SKIP THE SHIPPING
Use code NOSHIP during checkout to save 40% on eligible eBooks, now through January 5. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Adobe® Digital Editions software.
This eBook requires the freeBefore downloading this DRM-encrypted PDF, be sure to:
“As this book shows, Linux systems are just as functional, secure, and reliable as their proprietary counterparts. Thanks to the ongoing efforts of thousands of Linux developers, Linux is more ready than ever for deployment at the frontlines of the real world. The authors of this book know that terrain well, and I am happy to leave you in their most capable hands.”
—Linus Torvalds
“The most successful sysadmin book of all time—because it works!”
—Rik Farrow, editor of ;login:
“This book clearly explains current technology with the perspective of decades of experience in large-scale system administration. Unique and highly recommended.”
—Jonathan Corbet, cofounder, LWN.net
“Nemeth et al. is the overall winner for Linux administration: it’s intelligent, full of insights, and looks at the implementation of concepts.”
—Peter Salus, editorial director, Matrix.net
Since 2001, Linux Administration Handbook has been the definitive resource for every Linux® system administrator who must efficiently solve technical problems and maximize the reliability and performance of a production environment. Now, the authors have systematically updated this classic guide to address today’s most important Linux distributions and most powerful new administrative tools.
The authors spell out detailed best practices for every facet of system administration, including storage management, network design and administration, web hosting, software configuration management, performance analysis, Windows interoperability, and much more. Sysadmins will especially appreciate the thorough and up-to-date discussions of such difficult topics such as DNS, LDAP, security, and the management of IT service organizations.
Linux® Administration Handbook, Second Edition, reflects the current versions of these leading distributions:
Sharing their war stories and hard-won insights, the authors capture the behavior of Linux systems in the real world, not just in ideal environments. They explain complex tasks in detail and illustrate these tasks with examples drawn from their extensive hands-on experience.
Suggested background 4
Linux’s relationship to UNIX 4
Linux in historical context 5
Linux distributions 6
Notation and typographical conventions 9
Where to go for information 11
How to find and install software 14
Essential tasks of the system administrator 16
System administration under duress 18
Recommended reading 19
Exercises 20
Bootstrapping 21
Booting PCs 25
Using boot loaders: LILO and GRUB 26
Booting single-user mode 31
Working with startup scripts 32
Rebooting and shutting down 40
Exercises 43
Ownership of files and processes 44
The superuser 46
Choosing a root password 47
Becoming root 48
Other pseudo-users 51
Exercises 52
Components of a process 53
The life cycle of a process 56
Signals 57
kill and killall: send signals 60
Process states 60
nice and renice: influence scheduling priority 61
ps: monitor processes 62
top: monitor processes even better 65
The /proc filesystem 65
strace: trace signals and system calls 66
Runaway processes 67
Recommended reading 69
Exercises 69
Pathnames 72
Filesystem mounting and unmounting 73
The organization of the file tree 75
File types 76
File attributes 81
Access control lists 88
Exercises 92
The /etc/passwd file 93
The /etc/shadow file 99
The /etc/group file 101
Adding users 102
Removing users 107
Disabling logins 108
Managing accounts 108
Exercises 110
Disk interfaces 111
Disk geometry 119
Linux filesystems 120
An overview of the disk installation procedure 122
hdparm: set IDE interface parameters 129
fsck: check and repair filesystems 131
Adding a disk: a step-by-step guide 133
Advanced disk management: RAID and LVM 138
Mounting USB drives 147
Exercises 148
cron: schedule commands 150
The format of crontab files 151
Crontab management 153
Some common uses for cron 154
Other schedulers: anacron and fcron 156
Exercises 157
Motherhood and apple pie 159
Backup devices and media 163
Setting up an incremental backup regime with dump 169
Restoring from dumps with restore 173
Dumping and restoring for upgrades 176
Using other archiving programs 177
Using multiple files on a single tape 178
Bacula 179
Commercial backup products 197
Recommended reading 198
Exercises 198
Logging policies 201
Linux log files 204
logrotate: manage log files 208
Syslog: the system event logger 209
Condensing log files to useful information 220
Exercises 222
Basic Linux installation 223
Diskless clients 232
Package management 234
High-level package management systems 237
Revision control 247
Localization and configuration 255
Configuration management tools 260
Sharing software over NFS 263
Recommended software 266
Recommended reading 268
Exercises 268
TCP/IP and the Internet 272
Networking road map 275
Packets and encapsulation 276
IP addresses: the gory details 282
Routing 293
ARP: the address resolution protocol 296
Addition of a machine to a network 297
Distribution-specific network configuration 307
DHCP: the Dynamic Host Configuration Protocol 311
Dynamic reconfiguration and tuning 314
Security issues 316
Linux NAT 319
PPP: the Point-to-Point Protocol 320
Linux networking quirks 330
Recommended reading 331
Exercises 332
Packet forwarding: a closer look 335
Routing daemons and routing protocols 337
Protocols on parade 341
routed: RIP yourself a new hole 343
gated: gone to the dark side 344
Routing strategy selection criteria 344
Cisco routers 346
Recommended reading 348
Exercises 349
LAN, WAN, or MAN? 351
Ethernet: the common LAN 351
Wireless: nomad’s LAN 359
FDDI: the disappointing, expensive, and outdated LAN 361
ATM: the promised (but sorely defeated) LAN 362
Frame relay: the sacrificial WAN 363
ISDN: the indigenous WAN 364
DSL and cable modems: the people’s WAN 364
Where is the network going? 365
Network testing and debugging 366
Building wiring 366
Network design issues 368
Management issues 370
Recommended vendors 371
Recommended reading 372
Exercises 372
DNS for the impatient: adding a new machine 374
The history of DNS 375
Who needs DNS? 377
The DNS namespace 378
How DNS works 383
What’s new in DNS 386
The DNS database 389
The BIND software 409
Designing your DNS environment 415
BIND client issues 418
BIND server configuration 420
BIND configuration examples 439
Starting named 446
Updating zone files 447
Security issues 451
Testing and debugging 466
Distribution specifics 478
Recommended reading 481
Exercises 482
General information about NFS 484
Server-side NFS 489
Client-side NFS 492
nfsstat: dump NFS statistics 495
Dedicated NFS file servers 496
Automatic mounting 497
Recommended reading 500
Exercises 501
What to share 503
nscd: cache the results of lookups 504
Copying files around 505
NIS: the Network Information Service 511
LDAP: the Lightweight Directory Access Protocol 520
Recommended reading 526
Exercises 527
Mail systems 530
The anatomy of a mail message 534
Mail philosophy 539
Mail aliases 544
Mailing lists and list wrangling software 551
sendmail: ringmaster of the electronic mail circus 557
sendmail configuration 565
Basic sendmail configuration primitives 570
Fancier sendmail configuration primitives 574
Spam-related features in sendmail 588
Configuration file case study 599
Security and sendmail 603
sendmail performance 611
sendmail statistics, testing, and debugging 615
The Exim Mail System 621
Postfix 623
Recommended reading 639
Exercises 640
Network troubleshooting 644
ping: check to see if a host is alive 645
traceroute: trace IP packets 647
netstat: get network statistics 649
sar: inspect live interface activity 654
Packet sniffers 655
Network management protocols 657
SNMP: the Simple Network Management Protocol 659
The NET-SMNP agent 661
Network management applications 662
Recommended reading 667
Exercises 668
Is Linux secure? 670
How security is compromised 671
Certifications and standards 673
Security tips and philosophy 676
Security problems in /etc/passwd and /etc/shadow 678
POSIX capabilities 683
Setuid programs 683
Important file permissions 684
Miscellaneous security issues 685
Security power tools 688
Cryptographic security tools 694
Firewalls 701
Linux firewall features: IP tables 704
Virtual private networks (VPNs) 708
Hardened Linux distributions 710
What to do when your site has been attacked 710
Sources of security information 712
Recommended reading 715
Exercises 716
Web hosting basics 720
HTTP server installation 724
Virtual interfaces 727
The Secure Sockets Layer (SSL) 730
Caching and proxy servers 733
Anonymous FTP server setup 734
Exercises 736
The X display manager 743
Running an X application 744
X server configuration 748
Troubleshooting and debugging 754
A brief note on desktop environments 757
Recommended Reading 759
Exercises 759
Printers are complicated 762
Printer languages 763
CUPS architecture 767
CUPS server administration 772
Troubleshooting tips 780
Printer practicalities 782
Other printer advice 784
Printing under KDE 788
Recommended reading 790
Exercises 790
Hardware maintenance basics 791
Maintenance contracts 792
Electronics-handling lore 793
Monitors 794
Memory modules 794
Preventive maintenance 795
Environment 796
Power 798
Racks 799
Data center standards 800
Tools 800
Recommended reading 800
Exercises 802
What you can do to improve performance 804
Factors that affect performance 806
System performance checkup 807
Help! My system just got really slow! 817
Recommended reading 819
Exercises 819
Logging in to a Linux system from Windows 821
Accessing remote desktops 822
Running Windows and Windows-like applications 825
Using command-line tools with Windows 826
Windows compliance with email and web standards 827
Sharing files with Samba and CIFS 828
Sharing printers with Samba 836
Debugging Samba 840
Recommended reading 841
Exercises 842
The RS-232C standard 844
Alternative connectors 847
Hard and soft carrier 852
Hardware flow control 852
Cable length 853
Serial device files 853
setserial: set serial port parameters 854
Software configuration for serial devices 855
Configuration of hardwired terminals 855
Special characters and the terminal driver 859
stty: set terminal options 860
tset: set options automatically 861
Terminal unwedging 862
Modems 862
Debugging a serial line 864
Other common I/O ports 865
Exercises 866
Kernel adaptation 869
Drivers and device files 870
Why and how to configure the kernel 873
Tuning Linux kernel parameters 874
Building a Linux kernel 876
Adding a Linux device driver 878
Loadable kernel modules 880
Hot-plugging 882
Setting bootstrap options 883
Recommended reading 884
Exercises 884
init: the primordial process 886
cron and atd: schedule commands 887
xinetd and inetd: manage daemons 887
Kernel daemons 893
Printing daemons 894
File service daemons 895
Administrative database daemons 896
Electronic mail daemons 897
Remote login and command execution daemons 898
Booting and configuration daemons 898
Other network daemons 900
ntpd: time synchronization daemon 902
Exercises 903
Make everyone happy 904
Components of a functional IT organization 906
The role of management 907
The role of administration 915
The role of development 919
The role of operations 924
The work of support 927
Documentation 930
Request-tracking and trouble-reporting systems 934
Disaster recovery 938
Written policy 943
Legal Issues 949
Software patents 957
Standards 958
Linux culture 961
Mainstream Linux 962
Organizations, conferences, and other resources 964
Recommended Reading 968
Exercises 970