The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
Administrator's Guide
E41138-37
March 2021
Table of Contents
- Preface
- I System Configuration
- 1 Yum
- 1.1 About Yum
- 1.2 About ULN
- 1.3 Yum Configuration
- 1.4 Using Yum from the Command Line
- 1.5 Yum Groups
- 1.6 Installing and Using the Yum Security Plugin
- 1.7 Switching CentOS or Scientific Linux Systems to Use the Oracle Linux Yum Server
- 1.8 Creating and Using a Local ULN Mirror
- 1.9 Creating a Local Yum Repository Using an ISO Image
- 1.10 Setting up a Local Yum Server Using an ISO Image
- 1.11 For More Information About Yum
- 2 Ksplice
- 3 Boot Configuration
- 4 System Configuration Settings
- 5 Kernel Modules
- 6 Device Management
- 7 Task Management
- 8 System Monitoring and Tuning
- 9 System Dump Analysis
- 10 Control Groups
- 10.1 About cgroups
- 10.2 Subsystems
- 10.3 Enabling the cgconfig Service
- 10.4 Enabling PAM to Work with cgroup Rules
- 10.5 Restarting the cgconfig Service
- 10.6 About the
cgroups
Configuration File - 10.7 About the cgroup Rules Configuration File
- 10.8 Displaying and Setting Subsystem Parameters
- 10.9 Use Cases for
cgroups
- II Networking and Network Services
- 11 Network Configuration
- 11.1 About Network Interfaces
- 11.2 About Network Configuration Files
- 11.3 Command-line Network Configuration Interfaces
- 11.4 Configuring Network Interfaces Using Graphical Interfaces
- 11.5 Configuring Network Interface Bonding
- 11.6 Configuring VLANs with Untagged Data Frames
- 11.7 Configuring Network Routing
- 12 Network Address Configuration
- 13 Name Service Configuration
- 14 Network Time Configuration
- 15 Web Service Configuration
- 16 Email Service Configuration
- 17 Load Balancing and High Availability Configuration
- 17.1 About HAProxy
- 17.2 Installing and Configuring HAProxy
- 17.3 Configuring Simple Load Balancing Using HAProxy
- 17.4 About Keepalived
- 17.5 Installing and Configuring Keepalived
- 17.6 Configuring Simple Virtual IP Address Failover Using Keepalived
- 17.7 Configuring Load Balancing Using Keepalived in NAT Mode
- 17.8 Configuring Load Balancing Using Keepalived in DR Mode
- 17.9 Configuring Keepalived for Session Persistence and Firewall Marks
- 17.10 Making HAProxy Highly Available Using Keepalived
- 17.11 About Keepalived Notification and Tracking Scripts
- 17.12 Making HAProxy Highly Available Using Oracle Clusterware
- III Storage and File Systems
- 18 Storage Management
- 19 File System Administration
- 19.1 Making File Systems
- 19.2 Mounting File Systems
- 19.3 About the File System Mount Table
- 19.4 Configuring the Automounter
- 19.5 Mounting a File Containing a File System Image
- 19.6 Creating a File System on a File
- 19.7 Checking and Repairing a File System
- 19.8 About Access Control Lists
- 19.9 About Disk Quotas
- 20 Local File System Administration
- 20.1 About Local File Systems
- 20.2 About the Btrfs File System
- 20.3 Creating a Btrfs File System
- 20.4 Modifying a Btrfs File System
- 20.5 Compressing and Defragmenting a Btrfs File System
- 20.6 Resizing a Btrfs File System
- 20.7 Creating Subvolumes and Snapshots
- 20.8 Using the Send/Receive Feature
- 20.9 Using Quota Groups
- 20.10 Replacing Devices on a Live File System
- 20.11 Creating Snapshots of Files
- 20.12 Converting an Ext2, Ext3, or Ext4 File System to a Btrfs File System
- 20.13 Installing a Btrfs root File System
- 20.13.1 Setting up a New NFS Server
- 20.13.2 Configuring an Existing NFS Server
- 20.13.3 Setting up a New HTTP Server
- 20.13.4 Configuring an Existing HTTP Server
- 20.13.5 Setting up a Network Installation Server
- 20.13.6 Installing from a Network Installation Server
- 20.13.7 About the Installation root File System
- 20.13.8 Creating Snapshots of the root File System
- 20.13.9 Mounting Alternate Snapshots as the root File System
- 20.13.10 Deleting Snapshots of the root File System
- 20.14 Converting a Non-root Ext2 File System to Ext3
- 20.15 Converting a root Ext2 File System to Ext3
- 20.16 Creating a Local OCFS2 File System
- 20.17 About the XFS File System
- 20.18 Installing the XFS Packages
- 20.19 Creating an XFS File System
- 20.20 Modifying an XFS File System
- 20.21 Growing an XFS File System
- 20.22 Freezing and Unfreezing an XFS File System
- 20.23 Setting Quotas on an XFS File System
- 20.24 Backing up and Restoring XFS File Systems
- 20.25 Defragmenting an XFS File System
- 20.26 Checking and Repairing an XFS File System
- 21 Shared File System Administration
- 22 Oracle Cluster File System Version 2
- 22.1 About OCFS2
- 22.2 Installing and Configuring OCFS2
- 22.2.1 Preparing a Cluster for OCFS2
- 22.2.2 Configuring the Firewall
- 22.2.3 Configuring the Cluster Software
- 22.2.4 Creating the Configuration File for the Cluster Stack
- 22.2.5 Configuring the Cluster Stack
- 22.2.6 Configuring the Kernel for Cluster Operation
- 22.2.7 Starting and Stopping the Cluster Stack
- 22.2.8 Creating OCFS2 volumes
- 22.2.9 Mounting OCFS2 Volumes
- 22.2.10 Querying and Changing Volume Parameters
- 22.3 Troubleshooting OCFS2
- 22.4 Use Cases for OCFS2
- 22.5 For More Information About OCFS2
- IV Authentication and Security
- 23 Authentication Configuration
- 23.1 About Authentication
- 23.2 About Local Oracle Linux Authentication
- 23.3 About IPA
- 23.4 About LDAP Authentication
- 23.4.1 About LDAP Data Interchange Format
- 23.4.2 Configuring an LDAP Server
- 23.4.3 Replacing the Default Certificates
- 23.4.4 Creating and Distributing Self-signed CA Certificates
- 23.4.5 Initializing an Organization in LDAP
- 23.4.6 Adding an Automount Map to LDAP
- 23.4.7 Adding a Group to LDAP
- 23.4.8 Adding a User to LDAP
- 23.4.9 Adding Users to a Group in LDAP
- 23.4.10 Enabling LDAP Authentication
- 23.5 About NIS Authentication
- 23.6 About Kerberos Authentication
- 23.7 About Pluggable Authentication Modules
- 23.8 About the System Security Services Daemon
- 23.9 About Winbind Authentication
- 24 Local Account Configuration
- 25 System Security Administration
- 25.1 About System Security
- 25.2 Configuring and Using SELinux
- 25.3 About Packet-filtering Firewalls
- 25.4 About TCP Wrappers
- 25.5 About chroot Jails
- 25.6 About Auditing
- 25.7 About System Logging
- 25.8 About Process Accounting
- 25.9 Security Guidelines
- 25.9.1 Minimizing the Software Footprint
- 25.9.2 Configuring System Logging
- 25.9.3 Disabling Core Dumps
- 25.9.4 Minimizing Active Services
- 25.9.5 Locking Down Network Services
- 25.9.6 Configuring a Packet-filtering Firewall
- 25.9.7 Configuring TCP Wrappers
- 25.9.8 Configuring Kernel Parameters
- 25.9.9 Restricting Access to SSH Connections
- 25.9.10 Configuring File System Mounts, File Permissions, and File Ownerships
- 25.9.11 Checking User Accounts and Privileges
- 26 OpenSSH Configuration
- V Virtualization
- 27 Linux Containers
- 27.1 About Linux Containers
- 27.2 Configuring Operating System Containers
- 27.3 Logging in to Containers
- 27.4 Creating Additional Containers
- 27.5 Monitoring and Shutting Down Containers
- 27.6 Starting a Command Inside a Running Container
- 27.7 Controlling Container Resources
- 27.8 Configuring ulimit Settings for an Oracle Linux Container
- 27.9 Configuring Kernel Parameter Settings for Oracle Linux Containers
- 27.10 Deleting Containers
- 27.11 Running Application Containers
- 27.12 For More Information About Linux Containers