IT training linux administration a beginners guide fifth edition
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (10.6 MB, 689 trang )
Linux Administration:
A Beginner’s Guide
Fifth Edition
WALE SOYINKA
New York Chicago San Francisco
Lisbon London Madrid Mexico City
Milan New Delhi San Juan
Seoul Singapore Sydney Toronto
Copyright © 2009 by The McGraw-Hill Companies. All rights reserved. Manufactured in the United States of America. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by
any means, or stored in a database or retrieval system, without the prior written permission of the publisher.
0-07-154625-1
The material in this eBook also appears in the print version of this title: 0-07-154588-3.
All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked
name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the
trademark. Where such designations appear in this book, they have been printed with initial caps.
McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs. For more information, please contact George Hoare, Special Sales, at or (212) 9044069.
TERMS OF USE
This is a copyrighted work and The McGraw-Hill Companies, Inc. (“McGraw-Hill”) and its licensors reserve all rights in and to the
work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve
one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon,
transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hill’s prior consent. You may
use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work
may be terminated if you fail to comply with these terms.
THE WORK IS PROVIDED “AS IS.” McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS
TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK,
INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE,
AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill and its licensors do not
warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or
error free. Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless
of cause, in the work or for any damages resulting therefrom. McGraw-Hill has no responsibility for the content of any information
accessed through the work. Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been
advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim
or cause arises in contract, tort or otherwise.
DOI: 10.1036/0071545883
“With the right knowledge, Linux can be clear and simple to understand. This
book presents the core fundamentals of Linux in a manner that is very logical
and easy to follow.”
—Greg Kurtzer, CTO, Infiscale, Inc.
“Wale continues to do a great job explaining complex information in a straightforward manner. All newcomers should start their Linux library with this book.”
—Ron Hudson, Senior Field Support Engineer, Intervoice, Inc.
“Wale Soyinka did a stellar job in the fourth edition and he was up for the challenge of making the fifth edition his own. It is with great pleasure I present the
fifth edition of Linux Administration: A Beginners Guide by Wale Soyinka. This
book barely resembles the 500-odd pages written nine years ago in the first edition, and it is without hesitation that I say his new words are for the better.”
—From the Foreword by Steve Shah, original author of
Linux Administration: A Beginner’s Guide
ABOUT THE AUTHOR
Wale Soyinka (Canada) is a systems/network engineering consultant with several years
experience in the field. He has written an extensive library of Linux administration training materials. In addition to being a co-author of the fourth edition of Linux Administration:
A Beginner’s Guide, he is the author of a projects lab manual—Microsoft Windows 2000 Managing Network Environments, which is part of the Microsoft certification series published
by Prentice Hall. Wale participates in several open source discussions and projects. His
latest project is at caffe*nix (www.caffenix.com) where he usually hangs out. caffe*nix is
possibly the world’s first (or only existing) brick-and-mortar store committed and dedicated to prompting and showcasing open source technologies and culture.
ABOUT THE CONTRIBUTING AUTHOR
Steve Shah (San Jose, California) is the chief technology officer (CTO) and co-founder
of Asyncast, where he leads the product strategy and engineering groups. Prior to starting Asyncast, Steve was the founder and principal of RisingEdge Consulting where he
provided strategic marketing services for a number of Silicon Valley infrastructure companies. To earn his chops, Steve grew to be a prominent player in network load balancing, application delivery controllers, and Secure Sockets Layer-virtual private network
(SSL-VPN) markets as the director of product management at NetScaler (acquired by
Citrix) and Array Networks. Before turning into a marketing droid who is eerily comfortable at a Unix command prompt, Steve was a senior software engineer and systems
administrator at numerous companies. Steve holds a bachelor of science (BS) in computer science with a minor in creative writing and a master in science (MS) in computer
science from University of California Riverside.
ABOUT THE TECHNICAL EDITOR
Dr. Ibrahim Haddad is director of technology at Motorola, Inc. and is responsible for
defining and developing the requirements for Motorola’s open source initiatives. Prior
to Motorola, Dr. Haddad managed the carrier-grade Linux and Mobile Linux Initiatives
at the Open Source Development Lab (OSDL), which included promoting the development and adoption of Linux and open source software in the communications industry.
Prior to joining OSDL, Dr. Haddad was a senior researcher at the Research & Innovation Department of Ericsson’s Corporate Unit of Research. He is a contributing editor
for Linux Journal and Enterprise Open Source magazines. Haddad received his BS and
MS degrees in computer science from the Lebanese American University, and his PhD
in computer science from Concordia University in Montreal, Canada. In 2000, he was
awarded by Concordia University both the J.W. McConnell Memorial Graduate Fellowship, and the Concordia University 25th Anniversary Fellowship, in recognition for
academic excellence. In 2007, he was the winner of the Big Idea Innovation Award in
Recognition of Leadership and Vision at Motorola, Inc.
Copyright © 2009 by The McGraw-Hill Companies. Click here for terms of use.
For more information about this title, click here
CONTENTS
Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xx
xxi
xxii
Part I
Installing Linux as a Server
▼ 1 Technical Summary of Linux Distributions . . . . . . . . . . . . . . . . . . . . . . . .
Linux—The Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . .
What Is Open Source Software and GNU All About? . . . . . .
What Is the GNU Public License? . . . . . . . . . . . . . . . . . . . . .
The Advantages of Open Source Software . . . . . . . . . . . . . . . . . . .
Understanding the Differences Between Windows and Linux . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 2 Installing Linux in a Server Configuration . . . . . . . . . . . . . . . . . . . . . . .
Hardware and Environmental Considerations
Server Design . . . . . . . . . . . . . . . . . . . . . . . . . .
Uptime . . . . . . . . . . . . . . . . . . . . . . . . . . .
Dual-Booting Issues . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
3
4
5
7
8
9
14
15
16
16
18
18
v
vi
Linux Administration: A Beginner’s Guide
Methods of Installation. . . . . . . . . .
Installing Fedora . . . . . . . . . . . . . . .
Project Prerequisites. . . . . . . .
Carrying Out the Installation.
Initial System Configuration .
Installing Ubuntu Server . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
19
20
20
21
36
37
41
▼ 3 Managing Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
43
44
47
47
48
The RPM Package Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Debian Package Management System . . . . . . . . . . . . . . . . . .
APT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Managing Software Using RPM . . . . . . . . . . . . . . . . . . . . . . . . . . .
Querying for Information the RPM Way
(Getting to Know One Another) . . . . . . . . . . . . . . . . . . . . .
Installing with RPM (Moving In Together) . . . . . . . . . . . . .
Uninstalling Software with RPM (Ending the Relationship) . .
Other Things You Can Do with RPM . . . . . . . . . . . . . . . . .
Software Management in Ubuntu . . . . . . . . . . . . . . . . . . . . . . . .
Querying for Information . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Software in Ubuntu . . . . . . . . . . . . . . . . . . . . . . .
Removing Software in Ubuntu . . . . . . . . . . . . . . . . . . . . . .
GUI RPM Package Managers . . . . . . . . . . . . . . . . . . . . . . .
Compile and Install GNU Software . . . . . . . . . . . . . . . . . . . . . . .
Getting and Unpacking the Package . . . . . . . . . . . . . . . . . .
Looking for Documentation
(Getting to Know Each Other—Again) . . . . . . . . . . . . . . . .
Configuring the Package . . . . . . . . . . . . . . . . . . . . . . . . . . .
Compiling the Package . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing the Package . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Testing the Software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cleanup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Common Problems when Building from Source Code . . . . . . . .
Problems with Libraries. . . . . . . . . . . . . . . . . . . . . . . . . . . .
When There Is No configure Script . . . . . . . . . . . . . . . . . . .
Broken Source Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
48
51
54
55
58
58
59
59
60
62
62
64
64
65
66
66
67
67
68
68
68
69
Part II
Single-Host Administration
▼ 4 Managing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
What Exactly Constitutes a User?. . . . . . . . . . . . . . . . . . . . . . . . .
Where User Information Is Kept . . . . . . . . . . . . . . . . . . . . .
The /etc/passwd File . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
73
74
74
75
Contents
The /etc/shadow File . . . . . . . . . . . . . . . . . . . . . . . . . .
The /etc/group File . . . . . . . . . . . . . . . . . . . . . . . . . . . .
User Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Command-Line User Management . . . . . . . . . . . . . . . .
GUI User Managers . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Users and Access Permissions . . . . . . . . . . . . . . . . . . . . . . . .
Understanding SetUID and SetGID Programs . . . . . . .
Pluggable Authentication Modules (PAM) . . . . . . . . . . . . . .
How PAM Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAM’s Files and Their Locations . . . . . . . . . . . . . . . . . .
Configuring PAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The “Other” File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
“DOH! I Can’t Log In!” . . . . . . . . . . . . . . . . . . . . . . . . .
Debugging PAM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
A Grand Tour . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Users with useradd . . . . . . . . . . . . . . . . . . . . .
Creating Groups with groupadd . . . . . . . . . . . . . . . . . .
Modifying User Attributes with usermod . . . . . . . . . . .
Modifying Group Attributes with groupmod . . . . . . . .
Deleting Groups and Users with groupdel and userdel
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 5 The Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
An Introduction to BASH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Job Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Environment Variables . . . . . . . . . . . . . . . . . . . . . . . . . . .
Pipes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Redirection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Command-Line Shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Filename Expansion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Environment Variables as Parameters . . . . . . . . . . . . . . . .
Multiple Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Backticks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Documentation Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The man Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The texinfo System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Files, File Types, File Ownership, and File Permissions . . . . . . . .
Normal Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Hard Links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Symbolic Links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Block Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Character Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Named Pipes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
79
80
81
81
85
88
88
89
89
90
90
95
95
95
96
96
97
98
99
99
100
101
102
103
104
106
107
107
108
108
108
109
110
110
112
112
112
112
113
113
113
114
114
vii
viii
Linux Administration: A Beginner’s Guide
Listing Files: ls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Change Ownership: chown . . . . . . . . . . . . . . . . . . . . . . . . .
Change Group: chgrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Change Mode: chmod . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
File Management and Manipulation . . . . . . . . . . . . . . . . . . . . . .
Copy Files: cp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Move Files: mv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Link Files: ln. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Find a File: find . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
File Compression: gzip . . . . . . . . . . . . . . . . . . . . . . . . . . .
bzip2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Create a Directory: mkdir . . . . . . . . . . . . . . . . . . . . . . . . .
Remove a Directory: rmdir . . . . . . . . . . . . . . . . . . . . . . . .
Show Present Working Directory: pwd . . . . . . . . . . . . . . .
Tape Archive: tar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Concatenate Files: cat. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Display a File One Screen at a Time: more. . . . . . . . . . . . .
Disk Utilization: du . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show the Directory Location of a File: which . . . . . . . . . .
Locate a Command: whereis . . . . . . . . . . . . . . . . . . . . . . .
Disk Free: df . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Synchronize Disks: sync . . . . . . . . . . . . . . . . . . . . . . . . . .
Moving a User and Its Home Directory . . . . . . . . . . . . . . . . . . .
List Processes: ps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show an Interactive List of Processes: top . . . . . . . . . . . . .
Send a Signal to a Process: kill . . . . . . . . . . . . . . . . . . . . . .
Miscellaneous Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Show System Name: uname . . . . . . . . . . . . . . . . . . . . . . .
Who Is Logged In: who . . . . . . . . . . . . . . . . . . . . . . . . . . .
A Variation on who: w . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Switch User: su . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Editors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
vi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
emacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
joe. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
pico . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 6 Booting and Shutting Down. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Boot Loaders . . . . . .
GRUB . . . . . . .
LILO. . . . . . . .
Bootstrapping
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
114
115
116
116
119
119
120
120
121
121
122
122
123
123
123
125
126
126
127
127
127
128
128
131
133
134
135
135
136
136
136
137
137
138
138
139
139
140
141
142
142
152
152
Contents
The init Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
rc Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Writing Your Own rc Script . . . . . . . . . . . . . . . . . . . . . . . .
Enabling and Disabling Services . . . . . . . . . . . . . . . . . . . . . . . .
Disabling a Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Odds and Ends of Booting and Shutting Down . . . . . . . . . . . . .
fsck! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Booting into Single-User (“Recovery”) Mode . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
153
154
155
159
162
162
163
163
164
▼ 7 File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
165
166
166
167
168
169
169
169
176
177
178
178
179
180
190
192
The Makeup of File Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . .
i-Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Superblocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ext3 and ReiserFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Which File System to Use? . . . . . . . . . . . . . . . . . . . . . . . .
Managing File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Mounting and Unmounting Local Disks . . . . . . . . . . . . . .
Using fsck . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Adding a New Disk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Overview of Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Traditional Disk- and Partition-Naming Conventions . . .
Volume Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating Partitions and Logical Volumes . . . . . . . . . . . . .
Creating File Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 8 Core System Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The init Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
upstart: Die init. Die Now!. . . . . . . . . . . . . . . . . . . . . . . . .
The /etc/inittab File . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xinetd and inetd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The /etc/xinetd.conf File . . . . . . . . . . . . . . . . . . . . . . . . .
Examples: A Simple Service Entry and
Enabling/Disabling a Service . . . . . . . . . . . . . . . . . . . . . .
The Logging Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Invoking rsyslogd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring the Logging Daemon . . . . . . . . . . . . . . . . . . . . . . .
Log Message Classifications . . . . . . . . . . . . . . . . . . . . . . .
Format of /etc/rsyslog.conf . . . . . . . . . . . . . . . . . . . . . . . .
The cron Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The crontab File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Editing the crontab File . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
193
194
195
196
198
200
205
208
208
208
210
211
216
216
218
218
ix
x
Linux Administration: A Beginner’s Guide
▼ 9 Compiling the Linux Kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
What Exactly Is a Kernel? . . . . . . . . . . . . . .
Finding the Kernel Source Code. . . . . . . . .
Getting the Correct Kernel Version . .
Unpacking the Kernel Source Code . .
Building the Kernel . . . . . . . . . . . . . . . . . .
Preparing to Configure the Kernel . .
Kernel Configuration . . . . . . . . . . . . .
Compiling the Kernel . . . . . . . . . . . .
Installing the Kernel . . . . . . . . . . . . .
Booting the Kernel . . . . . . . . . . . . . . .
The Author Lied—It Didn’t Work! . .
Patching the Kernel . . . . . . . . . . . . . . . . . .
Downloading and Applying Patches.
Summary . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 10 Knobs and Dials: proc and SysFS File Systems . . . . . . . . . . . . . . . . . .
What’s Inside the /proc Directory? . .
Tweaking Files Inside of /proc .
Some Useful /proc Entries . . . . . . . . .
Enumerated /proc Entries . . . . .
Common proc Settings and Reports . .
SYN Flood Protection . . . . . . . .
Issues on High-Volume Servers .
Debugging Hardware Conflicts .
SysFS. . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
221
222
224
224
225
225
227
228
231
233
235
235
236
237
239
241
242
243
244
246
247
248
249
249
249
252
Part III
Security and Networking
▼ 11 TCP/IP for System Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Layers . . . . . . . . . . . . . . . . . . . . . . .
TCP/IP Model and the OSI Model
Headers . . . . . . . . . . . . . . . . . . . . . . . . .
Ethernet . . . . . . . . . . . . . . . . . . . . .
IP (IPv4) . . . . . . . . . . . . . . . . . . . . .
TCP . . . . . . . . . . . . . . . . . . . . . . . .
UDP . . . . . . . . . . . . . . . . . . . . . . . .
A Complete TCP Connection . . . . . . . . .
Opening a Connection . . . . . . . . . .
Transferring Data . . . . . . . . . . . . . .
Closing the Connection . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
255
256
259
263
264
265
268
272
273
273
274
275
Contents
How ARP Works. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The ARP Header: ARP Works with Other Protocols, Too! . . .
Bringing IP Networks Together . . . . . . . . . . . . . . . . . . . . . . . . .
Hosts and Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Subnetting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Netmasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Static Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Dynamic Routing with RIP . . . . . . . . . . . . . . . . . . . . . . . .
Digging into tcpdump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
A Few General Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Graphing Odds and Ends . . . . . . . . . . . . . . . . . . . . . . . . .
IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPv6 Address Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPv6 Address Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IPv6 Backward Compatibility . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
276
277
278
278
279
280
282
284
289
289
293
294
294
295
295
296
▼ 12 Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
299
300
301
303
304
307
309
311
314
314
317
317
Modules and Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . .
Network Device Configuration Utilities (ip and ifconfig) . . .
IP Aliasing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up NICs at Boot Time . . . . . . . . . . . . . . . . . . . . . .
Managing Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Simple Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Displaying Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
A Simple Linux Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Routing with Static Routes . . . . . . . . . . . . . . . . . . . . . . . .
How Linux Chooses an IP Address . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 13 The Linux Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
How Netfilter Works . . . . . . . . . . . . . . . . . .
A NAT Primer . . . . . . . . . . . . . . . . . . .
NAT-Friendly Protocols . . . . . . . . . . . .
Chains . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Netfilter . . . . . . . . . . . . . . . . . . . .
Enabling Netfilter in the Kernel. . . . . .
Required Kernel Options . . . . . . . . . . .
Optional but Sensible Kernel Options .
Other Options . . . . . . . . . . . . . . . . . . .
Configuring Netfilter . . . . . . . . . . . . . . . . . .
Saving Your Netfilter Configuration . .
The iptables Command . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
319
320
321
324
325
328
328
329
329
330
331
331
333
xi
xii
Linux Administration: A Beginner’s Guide
Cookbook Solutions . . . . . . . . . . . . .
Rusty’s Three-Line NAT . . . . .
Configuring a Simple Firewall.
Summary . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
340
341
342
344
▼ 14 Local Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
345
347
347
349
350
351
352
354
354
357
358
358
358
359
359
359
360
360
Common Sources of Risk . . . . . . . . . . . .
SetUID Programs . . . . . . . . . . . . . .
Unnecessary Processes. . . . . . . . . .
Picking the Right Runlevel to Boot Into .
Non-human Accounts . . . . . . . . . . . . . .
Limited Resources . . . . . . . . . . . . . . . . .
Mitigating Risk . . . . . . . . . . . . . . . . . . . .
Using Chroot . . . . . . . . . . . . . . . . .
SELinux . . . . . . . . . . . . . . . . . . . . .
AppArmor . . . . . . . . . . . . . . . . . . . . . . .
Monitoring Your System. . . . . . . . . . . . .
Logging . . . . . . . . . . . . . . . . . . . . .
Using ps and netstat . . . . . . . . . . .
Using df . . . . . . . . . . . . . . . . . . . . .
Automated Monitoring . . . . . . . . .
Mailing Lists . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 15 Network Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
TCP/IP and Network Security . . . . . . . . . . . . . . . . . . . . . . . . . .
The Importance of Port Numbers . . . . . . . . . . . . . . . . . . .
Tracking Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using the netstat Command . . . . . . . . . . . . . . . . . . . . . . .
Security Implications of netstat’s Output . . . . . . . . . . . . .
Binding to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Shutting Down Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Shutting Down xinetd and inetd Services . . . . . . . . . . . . .
Monitoring Your System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Making the Best Use of syslog . . . . . . . . . . . . . . . . . . . . . .
Monitoring Bandwidth with MRTG . . . . . . . . . . . . . . . . .
Handling Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Trust Nothing (and No One) . . . . . . . . . . . . . . . . . . . . . . .
Change Your Passwords . . . . . . . . . . . . . . . . . . . . . . . . . .
Pull the Plug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Network Security Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
nmap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Wireshark/tcpdump . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
361
362
362
363
363
364
365
366
366
368
368
370
370
370
371
371
371
371
372
373
Contents
Part IV
Internet Services
▼ 16 DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Hosts File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding How DNS Works . . . . . . . . . . . . . . . . . . . . . . . .
Domain and Host Naming Conventions . . . . . . . . . . . . . .
Subdomains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The in-addr.arpa Domain . . . . . . . . . . . . . . . . . . . . . . . . .
Types of Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing a DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding the BIND Configuration File . . . . . . . . . .
The Specifics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring a DNS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Defining a Primary Zone in the named.conf File . . . . . . .
Defining a Secondary Zone in the named.conf File . . . . . .
Defining a Caching Zone in the named.conf File . . . . . . .
DNS Records Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SOA: Start of Authority . . . . . . . . . . . . . . . . . . . . . . . . . . .
NS: Name Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
A: Address Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PTR: Pointer Record. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MX: Mail Exchanger . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
CNAME: Canonical Name . . . . . . . . . . . . . . . . . . . . . . . .
RP and TXT: The Documentation Entries . . . . . . . . . . . . .
Setting Up BIND Database Files . . . . . . . . . . . . . . . . . . . . . . . . .
Breaking Out the Individual Steps . . . . . . . . . . . . . . . . . .
The DNS Toolbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
dig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
nslookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
whois . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
nsupdate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The rndc Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring DNS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Resolver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring the Client . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 17 FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Mechanics of FTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Client/Server Interactions . . . . . . . . . . . . . . . . . . . . . . . . .
377
378
379
379
382
383
383
385
387
388
391
391
392
393
394
394
395
396
396
397
397
398
398
400
404
404
406
407
408
408
409
410
410
412
413
415
416
416
xiii
xiv
Linux Administration: A Beginner’s Guide
Obtaining and Installing vsftpd . . . . . . . . . . . . . . .
Configuring vsftpd . . . . . . . . . . . . . . . . . . . .
Starting and Testing the FTP Server. . . . . . . .
Customizing the FTP Server . . . . . . . . . . . . . . . . . .
Setting Up an Anonymous-Only FTP Server .
Setting Up an FTP Server with Virtual Users
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
418
418
423
426
426
427
431
▼ 18 Apache Web Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
433
434
434
435
436
437
438
439
440
441
441
442
442
442
448
449
Understanding the HTTP Protocol . . . . . .
Headers . . . . . . . . . . . . . . . . . . . . . .
Ports . . . . . . . . . . . . . . . . . . . . . . . . .
Process Ownership and Security . . .
Installing the Apache HTTP Server . . . . .
Apache Modules . . . . . . . . . . . . . . .
Starting Up and Shutting Down Apache .
Starting Apache at Boot Time . . . . .
Testing Your Installation . . . . . . . . . . . . . .
Configuring Apache . . . . . . . . . . . . . . . . .
Creating a Simple Root-Level Page .
Apache Configuration Files . . . . . . .
Common Configuration Options . . .
Troubleshooting Apache. . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 19 SMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding SMTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Rudimentary SMTP Details . . . . . . . . . . . . . . . . . . . . . . . .
Security Implications . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing the Postfix Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Postfix via RPM in Fedora . . . . . . . . . . . . . . . . .
Installing Postfix via APT in Ubuntu . . . . . . . . . . . . . . . . .
Configuring the Postfix Server . . . . . . . . . . . . . . . . . . . . . . . . . .
The main.cf File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Checking Your Configuration . . . . . . . . . . . . . . . . . . . . . .
Running the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Checking the Mail Queue . . . . . . . . . . . . . . . . . . . . . . . . .
Flushing the Mail Queue . . . . . . . . . . . . . . . . . . . . . . . . . .
The newaliases Command . . . . . . . . . . . . . . . . . . . . . . . . .
Making Sure Everything Works. . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
451
452
452
454
455
455
456
458
459
461
462
462
462
462
462
463
Contents
▼ 20 POP and IMAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
POP and IMAP Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing the UW-IMAP and POP3 Server. . . . . . . . . . . . . . . . .
Installing UW-IMAP from Source . . . . . . . . . . . . . . . . . . .
Running UW-IMAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Other Issues with Mail Services . . . . . . . . . . . . . . . . . . . . . . . . .
SSL Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Testing IMAP Connectivity with SSL . . . . . . . . . . . . . . . .
Availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 21 The Secure Shell (SSH) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding Public Key Cryptography . . . . . . . . . . . . . . . . .
Key Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cryptography References . . . . . . . . . . . . . . . . . . . . . . . . .
Understanding SSH Versions and Distributions . . . . . . . . . . . .
OpenSSH and OpenBSD . . . . . . . . . . . . . . . . . . . . . . . . . .
Alternative Vendors for SSH Clients . . . . . . . . . . . . . . . . .
Installing OpenSSH via RPM in Fedora . . . . . . . . . . . . . .
Installing OpenSSH via APT in Ubuntu . . . . . . . . . . . . . .
Downloading, Compiling, and Installing OpenSSH from Source
Server Startup and Shutdown . . . . . . . . . . . . . . . . . . . . . . . . . .
SSHD Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using OpenSSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Secure Shell (SSH) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Secure Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
OpenSSH Shell Tricks . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Secure Copy (SCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Secure FTP (SFTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Files Used by the OpenSSH Client . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
465
468
468
469
471
474
474
475
475
476
476
479
480
482
483
484
484
484
486
486
486
489
490
490
491
491
494
495
495
496
496
Part V
Intranet Services
▼ 22 Network File System (NFS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Mechanics of NFS . . . . . . . . . . . . .
Versions of NFS . . . . . . . . . . . . . .
Security Considerations for NFS .
Mount and Access a Partition . . .
Enabling NFS in Fedora . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
501
502
503
504
504
505
xv
xvi
Linux Administration: A Beginner’s Guide
Enabling NFS in Ubuntu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Components of NFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Kernel Support for NFS . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring an NFS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The /etc/exports Configuration File . . . . . . . . . . . . . . . . .
Configuring NFS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The mount Command . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Soft vs. Hard Mounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Cross-Mounting Disks . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Importance of the intr Option . . . . . . . . . . . . . . . . . . .
Performance Tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Troubleshooting Client-Side NFS Issues . . . . . . . . . . . . . . . . . .
Stale File Handles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Permission Denied . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Sample NFS Client and NFS Server Configuration . . . . . . . . . .
Common Uses for NFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
506
507
508
508
508
512
513
515
515
516
516
517
517
517
518
520
520
▼ 23 Network Information Service (NIS) . . . . . . . . . . . . . . . . . . . . . . . . . . .
523
524
525
526
526
527
528
528
532
534
534
535
536
538
540
540
540
541
541
542
543
543
544
544
545
545
Inside NIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The NIS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . .
Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring the Master NIS Server . . . . . . . . . . . .
Establishing the Domain Name . . . . . . . . . . .
Starting NIS . . . . . . . . . . . . . . . . . . . . . . . . . .
Editing the Makefile . . . . . . . . . . . . . . . . . . .
Using ypinit . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring an NIS Client . . . . . . . . . . . . . . . . . . .
Editing the /etc/yp.conf File . . . . . . . . . . . . .
Enabling and Starting ypbind . . . . . . . . . . . .
Editing the /etc/nsswitch.conf File . . . . . . . . . . . .
NIS at Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Testing Your NIS Client Configuration . . . . .
Configuring a Secondary NIS Server . . . . . . . . . . .
Setting the Domain Name . . . . . . . . . . . . . . .
Setting Up the NIS Master to Push to Slaves .
Running ypinit . . . . . . . . . . . . . . . . . . . . . . . .
NIS Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using NIS in Configuration Files. . . . . . . . . .
Implementing NIS in a Real Network . . . . . . . . . .
A Small Network . . . . . . . . . . . . . . . . . . . . . .
A Segmented Network. . . . . . . . . . . . . . . . . .
Networks Bigger Than Buildings . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Contents
▼ 24 Samba . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Mechanics of SMB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Usernames and Passwords . . . . . . . . . . . . . . . . . . . . . . . .
Encrypted Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Samba Daemons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Samba via RPM . . . . . . . . . . . . . . . . . . . . . . . . .
Installing Samba via APT. . . . . . . . . . . . . . . . . . . . . . . . . .
Samba Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Starting and Stopping Samba . . . . . . . . . . . . . . . . . . . . . .
Using SWAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting Up SWAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The SWAT Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Shares . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Printers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Using smbclient . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Mounting Remote Samba Shares . . . . . . . . . . . . . . . . . . . . . . . .
Creating Samba Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Allowing Null Passwords . . . . . . . . . . . . . . . . . . . . . . . . .
Changing Passwords with smbpasswd . . . . . . . . . . . . . . .
Using Samba to Authenticate Against a Windows Server . . . . .
Troubleshooting SAMBA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼ 25 LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LDAP Basics . . . . . . . . . . . . . . . . .
LDAP Directory . . . . . . . . . .
Client/Server Model . . . . . .
Uses of LDAP. . . . . . . . . . . .
LDAP Terminologies . . . . . .
OpenLDAP . . . . . . . . . . . . . . . . . .
Server-Side Daemons . . . . . .
OpenLDAP Utilities . . . . . . .
Installing OpenLDAP . . . . . . . . . .
Configuring OpenLDAP . . . . . . .
Configuring slapd . . . . . . . .
Starting and Stopping slapd
Configuring OpenLDAP Clients .
Creating Directory Entries . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
547
548
548
549
549
550
551
552
553
554
554
556
557
557
557
557
558
558
558
560
563
563
564
564
565
567
567
569
570
570
571
572
572
573
573
574
574
576
577
580
581
581
xvii
xviii
Linux Administration: A Beginner’s Guide
Searching, Querying, and Modifying the Directory .
Using OpenLDAP for User Authentication . . . . . . .
Configuring the Server . . . . . . . . . . . . . . . . . .
Configuring the Client . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
583
584
584
586
587
▼ 26 Printing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
589
590
591
591
591
593
594
595
600
600
600
600
601
601
602
603
603
604
604
605
Printing Terminologies . . . . . . . . . . . . . . .
The CUPS System . . . . . . . . . . . . . . . . . . .
Running CUPS . . . . . . . . . . . . . . . . .
Installing CUPS . . . . . . . . . . . . . . . .
Configuring CUPS . . . . . . . . . . . . . .
Adding Printers . . . . . . . . . . . . . . . . . . . .
Local Printers and Remote Printers .
Routine CUPS Administration . . . . . . . . .
Setting the Default Printer . . . . . . . .
Enabling and Disabling Printers . . .
Accepting and Rejecting Print Jobs .
Managing Printing Privileges . . . . .
Deleting Printers . . . . . . . . . . . . . . .
Managing Printers via the Web Interface .
Using Client-Side Printing Tools . . . . . . .
lpr. . . . . . . . . . . . . . . . . . . . . . . . . . .
lpq . . . . . . . . . . . . . . . . . . . . . . . . . .
lprm . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 27 DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
The Mechanics of DHCP . . . . . . . . . . . . . . . . . . . . .
The DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . .
Installing DHCP Software via RPM. . . . . . . . .
Installing DHCP Software via APT in Ubuntu
Configuring the DHCP Server . . . . . . . . . . . . .
A Sample dhcpd.conf File . . . . . . . . . . . . . . . .
The DHCP Client Daemon . . . . . . . . . . . . . . . . . . . .
Configuring the DHCP Client . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
▼ 28 Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Why Virtualize? . . . . . . . . . . . . .
Virtualization Concepts . . .
Virtualization Implementations .
QEMU . . . . . . . . . . . . . . . .
Xen . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
607
608
609
609
609
610
616
617
617
619
621
622
622
623
624
624
Contents
User-Mode Linux (UML) . . . . . . . . . . . . . . . . . . . . . . . . . .
Kernel-based Virtual Machines (KVM) . . . . . . . . . . . . . . .
VMware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Virtualbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Hyper-V . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Kernel-based Virtual Machines (KVM) . . . . . . . . . . . . . . . . . . .
KVM Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
624
624
624
624
625
625
626
631
▼ 29 Backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
633
634
634
635
636
637
637
639
640
640
646
646
Evaluating Your Backup Needs . . . . . . . . . . . . . . .
How Much Data? . . . . . . . . . . . . . . . . . . . . . .
What Kind of Media? . . . . . . . . . . . . . . . . . . .
How Much Network Throughput? . . . . . . . .
How Quickly Must the Data Be Recovered? .
What Kind of Tape Management? . . . . . . . . .
Manipulating the Tape Device with mt . . . . .
Command-Line Tools . . . . . . . . . . . . . . . . . . . . . . .
dump and restore. . . . . . . . . . . . . . . . . . . . . .
Miscellaneous Backup Solutions . . . . . . . . . . . . . .
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
▼
Index
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
..............................................
647
xix
FOREWORD
I
n 1999, editor Jane Brownlow approached me to do a book on Linux.
The idea of writing my own book, start to finish, on an operating system I loved was so fantastic that the little detail of already being overcommitted with my work was merely a footnote. Lucky for me, my very
patient wife supported the endeavor and accepted this mistress, which
consumed my evenings the first few months we were married.
When talk of the second edition came up, my dear wife asked, “Aren’t you
overcommitted even more than you were during the first edition?” She was
right, yet I couldn’t let my dear book—which had done very well—go to someone else. And so, five months of nights and weekends slipped away as I updated
and rewrote large portions of the book. By the end of the exercise, I was tired but
pleased.
Fortunately for my sanity, a few years of marriage made my wife much more
direct when talk of the third and fourth editions came about. “No,” she said, “not
unless you can prove that you can do this without becoming a tired and cranky
old man.” She was right, and I recruited help as a result. My co-worker and friend
Steve Graham helped with the third edition, and Wale Soyinka of Linux Lab Manual
fame jumped in on the fourth.
When Jane asked, “Fifth edition?” a few months ago, I actually knew better.
With a two-year-old son, a new business, and a mere four to five hours of sleep
a night, with weekends officially off-limits to non-family activity, lest I become
“Uncle Daddy,” there simply wasn’t any time to beg, borrow, or steal away to make
a fifth edition happen. However, this time, there was no question about whether
Linux Administration: A Beginner’s Guide, a book that I hold dear, would be in good
hands. Wale Soyinka had done a stellar job in the fourth edition, and he was up
for the challenge of making the fifth edition his own. It was time to pass the baton.
It is with great pleasure that I present the fifth edition of Linux Administration:
A Beginner’s Guide by Wale Soyinka. This book barely resembles the 500-odd pages
written nine years ago in the first edition, and it is without hesitation that I say the
new words are for the better.
xx
Steve Shah
June 2008
Author, Linux Administration: A Beginner’s Guide
(1st through 4th editions)
Copyright © 2009 by The McGraw-Hill Companies. Click here for terms of use.
ACKNOWLEDGMENTS
T
he list of people whom I would like to acknowledge is rather long—
and as such, I will try to create a “catch all” that will reflect the
individuals and groups that I am referring to.
This simply includes everybody who has ever believed in me and provided
me with one opportunity or another to experience various aspects of my life
up to this point. You know who you are, and I thank you and remain forever
indebted to you.
I would like to dedicate this book to everyone who has contributed
to open source technologies and ideals in one form or another.
Without you, I would have nothing to write about in this book.
xxi
Copyright © 2009 by The McGraw-Hill Companies. Click here for terms of use.
INTRODUCTION
O
n October 5, 1991, Linus Torvalds posted this message to the newsgroup comp.os.minix:
Do you pine for the nice days of minix-1.1, when men were men and
wrote their own device drivers? Are you without a nice project and
just dying to cut your teeth on an OS you can try to modify for
your needs? Are you finding it frustrating when everything works
on minix? No more all-nighters to get a nifty program working?
Then this post might be just for you :-)
Linus went on to introduce the first cut of Linux to the world. Unbeknownst to
him, he had unleashed what was to become one of the world’s most popular and
disruptive operating systems. Seventeen years later, an entire industry has grown
up around Linux. And chances are, you’ve probably already used it (or benefitted
from it) in one form or another!
WHO SHOULD READ THIS BOOK
A part of the title of this book reads “A Beginner’s Guide”; this is mostly apt.
But what the title should say is “A Beginner’s to Linux Administration Guide,”
because we do make a few assumptions about you, the reader. (And we jolly well
couldn’t use that title because it was such a mouthful and not sexy enough.)
But seriously, we assume that you are already familiar with Microsoft Windows
servers at a “power user” level or better. We assume that you are familiar with the
terms (and some concepts) necessary to run a small- to medium-sized Windows
xxii
Copyright © 2009 by The McGraw-Hill Companies. Click here for terms of use.
Introduction
network. Any experience with bigger networks or advanced Windows technologies,
such as Active Directory, will allow you to get more from the book but is not required.
We make this assumption because we did not want to write a guide for dummies.
There are already enough books on the market that tell you what to click without telling you why; this book is not meant to be among those ranks. Furthermore, we did not
want to waste time writing about information that we believe is common knowledge for
power users of Windows. Other people have already done an excellent job of conveying
that information, and there is no reason to repeat that work here.
In addition to your Windows background, we assume that you’re interested in having more information about the topics here than the material we have written alone. After
all, we’ve only spent 30 to 35 pages on topics that have entire books devoted to them!
For this reason, we have scattered references to other books throughout the chapters. We
urge you to take advantage of these recommendations. No matter how advanced you
are, there is always something new to learn.
We feel that seasoned Linux system administrators can also benefit from this book
because it can serve as a quick how-to cookbook on various topics that may not be the
seasoned reader’s strong points. We understand that system administrators generally
have aspects of system administration that they like or loath. For example, backups is not
one of the author’s favorite aspects of system administration, and this is reflected in the
half a page we’ve dedicated to backups—just kidding, we’ve actually dedicated an entire
chapter to backups.
WHAT’S IN THIS BOOK?
Linux Administration: A Beginner’s Guide, is broken into five parts.
Part I: Installing Linux as a Server
Part I includes three chapters (Chapter 1, “Technical Summary of Linux Distributions”;
Chapter 2, “Installing Linux in a Server Configuration”; and Chapter 3, “Managing Software”) that give you a firm handle on what Linux is, how it compares to Windows in
several key areas, and how to install server-grade Fedora and Ubuntu Linux distributions. We end Part I with a chapter on how to install and manage software installed from
prepackaged binaries and source code. Ideally, this should be enough information to
get you started and help you draw parallels to how Linux works based on your existing
knowledge of Windows.
Part II: Single-Host Administration
Part II covers the material necessary to manage a stand-alone system (a system not requiring or providing any services to other systems on the network). While this may seem
useless at first, it is the foundation on which many other concepts are built, and these
concepts are essential to understand, even after a system is connected to a network.
xxiii
xxiv
Introduction
There are seven chapters in this part. Chapter 4, “Managing Users,” covers the information necessary on how to add, remove, and otherwise manage users. The chapter also
introduces the basic concepts of multiuser operation, permissions, etc. In Chapter 5, “The
Command Line,” we begin covering the basics of working with the Linux command line
so that you can become comfortable dropping out of the graphical environment provided by default. While it is possible to administer a system from within the graphical
desktop, the greatest power comes from being comfortable with both the command line
interface (CLI) and the graphical user interface (GUI). (This is true for Windows, too.
Don’t believe that? Open a command prompt, run netsh, and try to do what netsh
does in the GUI.).
Once you are comfortable with the CLI, you begin Chapter 6, “Booting and Shutting
Down,” which documents the entire booting and shutting down process. This includes
the necessary detail on how to start up services and properly shut them down during
these cycles so that you can reliably add new services later on in the book without any
difficulty.
Chapter 7, “File Systems,” continues with the basics of file systems—their organization, creation, and, most importantly, their management.
The basics of operation continue in Chapter 8, “Core System Services,” with coverage
of basic tools, such as xinetd for scheduling applications to run at specified times. xinetd
is the Linux equivalent of Windows’ svchost and rsyslog, which manage logging for all
applications in a unified framework. One may think of rsyslog as a more flexible version
of the Event Viewer.
We finish this section with Chapter 9, “Compiling the Linux Kernel,” and Chapter 10,
“Knobs and Dials: proc and SysFS File Systems,” which cover the kernel and kernel-level
tweaking through /proc and /sys. Kernel coverage documents the process of compiling
and installing your own custom kernel in Linux. This capability is one of the points that
gives Linux administrators an extraordinary amount of fine-grained control over how
their systems operate. The viewing of kernel-level configuration and variables through
the /proc and /sys file systems shown in Chapter 10 allows administrators to fine-tune
their kernel operation in what amounts to an arguably better and easier way than in the
Microsoft Windows world.
Part III: Security and Networking
Previous editions of this book had security and networking at the back. This was done
because at the time, the only real extensions to the book that were covered were advanced
networking concepts that don’t apply to most administrators. This has significantly
changed over the last few years. With the ongoing importance of security on the Internet,
as well as compliancy issues with Sarbanes Oxley and Health Insurance Portability and
Accountability Act (HIPAA), the use of Linux in scenarios that require high security has
risen dramatically. Thus, we decided to move coverage up before introducing networkbased services, which could be subject to network attacks.
We kick off this section with Chapter 11, “TCP/IP for System Administrators,”
which provides a detailed overview of Transmission Control Protocol/Internet Protocol (TCP/IP) in the context of what system administrators need to know. The chapter
