
Select Accept
NFS stands for Network FileSystem. It is a way for computers to share sections of their local filesystem across a network. These sections may be as small as a single directory, or include thousands of files in a vast hierarchy of directories. For example, many companies will have a single mail server with individuals' mail files served as an NFS mount to each users' local systems.
To add an NFS mount:
The three fields on the Base tab are what you'll need to concern yourself with.
This is all you need to get the mount created. Linuxconf will update your /etc/fstab file accordingly. If you are aware of additional requirements, please read the help file on the Volume specification screen and see the mount man page for more information.
Once you have entered the information, select Accept.
The first thing to determine when getting hooked up, is whether you're connecting to a local area network, such as a group of computers in an office, or a wide area network, such as the Internet. Before continuing, it's important to know what hardware you have and how you intend to connect. If you're going to dial into another computer, then make sure your modem is installed and that the cables are arranged properly. If you're using a network card, make sure it is installed properly and that the cables are correctly connected. Regardless of what network configuration you specify, if every phone line or cable is not in place, you'll never get connected. We'll start with modem connections and then move on to using network cards.
There are several pieces of information you will need to get from your ISP (Internet Service Provider) or systems administrator before getting your PPP or SLIP account working. In the case of some providers, you may have to sort through directions on how to set up a PPP connection on a Linux system. Some ISPs are ill-equipped to handle individuals using Linux. Don't worry, you can still get connected; you just need some additional information from your ISP. The following is what you need for a connection with Red Hat Linux. The ISP representatives may tell you you don't need this information, or may tell you you need more than this. Red Hat has streamlined the information needed using intelligent defaults and tools such as linuxconf to simplify this process for you. Unless they have a document specifically for Red Hat Linux, just request the information below and go from there. Specifically, you'll need:
Additional information which may be helpful, but isn't necessary includes a secondary nameserver address, and a search domain. Once you have all this information, you're ready to get connected.
Initially there won't be any configurations specified. When you select Add you will be given a choice between PPP, SLIP and PLIP.
PPP is the most commonly used interface and is the default. To set up a PPP connection select PPP and hit Accept.
You'll see the following fields:
Notice that the title bar is PPP interface ppp0. ppp0 is the first PPP interface, ppp1 would be the second and so on. It's important to keep track of which interface you're using if you have more than one. SLIP connections use sl instead of ppp for their interface prefix. With the exception of a PAP authentication option, the entry screens for adding a PPP or a SLIP account are identical.
Enter the complete phone number for the remote machine, and make sure to include any numbers required to access outside lines. For example, if you need to dial ``9'' and then the number, and the computer you're connecting to has a telephone number of ``555 0111'', then you'd enter ``95550111''. The next thing it asks you for is the modem port. This is a drop down box of available ports. If you're using a dual-boot Linux/Windows system and you know the COM port your modem is on, the following map may be of use: Map to Windows COM ports are as follows:
The login name is the one for the PPP account. The password you enter will be shown in plain text, so be careful who you have around when you enter it! If you will be using PAP authentication, check the box; when you've entered the other required information, select the Customize button at the bottom of the screen. All the other information is provided on the various tabs and can be set within the Customize screen, but it's easier to find the information all in one place on the primary screen.
Select the PAP tab and enter your username and then the secret the ISP has provided you in the Secret field. The other defaults should be sufficient, but if you need to, you can edit the initial settings using the Customize option.
You can edit an existing configuration as well as delete it by selecting it
from the list on the
PPP/SLIP/PLIP configurations screen.
This will open the appropriate interface screen for your configuration. If you wish to delete the configuration, the handy Del button is there at the bottom of the screen. The Modem port is on the Hardware tab and, again, is a drop down menu. If you want to change the other settings you entered when you originally created the configuration, you'll want to select the Communication tab. The first Send field contains your login, and the next Send field contains your password. The Expect fields correspond to the login: and password: prompts, which explains the ogin: and ord: entries.
Once you have made your changes, you can test to see if your configuration is working. Select Connect from the bottom of the screen. This will attempt to connect you to the remote system using the information you've entered. Once you've finished configuring and testing your setup, we recommend using the usernet utility to control your dial-up networking connection on a daily basis. See the usernet man page for more information.
Due to the number of possible choices and sub-choices, no quick reference is available for this section.
Setting up a network connection over ethernet requires an entirely different type of setup. Network connections to token ring or arcnet networks follow a similar procedure, but will not be discussed here.
The first item on this screen is a checkbox to indicate whether this adaptor is enabled or not. It should be checked if this is the one you intend to use. Below that is a choice of Config modes. Manual means that you will be providing all the information and entering it yourself. DHCP and bootp retrieve their information from a remote server of the corresponding kind. If you're not sure what option to choose, talk to your systems administrator. If you're the systems administrator and you're not sure, select Manual, and consider a career in the food-services industry...
DHCP and bootp Required fields:
For DHCP and bootp configurations you only need to specify the Net device and the Kernel module. For the Net device, you will choose from a list where the eth prefix represents ethernet cards, the arc specifies an arcnet card and the tr specifies token ring cards. A complete list of network cards and their respective modules can be found in Section D.4. For the most recent up to date list, please see our website at:
http://www.redhat.com
The netmask information will be set by default, though depending on what kind of network you are setting up, or becoming a part of, you may need to specify this. If you are connecting to an ISP, ask them for the information. Most likely it will be 255.255.255.0 (the default).
Required fields for Manual Configuration:
Information on net devices and kernel modules is described above. The appropriate primary name + domain and IP address will depend on whether you are adding the computer to an existing network or creating a new network. For connecting to an existing network, contact your systems administrator for the information. Getting a network connected to the Internet is beyond the scope of this book, and we recommend the following starting point:
TCP/IP Network Administration, 2nd Edition, by Craig Hunt (O'Reilly and Associates)
If you're setting up a private network that won't ever be connected to the Internet, then you can choose any primary name + domain name you would like and have several choices for IP addresses (See Figure 78).
Addresses available | Examples |
10.0.0.0 - 10.255.255.255 | 10.5.12.14 |
172.16.0.0 - 172.31.255.255 | 172.16.9.1, 172.28.2.5 |
192.168.0.0 - 192.168.255.255 | 192.168.0.13 |
The three sets of numbers above, correspond to class a, b, and c networks respectively. The classes are used to describe the number of IP addresses available as well as the range of numbers used to described each. The numbers above have been set aside for private networks.
Please Note: You cannot use these IP addresses if you connect to the Internet. If you want your network to be connected to the Internet, or think you might want to at some point in the future, do yourself a favor, and get yourself non-private addresses now.
A nameserver and default domain are also needed to establish a network connection. The nameserver is used to translate host names such as private.network.com to their corresponding IP address such as 192.168.7.3. The default domain tells the computer where to look if a fully qualified hostname isn't specified. Fully qualified means that the full address is given, so foo.redhat.com is the fully qualified hostname, while the hostname is simply foo. If you specified your default domain as redhat.com, then you could use just the hostname to connect successfully. For example ftp foo would be sufficient if your search domain is redhat.com, while ftp foo.redhat.com would be required if it wasn't.
To specify the nameserver, open [Config] -> [Networking] -> [Name server specification (DNS)].
Nameservers are ranked according to the order in which they are accessed, so it's not unusual to see nameservers referred to as primary, secondary, tertiary and so on down the list if more than one is specified. Each of these must be an IP address and not a name. The computer has no way to resolve the name until it connects to a nameserver. Screamingly obvious when stated, but occasionally overlooked when people are simply asked to supply an address for a computer.
In addition to a default domain, you can also specify search domains. Search domains work differently; they progress from one to six in a similar manner to the nameserver. However, they all take precedence over the default domain! Keep this in mind when specifying search domains. Search domains are not commonly used.
The one item not yet covered is the checkbox for DNS usage. If you are running a small private network with no Internet connection, then using /etc/hosts files and keeping them all synchronized will work. As you add more and more machines, the complexity increases until it is easier to have a single machine run a DNS than to continue to sync /etc/hosts files.
There is another reason for not using DNS, and that is if your network is going to use NIS instead. Note that NIS can be used in conjunction with DNS. So to sum it all up, unless you know why using /etc/hosts or NIS would be best for your situation, DNS is probably going to be your best choice.
You can add, modify, or delete entries from the /etc/hosts file using linuxconf. Open [Config] -> [Networking] -> [Misc] -> [Information about other hosts].
To modify or delete an entry select it. To delete the entry, select Del at the bottom of the host/network definition screen.
To modify it, change the information as necessary. To add a new entry, select Add at the bottom of the /etc/hosts screen. This will also open the host/network definition screen.
Required Fields:
Optional Fields:
You will need to specify both the primary name + domain and the IP number. The other fields are optional. Once finished, select Accept.
To get to the date & time control panel:
The zone field is a pull-down list that is long and extensive. It is often designated by a large region and then a city or zone within it. Examples include Europe/Vienna and US/Eastern. There is a checkbox to Store date in CMOS in GMT format. Hours are specified from 0 (midnight) to 23 (11 PM). Months are specified by number as well. For the year, please specify all four digits. All other fields should be self explanatory.