that is freely distributed
under the terms of the GNU Public License.
is a non-profit organization that provides vendor-independent professional
certification for
system administrators and programmers.
Linux Professional Institute
has a fundamental interest in championing workforce development initiatives
for Linux and Open Source professionals. It also work on wider industry initiatives to promote the creation of
Linux jobs and the recognition of the value of IT certification.
The
provides a qualification that can be used to
indicate that someone is competent at a certain level.
The exams cover a range of different Linux based topics. The exams are available in almost every country
in the world, and are translated into a number of different languages.
The exams are primarily multiple choice questions, with some written answers. These are either taken using a computer
based system, or using a paper based exam. The organisation encourages active community participation in creating
and updating exams. Anyone can use the exam Objectives Development wiki, or the Exam Development Mailing List to
participate in the creation of new exams and the update of the existing ones.
The exams are distribution-neutral, requiring a general knowledge of Linux rather than specifics about a certain
distribution. This is shown in the way that the exams deal with the differing package management formats
.
In earlier versions of the test one of these was chosen by the candidate. In the current version the candidate
is expected to know both formats.
The examinations can be taken at any
.
These can be taken in any order,
but the candidate must have LPIC-1 before taking the exams.
To pass Level 2 someone should be able to
administer a small to medium-sized site, to
plan, implement, maintain, keep consistent, secure and troubleshoot a small mixed (MS, Linux) network (including a
LAN server (samba), Internet Gateway (firewall, proxy, mail, news), Internet Server (webserver, FTP server)).
Detailed Objectives
Topic 208: Web Services
208.1 Implementing a web server
Key Knowledge Areas
Apache 2.x configuration files, terms and utilities
Apache log files configuration and content
Access restriction methods and files
mod_perl and PHP configuration
Client user authentication files and utilities
Configuration of maximum requests, minimum and maximim servers and clients
208.2 Maintaining a web server
Key Knowledge Areas
SSL configuration files, tools and utilities
SSL certificate handling
Apache 2.x virtual host implementation (with and without dedicated IP addresses)
Using redirect statements in Apache's configuration files to customise file access
208.3 Implementing a proxy server
Key Knowledge Areas
Squid 2.x configuration files, terms and utilities
Access restriction methods
Client user authentication methods
Layout and content of ACL in the Squid configuration files
Topic 209: File Sharing
209.1 SAMBA Server Configuration
Key Knowledge Areas
Samba 3 documentation
Samba configuration files
Samba tools and utilities
Mounting Samba shares on Linux
Samba daemons
Mapping Windows usernames to Linux usernames
User-Level and Share-Level security
209.2 NFS Server Configuration
Key Knowledge Areas
NFS configuration files
NFS tools and utilities
Access restrictions to certain hosts and/or subnets
Mount options on server and client
tcpwrappers
Topic 210: Network Client Management
210.1 DHCP configuration
Key Knowledge Areas
DHCP configuration files, terms and utilities
Subnet and dynamically-allocated range setup
210.2 PAM authentication
Key Knowledge Areas
PAM configuration files, terms and utilities
passwd and shadow passwords
210.3 LDAP client usage
Key Knowledge Areas
LDAP utilities for data management and queries
Change user passwords
Querying the LDAP directory
Topic 211: E-Mail Services
211.1 Using e-mail servers
Key Knowledge Areas
Configuration files for postfix
Basic knowledge of the SMTP protocol, sendmail, and exim
211.2 Managing Local E-Mail Delivery
Key Knowledge Areas
procmail configuration files, tools and utilities
Usage of procmail on both server and client side
211.3 Managing Remote E-Mail Delivery
Key Knowledge Areas
Courier IMAP and Courier POP configuration
Dovecot configuration
Topic 212: System Security
212.1 Configuring a router
Key Knowledge Areas
iptables configuration files, tools and utilities
Tools, commands and utilities to manage routing tables.
Private address ranges
Port redirection and IP forwarding
List and write filtering and rules that accept or block datagrams based on source
or destination protocol, port and address
Save and reload filtering configurations
212.2 Securing FTP servers
Key Knowledge Areas
Configuration files, tools and utilities for Pure-FTPd and vsftpd
Awareness of ProFTPd
Understanding of passive vs. active FTP connections
212.3 Secure shell (SSH)
Key Knowledge Areas
OpenSSH configuration files, tools and utilities
Login restrictions for the superuser and the normal users
Managing and using server and client keys to login with and without password
Usage of XWindow and other application protocols through SSH tunnels
Configuration of ssh-agent
Usage of multiple connections from multiple hosts to guard against loss
of connection to remote host following configuration changes
212.4 TCP Wrapper
Key Knowledge Areas
TCP Wrapper configuration files, tools and utilities
inetd configuration files, tools and utilities
212.5 Security tasks
Key Knowledge Areas
Tools and utilities to scan and test ports on a server
Locations and organisations that report security alerts
as Bugtraq, CERT, CIAC or other sources
Tools and utilities to implement an intrusion detection system (IDS)
Awareness of OpenVAS
Topic 213: Troubleshooting
213.1 Identifying boot stages and troubleshooting bootloaders
Key Knowledge Areas
boot loader start and hand off to kernel
kernel loading
hardware initialisation and setup
daemon/service initialisation and setup
Know the different bootloader install locations on a hard disk or removable device
Overwriting standard bootloader options and using bootloader shells
213.2 General troubleshooting
Key Knowledge Areas
/proc filesystem
Various system and daemon log files
Content of /, /boot , and /lib/modules
Screen output during bootup
Kernel syslog entries in system logs (if entry is able to be gained)
Tools and utilities to analyse information about the used hardware
Tools and utilities to trace software and their system and library calls
213.3 Troubleshooting system resources
Key Knowledge Areas
/etc/profile && /etc/profile.d/
/etc/init.d/
/etc/rc.*
/etc/sysctl.conf
/etc/bashrc
/etc/ld.so.conf
or other appropriate global shell configuration files
213.4 Troubleshooting environment configurations
Key Knowledge Areas
Core system variables
init configuration files
init start process
cron configuration files
Login process
User-password storage files
Determine user group associations
SHELL configuration files of bash
Analysing which processes or daemons are running