An extremely versatile tool, linuxconf comes with many distributions of Linux. The notable exception is SuSE, which has its own such tool, called YaST. All RedHat and similar distributions (like Linux Mandrake) come with linuxconf.
The linuxconf tool was designed to make life easier, whether you’re using Linux as a desktop operating system or as a server. The number of options linuxconf allows you to configure is quite amazing, and that number increases with every release. There is one caveat to using linuxconf, however. You should be prepared to make backups of existing data. Sometimes, with differing versions, linuxconf isn’t quite as smart as we would like it to be, and it could end up destroying your configuration data. With simple tasks—like editing file system mounts and adding or removing users—this isn’t much of a problem. With more complex issues, such as configuring sendmail, this can be a worry.
The linuxconf tool comes in three varieties. It can be used as a text-based configuration tool, a GUI configuration tool, or a Web-based configuration tool. It is a matter of personal preference as to how you use linuxconf. No way is better than another, and all provide the same functionality. In this Daily Drill Down, I’ll examine the GUI method of using linuxconf because that method is probably the most popular one.
The GUI method
Within X, you can start linuxconf through a menu item (depending on your distribution and window manager, a menu item may or may not be available to you). The other option is to start linuxconf via the command line. Open an xterm and issue the command:
This command will launch linuxconf and release the xterm so that you can close it or use it for something else. At the main GUI window, you’ll see the following options on the primary tab (the Config tab):
- User Accounts
- File Systems
- Miscellaneous Services
- Boot Mode
The Control tab offers these options:
- Control Panel
- Control Files And Systems
- Date & Time
In this Daily Drill Down, I’ll look at each of these items separately.
The Networking section is split up into further subsections. The primary tab (Client Tasks) contains the following options:
- Basic Host Information
- Name Server Specification (DNS)
- Routing And Gateways
- Host Name Search Path
- Network Information System (NIS)
- IPX Interface Setup
Each of these options deals with a separate portion of your system configuration.
Basic Host Information
The Basic Host Information option allows you to specify this computer’s hostname and configure various options for your Ethernet interfaces. You are permitted up to six adapters (or Ethernet interfaces), each with its own set of options, including the network driver to use, the domain name to use, IP address, Netmask, and so forth.
Name Server Specification (DNS)
The Name Server Specification (DNS) option allows you to specify the default domain for your computer, as well as a number of name servers to use when resolving hostnames to IP addresses. These entries would typically be your own IP address, if you run your own DNS server or a caching name server, or the IP address of your ISP if you don’t.
Routing And Gateways
The Routing And Gateways option lets you specify how your computer interacts with other computers and networks. This is where you define the default gateway for your computer (the computer that provides you with access to the Internet, typically an IP address provided by your ISP). You can also define routes to other external networks, to other hosts, and to other local networks that use the same physical wiring as the network your computer is using. Before your computer can talk to others, these routes need to be defined and configured. In most cases, this is no more difficult than specifying the gateway address your ISP provided in the Defaults Subconfiguration option. You can also configure the routed daemon, which is the network routing daemon; routed is started when the system starts. It is the service that manages the routing tables that give your computer the ability to speak with other computers. You do not need to use routed unless you are creating routing tables to other hosts or networks. Basically, if your computer is on a simple LAN and/or connected to the Internet, you should have no need to run routed.
Host Name Search Path
The Host Name Search Path option enables you to define the resources your system will use when trying to resolve hostnames (and in which order the system will use them). The best way to define this option is to select hosts,dns, which tells the system to look first in the /etc/hosts file and then to ask the defined DNS server. In networks using NIS (Network Information System), you may choose to use this option prior to using the /etc/hosts file and DNS.
Network Information System
The Network Information System (NIS) option allows you to specify the NIS domain and server for your network, if you use the NIS services on your LAN.
IPX Interface Setup
The IPX Interface Setup option allows you to configure your network if you use IPX networking. You can configure the IPX interfaces (you may have up to three IPX adapters) and internal network options.
The PPP/SLIP/PLIP option lets you configure dial-up Internet accounts using PPP, SLIP, or PLIP. You can define your ISP’s phone number, the modem port, login names, and passwords, as well as more advanced customization like PAP authentication, line speeds, and so forth. Basically, you can use this option to configure everything you need for dial-up Internet networking.
On the next tab, Server Tasks, you’ll see the following choices:
- Exported File Systems (NFS)
- IP Aliases For Virtual Hosts
- Apache Web Server
- Mail Delivery System (sendmail)
- Samba File Server
- FTP Server (wu-ftpd)
Each of these options deals with a specific network task for a variety of network servers.
Exported File Systems
The Exported File Systems (NFS) option allows you to set up and export file systems for client hosts. You can export as many file systems as you like, and each has a separate set of options and permissions associated with it. This option lets you be as free or as restrictive as you want. You define the local path to export, the client machines that may connect to it, and what permissions those client machines have (whether they can write to the file system, have root privileges, and so forth).
IP Aliases For Virtual Hosts
The IP Aliases For Virtual Hosts option enables you to associate multiple IP addresses with any given network device. For example, you can assign multiple IP addresses, or a range of IP addresses, to a device, with different netmasks. You can virtualize a variety of networks over your LAN, using different IP addresses for each adapter. The end result is sub-adapters that are brought up when the primary adapter is initialized. For example, if you define two virtual IP addresses on the network device eth0 and you issue ifconfig on the command line, you’d see entries for eth0, eth0:0, and eth0:1.
Apache Web Server
The Apache Web Server option lets you configure your Apache Web Server via linuxconf. You can specify almost every option configurable in your /etc/httpd/httpd.conf file. To cover all of the configurable options here would involve describing the Apache configuration file itself. Rest assured that you can configure everything, from included modules to SSL options, performance, and virtual domains.
Mail Delivery System
The Mail Delivery System (sendmail) option is likewise comprehensive and is an excellent starting place for people who don’t know enough about sendmail to edit the /etc/sendmail.cf configuration file manually. This option allows you to configure basic sendmail configuration directives, as well as use routing, masquerading rules, mail-to-fax gateways, virtual e-mail domains, user alias, and anti-spam filters. Finally, for initial configurations, you can generate a new /etc/sendmail.cf file based on the configuration options you select here. If you initially configure sendmail with linuxconf, I recommend that you continue to do so. If you generate a linuxconf-created /etc/sendmail.cf file and then edit parts by hand, you may confuse linuxconf if you choose to use it again down the road.
Samba File Server
The Samba File Server option enables you to configure the Samba server, which connects Linux to Windows workstations and servers. In this section, you can configure the defaults for your Samba server, user home directories, printers, and file shares.
And finally, under FTP Server (wu-ftpd), you can configure your FTP server, as long as you are using wu-ftpd and not another FTP server, like ProFTPD. It allows you to configure a variety of permissions for real users, guest users, and anonymous users, as well as specifying a banner file, e-mail address for the administrator, and so forth. You can also define virtual hosts for the FTP server.
On the Misc tab, which is the final tab, you’ll find the following three options:
- Information About Other Hosts
- Information About Other Networks
- Linuxconf Network Access
In the Information About Other Hosts option, you are able to configure your /etc/hosts file, which basically maps hostnames to IP addresses. You can also specify aliases for those hostnames.
The Information About Other Networks option lets you configure the /etc/networks file, which allows you to configure host/network definitions. Here you can specify the primary name and domain for a computer, provide aliases, and specify an IP address. This feature is useful for defining names for networks so you don’t need to continuously refer to a network number, which different tools like netstat can take advantage of. It is also useful when configuring a NFS server, so you can specify a set of options for a complete network in one step.
The final option allows you to enable or disable the linuxconf HTML interface. If you enable the interface, the networks or hosts you define here will be able to configure your computer remotely by connecting to http://your.host:98. The linuxconf tool listens to TCP port 98 and can further be enabled in the /etc/inetd.conf configuration file. The following line must be present (and uncommented) in order for linuxconf network access to work:
linuxconf stream tcp wait root /bin/linuxconf linuxconf \http
In enabling the linuxconf HTML interface, you are opening up possible security holes. Please use this feature with caution.
The User Accounts section of linuxconf lets you manage the users on your Linux computer. In this section you’ll find:
- Special Accounts
- Email Aliases
On the Normal tab, you can define and modify user accounts, group definitions, and the root password. The linuxconf tool provides you with an easy way to manage nearly every aspect of the users on your computer in one simple step. If you go into the User Accounts section, you’ll see a list of all the users on your system. You can either double-click on a user to bring up a detailed profile or add a new user. In the detailed profile, you can delete the user, assign tasks (which are basically cron jobs), and change the user’s shell, home directory, password, mail settings, or system privileges.
On the Special Accounts tab, you’re given a number of other configuration options for special user accounts, which include PPP accounts, SLIP accounts via normal login, UUCP accounts, POP accounts (mail only), and Virtual POP accounts (mail only). These are user accounts that don’t necessarily have their own home directory and aren’t typically available for people to Telnet into. They are mainly used if you’re running a PPP or SLIP server and want to allow people to log into your machine to use the Internet (for example, for running an ISP), or if you want to set up mail accounts without creating full-blown user accounts.
On the Email Aliases tab, you’ll find two configuration options: User Aliases and Virtual Domain User Aliases. Here you can define user aliases that point to programs or lists (usually a list of e-mail addresses for a mailing list). Or you can define user aliases for defined virtual domains.
On the Policies tab, which is the last tab in this section, you can define the default properties for user accounts—including passwords and accounting settings—which allow you to specify the criteria for acceptable passwords, default base directory for home directories, rules for password changing, and so forth. You can also define what shells are available for users to use, whether they are system users or PPP/SLIP users. Here you can also define the Message of the Day, which is a little text blurb that all users see upon login.
As you’d expect, the File Systems section deals with the configuration of your file systems. You’ll find these options:
- Access Local Drives
- Access NFS Volumes
- Configure Swap Files And Partitions
- Set Quota Defaults
- Check Some File Permissions
Access Local Drives, NFS Volumes, Configure Swap
Here you can define local drives to mount, which are basically definitions as found in your /etc/fstab file. You can also define what NFS volumes (or drives) you want to be made available to your system. In this instance, you are considered the NFS client, and you are defining the NFS volume available to you via a NFS server. You can also configure swap files and partitions here (information that is read to and from the /etc/fstab file).
Set Quota Defaults
Another configuration option that is extremely useful for people running servers is Set Quota Defaults. With this option, you can restrict users to using only a certain amount of space on any given file system, which usually is the home partition. You can control the amount of e-mail that’s stored on your server, the size of a Web site, the contents of a user’s home directory, and so forth. In order to use this option, you must configure the local volume to enable user or group quotas. To do this, click the Access Local Drives configuration option, select the drive you want to enforce quotas on, select the Options tab, and enable either the User Quota Enabled or Group Quota Enabled options. Then return to the Set Quota Defaults configuration window and click on the selected drive.
Here you can define a number of options to enforce quotas on a global basis. All quotas can be overridden on a user-by-user basis, however. You can enforce quotas two ways: by the number of files and directories owned by a user (or group), or by the space size owned by a user (or group). You can enforce both or either quota, or none of them. You can define three limits for each quota. The first is the Soft limit, which is basically a recommended limit that the user can exceed but only for a limited time, which is determined by the grace period setting. The second is the Hard limit, which cannot be exceeded, without exception. The third is the grace period itself, which defaults to seven days. It is expressed in the format days:hours:minutes:seconds, so the default value of seven days is expressed as 7:0:0:0.
Each limit can be expressed in three ways. A value of 0 means there is no limit; a value of 1 means unspecified, so the value is inherited from the defaults; and the final expression is any value greater than 0, which becomes the limit. For disk space, this represents kilobytes, and Linux will do the accounting for you so the block size on the file system doesn’t become an issue.
Check Some File Permissions
Finally, you can also check some file permissions via linuxconf. You can verify that the permissions for some directories and files that linuxconf knows about are proper and do not need to be changed. This feature can be useful for verifying the integrity of your system to some degree, although I wouldn’t recommend anyone using this as the sole form of system integrity verification.
The Miscellaneous Services and Boot Mode sections
Initial System Services And Modem
With the Miscellaneous Services configuration option, you are able to define what runlevel the system will boot into by using the Initial System Services option. You can also define the location of your modem under the Modems option.
With the Boot Mode Configuration option, you basically configure the LILO boot loader. You can change any of the LILO options that you normally would in the /etc/lilo.conf configuration file. The process is quite intuitive, making LILO configuration a breeze.
Now we’ll look at the Control section of linuxconf.
The Control Panel section is actually an add-on to linuxconf taken from the Control Panel tool. In this section, you’ll find the following:
- Control Panel: Activate Configuration, Shutdown/Reboot, Control Service Activity
- Mount/Unmount File Systems: Control Configured Local Drives, Control Configured NFS, Mount Other NFS File Systems, Configure Superuser Schedule Tasks, Archive Configurations, Switch System Profiles, Control PPP/SLIP/PLIP Links
- Control Files And Systems
- Logs: Boot Messages, Linuxconf Logs
- Date & Time
In this configuration section, you’ll find a number of options that allow you to control your currentlyrunning Linux system. In the Control Panel, you’ll see a number of options. The first, Activate Configuration, basically commits all of the system configuration changes you have made in this session. While this particular option is not very useful in either the text or GUI modes of linuxconf, it is essential when using linuxconf via the Web interface, since you never actually log out of the Web interface like you do with the text and GUI interfaces. The second option, Shutdown/Reboot, will allow you to shut down the computer. The Control Service Activity option allows you to enable or disable any service that can run at boot-up. This is where you would control whether sendmail starts automatically, or DHCP, or any other system daemon that is registered in the /etc/rc.d/init.d directory.
You can also mount and unmount file systems, configure cron jobs for the root user, and archive your configuration. Archiving your configuration will make more sense once you learn about system profiles, but basically this option performs a backup of a specified set of configuration files predetermined by the currently active system profile.
Another option is to switch between system profiles. This will allow you to effectively back up your configuration files and switch to another set of configuration files. The theory behind this is to quickly switch from a workstation configuration to a server configuration or to a home user (desktop) configuration. This approach allows you to configure your system differently depending on your needs, thus limiting the need for, perhaps, multiple computers, each with a separate configuration that can easily be merged into one computer with profile switching.
Finally, the Control PPP/SLIP/PLIP Links option allows you to monitor established PPP, SLIP, or PLIP links and to activate or deactivate them.
Control Files And Systems
The next option off the main Control window is the Control Files And Systems. This option allows you to specify which portions of your system linuxconf can configure. You can also control which daemons and commands linuxconf is able to operate, and system-wide file ownership and permissions. You are also able to specify which modules linuxconf will load at startup. The server configuration options we looked at previously, such as Apache, wu-ftpd, and Samba are all examples of modules linuxconf can load (those are the ones linuxconf will load by default). You can turn these modules off and enable other modules, including modules to configure servers such as DHCP, firewall rules, DNS, Squid, UUCP, and many others.
This is also where you can define system profiles. Now that you know what system profiles are, you can create and modify them as well. This feature allows you to specify the archiving mode for configuration files and lets you configure the profiles themselves, specifying what sections should be archived, what sections should be unique to the defined profile, and so on. The default profiles are Home and Office, but you can easily create your own or adapt the existing profiles.
The Override Linuxconf Addons option lets you add new drop-ins to linuxconf, which provide information that lets linuxconf know how to control or manage new programs, or change the behavior of existing programs it manages by overriding it with other information you specify. For example, you can use this to have the system start a new service that doesn’t exist in your /etc/rc.d/init.d (or initial boot-up) directory by providing linuxconf with the information it needs to start, stop, and monitor the service. The Create Linuxconf Addons option is pretty much the same thing as the override option, except here you are creating an add-on as opposed to overriding one.
Back on the main Control tab, the Logs button lets you view the system’s boot and linuxconf log files. You can also change the date and time of your computer here by using the Date & Time option. Finally, the Features option lets you define some of the special features of linuxconf that indicate how linuxconf itself should operate.
As you can see, linuxconf is a very powerful and extremely versatile configuration tool for Linux systems, regardless of whether you use Linux as a desktop system, workstation, or server. With the modularized configuration system, linuxconf is able to control and configure an ever-growing range of system services, and progression of the package is constant, which means that every time a new version of RedHat, Linux Mandrake, or any other distribution that utilizes linuxconf is released, it will undoubtedly provide even more options, allowing you to configure your system with ease. Aspiring Linux gurus or system administrators will find linuxconf to be a valuable asset as they learn more about their Linux system and the many configurable services it provides that linuxconf makes a snap to set up.
Vincent Danen, a native Canadian in Edmonton, Alberta, has been computing since the age of 10, and he’s been using Linux for nearly two years. Prior to that, he used OS/2 exclusively for approximately four years. Vincent is a firm believer in the philosophy behind the Linux “revolution,” and heattempts to contribute to the Linux causein as many ways as possible—from his FreezerBurn Web site to building and submitting custom RPMs for the Linux Mandrake project. Vincent also has obtained his Linux Administrator certification from Brainbench .He hopes to tackle the RHCE once it can be taken in Canada.
The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.