Linux administration involves a fair amount of interaction with system hardware and the kernel, as well application of a large number tools and applications. This course provides a hands-on approach to acquiring the key system administration and management skills.
As we traverse the administrative, networking and troubleshooting topics, we incorporate good practice, performance and security elements, all aiming to achieve a high level of proficiency in working with at the command line.
With its distinctive design approach, this course is also suitable as a Unix to Linux conversion for existing Unix administrators. It is a fast-paced skills-building event, full of practical exercises and troubleshooting.
The course platform will be one of the Red Hat derivatives, such as CentOS or ScientificLinux. However, the discussions and material address every major Linux strand, and wherever specific tool, technique or method is relevant, SUSE, Debian and Ubuntu specifics are covered. For example, we discuss the unique approach adopted by various systems in the areas such as system start-up and software management.
All existing administrators, developers, analysts, indeed, all users who find themselves looking after a Linux box. Also, experienced Unix Administrators who need to port their skills to Linux.
- Delegates should have previously attended the 'QALXESS-2, Linux System Fundamentals' course, followed by several months of practical experience of working with Linux (or have equivalent skills)
- Alternatively, they should have solid experience of administration of any Unix version
Delegates will learn how to
At the end of this course you will be able to:
- Compare various Linux distributions
- Understand Linux versus UNIX administration
- Understand the methods and ways of installing a Linux system
- Use the modular kernel architecture and re-configure it to suit a specific need
- Interrogate, manage and configure hardware
- Install additional software: pre-packaged and from source code
- Perform automated software updates
- Configure and troubleshoot boot and operating system start-up process
- Implement and manage partitions and filesystems, including LVM
- Maintain file system security, including using chattr and ACL
- Understand Mandatory Access Control with Selinux and Apparmour
- Enhance user and session security with PAM
- Connect with SAMBA and CIFS
- Use SSH for secure connectivity
- Perform basic network configuration, security and troubleshooting
- Handle packet filtering with iptables and firewalld
Linux server market; Introduction to distributions considered in our courses; Red Hat, Debian (and their derivatives) and SUSE; Understanding kernel versions; Web resources and forums
Preparing For Installation
Understanding PC hard disks: PC hard disk drives: IDE and SCSI; Disk preparation: primary, extended and logical partitions; Understanding memory; Linux swapping and paging: planning swap area, adding swaps; Disk tools: fdisk, parted, hdparm
Preparing for installation; Installation sources; Selecting system 'personality'; Gathering information; Installation planning and process; Installing Linux from CD-ROM; Post-installation steps; Repeatable installation with installer script
- Linux software and source code; Shared and static libraries; Library related tools: ldd, ldconfig; Using 'tarballs' and related tools
- Packages in SUSE, Red Hat and derivatives; Packaging method: RPMs; Package management tools: rpm and yum; SUSE management tool: zypper
- Packages in Debian derivatives; Packaging method - DEBs; Package management tools: dpkg, apt-get, aptitude, tasksel
Bootstrap procedure; Traditional BIOS and MBR; Comparison with modern UEFI and GPT; Using and configuring GRUB "Legacy" bootloader; GRUB disk numbering; GRUB configuration; Using and configuring GRUB 2; grub2 'global' directives configuration; /boot/grub/grub.cfg; initrd versus initramfs; grub2 tools; Recovering from boot problems; GRUB Legacy vs. GRUB 2 CLI commands
Hardware and Architecture
Types of platforms Linux will run on; Minimum hardware requirements; Selected 3.X onwards features; Supported devices; Configuring sysfs devices with udev; Hardware troubleshooting tools
Kernel runtime parameters; /proc/sys/* and /etc/sysctl.conf; Device drivers in the kernel; Monolithic vs. modular design; Handling modules with lsmod, depmod and modprobe; Creating a customised Kernel; Why rebuild?; Prescriptive sequence of steps; Kernel interesting locations: /usr/src/*, /boot, /lib/modules/$(uname -r)
System Service Control
SysVinit startup sequence; Single and multi-user run levels; The init process and its configuration in /etc/inittab; SysVinit startup files (rc files); Systemd method for service control; Units and targets; Configuration files; Using systemctl tool; Integration with SysVinit method
Auditing and logging; Basic Unix log files; Simple data tools for working with logs - touch, tail, tail -f, grep; Syslog daemon; Rotating logs; Monitoring logs. Brief Introduction to journald
User-related configuration files: /etc/passwd, /etc/group, /etc/shadow; Creating an account; Basic attributes; Secondary group membership; Password requirement; Customising an account; User home directory; Start-up files
User Account Security, incl PAM
Security aspects of basic accounts; Terminal and shell control files; Testing account usage and activity: lastlog, last, lastb; Identity power as dictated by UID; Role based identity; PAM; User authentication principles; User account control
Extended File Attributes
Recap of basic file and directory permissions: r/w/x, SUID, SGID and sticky bit; File Access Control List (ACL); Making use of individual user and group assignments; Understanding mask property; Using setfacl and getfacl of files and directories; Applying additional file attributes through chattr; Using chattr to set additional attributes; Applying privileged attributes; Using lsattr to explore extended attributes
Linux native filesystems: ext*, reiserfs, xfs, btrfs ; Configuring filesystems; Performance - mkfs command; Security - mount command; Troubleshooting and diagnosing filesystems: fsck, tune2fs, debugfs, fuser, dumpe2fs, xfs*; Restricting disk assignments with user/group
Storage Management with LVM
Overview of disk partitioning; Using fdisk to create physical partitions; LVM structure: PV, VG, LV; Logical volumes must have filesystem created; Standard mkfs, mount and /etc/fstab treatment applies; Logical volumes can be dynamically resized
Number crunching; Network related files and directories: interface configuration files, name resolving; Modern tools - the ip and ss command: general syntax and usage; Network parameters in the kernel; Configuring proxy; Static routes; Interface parameters with ethtool; Interface bonding: modes and configuration
Perimiter Network Protection
Firewall concepts; Infrastructure and DMZ; Types and implementations; Kernel's role; Network parameters in /proc/sys/net; NetFilter module; Linux firewalls: iptables and firewalld; Understanding firewalld zones and firewall-cmd tool; Alternatives products: IPCop, Shorewall, ufw and many others...; knockd to open holes in your firewall on demand
Introduction to SELinux
DAC vs. MAC security policies; Problems with traditional, discretionary, methods; Products providing mandatory access methods; Main SELinux features; Policies, enforcements, control; Scope, coverage and availability; SELinux configuration and management; SELinux states; Labelling and access policies; Policy database and run-time flow; Modifying existing, and creating new, policies
Protocols & Services; Network super-daemons: inetd, xinetd ; TCP wrapper with tcpd; Network time protocol; Hardware vs. software clock; Daemons and configuration
Samba and CIFS
What is Samba; SMB and CIFS protocols; Installing and configuring Samba components; Configuration file: /etc/samba/smb.conf; Special and user sections; Configuring the [global] section; Samba daemon and diagnostic tools: smbd, nmbd, smbstatus, testparm, SWAT; Samba client tools: nmlookup, smbclient, smbtree, smbtar; Viewing Samba shares in Windows;
SSH Hints and Tricks
SSH purpose; Recap of basic SSH use; SSH client and server configuration ; Using SSH keys; Creating public/private key pair; Configuring and using SSH agent; Tunnelling X application in SSH; Port forwarding; Principles of local and remote port forwarding; Forwarding through a firewall and multiple gateways
Frequently asked questionsSee all of our FAQs
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
Learn more about our Virtual Classrooms.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
Learn more about QA’s online courses.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.