LPI介绍

The LPIC Program

The LPIC program is designed to certify the competency of system administration using the Linux operating system and its associated tools. It is designed to be distribution neutral, following the Linux Standard Base and other relevant standards and conventions.

The LPIC program is designed in three levels. determining which tasks were suitable to each level was done using a "Job Task Analysis" (JTA) survey. As with all of the LPIC's exam development processes, the JTA was developed and excuted using recognized psychometric processes, to ensure its relevance and high quality.

Junior Level Administration (LPIC-1)

• Status: Available now. First published January 11, 2000; latest revision published March 28, 2003
• Pre-Requisites: None
• Requirements: Passing Exams 101 and 102
• Overview of Tasks: To pass Level 1 someone should be able to
• • Work at the Linux command line
  • Perform easy maintenance tasks: help out users, add users to a larger system, backup & restore, shutdown & reboot
  • Install and configure a workstation (including X) and connect it to a LAN, or a stand-alone PC via modem to the Internet.

 

Exam 101: Detailed Objectives

This is a required exam for LPI certification Level 1. It covers basic system administration skills that are common across all distributions of linux.

Each objective is assigned a weighting value. The weights range roughly from 1 to 10, and indicate the relative importance of each objective. Objectives with higher weights will be covered in the exam with more questions.

Topic 101: Hardware & Architecture

• 1.101.1 Configure Fundamental BIOS Settings
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to configure fundamental system hardware by making the correct settings in the system BIOS. This objective includes a proper understanding of BIOS configuration issues such as the use of LBA on IDE hard disks larger than 1024 cylinders, enabling or disabling integrated peripherals, as well as configuring systems with (or without) external peripherals such as keyboards. It also includes the correct setting for IRQ, DMA and I/O addresses for all BIOS administrated ports and settings for error handling.

Key files, terms, and utilities include:

/proc/ioports
/proc/interrupts
/proc/dma
/proc/pci

• 1.101.3 Configure Modem and Sound cards
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Ensure devices meet compatibility requirements (particularly that the modem is NOT a win-modem), verify that both the modem and sound card are using unique and correct IRQ's, I/O, and DMA addresses, if the sound card is PnP install and run sndconfig and isapnp, configure modem for outbound dial-up, configure modem for outbound PPP | SLIP | CSLIP connection, set serial port for 115.2 Kbps

• 1.101.4 Setup SCSI Devices
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to configure SCSI devices using the SCSI BIOS as well as the necessary Linux tools. They also should be able to differentiate between the various types of SCSI. This objective includes manipulating the SCSI BIOS to detect used and available SCSI IDs and setting the correct ID number for different devices especially the boot device. It also includes managing the settings in the computer's BIOS to determine the desired boot sequence if both SCSI and IDE drives are used.

Key files, terms, and utilities include:

SCSI ID
/proc/scsi/
scsi_info

• 1.101.5 Setup different PC expansion cards
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to configure various cards for the various expansion slots. They should know the differences between ISA and PCI cards with respect to configuration issues. This objective includes the correct settings of IRQs, DMAs and I/O Ports of the cards, especially to avoid conflicts between devices. It also includes using isapnp if the card is an ISA PnP device.

Key files, terms, and utilities include:

/proc/dma
/proc/interrupts
/proc/ioports
/proc/pci
pnpdump(8)
isapnp(8)
lspci(8)

• 1.101.6 Configure Communication Devices
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to install and configure different internal and external communication devices like modems, ISDN adapters, and DSL switches. This objective includes verification of compatibility requirements (especially important if that modem is a winmodem), necessary hardware settings for internal devices (IRQs, DMAs, I/O ports), and loading and configuring suitable device drivers. It also includes communication device and interface configuration requirements, such as the right serial port for 115.2 Kbps, and the correct modem settings for outbound PPP connection(s).

Key files, terms, and utilities include:

/proc/dma
/proc/interrupts
/proc/ioports
setserial(8)

• 1.101.7 Configure USB devices
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to activate USB support, use and configure different USB devices. This objective includes the correct selection of the USB chipset and the corresponding module. It also includes the knowledge of the basic architecture of the layer model of USB as well as the different modules used in the different layers.

Key files, terms, and utilities include:

lspci(8)
usb-uhci.o
usb-ohci.o
/etc/usbmgr/
usbmodules
/etc/hotplug

Topic 102: Linux Installation & Package Management

• 1.102.1 Design hard disk layout
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to design a disk partitioning scheme for a Linux system. This objective includes allocating filesystems or swap space to separate partitions or disks, and tailoring the design to the intended use of the system. It also includes placing /boot on a partition that conforms with the BIOS' requirements for booting.

Key files, terms, and utilities include:

/ (root) filesystem
/var filesystem
/home filesystem
swap space
mount points
partitions
cylinder 1024

• 1.102.2 Install a boot manager
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidate should be able to select, install, and configure a boot manager. This objective includes providing alternative boot locations and backup boot options (for example, using a boot floppy).

Key files, terms, and utilities include:

/etc/lilo.conf
/boot/grub/grub.conf
lilo
grub-install
MBR
superblock
first stage boot loader

• 1.102.3 Make and install programs from source
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to build and install an executable program from source. This objective includes being able to unpack a file of sources. Candidates should be able to make simple customizations to the Makefile, for example changing paths or adding extra include directories.

Key files, terms, and utilities include:

gunzip
gzip
bzip2
tar
configure
make

• 1.102.4 Manage shared libraries
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to determine the shared libraries that executable programs depend on and install them when necessary. Candidates should be able to state where system libraries are kept.

Key files, terms, and utilities include:

ldd
ldconfig
/etc/ld.so.conf
LD_LIBRARY_PATH

• 1.102.5 Use Debian package management
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 8

Description: Candidates should be able to perform package management skills using the Debian package manager. This objective includes being able to use command-line and interactive tools to install, upgrade, or uninstall packages, as well as find packages containing specific files or software (such packages might or might not be installed). This objective also includes being able to obtain package information like version, content, dependencies, package integrity and installation status (whether or not the package is installed).

Key files, terms, and utilities include:
unpack
configure

/etc/dpkg/dpkg.cfg
/var/lib/dpkg/*
/etc/apt/apt.conf
/etc/apt/sources.list
dpkg
dselect
dpkg-reconfigure
apt-get
alien

• 1.102.6 Use Red Hat Package Manager (RPM)
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 8

Description: Candidates should be able to perform package management under Linux distributions that use RPMs for package distribution. This objective includes being able to install, re-install, upgrade, and remove packages, as well as obtain status and version information on packages. This objective also includes obtaining package information such as version, status, dependencies, integrity, and signatures. Candidates should be able to determine what files a package provides, as well as find which package a specific file comes from.

Key files, terms, and utilities include:

/etc/rpmrc
/usr/lib/rpm/*
rpm
grep

Topic: 103 GNU & Unix Commands

• 1.103.1 Work on the command line
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to Interact with shells and commands using the command line. This includes typing valid commands and command sequences, defining, referencing and exporting environment variables, using command history and editing facilities, invoking commands in the path and outside the path, using command substitution, applying commands recursively through a directory tree and using man to find out about commands.

Key files, terms, and utilities include:

.
bash
echo
env
exec
export
man
pwd
set
unset
~/.bash_history
~/.profile

• 1.103.2 Process text streams using filters
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 6

Description: Candidates should should be able to apply filters to text streams. Tasks include sending text files and output streams through text utility filters to modify the output, and using standard UNIX commands found in the GNU textutils package.

Key files, terms, and utilities include:

cat
cut
expand
fmt
head
join
nl
od
paste
pr
sed
sort
split
tac
tail
tr
unexpand
uniq
wc

• 1.103.3 Perform basic file management
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to use the basic UNIX commands to copy, move, and remove files and directories. Tasks include advanced file management operations such as copying multiple files recursively, removing directories recursively, and moving files that meet a wildcard pattern. This includes using simple and advanced wildcard specifications to refer to files, as well as using find to locate and act on files based on type, size, or time.

Key files, terms, and utilities include:

cp
find
mkdir
mv
ls
rm
rmdir
touch
file globbing

• 1.103.4 Use streams, pipes, and redirects
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to redirect streams and connect them in order to efficiently process textual data. Tasks include redirecting standard input, standard output, and standard error, piping the output of one command to the input of another command, using the output of one command as arguments to another command and sending output to both stdout and a file.

Key files, terms, and utilities include:

tee
xargs
<
<<
>
>>
|
` `

• 1.103.5 Create, monitor, and kill processes
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to manage processes. This includes knowing how to run jobs in the foreground and background, bring a job from the background to the foreground and vice versa, start a process that will run without being connected to a terminal and signal a program to continue running after logout. Tasks also include monitoring active processes, selecting and sorting processes for display, sending signals to processes, killing processes and identifying and killing X applications that did not terminate after the X session closed.

Key files, terms, and utilities include:

&
bg
fg
jobs
kill
nohup
ps
top

• 1.103.6 Modify process execution priorities
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should should be able to manage process execution priorities. Tasks include running a program with higher or lower priority, determining the priority of a process and changing the priority of a running process.

Key files, terms, and utilities include:

nice
ps
renice
top

• 1.103.7 Search text files using regular expressions
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to manipulate files and text data using regular expressions. This objective includes creating simple regular expressions containing several notational elements. It also includes using regular expression tools to perform searches through a filesystem or file content.

Key files, terms, and utilities include:

grep
regexp
sed

• 1.103.8 Perform basic file editing operations using vi
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to edit text files using vi. This objective includes vi navigation, basic vi nodes, inserting, editing, deleting, copying, and finding text.

Key files, terms, and utilities include:

vi
/, ?
h,j,k,l
G, H, L
i, c, d, dd, p, o, a
ZZ, :w!, :q!, :e!
:!

Topic 104: Devices, Linux Filesystems, Filesystem Hierarchy Standard

• 1.104.1 Create partitions and filesystems
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to configure disk partitions and then create filesystems on media such as hard disks. This objective includes using various mkfs commands to set up partitions to various filesystems, including ext2, ext3, reiserfs, vfat, and xfs.

Key files, terms, and utilities include:

fdisk
mkfs

• 1.104.2 Maintain the integrity of filesystems
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to verify the integrity of filesystems, monitor free space and inodes, and repair simple filesystem problems. This objective includes the commands required to maintain a standard filesystem, as well as the extra data associated with a journaling filesystem.

Key files, terms, and utilities include:

du
df
fsck
e2fsck
mke2fs
debugfs
dumpe2fs
tune2fs

• 1.104.3 Control mounting and unmounting filesystems
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to configure the mounting of a filesystem. This objective includes the ability to manually mount and unmount filesystems, configure filesystem mounting on bootup, and configure user mountable removeable filesystems such as tape drives, floppies, and CDs.

Key files, terms, and utilities include:

/etc/fstab
mount
umount

• 1.104.4 Managing disk quota
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to manage disk quotas for users. This objective includes setting up a disk quota for a filesystem, editing, checking, and generating user quota reports.

Key files, terms, and utilities include:

quota
edquota
repquota
quotaon

• 1.104.5 Use file permissions to control access to files
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be able to control file access through permissions. This objective includes access permissions on regular and special files as well as directories. Also included are access modes such as suid, sgid, and the sticky bit, the use of the group field to grant file access to workgroups, the immutable flag, and the default file creation mode.

Key files, terms, and utilities include:

chmod
umask
chattr

• 1.104.6 Manage file ownership
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to control user and group ownership of files. This objective includes the ability to change the user and group owner of a file as well as the default group owner for new files.

Key files, terms, and utilities include:

chmod
chown
chgrp

• 1.104.7 Create and change hard and symbolic links
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to create and manage hard and symbolic links to a file. This objective includes the ability to create and identify links, copy files through links, and use linked files to support system administration tasks.

Key files, terms, and utilities include:

ln

• 1.104.8 Find system files and place files in the correct location
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidates should be thouroughly familiar with the Filesystem Hierarchy Standard, including typical file locations and directory classifications. This objective includes the ability to find files and commands on a Linux system.

Key files, terms, and utilities include:

find
locate
slocate
updatedb
whereis
which
/etc/updatedb.conf

Topic 110: The X Window System

• 1.110.1 Install & Configure XFree86
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidate should be able to configure and install X and an X font server. This objective includes verifying that the video card and monitor are supported by an X server, as well as customizing and tuning X for the videocard and monitor. It also includes installing an X font server, installing fonts, and configuring X to use the font server (may require a manual edit of /etc/X11/XF86Config in the "Files" section).

Key files, terms, and utilities include:

XF86Setup
xf86config
xvidtune
/etc/X11/XF86Config
.Xresources

• 1.110.2 Setup a display manager
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidate should be able setup and customize a Display manager. This objective includes turning the display manager on or off and changing the display manager greeting. This objective includes changing default bitplanes for the display manager. It also includes configuring display managers for use by X-stations. This objective covers the display managers XDM (X Display Manger), GDM (Gnome Display Manager) and KDM (KDE Display Manager).

Key files, terms, and utilities include:

/etc/inittab
/etc/X11/xdm/*
/etc/X11/kdm/*
/etc/X11/gdm/*

• 1.110.4 Install & Customize a Window Manager Environment
  Modified: 2003-March-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidate should be able to customize a system-wide desktop environment and/or window manager, to demonstrate an understanding of customization procedures for window manager menus and/or desktop panel menus. This objective includes selecting and configuring the desired x-terminal (xterm, rxvt, aterm etc.), verifying and resolving library dependency issues for X applications, exporting X-display to a client workstation.

Key files, terms, and utilities include:

.xinitrc
.Xdefaults
xhost
DISPLAY environment variable

Exam 102: Detailed Objectives

This is a required exam for LPI certification Level 1. It covers basic system administration skills that are common across all distributions of linux.

Each objective is assigned a weighting value. The weights range roughly from 1 to 10, and indicate the relative importance of each objective. Objectives with higher weights will be covered in the exam with more questions.

Topic 105: Kernel

• 1.105.1 Manage/Query kernel and kernel modules at runtime
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidates should be able to manage and/or query a kernel and kernel loadable modules. This objective includes using command-line utilities to get information about the currently running kernel and kernel modules. It also includes manually loading and unloading modules as appropriate. It also includes being able to determine when modules can be unloaded and what parameters a module accepts. Candidates should be able to configure the system to load modules by names other than their file name.

Key files, terms, and utilities include:

/lib/modules/kernel-version/modules.dep
/etc/modules.conf & /etc/conf.modules
depmod
insmod
lsmod
rmmod
modinfo
modprobe
uname

• 1.105.2 Reconfigure, build, and install a custom kernel and kernel modules
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to customize, build, and install a kernel and kernel loadable modules from source This objective includes customizing the current kernel configuration, building a new kernel, and building kernel modules as appropriate. It also includes installing the new kernel as well as any modules, and ensuring that the boot manager can locate the new kernel and associated files (generally located under /boot, see objective 1.102.2 for more details about boot manager configuration).

Key files, terms, and utilities include:
/usr/src/linux/*
/usr/src/linux/.config
/lib/modules/kernel-version/*
/boot/*
make
make targets: config, menuconfig, xconfig, oldconfig, modules, install, modules_install, depmod

Topic 106: Boot, Initialization, Shutdown and Runlevels

• 1.106.1 Boot the system
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to guide the system through the booting process. This includes giving commands to the boot loader and giving options to the kernel at boot time, and checking the events in the log files.

Key files, terms, and utilities include:
/var/log/messages
/etc/conf.modules or /etc/modules.conf
dmesg
LILO
GRUB

• 1.106.2 Change runlevels and shutdown or reboot system
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to manage the runlevel of the system. This objective includes changing to single user mode, shutdown or rebooting the system. Candidates should be able to alert users before switching runlevel, and properly terminate processes. This objective also includes setting the default runlevel.

Key files, terms, and utilities include:
/etc/inittab
shutdown
init

Topic 107: Printing

• 1.107.2 Manage printers and print queues
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to manage print queues and user print jobs. This objective includes monitoring print server and user print queues and troubleshooting general printing problems.

Key files, terms, and utilities include:
/etc/printcap
lpc
lpq
lprm
lp

• 1.107.3 Print files
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight:1

Description: Candidates should be able to manage print queues and manipulate print jobs. This objective includes adding and removing jobs from configured printer queues and converting text files to postscript for printing.

Key files, terms, and utilities include:
lpr
lpq
mpage

• 1.107.4 Install and configure local and remote printers
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 1

Candidate should be able to install a printer daemon, install and configure a print filter (e.g.: apsfilter, magicfilter). This objective includes making local and remote printers accessible for a Linux system, including postscript, non-postscript, and Samba printers.

Key files, terms, and utilities include:
/etc/printcap
/etc/apsfilter/*
/var/lib/apsfilter/*/
/etc/magicfilter/*/
/var/spool/lpd/*/
lpd

Topic 108: Documentation

• 1.108.1 Use and manage local system documentation
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Candidates should be able to use and administer the man facility and the material in /usr/share/doc/. This objective includes finding relevant man pages, searching man page sections, finding commands and man pages related to them, and configuring access to man sources and the man system. It also includes using system documentation stored in /usr/share/doc/ and determining what documentation to keep in /usr/share/doc/.

Key files, terms, and utilities include:
MANPATH man
apropos
whatis

• 1.108.2 Find Linux documentation on the Internet
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should be able to find and use Linux documentation. This objective includes using Linux documentation at sources such as the Linux Documentation Project (LDP), vendor and third-party websites, newsgroups, newsgroup archives, and mailing lists.

Key files, terms, and utilities include:
not applicable

• 1.108.5 Notify users on system-related issues
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidates should be able to notify the users about current issues related to the system. This objective includes automating the communication process, e.g. through logon messages.

Key files, terms, and utilities include:
/etc/issue
/etc/issue.net
/etc/motd

Topic 109: Shells, Scripting, Programming and Compiling

• 1.109.1 Customize and use the shell environment
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 5

Description: Candidate should be able to customize shell environments to meet users' needs. This objective includes setting environment variables (e.g. PATH) at login or when spawning a new shell. It also includes writing bash functions for frequently used sequences of commands.

Key files, terms, and utilities include:
~/.bash_profile
~/.bash_login
~/.profile
~/.bashrc
~/.bash_logout
~/.inputrc
function (Bash built-in command)
export
env
set (Bash built-in command)
unset (Bash built-in command)

• 1.109.2 Customize or write simple scripts
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidate should be able to customize existing scripts, or write simple new (ba)sh scripts. This objective includes using standard sh syntax (loops, tests), using command substitution, testing command return values, testing of file status, and conditional mailing to the superuser. This objective also includes making sure the correct interpreter is called on the first (#!) line of scripts. This objective also includes managing location, ownership, execution and suid-rights of scripts.

Key files, terms, and utilities include:
while
for
test
chmod

Topic 111: Administrative Tasks

• 1.111.1 Manage users and group accounts and related system files
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should be able to add, remove, suspend and change user accounts. Tasks include to add and remove groups, to change user/group info in passwd/group databases. The objective also includes creating special purpose and limited accounts.

Key files, terms, and utilities include:
/etc/passwd
/etc/shadow
/etc/group
/etc/gshadow
chage
gpasswd
groupadd
groupdel
groupmod
grpconv
grpunconv
passwd
pwconv
pwunconv
useradd
userdel
usermod

• 1.111.2 Tune the user environment and system environment variables
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidate should be able to modify global and user profiles. This includes setting environment variables, maintaining skel directories for new user accounts and setting command search path with the proper directory.

Key files, terms, and utilities include:
/etc/profile
/etc/skel
env
export
set
unset

• 1.111.3 Configure and use system log files to meet administrative and security needs
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidate should be able to configure system logs. This objective includes managing the type and level of information logged, manually scanning log files for notable activity, monitoring log files, arranging for automatic rotation and archiving of logs and tracking down problems noted in logs.

Key files, terms, and utilities include:
/etc/syslog.conf
/var/log/*
logrotate
tail -f

• 1.111.4 Automate system administration tasks by scheduling jobs to run in the future
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should be able to use cron or anacron to run jobs at regular intervals and to use at to run jobs at a specific time. Task include managing cron and at jobs and configuring user access to cron and at services.

Key files, terms, and utilities include:
/etc/anacrontab
/etc/at.deny
/etc/at.allow
/etc/crontab
/etc/cron.allow
/etc/cron.deny
/var/spool/cron/*
at
atq
atrm
crontab

• 1.111.5 Maintain an effective data backup strategy
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3 Description:

Candidate should be able to plan a backup strategy and backup filesystems automatically to various media. Tasks include dumping a raw device to a file or vice versa, performing partial and manual backups, verifying the integrity of backup files and partially or fully restoring backups.

Key files, terms, and utilities include:
cpio
dd
dump
restore
tar

• 1.111.6 Maintain system time
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should be able to properly maintain the system time and synchronize the clock over NTP. Tasks include setting the system date and time, setting the BIOS clock to the correct time in UTC, configuring the correct timezone for the system and configuring the system to correct clock drift to match NTP clock.

Key files, terms, and utilities include:
/usr/share/zoneinfo
/etc/timezone
/etc/localtime
/etc/ntp.conf
/etc/ntp.drift
date
hwclock
ntpd
ntpdate

Topic 112: Networking Fundamentals

• 1.112.1 Fundamentals of TCP/IP
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidates should demonstrate a proper understanding of network fundamentals. This objective includes the understanding of IP-addresses, network masks and what they mean (i.e. determine a network and broadcast address for a host based on its subnet mask in "dotted quad" or abbreviated notation or determine the network address, broadcast address and netmask when given an IP-address and number of bits). It also covers the understanding of the network classes and classless subnets (CIDR) and the reserved addresses for private network use. It includes the understanding of the function and application of a default route. It also includes the understanding of basic internet protocols (IP, ICMP, TCP, UDP) and the more common TCP and UDP ports (20, 21, 23, 25, 53, 80, 110, 119, 139, 143, 161).

Key files, terms, and utilities include:
/etc/services
ftp
telnet
host
ping
dig
traceroute
whois

• 1.112.3 TCP/IP configuration and troubleshooting
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 7

Description: Candidates should be able to view, change and verify configuration settings and operational status for various network interfaces. This objective includes manual and automatic configuration of interfaces and routing tables. This especially means to add, start, stop, restart, delete or reconfigure network interfaces. It also means to change, view or configure the routing table and to correct an improperly set default route manually. Candidates should be able to configure Linux as a DHCP client and a TCP/IP host and to debug problems associated with the network configuration.

Key files, terms, and utilities include:
/etc/HOSTNAME or /etc/hostname
/etc/hosts
/etc/networks
/etc/host.conf
/etc/resolv.conf
/etc/nsswitch.conf
ifconfig
route
dhcpcd, dhcpclient, pump
host
hostname (domainname, dnsdomainname)
netstat
ping
traceroute
tcpdump
the network scripts run during system initialization.

• 1.112.4 Configure Linux as a PPP client
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidates should understand the basics of the PPP protocol and be able to configure and use PPP for outbound connections. This objective includes the definition of the chat sequence to connect (given a login example) and the setup commands to be run automatically when a PPP connection is made. It also includes initialisation and termination of a PPP connection, with a modem, ISDN or ADSL and setting PPP to automatically reconnect if disconnected.

Key files, terms, and utilities include:
/etc/ppp/options.*
/etc/ppp/peers/*
/etc/wvdial.conf
/etc/ppp/ip-up
/etc/ppp/ip-down
wvdial
pppd

Topic 113: Networking Services

• 1.113.1 Configure and manage inetd, xinetd, and related services
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidates should be able to configure which services are available through inetd, use tcpwrappers to allow or deny services on a host-by-host basis, manually start, stop, and restart internet services, configure basic network services including telnet and ftp. Set a service to run as another user instead of the default in inetd.conf.

Key files, terms, and utilities include:
/etc/inetd.conf
/etc/hosts.allow
/etc/hosts.deny
/etc/services
/etc/xinetd.conf
/etc/xinetd.log

• 1.113.2 Operate and perform basic configuration of sendmail
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should be able to modify simple parameters in sendmail configuration files (including the "Smart Host" parameter, if necessary), create mail aliases, manage the mail queue, start and stop sendmail, configure mail forwarding and perform basic troubleshooting of sendmail. The objective includes checking for and closing open relay on the mailserver. It does not include advanced custom configuration of Sendmail.

Key files, terms, and utilities include:
/etc/aliases or /etc/mail/aliases
/etc/mail/*
~/.forward
mailq
sendmail
newaliases

• 1.113.3 Operate and perform basic configuration of Apache
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidates should be able to modify simple parameters in Apache configuration files, start, stop, and restart httpd, arrange for automatic restarting of httpd upon boot. Does not include advanced custom configuration of Apache.

Key files, terms, and utilities include:
httpd.conf
apachectl
httpd

• 1.113.4 Properly manage the NFS, smb, and nmb daemons
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should know how to mount remote filesystems using NFS, configure NFS for exporting local filesystems, start, stop, and restart the NFS server. Install and configure Samba using the included GUI tools or direct edit of the /etc/smb.conf file (Note: this deliberately excludes advanced NT domain issues but includes simple sharing of home directories and printers, as well as correctly setting the nmbd as a WINS client).

Key files, terms, and utilities include:
/etc/exports
/etc/fstab
/etc/smb.conf
mount
umount

• 1.113.5 Setup and configure basic DNS services
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidate should be able to configure hostname lookups and troubleshoot problems with local caching-only name server. Requires an understanding of the domain registration and DNS translation process. Requires understanding key differences in configuration files for bind 4 and bind 8.

Key files, terms, and utilities include:
/etc/hosts
/etc/resolv.conf
/etc/nsswitch.conf
/etc/named.boot (v.4) or /etc/named.conf (v.8)
named

• 1.113.7 Set up secure shell (OpenSSH)
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: The candidate should be able to obtain and configure OpenSSH. This objective includes basic OpenSSH installation and troubleshooting, as well as configuring sshd to start at system boot.

Key files, terms, and utilities include:
/etc/hosts.allow
/etc/hosts.deny
/etc/nologin
/etc/ssh/sshd_config
/etc/ssh_known_hosts
/etc/sshrc
sshd
ssh-keygen

Topic 114: Security

• 1.114.1 Perform security administration tasks
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 4

Description: Candidates should know how to review system configuration to ensure host security in accordance with local security policies. This objective includes how to configure TCP wrappers, find files with SUID/SGID bit set, verify packages, set or change user passwords and password aging information, update binaries as recommended by CERT, BUGTRAQ, and/or distribution's security alerts. Includes basic knowledge of ipchains and iptables.

Key files, terms, and utilities include:
/proc/net/ip_fwchains
/proc/net/ip_fwnames
/proc/net/ip_masquerade
find
ipchains
passwd
socket
iptables

• 1.114.2 Setup host security
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 3

Description: Candidate should know how to set up a basic level of host security. Tasks include syslog configuration, shadowed passwords, set up of a mail alias for root's mail and turning of all network services not in use.

Key files, terms, and utilities include:
/etc/inetd.conf or /etc/inet.d/*
/etc/nologin
/etc/passwd
/etc/shadow
/etc/syslog.conf

• 1.114.3 Setup user level security
  Modified: 2003-Mar-17
  Maintainer: Mark Miller
  Weight: 1

Description: Candidate should be able to configure user level security. Tasks include limits on user logins, processes, and memory usage.

Key files, terms, and utilities include:
quota
usermod

 

Intermediate Level Administration (LPIC-2)

• Status: Available now; published November 29, 2001
• Pre-Requisites: You must have an active LPIC-1 certification to receive LPIC-2 certification, but the LPIC-1 and LPIC-2 exams may be taken in any order.
• Requirements: Passing Exams 201 and 202
• Overview of Tasks: To pass Level 2 someone should be able to
• • Administer a small to medium-sized site
  • Plan, implement, maintain, keep consistent, secure, and troubleshoot a small mixed (MS, Linux) network, including a:
  • • LAN server (samba)
    • Internet Gateway (firewall, proxy, mail, news)
    • Internet Server (webserver, FTP server)
  • Supervise assistants
  • Advise management on automation and purchases

Exam 201: Detailed Objectives

This is a required exam for LPI certification Level 2. It covers advanced system administration skills that are common across all distributions of Linux.

Each objective is assigned a weighting value. The weights range roughly from 1 to 10, and indicate the relative importance of each objective. Objectives with higher weights will be covered in the exam with more questions.

Topic 201: Linux Kernel

• 2.201.1 Kernel Components
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to utilize kernel components that are necessary to specific hardware, hardware drivers, system resources and requirements. This objective includes implementing different types of kernel images, identifying stable and development kernels and patches, as well as using kernel modules.

Key files, terms, and utilities include:

zImage
bzImage

• 2.201.2 Compiling a kernel
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to properly compile a kernel to include or disable specific features of the Linux kernel as necessary. This objective includes compiling and recompiling the Linux kernel as needed, implementing updates and noting changes in a new kernel, creating a system initrd image, and installing new kernels.

Key files, terms, and utilities include:
/usr/src/linux/
/etc/lilo.conf
make options (config, xconfig, menuconfig, oldconfig, mrproper zImage, bzImage, modules, modules_install)
mkinitrd (both Red Hat and Debian based)
make

• 2.201.3 Patching a kernel
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to properly patch a kernel for various purposes including to implement kernel updates, to implement bug fixes, and to add support for new hardware. This objective also includes being able to properly remove kernel patches from existing production kernels.

Key files, terms, and utilities include:
Makefile
patch
gzip
bzip

• 2.201.4 Customizing a kernel
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to customize a kernel for specific system requirements by patching, compiling, and editing configuration files as required. This objective includes being able to assess requirements for a kernel compile versus a kernel patch as well as build and configure kernel modules.

Key files, terms, and utilities include:
/usr/src/linux
/proc/sys/kernel/
/etc/conf.modules, /etc/modules.conf
patch
make
modprobe
insmod, lsmod
kerneld
kmod

Topic 202: System Startup

• 2.202.1 Customizing system startup and boot processes
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to edit appropriate system startup scripts to customize standard system run levels and boot processes. This objective includes interacting with run levels and creating custom initrd images as needed.

Key files, terms, and utilities include:
/etc/init.d/
/etc/inittab
/etc/rc.d/
mkinitrd (both Red Hat and Debian scripts)

• 2.202.2 System recovery
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: Candidates should be able to properly manipulate a Linux system during both the boot process and during recovery mode. This objective includes using both the init utility and init= kernel options.

Key files, terms, and utilities include:
inittab
LILO
init
mount
fsck

Topic 203: Filesystem

• 2.203.1 Operating the Linux filesystem
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: Candidates should be able to properly configure and navigate the standard Linux filesystem. This objective includes configuring and mounting various filesystem types. Also included, is manipulating filesystems to adjust for disk space requirements or device additions.

Key files, terms, and utilities include:
/etc/fstab
/etc/mtab
/proc/mounts
mount and umount
sync
swapon
swapoff

• 2.203.2 Maintaining a Linux filesystem
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 4

Description: Candidates should be able to properly maintain a Linux filesystem using system utilities. This objective includes manipulating a standard ext2 filesystem.

Key files, terms, and utilities include:
fsck (fsck.ext2)
badblocks
mke2fs
dumpe2fs
debuge2fs
tune2fs

• 2.203.3 Creating and configuring filesystem options
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: Candidates should be able to configure automount filesystems. This objective includes configuring automount for network and device filesystems. Also included is creating non ext2 filesystems for devices such as CD-ROMs.

Key files, terms, and utilities include:
/etc/auto.master
/etc/auto.[dir]
mkisofs
dd
mke2fs

Topic 204: Hardware

• 2.204.1 Configuring RAID
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to configure and implement software RAID. This objective includes using mkraid tools and configuring RAID 0, 1, and 5.

Key files, terms, and utilities include:
/etc/raidtab
mkraid

• 2.204.2 Adding new hardware
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: Candidates should be able to configure internal and external devices for a system including new hard disks, dumb terminal devices, serial UPS devices, multi-port serial cards, and LCD panels.

Key files, terms, and utilities include:
/proc/bus/usb
XFree86
modprobe
lsmod
lsdev
lspci
setserial
usbview

• 2.204.3 Software and kernel configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to configure kernel options to support various hardware devices including UDMA66 drives and IDE CD burners. This objective includes using LVM (Logical Volume Manager) to manage hard disk drives and particitions as well as software tools to interact with hard disk settings.

Key files, terms, and utilities include:
/proc/interrupts
hdparm
tune2fs
sysctl

• 2.204.4 Configuring PCMCIA devices
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to configure a Linux installation to include PCMCIA support. This objective includes configuring PCMCIA devices, such as ethernet adapters, to autodetect when inserted.

Key files, terms, and utilities include:
/etc/pcmcia/
*.opts
cardctl
cardmgr

Topic 209: File and Service Sharing

• 2.209.1 Configuring a samba server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 5

Description: The candidate should be able to set up a Samba server for various clients. This objective includes setting up a login script for Samba clients, and setting up an nmbd WINS server. Also included is to change the workgroup in which a server participates, define a shared directory in smb.conf, define a shared printer in smb.conf, use nmblookup to test WINS server functionality, and use the smbmount command to mount an SMB share on a Linux client.

Key files, terms, and utilities include:
smbd, nmbd
smbstatus, smbtestparm, smbpasswd, nmblookup
smb.conf, lmhosts

• 2.209.2 Configuring an NFS server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to create an exports file and specify filesystems to be exported. This objective includes editing exports file entries to restrict access to certain hosts, subnets or netgroups. Also included is to specify mount options in the exports file, configure user ID mapping, mount an NFS filesystem on a client, using mount options to specify soft or hard and background retries, signal handling, locking, and block size. The candidate should also be able to configure tcpwrappers to further secure NFS.

Key files, terms, and utilities include:
/etc/exports
exportfs
showmount
nfsstat

Topic 211: System Maintenance

• 2.211.1 System logging
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: The candidate should be able to configure syslogd to act as a central network log server. This objective also includes configuring syslogd to send log output to a central log server, logging remote connections, and using grep and other text utils to automate log analysis.

Key files, terms, and utilities include:
syslog.conf
/etc/hosts
sysklogd

• 2.211.2 Packaging software
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: The candidate should be able to build a package. This objective includes building (or rebuilding) both RPM and DEB packaged software.

Key files, terms, and utilities include:
/debian/rules
SPEC file format
rpm

• 2.211.3 Backup operations
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to create an offsite backup storage plan.

Topic 213: System Customization and Automation

• 2.213.1 Automating tasks using scripts
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to write simple Perl scripts that make use of modules where appropriate, use the Perl taint mode to secure data, and install Perl modules from CPAN. This objective includes using sed and awk in scripts, and using scripts to check for process execution and generate alerts by email or pager if a process dies. Candidates should be able to write and schedule automatic execution of scripts to parse logs for alerts and email them to administrators, synchronize files across machines using rsync, monitor files for changes and generate email alerts, and write a script that notifies administrators when specified users log in or out.

Key files, terms, and utilities include:
perl -MCPAN -e shell
bash, awk, sed
crontab
at

Topic 214: Troubleshooting

• 2.214.2 Creating recovery disks
  Modified: 2001-August-24
  Maintainer:Dimitrios Bogiatzoules
  Weight: 1

Description: Candidate should be able to: create both a standard bootdisk for system entrance, and a recovery disk for system repair.

Key files, terms, and utilities include:
/etc/fstab
/etc/inittab
Any standard editor
Familiarity with the location and contents of the LDP Bootdisk-HOWTO
/usr/sbin/rdev
/bin/cat
/bin/mount (includes -o loop switch)
/sbin/lilo
/bin/dd
/sbin/mke2fs
/usr/sbin/chroot

• 2.214.3 Identifying boot stages
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidate should be able to: determine, from bootup text, the 4 stages of boot sequence and distinguish between each.

Key files, terms, and utilities include:
boot loader start and hand off to kernel
kernel loading
hardware initializiation and setup
daemon initialization and setup

• 2.214.4 Troubleshooting LILO
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidate should be able to: determine specific stage failures and corrective techniques.

Key files, terms, and utilities include:
/boot/boot.b
Know meaning of L, LI, LIL, LILO, and scrolling 010101 errrors
Know the different LILO install locations, MBR, /dev/fd0, or primary/extended partition.
Know significance of /boot/boot.### files

• 2.214.5 General troubleshooting
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: A candidate should be able to recognize and identify boot loader and kernel specific stages and utilize kernel boot messages to diagnose kernel errors. This objective includes being able to identify and correct common hardware issues, and be able to determine if the problem is hardware or software.

Key files, terms, and utilities include:
/proc filesystem
Various system and daemon log files in /var/log/
/, /boot, and /lib/modules
screen output during bootup
kernel syslog entries in system logs (if entry is able to be gained)
location of system kernel and attending modules
dmesg
/sbin/lspci
/usr/bin/lsdev
/sbin/lsmod
/sbin/modprobe
/sbin/insmod
/bin/uname
strace
strings
ltrace
lsof

• 2.214.6 Troubleshooting system resources
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: A candidate should be able to identify, diagnose and repair local system environment.

Key files, terms, and utilities include:
/etc/profile && /etc/profile.d/
/etc/init.d/
/etc/rc.*
/etc/sysctl.conf
/etc/bashrc /etc/ld.so.conf
(or other appropriate global shell configuration files)
Core system variables
Any standard editor
/bin/ln
/bin/rm
/sbin/ldconfig
/sbin/sysctl

• 2.214.8 Troubleshooting environment configurations
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: A candidate should be able to identify common local system and user environment configuration issues and common repair techniques.

Key files, terms, and utilities include:
/etc/inittab
/etc/rc.local
/etc/rc.boot
/var/spool/cron/crontabs/
/etc/`shell_name`.conf
/etc/login.defs
/etc/syslog.conf
/etc/passwd
/etc/shadow
/etc/group
/etc/profile
/sbin/init
/usr/sbin/cron
/usr/bin/crontab

 

Exam 202: Detailed Objectives

This is a required exam for LPI certification Level 2. It covers advanced network administration skills that are common across all distributions of linux.

Each objective is assigned a weighting value. The weights range roughly from 1 to 10, and indicate the relative importance of each objective. Objectives with higher weights will be covered in the exam with more questions.

Topic 205: Networking Configuration

• 2.205.1 Basic networking configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 5

Description: The candidate should be able to configure a network device to be able to connect to a local network and a wide-area network. This objective includes being able to communicate between various subnets within a single network, configure dialup access using mgetty, configure dialup access using a modem or ISDN, configure authentication protocols such as PAP and CHAP, and configure TCP/IP logging.

Key files, terms, and utilities include:

/sbin/route
/sbin/ifconfig
/sbin/arp
/usr/sbin/arpwatch
/etc/

•  
• 2.205.2 Advanced Network Configuration and Troubleshooting
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to configure a network device to implement various network authentication schemes. This objective includes configuring a multi-homed network device, configuring a virtual private network and resolving networking and communication problems.

Key files, terms, and utilities include:

/sbin/route
/sbin/ifconfig
/bin/netstat
/bin/ping
/sbin/arp
/usr/sbin/tcpdump
/usr/sbin/lsof
/usr/bin/nc

Topic 206 Mail & News

• 2.206.1 Configuring mailing lists
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Install and maintain mailing lists using majordomo. Monitor majordomo problems by viewing majordomo logs.

Key files, terms, and utilities include:

Majordomo2

• 2.206.2 Using Sendmail
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 4

Description: Candidates should be able to manage a Sendmail configuration including email aliases, mail quotas, and virtual mail domains. This objective includes configuring internal mail relays and monitoring SMTP servers.

Key files, terms, and utilities include:

/etc/aliases
sendmail.cw
virtusertable
genericstable

• 2.206.3 Managing Mail Traffic
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: Candidates shold be able to implement client mail management software to filter, sort, and monitor incoming user mail. This objective includes using software such as procmail on both server and client side.

Key files, terms, and utilities include:

procmail

• 2.206.4 Serving news
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to install and configure news servers using inn. This objective includes customizing and monitoring served newsgroups.

Key files, terms, and utilities include:

innd

Topic 207: DNS

• 2.207.1 Basic BIND 8 configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure BIND to function as a caching-only DNS server. This objective includes the ability to convert a BIND 4.9 named.boot file to the BIND 8.x named.conf format, and reload the DNS by using kill or ndc. This objective also includes configuring logging and options such as directoryh location for zone files.

Key files, terms, and utilities include:

/etc/named.conf
/usr/sbin/ndc
/usr/sbin/named-bootconf
kill

• 2.207.2 Create and maintain DNS zones
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to create a zone file for a forward or reverse zone or root level server. This objective includes setting appropriate values for the SOA resource record, NS records, and MX records. Also included is adding hosts with A resource records and CNAME records as appropriate, adding hosts to reverse zones with PTR records, and adding the zone to the /etc/named.conf file using the zone statement with appropriate type, file and masters values. A candidate should also be able to delegate a zone to another DNS server.

Key files, terms, and utilities include:

contents of /var/named
zone file syntax
resource record formats
dig
nslookup
host

• 2.207.3 Securing a DNS server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to configure BIND to run as a non-root user, and configure BIND to run in a chroot jail. This objective includes configuring DNSSEC statements such as key and trusted-keys to prevent domain spoofing. Also included is the ability to configure a split DNS configuration using the forwarders statement, and specifying a non-standard version number string in response to queries.

Key files, terms, and utilities include:

SysV init files or rc.local
/etc/named.conf
/etc/passwd
dnskeygen

Topic 208 Web Services

• 2.208.1 Implementing a web server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to install and configure an Apache web server. This objective includes monitoring Apache load and performance, restricting client user access, configuring mod_perl and PHP support, and setting up client user authentication. Also included is configuring Apache server options such as maximum requests, minimum and maximim servers, and clients.

Key files, terms, and utilities include:

access.log
.htaccess
httpd.conf
mod_auth
htpasswd
htgroup

• 2.208.2 Maintaining a web server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to configure Apache to use virtual hosts for websites without dedicated IP addresses. This objective also includes creating an SSL certification for Apache and defining SSL definitions in configuration files using OpenSSL. Also included is customizing file access by implementing redirect statements in Apache's configuration files.

Key files, terms, and utilities include:

httpd.conf

• 2.208.3 Implementing a proxy server
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: Candidates should be able to install and configure a proxy server using Squid. This objective includes impelementing access policies, setting up authentication, and utilizing memory usage.

Key files, terms, and utilities include:

squid.conf
acl
http_access

Topic 210 Network Client Management

• 2.210.1 DHCP configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure a DHCP server and set default options, create a subnet, and create a dynamically-allocated range. This objective includes adding a static host, setting options for a single host, and adding bootp hosts. Also included is to configure a DHCP relay agent, and reload the DHCP server after making changes.

Key files, terms, and utilities include:

dhcpd.conf
dhcpd.leases

• 2.210.2 NIS configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description:The candidate should be able to configure an NIS server and create NIS maps for major configuration files. This objective includes configuring a system as a NIS client, setting up an NIS slave server, and configuring ability to search local files, DNS, NIS, etc. in nsswitch.conf.

Key files, terms, and utilities include:

nisupdate, ypbind, ypcat, ypmatch, ypserv, ypswitch, yppasswd, yppoll, yppush, ypwhich, rpcinfo
nis.conf, nsswitch.conf, ypserv.conf
Contents of /etc/nis/: netgroup, nicknames, securenets
Makefile

• 2.210.3 LDAP configuration
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: The candidate should be able to configure an LDAP server. This objective includes configuring a directory hierarchy, adding group, hosts, services and other data to the hierarchy. Also included is importing items from LDIF files and add items with a management tool, as well as adding users to the directory and change their passwords.

Key files, terms, and utilities include:

slapd
slapd.conf

• 2.210.4 PAM authentication
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure PAM to support authentication via traditional /etc/passwd, shadow passwords, NIS , or LDAP.

Key files, terms, and utilities include:

/etc/pam.d
pam.conf

Topic 212 System Security

• 2.212.2 Configuring a router
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure ipchains and iptables to perform IP masquerading, and state the significance of Network Address Translation and Private Network Addresses in protecting a network. This objective includes configuring port redirection, listing filtering rules, and writing rules that accept or block datagrams based upon source or destination protocol, port and address. Also included is saving and reloading filtering configurations, using settings in /proc/sys/net/ipv4 to respond to DOS attacks, using /proc/sys/net/ipv4/ip_forward to turn IP forwarding on and off, and usingtools such as PortSentry to block port scans and vulnerability probes.

Key files, terms, and utilities include:

/proc/sys/net/ipv4
/etc/services
ipchains
iptables
routed

• 2.212.3 Securing FTP servers
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure an anonymous download FTP server. This objective includes configuring an FTP server to allow anonymous uploads, listing additional precautions to be taken if anonymous uploads are permitted, configuring guest users and groups with chroot jail, and configuring ftpaccess to deny access to named users or groups.

Key files, terms, and utilities include:

ftpaccess, ftpusers, ftpgroups
/etc/passwd
chroot

• 2.212.4 Secure shell (OpenSSH)
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 2

Description: The candidate should be able to configure sshd to allow or deny root logins, enable or disable X forwarding. This objective includes generating server keys, generating a user's public/private key pair, adding a public key to a user's authorized_keys file, and configuring ssh-agent for all users. Candidates should also be able to configure port forwarding to tunnel an application protocol over ssh, configure ssh to support the ssh protocol versions 1 and 2, disable non-root logins during system maintenance, configure trusted clients for ssh logins without a password, and make multiple connections from multiple hosts to guard against loss of connection to remote host following configuration changes.

Key files, terms, and utilities include:

ssh, sshd
/etc/ssh/sshd_config
~/.ssh/identity.pub and identity, ~/.ssh/authorized_keys
.shosts, .rhosts

• 2.212.5 TCP_wrappers
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: The candidate should be able to configure tcpwrappers to allow connections to specified servers from only certain hosts or subnets.

Key files, terms, and utilities include:

inetd.conf, tcpd
hosts.allow, hosts.deny
xinetd

• 2.212.6 Security tasks
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 3

Description: The candidate should be able to install and configure kerberos and perform basic security auditing of source code. This objective includes arranging to receive security alerts from Bugtraq, CERT, CIAC or other sources, being able to test for open mail relays and anonymous FTP servers, installing and configuring an intrusion detection system such as snort or Tripwire. Candidates should also be able to update the IDS configuration as new vulnerabilities are discovered and apply security patches and bugfixes.

Key files, terms, and utilities include:

Tripwire
telnet
nmap

Topic 214 Network Troubleshooting

• 2.214.7 Troubleshooting network issues
  Modified: 2001-August-24
  Maintainer: Dimitrios Bogiatzoules
  Weight: 1

Description: Candidates should be able to identify and correct common network setup issues to include knowledge of locations for basic configuration files and commands.

Key files, terms, and utilities include:

/sbin/ifconfig
/sbin/route
/bin/netstat
/etc/network || /etc/sysconfig/network-scripts/
system log files such as /var/log/syslog && /var/log/messages
/bin/ping
/etc/resolv.conf
/etc/hosts
/etc/hosts.allow && /etc/hosts.deny
/etc/hostname || /etc/HOSTNAME
/sbin/hostname
/usr/sbin/traceroute
/usr/bin/nslookup
/usr/bin/dig
/bin/dmesg
host

 

Senior Level Administration (LPIC-3)

• Status:Under development
• Pre-Requisites: : You must have an active LPIC-2 certification to receive LPIC-3 certification, but the LPIC-2 and LPIC-3 exams may be taken in any order.
• Requirements:Passing any two of the Level 3 exams to be offered
• Overview of Tasks: To pass Level 3 someone should be able to
• • Design and implement solutions to complex automation problems, such as multi-site enterprises, heavy-duty Internet sites, custom solutions.
  • Initiate projects and has a budget to implement them.
  • Supervise assistants.
  • Serve as a consultant to higher management.