The LPIC-2 Exam Prep

Snow B.V.

Heinrich W. Klöpping

Beno T.J. Mesman

Piet W. Plomp

Willem A. Schreuder

Many, many Snow B.V. colleagues for peer reviewing and authoring updates.

Edited by

Jos Jansen

Edited by

Joost Helberg

Abstract

Audience:  this book is intended to help people prepare for the LPIC-2 exam. You will need to have at least 2 years of practical experience with Unix, preferably Linux. Though you may take the LPIC-2 exam without it, you should be an LPIC-1 alumnus to be allowed to the titles and rights that come with the LPIC-2 certification.

Approach:  We wanted to create a set of documents that could help us and others pass the LPIC-2 exams. This book contains all the information (and more) needed to pass the exam.

Sources:  Our sources of information were partly material on the Internet. Mostly practical experience of the authors and others and research done by the authors are to be credited. We try to give credit where due, but are fallible. We apologize.

Caution

While every precaution was made in the preparation of this book, we can assume no responsibility for errors or omissions. When you feel we have not given you proper credit or feel we may have violated your rights or when you have suggestions how we may improve our work please notify us immediately so we can take corrective actions.

Organization of this book:  This book has been organized to follow the Linux Professional Institute level 2 objectives for LPIC-2 certification, revision of August 1st, 2012. The detailed objectives are available via http://www.lpi.org/content/lpic-2. In case the objectives are updated, the book will follow shortly thereafter (or before as with the fourth edition). The authors use the DocBook documentation standard for this book.


Preface
1. Linux Kernel (201)
Kernel Components (201.1)
Different types of kernel images
Identifying stable and development kernels and patches
Kernel Versioning since 2.6.0
What are kernel modules
Compiling a Kernel (201.2)
Getting the kernel sources
Cleaning the kernel
Creating a .config file
Compiling the kernel
Installing the new kernel
The initial ram disk (initrd)
Patching a Kernel (201.3)
Patching a kernel
Removing a kernel patch from a production kernel
Customise, build and install a custom kernel and kernel modules (201.4)
Using kernel modules
kmod versus kerneld
Building A Custom Kernel
Manage/Query kernel and kernel modules at runtime (201.5)
insmod
modprobe
lsmod
rmmod
modinfo
uname
Module dependencies
Module configuration
Kernel parameters
Questions and answers
2. System Startup (202)
Customising system startup and boot processes (202.1)
The Linux Boot process
What happens next, what does /sbin/init do?
update-rc.d
The LSB standard
The bootscript environment and commands
System recovery (202.2)
GRUB explained
Influencing the regular boot process
The Rescue Boot process
Questions and answers
3. Filesystem and Devices (203)
Operating The Linux Filesystem (203.1)
The File Hierarchy
Filesystems
Creating Filesystems
Mounting and Unmounting
Swap
UUIDs
sync
Maintaining a Linux Filesystem (203.2)
fsck (fsck.*)
mkfs (mkfs.*)
tune2fs
dumpe2fs
badblocks
debugfs
debugreiserfs
reiserfstune
mkswap
xfs_info
xfs_check
xfs_repair
Creating And Configuring Filesystem Options (203.3)
Autofs and automounter
CD-ROM filesystem
Encrypted file systems
udev Device Management (203.4)
/etc/udev/
udev rules
udevmonitor
Questions and answers
4. Advanced Storage Device Administration (204)
Configuring RAID (204.1)
What is RAID?
RAID levels
Hardware RAID
Software RAID
Recognizing RAID on your Linux system
Configuring RAID (using mdadm)
Configuring RAID (alternative)
Adjusting Storage Device Access (204.2)
Configuring disks
Configuring kernel options
Logical Volume Manager (204.3)
Configuring Logical Volume Management
Modifying logical volumes, volume groups and physical volumes
LVM Snapshots
LVM commands
Device mapper
Questions and answers
5. Networking Configuration (205)
Basic Networking Configuration (205.1)
Configuring the network interface
Wireless networking
PPP
Advanced Network Configuration and Troubleshooting (205.2)
Virtual Private Network
Troubleshooting
Troubleshooting network issues (205.3)
Something on network troubleshooting in general
An example situation
Name resolution problems
Incorrect initialization of the system
Security settings
Network configuration
Notifying users on system-related issues (205.4)
The /etc/issue, /etc/issue.net, and /etc/motd files
The wall command
The shutdown command communication.
Questions and answers
6. System Maintenance (206)
Make and install programs from source (206.1)
Unpacking source code
Building from source
Backup Operations (206.2)
Why?
What?
When?
How?
Where?
Backup utilities
Backup solutions
Questions and answers
7. DNS (207)
Basic BIND 9.x configuration (207.1)
LPIC 2 objective 207.1 (2 points)
Name-server components in BIND
The named.conf file
The named name server daemon
The rndc program
Sending signals to named
Controlling named with a start/stop script
Create And Maintain DNS Zones (207.2)
LPIC 2 objective 207.2 (2 points)
Zones and reverse zones
Master and slave servers
Creating subdomains
DNS Utilities
Securing a DNS Server (207.3)
LPIC 2 objective 207.3 (2 points)
DNS Security Strategies
Making information harder to get
Controlling requests
Limiting effects of an intrusion
Securing name server connections
Internal DNS
Questions and answers
8. Web Services (208)
Implementing a Web Server (208.1)
Key Knowledge Areas
Key files, terms and utilities include:
Installing the Apache web-server
Modularity
Run-time loading of modules (DSO)
Encrypted webservers: SSL
Monitoring Apache load and performance
Apache access_log file
Restricting client user access
Configuring authentication modules
User files
Group files
Configuring mod_perl
Configuring mod_php support
Configuring Apache server options
Maintaining a Web Server (208.2)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Apache2 configuration files
Customizing file access
Directory /etc/ssl/*
How to create a SSL server Certificate
Implementing a Proxy Server (208.3)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Web-caches
squid
Redirectors
Authenticators
Access policies
Utilizing memory usage
Questions and answers
9. File Sharing(209)
Configuring a Samba Server (209.1)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
What is Samba?
Installing the Samba components
configuration
Samba commands
Samba configuration directory /etc/smb or /etc/samba.
Samba logging in /var/log/samba directory.
An example of the functionality we wish to achieve
Accessing Samba shares from Windows 2000
Accessing Windows or Samba shares from a Linux Samba client
Sending a message with smbclient
Using a Linux Samba printer from Windows 2000
Using a Windows printer from Linux
Setting up an nmbd WINS server
Creating logon scripts for clients
Configuring an NFS Server (209.2)
LPIC 2 objective 209.2
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
NFS - The Network File System
Setting up NFS
Testing NFS
Securing NFS
Overview of NFS components
NFS protocol versions
10. Network Client Management (210)
DHCP Configuration (210.1)
Key Knowledge Areas
Key files, terms and utilities include:
What is DHCP?
How is the server configured?
An example
Controlling the DHCP-server's behaviour
DHCP-relaying
PAM authentication (210.2)
Key Knowledge Areas
Key files, terms and utilities include:
What is it?
How does it work?
Modules
LDAP client usage (210.3)
Key Knowledge Areas
Key files, terms and utilities include:
What is it?
LDAP Filters
ldapsearch
ldappasswd
ldapadd
ldapdelete
More on LDAP
Questions and answers
11. E-Mail services (211)
Using e-mail servers(211.1)
Key Knowledge Areas
The following is a (partial) list of the used files, terms and utilities:
Basic knowledge of the SMTP protocol
Sendmail
Important sendmail files.
Antirelaying
Sendmail test option
Sendmail and DNS
Manual entries sendmail.cf
Exim
Postfix
logging
Sendmail emulation layer commands
/var/spool/mail
Managing local e-mail delivery
Key knowledge areas
The following is a partial list of the used files, terms and utilities:
procmail
Mbox and maildir storage formats
Managing remote e-mail delivery
Key knowledge areas
The following is a partial list of the used files, terms and utilities:
Courier IMAP and POP configuration
Dovecot
Questions and answers
12. System Security (212)
Configuring a router (212.1)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Private Network Addresses
Network Address Translation (NAT)
The Linux firewall, an overview
Saving And Restoring Firewall Rules
Port and/or IP forwarding
Denial of Service (DoS) attacks
Using /proc/sys/net/ipv4 (sysctl) to prevent simple DOS attacks
Routed
IPCHAINS
Securing FTP servers (212.2)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
FTP connection modes
Active mode
Passive mode
Enabling connections through a firewall
vsftpd
Pure-FTPd
Secure shell (SSH) (212.3)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
SSH client and server
Keys and their purpose
Configuring sshd
ssh-agent
Tunneling an application protocol over ssh with portmapping
The .rhosts and .shosts files
TCP_wrappers (212.4)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Libwrap
What do TCP wrappers do?
What don't TCP wrappers do?
Configuring inetd for use with TCP wrappers
/etc/hosts.allow and /etc/hosts.deny
hosts.allow and hosts.deny example
Configuring xinetd for use with tcp-wrappers
Security tasks (212.5)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Snort
PortSentry: Preventing port scans
nc (netcat)
The fail2ban command
The nmap command
OpenVAS
Keeping track of security alerts
Testing for open mail relays
Questions and answers
13. Troubleshooting (213)
Identifying boot stages and troubleshooting bootloaders(213.1)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
The bootstrap process
Kernel loading
Daemon initialization
Recognizing the four stages during boot
The contents of /boot/ and /boot/grub/
The contents of /boot/grub on a debian6 system is
The grub-install command
initrd, initramfs
MBR Master Boot Record
/etc/init.d
/etc/lilo.conf
Overwriting standard bootloader options and using bootloader shells
Troubleshooting LILO
General troubleshooting (213.2)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
/proc filesystem
Various system and daemon log files
Contents of /, /boot , and /lib/modules
Kernel syslog entries in system logs
dmesg
lspci
lsdev
lshw
lsusb
lsmod
modprobe
insmod
uname
Tools and utilities to trace software and their system and library calls
Troubleshooting - a word of caution
Getting help
Generic issues with hardware problems
Resolving initial boot problems
Resolving kernel boot problems
Resolving IRQ/DMA conflicts
Troubleshooting system resources (213.3)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Core system variables
/etc/profile
/etc/profile.d
/etc/bashrc
Login shells
Shell startup environment
/etc/init.d/
/etc/rc.*
Editors
Setting kernel parameters
Troubleshooting environment configurations (213.4)
Key Knowledge Areas
The following is a partial list of the used files, terms and utilities:
Core system variables
Login process
init configuration files
/etc/syslog.conf
syslogd
Questions and answers
14. Capacity Planning (214)
Measure Resource Usage (214.1)
iostat
vmstat
netstat
ps
pstree
w
lsof
free
top
uptime
sar
Troubleshoot Resource Problems (214.2)
Match / correlate system symptoms with likely problems
Estimate throughput and identify bottlenecks in a system including networking
Analyze Demand (214.3)
Predict Future Resource Needs (214.4)
15. Questions and answers
A. LPIC Level 2 Objectives
Bibliography
Index

List of Figures

13.1. A (DOS) partition table entry

List of Tables

7.1. Major BIND components
7.2. Controlling named
7.3. /etc/init.d/bind parameters
9.1. Kernel options for NFS
9.2. Overview of exportfs
9.3. Overview of showmount
9.4. Some options for the nfsstat program
9.5. Overview of NFS-related programs and files
9.6. Overview of NFS protocol versions
10.1. The first two octets are 21.31
10.2. Company-wide services
10.3. Subnet-dependent Services
10.4.
12.1. Valid chains per table
13.1. Commonly used environment variables
13.2. Commonly used configuration files in HOME
A.1. LPIC Level 201 - 205 Objectives And Their Relative Weight
A.2. LPIC Level 206 - 209 Objectives And Their Relative Weight
A.3. LPIC Level 210 - 213 Objectives And Their Relative Weight
Copyright Snow B.V. The Netherlands