You are previewing Linux Administration Handbook, Second Edition.
O'Reilly logo
Linux Administration Handbook, Second Edition

Book Description

“As this book shows, Linux systems are just as functional, secure, and reliable as their proprietary counterparts. Thanks to the ongoing efforts of thousands of Linux developers, Linux is more ready than ever for deployment at the frontlines of the real world. The authors of this book know that terrain well, and I am happy to leave you in their most capable hands.”
—Linus Torvalds

“The most successful sysadmin book of all time—because it works!”
—Rik Farrow, editor of ;login:

“This book clearly explains current technology with the perspective of decades of experience in large-scale system administration. Unique and highly recommended.”
—Jonathan Corbet, cofounder, LWN.net

“Nemeth et al. is the overall winner for Linux administration: it’s intelligent, full of insights, and looks at the implementation of concepts.”
—Peter Salus, editorial director, Matrix.net

Since 2001, Linux Administration Handbook has been the definitive resource for every Linux® system administrator who must efficiently solve technical problems and maximize the reliability and performance of a production environment. Now, the authors have systematically updated this classic guide to address today’s most important Linux distributions and most powerful new administrative tools.

The authors spell out detailed best practices for every facet of system administration, including storage management, network design and administration, web hosting, software configuration management, performance analysis, Windows interoperability, and much more. Sysadmins will especially appreciate the thorough and up-to-date discussions of such difficult topics such as DNS, LDAP, security, and the management of IT service organizations.

Linux® Administration Handbook, Second Edition, reflects the current versions of these leading distributions:

  • Red Hat® Enterprise Linux®

  • FedoraTM Core

  • SUSE® Linux Enterprise

  • Debian® GNU/Linux

  • Ubuntu® Linux

  • Sharing their war stories and hard-won insights, the authors capture the behavior of Linux systems in the real world, not just in ideal environments. They explain complex tasks in detail and illustrate these tasks with examples drawn from their extensive hands-on experience.

    Table of Contents

    1. Title Page
    2. Copyright Page
    3. Contents
    4. Foreword to the First Edition
    5. Preface
      1. Our example distributions
      2. The organization of this book
      3. Our contributors
      4. Contact information
    6. Acknowledgments
    7. Section One: Basic Administration
      1. 1. Where to Start
        1. 1.1. Suggested background
        2. 1.2. Linux’s relationship to UNIX
        3. 1.3. Linux in historical context
        4. 1.4. Linux distributions
        5. 1.5. Notation and typographical conventions
        6. 1.6. Where to go for information
        7. 1.7. How to find and install software
        8. 1.8. Essential tasks of the system administrator
        9. 1.9. System administration under duress
        10. 1.10. Recommended reading
        11. 1.11. Exercises
      2. 2. Booting and Shutting Down
        1. 2.1. Bootstrapping
        2. 2.2. Booting PCs
        3. 2.3. Using boot loaders: LILO and GRUB
        4. 2.4. Booting single-user mode
        5. 2.5. Working with startup scripts
        6. 2.6. Rebooting and shutting down
        7. 2.7. Exercises
      3. 3. Rootly Powers
        1. 3.1. Ownership of files and processes
        2. 3.2. The superuser
        3. 3.3. Choosing a root password
        4. 3.4. Becoming root
        5. 3.5. Other pseudo-users
        6. 3.6. Exercises
      4. 4. Controlling Processes
        1. 4.1. Components of a process
        2. 4.2. The life cycle of a process
        3. 4.3. Signals
        4. 4.4. kill and killall: send signals
        5. 4.5. Process states
        6. 4.6. nice and renice: influence scheduling priority
        7. 4.7. ps: monitor processes
        8. 4.8. top: monitor processes even better
        9. 4.9. The /proc filesystem
        10. 4.10. strace: trace signals and system calls
        11. 4.11. Runaway processes
        12. 4.12. Recommended reading
        13. 4.13. Exercises
      5. 5. The Filesystem
        1. 5.1. Pathnames
        2. 5.2. Filesystem mounting and unmounting
        3. 5.3. The organization of the file tree
        4. 5.4. File types
        5. 5.5. File attributes
        6. 5.6. Access control lists
        7. 5.7. Exercises
      6. 6. Adding New Users
        1. 6.1. The /etc/passwd file
        2. 6.2. The /etc/shadow file
        3. 6.3. The /etc/group file
        4. 6.4. Adding users
        5. 6.5. Removing users
        6. 6.6. Disabling logins
        7. 6.7. Managing accounts
        8. 6.8. Exercises
      7. 7. Adding a Disk
        1. 7.1. Disk interfaces
        2. 7.2. Disk geometry
        3. 7.3. Linux filesystems
        4. 7.4. An overview of the disk installation procedure
        5. 7.5. hdparm: set IDE interface parameters
        6. 7.6. fsck: check and repair filesystems
        7. 7.7. Adding a disk: a step-by-step guide
        8. 7.8. Advanced disk management: RAID and LVM
        9. 7.9. Mounting USB drives
        10. 7.10. Exercises
      8. 8. Periodic Processes
        1. 8.1. cron: schedule commands
        2. 8.2. The format of crontab files
        3. 8.3. Crontab management
        4. 8.4. Some common uses for cron
        5. 8.5. Other schedulers: anacron and fcron
        6. 8.6. Exercises
      9. 9. Backups
        1. 9.1. Motherhood and apple pie
        2. 9.2. Backup devices and media
        3. 9.3. Setting up an incremental backup regime with dump
        4. 9.4. Restoring from dumps with restore
        5. 9.5. Dumping and restoring for upgrades
        6. 9.6. Using other archiving programs
        7. 9.7. Using multiple files on a single tape
        8. 9.8. Bacula
        9. 9.9. Commercial backup products
        10. 9.10. Recommended reading
        11. 9.11. Exercises
      10. 10. Syslog and Log Files
        1. 10.1. Logging policies
        2. 10.2. Linux log files
        3. 10.3. logrotate: manage log files
        4. 10.4. Syslog: the system event logger
        5. 10.5. Condensing log files to useful information
        6. 10.6. Exercises
      11. 11. Software and Configuration Management
        1. 11.1. Basic Linux installation
        2. 11.2. Diskless clients
        3. 11.3. Package management
        4. 11.4. High-level package management systems
        5. 11.5. Revision control
        6. 11.6. Localization and configuration
        7. 11.7. Configuration management tools
        8. 11.8. Sharing software over NFS
        9. 11.9. Recommended software
        10. 11.10. Recommended reading
        11. 11.11. Exercises
    8. Section Two: Networking
      1. 12. TCP/IP Networking
        1. 12.1. TCP/IP and the Internet
        2. 12.2. Networking road map
        3. 12.3. Packets and encapsulation
        4. 12.4. IP addresses: the gory details
        5. 12.5. Routing
        6. 12.6. ARP: the address resolution protocol
        7. 12.7. Addition of a machine to a network
        8. 12.8. Distribution-specific network configuration
        9. 12.9. DHCP: the Dynamic Host Configuration Protocol
        10. 12.10. Dynamic reconfiguration and tuning
        11. 12.11. Security issues
        12. 12.12. Linux NAT
        13. 12.13. PPP: the Point-to-Point Protocol
        14. 12.14. Linux networking quirks
        15. 12.15. Recommended reading
        16. 12.16. Exercises
      2. 13. Routing
        1. 13.1. Packet forwarding: a closer look
        2. 13.2. Routing daemons and routing protocols
        3. 13.3. Protocols on parade
        4. 13.4. routed: RIP yourself a new hole
        5. 13.5. gated: gone to the dark side
        6. 13.6. Routing strategy selection criteria
        7. 13.7. Cisco routers
        8. 13.8. Recommended reading
        9. 13.9. Exercises
      3. 14. Network Hardware
        1. 14.1. LAN, WAN, or MAN?
        2. 14.2. Ethernet: the common LAN
        3. 14.3. Wireless: nomad’s LAN
        4. 14.4. FDDI: the disappointing, expensive, and outdated LAN
        5. 14.5. ATM: the promised (but sorely defeated) LAN
        6. 14.6. Frame relay: the sacrificial WAN
        7. 14.7. ISDN: the indigenous WAN
        8. 14.8. DSL and cable modems: the people’s WAN
        9. 14.9. Where is the network going?
        10. 14.10. Network testing and debugging
        11. 14.11. Building wiring
        12. 14.12. Network design issues
        13. 14.13. Management issues
        14. 14.14. Recommended vendors
        15. 14.15. Recommended reading
        16. 14.16. Exercises
      4. 15. DNS: The Domain Name System
        1. 15.1. DNS for the impatient: adding a new machine
        2. 15.2. The history of DNS
        3. 15.3. Who needs DNS?
        4. 15.4. The DNS namespace
        5. 15.5. How DNS works
        6. 15.6. What’s new in DNS
        7. 15.7. The DNS database
        8. 15.8. The BIND software
        9. 15.9. Designing your DNS environment
        10. 15.10. BIND client issues
        11. 15.11. BIND server configuration
        12. 15.12. BIND configuration examples
        13. 15.13. Starting named
        14. 15.14. Updating zone files
        15. 15.15. Security issues
        16. 15.16. Testing and debugging
        17. 15.17. Distribution specifics
        18. 15.18. Recommended reading
        19. 15.19. Exercises
      5. 16. The Network File System
        1. 16.1. General information about NFS
        2. 16.2. Server-side NFS
        3. 16.3. Client-side NFS
        4. 16.4. nfsstat: dump NFS statistics
        5. 16.5. Dedicated NFS file servers
        6. 16.6. Automatic mounting
        7. 16.7. Recommended reading
        8. 16.8. Exercises
      6. 17. Sharing System Files
        1. 17.1. What to share
        2. 17.2. nscd: cache the results of lookups
        3. 17.3. Copying files around
        4. 17.4. NIS: the Network Information Service
        5. 17.5. LDAP: the Lightweight Directory Access Protocol
        6. 17.6. Recommended reading
        7. 17.7. Exercises
      7. 18. Electronic Mail
        1. 18.1. Mail systems
        2. 18.2. The anatomy of a mail message
        3. 18.3. Mail philosophy
        4. 18.4. Mail aliases
        5. 18.5. Mailing lists and list wrangling software
        6. 18.6. sendmail: ringmaster of the electronic mail circus
        7. 18.7. sendmail configuration
        8. 18.8. Basic sendmail configuration primitives
        9. 18.9. Fancier sendmail configuration primitives
        10. 18.10. Spam-related features in sendmail
        11. 18.11. Configuration file case study
        12. 18.12. Security and sendmail
        13. 18.13. sendmail performance
        14. 18.14. sendmail statistics, testing, and debugging
        15. 18.15. The Exim Mail System
        16. 18.16. Postfix
        17. 18.17. Recommended reading
        18. 18.18. Exercises
      8. 19. Network Management and Debugging
        1. 19.1. Network troubleshooting
        2. 19.2. ping: check to see if a host is alive
        3. 19.3. traceroute: trace IP packets
        4. 19.4. netstat: get network statistics
        5. 19.5. sar: inspect live interface activity
        6. 19.6. Packet sniffers
        7. 19.7. Network management protocols
        8. 19.8. SNMP: the Simple Network Management Protocol
        9. 19.9. The NET-SMNP agent
        10. 19.10. Network management applications
        11. 19.11. Recommended reading
        12. 19.12. Exercises
      9. 20. Security
        1. 20.1. Is Linux secure?
        2. 20.2. How security is compromised
        3. 20.3. Certifications and standards
        4. 20.4. Security tips and philosophy
        5. 20.5. Security problems in /etc/passwd and /etc/shadow
        6. 20.6. POSIX capabilities
        7. 20.7. Setuid programs
        8. 20.8. Important file permissions
        9. 20.9. Miscellaneous security issues
        10. 20.10. Security power tools
        11. 20.11. Cryptographic security tools
        12. 20.12. Firewalls
        13. 20.13. Linux firewall features: IP tables
        14. 20.14. Virtual private networks (VPNs)
        15. 20.15. Hardened Linux distributions
        16. 20.16. What to do when your site has been attacked
        17. 20.17. Sources of security information
        18. 20.18. Recommended reading
        19. 20.19. Exercises
      10. 21. Web Hosting and Internet Servers
        1. 21.1. Web hosting basics
        2. 21.2. HTTP server installation
        3. 21.3. Virtual interfaces
        4. 21.4. The Secure Sockets Layer (SSL)
        5. 21.5. Caching and proxy servers
        6. 21.6. Anonymous FTP server setup
        7. 21.7. Exercises
    9. Section Three: Bunch O’ Stuff
      1. 22. The X Window System
        1. 22.1. The X display manager
        2. 22.2. Running an X application
        3. 22.3. X server configuration
        4. 22.4. Troubleshooting and debugging
        5. 22.5. A brief note on desktop environments
        6. 22.6. Recommended Reading
        7. 22.7. Exercises
      2. 23. Printing
        1. 23.1. Printers are complicated
        2. 23.2. Printer languages
        3. 23.3. CUPS architecture
        4. 23.4. CUPS server administration
        5. 23.5. Troubleshooting tips
        6. 23.6. Printer practicalities
        7. 23.7. Other printer advice
        8. 23.8. Printing under KDE
        9. 23.9. Recommended reading
        10. 23.10. Exercises
      3. 24. Maintenance and Environment
        1. 24.1. Hardware maintenance basics
        2. 24.2. Maintenance contracts
        3. 24.3. Electronics-handling lore
        4. 24.4. Monitors
        5. 24.5. Memory modules
        6. 24.6. Preventive maintenance
        7. 24.7. Environment
        8. 24.8. Power
        9. 24.9. Racks
        10. 24.10. Data center standards
        11. 24.11. Tools
        12. 24.12. Recommended reading
        13. 24.13. Exercises
      4. 25. Performance Analysis
        1. 25.1. What you can do to improve performance
        2. 25.2. Factors that affect performance
        3. 25.3. System performance checkup
        4. 25.4. Help! My system just got really slow!
        5. 25.5. Recommended reading
        6. 25.6. Exercises
      5. 26. Cooperating with Windows
        1. 26.1. Logging in to a Linux system from Windows
        2. 26.2. Accessing remote desktops
        3. 26.3. Running Windows and Windows-like applications
        4. 26.4. Using command-line tools with Windows
        5. 26.5. Windows compliance with email and web standards
        6. 26.6. Sharing files with Samba and CIFS
        7. 26.7. Sharing printers with Samba
        8. 26.8. Debugging Samba
        9. 26.9. Recommended reading
        10. 26.10. Exercises
      6. 27. Serial Devices
        1. 27.1. The RS-232C standard
        2. 27.2. Alternative connectors
        3. 27.3. Hard and soft carrier
        4. 27.4. Hardware flow control
        5. 27.5. Cable length
        6. 27.6. Serial device files
        7. 27.7. setserial: set serial port parameters
        8. 27.8. Software configuration for serial devices
        9. 27.9. Configuration of hardwired terminals
        10. 27.10. Special characters and the terminal driver
        11. 27.11. stty: set terminal options
        12. 27.12. tset: set options automatically
        13. 27.13. Terminal unwedging
        14. 27.14. Modems
        15. 27.15. Debugging a serial line
        16. 27.16. Other common I/O ports
        17. 27.17. Exercises
      7. 28. Drivers and the Kernel
        1. 28.1. Kernel adaptation
        2. 28.2. Drivers and device files
        3. 28.3. Why and how to configure the kernel
        4. 28.4. Tuning Linux kernel parameters
        5. 28.5. Building a Linux kernel
        6. 28.6. Adding a Linux device driver
        7. 28.7. Loadable kernel modules
        8. 28.8. Hot-plugging
        9. 28.9. Setting bootstrap options
        10. 28.10. Recommended reading
        11. 28.11. Exercises
      8. 29. Daemons
        1. 29.1. init: the primordial process
        2. 29.2. cron and atd: schedule commands
        3. 29.3. xinetd and inetd: manage daemons
        4. 29.4. Kernel daemons
        5. 29.5. Printing daemons
        6. 29.6. File service daemons
        7. 29.7. Administrative database daemons
        8. 29.8. Electronic mail daemons
        9. 29.9. Remote login and command execution daemons
        10. 29.10. Booting and configuration daemons
        11. 29.11. Other network daemons
        12. 29.12. ntpd: time synchronization daemon
        13. 29.13. Exercises
      9. 30. Management, Policy, and Politics
        1. 30.1. Make everyone happy
        2. 30.2. Components of a functional IT organization
        3. 30.3. The role of management
        4. 30.4. The role of administration
        5. 30.5. The role of development
        6. 30.6. The role of operations
        7. 30.7. The work of support
        8. 30.8. Documentation
        9. 30.9. Request-tracking and trouble-reporting systems
        10. 30.10. Disaster recovery
        11. 30.11. Written policy
        12. 30.12. Legal Issues
        13. 30.13. Software patents
        14. 30.14. Standards
        15. 30.15. Linux culture
        16. 30.16. Mainstream Linux
        17. 30.17. Organizations, conferences, and other resources
        18. 30.18. Recommended Reading
        19. 30.19. Exercises
    10. About the Contributors
    11. About the Authors
    12. Colophon
    13. Index