PacktLib: CentOS 6 Linux Server Cookbook

CentOS 6 Linux Server Cookbook

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

Installing CentOS

Introduction

Downloading CentOS and confirming the checksum on a Windows desktop

Performing an installation of CentOS using the graphical installer

Running a netinstall over HTTP

Installing CentOS in Text Mode and building a minimal installation

Re-installing the boot loader

Updating the installation and enhancing the minimal install with additional administration and development tools

Finishing the installation process with Firstboot

Adding the GNOME desktop environment, changing the runlevel, and installing additional software

Configuring CentOS

Introduction

Changing the time zone and updating the hardware clock

Synchronizing the system clock with NTP

Setting a static IP address

Binding multiple IP addresses to a single Ethernet device

Bonding two Ethernet devices to increase bandwidth and provide redundancy

Changing the hostname and resolving a fully qualified domain name

Switching SELinux off

Disabling the IPv6 module

Working with CentOS

Introduction

Creating an administrative user and becoming root with the switch user command

Introducing mailx and forwarding the root's e-mail to an external e-mail address

Automating tasks with cron

Synchronizing files and directories with rsync and working towards a full system backup with cron

Issuing customized e-mail reports with Mutt

Using logrotate to manage logfiles

Extending log rotation by adding NTP to logrotate

Using chkconfig to enable a custom service at boot

Evaluating current memory usage with the free and top commands and clearing the memory cache

Managing Packages with Yum

Introduction

Updating the system with YUM

Cleaning the YUM cache

Automating Yum updates with Yum-cron

Installing packages with YUM

Removing packages with YUM

Finding packages with YUM

Installing Yum Priorities to support additional repositories

Enhancing CentOS with the EPEL and Remi repositories

Securing CentOS

Introduction

Escalating user privilege with sudo

Hardening the secure shell environment

Configuring a firewall and working with IPTables

Protecting SSH with fail2ban

Preventing dictionary-based attacks with DenyHosts

Running antivirus scans with ClamAV

Working with Samba

Introduction

Configuring Samba as a standalone server and enabling home directories

Adding, deleting, and disabling a Samba user

Providing a network recycle bin for Samba

Hiding folders and files with Samba

Creating a custom share folder for a specific user or a group of users

Working with Domains

Introduction

Building a caching-only nameserver with BIND

Writing zone files for BIND

Adding zones to BIND and configuring a nameserver

Deploying a local nameserver with dnsmasq

Logging events with dnsmasq and combining this with logrotate

Enabling domain name wildcards with dnsmasq

Hardening BIND with chroot and providing better security measures

Working with Databases

Introduction

Installing and hardening MySQL server with mysql_secure_installation

Creating a MySQL database, adding a MySQL user, and assigning user privilege from the command line

Installing PostgreSQL, adding a user, and creating your first database

Configuring remote access to PostgreSQL

Providing Mail Services

Introduction

Enabling a domain-wide Mail Transport Agent (MTA) and testing your SMTP configuration with Telnet

Building a local POP3/SMTP server with Postfix and Dovecot

Closing the open relay, enabling SMTP authentication and dealing with Spam by configuring SASL, and enabling Postfix header and body checks

Using Postfix and Dovecot to serve e-mails across virtual domains

Working with Apache

Introduction

Installing the Apache web server with CGI/Perl, PHP, configuring mod_perl, and preparing httpd for a production environment

Adding a secure connection to the Apache web server by creating a self-signed SSL certificate using OpenSSL

Hosting peers by enabling user directories on the Apache web server and troubleshooting suexec

Configuring Apache name-based virtual hosting

Working with publishing directories, vhosts.d, error documents, directives, and the rewrite rule for virtual hosting with the Apache web server

Working with FTP

Introduction

Building a basic FTP service by installing and configuring VSFTP

Providing a secure connection to VSFTP with SSL/TLS using OpenSSL encryption

Implementing virtual users and directories in standalone mode on VSFTP

Providing an anonymous upload and download or download only FTP server with VSFTP

Index