9.1 Configuring Red Hat Linux by Using the System Settings Menu

The GNOME and KDE System Settings menu provides access to 15 utilities that help you configure your system. Chapter 8 explained one of these, the package management tool. The tools available are:

Authentication: Provides access to the Authentication Configuration tool, which lets you configure password settings
Date & Time: Provides access to the Date/Time Properties tool, which lets you configure the time zone, date, and time
Display: Provides access to the Display Settings tool, which lets you configure monitor resolution, color depth, and other display characteristics
Keyboard: Provides access to the Keyboard tool, which lets you choose the keyboard appropriate to your system
Language: Provides access to the Language Selection tool, which lets you choose the current language from among those for which you've installed support
Login Screen: Provides access to the GDM (GNOME Display Manager) Setup tool, which lets you configure how people log in under X
Mail Transport Agent Switcher: Provides access to the redhat-switchmail tool, which lets you choose between the Sendmail and Postfix mail servers
Mouse: Provides access to the Mouse Configuration took, which lets you choose the mouse appropriate to your system and enable or disable 3-button emulation
Network: Provides access to the Network Configuration tool, which lets you configure network, modem, VPN (virtual private network), and wireless connections and related settings
Packages: Provides access to the Package Management tool, which lets you install and remove RPM packages
Printing: Provides access to the Red Hat Printer Config tool, which lets you configure printers and control print queues
Root Password: Provides access to a tool that enables you to change the root password
Security Level: Provides access to the Security Level Configuration tool, which lets you configure a firewall to protect your system from network attacks
Soundcard Detection: Provides access to the Sound Card Configuration tool, which lets you configure and verify the operation of your sound card
Users and Groups: Provides access to the Red Hat User Manager, which lets you configure user accounts and groups

Depending on the packages installed on your system, you may see fewer or more items on the System Settings menu.

In addition, the Extras menu contains a System Settings submenu, on which you can find two more tools: Desktop Switching Tool and Printer System Switcher. The Desktop Switching Tool lets you choose between the GNOME and KDE desktop. The Printer System Switcher lets you choose between the LPRng and CUPS printing system. Neither tool will let you choose a facility that's not installed. So, for example, unless you've installed both LPRng and CUPS, the Printer System Switcher tool won't actually function.

Most of the System Settings tools function like similar steps in the Red Hat Linux installation procedure. This section focuses on tools that do not resemble installation procedure steps, namely:

GDM Setup tool
redhat-switchmail tool
Red Hat Printer Config tool
Sound Card Configuration tool
Red Hat User Manager
Desktop Switching Tool

The Network Configuration tool provides many settings and functions. Explanation of the Network Configuration tool is deferred to Chapter 10 and Chapter 11. Similarly, explanation of the redhat-switchmail tool is deferred to Chapter 12

9.1.1 Setting Up X Logins

The GDM Setup tool, accessible via System Settings Login Screen from the GNOME or KDE menu, lets you specify options related to X logins. Figure 9-1 shows the tool. Most of the options are cosmetic. For example, you can choose whether times are displayed in 12-hour or 24-hour format. However, the Security and XDMCP tabs provide options that you should consider changing.

Figure 9-1. The GDM Setup tool

By default, the XDMCP tab disables XDMCP, the facility that provides remote X terminals and sessions the ability to login to your system. If you have X terminals or additional Linux or Unix hosts, you may find it convenient to be able to remotely log in to your Red Hat Linux system. To provide this capability, enable the Enable XDMCP checkbox. The change takes effect when you close the GDM Setup tool. Thereafter, X terminals and X sessions on your local network should be able to remotely log in to your Red Hat Linux system.

If you've enabled XDMCP but are unable to obtain an X login screen, check your firewall settings by using the Security Level Configuration tool. It's likely that your firewall is configured to block remote X access.

If you enable XDMCP, you should generally make a second configuration change. By default, the Security tab enables the setting Allow root to login remotely with GDM. Most users do not need to remotely login as root and therefore don't require this setting to be enabled. By disabling the setting, you can prevent unauthorized persons from successfully logging in as root from remote X terminals or sessions. Therefore, you should generally disable this setting.

9.1.2 Configuring a Printer

Before you can print from Red Hat Linux, you must configure a printer. Red Hat Linux supports local printers attached to your system's parallel port and remote printers that your system accesses via the network. Before you can configure a remote printer, you must first configure networking, as explained in Chapter 11.

To configure a local printer, launch the printer configuration tool by selecting System Tools Printing. The Red Hat Printer Config Tool, as shown in Figure 9-2, appears.

Figure 9-2. The printer configuration tool

First, create a new printer by clicking the New icon. The Add a New Print Queue wizard appears. Click Forward to proceed. The Set the Print Queue Name and Type dialog box, as shown in Figure 9-3, appears.

Figure 9-3. The Set the Print Queue Name and Type dialog box

Every print queue has a name. The most commonly used name for the default print queue is lp. Type lp or another print queue name of your choice in the text box labeled Queue Name. Select the Local Printer radio button and click Forward. The Configure a Local Printer dialog box, as shown in Figure 9-4, appears.

Figure 9-4. The Configure a Local Printer dialog box

The dialog box shows the parallel ports associated with your system. Linux numbers parallel ports starting with zero, so the port designated /dev/lp0 corresponds to the device known by Microsoft Windows as LPT1. Select the parallel port to which your printer is attached and click Forward.

The Select a Print Driver dialog box, as shown in Figure 9-5, appears. Select the make of your printer by clicking the triangle that appears at the left of its name. From the sublist that appears, select the model of your printer and choose a print driver, as shown in Figure 9-6. More than one driver may be available for your printer. Some drivers work better than others, so you'll eventually want to try each driver in order to locate the one that works best. For now, merely choose a driver arbitrarily from among those listed for your printer. Then click Forward.

Figure 9-5. The Select a Print Driver dialog box

Figure 9-6. The Select a Print Driver dialog box

The Finish and Create the New Print Queue dialog box, as shown in Figure 9-7, appears. Check the information and use the Back button to correct any errors. When you're satisfied with your specifications, click Apply.

Figure 9-7. The Finish and Create the New Print Queue dialog box

The printer configuration tool reappears with the new printer, as shown in Figure 9-8. To verify the configuration, click Test and choose ASCII Text Testpage. Doing so sends a sample page to the printer so that you can verify correct operation. A dialog box invites you to save your configuration changes; click Yes, or your new printer configuration will be lost. The system then restarts the printer system, known as the lpd daemon, and informs you of the result by presenting a dialog box. This process may take several seconds. Click OK to continue. Finally, a dialog box confirms that the sample page has been sent to the printer.

Figure 9-8. The printer configuration tool

If the sample page doesn't appear or appears incorrectly, select the printer and click Edit. Use the Edit Queue dialog box that appears, as shown in Figure 9-9, to select a different print driver or revise options associated with the current driver.

Figure 9-9. The Edit Queue dialog box

9.1.3 Changing the Root User Password

You can change the password associated with the root user account by using the Root Password tool. To do so, select System Settings Root Password. A dialog box, shown in Figure 9-10, appears. Type the desired password twice and click OK. If the two passwords match, the password is immediately changed. Otherwise, the tool gives you another opportunity to change the password.

Figure 9-10. The Root Password tool

The system evaluates passwords and can determine that a password you specify is insecure. In such a case, it may prevent you from using the insecure password or, if you are the root user, it may merely inform you that the password is insecure. Unless your PC is physically secure and never connected to a network, you should choose only secure passwords.

9.1.4 Configuring Sound

If your system includes a sound adapter supported by Red Hat Linux, you can use the Sound Card Configuration tool to configure your adapter. If you're unsure whether your system's sound adapter is supported, check the Red Hat Linux hardware compatibility database at http://hardware.redhat.com. Several popular cards are not fully compatible with Red Hat Linux, so it's best to check the database before wasting time trying to configure incompatible hardware.

To configure your system's sound adapter, choose System Settings Soundcard Detection from the GNOME or KDE menu. The Sound Card Configuration tool appears, as shown in Figure 9-11.

Figure 9-11. The Sound Card Configuration tool

The tool probes your system, seeking supported sound adapters. After a sound adapter has been identified, the tool displays the vendor and model of your sound card and the associated Linux kernel module name. If the tool was unable to find a sound adapter, it displays the text "No soundcards were detected."

If your system's sound adapter was sucessfully probed, you can click the Play test sound button to test the adapter. If you don't hear the sound, check that your speakers are plugged in and, if necessary, powered on. Otherwise, you may spend time trying to reconfigure a sound adapter that's actually working fine.

If the test sound works, but you don't hear sound at other times, check the mixer levels by choosing Sound & Video Volume Control. If you're using KDE, you should also check Sound& Video Sound Mixer. You may find that a volume control is set too low or a mixer setting is preventing you from hearing sounds. Be careful when adjusting volume and mixer settings. Loud noises can damage equipment, your hearing, and relationships with neighbors.

To enable desktop sounds, choose Preferences Sound and use the Sound Preferences (GNOME) or Sound Server KDE Control Module (KDE) to configure a sound server to start when the desktop is launched.

9.1.5 User and Group Administration

The Red Hat User Manager tool lets you administer users and groups. To launch the tool, select System Settings Users and Groups from the GNOME or KDE menu. The Red Hat User Manager tool appears, as shown in Figure 9-12. The tool presents a scrollable list of user accounts (users) and displays the following information about each user account:

User Name: The login name associated with the user account.
User ID: The numeric ID associated with the user account. This ID is automatically assigned when the user account is created and is unique to each user account.
Primary Group: The name of the primary user group associated with the user account. Accounts used by people rather than by system processes generally have an associated primary group having the same name as the user account.
Full Name: The name of the person or process that owns the user account.
Login Shell: The login shell assigned to the user account. Assigning /bin/false or /sbin/nologin prevents the user account from logging in.
Home Directory: The home directory associated with the user account. When the user logs in, this directory is set as the current working directory.

Figure 9-12. The Red Hat User Manager

When many user accounts are configured, it may be inconvenient to scroll through the list. You can use the text box labeled Search Filter to display only user accounts having names matching a specified pattern. Type the pattern in the text box and click Apply filter.

9.1.5.1 Modifying a user account

To modify a user account, click the desired account and click Properties. The User Properties dialog box, as shown in Figure 9-13, appears.

Figure 9-13. The User Properties dialog box

The User Data pane of the User Properties dialog box lets you view and change a variety of properties:

User Name: The login name associated with the user account.
Full Name: The name of the person or process that owns the user account.
Password: The password to be associated with the user account.
Confirm Password: The password to be associated with the user account. The password is specified twice in order to reduce the risk of assigning an incorrect password due to a typing error.
Home Directory: The home directory associated with the user account. When the user logs in, this directory is set as the current working directory.
Login Shell: The login shell assigned to the user account. Assigning /bin/false or /sbin/nologin prevents the user account from logging in.

The Red Hat User Manager appears to be somewhat buggy. Sometimes, the Red Hat User Manager tool fails to automatically display recent changes. If, after you close the Properties dialog box, your changes aren't seen in the main window, click Refresh. Similarly, sometimes the Properties dialog box cannot be dismissed by clicking OK. In such a close, click the close icon at the top right of the dialog box. Finally, if the tool stubbornly refuses to cooperate, exit and re-launch the tool. Often, this eliminates the problem.

The Account Info pane, shown in Figure 9-14, lets you specify a date on which a user account becomes unusable. Alternatively, you can use the text box labeled User account is locked to immediately disable an account.

Figure 9-14. The Account Info pane of the User Properties dialog box

The Password Info pane, shown in Figure 9-15, lets you set password expiration options for the account. To do so, enable the checkbox labeled Enable password expiration. Then you can specify any of the following values:

Days before change allowed:: The number of days that must elapse before the user can change the password associated with the user account.
Days before change required:: After the specified number of days, the user must change the password associated with the user account.
Days warning before change:: This value is used in combination with the Days Before Change Required value. The user will be given advance notice of the need to change the password associated with the user account. The notification begins the specified number of days before the change must be made.
Days before account inactive:: After the specified number of days, the user account is disabled.

Figure 9-15. The Password Info pane of the User Properties dialog box

The Groups pane displays a series of checkboxes corresponding to user groups. To associate the user account with a group, check the box corresponding to the desired group.

9.1.5.2 Adding a new user

To create a new user account, click Add User in the Red Hat User Manager dialog box. This will launch the Create New User dialog box, shown in Figure 9-16.

Figure 9-16. The Create New User dialog box

Choosing a Secure Password

A cracker who manages to obtain a copy of your system's /etc/shadow file may be able to discover your password by using a utility that tries to determine your password by decrypting the encrypted password stored in the file. You can make the cracker's job more difficult by using one or more of the following techniques:

Choose a password that is at least six characters long.
Choose a password that is not a dictionary word. Use a made-up word or a phrase.
Choose a password that includes uppercase and lowercase letters.
Choose a password that includes digits as well as letters. However, don't merely follow a dictionary word by the digit 1 or use a similarly guessable scheme.
Choose a password that includes one or more special characters, such as a dollar sign, pound sign, or underscore.

Other things being equal, the longer a password is used, the greater the likelihood that it has been compromised. One way to protect users from password crackers is to require users to change their passwords regularly.

Some overly zealous system administrators require users to change their passwords every 30 days. Unless a system contains top secret data, such a short interval is unnecessary, amounting to what's called password fascism. You may find that requiring users to change their passwords every six months or every year is sufficient to avoid hacker invasion of user accounts.

When you create a new user account, you can specify the following values:

User Name: The name of the user account to be created.
Full Name: The name of the user who will use the account.
Password: The password to be associated with the user account.
Confirm Password: Again, the password to be associated with the user account.
Login Shell: The login shell associated with the account. You should generally select /bin/ bash.
Create home directory: You should generally check this box, so that a home directory is created.
Home Directory: This value is used only when Create Home Directory is enabled. The default value is generally acceptable.
Create a private group for this user: You should generally enable this checkbox, which causes automatic creation of a primary user group having the same name as the user account.
Specify user ID manually: I recommend leaving this unchecked.

When you've specified the desired values, click OK to create the user account.

9.1.5.3 Deleting a user account

To delete a user account, click on the desired account and click Delete.

The user account is immediately deleted; no confirmation dialog box appears. Therefore, exercise care to ensure that the correct user account is highlighted before clicking Delete.

9.1.5.4 Configuring groups

You may recall from Chapter 4 that Linux uses groups to define a set of related user accounts that can share access to a file or directory. You probably won't find it necessary to configure group definitions very often, particularly if you use your system as a desktop system rather than a server.

To view the configured groups, launch the User Manager tool and click the Groups tab. The Groups pane, as shown in Figure 9-17, appears. Groups are shown in a scrollable list, similar to the way user accounts are shown.

Figure 9-17. The Groups pane of the User Manager

To create a new group, click the Add Group icon. The Create New Group dialog box, as shown in Figure 9-18, appears. The dialog box lets you specify the name of the new group. When you've specified the name of the new group, click OK to create the group.

Figure 9-18. The Create New Group dialog box

To modify a group, click on the name of the group. The Group Properties dialog box, shown in Figure 9-19, appears. The Group Data pane of the dialog box lets you revise the name of the group. The Group Users pane contains a scrollable list of users; you can associate a user account with a group by enabling the checkbox adjacent to the username or dissociate a user account from a group by disabling the checkbox adjacent to the username. When you've completed your changes, click OK to make them effective.

Figure 9-19. The Group Properties dialog box

To delete a group, select the group in the Groups pane and click the Delete icon.

The selected group is immediately deleted. So, before clicking Delete, be sure the proper group is highlighted.

9.1.6 Switching Desktops

During the installation procedure, GNOME is automatically configured as the default desktop. You can choose KDE as the default by using the desktop switcher.To do so, select Extras System Settings Desktop Switching Tool from the GNOME or KDE menu. The Desktop Switcher tool, shown in Figure 9-20, appears.

Figure 9-20. The Desktop Switcher dialog box

In addition to GNOME and KDE, the Desktop Switcher lets you specify TWM (tiny window manager), a sparsely functional but highly efficient desktop. The checkbox labeled "Change only applies to current display" lets you restrict your choice of desktop to the current desktop, as indicated in the top line of the dialog box. This facility is useful if your system has been configured to allow remote users to log in via X.

To specify a desktop, click the desired radio button and click OK. A dialog box appears, informing you that you must restart X for the selected desktop to appear. To restart X, simply log out and then log in.