Linux System Administration: A User's Guide

Description

• Copyright 2002
• Edition: 1st

• Book
• ISBN-10: 0-201-71934-7
• ISBN-13: 978-0-201-71934-5

Respected Linux Journal and Sys Admin columnist Marcel Gagné has written the definitive guide to Linux system administration: a book that will be invaluable for sys admins at all levels of experience, using any leading distribution. Linux System Administration offers hands-on, results-focused coverage of every key Linux configuration and management task. Gagné offers detailed coverage of installation, Linux file management tools and file naming conventions; disks and file systems; users and groups; hardware; X-based graphical desktops; networking; kernel building; printing; and much more. The book contains practical guidance on scripting and automating administration tasks; administration tools; Internet services; security; tuning; and more. Gagné goes far beyond the basics, offering expert guidance on becoming a smarter sys admin -- from avoiding problems to tracking trouble calls and identifying resources that can provide the solutions you need. The book concludes with a series of instant-reference "cheat sheets" designed to help sys admins get the most common jobs done fast. For everyone responsible for administering Linux systems, including both experienced and new sys admins, as well as those migrating from UNIX or Windows environments. Also for power users, and any user or administrator who must maximize the security of their Internet-connected workstations.



Extras

Related Articles

Do it Yourself Embedded Linux

Improving the Backup Experience By Making Intelligent Software Choices

Linux at Legal Aid Manitoba

Marcel's Linux Explorations: Introducing phpGroupWare

Marcel's Linux Walkabout: Administrative Heaven -- Livin' in a Webmin World

Marcel's Linux Walkabout: But I Don't Like Spam!

Marcel's Linux Walkabout: Groupware Revisited

Marcel's Linux Walkabout: Information Unlimited

Marcel's Linux Walkabout: Just Follow the Bouncing Ball

Taming the Horrors of Printers and Printing

Thwarting the System Cracker

Author's Site

Click below for Author's Site related to this title:
Author's Web Site



Sample Content

Downloadable Sample Chapter

Click below for Sample Chapter related to this title:
gagnech13.pdf

Table of Contents

Acknowledgments.


1. Introduction.

What Is Linux?

Why Linux?

The System Administrator's Job.

About This Book.

The Command Line Rules!

GUIs Rule!

Flexibility.

Is There Anything You Can't Do with Linux?

Regrets, I've Had a Few....

Resources.

2. Linux versus Linux versus UNIX.

The UNIX Question.

The Windows Question

A Question of Distribution.

So Which Linux Distribution Should You Choose?

Red Hat Linux.

SuSE.

Caldera.

Mandrake.

Slackware.

Debian.

Turbolinux.

Getting Linux.

Getting Others to Try Linux.

Sharing Space with Windows.

How about No Disk Space At All?

A Changing Landscape.

Resources.

3. Help (and the Truth) Is Out There.

Documentation and Man Pages

What If You Don't Know the Command Name?

Show Me the PATH, man!

Graphical Man Pages.

info (the Command, That Is).

HOWTOs and Distributed DOCs

The Linux Documentation Project

Linux User Groups.

Usenet News.

Resources.

4. Linux System Installation.

Getting Ready for Your Installation.

Hardware Considerations.

Passing Boot Options

Dual Booting.

The 12 (13, 14, 15...) Steps to Any Installation.

Step 1: Booting.

Step 2: Selecting the Installation Type.

Step 3: Selecting a Language (Parlez-vous Francais?).

Step 4: Choosing a Keyboard Type.

Step 5: Selecting Your Mouse.

Step 6: Selecting a Time Zone.

Step 7: Creating a Partition

Step 8: Formatting the Partitions.

Step 9: To LILO or Not to LILO.

Step 10: Choosing and Installing Software Packages.

Step 11: Configuring the Network.

Step 12: Identifying Yourself.

Step 13: The Dreaded X Window Configuration.

Step 14: The Boot Disk Question.

The (Emergency) Boot Disk.

Starting Linux.

Shutting Down Linux.

Resources.

5. Taking Command of Linux.

Linux Commands: Love at First Sight.

Working with Files.

File Naming Conventions.

Listing Files with Emotion!

File Permissions: A First Look

Making Your Life Easier with alias

Standard Input and Standard Output

Piping

tee: A Very Special Pipe.

STDERR

The Road to Nowhere

Linux Commands: Working with Directories.

There's No Place Like $HOME

More on File Permissions

User and Group Ownership.

Who Can Do What?

Who Was That Masked User?

The setuid Bit

File Attributes

Finding Anything

grep’ping for Dollars (or Anything Else for That Matter) and Piping.

Processes.

Forests and Trees.

Interrupting, Suspending, and Restarting Processes.

Killing Processes.

“I Am vi, the Great and Powerful”

:q, :w, :wq, and ZZ

Recovering a VIM Session

Power vi: Start-up Options.

Pico: A kinder, gentler editor.

Emacs

Resources.

6. Daemons and Runlevels.

Daemons and Other Not-So-Scary Things.

The inittab File.

The rc.local File and Runlevels.

Switching between Runlevels

The chkconfig Command.

Runlevels the Graphical Way.

The (Not) Last Word.

Resources.

7. Users and Groups.

Living in a Multiuser World.

When Not to Use the root User.

Managing Users

Managing Groups

Adding Groups.

Modifying Groups.

Removing Groups.

Adding Users

About Home Directories.

Group Participation.

E-mail-Only Accounts

Yet More User-Creation Controls.

Modifying a User Account.

Deleting a User Account

Checking the Password File

User and Group Administration the GUI Way.

Choosing Good Passwords

How Crackers Crack Your Passwords.

Choosing Better Passwords.

What Next?

I Logged In from Where?

How Not to Be a “Sucker”.

Resources.

8. Disks and File Systems.

Everything Is a File.

Understanding Your File Systems.

The File System Tree.

The Root File System (aka /, or Slash).

The /usr File System.

The /var File System

The /tmp File System

The /proc File System

The /lost+found File System.

fsck: The File System Check and Repair Tool.

Bad Superblock?

How Much Space Have I Got Again?

What's This about Inodes?

Mounting and Unmounting File Systems.

Creating File Systems.

Using the New File System.

Working with Quotas

Getting Ready for Quotas.

Turning Quotas On and Off

Setting Limits.

Back to Grace

Letting the Users Know.

Resources.

9. X and the Graphical Desktop.

It's Just Window Dressing, Right?

Graphical Login Managers

Working without a Graphical Login Manager.

The World beneath the Surface.

The xinitrc File.

The .xserverrc File

The Xresources File

Specifying Resources on the Command Line.

Look, Ma! I Can Run Multiple Desktops!

Backing Up and Restoring the Desktop

Running X Applications Remotely

Choosing a Window Manager

The Tab Window Manager (twm).

Window Maker.

KDE.

GNOME.

Qvwm.

Tweaking X and Dealing with Problems.

Key Mapping.

Tuning Video Modes with xvidtune.

The “Messed Up” X Session.

Screen Captures

Resources

10. Dialing Up to the Internet with PPP.

The Basics.

What You Need from Your ISP.

Where the Information Goes

The Graphical Alternative.

Automagic PPP Connections.

eznet.

wvdial.

Resources.

11. Finding, Building, and Installing Software.

Finding Software and Software Review Sites.

Freshmeat.

TUCOWS Linux.

SourceForge.

Rpmfind

Ibiblio.org.

Installing and Building Software.

Compiling from Source.

Step 1: Unpacking the Archive.

Step 2: Building Your Programs.

Downloading and Installing Perl Modules.

Package Managers.

Updating or Installing Packages on a Debian System.

Great, but Can You Tell Me What Is Already There?

Finding Out a Package's Current Release Level

What Is That Strange File?

Using apt-get to Install or Update Software.

Educating apt-get.

Graphical Alternatives.

Red Hat Package Manager.

Installing an RPM Package.

Upgrading an RPM Package.

Uninstalling an RPM Package.

Everything You Ever Wanted to Know about an RPM Package, but Were Afraid to Ask.

RPM: The Graphical Alternatives.

installpkg: Slackware's Lonely Child.

Resources.

12. Kernel Building and Renovation.

What Is This Kernel, Anyhow?

When Should I Rebuild My Kernel?

Downloading and Building a New Kernel.

Automatic Build and Install

What about the 2.4 Kernel?

Resources.

13. Printers and Printing.

Selecting Printers for Linux (and a Note about “WinPrinters”)

How Printing Works.

Filters.

HP JetDirect Adaptors.

Printer Job Control.

Printing Anything to Any Printer.

Tying It Up: Advanced Filters with Ghostscript.

Why PostScript?

A Few PostScript Tricks.

Alternative Print Systems.

PDQ.

CUPS.

Miscellaneous Tips and Tricks.

Resources.

14. Scripting and Scripting Languages.

Shells As Far As the Eye Can See.

It's Commands All the Way Down.

Passing Parameters.

A First Look at Variables.

More on Variables

Special Characters.

Really Programming the Shell.

Specifying the Shell.

Perl.

Perl in Action: A Script for Monitoring Disk Space.

Other Languages Worthy of Consideration.

Resources.

15. Simplified Administration through Automation.

Constructive Laziness.

cron: Punching Linux's Clock.

Testing Your Job.

Editing the crontab.

Could I See an Example?

Running Jobs with at

A Question of Permissions.

Other Tools for Automation.

Automatic Downloads: ncftp.

Automatic Web Fetch: wget.

Scripting for Interactive Sessions: expect.

Automating Interactive Automation.

Resources.

16. Devices, Devices, and More Devices.

Creating Device Definitions.

Major Minor

SCSI versus IDE

Why Choose One over the Other?

CD-ROMs and CD-RWs

The Graphical Way to Burn

Scanners

Back Ends.

Front Ends.

XSane

Tape Drives.

Other Tape Formats.

Miscellaneous Devices.

Resources.

17. Backups and Restores.

The Need for Backups

Basic Tools in Every Linux System.

Using cpio.

Working with tar

Backing Up Windows Workstations.

Selecting a Backup Medium.

Backing Up with dump

Restoring with (You Guessed It) restore.

Identity Backups.

Backing Up to a CD-RW

Backups the Graphical Way.

Taper: A Text-Based Backup Utility.

Kdat: Graphical and Free

Commercial Solutions.

BRU

Arkeia

Other Considerations.

Final Words

Resources.

18. Network Administration.

The Light-Speed Introduction to TCP/IP (Act 18, Scene 1).

Protocols and Suites.

Services and Ports

IP Addresses, Networks, and Subnets, Oh My!

What Are Domains?

IP Addresses and Networks

Subnets, Netmasks, and Broadcast Addresses.

Intermezzo

Setting Up Your PC Network (Act 18, Scene 2).

Drivers

Setting the IP Address.

Routing

Using netstat

Domain Name Services (Act 18, Scene 3).

The /etc/hosts File

Will the Real DNS Please Stand Up.

Setting Up Your Own Name Server.

Defining Your Domain

The /etc/named.conf File.

Listing of /etc/named.conf.

Zones

Your Own Zone File

And Now the Reverse DNS Zone.

Does It Work?

What's All This about “Lame Servers”?

Who Gets to See the Information?

DNS Wrap-up

File Sharing Under Linux (Act 18, Scene 4).

Network File System.

How Does NFS Work?

Making a Remote File System Available.

Mounting an NFS Partition

Specifying Mounts with /etc/fstab

Simplifying Network Mounts with Linux autofs.

Network Information Service (Act 18, Scene 5).

Configuring the NIS Master Server.

Configuring the NIS Client.

The /etc/nsswitch.conf File.

Miscellaneous Network Tricks: Time Synchronization.

rdate.

NTP.

Wait! What about the GUIs?

Resources.

19. Tools, Tools, and More Tools.

The Web Browser Angle.

Linuxconf.

Webmin

Graphical Administration Tools.

Tiny but Powerful Tools.

Go-Anywhere Linux

tomsrtbt.

Trinux.

The Tiny Conclusion.

There's No Control Like Remote Control.

Resources.

20. Proof of Concept, Part 1.

Of Web Servers and Intranets

Building Your Own Corporate Portal.

Building Apache from Source.

Basic Apache Configuration.

Common Changes

The Basics of Web-Connected Databases.

An Introduction to PostgreSQL.

Perl DBI and DBD for Database Access.

Downloading and Installing the Modules.

The CGI Back End

The Face of the Intranet

Protecting Certain Pages.

Resources

21. Proof of Concept, Part 2.

The Connected Office, Linux Style

What to Look for in an ISP.

Setting Up Your ISP Dial-up Connection with diald.

Automatic Remote Mail Pickup with fetchmail

IP Forwarding and Masquerading.

DNS Revisited.

Putting It All Together.

Basic Firewall Services.

Setting Up the Mail Server with Linux.

Defining the Network.

The Components

Setting Up the POP3 Server.

Setting Up sendmail.

Stopping and Restarting sendmail.

Your DNS Setup.

Setting Up Users and Aliases.

Setting Up Your Client MUAs.

Let’s Send Some Mail

Not-So-Stupid sendmail Tricks

The Multiple Domain, Similar Address Dilemma.

The Multidrop Domain.

Stop the Spam!

Resources.

22. Integrating Windows with Linux.

An Introduction to Samba.

Getting and Building Samba.

A Note on Passwords.

Configuring the Server.

The PC Side

Printing with Samba

Printing from the Windows Client.

The GUI Way to Administer Samba.

Backing Up Windows Workstations.

Running Windows on Linux.

Wine

VMware

Win4Lin.

Resources.

23. System Logs and Accounting.

Your System Logs.

Looking at Your Log Files.

What the Names Mean

Cleaning Up and What the Numbers Mean.

syslogd: The Master Logger.

Back to the logger Program.

Automating the Log-Checking Process.

Logcheck.

Web Site Log Analysis.

Analog

The Webalizer.

Resources.

24. Secure Computing.

A Brief History of Encryption.

Personal Encryption

An Introduction to the Secure Shell.

What Are Your Options?

OpenSSH.

Secure Sockets Layer.

OpenSSH (Right Back Where You Started).

Secure File Transfers.

PGP and GnuPG.

Graphical Front Ends to GnuPG.

Building Trust Relationships.

Encrypting Electronic Mail.

Building a Secure Web Server.

Building the SSL-Enabled Apache Server.

Resources.

25. Security: The Battle for Your System.

What Is a “Script Kiddie”?

The Basics: Your TCP Wrappers.

What Your TCP Wrapper Is Telling You.

“Hey, My Logs Have Nothing in Them!”

Detecting the Cracker.

The Cracker's Not-So-Invisible Footsteps.

More Thoughts If You Have Been Cracked.

Port Scanners, Sniffers, and the Cracker's Tools.

Sniffers.

PortSentry: Active Intrusion Detection and Response.

ipchains and Firewalls.

Quick and Easy Firewall Solutions.

Locating the Cracker and Reporting Him or Her.

Keeping Up-to-Date.

Resources.

26. Performance Monitoring and Tuning.

The Search for the Holy Grail.

Monitoring and Analyzing Performance.

The uptime Command.

The top Command

Graphical tops.

The free Command

Working with vmstat

What about Good Ol' ps?

Performance Enhancing Tweaks.

/proc Revisited.

File System Tweaks.

Improving Disk Drive Performance.

Do-It-Yourself Benchmarks.

Resources.

Appendix A: The All-Linux Office?


Appendix B: The GNU General Public License.


Index. 0201719347T09242001

Preface

What Is Linux?

My guess is that if you are reading this book, you already know the answer to that question. You already know that Linux is a fully multitasking operating system based on UNIX.

You may even be aware of this now famous (perhaps legendary) Usenet message from Linus Torvalds to the Usenet group comp.os.minix:

From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds) Newsgroups: comp.os.minix
Subject: What would you like to see most in minix?
Summary: small poll for my new operating system
Message-ID: <1991Aug25.205708.9541@klaava.Helsinki.FI> Date: 25 Aug 91 20:57:08 GMT Organization: University of Helsinki
Hello everybody out there using minix -

I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. This has been brewing since april, and is starting to get ready. I'd like any feedback on things people like/dislike in minix, as my OS resembles it somewhat (same physical layout of the file-system (due to practical reasons) among other things).

I've currently ported bash(1.08) and gcc(1.40), and things seem to work. This implies that I'll get something practical within a few months, and I'd like to know what features most people would want. Any suggestions are welcome, but I won't promise I'll implement them :-)

Linus (torvalds@kruuna.helsinki.fi)

PS. Yes - it's free of any minix code, and it has a multi-threaded fs. It is NOT protable (uses 386 task switching etc), and it probably never will support anything other than AT-hard disks, as that's all I have :-(.

We've come a long way from Linus's original vision of what his little project would and would not accomplish. What he managed to do was capture the imagination of scores of talented programmers around the world. Joined together through the magic of the Internet, they collaborated, coded, tweaked, and gave birth to the operating system that is now revolutionizing the world of computing.

Notice I mentioned "scores of talented programmers." Linux is not the work of one man alone. Linus Torvalds is the original architect of Linux, its father if you will, but he is not the only effort behind it. Perhaps Linus Torvalds' greatest genius lay in knowing when to share the load. For no other pay but satisfaction, he employed people around the world, delegated to them, worked with them, and asked for and accepted feedback in a next generation of the model that began with the GNU project.

GNU, by the way, is a recursive acronym that stands for "GNU's Not Unix," a project of the Free Software Foundation. This project was started in 1984 with the intention of creating a free, UNIX-like operating system. Over the years, many GNU tools were written and widely used by many commercial UNIX vendors and, of course, system administrators trying to get a job done. The appearance of Linus Torvalds' Linux kernel had made the GNU dream of a completely free, UNIX-like operating system a reality at last.

Why Linux?

Because this book is not so much about getting and installing Linux as it is working with Linux, I won't spend a long time answering the question "Why Linux?" Frankly, it would take much less time to answer the question "Why not Linux?" Suffice it to say that Linux is a powerful, reliable (some, including your humble author, might even say it's rock solid), expandable, flexible, configurable, multiuser, multitasking, and completely free operating system that runs on numerous hardware offerings. These hardware offerings include X86 chipsets (your basic, run-of-the-mill Intel PC), DEC Alpha, Macintosh, PowerPC, and a growing number of embedded processors. You can find Linux in PDA organizers, digital watches, golf carts, and cell phones. In fact, Linux has a greater support base (in terms of platforms) than just about any other operating system you can think of. IBM's entire line of hardware runs Linux!

Completely free?

Hmm . . . Maybe I should explain "free." Free, in this case, isn't a question of cost, although you can get a free/gratis copy of Linux and install it on your system without breaking any laws. Of course, because "there ain't no such thing as a free lunch" (to quote Robert A. Heinlein), even a free download costs you connection time on the Internet, disk space, time, and so on.

Linux is distributed under the GNU General Public License (GPL), which in essence says that anyone may copy, distribute, and even sell the program so long as changes to the source are reintroduced back to the community and the terms of the license remain unaltered. Free means that you are free to take Linux, modify it, and create your own version. Free means that you are not at the mercy of a single vendor who forces you into a kind of corporate servitude by making sure that it is extremely costly to convert to another environment. If you are unhappy with your Linux vendor or the support you are getting, you can move to the next vendor without forfeiting your investment in Linux.

The GNU GPL permits a distributor to "charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee." This is further qualified by the statement that the distributor must release "for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code." In other words, the GPL ensures that programs like Linux will at best be free of charge. At worst, you may be asked to pay for the cost of a copy.

Everyone should take some time to read the GNU GPL. You'll find a link to its home in the Resources section at the end of this chapter.

The System Administrator's Job

So, this book is about Linux system administration. Just what the heck is system administration anyway? System (or systems) administration is a strange beast. After many years of administering literally hundreds of computer platforms running different operating systems and varying in complexity, I came to have what some might call a strange idea of this job description.

system administrator n. Part magician, part juggler, part technical support analyst, and part bartender/psychoanalyst, the system administrator performs the impossible job of keeping all members of his or her company satisfied by making sure that everything works. This usually includes things that are completely outside the system administrators control, such as telephones, photocopiers, fax machines, heating, air conditioning, and paper shortages in the supply cabinet.

I'm being a little silly, I realize, but system administrators get to their exulted position through the strangest of ways. You will find the career system administrator who actually wanted to do the job and worked his or her way to that goal. Along this path, you will also find secretaries who were unfortunate enough (or foolish enough) to say they knew something about computers and were instantly cast into the role. This latter category of sysadmin (a popular shortening of "system administrator") is more common than you can possibly imagine. Finally, you have the home user, a relative newcomer to this wonderful calling, thanks in large part to Linux.

About This Book

When I first started thinking about how I would lay out this book, I considered a number of approaches and settled on the following. I don't want to bore you, the reader, with chapters of references to HOWTOs on the Internet (although I will give you appropriate resource links when necessary). Nor do I want to give you verbatim listings of command options or man pages.

What I do want to do is

Index

. (period)

file names, 47

shell script variables, 224

; (semicolon), comment delimiter, 393

& (ampersand), running commands in the background, 70

* (asterisk), wildcard, 46, 224

(back ticks), shell script variables, 224-225

$ (dollar sign)

command prompt, 43-44

shell script variables, 223-224

" (double quote), shell script variables, 224-225

# (pound sign)

root prompt, 44

shell script variables, 224

? (question mark), wildcard, 46, 224

' (single quote), shell script variables, 224-225

/ (slash) file system. See root file system.

| (vertical bar), piping symbol, 21

< (less than sign), redirecting STDIN, 51

> (greater than sign)

redirecting STDERR, 54

redirecting STDOUT, 51

\ (backslash), escape character, 64, 224

2.4 kernel, 199-200

A

AbiWord, 190

adduser command, 97-100

Advanced Maryland Automatic Network Disk Archiver, 284

aging passwords, 108

alias command, 49-51

aliases

commands, 49-51

e-mail, 381-382

all_squash option, 319

AMANDA program, 284

American Registry for Internet Numbers (ARIN), 472

ampersand (&), running commands in the background, 70

Analog, 419-421

anongid option, 319

anonuid option, 319

Apache Web server

building, 356-358

configuring, 358-359

SSL (Secure Sockets Layer), 443-445

apachectl command, 357

append-only file permission, 62

applications. See also daemons; entries for specific applications; processes; scripts; tools and utilities.

current, querying, 142-143

finding. See online resources; software review sites.

installed, listing, 180-181

installing. See installing applications.

program location, 115-116

selecting during installation, 36-37

updating on a Debian system, 180-185

versions, determining, 181, 188

X window system, running remotely, 146-147

apropos command, 21-23

apt-get program, 182-183

archives, unpacking, 176-177

ARIN (American Registry for Internet Numbers), 472

Arkeia program, 283-284

asterisk (*), wildcard, 46, 224

at command, 238-239

atrm command, 238-239

attributes, file, 61-63

autoexpect program, 246-247

autofs program, 322-323

automation. See also scripts.

discarding junk programs, 236-237

downloads, 240-241

log files, 415-416

ncftp program, 240-241

online resources, 247

permissions, 239

scheduling tasks with at command, 238-239

scheduling tasks with cron program, 234-236

Web fetches, 241

wget program, 241

automount program, 323

B

back ticks (), shell script variables, 224-225

backing up data

AMANDA program, 284

Arkeia program, 283-284

BRU program, 281-283

to a CD-RW, 275-277

compressing backups, 267

configuration files, 272-275

cpio command, 266

dump command, 270-272

graphical interface, 278-281, 342

identity backups, 272-275

importance of, 265-266

KDat program, 280-281

restoring from backup, 272

selecting a backup medium, 268-270

Taper program, 278-280

tar command, 267

from Windows workstations, 268

backslash (\), escape character, 64, 224

Backup and Restore program, 281-283

bash (Bourne Again) shell, 220

benchmarks, performance, 489-490

BIND (Berkeley Internet Name Domain)

description, 304-305

online resources, 304-305, 332

security warning, 306

bit bucket, 54-55

books. See documentation.

boot disks

creating, 38-39

provided, 33

boot options, passing, 31

booting. See also shutting down Linux.

dual booting, 32

history of the term, 40

for installation, 33

bootstrapping, 40

Bourne Again (bash) shell, 220

Bourne (sh) shell, 220

broadcast addresses, 295-296

BRU program, 281-283

BugTraq, 473

burning CDs

command line interface, 253-255

graphical interface, 255-256

online resources, 253, 255, 263

bzip2, 191

C

Caldera distribution, 13

cat command, 45

cd command, 55

CDR toaster, 263

cdrecord program, 253

CD-ROMs

burning, 252-256

drivers, 31

online resources, 31, 41

running Linux from, 16

CD-RWs

as backup media, 275-277

burning, 252-256

CERT Coordination Center, 472

chains, 466-468, 473

chattr command, 62

chgrp command, 57-58

chkconfig command, 85-86

chmod command, 57-59

chown command, 57-58

CIDR (Classless InterDomain Routing), 296-298

Classless InterDomain Routing (CIDR), 296-298

clock

displaying, 142-143

scheduling tasks, 234-236

CodeWeavers, 402

color, in file listings, 45-46

command line interface, 5. See also GUIs (Graphical User Interfaces).

command prompt, 43-44

commands. See also tools and utilities.

aliases, 49-51

forcing, 50-51

help for, 19-23

running in the background, 70

saving in files. See scripts.

verification request, bypassing, 50-51

commands, usage

at, 238-239

adduser, 97-100

alias, 49-51

apachectl, 357

apropos, 21-23

atrm, 238-239

cat, 45

cd, 55

chattr, 62

chgrp, 57-58

chkconfig, 85-86

chmod, 57-59

chown, 57-58

cp, 45

cpio, 266

date, 44

df, 122-123

dig, 312-313

dpkg, 180-181

du, 277

dump, 270-272

echo, 44

exportfs, 319-320

fdisk, 127-129

find, 63-65

finger, 44

free, 478-479

grep, 65-66

groupadd, 96

groupdel, 97

groupmod, 96-97

grpck, 103

hdparm, 487-489

htpasswd, 367

ifconfig, 299-301

info, 23-24

jobs, 71

kill, 72-73

kuser, 104-105

last, 44

lastlog, 102-103

less, 45

linux, 40

lpc, 209-210

lpq, 210

lprm, 210

ls, 45-46

lsattr, 61-63

man, 19-20

mkbootdisk, 39

mkdir, 55

mkfs, 129

mknod, 249-251

more, 45, 409

mount, 124-125, 320-321

mpage, 214

mt, 261

mv, 45, 55

ntpd, 331

ntpdate, 331

ps, 66-68

pstree, 68-70

pwck, 102-103

pwd, 55

quotacheck, 131

rdate, 330

repquota, 131

restore, 272

rm, 45, 48-49

rmdir, 55

route, 301-302

rpm, 173

scp, 432-433

shutdown, 41

smbtar, 400-401

sort, 45

tar, 267

time, 490-491

top, 476-477

tty, 44

umask, 59-60

uniq, 45

uptime, 476

userconf, 103-104

userdel, 100-101

usermod, 100

vigr, 92

vimtutor, 75

vipw, 92

vncpassword, 350

vncserver, 349

vncviewer, 350

w, 44

wc, 45

who, 44

whoami, 44

xclock, 142-143

xntpd, 331

xrefresh, 156

xwininfo, 142-143

ypcat, 329

Common UNIX Printing System (CUPS), 217

Comprehensive Perl Archive Network (CPAN), 178

compression

backups, 267

online resources, 191

program comparisons, 177

concatenating files, 45

configuration

DNS, determining, 304-305

file systems, displaying, 126

configuration files

backing up, 272-275

rereading, 197-198

configuring

Apache Web server, 358-359

desktops, 141-143

Linux, with Linuxconf, 334-338

Linux, with Webmin, 338-341

master server, 325-327

monitors, 38

multiple runlevels, 86

networks, 37

NIS client, 327-328

Samba server, 393-395

startup services, 85-86, 90

X window system, 37-38

connectionless protocols, 288

connection-oriented protocols, 288

copying files, 45

country codes, 292

cp command, 45

CPAN (Comprehensive Perl Archive Network), 178

cpio command, 266

CPU usage, monitoring, 479-481

cracking. See also security.

access, tracking and denying, 448-451

crackers, locating and reporting, 471-472

detecting

changed files, 452-458

log files, 452

PortSentry program, 464-466

TCP wrappers, 448-451

online resources, 473

OS fingerprinting, 459

passwords, 106-107, 109-110

port scanners, 459-461

responding to, 458, 464-466

script kiddies, 448

sniffers, 461-463

Sniffit program, 462-463

social engineering, 109-110

TCP wrappers, 448-451

tcpdump program, 463

creating

boot disks, 38-39

device definitions, 249-251

directories, 55

file systems, 127-129

log files, 410-411

shell scripts, 220-221

credit card information, protecting, 442-443

cron program, 234

crond program, 234

crontab file, 234-236

CUPS (Common UNIX Printing System), 217

D

daemons, 81-82. See also applications; processes.

DataBase Dependent (DBD) module, 362-363

DataBase Interface (DBI) module, 362-363

databases

DBD (DataBase Dependent) module, 362-363

DBI (DataBase Interface) module, 362-363

PostgreSQL, 360-361

programming with Perl, 362-363

Web-connected, 359

datagrams, 288

date. See also time.

converting Gregorian to Discordian, 344-345

setting, 44

time synchronization, 330-331

date command, 44

DBD (DataBase Dependent) module, 362-363

DBI (DataBase Interface) module, 362-363

dcron program, 234

dead processes, 71

Debian Linux

distribution description, 14

graphical interface, 183-185

installing/updating on, 180-185

Deja.com, 27

deleting

directories, 55-56

files, 45, 48-49

junk programs, automating, 236-237

mailboxes, 101

print jobs, 210

users, 100-101

DemoLinux distribution, 16

denial of service attacks, 484-486

desktops. See also GUIs (Graphical User Interfaces); window managers; X window system.

backing up, 145-146

configuring, 141-143

cursor color, changing, 141

multiple, 144-145

restoring, 145-146

starting, 138-139

switching between, 144-145

device definitions, creating, 249-251

devices. See also disks; printers.

CD-ROMs, 252-256

CD-RWs, 252-256

online resources, 263

SANE (Scanner Access Now Easy) libraries, 257-260

scanners, 257-260

SCSI vs. IDE, 251-252

tape drives, 260-262

Xsane program, 259-260

df command, 122-123

diald program, 370-372, 388

dial-up connections, setting up, 370-372

dig command, 312-313

directories

changing to, 55

creating, 55

deleting, 55-56

home, returning to, 56

moving, 55

renaming, 55

working directory, printing, 55

disks

disk drives, performance tuning, 487-489

floppy. See floppy-based Linux.

I/O, monitoring, 480

partitioning. See partitioning.

space, monitoring, 122-123

space, usage limits. See quotas.

displaying

file contents, 45

file names, 45-46

file permissions, 64

group files, 92

displaying (cont.)

log files, 407-408

processes, 66-70

distributions, Linux

Caldera, 13

choosing, 11-15

Debian, 14

definition, 10-11

DemoLinux, 16

DragonLinux, 16

finding. See online resources; software review sites.

on a floppy disk

LOAF (Linux On A Floppy), 343-344

tomsrtbt, 344-345

Trinux, 345-348

installing. See installing Linux.

Mandrake, 13

Phat Linux, 16

Red Hat, 12

Slackware, 14

SuSE, 12-13

Turbolinux, 15

DNS (domain name servers). See also IP addresses; NIS (network information service).

BIND (Berkeley Internet Name Domain), 304-305

configuration, determining, 304-305

domains, defining, 306

/etc/hosts file, 303-304

/etc/named.conf file, 306-308

example, 375-376

lame servers, 313

online resources, 332, 388

restricting access, 313-314

reverse DNS zones, 311-312

reverse IP mapping, 311-312

security warning, 303, 306

testing, 312-313

zone files, 310-311

zones, 308-310

documentation. See also man pages; online resources.

Exploring Expect, 247

HOWTOs, 24-25

info files, 23-24

kernel source, 200

LDP (Linux Documentation Project), 25-26

location, 116

sendmail, 388

texinfo system, 23-24

dollar sign ($)

command prompt, 43-44

shell script variables, 223-224

domain name servers (DNS). See DNS (domain name servers).

domains

defining, 306

definition, 291-292

multidrop, 387

DOS, UMSDOS file system, 32

double quote ("), shell script variables, 224-225

downloads, automating, 240-241

dpkg command, 180-181

DragonLinux, 16, 32

drivers

CD-ROM, 31

network administration, 298-299

printer, 204

dselect program, 183

du command, 277

dual booting, 32

dump command, 270-272

E

easydns files, 388

EasyFw program, 469

echo command, 44

editing

crontab file, 235-236

password files, 92-96

editors

Emacs, 79-80

online resources, 80

Pico, 78-79

vi, 73-78

Emacs editor, 79-80

e-mail

aliases, setting up, 381-382

encrypting, 441-442

LDA (local delivery agent), 378

mail server, setting up, 377-378

mailing lists, 368

MTA (mail transport agent), 378

MUA (mail user agent), 378, 383-385

multidrop domains, 387

multiple domains, similar addresses, 386-387

Pegasus Mail, 384-385

PGP signatures, 441-442

POP3 (Post Office Protocol), 161, 379

remote pickup, 372-374

sendmail, 379-381, 386-387

SMTP (Simple Mail Transfer Protocol), 161

spam filters, 387-388

users, setting up, 381-382

e-mail-only accounts, 99

emergency boot disks. See boot disks.

encrypting e-mail, 441-442

encryption, 425-426. See also PGP (Pretty Good Privacy).

environment variables, shell scripts, 223-224

error file, standard. See STDERR (standard error).

ESP Print Pro, 217

/etc/hosts file, 303-304

/etc/named.conf file, 306-308

/etc/nsswitch.conf file, 328-329

executable file permissions, 57, 60-61

Expect home page, 247

expect program, 242-247

Exploring Expect, 247

exportfs command, 319-320

eznet program, 165-166

F

fd0. See STDIN (standard input).

fd1. See STDOUT (standard output).

fdisk command, 127-129

fetchmail program, 372-374

.fetchmail.rc file, 373

FHS (Filesystem Hierarchy Standard), 134

file contents

displaying, 45

searching, grep command, 65-66

searching, vi editor, 77

sorting, 45

unique lines, returning, 45

word count, 45

file descriptor 0. See STDIN (standard input).

file descriptor 1. See STDOUT (standard output).

file handles, performance tuning, 486

file permissions

append-only, 62

changing, 57-58

defaults, 59-60

examining, 64

executable, 57, 60-61

group ownership, 57-58

hidden files, 47

listing, 46-47

"Permission denied" messages, 63

r permission, 57

read, 57

s bit, 60-61

s (setuid) bit, 60-61

undeletable files, 47-49

user ownership, 57-58

w permission, 57

write, 57

x permission, 57

z permission, 57

file system trees

definition, 113-114

header files, 115

programs, 115

root file system, 113-114

shared libraries, 115

swap partitions, 113-114

system loadable modules, 114

file systems

checking and repairing, 120-122

configuration, displaying, 126

creating, 127-129

defaults, 125

definition, 113

description, 112

games, 116

indirect blocks, 124

inodes, 123-124

/lost+found, 120-122

mounting/unmounting, 124-126

online resources, 134

performance tuning, 482-487

/proc, 117-120

programs, 116

slices, 112

specifying, 129

system documentation, 116

/tmp, 117

/usr, 115-116

/var, 116

variable data, 116

X window system, 116

file types, testing in scripts, 227

files. See also entries for specific files.

associated packages, identifying, 181, 188-189

attributes, 61-63

concatenating, 45

copying, 45

data, 112

definition, 111-112

deleting, 45, 48-49

directory, 112

finding, 63-65

hidden, 47

listing, 45-46 . See also finding.

locking/recovering, 317

log. See log files.

maximum open, setting, 486

monitoring changes, 189

moving, 45

naming conventions, 45

ordinary, 112

piping, 53

renaming, 45

secure transfers, 432-433

sharing, 314

special, 112

STDERR (standard error), 54-55

STDIN (standard input), 51-53

STDOUT (standard output), 51-53

text, 112

undeletable, 47-48

Filesystem Hierarchy Standard (FHS), 134

filters

print, 205-208, 211-213

spam, 387-388

find command, 63-65

finding. See also searching.

applications. See online resources; software review sites.

files, 63-65

users, 44

finger command, 44

FIPS, 32

firewalls, 376-377, 466-471

floppy-based Linux

LOAF (Linux On A Floppy), 343-344

tomsrtbt, 344-345

Trinux, 345-348

forcing commands, 50-51

forest view of processes, 68-70

form feeds, extraneous, 207

free command, 478-479

Freshmeat, 170-171

fsck program, 120-121

Ftape-HOWTO, 263

G

games, 116

GDiskFree, 123

gdm program, 136-138

Gelians, Jacques, 334

gfcc program, 470

ghostscript, 211-213

GIDs (group IDs), 93

GIMP, 263

GNOME (GNU Network Object Model Environment)

online resources, 158, 491

window manager, 152-153

gnomecc, 341-342

gnorpm program, 189-190, 342

GNU Emacs, 80

GNU (GNU's Not Unix), 2, 7

GNU Network Object Model Environment (GNOME). See GNOME (GNU Network Object Model Environment).

GnuPG (GNU Privacy Guard), 433-439. See also encryption.

GNU's Not Unix (GNU)

definition, 2

online resources, 7

Google Groups, 27

gppp-wvdial program, 168

grace periods, quota violations, 132-134

Grand Salmar Station, 363-367

graphical login managers, 136-138

Graphical User Interfaces (GUIs). See GUIs (Graphical User Interfaces).

greater than sign (>)

redirecting STDERR, 54

redirecting STDOUT, 51

Gregorian dates, converting to Discordian, 344-345

grep command, 65-66

group files, 92, 103

group IDs (GIDs), 93

group ownership, 57-58

groupadd command, 96

groupdel command, 97

groupmod command, 96-97

groups

default, 98

defining, 98-99

managing, command line interface, 96-97

managing, graphical interface, 342

grpck command, 103

GTK+ Firewall Control Center, 470

GUIs (Graphical User Interfaces). See also desktops; window managers; X window system.

benefits of, 5

gnomecc, 341-342

gnorpm, 342

Grand Salmar Station, 363-367

kcontrol, 342

kdat, 342

KDE control panel, 341-342

klpq, 342

kpackage, 342

kuser, 342

Linuxconf, 334-338

timetool, 342

VNC (Virtual Network Computing), 348-352

Web browser interfaces, 334-341

Webmin, 338-341

xinitrc file, 139-140

.xinitrc file, 139-140

Xresources file, 141-143

.xserverrc file, 140-141

H

hacking. See cracking.

hard disks. See disks.

hard mounts, 320

hardware compatibility, 30, 41

hardware requirements, 30-31

Harris, David, 384

hash mark. See pound sign.

hashing, 107

hdparm command, 487-489

header files. location, 115

Heinlein, Robert A., 233

help. See also documentation; man pages; online resources.

in vi editor, 74-75

hidden files, 47

Hipp, D. Richard, 165

home directory, 56, 98

$HOME environment variable, 56

HOWTOs, 24-25

HP JetDirect adapters, 208-209

HP710C printers, 204

htpasswd command, 367

I

IANA (Internet Assigned Numbers Authority), 292

ibiblio.org site, 174-175

ICE window manager, 158

identity backups, 272-275

ifconfig command, 299-301

import program, 157-158

indirect blocks, 124

inetd process, 289-290

info command, 23-24

info files, 23-24

init process, 82-83, 289-290

inittab file, 82-83

inodes, 123-124

input file, standard. See STDIN (standard input).

installing applications. See also package managers.

compiling from source, 175-178

on a Debian system, 180-185

unpacking archives, 176-177

installing Linux. See also package managers.

applications, selecting, 36-37

boot disks, creating, 38-39

boot disks, provided, 33

boot options, passing, 31

booting, 33

CD-ROM drivers, 31

compiling from source, 175-178

dual booting, 32

hardware requirements, 30-31

installation type, selecting, 33-34

keyboard type, selecting, 34

language, selecting, 34

LILO (Linux loader), 36

MBR (master boot record), 36

monitors, configuring, 38

mouse, selecting, 34

network, configuring, 37

partitioning, 32, 35-36

passwords, selecting, 37

root partitions, 35

swap partitions, 35

time required, 29

time zone, selecting, 34

UMSDOS file system, 32

unpacking archives, 176-177

X window system, configuring, 37-38

installing Perl modules, 178-179

installpkg program, 191

interactive sessions, scripting, 242-247

Intermezzo, 296-298

Internet. See also e-mail; intranets; IP addresses; PPP (Point-to-Point Protocol).

dial-up connections, setting up, 370-372

firewalls, 376-377

graphical interface, 162-164

IP forwarding, 374-375

ISPs, choosing, 370

Linux resources. See online resources.

masquerading, 374-375

SLIP (Serial Line Interface Protocol), 371

Internet Assigned Numbers Authority (IANA), 292

Internet Service Providers (ISPs), 160, 370

Internet Software Consortium, 304-305

interrupting processes, 70-71

intranets. See also Internet.

Apache Web server

building, 356-358

configuring, 358-359

databases

DBD (DataBase Dependent) module, 362-363

DBI (DataBase Interface) module, 362-363

PostgreSQL, 360-361

programming with Perl, 362-363

Web-connected, 359

definition, 355-356

Grand Salmar Station, 363-367

passwords, 366-367

user interface, 363-367

IP addresses

defining, 292-294

reverse mapping, 311-312

setting up, 299-301

IP forwarding, 374-375

IP packets, 288

ipchains program, 466-468, 473

ipfwadm program, 466

ISC, 332

ISPs (Internet Service Providers), 160, 370

J

jobs. See processes.

jobs command, 71

Jörg Schilling's site, 253

K

K Desktop Environment (KDE). See KDE (K Desktop Environment).

kcontrol, 342

kdat, 342

KDat program, 280-281

KDE (K Desktop Environment)

control panel, 341-342

online resources, 90, 158, 491

window manager, 151-152

KDiskFree, 123

kdm program, 136-138

"kernel too big" message, 197

kernels

2.4 kernel, 199-200

definition, 193

Linux Kernel Archives, 30

online resources, 201

rebuilding

automatically, 199

building a new kernel, 194-198

downloading a new kernel, 194

identifying need for, 193-194

including in LILO, 197-198

"kernel too big" message, 197

loadable modules, 196

rereading the configuration file, 197-198

source documentation, 200

key mapping, 154-155

keyboard type, selecting, 34

kill command, 72-73

killing processes, 72-73

Kjos, Ian, 255

klpq, 342

Kourai, Kenichi, 153-154

kpackage program, 184, 342

ksysv program, 88-90

kuser command, 104-105, 342

kwvdial program, 168

Kyoseon, Koo, 470

L

lame servers, 313

Langford, Jacob A., 215

language, selecting, 34

last command, 44

lastlog command, 102-103

LDA (local delivery agent), 378

LDP (Linux Documentation Project), 25-26

less command, 45

less than sign (<), redirecting STDIN, 51

LILO (Linux loader), 36

line feeds, converting to carriage returns, 205-208

links, on documentation pages, 24

Linux

application software, 6

definition, 1-3

distributions. See distributions.

installing. See installing Linux.

Internet resources. See online resources.

limitations, 6

running from CD-ROM, 16

running Windows applications. See Windows.

sources for, 15

updating on a Debian system, 180-185

vs. UNIX, 9-10

vs. Windows, 10

linux command, 40

Linux Kernel Archives, 30, 201

Linux Kernel HOWTO, 201

Linux Router Project, 332

LinuxBerg site, 171

Linuxconf, 334-338

LinuxPrinting.org, 218

listing. See displaying.

loadable modules, 196

LOAF (Linux On A Floppy), 343-344

local delivery agent (LDA), 378

log files

Analog, 419-421

analyzing, 415-424

archiving, 410-411

automating, 415-416

cleaning up, 409-411

contents, specifying, 412-418

detecting crackers, 452

displaying, 407-408

Logcheck, 416-418

logger program, 414-415

master logger, 411-414

names, 408-409

recreating, 410-411

rotating, 410-411

syslog.conf file, 412-414

syslogd daemon, 411-414

system logs, 407

user-generated entries, 414-415

Web server logs, 418-424

Webalizer, 421-424

wtmp file, 409

Logcheck, 416-418

logged-in users, querying, 44

logger program, 414-415

login managers, 136-138

logins

most recent, determining, 102

multiple, preventing, 226-228

source location, determining, 108-109

logrotate program, 410

/lost+found file systems, 120-122

lpc command, 209-210

lpq command, 210

lprm command, 210

ls command, 45-46

lsattr command, 61-63

LUGs (Linux User Groups), 26

M

MAC (Media Access Control) addresses, 300

mail server, setting up, 377-378

mail transport agent (MTA), 378

mail user agent (MUA), 378, 383-385

mailboxes, deleting, 101

mailing lists, 368

major device numbers, 249-251

man command, 19-20

man pages, 19-23. See also documentation; online resources.

Mandrake distribution, 13

MANPATHs, 23

masquerading, 374-375

master boot record (MBR), 36

master logger, 411-414

master process, 82-83

master server, configuring, 325-327

MBR (master boot record), 36

Media Access Control (MAC) addresses, 300

memory, monitoring, 478-479

menus, on documentation pages, 24

metacharacters, 46

metalab.unc.edu site, 174-175

Mills, David L., 330

minor device numbers, 249-251

mkbootdisk command, 39

mkdir command, 55

mkfs command, 129

mknod command, 249-251

ModSSL, 446

monitoring

changes to files, 189

command execution time, 490-491

CPU usage, 479-481

disk I/O, 480

disk space, 122-123, 229-231

memory, 478-479

up time, 476

monitors, configuring, 38

more command, 45

mount command, 124-125, 320-321

mounting file systems

description, 124-126

/etc/fstab, 321-322

Linux autofs, 322-323

mount command, 124-125

mount requests, 317

NFS (Network File System)

with /etc/fstab, 321-322

hard mounts, 320

with Linux autofs, 322-323

with mount command, 320-321

mount requests, 317

rpc.mountd daemon, 317

soft mounts, 320

mouse, selecting, 34

moving

directories, 55

files, 45

mpage command, 214

mt command, 261

MTA (mail transport agent), 378

MUA (mail user agent), 378, 383-385

multidrop domains, 387

mv command, 45, 55

N

Nagree, Yusuf, 278

naming conventions, files, 45

ncftp program, 240-241

ncftpget program, 240

ncftpput program, 240

netmasks, 295-298

Netscape, 429

Netscape Communicator, 388

netstat program, 302-303

Netwatch, 473

network administration. See also DNS (domain name servers); Internet; intranets; IP addresses; NFS (Network File System).

breaking up a network, 294-296

broadcast addresses, 295-296

CIDR (Classless InterDomain Routing), 296-298

configuring during installation, 37

connectionless protocols, 288

connection-oriented protocols, 288

country codes, 292

datagrams, 288

domains, 291-292

drivers, 298-299

file sharing, 314

graphical interfaces, 331

IANA (Internet Assigned Numbers Authority), 292

inetd process, 289-290

init process, 289-290

Intermezzo, 296-298

IP packets, 288

MAC (Media Access Control) addresses, 300

netmasks, 295-298

network classes, 293-294

ntop program, 347

NTP, 330-331

online resources, 332

ports, 289-290

protocols, 288

rdate command, 330

routers, 296

routing, configuring, 301-303

routing, performance tuning, 482-484

services, 289-290

subnets, 296

TCP (Transmission Control Protocol), 288

TCP/IP, 288-289

time synchronization, 330-331

TLDs (top-level domains), 291

UDP (User Datagram Protocol), 288

usage, displaying, 347

network classes, 293-294

Network File System (NFS). See NFS (Network File System).

network information service (NIS). See NIS (network information service).

Network News Transfer Protocol (NNTP), 161

NFS (Network File System)

file locking/recovery, 317

hard mounts, 320

mount requests, 317

mounting, 320-323

overview, 315-316

quota support, 317

remote file systems, making available, 317-320

RPC services, determining, 316

rpc.mountd daemon, 317

rpc.nfsd daemon, 317

rpc.quotad daemon, 317

rpc.statd daemon, 317

soft mounts, 320

squashing permissions, 317-320

user requests, 317

NFS project, 315

NIS (network information service). See also DNS (domain name servers).

configuring the master server, 325-327

configuring the NIS client, 327-328

/etc/nsswitch.conf file, 328-329

overview, 324-325

Nmap, 473

NNTP (Network News Transfer Protocol), 161

no_hide option, 318

Norman, Tim, 204

no_root_



Updates

Submit Errata

