You are previewing BSD Hacks.
O'Reilly logo
BSD Hacks

Book Description

In the world of Unix operating systems, the various BSDs come with a long heritage of high-quality software and well-designed solutions, making them a favorite OS of a wide range of users. Among budget-minded users who adopted BSD early on to developers of some of today's largest Internet sites, the popularity of BSD systems continues to grow. If you use the BSD operating system, then you know that the secret of its success is not just in its price tag: practical, reliable, extraordinarily stable and flexible, BSD also offers plenty of fertile ground for creative, time-saving tweaks and tricks, and yes, even the chance to have some fun. "Fun?" you ask. Perhaps "fun" wasn't covered in the manual that taught you to install BSD and administer it effectively. But BSD Hacks, the latest in O'Reilly's popular Hacks series, offers a unique set of practical tips, tricks, tools--and even fun--for administrators and power users of BSD systems. BSD Hacks takes a creative approach to saving time and getting more done, with fewer resources. You'll take advantage of the tools and concepts that make the world's top Unix users more productive. Rather than spending hours with a dry technical document learning what switches go with a command, you'll learn concrete, practical uses for that command. The book begins with hacks to customize the user environment. You'll learn how to be more productive in the command line, timesaving tips for setting user-defaults, how to automate long commands, and save long sessions for later review. Other hacks in the book are grouped in the following areas:

  • Customizing the User Environment

  • Dealing with Files and Filesystems

  • The Boot and Login Environments

  • Backing Up

  • Networking Hacks

  • Securing the System

  • Going Beyond the Basics

  • Keeping Up-to-Date

  • Grokking BSD

  • If you want more than your average BSD user--you want to explore and experiment, unearth shortcuts, create useful tools, and come up with fun things to try on your own--BSD Hacks is a must-have. This book will turn regular users into power users and system administrators into super system administrators.

    Table of Contents

    1. Special Upgrade Offer
    2. Credits
      1. About the Author
      2. Contributors
      3. Acknowledgments
    3. Preface
      1. Why BSD Hacks?
      2. How to Use this Book
      3. How This Book Is Organized
      4. Conventions Used in This Book
      5. Using Code Examples
      6. We’d Like to Hear from You
    4. 1. Customizing the User Environment
      1. Introduction
      2. 1. Get the Most Out of the Default Shell
        1. History and Auto-Completion
        2. Editing and Navigating the Command Line
        3. Learning from Your Command History
        4. Silencing Auto-Complete
        5. See Also
      3. 2. Useful tcsh Shell Configuration File Options
        1. Making Your Prompt More Useful
        2. Setting Shell Variables
      4. 3. Create Shell Bindings
        1. Creating a Binding
        2. Specifying Strings
        3. See Also
      5. 4. Use Terminal and X Bindings
        1. Creating Temporary Mappings
        2. Shell Bindings Versus Terminal Bindings
        3. More Mapping Caveats
        4. Making Mappings Work with X
        5. See Also
      6. 5. Use the Mouse at a Terminal
        1. If X Is Already Installed
          1. Configuring a two-button mouse
        2. If X Is Not Installed
        3. See Also
      7. 6. Get Your Daily Dose of Trivia
        1. A Fortune a Day
        2. Pursuing Trivia
        3. Sundry Amusements
          1. The current time
          2. The phase of the moon
        4. Adding Some Color to Your Terminal
        5. See Also
      8. 7. Lock the Screen
        1. Using lock
        2. Using autologout
        3. Enforcing Logout
        4. See Also
      9. 8. Create a Trash Directory
        1. Shell Scripting for the Impatient
        2. The Code
        3. Replacing rm with ~/bin/trash
        4. Running the Code Safely
        5. Taking Out the Trash
        6. Hacking the Hack
      10. 9. Customize User Configurations
        1. Default Files
          1. dot.cshrc
          2. dot.login
          3. dot.login_conf
          4. dot.mail_aliases and dot.mailrc
          5. dot.profile
          6. dot.rhosts
          7. dot.shrc
        2. Missing (but Useful) Dot Files
          1. dot.logout
          2. dot.xinitrc
        3. Editing /usr/src/share/skel/Makefile
        4. The Other BSDs
          1. NetBSD
          2. OpenBSD
        5. See Also
      11. 10. Maintain Your Environment on Multiple Systems
        1. Enter unison
        2. Using unison
        3. Automating the Process
        4. Creating Portable Files
        5. See Also
      12. 11. Use an Interactive Shell
        1. Recording All Shell Input and Output
        2. Cleaning Up script Files
        3. Recording an Interactive Shell Session
        4. Letting Other People Watch Your Live Shell Sessions
        5. See Also
      13. 12. Use Multiple Screens on One Terminal
        1. What Is screen?
        2. Getting Started
        3. Multitasking with screen
          1. Using windows with screen
          2. Switching between windows
          3. Splitting windows
          4. Better window switching
          5. Naming windows
        4. Attaching and Deattaching
        5. Additional Features
        6. See Also
    5. 2. Dealing with Files and Filesystems
      1. Introduction
      2. 13. Find Things
        1. Finding Program Paths
        2. Finding Commands
        3. Finding Words
        4. See Also
      3. 14. Get the Most Out of grep
        1. Finding Text
        2. Searching by Relevance
        3. Document Extracts
        4. Using Regular Expressions
        5. Combining grep with Other Commands
        6. See Also
      4. 15. Manipulate Files with sed
        1. Removing Blank Lines
        2. Searching with sed
        3. Replacing Existing Text
        4. Multiple Transformations
        5. See Also
      5. 16. Format Text at the Command Line
        1. Adding Comments to Source Code
        2. Removing Comments
        3. Using the Holding Space to Mark Text
        4. Translating Case
        5. Translating Characters
        6. Removing Duplicate Line Feeds
        7. Deleting Characters
        8. Translating Tabs to Spaces
        9. See Also
      6. 17. Delimiter Dilemma
        1. Attacking the Problem
        2. The Code
        3. Hacking the Hack
        4. See Also
      7. 18. DOS Floppy Manipulation
        1. Mounting a Floppy
        2. Common Error Messages
        3. Managing the Floppy
        4. Allowing Regular Users to Mount Floppies
        5. Formatting Floppies
        6. Automating the Format Process
        7. See Also
      8. 19. Access Windows Shares Without a Server
        1. Installing and Configuring Sharity-Light
        2. Accessing Microsoft Shares
        3. See Also
      9. 20. Deal with Disk Hogs
        1. Periodic Scripts
          1. daily_clean_disks
          2. daily_clean_tmps
          3. daily_clean_preserve
        2. Limiting Files
        3. The Other BSDs
          1. NetBSD
          2. OpenBSD
        4. See Also
      10. 21. Manage Temporary Files and Swap Space
        1. Clearing /tmp
        2. Moving /tmp to RAM
        3. Creating a Swap File on Disk
        4. Monitoring Swap Changes
        5. OpenBSD Differences
        6. See Also
      11. 22. Recreate a Directory Structure Using mtree
        1. Necessary Interaction
        2. Using mtree
        3. Customizing mtree
        4. See Also
      12. 23. Ghosting Systems
        1. Creating the Ghost Disk
        2. Creating an Image
        3. Deploying the Image
        4. See Also
    6. 3. The Boot and Login Environments
      1. Introduction
      2. 24. Customize the Default Boot Menu
        1. The Default Boot Menu
        2. Configuring the Splash Screen
        3. The Terminal Screensaver
        4. See Also
      3. 25. Protect the Boot Process
        1. Limiting Unauthorized Reboots
        2. Password Protecting Single-User Mode
        3. Password Protecting loader
        4. See Also
      4. 26. Run a Headless System
        1. Preparing the System
        2. If the Headless System Becomes Inaccessible
        3. See Also
      5. 27. Log a Headless Server Remotely
        1. Enabling a Serial Console
        2. Setting Up the Logging Server
        3. Setting Up the Headless System
        4. Shutting Down the Server Using wsmoused
        5. Beep on Halt
        6. See Also
      6. 28. Remove the Terminal Login Banner
        1. Changing the Copyright Display
        2. Changing the Message of the Day
        3. Changing the Login Prompt
        4. Testing Your Changes
        5. See Also
      7. 29. Protecting Passwords With Blowfish Hashes
        1. Protecting System Passwords in General
        2. Protecting System Passwords with Blowfish
          1. Converting existing passwords
          2. Forcing new passwords to use Blowfish
        3. See Also
      8. 30. Monitor Password Policy Compliance
        1. Installing and Using crack
          1. Monitoring the results
          2. Cleanup
        2. Customizing Password Dictionaries
        3. See Also
      9. 31. Create an Effective, Reusable Password Policy
        1. Introducing pam_passwdqc
        2. Enabling pam_passwdqc
        3. Adding Your Own Options
        4. Additional Configuration
        5. See Also
      10. 32. Automate Memorable Password Generation
        1. Installing and Using apg
        2. Improving apg
        3. Script Walkthrough
        4. See Also
      11. 33. Use One Time Passwords
        1. Configuring OPIE
        2. Generating Responses
        3. Choosing When to Use OTP
        4. See Also
      12. 34. Restrict Logins
        1. /etc/ttys
        2. /etc/login.access
        3. /etc/ssh/sshd_config
        4. /etc/login.conf
        5. See Also
    7. 4. Backing Up
      1. Introduction
      2. 35. Back Up FreeBSD with SMBFS
        1. Adding NETSMB Kernel Support
        2. Establishing an SMB Connection with a Host System
        3. Mounting a Share
        4. Archiving and Compressing Data with tar and gzip
        5. Hacking the Hack
        6. See Also
      3. 36. Create Portable POSIX Archives
        1. GNU Versus POSIX tar
        2. Replacing tar with pax
        3. Compress Archives Without Using Intermediate Files
        4. Attribute-Preserving Copies
        5. Rooted Archives and the Substitution Argument
        6. Useful Resources for Multiple Volume Archives
        7. See Also
      4. 37. Interactive Copy
        1. Finding Your Source Files
        2. Renaming a Batch of Source Files
        3. Renaming Files Interactively
        4. See Also
      5. 38. Secure Backups Over a Network
        1. Initial Preparation
        2. The Backup
          1. Automating the backup
        3. See Also
      6. 39. Automate Remote Backups
        1. Installing and Configuring rsnapshot
          1. Specifying backup intervals
          2. Preparing for script automation
          3. Testing your config file
          4. Scheduling rsnapshot
        2. The Snapshot Storage Scheme
        3. Accessing Snapshots
        4. See Also
      7. 40. Automate Data Dumps for PostgreSQL Databases
        1. Creating the Script
        2. The Code
        3. Running the Hack
        4. See Also
      8. 41. Perform Client-Server Cross-Platform Backups with Bacula
        1. Introducing Bacula
        2. Installation
        3. Configuration Files
          1. File Daemon on the backup client
          2. Storage Daemon on the backup server
          3. Director on the backup server
        4. Database Setup
        5. Testing Your Tape Drive
        6. Running Without Root
        7. Starting the Bacula Daemons
        8. Using the Bacula Console
        9. Creating Backup Schedules
        10. Creating a Client-only Install
        11. See Also
    8. 5. Networking Hacks
      1. Introduction
      2. 42. See Console Messages Over a Remote Login
        1. The Console
        2. Seeing Remote Console Messages
        3. An Alternate Method
        4. Hacking the Hack
        5. See Also
      3. 43. Spoof a MAC Address
        1. Spoofing on FreeBSD
        2. Spoofing on NetBSD
        3. Spoofing with OpenBSD
        4. See Also
      4. 44. Use Multiple Wireless NIC Configurations
        1. Initial Preparation
        2. Preparing the Script
        3. The Code
        4. Running the Hack
        5. Hacking the Hack
        6. See Also
      5. 45. Survive Catastrophic Internet Loss
        1. Hardware Configuration
        2. Connectivity Software
        3. Jabber and Ruby to the Rescue!
        4. The Last Piece
        5. See Also
      6. 46. Humanize tcpdump Output
        1. The Basics
        2. Display Filters
        3. More Complicated Filters
        4. Deciphering tcpdump Output
        5. See Also
      7. 47. Understand DNS Records and Tools
        1. Exploring Your ISP’s DNS
          1. Understanding DNS entries
        2. Securing DNS
          1. The two-pronged approach
          2. Testing DNS
        3. See Also
      8. 48. Send and Receive Email Without a Mail Client
        1. Sending Email with telnet
        2. Testing for Relaying
        3. Testing SMTP Server Availability
        4. Reading Email with telnet
        5. Security Considerations
        6. See Also
      9. 49. Why Do I Need sendmail?
        1. Closing Port 25
        2. Simple sendmail Configuration with a Local MTA
        3. Simple sendmail Configuration Without a Local MTA
        4. See Also
      10. 50. Hold Email for Later Delivery
        1. Configuring sendmail Queueing
        2. Configuring PPP
        3. Dealing with DNS
        4. See Also
      11. 51. Get the Most Out of FTP
        1. Automating Logins
        2. Automating Transfers
        3. Scripting an Entire Session
        4. A Better FTP?
        5. See Also
      12. 52. Distributed Command Execution
        1. The Obvious Approach
        2. How tentakel Can Help
        3. Installing and Configuring tentakel
        4. Using tentakel
        5. See Also
      13. 53. Interactive Remote Administration
        1. Why ClusterIt?
        2. Installation and Configuration
        3. Testing Noninteractive Commands
        4. Using dvt
        5. Hacking the Hack
        6. See Also
    9. 6. Securing the System
      1. Introduction
      2. 54. Strip the Kernel
        1. Customizing Your Kernel
          1. CPU options
          2. System-specific options
          3. Supported buses and media devices
          4. Peripheral support and power management
          5. Interface support
          6. USB support
        2. Building the New Kernel
        3. Keeping Track of Your Options
        4. Installing the New Kernel
        5. See Also
      3. 55. FreeBSD Access Control Lists
        1. Enabling ACLs
        2. Additional UFS1 Configuration
        3. Viewing ACLs
        4. Adding and Subtracting ACLs
        5. Using ACLs with Samba and Windows
        6. Setting Default ACLs
        7. See Also
      4. 56. Protect Files with Flags
        1. Preventing File Changes
        2. Watch Your Directories
        3. Preventing Some Changes and Allowing Others
        4. Log Protection
        5. Protecting Binaries
        6. Controlling Backups
        7. See Also
      5. 57. Tighten Security with Mandatory Access Control
        1. Preparing the System
        2. Seeing Other Users
        3. Quickly Disable All Interfaces
        4. See Also
      6. 58. Use mtree as a Built-in Tripwire
        1. Creating the Integrity Database
        2. Preparing the Database for Storage
        3. Using the Integrity Database
        4. Deciding on Which Files to Include
        5. See Also
      7. 59. Intrusion Detection with Snort, ACID, MySQL, and FreeBSD
        1. Installing the Software
          1. Install PHP4, Apache, and MySQL
          2. Install MySQL-server
          3. More installations
        2. Configuring
          1. Configure Apache and PHP
          2. Configure PHP
          3. Configure MySQL
          4. Configure Snort
          5. Configure ACID
        3. Running ACID
        4. Running Snort
        5. Hacking the Hack
        6. See Also
      8. 60. Encrypt Your Hard Disk
        1. The Cryptographic Disk Device
        2. Preparing the Disk
        3. Scrubbing the Disk
        4. Creating the Encrypted Disk Device
        5. Modifying Configuration Files
        6. Restoring Data
        7. Hacking the Hack
        8. Final Thoughts and Warnings
        9. See Also
      9. 61. Sudo Gotchas
        1. Limitations of sudo
        2. sudo Configuration Gotchas
        3. Shell Access with sudo
        4. See Also
      10. 62. sudoscript
        1. sudoscript Overview
        2. Is sudoscript Secure?
        3. Using sudoscript
        4. The sudoscript Log File
        5. See Also
      11. 63. Restrict an SSH server
        1. Installing scponly
        2. Testing the chroot
        3. Now What?
        4. See Also
      12. 64. Script IP Filter Rulesets
        1. Limiting Access with IP Filter
        2. Switching Rules on a Schedule
        3. Hacking the Hack
        4. See Also
      13. 65. Secure a Wireless Network Using PF
        1. DHCP Configuration
        2. PF Configuration
        3. Apache Configuration
        4. Putting it All Together
        5. Security Concerns
        6. Hacking the Hack
        7. See Also
      14. 66. Automatically Generate Firewall Rules
        1. What the Script Does
        2. Installation
        3. Example Usage
        4. See Also
      15. 67. Automate Security Patches
        1. Preparing the Script
        2. Running the Hack
        3. Automating the Process
        4. See Also
      16. 68. Scan a Network of Windows Computers for Viruses
        1. Preparing the Windows Systems
        2. Preparing the FreeBSD System
        3. Installing and Running the Virus Scanner
        4. Automating the Process
        5. See Also
    10. 7. Going Beyond the Basics
      1. Introduction
      2. 69. Tune FreeBSD for Different Applications
        1. Optimizing Software Compiling
        2. Kernel Optimizations
        3. Optimizing Network Performance
        4. Optimizing Mail Servers
        5. Optimizing File Servers
        6. Optimizing Web Servers
        7. See Also
      3. 70. Traffic Shaping on FreeBSD
        1. Configuring Your Kernel for Traffic Shaping
        2. Creating Pipes and Queues
        3. Using Masks
        4. Simple Configurations
        5. Complex Configurations
        6. See Also
      4. 71. Create an Emergency Repair Kit
        1. Inventory of the Kit
        2. Preparing the Floppies
        3. The Rest of the Kit
        4. Testing the Recovery Media
        5. See Also
      5. 72. Use the FreeBSD Recovery Process
        1. Using the fixit Floppy
        2. Using the Live Filesystem
        3. Emergency Repair
        4. See Also
      6. 73. Use the GNU Debugger to Analyze a Buffer Overflow
        1. An Example Exploit
        2. Using the GNU Debugger
        3. Hacking the Hack
        4. See Also
      7. 74. Consolidate Web Server Logs
        1. logproc Described
        2. Preparing the Web Servers
        3. Preparing the Log Host
        4. Testing the Configuration
        5. Configuring Scripts on the Log Host
        6. Viewing Live Log Data
        7. See Also
      8. 75. Script User Interaction
        1. The Key Generation Process
        2. A Simple Script
        3. Adding User Interaction
        4. Handling Incorrect Input
        5. Hacking the Hack
        6. See Also
      9. 76. Create a Trade Show Demo
        1. Introducing eesh
        2. Discovering Commands
        3. Sample Scripts
        4. More Complex Scripts
        5. See Also
    11. 8. Keeping Up-to-Date
      1. Introduction
      2. 77. Automated Install
        1. Preparing the Install Script
        2. Test-Drive
        3. See Also
      3. 78. FreeBSD from Scratch
        1. Stage One: System Installation
        2. Stage Two: Ports Installation
        3. Stage Three: Post-Configuration
        4. See Also
      4. 79. Safely Merge Changes to /etc
        1. Initial Preparations
        2. Using etcmerge
        3. See Also
      5. 80. Automate Updates
        1. Assembling the Pieces
        2. An Example Dry Run
        3. Automating the Process
        4. See Also
      6. 81. Create a Package Repository
        1. Creating Custom Packages
        2. Creating the NFS Share
        3. See Also
      7. 82. Build a Port Without the Ports Tree
        1. Connecting to Anonymous CVS
        2. Checking Out Port Skeletons
        3. Finding a Port and Its Dependencies
        4. See Also
      8. 83. Keep Ports Up-to-Date with CTM
        1. Using ftp and ctm to Stay Current
        2. Hacking the Hack
        3. See Also
      9. 84. Navigate the Ports System
        1. Finding the Right Port
        2. Dealing with Installed Ports
        3. Checking Dependencies Before Uninstalling
        4. Checking the Disk Space Your Ports Use
        5. See Also
      10. 85. Downgrade a Port
        1. Using portdowngrade
        2. Preventing Automated Re-Upgrades
        3. See Also
      11. 86. Create Your Own Startup Scripts
        1. Was a Script Installed?
        2. Creating Your Own Startup Script
        3. Testing the Script
        4. Hacking the Hack
        5. See Also
      12. 87. Automate NetBSD Package Builds
        1. Installing pkg_comp
        2. Configuration Variables
        3. Initializing and Using the Sandbox
        4. Automating the Process
        5. Hacking the Hack
        6. See Also
      13. 88. Easily Install Unix Applications on Mac OS X
        1. Installing DarwinPorts
        2. Finding Ports to Install
        3. Installing Ports
        4. Updating the Ports Tree
        5. See Also
    12. 9. Grokking BSD
      1. Introduction
      2. 89. How’d He Know That?
        1. Online Resources
        2. Keeping Offline Resources Up-to-Date
        3. What Did the Manpage Forget to Say?
        4. See Also
      3. 90. Create Your Own Manpages
        1. Manpage Basics
        2. Creating a Manpage
        3. Getting Fancier
        4. Printing Manpages
        5. Hacking the Hack
        6. See Also
      4. 91. Get the Most Out of Manpages
        1. Finding Installed Manpages
        2. Navigational Tricks
        3. Customizing less
        4. Searching Text
        5. See Also
      5. 92. Apply, Understand, and Create Patches
        1. Finding Differences
        2. Applying Patches
        3. Creating Patches
        4. Revision Control
        5. See Also
      6. 93. Display Hardware Information
        1. Viewing Boot Messages
        2. Viewing Resource Information
        3. Gathering Interface Statistics
        4. Viewing Kernel Environment
        5. See Also
      7. 94. Determine Who Is on the System
        1. Who’s on First?
        2. When Did That Happen?
        3. Details, Details
        4. See Also
      8. 95. Spelling Bee
        1. Quick Spellcheck
        2. Creating a Dictionary or Thesaurus
        3. Improved Dictionary
        4. Become a Crossword Champion
        5. See Also
      9. 96. Leave on Time
        1. Don’t Forget to Leave
        2. Creating Terminal Sticky Notes
        3. Saving Your Schedule
        4. See Also
      10. 97. Run Native Java Applications
        1. Choosing Which Java Port to Install
        2. Running Java Applications
        3. Standalone Java Applications
        4. Javavmwrapper
        5. Applets
        6. Servlets
        7. Java WebStart
        8. See Also
      11. 98. Rotate Your Signature
        1. If Your Mail Program Supports a Pipe
        2. Pipeless Signature Rotation
        3. Hacking the Hack
        4. See Also
      12. 99. Useful One-Liners
        1. Simultaneously Download and Untar
        2. When Did I Change That File?
        3. Finding Symlinks
        4. Making cron More User-Friendly
        5. See Also
      13. 100. Fun with X
        1. Seeing Console Messages
        2. Managing Your Clipboard
        3. Sending Pop-up Messages
          1. Understanding X authorization
        4. Taking Screenshots
        5. See Also
    13. Index
    14. About the Author
    15. Special Upgrade Offer
    16. Copyright