Visão Geral

Curso Linux System Administration. A administração do Linux envolve uma boa interação com o hardware do sistema e o kernel, bem como a aplicação de um grande número de ferramentas e aplicativos. Este curso fornece uma abordagem prática para adquirir as principais habilidades de administração e gerenciamento de sistemas. À medida que percorremos os tópicos administrativos, de rede e de solução de problemas, incorporamos elementos de boas práticas, desempenho e segurança, todos visando alcançar um alto nível de proficiência no trabalho na linha de comando. Com sua abordagem de design diferenciada, este curso também é adequado como uma conversão de Unix para Linux para administradores Unix existentes. É um evento de desenvolvimento de habilidades em ritmo acelerado, repleto de exercícios práticos e solução de problemas. A plataforma do curso será um dos derivados da Red Hat, como CentOS ou ScientificLinux. No entanto, as discussões e o material abordam todas as principais vertentes do Linux e, sempre que uma ferramenta, técnica ou método específico for relevante, serão abordadas especificidades do SUSE, Debian e Ubuntu. Por exemplo, discutimos a abordagem única adotada por vários sistemas em áreas como inicialização de sistemas e gerenciamento de software.

Objetivo

Ao final deste Curso Linux System Administration, você será capaz de:

• Compare várias distribuições Linux
• Entenda a administração do Linux versus UNIX
• Entenda os métodos e formas de instalação de um sistema Linux
• Use a arquitetura modular do kernel e reconfigure-a para atender a uma necessidade específica
• Interrogue, gerencie e configure hardware
• Instale software adicional: pré-empacotado e do código-fonte
• Execute atualizações automatizadas de software
• Configurar e solucionar problemas do processo de inicialização e inicialização do sistema operacional
• Implemente e gerencie partições e sistemas de arquivos, incluindo LVM
• Manter a segurança do sistema de arquivos, inclusive usando chattr e ACL
• Entenda o controle de acesso obrigatório com Selinux e Apparmour
• Aumente a segurança do usuário e da sessão com PAM
• Conecte-se com SAMBA e CIFS
• Use SSH para conectividade segura
• Execute configuração básica de rede, segurança e solução de problemas
• Lidar com filtragem de pacotes com iptables e firewalld

Publico Alvo

• Todos os administradores, desenvolvedores, analistas existentes, na verdade, todos os usuários que cuidam de uma máquina Linux. Além disso, administradores Unix experientes que precisam migrar suas habilidades para Linux.

Pre-Requisitos

• Os delegados deverão ter frequentado previamente o curso 'QALXESS-2, Linux System Fundamentals', seguido de vários meses de experiência prática de trabalho com Linux (ou ter competências equivalentes)
• Alternativamente, deverão ter sólida experiência de administração de qualquer versão Unix

Materiais

Conteúdo Programatico

Getting Started
Linux server market; Introduction to distributions considered in our courses; Red Hat, Debian (and their derivatives) and SUSE; Understanding kernel versions; Web resources and forums

Preparing For Installation
Understanding PC hard disks: PC hard disk drives: IDE and SCSI; Disk preparation: primary, extended and logical partitions; Understanding memory; Linux swapping and paging: planning swap area, adding swaps; Disk tools: fdisk, parted, hdparm

Installation Methods
Preparing for installation; Installation sources; Selecting system 'personality'; Gathering information; Installation planning and process; Installing Linux from CD-ROM; Post-installation steps; Repeatable installation with installer script

Software Management

1. Linux software and source code;
2. Shared and static libraries;
3. Library related tools: ldd,
4. ldconfig;
5. Using 'tarballs' and related tools
6. Packages in SUSE,
7. Red Hat and derivatives;
8. Packaging method: RPMs;
9. Package management tools: rpm and yum;
10. SUSE management tool: zypper
11. Packages in Debian derivatives;
12. Packaging method - DEBs; Package management tools: dpkg, apt-get, aptitude, tasksel

Boot Management

1. Bootstrap procedure; Traditional BIOS and MBR; Comparison with modern UEFI and GPT; Using and configuring GRUB 'Legacy' bootloader; GRUB disk numbering; GRUB configuration; Using and configuring GRUB 2; grub2 'global' directives configuration; /boot/grub/grub.cfg; initrd versus initramfs; grub2 tools; Recovering from boot problems; GRUB Legacy vs. GRUB 2 CLI commands

Hardware and Architecture

1. Types of platforms Linux will run on;
2. Minimum hardware requirements;
3. Selected 3.X onwards features;
4. Supported devices;
5. Configuring sysfs devices with udev;
6. Hardware troubleshooting tools

Kernel Configuration

1. Kernel runtime parameters; /proc/sys/* and /etc/sysctl.conf;
2. Device drivers in the kernel;
3. Monolithic vs. modular design;
4. Handling modules with lsmod, depmod and modprobe;
5. Creating a customised Kernel;
6. Why rebuild?;
7. Prescriptive sequence of steps;
8. Kernel interesting locations: /usr/src/*, /boot, /lib/modules/$(uname -r)‏

System Service Control

1. SysVinit startup sequence;
2. Single and multi-user run levels;
3. The init process and its configuration in /etc/inittab;
4. SysVinit startup files (rc files);
5. Systemd method for service control;
6. Units and targets;
7. Configuration files;
8. Using systemctl tool;
9. Integration with SysVinit method

System Logging

1. Auditing and logging;
2. Basic Unix log files;
3. Simple data tools for working with logs - touch, tail,
4. tail -f, grep;
5. Syslog daemon;
6. Rotating logs;
7. Monitoring logs.
8. Brief Introduction to journald

User Accounts

1. User-related configuration files: /etc/passwd, /etc/group, /etc/shadow;
2. Creating an account;
3. Basic attributes;
4. Secondary group membership;
5. Password requirement;
6. Customising an account;
7. User home directory;
8. Start-up files

User Account Security, incl PAM

1. Security aspects of basic accounts;
2. Terminal and shell control files;
3. Testing account usage and activity:
4. lastlog, last, lastb; Identity power as dictated by UID;
5. Role based identity;
6. PAM; User authentication principles;
7. User account control

Extended File Attributes

1. Recap of basic file and directory permissions:
2. r/w/x, SUID,
3. SGID and sticky bit;
4. File Access Control List (ACL);
5. Making use of individual user and group assignments;
6. Understanding mask property;
7. Using setfacl and getfacl of files and directories;
8. Applying additional file attributes through chattr;
9. Using chattr to set additional attributes;
10. Applying privileged attributes;
11. Using lsattr to explore extended attributes

Managing Filesystems

1. Linux native filesystems:
2. ext*,
3. reiserfs,
4. xfs,
5. btrfs ;
6. Configuring filesystems;
7. Performance -
8. mkfs command;
9. Security - mount command;
10. Troubleshooting and diagnosing filesystems:
11. fsck,
12. tune2fs,
13. debugfs,
14. fuser,
15. dumpe2fs,
16. xfs*;
17. Restricting disk assignments with user/group

Storage Management with LVM

1. Overview of disk partitioning;
2. Using fdisk to create physical partitions;
3. LVM structure:
4. PV,
5. VG,
6. LV;
7. Logical volumes must have filesystem created;
8. Standard mkfs, mount and /etc/fstab treatment applies;
9. Logical volumes can be dynamically resized

Networking Infrastructure

1. Number crunching;
2. Network related files and directories:
3. interface configuration files,
4. name resolving;
5. Modern tools - the ip and ss command:
6. general syntax and usage;
7. Network parameters in the kernel;
8. Configuring proxy;
9. Static routes;
10. Interface parameters with ethtool;
11. Interface bonding:
12. modes and configuration

Perimiter Network Protection

1. Firewall concepts;
2. Infrastructure and DMZ;
3. Types and implementations;
4. Kernel's role;
5. Network parameters in /proc/sys/net;
6. NetFilter module;
7. Linux firewalls:
8. iptables and firewalld;
9. Understanding firewalld zones and firewall-cmd tool;
10. Alternatives products:
11. IPCop,
12. horewall,
13. ufw and many others...;
14. knockd to open holes in your firewall on demand

Introduction to SELinux

1. DAC vs.
2. MAC security policies;
3. Problems with traditional,
4. discretionary, methods;
5. Products providing mandatory access methods;
6. Main SELinux features;
7. Policies, enforcements,
8. control; Scope,
9. coverage and availability;
10. SELinux configuration and management;
11. SELinux states;
12. Labelling and access policies;
13. Policy database and run-time flow;
14. Modifying existing,
15. and creating new, policies

Network Services

1. Protocols & Services;
2. Network super-daemons:
3. inetd, xinetd ;
4. TCP wrapper with tcpd;
5. Network time protocol;
6. Hardware vs.
7. oftware clock;
8. Daemons and configuration

Samba and CIFS

1. What is Samba;
2. SMB and CIFS protocols;
3. Installing and configuring Samba components;
4. Configuration file: /etc/samba/smb.conf;
5. Special and user sections;
6. Configuring the [global] section;
7. Samba daemon and diagnostic tools: smbd,
8. nmbd,
9. smbstatus,
10. testparm,
11. SWAT;
12. Samba client tools:
13. nmlookup,
14. smbclient,
15. smbtree,
16. smbtar;
17. Viewing Samba shares in Windows;

SSH Hints and Tricks

1. SSH purpose;
2. Recap of basic SSH use;
3. SSH client and server configuration ;
4. Using SSH keys;
5. Creating public/private key pair;
6. Configuring and using SSH agent;
7. Tunnelling X application in SSH;
8. Port forwarding;
9. Principles of local and remote port forwarding;
10. Forwarding through a firewall and multiple gateways