Linux Setup: Configuration

Installing Red Hat Linux 9, Red Hat Advanced Server (AS) 2.1 and UnitedLinux 1.0 are very similar. After the installation of the operating system, there are several configuration steps for the super user to complete. Some are only required by Red Hat AS 2.1 because they are done during the installation of UnitedLinux.

 Verify Kernel
Check the installed kernel.

 Enable Telnet
Post-installations steps.

 Troubleshoot Kernel
Steps to analyze the kernel.

 Enable FTP
Post-installations steps.

 Upgrade Kernel
Verify the currently installed kernel.

 Install Alternate Shells
Install Korn shell on Red Hat AS 2.1.

 Upgrade glibc Packages
Steps to upgrade the library files.

 Upgrade PERL
Steps to upgrade Perl on Red Hat AS 2.1.


The Linux kernel acts as a mediator for the operating system and applications that run as processes. The kernel controls memory management and process execution. The Red Hat Linux Advanced Server (AS) 2.1 and UnitedLinux 1.0 kernels are compiled and therefore machine architecture specific.

It is possible to install multiple Linux kernels on the same server. This can result in an incompatible kernel selection when starting the machine. Incompatible kernels may cause the machine to unsuccessfully boot and provide cryptic error messages.

It is important to know what kernel works with certain machine architectures. A Intel-based machine's architecture may be found in the system BIOS. The table below provides a reference to machine architecture and kernels.

Manufacturer Architecture CPU # Kernel
AMD Athlon 1  kernel-2.4.?-e.*.athlon.rpm
AMD Athlon 1 to 4  kernel-smp-2.4.?-e.*.athlon.rpm
AMD Athlon > 4  kernel-enterprise-2.4.?-e.*.i686.rpm
AMD XP 1  kernel-2.4.?-e.*.athlon.rpm
AMD XP 1 to 4  kernel-smp-2.4.?-e.*.athlon.rpm
AMD XP > 4  kernel-enterprise-2.4.?-e.*.i686.rpm
Intel Pentium 2 1 or more  kernel-2.4.?-e.*.i386.rpm
Intel Pentium 3 1 or more  kernel-2.4.?-e.*.i386.rpm
Intel Pentium 4 1  kernel-2.4.?-e.*.i386.rpm
Intel Pentium 4 1 to 4  kernel-smp-2.4.?-e.*.i686.rpm
Intel Pentium 4 > 4  kernel-enterprise-2.4.?-e.*.i686.rpm
Intel Xeon 1 to 4  kernel-smp-2.4.?-e.*.i686.rpm
Intel Xeon > 4  kernel-enterprise-2.4.?-e.*.i686.rpm
Intel Itanium 1 to 4  kernel-smp-2.4.?-e.*.i686.rpm
Intel Itanium > 4  kernel-enterprise-2.4.?-e.*.i686.rpm


  • Troubleshoot the Kernel
After installing the operating system, it is possible that a reboot of the system may fail. The failure often is due to the installation of the Shared Memory Multiprocessor (SMP) kernel as the default boot kernel.

The SMP kernel is installed on Intel Pentium 4 architecture CPUs forward. While all of these CPUs contain active hyperthreading components, only the Intel Xeon and Itanium deliver complete capabilities.

The installation program will install the SMP kernel as the default, unless the system BIOS provides a means to disable hyperthreading and it has been disabled prior to installing the operating system. If the system BIOS provides a means to disable hyperthreading and the CPU is not a Xeon or Intel Itanium processor, it should be disabled before installing the operating system.

If the installation installed the SMP kernel, it may be removed by the following steps or by editing the /boot/grub/grub.conf file.

  1. Verify SMP kernel.
If the packages are not found, then there will be no output to the console. Otherwise, one of the following will be returned based on the type of CPU in the machine. When the SMP kernel is removed with the Linux rpm utility, the /boot/grub/grub.conf file will be updated.

# rpm -qa | grep 'kernel-smp*'
 kernel-smp-2.4.9-e.3.athlon.rpm
- OR -
 kernel-smp-2.4.9-e.3.i686.rpm
  1. Remove the SMP kernel.
# rpm -ev kernel-smp-2.4.9-e.3.`arch`.rpm


  • Upgrade Kernel
The standard Red Hat Linux Advanced Server 2.1 CDs upgrades kernel-2.4.9-e.3. There are several more current kernels supported and the kernel should be upgraded to something newer. Download a newer supported kernel for Red Hat Linux Advanced Server (AS) 2.1 from Oracle. The original Red Hat Linux AS 2.1 server was released in the summer of 2002 and a number of issues are fixed by newer kernels.

An effective technique for upgrading a kernel is to install it and test whether or not the system will bootstrap successfully with it. If the bootstrap succeeds, the older kernel may be removed. If the bootstrap fails, the system may be restarted with the old kernel.

DO NOT attempt to upgrade an existing kernel! It may corrupt the template and require a re-installation of the operating system.

  • Install single processor kernel.
# rpm -ivh kernel-2.4.?-e.*.`arch`.rpm
  • Install multiple processor kernel.
# rpm -ivh kernel-smp-2.4.?-e.*.`arch`.rpm
  • Install enterprise server kernel.
# rpm -ivh kernel-enterprise-2.4.?-e.*.`arch`.rpm
After completing the above steps, re-start the system and check to see if new kernel is stable. The following packages should be upgraded to be consistent with the kernel version.

  • Upgrade kernel components.
# rpm -Uvh kernel-headers-2.4.?-e.*.i386.rpm kernel-source-2.4.?-e.*.i386.rpm
Completing the kernel upgrade requires two steps. One is to remove the old kernel. Two is to configure the boot loader. The syntax below assumes a fresh installation from media. Therefore, it removes the base kernel, version 3.

  • Remove old kernel.
# rpm -ev kernel-headers-2.4.?-e.3.i386.rpm


  • Upgrade glibc packages
The standard Red Hat Linux Advanced Server 2.1 CDs install glibc-2.2.4-26. There are several more current versions of the standard C libraries. The glibc libraries should be upgraded to something newer.

When the C libraries change, standard components and custom code may become broken. Upgrading the glibc libraries cannot be easily undone. So, before applying a new patch set to a production server, build a test system and confirm that the libraries do not introduce problems.

For example, if glibc-2.2.4-29.1 libraries delivered with kernel-2.4.9-e.12 are used, both the ftp-0.17-12 and nscd-2.2.4-26 packages need to be installed.

It is assumed glibc-2.2.4-29 was applied by subsequent patches where released. If installing a newer glibc library than 12, find and install ftp-0.17-12 to fix issues with the ftp packages.

Assuming all the packages noted above are in the same directory, the command to install the new libraries is below.

# rpm -Uvh glibc-2.2.4-??.*.`arch`.rpm glibc-*-2.2.4-??.*.i386 \
> glibc-common-2.2.4-??.*.i386.rpm nscd-*.rpm


  • Enable Telnet
It is important to note that these setup instructions only enable telnet for regular users. The root user is not configured to support telnet because it possibly compromises the root user password to sniffers.

 Red Hat Linux AS 2.1

 Red Hat Linux AS 3.0

 United Linux 1.0

  • Red Hat Linux AS 2.1
After the installation of the operating system, by default telnet is disabled. Enable telnet by the following steps.

  1. Edit the /etc/xinetd.d/telnet file by changing the following line.
Prior to File Edit
 disable = yes

After File Edit
 disable = no

  1. Start the inetd service.
# /etc/init.d/xinetd start
 Starting xinetd: [  OK  ]
  1. Verify the telnet listener is running.
# netstat -a | grep telnet
 tcp   0   0 *:telnet    *:*     LISTEN
  1. Enable the xinetd service on system reboot.
Editing the /etc/xinetd.d/telnet file enabled telnet during system reboot.


  • Red Hat Linux AS 3.0
After the installation of the operating system, by default telnet is disabled. Enable telnet by the following steps.

  1. Edit the /etc/xinetd.d/krb5-telnet file by changing the following line.
Prior to File Edit
 disable = yes

After File Edit
 disable = no

  1. Start the inetd service.
# /etc/init.d/xinetd start
 Starting xinetd: [  OK  ]
  1. Verify the telnet listener is running.
# netstat -a | grep telnet
 tcp   0   0 *:telnet    *:*     LISTEN
  1. Enable the xinetd service on system reboot.
Editing the /etc/xinetd.d/krb5-telnet file enabled telnet during system reboot.


  • United Linux 1.0
After the installation of the operating system, by default telnet is disabled. Enable telnet by the following steps.

  1. Edit the /etc/inetd.conf file by changing the following line.
Prior to File Edit
 # telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd

After File Edit
 telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd

  1. Start the inetd service.
# /etc/init.d/inetd start
 Starting inetd    done
  1. Verify the telnet listener is running.
# netstat -a | grep telnet
 tcp   0   0 *:telnet    *:*     LISTEN
  1. Enable the inetd service for system reboot.
United Linux uses the chkconfig utility to manage services. Enable and disable services by the command syntax below. When enabling a service, the chkconfig utility writes symbolic links to the /etc/rc.d/inetd file in various run level directories. When disabling a service, it removes those symbolic links.

  1. Check inetd service status.
# chkconfig inetd
 inetd off
  1. Enable inetd service status.
# chkconfig inetd on
  1. Verify change in inetd service status.
# chkconfig inetd
 inetd on


  • Enable FTP
It is important to note that these setup instructions only enable ftp for regular users. The root user is not configured to support ftp because it possibly compromises the root user password to sniffers.

 What is FTP?

 Red Hat Linux AS 2.1

 Red Hat Linux AS 3.0

 United Linux 1.0

  • What is FTP?
File Transfer Protocol (FTP) provides a method for moving files from one computer to another across a network. It is dependent on a TCP/IP connection.

There are two modes of FTP. They are active and passive FTP. The most important difference between active and passive modes is that active mode does not work well across a firewall. While it is possible to configure a firewall to enable active FTP, it is not advisable to enable it.

  • Active FTP
Active FTP works in a circular fashion. A client invokes a connection with a server across port 21. The FTP daemon (listener) on port 21 receives the request. The Server FTP daemon spawns a process to invoke a connection across port 20 to the client. When the data connection is established across port 20, the server signals an acknowledgement to the client across port 21, which is the control connection.

FTP is typically used in active mode within LAN and Intranet environments. In these environments, firewalls are deployed as individual machine security shields and do not employ IP masquerading. FTP sends both user name and password as unencrypted text across the network, which is a security risk. Privileged users, like root, should NEVER be enabled for FTP! LAN and Intranet copying should be done with secure copy (scp) since it encrypts the password. While it uses port 23 for incoming clients and port 22 for server callback, like active mode FTP, the callback port may be set to a port above 1024 and enabled by firewall configuration rules.

Active FTP process works well except for two issues. It depends on a system level port, which is a port less than 1024. It cannot make the connection to the client due to misdirection because of IP masquerading and Network Address Translation (NAT). NAT introduces the failure by rewriting the packet header of the TCP/IP message with a meaningful Internet IP address, which masquerades as the sending machine. Therefore, if the server attempted to build a data channel it would do so to another machine if port 20 where open. Ports below 1024 are generally closed by firewalls to incoming traffic.

  • Passive FTP
Passive FTP works in a coordinated series of requests. A client invokes a control connection with a server across port 21 and a data connection across port 20. The FTP daemon (listener) on port 21 receives the request. When the data connection is heard and established across port 20, the server signals an acknowledgement to the client across the control connection.

The process works without firewall problems because both connections are invoked by the client. One to the FTP listener daemon and the other to a randomly designated port transmitted with the control connection. Misdirection does not occur since IP masquerading and Network Address Translation (NAT) is resolved on transmission to the server.


  • Red Hat AS 2.1
  1. Verify if ftp packages are installed.
If during installation of the operating system, a firewall option of medium or high is selected, the installation will not install the FTP packages. The FTP packages may be found on the Red Hat Linux Advanced Server 2.1, Disk #1. The following packages are installed when a firewall option of none is selected during installation.

# rpm -qa | grep ftp
FTP Packages
anonftp-4.0-9.i386.rpm ncftp-3.0.3-6.i386.rpm
ftp-0.17-12.i386.rpm wu-ftpd-2.6.1-20.i386.rpm
gftp-2.0.8-2.i386.rpm  

  1. Install missing ftp packages (when necessary).
If FTP is not installed, the FTP packages may be installed as noted below.
  1. Mount the Red Hat Linux Advanced Server 2.1, Disk #1.
Manual mounting may not be necessary if logged in from the console. The Linux automount works from the console but when logged in across the network it will not work unless the console is logged in as the same user.
# mount /mnt/cdrom
  1. Change directory.
# cd /mnt/cdrom/RedHat/RPMS
  1. Install the FTP packages.
# rpm -Uvh *ftp*.rpm
  1. Install missing ftp packages (when necessary).
After installing the operating system, by default FTP is disabled. Enable FTP by editing the /etc/xinetd.d/wu-ftpd file and change the following line.

Prior to File Edit
 disable = yes

After File Edit
 disable = no

  1. Start the FTP listener.
# /etc/init.d/xinetd restart
 Starting xinetd: [  OK  ]
 Stopping xinetd: [  OK  ]
  1. Verify the FTP listener is running.
# netstat -a | grep ftp
 tcp   0   0 *:ftp    *:*     LISTEN

  • Red Hat AS 3.0
  1. Verify if ftp packages are installed.
If during installation of the operating system, a firewall option of medium or high is selected, the installation will not install the FTP packages. The FTP packages may be found on the Red Hat Linux Advanced Server 2.1, Disk #1. The following packages are installed when a firewall option of none is selected during installation.

# rpm -qa | grep ftp
FTP Packages
lftp-2.6.3-3.i386.rpm ftp-0.17-17.i386.rpm
tftp-0.32-4.i386.rpm vsftpd-1.2.0-4.i386.rpm
gftp-2.0.14-2.i386.rpm  

  1. Install missing ftp packages (when necessary).
If FTP is not installed, the FTP packages may be installed as noted below.
  1. Mount the Red Hat Linux Advanced Server 3.0, Disk #1.
Manual mounting may not be necessary if logged in from the console. The Linux automount works from the console but when logged in across the network it will not work unless the console is logged in as the same user.
# mount /mnt/cdrom
  1. Change directory.
# cd /mnt/cdrom/RedHat/RPMS
  1. Install the FTP packages.
# rpm -Uvh *ftp*.rpm
  1. Activate FTP service.
After installing the operating system, by default FTP is enabled but not an active service. Enable the service as the root user by using the following command. This will ensure it is started on system reboot.

# services vsftpd on
  1. Start the FTP listener.
# /etc/init.d/vsftpd start
 Starting vsftpd for vsftpd:
  1. Verify the FTP listener is running.
# /etc/init.d/vsftpd status
 vsftpd (pid 3474) is running...

  • United Linux 1.0
  1. Verify if ftp packages are installed.
United Linux does not install the FTP daemon package. The following steps will install and enable FTP daemon.

The FTP packages may be found on the United Linux Disk #1 and Disk #2. The following command will verify installed packages.

# rpm -qa | grep ftp
FTP Packages
Disk #1 Disk #2
lukemftp-1.5-330.i586.rpm pure-ftpd-1.0.12-77.i586.rpm
ncftp-3.1.3-56.i586.rpm  
tftp-0.29-57.i586.rpm  
vsftpd-1.1.0-31.i586.rpm  

  1. Install missing ftp packages (when necessary).
If FTP is not installed, the FTP packages may be installed as noted below.
  1. Mount the UnitedLinux 1.0, Disk #1.
Manual mounting is necessary if not logged in from the console. The United Linux automount is a manual GUI menu activity from the console. If the machine has a CDROM installed, the following mount command will succeed. If a CDRW drive is installed, change cdrom to cdrecorder.

# mount /media/cdrom
  1. Change directory.
# cd /media/cdrom/UnitedLinux/i586
  1. Install the FTP packages.
# rpm -Uvh *ftp*.rpm
  1. Exit the mounted directory.
# cd /
  1. Umount the UnitedLinux 1.0, Disk #1.
# umount /media/cdrom
  1. Mount the UnitedLinux 1.0, Disk #2.
Manual mounting is necessary if not logged in from the console. The United Linux automount is a manual GUI menu activity from the console. If the machine has a CDROM installed, the following mount command will succeed. If a CDRW drive is installed, change cdrom to cdrecorder.

# mount /media/cdrom
  1. Change directory.
# cd /media/cdrom/UnitedLinux/i586
  1. Install the FTP packages.
# rpm -Uvh *ftp*.rpm
  1. Exit the mounted directory.
# cd /
  1. Umount the UnitedLinux 1.0, Disk #1.
# umount /media/cdrom
  1. Starting a missing ftp daemon.
The pure-ftpd package installs a ftp daemon service. The service may be started as noted below.

# /etc/init.d/pure-ftpd start
 Starting pure-ftpd    done
  1. Enable a the pure-ftpd daemon services.
United Linux uses the chkconfig utility to manage services. Enable and disable services by the command syntax below. When enabling a service, the chkconfig utility writes symbolic links to the /etc/rc.d/pure-ftpd file in various run level directories. When disabling a service, it removes those symbolic links.

  1. Check pure-ftpd service status.
# chkconfig pure-ftpd
 pure-ftpd off
  1. Enable pure-ftpd service status.
# chkconfig pure-ftpd on
  1. Verify change in pure-ftpd service status.
# chkconfig pure-ftpd
 pure-ftpd on
  1. Verify the FTP listener is running.
# netstat -a | grep ftp
 tcp   0   0 *:ftp    *:*     LISTEN


The installation of the operating system does not install the Korn shell. The Korn shell is found on the Red Hat Linux Advanced Server 2.1, Disk #2. The Korn shell may be installed as noted below.
  1. Mount the Red Hat Linux Advanced Server 2.1, Disk #2.
Manual mounting may not be necessary if logged in from the console. The Linux automount works from the console but when logged in across the network it will not work unless the console is logged in as the same user.
# mount /mnt/cdrom
  1. Change directory.
# cd /mnt/cdrom/RedHat/RPMS
  1. Install the FTP packages.
# rpm -ivh pdksh-5.2.14-13.i386.rpm


  • Upgrade PERL
The Red Hat Linux Advanced Server 2.1 operating system installs PERL 5.6.1. Upgrading to PERL 5.8 requires several packages that need to be downloaded from Red Hat's web site.

  1. Download the following from Red Hat Linux 8, Disk #1 and stage the software in a directory.
Perl 5.8 Packages
 perl-5.8.0-55.i386.rpm  perl-Parse-Yapp-1.05-26.noarch.rpm
 perl-CPAN-1.61-55.i386.rpm  perl-SGMLSpm-1.03ii-6.noarch.rpm
 perl-DateManip-5.40-27.noarch.rpm  perl-URI-1.21-3.noarch.rpm
 perl-Filter-1.28-9.i386.rpm  perl-XML-Dumper-0.4-22.noarch.rpm
 perl-HTML-Parser-3.26-14.i386.rpm  perl-XML-Encoding-1.01-20.noarch.rpm
 perl-HTML-Tagset-3.03-25.noarch.rpm  perl-XML-Grove-0.46alpha-21.noarch.rpm
 perl-libwww-perl-5.65-2.noarch.rpm  perl-XML-Parser-2.31-12.i386.rpm
 perl-libxml-enno-1.02-25.i386.rpm  perl-XML-Twig-3.05-3.noarch.rpm
 perl-libxml-perl-0.07-25.noarch.rpm  

Perl 5.8 Dependency Packages
 db4-4.0.14-14.i386.rpm  db4-utils-4.0.14-14.i386.rpm
 db4-devel-4.0.14-14.i386.rpm  

If upgrading a Development Services box, some images are missing two other files. The needed files may be downloaded from Red Hat or taken from the Red Had Linux Advanced Server 2.1, Disk 2.

These packages support DSSSL, which enables SGML and XML translation by Perl. Perl delivers more complete XML functionality in version 5.8.

Development Services Missing Red Hat AS 2.1 Packages
 openjade-1.3-17.i386.rpm  sgml-common-0.5-7.noarch.rpm

  1. Download the following from Red Hat's patch site and stage the software in the same directory as the Linux 8 version of Perl and Perl dependency packages. These patches provide needed libraries left out of the Red Hat Linux 7.2 and Red Hat Linux Advanced Server 2.1 versions.
Package Summary Version
db1-1.85-8.i386.rpm The BSD database library for C (version 1). RedHat-7.3 for i386
db1-devel-1.85-8.i386.rpm Development files for Berkeley DB (version 1) library. RedHat-7.3 for i386
  1. Install Perl and support packages from the above steps. The force option is used to override the safety precaution for a duplicate package and version. Both of the Perl versions contain the perl-Storable-0.6.11-6 component. Using the force command is the only way to replace an equivalent version.
# rpm -Uvh --force *.rpm