Cover image for Linux Server Hacks

Book description

A competent system administrator knows that a Linux server is a high performance system for routing large amounts of information through a network connection. Setting up and maintaining a Linux server requires understanding not only the hardware, but the ins and outs of the Linux operating system along with its supporting cast of utilities as well as layers of applications software. There's basic documentation online but there's a lot beyond the basics you have to know, and this only comes from people with hands-on, real-world experience. This kind of "know how" is what we sought to capture in Linux Server Hacks. Linux Server Hacks is a collection of 100 industrial-strength hacks, providing tips and tools that solve practical problems for Linux system administrators. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Some of the hacks are subtle, many of them are non-obvious, and all of them demonstrate the power and flexibility of a Linux system. You'll find hacks devoted to tuning the Linux kernel to make your system run more efficiently, as well as using CVS or RCS to track the revision to system files. You'll learn alternative ways to do backups, how to use system monitoring tools to track system performance and a variety of secure networking solutions. Linux Server Hacks also helps you manage large-scale Web installations running Apache, MySQL, and other open source tools that are typically part of a Linux system. O'Reilly's new Hacks Series proudly reclaims the term "hacking" for the good guys. Hackers use their ingenuity to solve interesting problems. Rob Flickenger is an experienced system administrator, having managed the systems for O'Reilly Network for several years. (He's also into community wireless networking and he's written a book on that subject for O'Reilly.) Rob has also collected the best ideas and tools from a number of other highly skilled contributors. Written for users who already understand the basics, Linux Server Hacks is built upon the expertise of people who really know what they're doing.

Table of Contents

  1. Linux Server Hacks
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. A Note Regarding Supplemental Files
    3. How to Become a Hacker
      1. The Hacker Attitude
        1. 1. 1. The world is full of fascinating problems waiting to be solved.
        2. 2. 2. No problem should ever have to be solved twice.
        3. 3. 3. Boredom and drudgery are evil.
        4. 4. 4. Freedom is good.
        5. 5. 5. Attitude is no substitute for competence.
    4. Preface
      1. How This Book is Organized
      2. How to Use This Book
      3. Conventions Used in This Book
      4. How to Contact Us
      5. Gotta Hack?
      6. Credits
      7. Acknowledgments
    5. 1. Server Basics
      1. 1.1. Hacks #1-22
      2. Hack #1. Removing Unnecessary Services
        1. 1.1. See also:
      3. Hack #2. Forgoing the Console Login
      4. Hack #3. Common Boot Parameters
        1. 37. See also:
      5. Hack #4. Creating a Persistent Daemon with init
        1. 4.1. See also:
      6. Hack #5. n>&m: Swap Standard Output and Standard Error
      7. Hack #6. Building Complex Command Lines
        1. 6.1. Hacking the Hack
      8. Hack #7. Working with Tricky Files in xargs
        1. 7.1. Listing: albumize
      9. Hack #8. Immutable Files in ext2/ext3
      10. Hack #9. Speeding Up Compiles
      11. Hack #10. At Home in Your Shell Environment
      12. Hack #11. Finding and Eliminating setuid/setgid Binaries
      13. Hack #12. Make sudo Work Harder
      14. Hack #13. Using a Makefile to Automate Admin Tasks
        1. 13.1. Listing: Makefile.mail
        2. 13.2. Listing: Makefile.push
      15. Hack #14. Brute Forcing Your New Domain Name
      16. Hack #15. Playing Hunt the Disk Hog
      17. Hack #16. Fun with /proc
      18. Hack #17. Manipulating Processes Symbolically with procps
        1. 17.1. See also:
      19. Hack #18. Managing System Resources per Process
        1. 18.1. See also:
      20. Hack #19. Cleaning Up after Ex-Users
      21. Hack #20. Eliminating Unnecessary Drivers from the Kernel
        1. 20.1. See also:
      22. Hack #21. Using Large Amounts of RAM
      23. Hack #22. hdparm: Fine Tune IDE Drive Parameters
    6. 2. Revision Control
      1. 2.1. Hacks #23-36
      2. Hack #23. Getting Started with RCS
      3. Hack #24. Checking Out a Previous Revision in RCS
      4. Hack #25. Tracking Changes with rcs2log
      5. Hack #26. Getting Started with CVS
        1. 26.1. Typical Uses
        2. 26.2. Creating a Repository
        3. 26.3. Importing a New Module
        4. 26.4. Environment Variables
        5. 26.5. See Also:
      6. Hack #27. CVS: Checking Out a Module
      7. Hack #28. CVS: Updating Your Working Copy
      8. Hack #29. CVS: Using Tags
      9. Hack #30. CVS: Making Changes to a Module
      10. Hack #31. CVS: Merging Files
      11. Hack #32. CVS: Adding and Removing Files and Directories
        1. 32.1. Removing Files
        2. 32.2. Removing Directories
      12. Hack #33. CVS: Branching Development
      13. Hack #34. CVS: Watching and Locking Files
      14. Hack #35. CVS: Keeping CVS Secure
        1. 35.1. Remote Repositories
        2. 35.2. Permissions
        3. 35.3. Developer Machines
      15. Hack #36. CVS: Anonymous Repositories
        1. 36.1. Creating an Anonymous Repository
        2. 36.2. Installing pserver
        3. 36.3. Using a Remote pserver
    7. 3. Backups
      1. 3.1. Hacks #37-44
      2. Hack #37. Backing Up with tar over ssh
        1. 37.1. See also:
      3. Hack #38. Using rsync over ssh
        1. 38.1. See also:
      4. Hack #39. Archiving with Pax
        1. 39.1. Creating Archives
        2. 39.2. Expanding Archives
        3. 39.3. Interactive Restores
        4. 39.4. Recursively Copy a Directory
        5. 39.5. Incremental Backups
        6. 39.6. Skipping Files on Restore
        7. 39.7. See also:
      5. Hack #40. Backing Up Your Boot Sector
        1. 40.1. See also:
      6. Hack #41. Keeping Parts of Filesystems in sync with rsync
        1. 41.1. Listing: Balance-push.sh
      7. Hack #42. Automated Snapshot-Style Incremental Backups with rsync
        1. 42.1. Extensions: Hourly, Daily, and Weekly Snapshots
        2. 42.2. Listing: make_snapshot.sh
        3. 42.3. Listing: Daily_snapshot_rotate.sh
        4. 42.4. Sample Output of ls -l /snapshot/home
        5. 42.5. See also:
      8. Hack #43. Working with ISOs and CDR/CDRWs
        1. 43.1. See also:
      9. Hack #44. Burning a CD Without Creating an ISO File
    8. 4. Networking
      1. 4.1. Hacks #45-53
      2. Hack #45. Creating a Firewall from the Command Line of any Server
        1. 45.1. See also:
      3. Hack #46. Simple IP Masquerading
        1. 46.1. See also:
      4. Hack #47. iptables Tips & Tricks
        1. 47.1. Advanced iptables Features
        2. 47.2. See also:
      5. Hack #48. Forwarding TCP Ports to Arbitrary Machines
        1. 48.1. See also:
      6. Hack #49. Using Custom Chains in iptables
        1. 49.1. See also:
      7. Hack #50. Tunneling: IPIP Encapsulation
        1. 50.1. See also:
      8. Hack #51. Tunneling: GRE Encapsulation
        1. 51.1. See also:
      9. Hack #52. Using vtun over ssh to Circumvent NAT
        1. 52.1. See also:
      10. Hack #53. Automatic vtund.conf Generator
        1. 53.1. Listing: vtundconf
    9. 5. Monitoring
      1. 5.1. Hacks #54-65
      2. Hack #54. Steering syslog
        1. 54.1. Mark Who?
        2. 54.2. Remote Logging
      3. Hack #55. Watching Jobs with watch
        1. 55.1. See also:
      4. Hack #56. What's Holding That Port Open?
      5. Hack #57. Checking On Open Files and Sockets with lsof
        1. 57.1. See also:
      6. Hack #58. Monitor System Resources with top
        1. 58.1. See also:
      7. Hack #59. Constant Load Average Display in the Titlebar
        1. 59.1. Listing: tl
      8. Hack #60. Network Monitoring with ngrep
        1. 60.1. Listing: go-ogle
        2. 60.2. See also:
      9. Hack #61. Scanning Your Own Machines with nmap
        1. 61.1. See also:
      10. Hack #62. Disk Age Analysis
        1. 62.1. Listing: diskage
      11. Hack #63. Cheap IP Takeover
        1. 63.1. Listing: takeover
        2. 63.2. See also:
      12. Hack #64. Running ntop for Real-Time Network Stats
        1. 64.1. See also:
      13. Hack #65. Monitoring Web Traffic in Real Time with httptop
        1. 65.1. Listing: httptop
    10. 6. SSH
      1. 6.1. Hacks #66-71
      2. Hack #66. Quick Logins with ssh Client Keys
        1. 66.1. Security Concerns
        2. 66.2. See Also:
      3. Hack #67. Turbo-mode ssh Logins
        1. 67.1. See also:
      4. Hack #68. Using ssh-Agent Effectively
      5. Hack #69. Running the ssh-Agent in a GUI
        1. 69.1. See Also:
      6. Hack #70. X over ssh
        1. 70.1. See also:
      7. Hack #71. Forwarding Ports over ssh
        1. 71.1. See also:
    11. 7. Scripting
      1. 7.1. Hacks #72-75
      2. Hack #72. Get Settled in Quickly with movein.sh
        1. 72.1. Listing: movein.sh
        2. 72.2. See also:
      3. Hack #73. Global Search and Replace with Perl
        1. 73.1. See also:
      4. Hack #74. Mincing Your Data into Arbitrary Chunks (in bash)
        1. 74.1. Listing: mince
      5. Hack #75. Colorized Log Analysis in Your Terminal
    12. 8. Information Servers
      1. 8.1. Hacks #76-100
      2. Hack #76. Running BIND in a chroot Jail
        1. 76.1. See also:
      3. Hack #77. Views in BIND 9
        1. 77.1. Basic Syntax
        2. 77.2. Defining Zones in Views
        3. 77.3. Views in Slave Name Servers
      4. Hack #78. Setting Up Caching DNS with Authority for Local Domains
        1. 78.1. See also:
      5. Hack #79. Distributing Server Load with Round-Robin DNS
        1. 79.1. See also:
      6. Hack #80. Running Your Own Top-Level Domain
      7. Hack #81. Monitoring MySQL Health with mtop
        1. 81.1. See also:
      8. Hack #82. Setting Up Replication in MySQL
        1. 82.1. See also:
      9. Hack #83. Restoring a Single Table from a Large MySQL Dump
      10. Hack #84. MySQL Server Tuning
        1. 84.1. See also:
      11. Hack #85. Using proftpd with a mysql Authentication Source
        1. 85.1. See also:
      12. Hack #86. Optimizing glibc, linuxthreads, and the Kernel for a Super MySQL Server
        1. 86.1. Step 1: Build glib
        2. 86.2. Step 2: The Kernel
        3. 86.3. Step 3: Build a New MySQL
        4. 86.4. Step 4: Expand the Maximum Filehandles at Boot
      13. Hack #87. Apache Toolbox
        1. 87.1. See Also:
      14. Hack #88. Display the Full Filename in Indexes
      15. Hack #89. Quick Configuration Changes with IfDefine
      16. Hack #90. Simplistic Ad Referral Tracking
        1. 90.1. Listing: referral-report.pl
      17. Hack #91. Mimicking FTP Servers with Apache
      18. Hack #92. Rotate and compress Apache Server Logs
        1. 92.1. Listing: logflume.pl
      19. Hack #93. Generating an SSL cert and Certificate Signing Request
        1. 93.1. See also:
      20. Hack #94. Creating Your Own CA
        1. 94.1. See also:
      21. Hack #95. Distributing Your CA to Client Browsers
        1. 95.1. See also:
      22. Hack #96. Serving multiple sites with the same DocumentRoot
      23. Hack #97. Delivering Content Based on the Query String Using mod_rewrite
        1. 97.1. See also:
      24. Hack #98. Using mod_proxy on Apache for Speed
      25. Hack #99. Distributing Load with Apache RewriteMap
        1. 99.1. See Also:
      26. Hack #100. Ultrahosting: Mass Web Site Hosting with Wildcards, Proxy, and Rewrite
    13. About the Author
    14. Colophon
    15. SPECIAL OFFER: Upgrade this ebook with O’Reilly