IT training linux administration handbook 2nd ed~tqw~ darksiderg

1K 392 0
IT training linux administration handbook 2nd ed~tqw~ darksiderg

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

Linux Administration Handbook ® SECOND EDITION Evi Nemeth Garth Snyder Trent R Hein with Lynda McGinley, Ben Whaley, Adam Boggs, Jeffrey S Haemer, Tobi Oetiker, Fritz Zaucker, Scott Seidel, Bryan Buus, Ned McClain, and David Schweikert Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals Red Hat Enterprise Linux and the Red Hat SHADOWMAN logo are registered trademarks of Red Hat Inc., and such trademarks are used with permission Ubuntu is a registered trademark of Canonical Limited, and is used with permission Fedora is a trademark of Red Hat Inc., and is used with permission Novell, the Novell logo, the N logo, and SUSE are registered trademarks of Novell Inc in the United States and other countries The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include custom covers and content particular to your business, training goals, marketing focus, and branding interests For more information, please contact: U.S Corporate and Government Sales (800) 382-3419 corpsales@pearsontechgroup.com For sales outside the United States, please contact: International Sales international@pearsoned.com Visit us on the Web: www.prenhallprofessional.com Library of Congress Cataloging-in-Publication Data Nemeth, Evi Linux administration handbook / Evi Nemeth, Garth Snyder, Trent R Hein.—2nd ed p cm Includes index ISBN 0-13-148004-9 (pbk : alk paper) Linux Operating systems (Computers) I Snyder, Garth II Hein, Trent R III Title QA76.76.O63N448 2006 005.4'32—dc22 2006030150 Copyright © 2007 Pearson Education, Inc All rights reserved Printed in the United States of America This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise For information regarding permissions, write to: Pearson Education, Inc Rights and Contracts Department One Lake Street Upper Saddle River, NJ 07458 Fax: (201) 236-3290 ISBN 0-13-148004-9 Text printed in the United States on recycled paper at Courier in Stoughton, Massachusetts First printing, October 2006 Contents FOREWORD TO THE FIRST EDITION PREFACE ACKNOWLEDGMENTS xxxiii xxxiv xxxvii SECTION ONE: BASIC ADMINISTRATION CHAPTER WHERE TO START Suggested background Linux’s relationship to UNIX Linux in historical context Linux distributions So what’s the best distribution? Distribution-specific administration tools Notation and typographical conventions System-specific information 10 Where to go for information 11 Organization of the man pages 12 man: read manual pages 13 Other sources of Linux information 13 How to find and install software 14 iii iv Linux Administration Handbook Essential tasks of the system administrator 16 Adding, removing, and managing user accounts 16 Adding and removing hardware 16 Performing backups 17 Installing and upgrading software 17 Monitoring the system 17 Troubleshooting 17 Maintaining local documentation 17 Vigilantly monitoring security 17 Helping users 18 System administration under duress 18 System Administration Personality Syndrome 18 Recommended reading 19 Exercises 20 CHAPTER BOOTING AND SHUTTING DOWN 21 Bootstrapping 21 Automatic and manual booting 22 Steps in the boot process 22 Kernel initialization 23 Hardware configuration 23 Kernel threads 23 Operator intervention (manual boot only) 24 Execution of startup scripts 25 Multiuser operation 25 Booting PCs 25 Using boot loaders: LILO and GRUB 26 GRUB: The GRand Unified Boot loader 26 LILO: The traditional Linux boot loader 28 Kernel options 29 Multibooting on PCs 30 GRUB multiboot configuration 30 LILO multiboot configuration 31 Booting single-user mode 31 Single-user mode with GRUB 32 Single-user mode with LILO 32 Working with startup scripts 32 init and run levels 33 Red Hat and Fedora startup scripts 36 SUSE startup scripts 38 Debian and Ubuntu startup scripts 40 Contents v Rebooting and shutting down 40 Turning off the power 41 shutdown: the genteel way to halt the system 41 halt: a simpler way to shut down 42 reboot: quick and dirty restart 42 telinit: change init’s run level 42 poweroff: ask Linux to turn off the power 42 Exercises 43 CHAPTER ROOTLY POWERS 44 Ownership of files and processes 44 The superuser 46 Choosing a root password 47 Becoming root 48 su: substitute user identity 48 sudo: a limited su 48 Other pseudo-users 51 bin: legacy owner of system commands 51 daemon: owner of unprivileged system software 51 nobody: the generic NFS user 51 Exercises 52 CHAPTER CONTROLLING PROCESSES 53 Components of a process 53 PID: process ID number 54 PPID: parent PID 54 UID and EUID: real and effective user ID 54 GID and EGID: real and effective group ID 55 Niceness 55 Control terminal 56 The life cycle of a process 56 Signals 57 kill and killall: send signals 60 Process states 60 nice and renice: influence scheduling priority 61 ps: monitor processes 62 top: monitor processes even better 65 The /proc filesystem 65 strace: trace signals and system calls 66 Runaway processes 67 Recommended reading 69 Exercises 69 vi Linux Administration Handbook CHAPTER THE FILESYSTEM 70 Pathnames 72 Filesystem mounting and unmounting 73 The organization of the file tree 75 File types 76 Regular files 78 Directories 78 Character and block device files 79 Local domain sockets 80 Named pipes 80 Symbolic links 80 File attributes 81 The permission bits 81 The setuid and setgid bits 82 The sticky bit 82 Viewing file attributes 82 chmod: change permissions 84 chown: change ownership and group 86 umask: assign default permissions 86 Bonus flags 87 Access control lists 88 ACL overview 88 Default entries 91 Exercises 92 CHAPTER ADDING NEW USERS 93 The /etc/passwd file 93 Login name 94 Encrypted password 96 UID (user ID) number 96 Default GID number 97 GECOS field 98 Home directory 98 Login shell 98 The /etc/shadow file 99 The /etc/group file 101 Adding users 102 Editing the passwd and shadow files 103 Editing the /etc/group file 104 Setting an initial password 104 Contents vii Creating the user’s home directory 105 Copying in the default startup files 105 Setting the user’s mail home 106 Verifying the new login 106 Recording the user’s status and contact information 107 Removing users 107 Disabling logins 108 Managing accounts 108 Exercises 110 CHAPTER ADDING A DISK 111 Disk interfaces 111 The PATA interface 112 The SATA interface 114 The SCSI interface 114 Which is better, SCSI or IDE? 118 Disk geometry 119 Linux filesystems 120 Ext2fs and ext3fs 120 ReiserFS 121 XFS and JFS 122 An overview of the disk installation procedure 122 Connecting the disk 122 Formatting the disk 123 Labeling and partitioning the disk 124 Creating filesystems within disk partitions 125 Mounting the filesystems 126 Setting up automatic mounting 127 Enabling swapping 129 hdparm: set IDE interface parameters 129 fsck: check and repair filesystems 131 Adding a disk: a step-by-step guide 133 Advanced disk management: RAID and LVM 138 Linux software RAID 139 Logical volume management 139 An example configuration with LVM and RAID 140 Dealing with a failed disk 144 Reallocating storage space 146 Mounting USB drives 147 Exercises 148 viii Linux Administration Handbook CHAPTER PERIODIC PROCESSES 150 cron: schedule commands 150 The format of crontab files 151 Crontab management 153 Some common uses for cron 154 Cleaning the filesystem 154 Network distribution of configuration files 155 Rotating log files 156 Other schedulers: anacron and fcron 156 Exercises 157 CHAPTER BACKUPS 158 Motherhood and apple pie 159 Perform all dumps from one machine 159 Label your media 159 Pick a reasonable backup interval 159 Choose filesystems carefully 160 Make daily dumps fit on one piece of media 160 Make filesystems smaller than your dump device 161 Keep media off-site 161 Protect your backups 161 Limit activity during dumps 162 Verify your media 162 Develop a media life cycle 163 Design your data for backups 163 Prepare for the worst 163 Backup devices and media 163 Optical media: CD-R/RW, DVD±R/RW, and DVD-RAM 164 Removable hard disks (USB and FireWire) 165 Small tape drives: 8mm and DDS/DAT 166 DLT/S-DLT 166 AIT and SAIT 166 VXA/VXA-X 167 LTO 167 Jukeboxes, stackers, and tape libraries 167 Hard disks 168 Summary of media types 168 What to buy 168 Setting up an incremental backup regime with dump 169 Dumping filesystems 169 Dump sequences 171 Contents ix Restoring from dumps with restore 173 Restoring individual files 173 Restoring entire filesystems 175 Dumping and restoring for upgrades 176 Using other archiving programs 177 tar: package files 177 cpio: archiving utility from ancient times 178 dd: twiddle bits 178 Using multiple files on a single tape 178 Bacula 179 The Bacula model 180 Setting up Bacula 181 Installing the database and Bacula daemons 181 Configuring the Bacula daemons 182 bacula-dir.conf: director configuration 183 bacula-sd.conf: storage daemon configuration 187 bconsole.conf: console configuration 188 Installing and configuring the client file daemon 188 Starting the Bacula daemons 189 Adding media to pools 190 Running a manual backup 190 Running a restore job 192 Monitoring and debugging Bacula configurations 195 Alternatives to Bacula 197 Commercial backup products 197 ADSM/TSM 197 Veritas 198 Other alternatives 198 Recommended reading 198 Exercises 198 CHAPTER 10 SYSLOG AND LOG FILES 201 Logging policies 201 Throwing away log files 201 Rotating log files 202 Archiving log files 204 Linux log files 204 Special log files 206 Kernel and boot-time logging 206 logrotate: manage log files 208 .. .Linux Administration Handbook ® SECOND EDITION Evi Nemeth Garth Snyder Trent R Hein with Lynda McGinley, Ben Whaley, Adam Boggs, Jeffrey S Haemer, Tobi Oetiker, Fritz Zaucker, Scott... printed with initial capital letters or in all capitals Red Hat Enterprise Linux and the Red Hat SHADOWMAN logo are registered trademarks of Red Hat Inc., and such trademarks are used with permission... 367 xiv Linux Administration Handbook Network design issues 368 Network architecture vs building architecture

Ngày đăng: 05/11/2019, 16:07

Mục lục

  • CONTENTS

  • FOREWORD TO THE FIRST EDITION

  • PREFACE

  • ACKNOWLEDGMENTS

  • SECTION ONE: BASIC ADMINISTRATION

    • CHAPTER 1 WHERE TO START

      • Suggested background

      • Linux’s relationship to UNIX

      • Linux in historical context

      • Linux distributions

      • Notation and typographical conventions

      • Where to go for information

      • How to find and install software

      • Essential tasks of the system administrator

      • System administration under duress

      • Recommended reading

      • Exercises

    • CHAPTER 2 BOOTING AND SHUTTING DOWN

      • Bootstrapping

      • Booting PCs

      • Using boot loaders: LILO and GRUB

      • Booting single-user mode

      • Working with startup scripts

      • Rebooting and shutting down

      • Exercises

    • CHAPTER 3 ROOTLY POWERS

      • Ownership of files and processes

      • The superuser

      • Choosing a root password

      • Becoming root

      • Other pseudo-users

      • Exercises

    • CHAPTER 4 CONTROLLING PROCESSES

      • Components of a process

      • The life cycle of a process

      • Signals

      • kill and killall: send signals

      • Process states

      • nice and renice: influence scheduling priority

      • ps: monitor processes

      • top: monitor processes even better

      • The /proc filesystem

      • strace: trace signals and system calls

      • Runaway processes

      • Recommended reading

      • Exercises

    • CHAPTER 5 THE FILESYSTEM

      • Pathnames

      • Filesystem mounting and unmounting

      • The organization of the file tree

      • File types

      • File attributes

      • Access control lists

      • Exercises

    • CHAPTER 6 ADDING NEW USERS

      • The /etc/passwd file

      • The /etc/shadow file

      • The /etc/group file

      • Adding users

      • Removing users

      • Disabling logins

      • Managing accounts

      • Exercises

    • CHAPTER 7 ADDING A DISK

      • Disk interfaces

      • Disk geometry

      • Linux filesystems

      • An overview of the disk installation procedure

      • hdparm: set IDE interface parameters

      • fsck: check and repair filesystems

      • Adding a disk: a step-by-step guide

      • Advanced disk management: RAID and LVM

      • Mounting USB drives

      • Exercises

    • CHAPTER 8 PERIODIC PROCESSES

      • cron: schedule commands

      • The format of crontab files

      • Crontab management

      • Some common uses for cron

      • Other schedulers: anacron and fcron

      • Exercises

    • CHAPTER 9 BACKUPS

      • Motherhood and apple pie

      • Backup devices and media

      • Setting up an incremental backup regime with dump

      • Restoring from dumps with restore

      • Dumping and restoring for upgrades

      • Using other archiving programs

      • Using multiple files on a single tape

      • Bacula

      • Commercial backup products

      • Recommended reading

      • Exercises

    • CHAPTER 10 SYSLOG AND LOG FILES

      • Logging policies

      • Linux log files

      • logrotate: manage log files

      • Syslog: the system event logger

      • Condensing log files to useful information

      • Exercises

    • CHAPTER 11 SOFTWARE AND CONFIGURATION MANAGEMENT

      • Basic Linux installation

      • Diskless clients

      • Package management

      • High-level package management systems

      • Revision control

      • Localization and configuration

      • Configuration management tools

      • Sharing software over NFS

      • Recommended software

      • Recommended reading

      • Exercises

  • SECTION TWO: NETWORKING

    • CHAPTER 12 TCP/IP NETWORKING

      • TCP/IP and the Internet

      • Networking road map

      • Packets and encapsulation

      • IP addresses: the gory details

      • Routing

      • ARP: the address resolution protocol

      • Addition of a machine to a network

      • Distribution-specific network configuration

      • DHCP: the Dynamic Host Configuration Protocol

      • Dynamic reconfiguration and tuning

      • Security issues

      • Linux NAT

      • PPP: the Point-to-Point Protocol

      • Linux networking quirks

      • Recommended reading

      • Exercises

    • CHAPTER 13 ROUTING

      • Packet forwarding: a closer look

      • Routing daemons and routing protocols

      • Protocols on parade

      • routed: RIP yourself a new hole

      • gated: gone to the dark side

      • Routing strategy selection criteria

      • Cisco routers

      • Recommended reading

      • Exercises

    • CHAPTER 14 NETWORK HARDWARE

      • LAN, WAN, or MAN?

      • Ethernet: the common LAN

      • Wireless: nomad’s LAN

      • FDDI: the disappointing, expensive, and outdated LAN

      • ATM: the promised (but sorely defeated) LAN

      • Frame relay: the sacrificial WAN

      • ISDN: the indigenous WAN

      • DSL and cable modems: the people’s WAN

      • Where is the network going?

      • Network testing and debugging

      • Building wiring

      • Network design issues

      • Management issues

      • Recommended vendors

      • Recommended reading

      • Exercises

    • CHAPTER 15 DNS: THE DOMAIN NAME SYSTEM

      • DNS for the impatient: adding a new machine

      • The history of DNS

      • Who needs DNS?

      • The DNS namespace

      • How DNS works

      • What’s new in DNS

      • The DNS database

      • The BIND software

      • Designing your DNS environment

      • BIND client issues

      • BIND server configuration

      • BIND configuration examples

      • Starting named

      • Updating zone files

      • Security issues

      • Testing and debugging

      • Distribution specifics

      • Recommended reading

      • Exercises

    • CHAPTER 16 THE NETWORK FILE SYSTEM

      • General information about NFS

      • Server-side NFS

      • Client-side NFS

      • nfsstat: dump NFS statistics

      • Dedicated NFS file servers

      • Automatic mounting

      • Recommended reading

      • Exercises

    • CHAPTER 17 SHARING SYSTEM FILES

      • What to share

      • nscd: cache the results of lookups

      • Copying files around

      • NIS: the Network Information Service

      • LDAP: the Lightweight Directory Access Protocol

      • Recommended reading

      • Exercises

    • CHAPTER 18 ELECTRONIC MAIL

      • Mail systems

      • The anatomy of a mail message

      • Mail philosophy

      • Mail aliases

      • Mailing lists and list wrangling software

      • sendmail: ringmaster of the electronic mail circus

      • sendmail configuration

      • Basic sendmail configuration primitives

      • Fancier sendmail configuration primitives

      • Spam-related features in sendmail

      • Configuration file case study

      • Security and sendmail

      • sendmail performance

      • sendmail statistics, testing, and debugging

      • The Exim Mail System

      • Postfix

      • Recommended reading

      • Exercises

    • CHAPTER 19 NETWORK MANAGEMENT AND DEBUGGING

      • Network troubleshooting

      • ping: check to see if a host is alive

      • traceroute: trace IP packets

      • netstat: get network statistics

      • sar: inspect live interface activity

      • Packet sniffers

      • Network management protocols

      • SNMP: the Simple Network Management Protocol

      • The NET-SMNP agent

      • Network management applications

      • Recommended reading

      • Exercises

    • CHAPTER 20 SECURITY

      • Is Linux secure?

      • How security is compromised

      • Certifications and standards

      • Security tips and philosophy

      • Security problems in /etc/passwd and /etc/shadow

      • POSIX capabilities

      • Setuid programs

      • Important file permissions

      • Miscellaneous security issues

      • Security power tools

      • Cryptographic security tools

      • Firewalls

      • Linux firewall features: IP tables

      • Virtual private networks (VPNs)

      • Hardened Linux distributions

      • What to do when your site has been attacked

      • Sources of security information

      • Recommended reading

      • Exercises

    • CHAPTER 21 WEB HOSTING AND INTERNET SERVERS

      • Web hosting basics

      • HTTP server installation

      • Virtual interfaces

      • The Secure Sockets Layer (SSL)

      • Caching and proxy servers

      • Anonymous FTP server setup

      • Exercises

  • SECTION THREE: BUNCH O' STUFF

    • CHAPTER 22 THE X WINDOW SYSTEM

      • The X display manager

      • Running an X application

      • X server configuration

      • Troubleshooting and debugging

      • A brief note on desktop environments

      • Recommended Reading

      • Exercises

    • CHAPTER 23 PRINTING

      • Printers are complicated

      • Printer languages

      • CUPS architecture

      • CUPS server administration

      • Troubleshooting tips

      • Printer practicalities

      • Other printer advice

      • Printing under KDE

      • Recommended reading

      • Exercises

    • CHAPTER 24 MAINTENANCE AND ENVIRONMENT

      • Hardware maintenance basics

      • Maintenance contracts

      • Electronics-handling lore

      • Monitors

      • Memory modules

      • Preventive maintenance

      • Environment

      • Power

      • Racks

      • Data center standards

      • Tools

      • Recommended reading

      • Exercises

    • CHAPTER 25 PERFORMANCE ANALYSIS

      • What you can do to improve performance

      • Factors that affect performance

      • System performance checkup

      • Help! My system just got really slow!

      • Recommended reading

      • Exercises

    • CHAPTER 26 COOPERATING WITH WINDOWS

      • Logging in to a Linux system from Windows

      • Accessing remote desktops

      • Running Windows and Windows-like applications

      • Using command-line tools with Windows

      • Windows compliance with email and web standards

      • Sharing files with Samba and CIFS

      • Sharing printers with Samba

      • Debugging Samba

      • Recommended reading

      • Exercises

    • CHAPTER 27 SERIAL DEVICES

      • The RS-232C standard

      • Alternative connectors

      • Hard and soft carrier

      • Hardware flow control

      • Cable length

      • Serial device files

      • setserial: set serial port parameters

      • Software configuration for serial devices

      • Configuration of hardwired terminals

      • Special characters and the terminal driver

      • stty: set terminal options

      • tset: set options automatically

      • Terminal unwedging

      • Modems

      • Debugging a serial line

      • Other common I/O ports

      • Exercises

    • CHAPTER 28 DRIVERS AND THE KERNEL

      • Kernel adaptation

      • Drivers and device files

      • Why and how to configure the kernel

      • Tuning Linux kernel parameters

      • Building a Linux kernel

      • Adding a Linux device driver

      • Loadable kernel modules

      • Hot-plugging

      • Setting bootstrap options

      • Recommended reading

      • Exercises

    • CHAPTER 29 DAEMONS

      • init: the primordial process

      • cron and atd: schedule commands

      • xinetd and inetd: manage daemons

      • Kernel daemons

      • Printing daemons

      • File service daemons

      • Administrative database daemons

      • Electronic mail daemons

      • Remote login and command execution daemons

      • Booting and configuration daemons

      • Other network daemons

      • ntpd: time synchronization daemon

      • Exercises

    • CHAPTER 30 MANAGEMENT, POLICY, AND POLITICS

      • Make everyone happy

      • Components of a functional IT organization

      • The role of management

      • The role of administration

      • The role of development

      • The role of operations

      • The work of support

      • Documentation

      • Request-tracking and trouble-reporting systems

      • Disaster recovery

      • Written policy

      • Legal Issues

      • Software patents

      • Standards

      • Linux culture

      • Mainstream Linux

      • Organizations, conferences, and other resources

      • Recommended Reading

      • Exercises

  • INDEX

    • A

    • B

    • C

    • D

    • E

    • F

    • G

    • H

    • I

    • J

    • K

    • L

    • M

    • N

    • O

    • P

    • Q

    • R

    • S

    • T

    • U

    • V

    • W

    • X

    • Y

    • Z

  • ABOUT THE CONTRIBUTORS

  • ABOUT THE AUTHORS

Tài liệu cùng người dùng

  • Đang cập nhật ...

Tài liệu liên quan