Plan szkolenia
Module 1: Linux orientation • FSF and GNU
• GPL - General Public License
• Linux Kernel and versioning
• Components of a distribution
• SUSE Linux products
• Red Hat Linux products
Module 2: Linux Kernel and hardware
• Hardware Discovery tools
• Configuring New Hardware with hwinfo
• Hardware and System Clock
• Console
• Virtual terminals
• Serial ports
• SCSI devices
• USB configuration
• Defining a printer
• Tape libraries
• Managing Linux device files
• Kernel hardware info - /sys/
• /sys/ Structure
• udev
• Kernel modules
• Configuring Kernel components and modules
• Handling module dependencies
• Configuring the Kernel via/proc/
• System tools
Module 3: Boot process and systemd
• systemd system and service manager
• systemd targets
• Using systemd
• Legacy support for SysV init
• Booting Linux on PCs
• GRUB2
• GRUB2 configuration
• GRUB2 security
• Boot parameters
• Initial RAM Filesystem
• init
• System init styles overview
• Linux runlevels aliases
• systemd local-fs.target and sysinit.target
• systemd basic.target and multi-user.target
• Legacy local bootup script support
• System configuration files
• RHEL7 configuration utilities
• SLES12 configuration utilities
• Shutdown and reboot
Module 4: Software maintenance
• RPM architecture
• Working with RPMs
• Querying and verifying with RPM
• Updating the Kernel RPM
• Using the YUM command
• Using the Zypper command
• YUM package groups
• Zypper services and catalogs
• Configuring YUM
• YUM repositories
• Rebuilding source RPM packages
• Software tools comparison matrix
Module 5: Local storage administration
• Partitioning Disks with fdisk
• Partitioning Disks with parted
• Filesystem creation
• Mounting Filesystems
• Filesystem maintenance
• Resizing Filesystems
• Managing an XFS Filesystem
• Swap
• Filesystem attributes
• Filesystem creation and management
Module 6: LVM and RAID
• Logical Volume Management
• Implementing LVM
• Creating Logical Volumes
• Manipulating VGs and LVs
• Advanced LVM concepts
• gnome-disk-utility
• SLES graphical disk tool
• RAID concepts
• Array creation with mdadm
• Software RAID monitoring
• Software RAID control and display
• LVM and RAID: UNIX tool comparison
Module 7: Remote storage administration
• Remote storage overview
• Remote Filesystem Protocols
• Remote block device protocols
• NFS clients
• NFS server configuration
• Implementing NFSv4
• AutoFS
• AutoFS configuration
• SAN multipathing
• Multipath configuration
• Multipathing best practices
• iSCSI architecture
• Open-iSCSI initiator implementation
• iSCSI initiator Discovery
• iSCSI initiator node administration
• Mounting iSCSI targets at boot
• iSCSI multipathing considerations
Module 8: User/group administration
• User and group concepts
• User administration
• Modifying accounts
• Group administration
• Password aging
• Default user files
• Controlling login sessions
• system-configuration-authentication
• SLES DS client configuration
• PAM overview
• PAM module types
• PAM order of processing
• PAM control statements
• pam_wheel.so
• pam_limits.so
• User/Group administration comparison matrix
Module 9: Security administration
• Security concepts
• Tightening default security
• Security advisories
• File access control lists
• Manipulating FACLs
• Viewing FACLs
• Backing up FACLs
• File creation permissions with umask
• User private group scheme
• Alternatives to UPG
• TCP Wrappers concepts
• TCP Wrappers concepts
• Xinetd
• SUSE basic firewall configuration
• Netfilter concepts
• Using the iptables command
• Common match_specs
• Connection tracking
• AppArmor
• SELinux security framework
• SELinux modes
• SELinux commands
• Choosing an SELinux policy
• SELinux booleans
• SELinux policy tools
• (X)INETD and firewalls
Module 10: Process administration
• At and Cron usage
• Anacron
• Viewing processes
• Managing processes
• Tuning process scheduling
• Process accounting
• Setting resource limits via ulimit
Module 11: Networking
• Linux network interfaces
• Ethernet hardware tools
• Network Configuration with IP command
• Configuring routing tables
• IP to MAC address mapping with ARP
• Starting and stopping interfaces
• Network manager
• DNS clients
• DHCP clients
• Network diagnostics
• Information from ss and netstat
• Managing network-wide time
• Continual time Sync with NTP
• Configuring NTP clients
• Multiple IP addresses
• IPv6
• Interface bonding
• Interface bridging
• 802.1q VLANs
• Network configuration tools
Module 12: Monitoring and troubleshooting
• System status - Memory
• System status - I/O
• System status - CPU
• Performance trending with SAR
• Troubleshooting basics: the process
• Troubleshooting basics: the tools
• System logging
• Syslog-ng
• systemd journal
• Rsyslog
• /etc/rsyslog.conf
• Log management
• Log anomaly detector
• strace and ltrace
• Troubleshooting incorrect file permissions
• Inability to boot
• Typos in configuration files
• Corrupt Filesystems
• RHEL7 rescue environment
• SUSE rescue environment
• Process tools
Module 13: BIND DNS
• The domain name space
• Delegation and zones
• Server roles
• Resolving names
• Resolving IP addresses
• Basic BIND administration
• Configuring the resolver
• Testing resolution
• rndc key configuration
• named.conf options block
• Creating a site-wide cache
• Zones in named.conf
• Zone database file syntax
• SOA - Start of authority
• A, AAAA, and PTR - Address and pointer records
• NS - Name server
• TXT, CNAME, and MX - Text, alias, and mail host
• Abbreviations and gotchas
• $GENERATE, $ORIGIN, and $INCLUDE
Module 14: SQL fundamentals and MariaDB
• Popular SQL databases
• SELECT statements
• INSERT statements
• UPDATE statements
• DELETE statements
• JOIN clauses
• MariaDB
• MariaDB installation and security
• MariaDB user account management
• MariaDB replication
Module 15: OpenLDAP
• OpenLDAP: server architecture
• OpenLDAP: backends
• OpenLDAP: replication
• OpenLDAP: configuration options
• OpenLDAP: server tools
• OpenLDAP: client tools
• LDIF: LDAP Data Interchange Format
• Enabling LDAP-based login
• System Security Services Daemon (SSSD)
Module 16: vsFTPd and Apache
• vsFTPd
• Anonymous FTP with vsFTPd
• Configuring vsFTPd
• HTTP operation
• Apache architecture
• Apache configuration files
• httpd.conf - Server settings
• httpd.conf - Main configuration
• httpd.conf - VirtualHost configuration
• Virtual hosting DNS implications
• Adding modules to Apache
• Apache logging
• Delegating administration
• Directory protection
• Directory protection with AllowOverride
• Common uses for .htaccess
• TLS using mod_ssl.so
Module 17: SQUID proxy server
• Squid overview
• Squid file layout
• Squid Access Control Lists
• Applying Squid ACLs
• Tuning Squid and configuring cache hierarchies
• Bandwidth metering
• Monitoring Squid
• Proxy client configuration
Module 18: Samba
• Samba daemons
• Accessing Windows®/Samba shares from Linux
• Samba utilities
• Samba configuration files
• The smb.conf file
• Mapping permissions and ACLs
• Mapping Linux concepts
• Sharing home directories
• Sharing printers
• Share authentication
• User-level access
• Mapping users
• Samba account database
• User share restrictions
Module 19: Postfix
• Postfix features
• Postfix components
• Postfix configuration
• master.cf
• main.cf
• Postfix map types
• Postfix pattern matching
• Virtual domains
• Postfix mail filtering
• Configuration commands
• Management commands
• SMTP AUTH server and relay control
• SMTP AUTH clients
• TLS server configuration
• Postfix client configuration for TLS
Module 20: Email services
• Procmail
• SpamAssassin
• amavisd-new mail filtering
• Cyrus IMAP/POP3 server
• Cyrus IMAP MTA integration
• Cyrus Mailbox administration
• Dovecot POP3/IMAP server
Lab 1
• Adjusting Kernel options
• Configuring print queues
• Introduction to Troubleshooting Labs
• Troubleshooting practice: Kernel modules
Lab 2
• Boot process
• Booting directly to a Bash shell
• GRUB command Line
• Basic GRUB security
• Managing services with systemd’s systemctl
• Troubleshooting practice: Boot process
Lab 3
• Managing software with RPM
• Creating a custom RPM repository
• Querying the RPM database
• Installing software via RPM and source and rebuilding SRPMs
• Using YUM
• Using Zypper
Lab 4
• Creating and managing Filesystems
• Hot Adding Swap
Lab 5
• Creating and managing LVM Volumes
• Creating and managing a RAID-5 Array
Lab 6
• Using AutoFS
• NFS server configuration
• iSCSI initiator configuration
Lab 7
• User and group administration
• Using LDAP for centralized user accounts
• Troubleshooting practice: account management
• Restricting superuser access to wheel group membership
• Setting Limits with the pam_limits modules
• Using pam_limits to restrict simultaneous logins
Lab 8
• User private groups
• Using Filesystem ACLs
• Securing xinetd services
• Enforcing security policy with xinetd
• Securing services with TCP Wrappers
• Securing services with SuSEfirewall2
• Securing services with Netfilter
• Exploring SELinux modes
• SELinux file contexts
Lab 9
• Creating and managing user Cron jobs
• Adding system Cron jobs
Lab 10
• Network discovery
• Basic client networking
• NTP client configuration
• Multiple IP addresses per network interface
• Configuring IPv6
• Troubleshooting practice: networking
Lab 11
• Using the systemd Journal
• Setting up a full debug logfile
• Remote syslog configuration
• Remote rsyslog TLS configuration
• Recovering damaged MBR
Lab 12
• Configuring a slave name server
• Use rndc to control named
• Configuring BIND zone files
Lab 13
• SQL with SQLite3
• Installing and securing MariaDB
• Creating a database in MariaDB
• Create a database backed application
Lab 14
• Building an OpenLDAP server
• Enabling TLS for an OpenLDAP server
• Enabling LDAP-based logins
Lab 15
• Configuring vsFTPd
• Apache architecture
• Apache content
• Configuring virtual hosts
• Using .htaccess files
• Using TLS certificates with Apache
Lab 16
• Installing and configuring Squid
• Squid cache manager CGI
• Proxy auto configuration
• Configure a Squid proxy cluster
Lab 17
• Samba share-level access
• Samba user-level access
• Samba group shares
• Handling symbolic links with Samba
• Samba home directory shares
Lab 18
• Configuring postfix
• Postfix network configuration
• Postfix virtual host configuration
• Postfix SMTP AUTH configuration
• Postfix STARTTLS configuration
• SUSE postfix configuration cleanup
Lab 19
• Configuring procmail and SpamAssassin
• Configuring Cyrus IMAP
• Dovecot TLS configuration
Lab 20
• Linux installation
• Automating installation with Kickstart
Lab 21
• SUSE Linux enterprise server installation
• Automating installation with AutoYaST