| AutoYaST: Automatic Linux Installation and Configuration with YaST2 | ||
|---|---|---|
| <<< Previous | Chapter 4. Configuration and Installation Options | Next >>> |
Network configuration is used to connect a single SuSE Linux workstation to an Ethernet-based LAN or to configure dial-up connection. More complex configuration (multiple network cards, routing, etc.) is also provided. With this module it's possible to configure and setup Ethernet Controllers and Token-Ring Controllers.
To configure network settings and activate networking automatically, one global resource is used to store the whole network configuration.
Example 4-23. Network configuration
<configure>
.....
<networking>
<dns>
<dhcp_hostname config:type="boolean">true</dhcp_hostname>
<dhcp_resolv config:type="boolean">true</dhcp_resolv>
<domain>local</domain>
<hostname>linux</hostname>
</dns>
<interfaces config:type="list">
<interface>
<bootproto>dhcp</bootproto>
<device>eth0</device>
<startmode>onboot</startmode>
</interface>
</interfaces>
<routing>
<ip_forward config:type="boolean">false</ip_forward>
<routes config:type="list">
<route>
<destination>default</destination>
<device>-</device>
<gateway>192.168.1.240</gateway>
<netmask>-</netmask>
</route>
</routes>
</routing>
<modules config:type="list">
<module_entry>
<device>eth0</device>
<module>e100</module>
<options></options>
</module_entry>
</modules>
</networking>
....
</configure>
|
Configure your Internet proxy (caching) settings using this resource.
HTTP proxy is the name of the proxy server for your access to the world wide web (WWW). FTP proxy is the name of the proxy server for your access to the file transfer services (FTP). No proxy domains is a list of domains for which the requests should be done directly without caching.
If you are using a proxy server with authorization, fill in Proxy user name and Proxy password.
First, an example:
Example 4-25. Inetd Example
<profile>
<configure>
...
<inetd>
<netd_service config:type="symbol">xinetd</netd_service>
<netd_status config:type="integer">0</netd_status>
<netd_conf config:type="list">
<conf>
<script>imap</script>
<service>pop3</service>
<enabled config:type="boolean">true</enabled>
</conf>
<conf>
<server>in.ftpd</server>
<server_args>-A</server_args>
<enabled config:type="boolean">true</enabled>
</conf>
<conf>
<service>daytime</service>
<protocol>tcp</protocol>
</conf>
....
<conf>...</conf>
</netd_conf>
</inetd>
...
</configure>
</profile>
|
The profile has elements to specify which superserver should be used (netd_service), whether it should be enabled (netd_status) and how the services should be configured (netd_conf).
A service description element has conceptually two parts: key and non-key. When writing the configuration, services are matched using the key fields and to the matching service, non-key fields are applied. If no service matches, it is created. If more services match, a warning is reported. The key fields are script, service, protocol and server.
Service and protocol are matched literally. script is the base name of the config file: usually a file in /etc/xinetd.d, for example "echo-udp", or "inetd.conf". For compatibility with 8.2, server is matched more loosely: if it is /usr/sbin/tcpd, the real server name is taken from server_args. After that, the basename of the first whitespace-sparated word is taken and these values are compared.
Using the nis resource, you can configure the target machine as a NIS client. The following example shows a detailed configuration using multiple domains.
Example 4-26. Network configuration: NIS
<configure>
...
<nis>
<nis_broadcast config:type="boolean">true</nis_broadcast>
<nis_broken_server config:type="boolean">true</nis_broken_server>
<nis_by_dhcp config:type="boolean">false</nis_by_dhcp>
<nis_domain>test.com</nis_domain>
<nis_local_only config:type="boolean">true</nis_local_only>
<nis_options></nis_options>
<nis_other_domains config:type="list">
<nis_other_domain>
<nis_broadcast config:type="boolean">false</nis_broadcast>
<nis_domain>domain.com</nis_domain>
<nis_servers config:type="list">
<nis_server>10.10.0.1</nis_server>
</nis_servers>
</nis_other_domain>
</nis_other_domains>
<nis_servers config:type="list">
<nis_server>192.168.1.1</nis_server>
</nis_servers>
<start_autofs config:type="boolean">true</start_autofs>
<start_nis config:type="boolean">true</start_nis>
</nis>
...
</configure>
|
If you activate NIS+, the data of the NIS+ Server will be added to /etc/hosts. Keyserv and the NIS+ cache manager will be started and the NSS and PAM configuration will be modified to use NIS+ and set the Secret Key of a user.
Example 4-27. Network configuration: NIS+
<configure>
...
<nisplus>
<nisplus_domain>test</nisplus_domain>
<nisplus_password>test</nisplus_password>
<nisplus_server>1.1.1.1</nisplus_server>
<start_autofs config:type="boolean">true</start_autofs>
<start_nisplus config:type="boolean">true</start_nisplus>
</nisplus>
...
</configure>
|
The installed machine can be set up as an > LDAP client to authenticate users with an OpenLDAP; server. Required data are the name of the search base (base DN, e.g, dc=mydomain,dc=com) and the IP address of the LDAP server (e.g., 10.20.0.2).
If LDAP is activated, NSS and PAM will be configured accordingly to use LDAP for user authentication.
Example 4-28. Network configuration: LDAP client
<configure>
...
<ldap>
<ldap_domain> dc=mydomain,dc=com</ldap_domain>
<ldap_server>10.10.0.1</ldap_server>
<ldap_tls config:type="boolean">true</ldap_tls>
<ldap_v2 config:type="boolean">true</ldap_v2>
<pam_password>crypt</pam_password>
<start_ldap config:type="boolean">true</start_ldap>
</ldap>
...
</configure>
|
Configuration of a system as an NFS client or an NFS server is possible and can be done using the configuration system. The following example shows how both NFS client and server can be configured.
Example 4-29. Network configuration: NFS client
<configure>
...
<nfs config:type="list">
<nfs_entry>
<mount_point>/home</mount_point>
<nfs_options>defaults</nfs_options>
<server_path>192.168.1.1:/home</server_path>
</nfs_entry>
</nfs>
...
</configure>
|
Example 4-30. Network configuration: NFS server
<configure>
....
<nfs_server>
<nfs_exports config:type="list">
<nfs_export>
<allowed config:type="list">
<allowed_clients>*(ro,root_squash,sync)</allowed_clients>
</allowed>
<mountpoint>/home</mountpoint>
</nfs_export>
<nfs_export>
<allowed config:type="list">
<allowed_clients>*(ro,root_squash,sync)</allowed_clients>
</allowed>
<mountpoint>/work</mountpoint>
</nfs_export>
</nfs_exports>
<start_nfsserver config:type="boolean">true</start_nfsserver>
</nfs_server>
....
</configure>
|
For the mail configuration of the client this module lets you create a detailed mail configuration. The module contains various options and it is recommended to use it at least for the initial configuration.
Example 4-31. Mail Configuration
<configure>
...
<mail>
<aliases config:type="list">
<alias>
<alias>root</alias>
<comment></comment>
<destinations>foo</destinations>
</alias>
<alias>
<alias>test</alias>
<comment></comment>
<destinations>foo</destinations>
</alias>
</aliases>
<connection_type config:type="symbol">permanent</connection_type>
<fetchmail config:type="list">
<fetchmail_entry>
<local_user>foo</local_user>
<password>bar</password>
<protocol>POP3</protocol>
<remote_user>foo</remote_user>
<server>pop.foo.com</server>
</fetchmail_entry>
<fetchmail_entry>
<local_user>test</local_user>
<password>bar</password>
<protocol>IMAP</protocol>
<remote_user>test</remote_user>
<server>blah.com</server>
</fetchmail_entry>
</fetchmail>
<from_header>test.com</from_header>
<listen_remote config:type="boolean">true</listen_remote>
<local_domains config:type="list">
<domains>test1.com</domains>
</local_domains>
<masquerade_other_domains config:type="list">
<domain>blah.com</domain>
</masquerade_other_domains>
<masquerade_users config:type="list">
<masquerade_user>
<address>joe@test.com</address>
<comment></comment>
<user>joeuser</user>
</masquerade_user>
<masquerade_user>
<address>bar@test.com</address>
<comment></comment>
<user>foo</user>
</masquerade_user>
</masquerade_users>
<mta config:type="symbol">postfix</mta>
<outgoing_mail_server>test.com</outgoing_mail_server>
<postfix_mda config:type="symbol">local</postfix_mda>
<smtp_auth config:type="list">
<listentry>
<password>bar</password>
<server>test.com</server>
<user>foo</user>
</listentry>
</smtp_auth>
<use_amavis config:type="boolean">true</use_amavis>
<virtual_users config:type="list">
<virtual_user>
<alias>test.com</alias>
<comment></comment>
<destinations>foo.com</destinations>
</virtual_user>
<virtual_user>
<alias>geek.com</alias>
<comment></comment>
<destinations>bar.com</destinations>
</virtual_user>
</virtual_users>
</mail>
...
</configure>
|
| <<< Previous | Home | Next >>> |
| Services and Run-levels | Up | Security settings |