Linux Advanced System Administration (LPI) (LASA) – Outline

Detailed Course Outline

Course Contents - DAY 1

Course Introduction

  • Administration and Course Materials
  • Course Structure and Agenda
  • Delegate and Trainer Introductions

Session 1: ADVANCED NETWORK CONFIGURATION & TROUBLESHOOTING

  • Configuring the network card (ip link, ip addr)
  • Network scripts
  • Configuring routing (ip route)
  • Network troubleshooting and related tools (ethereal, tcpdump, ping, traceroute, netstat, arp, nmap, nc)
  • Exercise

[Session 2: APACHE, SQUID AND NGINX

  • Apache main configuration files
  • Apache server and access configuration
  • Configuring secure Apache (https)
  • Configuring IP address-based virtual hosts
  • Configuring name-based virtual hosts
  • Configuring Apache for user-based content
  • Configuring the Squid proxy server
  • Configuring client browsers
  • Squid security settings
  • Nginx Proxy and Reverse Proxy
  • Exercise

Session 3: NFS NETWORK SERVICES

  • NFS operation and associated daemons
  • Configuring an NFS server
  • Investigating the portmapper
  • Configuring an NFS client
  • Mounting NFS filesystems at boot
  • Using the automounter to access NFS mounts on demand
  • Configuring AutoFS direct and indirect mounts
  • Creating AutoFS units
  • Exercise

Session 4: SAMBA

  • The SAMBA configuration file (smb.conf)
  • Testing the SAMBA configuration file (testparm)
  • Configuring SAMBA users
  • Starting SAMBA
  • Testing SAMBA (smbclient, smbstatus)
  • Managing Windows filesystems (smbmount, nmblookup)
  • Accessing Windows shares
  • Exercise

Day - 2

Session 5: THE DOMAIN NAME SERVER

  • DNS operation
  • Types of DNS Servers
  • Domain Name Space
  • Setting up a DNS server
  • Server configuration files (named.conf and databases)
  • DNS resource record formats
  • Starting and managing the DNS Server (rcnamed, rndc)
  • Testing the DNS Server (host, dig, nslookup)
  • DNS Client set up (resolv.conf)
  • Exercise

Session 6: DHCP

  • Configuring DHCP
  • The dhcpd.conf configuration file
  • DNS entries
  • Client address entries
  • Address leases
  • Exercise

Session 7: FTP

  • Configuring a VSFTPD server
  • Configuring FTP
  • Configuring Pure-FTPd
  • Configuring ProFTPd
  • Active vs Passive mode
  • vsftpd.conf configuration file
  • Anonymous access
  • Restricting access to the user's login directory
  • FTP logfile
  • Exercise

Session 8: CENTRALISED STORAGE WITH ISCSI

  • Definition and benefits of iSCSI
  • Configuring an iSCSI target and initiator
  • Configuring iSCSI via YaST
  • Exercise

DAY 3

Session 9: FILESYSTEM TOOLS AND DISK MONITORING

  • Converting Ext filesystems to Btrfs
  • Checking and repairing Btrfs filesystems
  • Creating Btrfs subvolumes and snapshots
  • Performing full and incremental backups of XFS filesystems
  • Querying the backup repository
  • Restoring XFS filesystems
  • The ZFS filesystem
  • Configuring smartd
  • Disk monitoring with smartctl
  • Exercise

Session 10: RAID

  • RAID overview
  • Raw devices and partitions
  • Creating and managing a RAID device
  • Creating and mounting a file system within RAID
  • Hot swapping failed drives
  • Exercise

Session 11: LOGICAL VOLUME MANAGEMENT (LVM)

  • Logical Volume Management Overview
  • Viewing LVM information
  • Configuring LVM
  • Creating striped logical volumes
  • Resizing Logical Volumes
  • Logical Volume Snapshots
  • The role of the Device Mapper
  • Configuring the lvm.conf file
  • Exercise

Session 12: DIRECTORY SERVICES

  • Structure of an LDAP Tree
  • Configuring 389 Directory Services
  • Managing Directory Server Users
  • Testing the Directory Server
  • Configuring the Client
  • Legacy LDAP Commands
  • Secure LDAPS with Directory Server
  • Exercise

DAY 4

Session 13: COMPILING SOFTWARE FROM SOURCE

  • Installing programs from source
  • Compiling Open Source Software
  • Installing the compiled software
  • Managing shared libraries
  • Compiling from SRC (source) RPM packages
  • Exercise

Session 14: SYSTEM MONITORING & PERFORMANCE MANAGEMENT

  • System performance monitoring
  • Collecting system performance information
  • Monitoring memory usage
  • Measuring virtual memory
  • Measuring I/O performance
  • Performance Guidelines
  • Performance monitoring tools
  • Capacity planning
  • Exercise

Session 15: FIREWALL CONFIGURATION

  • Basic packets and routing
  • Netfilter (iptables)
  • Packet filtering (iptables, chains, rule targets, connection tracking)
  • Saving and restoring firewall settings
  • Network address translation (NAT)
  • Exercise

Session 16: SYSTEM SECURITY

  • Reporting security alerts
  • Applying security related patches
  • Installing and configuring a Host Intrusion Detection System (HIDS)
  • Installing and configuring fail2ban
  • Exercise

DAY 5

Session 17: PLUGGABLE AUTHENTICATION MODULES (PAM)

  • Main PAM configuration files
  • Configuration file formats
  • Controlling user access using the configuration files
  • Configuring pam_listfile
  • Controlling time-based access with PAM
  • Controlling limits with PAM
  • Exercise

Session 18: POSTFIX

  • Configuring a Postfix server
  • Postfix TLS configuration
  • Configuring Dovecot
  • Managing email delivery
  • Filtering emails
  • Exercise

Session 19: THE LINUX KERNEL

  • Kernel naming conventions
  • Monolithic and Modular kernel design
  • Listing modules
  • Kernel module configuration
  • Kernel tuning
  • The GRUB2 Bootloader
  • Installing an alternate Kernel
  • Exercise

Session 20: HARDWARE CONFIGURATION

  • Hotplug system
  • Devices and Interfaces
  • sysfs filesystem and persistent names
  • Device initialisation and interface configuration
  • Hotplug and Coldplug
  • UDEV system
  • Exercise