Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Essential System Administration, 3rd Edition
SPECIAL OFFER: Upgrade this ebook with O’Reilly
Preface
The Unix Universe
Unix Versions Discussed in This Book
Audience
Organization
Chapter Descriptions
Conventions Used in This Book
Comments and Questions
Acknowledgments
1. Introduction to System Administration
1.1. Thinking About System Administration
1.2. Becoming Superuser
1.2.1. Controlling Access to the Superuser Account
1.2.2. Running a Single Command as root
1.2.3. sudo: Selective Access to Superuser Commands
1.3. Communicating with Users
1.3.1. Sending a Message
1.3.2. Sending a Message to All Users
1.3.3. The Message of the Day
1.3.4. Specifying the Pre-Login Message
1.4. About Menus and GUIs
1.4.1. Ups and Downs
1.4.2. AIX: SMIT and WSM
1.4.3. HP-UX: SAM
1.4.4. Solaris: admintool and Sun Management Console
1.4.5. Linux: Linuxconf
1.4.6. Red Hat Linux: redhat-config-*
1.4.7. SuSE Linux: YaST2
1.4.8. FreeBSD: sysinstall
1.4.9. Tru64: SysMan
1.4.10. Other Freely Available Administration Tools
1.4.10.1. The Ximian Setup Tools
1.4.11. VNC
1.5. Where Does the Time Go?
2. The Unix Way
2.1. Files
2.1.1. File Ownership
2.1.1.1. Displaying file ownership
2.1.1.2. Who owns new files?
2.1.1.3. Changing file ownership
2.1.2. File Protection
2.1.2.1. Types of file and directory access
2.1.2.2. Access classes
2.1.2.3. Setting file protection
2.1.2.4. Beyond the basics
2.1.2.5. Specifying numeric file modes
2.1.2.6. Specifying the default file mode
2.1.2.7. Special-purpose access modes
2.1.2.8. Save-text access on directories
2.1.2.9. Setgid access on directories
2.1.2.10. Numerical equivalents for special access modes
2.1.3. How to Recognize a File Access Problem
2.1.4. Mapping Files to Disks
2.1.4.1. Regular files
2.1.4.2. Directories
2.1.4.3. Special files: character and block device files
2.1.4.4. Links
2.1.4.4.1. Tru64 Context-Dependent Symbolic Links
2.1.4.5. Sockets
2.1.4.6. Named pipes
2.1.4.7. Using ls to identify file types
2.2. Processes
2.2.1. Interactive Processes
2.2.2. Batch Processes
2.2.3. Daemons
2.2.4. Process Attributes
2.2.4.1. The life cycle of a process
2.2.4.2. Setuid and setgid file access and process execution
2.2.4.3. The relationship between commands and files
2.3. Devices
2.3.1. An In-Depth Device Example: Disks
2.3.1.1. Fixed-disk special files
2.3.2. Special Files for Other Devices
2.3.2.1. Commands for listing the devices on a system
2.3.2.2. The AIX Object Data Manager
2.3.3. The Unix Filesystem Layout
2.3.4. The Root Directory
2.3.5. The /usr Directory
2.3.6. The /var Directory
3. Essential AdministrativeTools and Techniques
3.1. Getting the Most from Common Commands
3.1.1. Getting Help
3.1.1.1. Changing the search order
3.1.1.2. Setting up man -k
3.1.2. Piping into grep and awk
3.1.3. Finding Files
3.1.4. Repeating Commands
3.1.5. Creating Several Directory Levels at Once
3.1.6. Duplicating an Entire Directory Tree
3.1.7. Comparing Directories
3.1.8. Deleting Pesky Files
3.1.9. Putting a Command in a Cage
3.1.10. Starting at the End
3.1.11. Be Creative
3.2. Essential Administrative Techniques
3.2.1. Periodic Program Execution: The cron Facility
3.2.1.1. crontab files
3.2.1.1.1. FreeBSD and Linux crontab entry format enhancements
3.2.1.2. Adding crontab entries
3.2.1.3. cron log files
3.2.1.4. Using cron to automate system administration
3.2.1.4.1. FreeBSD: The periodic command
3.2.1.4.2. Linux: The /etc/cron.* directories
3.2.1.5. cron security issues
3.2.2. System Messages
3.2.2.1. The syslog facility
3.2.2.2. Configuring syslog
3.2.2.3. Enhancements to syslog.conf
3.2.2.3.1. AIX
3.2.2.3.2. FreeBSD and Linux
3.2.2.3.3. Solaris
3.2.2.3.4. The Tru64 syslog log file hierarchy
3.2.2.4. The logger utility
3.2.3. Hardware Error Messages
3.2.3.1. The AIX error log
3.2.3.1.1. Viewing errors under HP-UX
3.2.3.1.2. The Tru64 binary error logger
3.2.4. Administering Log Files
3.2.4.1. Managing log file disk requirements
3.2.4.2. Monitoring log file contents
3.2.5. Managing Software Packages
3.2.5.1. HP-UX: Bundles, products, and subproducts
3.2.5.2. AIX: Apply versus commit
3.2.5.3. FreeBSD ports
3.2.6. Building Software Packages from Source Code
3.2.6.1. mtools: Using configure and accepting imperfections
3.2.6.2. bzip2: Converting Linux-based make procedures
3.2.6.3. jove: Configuration via make file settings
3.2.6.4. Internet software archives
4. Startup and Shutdown
4.1. About the Unix Boot Process
4.1.1. From Power On to Loading the Kernel
4.1.2. Booting to Multiuser Mode
4.1.3. Booting to Single-User Mode
4.1.3.1. Password protection for single-user mode
4.1.3.2. Firmware passwords
4.1.4. Starting a Manual Boot
4.1.4.1. AIX
4.1.4.2. FreeBSD
4.1.4.3. HP-UX
4.1.4.4. Linux
4.1.4.5. Tru64
4.1.4.6. Solaris
4.1.4.7. Booting from alternate media
4.1.5. Boot Activities in Detail
4.1.5.1. Boot messages
4.1.5.2. Saved boot log files
4.1.5.3. General considerations
4.1.5.4. Preliminaries
4.1.5.5. Preparing filesystems
4.1.5.6. Checking and mounting the root filesystem
4.1.5.7. Preparing other local filesystems
4.1.5.8. Saving a crash dump
4.1.5.9. Starting paging
4.1.5.10. Security-related activities
4.1.5.11. Checking disk quotas
4.1.5.12. Starting servers and initializing local subsystems
4.1.5.12.1. The AIX System Resource Controller
4.1.5.13. Connecting to the network
4.1.5.14. Housekeeping activities
4.1.5.15. Allowing users onto the system
4.2. Initialization Files and Boot Scripts
4.2.1. Initialization Files Under FreeBSD
4.2.2. Initialization Files on System V Systems
4.2.2.1. System V run levels
4.2.2.2. Using the telinit command to change run levels
4.2.2.3. Initialization files overview
4.2.2.4. The init configuration file
4.2.2.5. The rcn initialization scripts
4.2.2.6. Boot script configuration files
4.2.2.7. File location summary
4.2.2.8. Solaris initialization scripts
4.2.2.9. Tru64 initialization scripts
4.2.2.10. Linux initialization scripts
4.2.2.11. AIX: Making System V work like BSD
4.2.3. Customizing the Boot Process
4.2.3.1. Adding to the boot scripts
4.2.3.2. Eliminating certain boot-time activities
4.2.3.3. Modifying standard scripts
4.2.3.4. Guidelines for writing initialization scripts
4.3. Shutting Down a Unix System
4.3.1. The System V shutdown Command
4.3.1.1. HP-UX shutdown security
4.3.2. The BSD-Style shutdown Command
4.3.3. The Linux shutdown Command
4.3.4. Ensuring Disk Accuracy with the sync Command
4.3.5. Aborting a Shutdown
4.4. Troubleshooting: Handling Crashes and Boot Failures
4.4.1. Power-Failure Scripts
4.4.2. When the System Won't Boot
4.4.2.1. Bad or flaky hardware
4.4.2.2. Unreadable filesystems on working disks
4.4.2.3. Damage to non-filesystem areas of a disk
4.4.2.4. Incompatible hardware
4.4.2.5. System configuration errors
5. TCP/IP Networking
5.1. Understanding TCP/IP Networking
5.1.1. Media and Topologies
5.1.1.1. Identifying network adapters
5.1.2. Protocols and Layers
5.1.3. Ports, Services, and Daemons
5.1.4. Administrative Commands
5.1.5. A Sample TCP/IP Conversation
5.1.6. Names and Addresses
5.1.7. Subnets and Supernets
5.1.7.1. Introducing IPv6 host addresses
5.1.8. Connecting Network Segments
5.2. Adding a New Network Host
5.2.1. Configuring the Network Interface with ifconfig
5.2.1.1. Ethernet interface names
5.2.1.2. Other uses of ifconfig
5.2.1.3. ifconfig on Solaris systems
5.2.1.4. Interface configuration at boot time
5.2.2. Dynamic IP Address Assignment with DHCP
5.2.2.1. AIX
5.2.2.2. FreeBSD
5.2.2.3. HP-UX
5.2.2.4. Linux
5.2.2.5. Solaris
5.2.2.6. Tru64
5.2.3. Name Resolution Options
5.2.3.1. The /etc/hosts file
5.2.3.2. Configuring a DNS client
5.2.3.3. The name service switch file
5.2.4. Routing Options
5.2.4.1. AIX
5.2.4.2. FreeBSD
5.2.4.3. HP-UX
5.2.4.4. Linux
5.2.4.5. Solaris
5.2.4.6. Tru64
5.3. Network Testing and Troubleshooting
6. Managing Users and Groups
6.1. Unix Users and Groups
6.1.1. The Password File, /etc/passwd
6.1.2. The Shadow Password File, /etc/shadow
6.1.2.1. The FreeBSD /etc/ master.passwd file
6.1.2.2. The protected password database under HP-UX and Tru64
6.1.3. The Group File, /etc/group
6.1.3.1. User-private groups
6.1.4. Dynamic Group Memberships
6.1.4.1. The Linux group shadow file, /etc/gshadow
6.1.4.2. The HP-UX /etc/logingroup file
6.1.4.3. AIX group sets
6.1.5. User Account Database File Protections
6.1.6. Standard Unix Users and Groups
6.1.7. Using Groups Effectively
6.2. Managing User Accounts
6.2.1. Adding a New User Account
6.2.2. Defining a New User Account
6.2.3. Assigning a Shell
6.2.3.1. Captive accounts
6.2.4. Assigning a Password
6.2.5. Creating a Home Directory
6.2.6. User Environment Initialization Files
6.2.6.1. Sample login initialization files
6.2.6.2. Sample shell initialization files
6.2.6.3. The AIX /etc/security/environ file
6.2.6.4. Desktop environment initialization files
6.2.6.5. Systemwide initialization files
6.2.7. Setting File Ownership
6.2.8. Adding the User to Other System Facilities
6.2.9. Specifying Other User Account Controls
6.2.9.1. AIX user account controls
6.2.9.2. FreeBSD user account controls
6.2.9.3. Linux user account controls
6.2.9.4. Solaris login process settings
6.2.9.5. Specifying login time restrictions under HP-UX and Tru64
6.2.10. Testing the New Account
6.2.10.1. Using su to re-create a user's environment
6.2.11. Disabling and Removing User Accounts
6.2.11.1. Removing a user account
6.3. Administrative Tools for Managing User Accounts
6.3.1. Command-Line Utilities
6.3.1.1. The useradd command: HP-UX, Linux, Solaris, and Tru64
6.3.1.1.1. Setting useradd's defaults
6.3.1.1.2. Modifying accounts with usermod
6.3.1.1.3. Removing accounts with userdel
6.3.1.2. Commands for managing groups
6.3.1.3. The Linux gpasswd command
6.3.1.4. The FreeBSD user account utilities
6.3.1.5. The AIX user account utilities
6.3.1.5.1. Removing user accounts
6.3.1.5.2. Utilities for managing groups
6.3.2. Graphical User Account Managers
6.3.2.1. Managing users with SMIT under AIX
6.3.2.2. Managing users with SAM under HP-UX
6.3.2.2.1. HP-UX account and file exclusion
6.3.2.3. Linux graphical user managers
6.3.2.3.1. Managing users with Linuxconf
6.3.2.3.2. The KDE User Manager
6.3.2.3.3. The Red Hat User Manager
6.3.2.4. Solaris GUI tools for managing user accounts
6.3.2.5. Managing user accounts with dxaccounts under Tru64
6.3.3. Automation You Have to Do Yourself
6.4. Administering User Passwords
6.4.1. Selecting Effective Passwords
6.4.1.1. Forcing a password change
6.4.1.2. Managing dozens of passwords
6.4.2. Educating Users About Selecting Effective Passwords
6.4.2.1. Password advice in the age of the Internet
6.4.3. Setting Password Restrictions
6.4.3.1. Password aging
6.4.3.2. Password triviality checks
6.4.3.2.1. Tru64
6.4.3.2.2. AIX
6.4.3.2.3. Linux
6.4.3.2.4. FreeBSD
6.4.3.3. The freely available npasswd command
6.4.3.4. Password history lists
6.4.3.5. Password settings default values
6.4.4. Testing User Passwords for Weaknesses
6.4.4.1. John the Ripper
6.4.4.2. Using Crack to find poorly chosen passwords
6.4.4.3. How well do they do?
6.5. User Authentication with PAM
6.5.1. PAM Defaults
6.5.2. PAM Modules Under Linux
6.5.2.1. Checking passwords at selection time
6.5.2.2. Specifying allowed times and locations for system access
6.5.2.3. MD5 passwords
6.5.3. PAM Modules Provided by Other Unix Systems
6.5.4. More Complex PAM Configuration
6.6. LDAP: Using a Directory Service for User Authentication
6.6.1. About LDAP
6.6.2. LDAP Directories
6.6.2.1. About schemas
6.6.3. Installing and Configuring OpenLDAP: An Overview
6.6.3.1. More about LDAP searching
6.6.4. Using OpenLDAP for User Authentication
6.6.4.1. Select an appropriate schema
6.6.4.2. Convert existing user account data
6.6.4.3. Specify the name service search order
6.6.4.3.1. Configure PAM to use OpenLDAP
6.6.4.4. Configure directory access control
6.6.4.5. OpenLDAP access control
6.6.5. Securing OpenLDAP Authentication
6.6.6. Wither NIS?
7. Security
7.1. Prelude: What's Wrong with This Picture?
7.2. Thinking About Security
7.2.1. Security Policies and Plans
7.2.1.1. Security policies
7.2.1.2. Security plans
7.2.2. Unix Lines of Defense
7.2.2.1. Physical security
7.2.2.2. Firewalls and network filters
7.2.2.3. Passwords
7.2.2.4. Encrypting data
7.2.2.5. Backups
7.2.3. Version-Specific Security Facilities
7.3. User Authentication Revisited
7.3.1. Smart Cards
7.3.2. One-Time Passwords
7.3.3. Solaris and HP-UX Dialup Passwords
7.3.4. AIX Secondary Authentication Programs
7.3.5. Better Network Authentication: Kerberos
7.4. Protecting Files and the Filesystem
7.4.1. Search Path Issues
7.4.2. Small Mistakes Compound into Large Holes
7.4.3. The setuid and setgid Access Modes
7.4.3.1. Writing setuid/setgid programs
7.4.4. Access Control Lists
7.4.4.1. Introducing access control lists
7.4.4.2. Manipulating AIX ACLs
7.4.4.3. HP-UX ACLs
7.4.4.4. POSIX access control lists: Linux, Solaris, and Tru64
7.4.5. Encryption
7.4.5.1. The crypt command
7.4.5.2. Public key encryption: PGP and GnuPG
7.4.5.3. Selecting passphrases
7.5. Role-Based Access Control
7.5.1. AIX Roles
7.5.2. Solaris Role-Based Access Control
7.6. Network Security
7.6.1. Establishing Trust
7.6.1.1. The implications of trust
7.6.2. The Secure Shell
7.6.3. Securing Network Daemons
7.6.3.1. TCP Wrappers: Better inetd access control and logging
7.6.3.2. xinetd
7.6.3.3. Disable what you don't need
7.6.4. Port Scanning
7.6.5. Defending the Border: Firewalls and Packet Filtering
7.7. Hardening Unix Systems
7.7.1. Plan Before Acting
7.7.2. Secure the Physical System
7.7.3. Install the Operating System
7.7.4. Secure Local Filesystems
7.7.5. Securing Services
7.7.6. Restrict root Access
7.7.7. Configure User Authentication and Account Defaults
7.7.8. Set up Remote Authentication
7.7.9. Install and Configure Ongoing Monitoring
7.7.10. Backup
7.7.11. Other Activities
7.8. Detecting Problems
7.8.1. Password File Issues
7.8.2. Monitoring the Filesystem
7.8.2.1. Checking file ownership and protection
7.8.2.2. Looking for setuid and setgid files
7.8.2.3. Checking modification dates and inode numbers
7.8.2.4. Computing checksums
7.8.2.5. Run fsck occasionally
7.8.3. Automating Security Monitoring
7.8.3.1. Trusted computing base checking
7.8.3.2. System integrity checking with Tripwire
7.8.3.3. Vulnerability scanning
7.8.3.3.1. General system security monitoring via COPS
7.8.3.4. Scanning for network vulnerabilities
7.8.4. What to Do if You Find a Problem
7.8.5. Investigating System Activity
7.8.5.1. Monitoring unsuccessful login attempts
7.8.5.2. su log files
7.8.5.3. History on the root account
7.8.5.4. Tracking user activities
7.8.5.5. Event-auditing systems
7.8.6. Intruders Can Read
8. Managing Network Services
8.1. Managing DNS Servers
8.1.1. Zones
8.1.2. Name Server Types
8.1.3. About BIND
8.1.4. Configuring named
8.1.4.1. The master configuration file: named.conf
8.1.4.2. The root hints file
8.1.4.3. Zone files
8.1.4.3.1. Reverse zone files and PTR records
8.1.4.3.2. IPv6 zone file resource records
8.1.4.4. Common mistakes to avoid
8.1.4.5. Using subdomains
8.1.4.5.1. Reverse zone files with arbitrary subnetting
8.1.4.6. Forwarders
8.1.4.7. Slave name server notifications
8.1.4.8. Dynamic updates
8.1.4.9. Incremental zone transfers
8.1.4.10. Access control
8.1.4.11. Securing DNS communications
8.1.4.11.1. BIND 9 security futures
8.1.4.12. BIND 9 views
8.1.4.13. Securing the named process
8.1.4.14. Configuring logging
8.1.5. Name Server Maintenance and Troubleshooting
8.1.5.1. Controlling the named server process
8.1.5.2. Using the nslookup and dig utilities
8.2. Routing Daemons
8.2.1. Routing Concepts and Protocols
8.2.1.1. Configuring routed
8.2.1.2. Configuring gated
8.2.1.2.1. Vendor specifics
8.3. Configuring a DHCP Server
8.3.1. AIX
8.3.2. ISC DHCP: FreeBSD and Linux
8.3.3. HP-UX
8.3.4. Solaris
8.3.5. Tru64
8.4. Time Synchronization with NTP
8.4.1. How NTP Works
8.4.2. Setting Up NTP
8.4.2.1. Enabling ntpd under FreeBSD
8.4.3. A Simple Authentic Time Option
8.5. Managing Network Daemons under AIX
8.6. Monitoring the Network
8.6.1. Standard Networking Utilities
8.6.2. Packet Sniffers
8.6.2.1. The Solaris snoop command
8.6.2.2. Packet collecting under AIX and HP-UX
8.6.3. The Simple Network Management Protocol
8.6.3.1. SNMP concepts and constructs
8.6.3.2. SNMP implementations
8.6.3.3. Net-SNMP client utilities
8.6.3.3.1. Generating traps
8.6.3.3.2. AIX and Tru64 clients
8.6.3.4. Configuring SNMP agents
8.6.3.4.1. Net-SNMP snmpd daemon (FreeBSD and Linux)
8.6.3.4.2. Net-SNMP access control
8.6.3.4.3. The Net-SNMP trap daemon
8.6.3.4.4. Configuring SNMP nder HP-UX
8.6.3.4.5. Configuring SNMP under Solaris
8.6.3.4.6. The AIX snmpd daemon
8.6.3.4.7. The Tru64 snmpd daemon
8.6.3.5. SNMP and security
8.6.4. Network Management Packages
8.6.4.1. Proactive network monitoring
8.6.4.1.1. NetSaint
8.6.4.2. Identifying trends over time
8.6.4.2.1. MRTG and RRDtool
8.6.4.2.2. Using Cricket to feed RRDtool
9. Electronic Mail
9.1. About Electronic Mail
9.1.1. Mail Addressing and Delivery
9.1.1.1. DNS MX records
9.1.1.2. Mail aliases
9.1.1.3. Mail forwarding
9.1.1.4. Putting it all together
9.1.2. Electronic Mail Policies
9.2. Configuring User Mail Programs
9.2.1. Automated Email Message Encryption
9.3. Configuring Access Agents
9.3.1. Setting Up User Agents to Use POP and IMAP
9.4. Configuring the Transport Agent
9.4.1. sendmail
9.4.1.1. Configuring sendmail
9.4.1.2. Getting started: A sample mail client configuration
9.4.1.3. Building sendmail.cf
9.4.1.4. Configuring the mail hub
9.4.1.5. Selecting mailers
9.4.1.5.1. More about pipes to files and programs
9.4.1.6. Some client and mail hub variations
9.4.1.6.1. An isolated internal network
9.4.1.6.2. A null client
9.4.1.6.3. Mailer-specific and other local relays
9.4.1.7. More addressing options
9.4.1.7.1. Sender aliasing
9.4.1.7.2. Using LDAP for incoming mail addresses
9.4.1.7.3. The redirect feature
9.4.1.8. Virtual hosting
9.4.1.9. The services switch file
9.4.1.10. Spam suppression
9.4.1.10.1. Message relaying
9.4.1.11. Public blacklists and the access database
9.4.1.12. sendmail security
9.4.1.12.1. The sendmail default user
9.4.1.12.2. Privacy options
9.4.1.12.3. SASL authentication
9.4.1.12.4. Reducing the sendmail daemon's privileges
9.4.1.13. Monitoring ongoing operation
9.4.1.14. Performance
9.4.1.15. Debugging techniques
9.4.1.16. Macro summary
9.4.2. Postfix
9.4.2.1. Installing Postfix
9.4.2.2. Configuring Postfix
9.4.2.2.1. Notifying the daemon
9.4.2.2.2. Client systems
9.4.2.2.3. The mail hub
9.4.2.2.4. The local delivery agent
9.4.2.2.5. Systems with intermittent Internet connections
9.4.2.2.6. Address transformations
9.4.2.2.7. Virtual domains
9.4.2.2.8. LDAP lookups
9.4.2.3. Access control and spam suppression
9.4.2.4. Postfix security
9.4.2.5. Monitoring and performance
9.4.2.6. Debugging
9.5. Retrieving Mail Messages
9.6. Mail Filtering with procmail
9.6.1. Configuring procmail
9.6.1.1. Other procmail disposition options
9.6.1.2. Using procmail to discard spam
9.6.1.3. Using procmail for security scanning
9.6.1.4. Debugging procmail
9.6.1.5. Additional information
9.7. A Few Final Tools
10. Filesystems and Disks
10.1. Filesystem Types
10.1.1. About Unix Filesystems: Moments from History
10.1.1.1. Journaled filesystems
10.1.1.2. BSD soft updates
10.1.2. Default Local Filesystems
10.2. Managing Filesystems
10.2.1. Mounting and Dismounting Filesystems
10.2.2. Disk Special File Naming Conventions
10.2.3. The mount and umount Commands
10.2.4. Figuring Out Who's Using a File
10.2.5. The Filesystem Configuration File
10.2.5.1. Solaris: /etc/vfstab
10.2.5.2. AIX: /etc/filesystems and /etc/swapspaces
10.2.6. Automatic Filesystem Mounting
10.2.7. Using fsck to Validate a Filesystem
10.2.7.1. After fsck
10.3. From Disks to Filesystems
10.3.1. Defining Disk Partitions
10.3.2. Adding Disks
10.3.2.1. Preparing and connecting the disk
10.3.2.2. Making special files
10.3.2.3. FreeBSD
10.3.2.4. Linux
10.3.2.4.1. The Reiser filesystem
10.3.2.5. Solaris
10.3.2.6. AIX, HP-UX, and Tru64
10.3.2.7. Remaking an existing filesystem
10.3.3. Logical Volume Managers
10.3.3.1. Disks, volume groups, and logical volumes
10.3.3.2. Disk striping
10.3.3.3. Disk mirroring and RAID
10.3.3.4. AIX
10.3.3.4.1. Replacing a failed disk
10.3.3.4.2. Getting information from the LVM
10.3.3.4.3. Disk striping and disk mirroring
10.3.3.5. HP-UX
10.3.3.5.1. Displaying LVM information
10.3.3.5.2. Disk striping and mirroring
10.3.3.6. Tru64
10.3.3.6.1. AdvFS
10.3.3.6.2. LSM
10.3.3.7. Solaris
10.3.3.8. Linux
10.3.3.9. FreeBSD
10.3.4. Floppy Disks
10.3.4.1. Floppy disk special files
10.3.4.2. Using DOS disks on Unix systems
10.3.4.3. The Mtools utilities
10.3.4.4. Stupid DOS partition tricks
10.3.5. CD-ROM Devices
10.3.5.1. CD-ROM drives under AIX
10.3.5.2. The Solaris media-handling daemon
10.4. Sharing Filesystems
10.4.1. NFS
10.4.1.1. Mounting remote directories
10.4.1.2. Exporting local filesystems
10.4.1.2.1. Exporting directories under Linux
10.4.1.2.2. Exporting filesystems under Solaris
10.4.2. The NFS Automounter
10.4.3. Samba
10.4.3.1. Samba authentication
10.4.3.1.1. Mounting Windows filesystems under Linux and FreeBSD
11. Backup and Restore
11.1. Planning for Disasters and Everyday Needs
11.1.1. Backup Capacity Planning
11.1.2. Backup Strategies
11.1.2.1. Unattended backups
11.1.2.2. Data verification
11.1.2.3. Storing backup media
11.1.2.4. Off-site and long-term storage
11.2. Backup Media
11.2.1. Magnetic tape
11.2.2. Magneto-optical disks
11.2.3. CDs and DVDs
11.2.4. Removable disks: Zip and Jaz
11.2.5. Floppy disks
11.2.6. Hard disks
11.2.7. Stackers, jukeboxes, and similar devices
11.2.8. Media Lifetime
11.2.9. Comparing Backup Media
11.2.10. Tape Special Files
11.2.10.1. AIX tape device attributes
11.3. Backing Up Files and Filesystems
11.3.1. When tar or cpio Is Enough
11.3.1.1. The tar command
11.3.1.1.1. Solaris enhancements to the tar command
11.3.1.1.2. The GNU tar utility: Linux and FreeBSD
11.3.1.2. The cpio command
11.3.1.3. Incremental backups with tar and cpio
11.3.1.4. pax: Detente between tar and cpio
11.3.2. Backing Up Individual Filesystems with dump
11.3.2.1. The HP-UX fbackup utility
11.3.3. Related Tape Utilities
11.3.3.1. Data copying and conversion with dd
11.3.3.2. Tape manipulation with mt
11.4. Restoring Files from Backups
11.4.1. Restores from tar and cpio Archives
11.4.2. Restoring from dump Archives
11.4.2.1. The restore utility's interactive mode
11.4.2.2. The HP-UX frecover utility
11.4.3. Moving Data Between Systems
11.5. Making Table of Contents Files
11.6. Network Backup Systems
11.6.1. Remote Backups and Restores
11.6.2. The Amanda Facility
11.6.2.1. About Amanda
11.6.2.2. How Amanda works
11.6.2.3. Doing the math
11.6.2.4. Configuring Amanda
11.6.2.4.1. Setting up an Amanda client
11.6.2.4.2. Selecting an Amanda server
11.6.2.4.3. Setting up the Amanda server
11.6.2.5. Amanda reports and logs
11.6.2.6. Restoring files from an Amanda backup
11.6.3. Commercial Backup Packages
11.7. Backing Up and Restoring the System Filesystems
11.7.1. AIX: mksysb and savevg
11.7.1.1. Restoring individual files from a mksysb tape
11.7.1.2. Saving and restoring AIX user volume groups
11.7.2. FreeBSD
11.7.3. HP-UX: make_recovery
11.7.4. Linux
11.7.5. Solaris
11.7.6. Tru64: btcreate
12. Serial Lines and Devices
12.1. About Serial Lines
12.1.1. Device Files for Serial Lines
12.1.2. The tty Command
12.2. Specifying Terminal Characteristics
12.2.1. termcap and terminfo
12.2.1.1. termcap entries
12.2.1.2. terminfo entries
12.2.1.3. Modifying entries
12.2.2. The tset Command
12.2.3. The stty Command
12.3. Adding a New Serial Device
12.3.1. Making the Physical Connection
12.3.1.1. Hardware handshaking and flow control
12.3.2. Terminal Line Configuration
12.3.2.1. FreeBSD configuration files
12.3.2.1.1. Secure terminal lines
12.3.2.1.2. The /etc/gettytab file
12.3.2.2. System V configuration files
12.3.2.2.1. The /etc/gettydefs file
12.3.2.2.2. Setting terminal line types under HP-UX
12.3.2.2.3. The Linux mgetty configuration files
12.3.2.2.4. Configuring terminal lines under AIX
12.3.3. Starting the Terminal Line
12.3.4. Terminal Handling Under Solaris
12.3.4.1. Structure of the Service Access Facility
12.3.4.2. Port monitors
12.3.4.3. Creating port monitors with pmadm
12.3.4.4. The ttydefs file
12.3.4.5. Using admintool to configure serial lines
12.4. Troubleshooting Terminal Problems
12.5. Controlling Access to Serial Lines
12.6. HP-UX and Tru64 Terminal Line Attributes
12.7. The HylaFAX Fax Service
12.7.1. Sending Faxes
12.7.2. Managing Faxes
12.7.3. HylaFAX Configuration Files
12.7.4. Controlling Access to HylaFAX
12.8. USB Devices
12.8.1. FreeBSD USB Support
12.8.2. Linux USB Support
12.8.3. Solaris USB Support
13. Printers and the Spooling Subsystem
13.1. The BSD Spooling Facility
13.1.1. User Commands
13.1.2. Manipulating Print Jobs
13.1.3. Managing Queues
13.1.4. The Spooling Daemon
13.1.5. Configuring Queues: The printcap File
13.1.5.1. Spooling directories
13.1.5.2. Restricting printer access
13.1.5.3. A filter program
13.1.6. Remote Printing
13.1.7. Adding a New Printer
13.1.8. LPD Variations
13.1.8.1. FreeBSD
13.1.8.2. Tru64
13.1.8.3. Linux
13.2. System V Printing
13.2.1. User Commands
13.2.1.1. The system default printer
13.2.1.2. Device classes
13.2.1.3. Getting status information
13.2.2. Manipulating Individual Print Requests
13.2.3. Managing Queues
13.2.4. Starting and Stopping the Print Service
13.2.5. Managing Printers and Destination Classes
13.2.5.1. Defining or modifying a printer
13.2.5.2. Deleting printers
13.2.5.3. Managing device classes
13.2.5.4. In-queue priorities
13.2.5.4.1. Priorities under HP-UX
13.2.5.4.2. Priorities under Solaris
13.2.5.5. Printer interface programs
13.2.6. Remote Printing
13.2.6.1. HP-UX remote printing
13.2.6.2. Solaris remote printing
13.2.7. Adding a New Printer
13.2.8. System V Spooling System Variations
13.2.8.1. Solaris: Additional configuration files
13.2.8.2. Solaris: Controlling printer access
13.2.8.3. Solaris: Forms and filters
13.2.8.4. HP-UX: Altering pending print jobs
13.2.8.5. HP-UX: Analyzing printer usage
13.2.8.6. Graphical administration tools
13.3. The AIX Spooling Facility
13.3.1. Manipulating Print Jobs
13.3.1.1. Job numbers
13.3.1.2. The default print queue under AIX
13.3.1.3. Displaying job and queue status information
13.3.1.4. Deleting print jobs
13.3.1.5. Moving jobs between queues
13.3.1.6. Suspending print jobs
13.3.1.7. Print job priorities
13.3.2. Managing Queues and Devices
13.3.3. The qdaemon Server Process
13.3.4. Configuring Queues: The /etc/qconfig File
13.3.4.1. Creating and modifying print queues
13.3.5. Remote Printing
13.3.6. Adding a New Printer
13.3.7. Using the Queueing System as a Batch Service
13.4. Troubleshooting Printers
13.5. Sharing Printers with Windows Systems
13.5.1. Printing to a Windows Printer from a Unix System
13.5.2. Accepting Incoming Windows Print Jobs via Samba
13.5.2.1. Creating queues for the Samba printers under Windows
13.6. LPRng
13.6.1. Enhancements to the lpc Command
13.6.1.1. Print classes and job priorities
13.6.2. Configuring LPRng
13.6.2.1. Separate client and server entries
13.6.2.2. Using a common printcap file for many hosts
13.6.2.3. Special-purpose queues
13.6.2.3.1. Bounce queues
13.6.2.3.2. Printer pools
13.6.2.4. Filters
13.6.2.5. Other printcap entry options
13.6.3. Global Print Spooler Settings
13.6.4. Printer Access Control
13.6.4.1. Other LPRng capabilities
13.7. CUPS
13.7.1. Printer Administration
13.7.1.1. CUPS configuration files
13.7.1.2. Access control and authentication
13.8. Font Management Under X
13.8.1. Font Basics
13.8.2. Managing Fonts under X
13.8.3. Adding Fonts to X
13.8.3.1. Printing support
13.8.4. Handling TrueType Fonts
14. Automating Administrative Tasks
14.1. Creating Effective Shell Scripts
14.1.1. Password File Security
14.1.2. Monitoring Disk Usage
14.1.3. Root Filesystem Backups and System Snapshots
14.1.4. A Few More Tricks
14.1.5. Testing and Debugging Scripts
14.2. Perl: An Alternate Administrative Language
14.2.1. A Quick Introduction
14.2.2. A Walking Tour of Perl
14.2.3. Perl Reports
14.2.4. Graphical Interfaces with Perl
14.3. Expect: Automating Interactive Programs
14.3.1. A First Example: Testing User Environments
14.3.2. A Timed Prompt
14.3.3. Repeating a Command Over and Over
14.3.4. Automating Configuration File Distribution
14.3.5. Keep Trying Until It Works
14.4. When Only C Will Do
14.5. Automating Complex Configuration Tasks with Cfengine
14.5.1. About Cfengine
14.5.2. Actions
14.5.3. Classes
14.5.4. Configuring cfservd
14.5.5. Running Cfengine
14.6. Stem: Simplified Creation of Client-Server Applications
14.7. Adding Local man Pages
15. Managing System Resources
15.1. Thinking About System Performance
15.1.1. The Tuning Process
15.1.1.1. Define the problem in as much detail as you can.
15.1.1.2. Determine what's causing the problem.
15.1.1.3. Formulate explicit performance improvement goals.
15.1.1.4. Design and implement modifications to the system and applications to achieve those goals.
15.1.1.5. Monitor the system to determine how well the changes worked.
15.1.1.6. Return to the first step and begin again.
15.1.2. Some Tuning Caveats
15.2. Monitoring and Controlling Processes
15.2.1. The ps Command
15.2.2. Other Process Listing Utilities
15.2.3. The /proc Filesystem
15.2.4. Kernel Idle Processes
15.2.5. Process Resource Limits
15.2.6. Process Resource Limits Under AIX
15.2.7. Signaling and Killing Processes
15.2.7.1. Killing multiple processes with killall
15.2.7.2. Processes that won't die
15.2.7.3. Pausing and restarting processes
15.3. Managing CPU Resources
15.3.1. Nice Numbers and Process Priorities
15.3.2. Monitoring CPU Usage
15.3.2.1. Recognizing a CPU shortage
15.3.3. Changing a Process's Nice Number
15.3.3.1. renice under AIX, HP-UX, and Tru64
15.3.3.2. Changing process priorities under Solaris
15.3.3.3. Setting a user's default nice numbers under Tru64
15.3.4. Configuring the System Scheduler
15.3.4.1. The AIX scheduler
15.3.4.2. The Solaris scheduler
15.3.4.3. Tru64
15.3.5. Unix Batch-Processing Facilities
15.4. Managing Memory
15.4.1. Monitoring Memory Use and Paging Activity
15.4.1.1. Determining the amount of physical memory
15.4.1.2. Monitoring memory use
15.4.1.3. Recognizing memory problems
15.4.1.4. The filesystem cache
15.4.2. Configuring the Virtual Memory Manager
15.4.2.1. AIX
15.4.2.2. FreeBSD
15.4.2.3. HP-UX
15.4.2.4. Linux
15.4.2.5. Solaris
15.4.2.6. Tru64
15.4.3. Managing Paging Space
15.4.3.1. How much paging space?
15.4.3.2. Listing paging areas
15.4.3.3. Activating paging areas
15.4.3.4. Creating new paging areas
15.4.3.5. Filesystem paging
15.4.3.6. Linux and HP-UX paging space priorities
15.4.3.7. Removing paging areas
15.5. Disk I/O Performance Issues
15.5.1. Monitoring Disk I/O Performance
15.5.2. Getting the Most From the Disk Subsystem
15.5.2.1. Disk hardware
15.5.2.2. Distributing the data among the available disks
15.5.2.3. Data placement on disk
15.5.3. Tuning Disk I/O Performance
15.5.3.1. Sequential read-ahead
15.5.3.1.1. AIX
15.5.3.1.2. Linux
15.5.3.2. Disk I/O pacing
15.6. Monitoring and Managing Disk Space Usage
15.6.1. Where Did It All Go?
15.6.2. Handling Disk Shortage Problems
15.6.2.1. Using find to locate or remove wasted space
15.6.2.2. Limiting the growth of log files
15.6.3. Controlling Disk Usage with Disk Quotas
15.6.3.1. Preparing filesystems for quotas
15.6.3.2. Setting users' quota limits
15.6.3.3. Setting the soft limit expiration period
15.6.3.4. Enabling quota checking
15.6.3.5. Quota consistency checking
15.6.3.6. Disk quota reports
15.6.3.7. Group-based quotas (AIX, FreeBSD, Tru64 and Linux)
15.7. Network Performance
15.7.1. Basic Network Performance Monitoring
15.7.2. General TCP/IP Network Performance Principles
15.7.2.1. Two TCP parameters
15.7.3. DNS Performance
15.7.4. NFS Performance
15.7.4.1. NFS Version 3 performance improvements
15.7.4.2. NFS performance principles
16. Configuring and Building Kernels
16.1. FreeBSD and Tru64
16.1.1. Changing FreeBSD Kernel Parameters
16.1.2. FreeBSD Kernel Modules
16.1.3. Installing the FreeBSD Boot Loader
16.1.4. Tru64 Dynamic Kernel Configuration
16.2. HP-UX
16.3. Linux
16.3.1. Using lilo
16.3.1.1. Using a graphical message screen
16.3.1.2. lilo and Windows
16.3.1.3. More complex booting scenarios
16.3.1.4. lilo's -r option
16.3.1.5. The boot.message file
16.3.2. The Grub Boot Loader
16.3.3. Booting a Linux System with syslinux
16.3.4. Restoring the DOS Master Boot Program
16.3.5. Booting Alpha Linux Systems
16.3.6. Linux Loadable Modules
16.4. Solaris
16.5. AIX System Parameters
17. Accounting
17.1. Standard Accounting Files
17.2. BSD-Style Accounting: FreeBSD, Linux, and AIX
17.2.1. Enabling and Disabling Accounting
17.2.2. Merging Accounting Records into the Summary Files
17.2.3. After a Crash
17.2.4. Image-Based Resource Use Reporting: sa
17.2.5. Connect Time Reporting: ac
17.3. System V-Style Accounting: AIX, HP-UX, and Solaris
17.3.1. Setting Up Accounting
17.3.2. Accounting Reports
17.3.3. Solaris Project-Based Extended Accounting
17.3.4. The upacct Package
17.4. Printing Accounting
17.4.1. Printer Accounting Under LPRng
18. The Profession of System Administration
SAGE: The System Administrators Guild
Administrative Virtues
A. Administrative Shell Programming
A.1. Basic Syntax
A.1.1. I/O Redirection
A.1.2. The dot Command
A.1.3. Return Codes and the exit Command
A.1.4. Compound Commands
A.1.5. Command Substitution
A.1.6. Argument Symbols and Other $ Abbreviations
A.1.7. Variable Substitution
A.1.7.1. bash variable substitution extensions
A.1.8. Variable Double Dereferencing
A.2. The if Statement
A.2.1. The test Command (a.k.a. [ )
A.3. Other Control Structures
A.3.1. The while and until Commands
A.3.2. The case Command
A.3.3. The for Command
A.3.3.1. The bash arithmetic for loop
A.3.4. The Null Command
A.4. Getting Input: The read Command
A.4.1. The bash select command
A.5. Other Useful Commands
A.5.1. set
A.5.2. eval
A.5.3. printf
A.5.4. expr
A.5.4.1. bash integer arithmetic
A.5.4.2. bash arrays
A.6. Shell Functions
A.6.1. bash Local Variables
Colophon
SPECIAL OFFER: Upgrade this ebook with O’Reilly
← Prev
Back
Next →
← Prev
Back
Next →