Review

• Security• Hardening• IPTables• SELinux

Today

• Installations and updates– Rpm command and packages

• Apache• “Issue Ownership”

Installing Items

• Several Different Ways– Build from source works on all systems– Download source code, unzip it, run ‘make file’– Compiles it on your system– Annoying, time consuming, etc…

• Different distributions have ‘package managers’– Debian/Ubuntu – Apt-Get / dpkg– SuSE - YaST

CentOS/RHEL

• Online (aka, requires internet connection)– yum– yum install <package> # or update or….– VERY easy, very nice, I highly recommend it

• Offline (aka, no internet connection)– Must know package name– rpm (RedHat Package Manager)– Flags will then lead us to install, uninstall, update,

etc…

RPM Usage

• Simple installation– rpm -i <filename>– rpm -ivh <filename>

• List installed programs– rpm -qa #optional: <package>

• Uninstall program– rpm -ev <package>

• Notice difference between filename and package

RPM File Names

• An RPM filename will end in .rpm• The name will usually contain package, version,

OS version, and architecture• CentOS 6 Apache installation file • httpd-2.2.15-26.el6.x86_64.rpm– Package: httpd– Apache version: 2.2.15-26– OS version: ‘Enterprise Linux’ 6 (el6)– Architecture: x86_64 (Intel, 64-bit)

Complex Installations

• Some packages will require a ‘depdency’• A dependency is another install package– Possibly another program, possibly a library

• For example, to run the GNU C++ Compiler (g++), you have to have the GNU C Compiler installed (gcc)

• g++ has a dependency of gcc• rpm -R <package>

Failures

• Dependencies

• 2 packages, 2 libraries• Packages will most likely appear with that name• Libraries will have to be Google’d for

Library Packages

• libapr-1.so.0 – library package• In an offline install this will not show up as

libapr.rpm or any variation

Libapr-1.so.0

• Easily handled - apr package and apr-util packages contain the libapr and libapr-util libraries

• Go through each dependency from the top, install all the ones you can easily

• Then try to install the main packages and Google anything left over

Successful Install

• rpm -ivh apr-util-1.3.9-3.el6_0.1.x86_64.rpm

So We Can Use It

• We can see it in the output of rpm -qa httpd• Even more, we can use it

What Is A Web Server?

• “The hardware or software that delivers web content” –wikipedia

• Thanks, wikipedia, that’s helpful• Web server is a computer running– Windows OS & IIS application– Linux OS & Apache application– There are others, those are the big ones

• They hold the code files that make up web pages (facebook, Amazon, ESPN, etc…)

Apache Web Server

• “LAMP Stack” – Linux, Apache, MySQL, PHP– Everything you need to build a ‘feature-rich’

website (ESPN.com)• Config file in /etc/httpd/conf/httpd.conf• Contains ‘modules’ that help develop web site• Code files in /var/www– Expected to be ‘feature rich’

Apache Details

• Service named httpd (so we can control it by the services command & see it in ps)– What would that command be?

• Starts about 8 processes named httpd• Sits “on top” of our networking scripts, opens

port 80 to “listen” for incoming web (http) connections, etc…

Apache Config• So when we browse to the IP

Quick Aside – Regular Tasks

• Starting out in IT, expect:• Programmers: documenting code– Possibly minor bug fixes

• Networking: monitoring – I actually know the least about what entry-level

networking is• Sysadmin: Password resets, low-level user calls– Aka, help desk

Help Desk• Help desk isn’t a bad place to be• But it’s hard to move out into ‘sysadmin’ work– Easier to move up to L2/L3 support– Internships are the way to go

• Regardless, you’ll usually have a ‘script’

Help Desk

• In that script you won’t have too much freedom, which means you won’t have too much opportunity to show off skills

• Sometimes you do, and sticking with something (especially the really annoying things) are what managers look for

• They call it “issue ownership”– Do you take the next step when it’s not in your

script?

Example

• Apache is not installed on our VM’s

Or You Might Get A Ticket• “User X Can’t Log In”– Login to what?! – Obviously not the ticketing system

• This is why I structure our class this way– This is also the least-favorite assignment of many

students• “Scope” the problem• Outline the fix• Implement• Write-up

Your Homework and Practical

• Install Apache on our vm’s– Using rpm, not using yum

• Turn in a short write-up of what you did and how

• Documentation is necessary– 1) tells you where you are– 2) tells you what you’re doing– 3) covers your behind

Tickets

• IDS was owned by ‘Enterasys’ (now Dell)• Awful support, except for 2/3 guys• Used their tickets to show their mgmt they

weren’t responding (many times)• Got 2 of the “good” responders dedicated to

our account• I’m sure they were chewed out after the

4th/5th/6th time we escalated through our mgmt

Own Study

• Installations and updates– Rpm command and packages– http://www.thegeekstuff.com/2010/07/rpm-com

mand-examples/

• Apache– http://

www.centos.org/docs/5/html/Cluster_Administration/s1-apache-inshttpd-CA.html