Linux Configuration Notes

Version: Red Hat 8.0  -  installed April, 2003
Previous: Red Hat 7.1
Next: SuSE 9.1 and 9.2
by Dennis G. Allard

This page contains tips and configuration notes for Linux Red Hat 8.0 (kernel 2.4) configured on March 3, 2003.

Introduction

It is now June 2003. I have configured oceanpark.com with Redhat 8.0, updated regularly via the Red Hat Network. The current version is Red Hat kernel 2.4.20-18.8, running an Athlon 1.8GHz CPU equipped with 512MB of RAM. I have now used the system as my Desktop machine since March, 2003. A small number of Web sites run on the server along with some experimental servers. The system acts as my primary desktop machine, firewall to internal hosts, and serves secure IMAP email to a small number of clients. It runs the Horde IMP Web Mail for those clients as well.

Overall Impression of Red Hat 8.0

The good news is that in my eighth year using Red Hat Linux, I can finally use Linux as my Desktop machine for the first time. The system is still not ready for use as a professional desktop environment for nonprogrammers as a replacement for Windows, but it is getting closer. In another two or three years, we should see Linux take over from Windows on the Desktop in many corporate environments.

How I use Red Hat

The oceanpark.com machine has been running Red Hat Linux since January, 1996. It is a server but I am currently using it as my primary desktop environment as well, replacing Windows 2000 for that purpose.

The server has software raid, runs my firewall , runs a few low volume Web sites, supports secure imap email for some customers, and runs dhcpd, sshd, sendmail, tinydns, lpd, and postgres. The combination of imapd, postgres, and apache (https) is used, among other things, to run Web Mail via the horde.org IMP imap client. I use the machine to control remote secure network backups both to and from my machine thanks to a combination of crontab, ssh, sshd, keychain, and rsync.

As a workstation, I mostly do programming, Email, and Web browsing, but I also need to do various office work from time to time involving Word Processing and occasionally spread sheets. I tend to live in emacs, but use vi when convenient. I tried the Ximian mail client but went back to Mozilla Mail once I found out how to configure Mozilla Mail to correctly word wrap when composing mail in plain text. I now do most of my office work using Linux, although I run a Windows machine behind my firewall to handle complex Word documents, spreadsheets, run Microsoft Access, and do streaming audio via Winamp.

I have recently started programming with Kylix. So far, so good. I have hope that it will be able to replace MS Access for quick development of simple desktop database applications. However, there still is no equivalent to MSAcess in Linux for power users who are not also programmers. Kylix may be the beginnings of a bridge towards that objective.

What I liked (+) and didn't like (--)

  • +  Fonts are nice! At long last, Red Hat Linux is using scalable fonts that are preconfigured and work out of the box in the browser, in Mail clients, in OpenOffice documents, and most everywhere else.
  • + The Mozilla Web browser works very well and is fast!
  • + Adobe Acrobat files now are recognized out of the box by Mozilla and display correctly.
  • -- What is a Red Hat Version? I cannot find an explanation of how one version differs from the next in any of the documentation that ships with Red Hat. I have two paid subscriptions to the Red Hat Network yet I still do not fully understand what gets updated when I do a Red Hat Network update. One thing that does not get updated are some of my most critical applications. For example, after three months of using Red Hat Network to update my system, the version of Mozialla on the system was still a 1.0 version even though Mozilla is well beyond release 1.3. Similar remarks apply to Ximian and, presumbably, other applications that ship with Red Hat.
  • -- My NVidia card, one of the most widely used cards on the planet, works with Red Hat 8.0 but sometimes I see slowness and ghost images if I drag windows quickly across the screen, so I suspect that the driver is not the accelerated driver. I have not yet tried to play any games requiring massive acceleration. Once I do so, I will report here about what the experience was like. I am not optimistic.
  • +-- Sound and Flash do not work out of the box in Mozilla. Real Audio and MP3 links result in a toy-like GUI Dialog appearing on my screen that is a broken pathetic little thing. For example, I click the play button, a Save File Dialog box appears and if I then click Open, the pathetic little Dialog disappears and nothing happens. As pointed out to me by Carlos Lopez, Red Hat has intentionally left out MP3 due to Big Brother Patent issues. You can read Red Hat's explanation for yourself. The good news is that I downloaded the Real Player for linux from http://www.real.com, installed it, and it works great, integrating with Mozilla flawlessly. Still can't find a working Winamp for Linux though.
  • +-- OpenOffice is stable, good looking, very functional and, for simple documents, able to import and export documents in Microsoft Word and Excel formats. This latter capability is usually an unfortunate necessity in order for Linux to be usable in a business environment. The ability to read and write to Microsoft formats still has glitches, so I cannot recommend Red Hat Linux 8.0 for use in an office environment where significant use of Microsoft formats is needed.
  • + OpenOffice displays via X. That means that you can run an OpenOffice application (word processor, spreadsheet, presentation editor, draw tool, etc.) on one UNIX host but display to a remote X Server, such as X-Win32 for Windows or any UNIX host. In this way, you can run your OpenOffice applications on your high-end server, but use them on any machine on your LAN or even remotely via the internet. I have not yet tested how much bandwidth in needed to do the latter, but I suspect it will work fine.
  • -- There is no common Dialog framework so there is a plethora of different Open File and Save File Dialogs that are not aware of each other, provide a different look, provide different functionality, and do not communicate with each other as regarding things such as the last directory visited. Some of them offer the ability to create a new folder, others lack that feature.
  • -- Ditto as reagards copy and paste. Depending on what applications one is trying to copy text from and to, pasting via Control-C and Control-V or via Mouse middle click works sometimes but not always.
  • + Overall, the Gnome ('Blue Curve') Desktop is clean and the menus are trimmed down a bit and less confusing than before. They could still probably use a bit more trimming, but they're not bad.
  • + The default Desktop background is very clean, using a flat dark blue color and showing only three icons, including the Nautilus File Manager and Trash.
  • -- Annoying man bug: when you use man either in emacs or from a shell window, if you search for a dash character (-), the dash is not found. Makes it very hard to search man pages for options.
  • -- An poor choice of color in xterms is still there. Most of the time when I do a simple ls command, some file names appear as light lime green on white background, which makes the file names impossible to see.
  • --  The venerable man pages are being corrupted by a new, poorly designed thing called info. I hope that info will soon go the way of linuxconf as a relic of poor design and bad taste.
  • --  For admins: mod_perl does not work out of the box. My solution: http://oceanpark.com/notes/howto_redhat8-apache2-mod_perl.html.
  • + Software RAID was a snap to configure. I set up most of my partitions as RAID type 1 mirrors.
  • --  emacs continues to degrade in minor ways. It too has decided to start using color that makes some text impossible or hard to read. It is slowing down. BTW, you can get rid of the annoying tool bar and menu bar via the commands M-x menu-bar-mode and M-x tool-bar-mode. Emacs *shell* buffers are still unable to fully simulate a vt100 terminal or any other kind of shell such that you can do in the shell what you could do in bash in an xterm window, although things have improved somewhat on that score. Password prompts in the mini-buffer still do not hide your password and the password is stored on the kill ring.
  • + Postgres came up nicely out of the box.
  • --  One really bad thing is that the task buttons in the Window list in the lower panel do not stay in one place. They change position relative to one another as one starts new processes. I think they are ordered such that similar applications appear near each other. That is perhaps my top item I dislike about the Blue Curve desktop. I am used to remembering the relative position of my task button in the panel and do not like it shifting around, up and down, and being all squirrely. In fact, this is such a bad design, I wonder if I made some error in setting up the system! I found a kind of fix -- I restrict the Window list to one row. In that way, at least I don't have to cope with buttons changing what row they appear in. Things at the right tend to stay near the right, at the left near the left, etc.
  • --  I must have done something weird since I did an 'install everything' yet my Desktop came up on the first boot without the Nautilus File Manager showing, nor the Trash, nor the 'Start Here' button. I went to Red Hat Network to see what packages it thought I had installed and, indeed, the Nautilus package was claimed to be missing. During my install, when I registered the system with the Red Hat Network, the network connection hung and various problems insued when I tried to synchronize my packages with the Red Hat Network server. A call to Red Hat Tech support informed me that, indeed, there had been a problem with the Red Hat Network that afternoon but that "this was the first time this happened" and was "very unlikely to reoccur". Uh huh, right. Time will tell.
  • +-- It is an adventure in frustration to use the otherwise pretty good Red Hat Network when you attempt to use it to see what packages you have and what packages you don't have installed. You'd think that a UI would be available that had a list of all packages (what 'install everything' means) with a check mark next to ones you have installed, an empty box next to the ones you have not installed, and a highlight next to installed packages that need to be updated. No such GUI. I mean, there are exactly three things you can do for any package: install it, uninstall it, or update it. Red Hat Network should implement a GUI that clearly enables one to see those choices and perform those operations.
  • --  After some work, I am using Mozilla Mail. It seems that even with a subscription to the Red Hat Network, one cannot upgrade applications to more recent versions. That seems like a wrong approach. I had to fix various problems in Mozilla Mail by manually downloading RPMs and installing them. Overall, I still am totally happy with any Email client on the planet. Each mail client seems to have a separate set of minor glitches or inadequacies. The versions of both Ximian and Mozilla Mail that ship with Red Hat are way behind the latest releases.
  • +- Ximian Mail has excellent design mixed with some problems. One problem is that Ximian Mail is slow -- when I installed it on a 500MHz machine, opening a new composition window took six seconds, which is simply not usable. Once I moved over to my 2GHz Athlon box, it became usable. But it had some other serious glitches regarding handling of connections to my IMAP server. It periodically drops its connection to my IMAP server. In my case, I run my Ximian client on the same machine where I run the IMAP server. I suspect that this problem occurs when other remote clients connect to the IMAP server, but am not sure. In addition, I simply cannot find a way to convince it to subscribe to all of my IMAP folders. Sometimes they stick, sometimes they don't. Ximian does not have an integrated newsgroup reader. After using Ximian Mail for about two months and even upgrading to a more recent version, which did not fix the problems, I decided to switch back to Mozilla Mail.
  • +- The other mail clients all have some flaws, at least in the versions that ship with Red Hat 8.0. After upgrading Mozilla (which does not happen automatically via the Red Hat Network) and finding one fix on the Web, I resolved my most serious issues with Mozilla. Word wrap was broken until I found out how to configure Mozilla Mail to correctly word wrap when composing mail in plain text. Upgrading to Mozilla 1.3 seems to have fixed some problems I was having where it was impossible to force the composer to be plain text all the time and deleting lots of mail causing it to crash. It is now possible to cut and paste headers. Some minor issues remain. There seems to be no way to have multiple identities for the same email account (something that Ximian supports very nicely). KMail looked real nice at first. However, it does not have the ability to search for IMAP mail messages by content! If you know of a way to do that, please let me know. Also, deleting multiple messages in KMail is absurdly slow, as if done by some slow emacs macro.
  • + The GUI installation went flawlessly and Disk Druid is now quite nice. The system detected my video hardware and my Phillips 109S 19 inch Monitor Model correctly. One drawback is that I have an NVidia GForce 4 card and apparently Red Hat 8.0 did not ship with an accelerated driver for it, so I experience occasional redraw slowness if I move a window around quickly.
  • + Networking detection and setup for two ethernet cards and configuration of DNS and IP numbers all worked flawlessly.
  • + linuxconf is now ancient history. More and more, there are good GUI configuration tools for many services. I still tend to use chkconfig and edit specific application configuration files manually, so I can't report much detail about the GUI configuration tools, except to say that things such as sound, X display, and Desktop preferences are all fairly easy to configure now. One kind of strange thing about sound is that even though I got the sound server to work (I did have to manually configure it to start at boot), there seems to be a lack of sound events. If I look in the sound configuration tool, most of the events listed there are for arcane games I have no interest in. The one game I like, besides Chess, is Maelstrom, and it does its own sound config. BTW, Maelstrom works fine in Red Hat 8.0.
  • -- There is still a lack of documentation about what files are used to configure what. Every single thing that is configured for you should be accompanied by a document that explains what config files and what config scripts are used to configure or reconfigure that thing.
  • -- The server configuration still does not offer to configure the server as an LDAP or NIS server and I don't know of any tools to help do such configuration. If you know of any, please let me know.
  • +-- For video, I was happy with the auto-detection and final result. Unlike Windows, for which I still so often see people with 32MB video cards running at 60Hz vertical refresh, the Red Hat video setup makes reasonable choices at VESA refresh levels. Do note that the old Xconfigurator program no longer comes with Red Hat. Instead, Red Hat seems to have a bunch of programs named redhat-config-FOO. For example, redhat-config-xfree86.
  • +-- I have no new comments on the firewall configuration. In Red Hat 7, the firewall setup was too restrictive. The Red Hat installer did not differentiate between a server that is open to the public internet and one that is used only for internal network service. In any case, my firewall example script is highly ranked by Google and it works fine in Red Hat 8.0. See firewall.
  • +-- Apache in now 2.0. If you have been using Apache 1.3, you will need to spend some time (for me it was a few hours) getting everything working again. I had to actually do a minor bit of source code modifying to make the Horde IMP Web Mail server work correctly. Also, see http://oceanpark.com/notes/howto_redhat8-apache2-mod_perl.html.
  • + OpenSSH is quite stable now. Installed and worked with zero effort and seems compatible with all use I have made of it, which is extensive.
  • -- man page writers -- PLEASE include examples
  • +-- Red Hat and Linux engineers -- PLEASE write your GUI configuration tool such that the user is informed what configuration files are read and written by the tool and, if possible, permit the user to edit the files manually. With the advent of XML as the lingua franca of configuration files, that is becoming possible. It is good that we are seeing more and better GUI configuration tools, but we should make perspicuous what is going on under the hood so that system administrators are not left in the dark about what files their changes affect.

Firewall script:

My firewall script is http://oceanpark.com/notes/firewall_example.html It has been ranked first in Google since mid 2002 for a search for 'example firewall script'.

Useful commands and programs:

Very partial List of useful commands and programs. The difference between a command and a program is an 'advanced topic' (a UNIX anachronism, IMHO)

  • startx -- start the X Windows system graphical user interface.
  • Ctl-Alt-Backspace -- force X to exit, returning you to a command prompt.
  • Alt-Fi -- Switch to tty console i (when not in X).
  • Ctl-Alt-Fi -- Switch to console i (when in X) (but you can't get back to X, at least I can't)
  • The default Red Hat setup automatically restarts X unless you remember to check a certain check box during the installation when X is configured. You can prevent X from automatically starting by editing /etc/inittab and changing id:5:initdefault: to id:3:initdefault: (Thanks to Justin Beattie for this suggestion).
  • dir -- same as ls command below
  • ls -- list all files in the current directory whose name does not begin with . (a period)
  • ls -l -- ls output in long format, showing privleges and dates
  • ls -a -- ls output shows all files, including those whose names start with .
  • ls -t -- ls output sorted by time last modified
  • ls -lat -- all of the above
  • mv -- move (rename)
  • cp -- copy
  • cp -a -- copy a file and preserve attributes of the file
  • cp -ar foo bar -- recursively copy directory foo and all its subdirectories to bar
  • rm -- remove
  • rm -r foo -- recursively remove directory foo and all its subdirectories
  • rm -f foo -- force removal (don't prompt for permission) -- USE WITH CAUTION!
  • rm -r foo -- recursively remove directory foo and all its subdirectories
  • rm -fr foo -- do that without prompting -- USE WITH EXTREME CAUTION
  • man foo -- tell about the command foo
  • man -k foo -- tell about all man pages having the keyword foo
  • makewhatis -- update the man pages
  • /usr/bin/whereis foo -- tell where foo is (full pathnames)
  • /usr/bin/which -- tell which foo is first in the current path
  • printenv PATH -- show the current path
  • printenv -- show all environment variables
  • find . -name "foo*" -- find all files below the current directory whose name starts with foo
  • /usr/sbin/useradd -- to create a new user
  • /usr/sbin/groupadd -- add a group (see /etc/group)
  • /usr/sbin/mouseconfig
  • /usr/bin/free -- shows memory usage, including swap
  • fdisk -l -- compare the output of this to the content of /etc/fstab
  • du -s folder -- show amount of disk space used by all files in folder
  • iptables -vnL -- show iptables rules that are in effect
  • chkconfig -- the way to see and modify what services start up at boot time
  • /etc/rc.d/init.d/FOO status/start/stop/restart -- where FOO is sendmail, sshd, etc.

Configuration files (very partial list):

  • /etc -- where almost all system configuration data resides
  • /etc/sysconfig/network -- the main network configuration file
  • /etc/resolv.conf -- network configuration of name server
  • /etc/rc.d/ -- startup files -- see rc.local and rc.sysinit programs, below
  • /etc/rc.d/rc -- script which starts everything
  • /etc/rc.d/rc.sysinit -- what kicks things off when Linux boots
  • /etc/rc.d/rc.local - local things to execute at boot time

  • /etc/issue -- dynamically rewritten by /etc/rc.d/rc.local
  • /etc/fstab -- directory mounts done at boot time - edit with caution
  • /etc/profile -- contains global environment variable settings (e.g. PERLLIB="/usr/local/lib/perl")
  • /etc/bashrc -- contains global alias commands (e.g. alias ll='ls -l')
  • /etc/hosts -- place entries for your LAN workstations
  • /etc/passwd -- adduser places new user here, edit manually to change name, shell, etc.
  • /etc/group -- add new groups and associate users with a group

  • /etc/sendmail.cf -- SMTP configuration -- touch with caution
  • /etc/xinetd.conf -- kind of replaces inetd, but see tcpd and hosts.deny and hosts.allow
  • /etc/smb.conf -- Samba configuration
  • /etc/crontab -- specification of what programs to automatically run at regular intervals
  • /etc/services -- tcp/ip services -- I don't modify this, but of interest
  • /etc/httpd/conf/httpd.conf/ -- The httpd web server configuration file (only need this one)

  • /var -- where much dynamic system data and logs are kept
  • /var/log -- various logs of interest
  • /var/log/messages -- various programs log things here -- worth taking a look at
  • /var/log/secure -- log of successful and refused attempts to access the system
  • /var/run -- where some (not all) server daemons place their pids (useful for kill -SIGHUP <pid>)
  • /var/spool/mail -- don't forget to copy over from old disk so users don't lose mail

  • /usr/local/bin -- where I put in-house programs and scripts of general interest
  • /usr/local/sbin -- where I put in-house system programs such as wwwstat, backup, etc.