WIXLIB

Red Hat Enterprise Linux 7System Administrator’s GuideDeployment, configuration, and administration of RHEL 7Last Updated: 2021-05-10

Red Hat Enterprise Linux 7 System Administrator’s GuideDeployment, configuration, and administration of RHEL 7

Legal NoticeCopyright 2021 Red Hat, Inc.The text of and illustrations in this document are licensed by Red Hat under a Creative CommonsAttribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA isavailable athttp://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you mustprovide the URL for the original version.Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert,Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift,Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United Statesand other countries.Linux is the registered trademark of Linus Torvalds in the United States and other countries.Java is a registered trademark of Oracle and/or its affiliates.XFS is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United Statesand/or other countries.MySQL is a registered trademark of MySQL AB in the United States, the European Union andother countries.Node.js is an official trademark of Joyent. Red Hat is not formally related to or endorsed by theofficial Joyent Node.js open source or commercial project.The OpenStack Word Mark and OpenStack logo are either registered trademarks/service marksor trademarks/service marks of the OpenStack Foundation, in the United States and othercountries and are used with the OpenStack Foundation's permission. We are not affiliated with,endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.All other trademarks are the property of their respective owners.AbstractThe System Administrator's Guide documents relevant information regarding the deployment,configuration, and administration of Red Hat Enterprise Linux 7. It is oriented towards systemadministrators with a basic understanding of the system. To expand your expertise, you might alsobe interested in the Red Hat System Administration I (RH124), Red Hat System Administration II(RH134), Red Hat System Administration III (RH254), or RHCSA Rapid Track (RH199) trainingcourses. If you want to use Red Hat Enterprise Linux 7 with the Linux Containers functionality, seeProduct Documentation for Red Hat Enterprise Linux Atomic Host. For an overview of general LinuxContainers concept and their current capabilities implemented in Red Hat Enterprise Linux 7, see

Overview of Containers in Red Hat Systems. The topics related to containers management andadministration are described in the Red Hat Enterprise Linux Atomic Host 7 Managing Containersguide.

Table of ContentsTable of Contents. . . . . . .I. BASICPART. . . . . . . SYSTEM. . . . . . . . . .CONFIGURATION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.CHAPTER. . . . . . . . . . 1. .GETTING. . . . . . . . . . STARTED. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22.What Cockpit Is and Which Tasks It Can Be Used For221.1. BASIC CONFIGURATION OF THE ENVIRONMENT231.1.1. Introduction to Configuring the Date and Time23Displaying the Current Date and Time231.1.2. Introduction to Configuring the System Locale1.1.3. Introduction to Configuring the Keyboard Layout1.2. CONFIGURING AND INSPECTING NETWORK ACCESS1.2.1. Configuring Network Access During the Installation Process1.2.2. Managing Network Connections After the Installation Process Using nmcli1.2.3. Managing Network Connections After the Installation Process Using nmtui2424242525261.2.4. Managing Networking in Cockpit1.3. THE BASICS OF REGISTERING THE SYSTEM AND MANAGING SUBSCRIPTIONS1.3.1. What Red Hat Subscriptions Are and Which Tasks They Can Be Used For2626261.3.2. Registering the System During the Installation1.3.3. Registering the System after the Installation27271.3.4. Registering a System to EUS Content1.3.5. Registering a System to E4S Content28291.4. INSTALLING SOFTWARE1.4.1. Prerequisites for Software Installation30301.4.2. Introduction to the System of Software Packaging and Software Repositories1.4.3. Managing Basic Software Installation Tasks with Subscription Manager and Yum1.5. MAKING SYSTEMD SERVICES START AT BOOT TIME3131321.5.1. Enabling or Disabling the Services1.5.2. Managing Services in Cockpit1.5.3. Additional Resources on systemd Services1.6. ENHANCING SYSTEM SECURITY WITH A FIREWALL, SELINUX AND SSH LOGINGS323333331.6.1. Ensuring the Firewall Is Enabled and Running1.6.1.1. What a Firewall Is and How It Enhances System Security1.6.1.2. Re-enabling the firewalld Service1.6.2. Ensuring the Appropriate State of SELinux1.6.2.1. What SELinux Is and How It Enhances System SecuritySELinux States333434343434SELinux Modes1.6.2.2. Ensuring the Required State of SELinux1.6.2.3. Managing SELinux in Cockpit1.6.3. Using SSH-based Authentication343536361.6.3.1. What SSH-based Authentication Is and How It Enhances System Security1.6.3.2. Establishing an SSH Connection1.6.3.3. Disabling SSH Root Login1.7. THE BASICS OF MANAGING USER ACCOUNTSNormal and System Accounts3636373737What Groups Are and Which Purposes They Can Be Used For1.7.1. The Most Basic Command-Line Tools to Manage User Accounts and Groups1.7.2. Managing User Accounts in Cockpit1.8. DUMPING THE CRASHED KERNEL USING THE KDUMP MECHANISM383839391.8.1. What kdump Is and Which Tasks It Can Be Used For1.8.2. Enabling and Activating kdump During the Installation Process1.8.3. Ensuring That kdump Is Installed and Enabled after the Installation Process3940401

Red Hat Enterprise Linux 7 System Administrator’s Guide1.8.4. Configuring kdump in Cockpit1.8.5. Additional Resources on kdump1.9. PERFORMING SYSTEM RESCUE AND CREATING SYSTEM BACKUP WITH REAR1.9.1. What ReaR Is and Which Tasks It Can Be Used For404141411.9.2. Quickstart to Installation and Configuration of ReaR1.9.3. Quickstart to Creation of the Rescue System with ReaR1.9.4. Quickstart to Configuration of ReaR with the Backup Software1.10. USING THE LOG FILES TO TROUBLESHOOT PROBLEMS414242421.10.1. Services Handling the syslog Messages1.10.2. Subdirectories Storing the syslog Messages1.11. ACCESSING RED HAT SUPPORT1.11.1. Obtaining Red Hat Support Through Red Hat Customer Portal1.11.1.1. What the Red Hat Support Tool Is and Which Tasks It Can Be Used For42434343431.11.2. Using the SOS Report to Troubleshoot Problems44.CHAPTER. . . . . . . . . . 2. . SYSTEM. . . . . . . . . .LOCALE. . . . . . . . .AND. . . . . KEYBOARD. . . . . . . . . . . . .CONFIGURATION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45.2.1. SETTING THE SYSTEM LOCALE452.1.1. Displaying the Current Status452.1.2. Listing Available Locales2.1.3. Setting the Locale46462.1.4. Making System Locale Settings Permanent when Installing with Kickstart472.2. CHANGING THE KEYBOARD LAYOUT2.2.1. Displaying the Current Settings2.2.2. Listing Available Keymaps2.2.3. Setting the Keymap2.3. ADDITIONAL RESOURCESInstalled DocumentationSee Also47484848494949. . . . . . . . . . . 3.CHAPTER. . CONFIGURING. . . . . . . . . . . . . . . . THE. . . . . DATE. . . . . . AND. . . . . .TIME. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.3.1. USING THE TIMEDATECTL COMMAND3.1.1. Displaying the Current Date and Time51513.1.2. Changing the Current Time523.1.3. Changing the Current Date3.1.4. Changing the Time Zone52533.1.5. Synchronizing the System Clock with a Remote Server3.2. USING THE DATE COMMAND53543.2.1. Displaying the Current Date and Time543.2.2. Changing the Current Time3.2.3. Changing the Current Date55563.3. USING THE HWCLOCK COMMAND3.3.1. Displaying the Current Date and Time3.3.2. Setting the Date and Time3.3.3. Synchronizing the Date and Time3.4. ADDITIONAL RESOURCES5657575858Installed Documentation59See Also59.CHAPTER. . . . . . . . . . 4. . .MANAGING. . . . . . . . . . . . USERS. . . . . . . .AND. . . . .GROUPS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60.4.1. INTRODUCTION TO USERS AND GROUPS60Reserved User and Group IDs4.1.1. User Private Groups4.1.2. Shadow Passwords4.2. MANAGING USERS IN A GRAPHICAL ENVIRONMENT260606161

Table of Contents4.2.1. Using the Users Settings Tool614.3. USING COMMAND-LINE TOOLS634.3.1. Adding a New User4.3.2. Adding a New Group64674.3.3. Adding an Existing User to an Existing Group684.3.4. Creating Group Directories4.3.5. Setting Default Permissions for New Files Using umask6869What umask consists ofHow umask works69694.3.5.1. Managing umask in Shells70Displaying the current maskSetting mask in shell using umask7071Working with the default shell umaskWorking with the default shell umask of a specific user7172Setting default permissions for newly created home directories724.4. ADDITIONAL RESOURCESInstalled DocumentationOnline DocumentationSee Also72727373.CHAPTER. . . . . . . . . . 5. . ACCESS. . . . . . . . . .CONTROL. . . . . . . . . . .LISTS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74.5.1. MOUNTING FILE SYSTEMS745.1.1. NFS5.2. SETTING ACCESS ACLS74745.3. SETTING DEFAULT ACLS765.4. RETRIEVING ACLS5.5. ARCHIVING FILE SYSTEMS WITH ACLS76765.6. COMPATIBILITY WITH OLDER SYSTEMS5.7. ACL REFERENCES7778. . . . . . . . . . . 6.CHAPTER. . .GAINING. . . . . . . . . PRIVILEGES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79.6.1. CONFIGURING ADMINISTRATIVE ACCESS USING THE SU UTILITY796.2. CONFIGURING ADMINISTRATIVE ACCESS USING THE SUDO UTILITY6.3. ADDITIONAL RESOURCES8082Installed DocumentationOnline Documentation8282See Also82. . . . . . .II. .SUBSCRIPTIONPART. . . . . . . . . . . . . . . . AND. . . . . .SUPPORT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83.CHAPTER. . . . . . . . . . 7. . REGISTERING. . . . . . . . . . . . . . . THE. . . . . SYSTEM. . . . . . . . . .AND. . . . .MANAGING. . . . . . . . . . . . SUBSCRIPTIONS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84.7.1. REGISTERING THE SYSTEM AND ATTACHING SUBSCRIPTIONS847.2. MANAGING SOFTWARE REPOSITORIES847.3. REMOVING SUBSCRIPTIONS857.4. ADDITIONAL RESOURCES86Installed DocumentationRelated Books8686See Also86. . . . . . . . . . . 8.CHAPTER. . .ACCESSING. . . . . . . . . . . . .SUPPORT. . . . . . . . . . USING. . . . . . . .THE. . . . .RED. . . . HAT. . . . . SUPPORT. . . . . . . . . . . TOOL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87.8.1. INSTALLING THE RED HAT SUPPORT TOOL878.2. REGISTERING THE RED HAT SUPPORT TOOL USING THE COMMAND LINE878.3. USING THE RED HAT SUPPORT TOOL IN INTERACTIVE SHELL MODE8.4. CONFIGURING THE RED HAT SUPPORT TOOL87873