158 Part II Installation
The command to verify a file may look something like this:
[root@localhost /root]# rpm -K rpm-2.3-1.i386.rpm rpm-2.3-1.i386.rpm: size pgp md5 OK
A failed verification may look like this:
[root@localhost /root]# rpm -Kv rpm-2.3-1.i386.rpm rpm-2.3-1.i386.rpm:
Header+Archive size OK: 278686 bytes
Good signature from user “Red Hat Software, Inc. <redhat@redhat.com>”.
Signature made 1996/12/24 18:37 GMT using 1024-bit key, key ID CBA29BF9
WARNING: Because this public key is not certified with a trusted signature, it is not known with high confidence that this public key actually belongs to: “Red Hat Software, Inc. <redhat@redhat.com>”. MD5 sum OK: 8873682c5e036a307dee87d990e75349
You can use this type of verification to prevent the installation of corrupt or tampered files on a production system.
The tools that are included in the RPM are impressive, with their ability to detect dependencies, and install support files on the fly. The fact that Red Hat opened up RPM for every Linux distribution is equally impressive, because RPM has become a Linux standard for installing, removing, upgrading, querying, and verifying the packages installed on a Linux system.
Upgrading the Kernel
2.15 Explain when and why the kernel will need to be recompiled
Immediately after installation, you may encounter situations in which you are required to upgrade the system. Although the Linux kernel has seen many advances, it may not fulfill the needs of your system. For this reason, the kernel (which is available at www.kernel.org/) is updated often. You may have several reasons to update the kernel on your system, including the following:
Stability: Although a released stable kernel is usually of high quality, many issues can still arise. This is why additional kernel releases are often more stable than the previous release.
Chapter 5 Advanced Installation 159
Hardware support: You probably need to upgrade to a version 2.0 kernel or higher in order to achieve support for many of the new hardware devices that are available today. For example, the 2.4 kernel has vastly improved support for Fibre Channel devices. This is not the only reason to upgrade a kernel, but it is perhaps the most driving force behind kernel development. The ability to use Linux with USB, IEEE-1394, Fibre Channel, and many other new technologies drives developers to create a new kernel to provide better support for these pieces of hardware.
Hardware platforms: The newest processors often benefit from having the kernel optimized for their use. By providing an updated kernel, the system will be able to use the CPU more efficiently.
Package support: Some software packages don’t run well — or don’t even run at all — on older kernel versions, and these packages are often required to use the Linux system.
Regardless of the reasons for upgrading the kernel, installers should be competent at performing this task.
Upgrading a Linux Kernel
To carry out a Linux kernel upgrade, perform the following:
1.Make sure that you have a working emergency boot disk available — just in case a mistake is made while upgrading the kernel. If a boot disk was not created during the installation, use the mkbootdisk command to make one. The standard command is similar to mkbootdisk --device /dev/fd0 2.4.x, where 2.4.x is the full version of the current kernel.
2.Test the boot disk to make sure that it will boot the system. This will protect the system in case the upgrade fails by giving the option to restore the old kernel.
3.Clear out any configuration files from previous builds of the kernel. You can do this with the make mrproper command, which will clean up the source tree.
After you have completed these steps, you can choose from several methods to perform the upgrade, which are listed here.
make config: An interactive text program. Components are presented and you answer with Y (yes), N (no), or M (module).
make menuconfig: A graphical, menu-driven program. Components are presented in a menu of categories; you select the desired components in the same manner that you used in the Red Hat Linux installation program. Toggle the tag corresponding to the item that you want included by answering Y (yes), N (no), or M (module).
160 Part II Installation
make xconfig: An X Window System program. Components are listed in different levels of menus, which you select by using a mouse. Again, answer with Y (yes), N (no), or M (module).
make oldconfig: This is a non-interactive script that sets up your Makefile to be the default settings. If you’re using the Red Hat patched kernel, it sets up the configuration for the kernel that is shipped for your box. This is useful when setting up your kernel to known working defaults and then turning off features that you don’t want.
If you are using a pre-configured installation file, which is used to configure identical systems, you may omit the mrproper and make config commands and use the make dep and make clean commands to prepare the system for the new kernel.
After you have completed one of these methods, your next step is to edit the Makefile, found at /usr/src/linux/Makefile, and change the line EXTRAVERSION = to a new name for the newly created kernel configuration file. This allows you to have the old working kernel and the new kernel on your system at the same time. Use the make bzImage to build the kernel and add any modules with the make modules command. Then install the modules — even if none were built — with the make modules_install command. Rename the original kernel in /boot and copy the new kernel to /boot. Now edit /etc/lilo.conf to include the newly created kernel and run /sbin/lilo. The following is an example of what you can do to the lilo.conf file.
image=/boot/vmlinuz-2.2.16-12 label=linux initrd=/boot/initrd-2.2.16-12.img read-only
root=/dev/hda8
other=/dev/hda1
label=dos
image=/boot/vmlinuz-2.2.16-12 label=linux initrd=/boot/initrd-2.2.16-12.img read-only
root=/dev/hda8
image=/boot/vmlinuz-2.2.18-12.upgrade label=test initrd=/boot/initrd-2.2.18-12upgrade.img read-only
root=/dev/hda8
other=/dev/hda1
label=dos
Chapter 5 Advanced Installation 161
This allows the system to boot off the previous kernel and the new kernel at the same time. Another way that you can perform the upgrade to a new kernel is to use the RPM utility, which allows the updating of the kernel with the powerful tools included in RPM. Although many installers don’t like to perform kernel updates with RPM, it should be included in your repertory of skills.
System Log Files
2.18 Read the Logfiles created during installation to verify the success of the installation
During the installation of Linux and additional software packages, system logs are created. These logs are created on the system to allow for verification of installation and for troubleshooting if the installation goes poorly. Table 5-9 shows the major system configuration and log files and includes a brief description of each one.
|
Table 5-9 |
System Configuration and Log Files |
|
|
|
File |
Description |
|
|
/etc/sysconfig |
Directory on Red Hat Linux that holds system configuration files |
|
|
/etc/rc.d |
Directory that holds system startup and shutdown files |
|
|
/etc/rc.d/rc.sysinit |
Initialization file for the system |
|
|
/etc/rc.config |
Configuration file for SuSE Linux system |
|
|
/etc/rc.d/rc.local |
Initialization file for custom commands |
|
|
/etc/rc.d/rc.modules |
Loads kernel modules on startup of the system |
|
|
/etc/rc.d/init.d |
Directory that holds many of the daemons, servers and scripts |
|
for the System V init startup control standard |
|
|
/sbin/init.d |
Directory that holds many of the daemons, servers, and scripts |
|
for a SuSE system |
|
|
/etc/rc.d/rc(1-8).d |
Directories for the different runlevels; these directories hold |
|
links to scripts in the /etc/rc.d/init.d directory (on SuSE these |
|
are located in /sbin/init.d/rc(1-8).d |
|
|
/etc/rc.d/init.d/halt |
Operations performed each time the system is shut down. |
|
Some distributions use the name rc.halt |
|
|
/etc/rc.d/init.d/lpd |
Start up and shut down the lpd printing daemon |
|
|
(Continued)
162 Part II Installation
|
Table 5-9 (continued) |
|
|
File |
Description |
|
|
/etc/rc.d/init.d/inet |
Operations to start and stop the inetd Internet services daemon |
|
|
/etc/rc.d/init.d/network |
Operations to start and stop the network connections |
|
|
/etc/rc.d/init.d/httpd |
Operations to start and stop the httpd Web server daemon |
|
|
/etc/X11 |
X Windows configuration files |
|
|
/etc/lilo.conf |
LILO configuration file |
|
|
/etc/fstab |
Listing of the Linux file systems and automatically mount file |
|
systems |
|
|
/etc/hosts |
Hosts configuration file |
|
|
/mnt |
Holds removable media file systems mount points |
|
|
/etc/inittab |
The default state and terminal connections |
|
|
/etc/passwd |
Contains user password and login information |
|
|
/etc/shadow |
Contains user-encrypted passwords |
|
|
/etc/group |
Contains a list of groups and the configuration for each group |
|
|
/etc/syslog.conf |
Contains the names and locations of system log files |
|
|
/proc/ |
Contains hardware configurations of the system |
|
|
/var/log/boot.log(.x) |
Show the completion of daemons and other system functions, |
|
(.x) shows there are several corresponding to system boots |
|
|
/var/log/cron (.x) |
Show the weekly and daily cron jobs completed, (.x) shows |
|
there are several corresponding to system boots |
|
|
/var/log/dmesg |
Contains hardware detected on boot up |
|
|
/var/log/maillog (.x) |
Mail logs for system information, (.x) shows there are several |
|
corresponding to system boots |
|
|
/var/log/secure (.x) |
RSA key generation log, (.x) shows there are several |
|
corresponding to system boots |
|
|
/var/log/spooler (.x) |
Spooler generation log, (.x) shows there are several |
|
corresponding to system boots |
|
|
/var/log/fax |
Directory of fax log files |
|
|
/var/log/httpd |
Directory of httpd Web daemon log files |
|
|
/var/log/news |
Directory of news daemon log files |
|
|
/var/log/samba |
Directory of samba log files |
|
|
/var/log/squid |
Directory of squid log files |
|
|
/var/log/uucp |
Directory of uucp log files |
|
|