Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
FOREWORD FOREWORD TO THE SECOND EDITION FOREWORD TO THE FIRST EDITION PREFACE ACKNOWLEDGMENTS BASIC ADMINISTRATION CHAPTER 1   WHERE TO START
Suggested background The sordid history of UNIX Example UNIX systems Notation and typographical conventions System-specific information How to use your manuals Organization of the man pages man : read manual pages Essential tasks of the system administrator Adding and removing users Adding and removing hardware Performing backups Installing new software Monitoring the system Troubleshooting Maintaining local documentation Auditing security Helping users How to find files on the Internet System administration under duress System Administration Personality Syndrome Recommended reading
CHAPTER 2   BOOTING AND SHUTTING DOWN
Bootstrapping Automatic and manual booting Steps in the boot process Kernel initialization Hardware configuration System processes Operator intervention (manual boot only) Execution of startup scripts Multiuser operation Booting PCs How a PC is different from proprietary hardware The PC boot process LILO: the Linux boot loader Configuring LILO The FreeBSD boot loader Multibooting on PCs Multibooting gotchas LILO multiboot configuration FreeBSD multiboot configuration Booting in single-user mode Solaris single-user mode HP-UX single-user mode Linux single-user mode FreeBSD single-user mode Startup scripts SystemV-style startup scripts Solaris startup scripts HP-UX startup scripts Red Hat startup scripts FreeBSD startup scripts Rebooting and shutting down Turning off the power shutdown: the genteel way to halt the system halt: a simpler way to shut down reboot: quick and dirty restart Sending init a TERM signal telinit: change init’s run level Killing init
CHAPTER 3   ROOTLY POWERS
Ownership of files and processes The superuser Choosing a root password Becoming root su: substitute user identity sudo: a limited su Other pseudo-users daemon: owner of unprivileged system software bin: owner of system commands sys: owner of the kernel and memory images nobody: the generic NFS user
CHAPTER 4   CONTROLLING PROCESSES
Components of a process PID: process ID number PPID: parent PID UID and EUID: real and effective user ID GID and EGID: real and effective group ID Niceness Control terminal The life cycle of a process Signals kill: send signals Process states nice and renice: influence scheduling priority ps: monitor processes top: monitor processes even better Runaway processes
CHAPTER 5   THE FILESYSTEM
Pathnames Mounting and unmounting filesystems The organization of the file tree File types Regular files Directories Character and block device files UNIX domain sockets Named pipes Symbolic links File attributes The setuid and setgid bits The sticky bit The permission bits Viewing file attributes FreeBSD bonus flags chmod: change permissions chown and chgrp: change ownerships umask: assign default permissions
CHAPTER 6   ADDING NEW USERS
The / etc/passwd file Login name Encrypted password UID number Default GID number GECOS field Home directory Login shell The FreeBSD / etc/master.passwd file The FreeBSD / etc/login.conf file The Solaris and Red Hat / etc/shadow file The / etc/group file Adding users Editing the passwd and shadow files Setting an initial password Creating the user’s home directory Copying in the default startup files Setting the user’s mail home Editing the / etc/group file Setting disk quotas Verifying the new login Removing users Disabling logins Vendor-supplied account management utilities
CHAPTER 7   SERIAL DEVICES
Serial standards Alternative connectors The mini DIN-8 variant The DB-9 variant The RJ-45 variant The Yost standard for RJ-45 wiring Hard and soft carrier Hardware flow control Cable length Serial device files Software configuration for serial devices Configuration of hardwired terminals The login process The / etc/ttys and / etc/ttytab files The / etc/ttytype file The / etc/gettytab file The / etc/inittab file The / etc/gettydefs file Solaris and sacadm Terminal support: the termcap and terminfo databases Special characters and the terminal driver stty: set terminal options tset: set options automatically How to unwedge a terminal Modems Modulation, error correction, and data compression protocols Dial-out configuration: / etc/phones and / etc/remote Bidirectional modems Debugging a serial line Other common I/O ports Parallel ports USB: the Universal Serial Bus
CHAPTER 8   ADDING A DISK
Disk interfaces The SCSI interface The IDE interface Which is better, SCSI or IDE? Disk geometry An overview of the disk installation procedure Connecting the disk Creating device entries Formatting the disk Labeling and partitioning the disk Establishing logical volumes Creating UNIX filesystems Setting up automatic mounting Enabling swapping fsck: check and repair filesystems Vendor specifics Adding a disk to Solaris Adding a disk to HP-UX Adding a disk to Red Hat Linux Adding a disk to FreeBSD
CHAPTER 9   PERIODIC PROCESSES
cron: schedule commands The format of crontab files Crontab management Some common uses for cron Cleaning the filesystem Network distribution of configuration files Rotating log files Vendor specifics
CHAPTER 10   BACKUPS
Motherhood and apple pie Perform all dumps from one machine Label your tapes Pick a reasonable backup interval Choose filesystems carefully Make daily dumps fit on one tape Make filesystems smaller than your dump device Keep tapes off-site Protect your backups Limit activity during dumps Check your tapes Develop a tape life cycle Design your data for backups Prepare for the worst Backup devices and media Floppy disks Super floppies CD-R and CD-RW Removable hard disks 8mm cartridge tapes DAT (4mm) cartridge tapes Travan tapes OnStream ADR DLT AIT Mammoth Jukeboxes, stackers, and tape libraries Hard disks Summary of media types What to buy Setting up an incremental backup regime Dumping filesystems Dump sequences Restoring from dumps Restoring individual files Restoring entire filesystems Dumping and restoring for upgrades Using other archiving programs tar: package files cpio: SysV-ish archiving dd: twiddle bits volcopy: duplicate filesystems Using multiple files on a single tape Amanda The architecture of Amanda Amanda setup The amanda.conf file The disklist file Amanda log files Amanda debugging File restoration from an Amanda backup Alternatives to Amanda: other open source backup packages Commercial backup products ADSM/TSM Veritas Legato Other alternatives Recommended reading
CHAPTER 11   SYSLOG AND LOG FILES
Logging policies Throwing away log files Rotating log files Archiving log files Finding log files Files NOT to manage Vendor specifics Syslog: the system event logger Configuring syslogd Red Hat enhancements to syslog FreeBSD enhancements to syslog Config file examples Sample syslog output Designing a logging scheme for your site Software that uses syslog Debugging syslog Using syslog from programs Condensing log files to useful information
CHAPTER 12   DRIVERS AND THE KERNEL
Kernel types Why configure the kernel? Configuring a Solaris kernel The Solaris kernel area Configuring the kernel with / etc/system An example / etc/system file Debugging a Solaris configuration Building an HP-UX kernel Configuring a Linux kernel Building the Linux kernel binary Tuning your Linux configuration Building a FreeBSD kernel The master recipe for building a kernel Audit the system’s hardware Create a configuration file in SYS/i386/conf Run config Run make depend Build the kernel Install the new kernel Test the new kernel Document the new kernel Creating a BSD configuration file The maxusers keyword The options keyword The config keyword Hardware devices The pseudo-device keyword A sample FreeBSD configuration file Tuning the FreeBSD kernel Adding device drivers Device numbers Adding a Solaris device driver Adding a Linux device driver Adding a FreeBSD device driver Device files Naming conventions for devices Loadable kernel modules Loadable kernel modules in Solaris Loadable kernel modules in Linux Loadable kernel modules in FreeBSD Recommended reading NETWORKING
CHAPTER 13   TCP/IP NETWORKING
TCP/IP and the Internet A brief history lesson How the Internet is managed today Network standards and documentation Networking road map Packets and encapsulation The link layer Packet addressing Ports Address types IP addresses: the gory details IP address classes Subnetting and netmasks The IP address crisis CIDR: Classless Inter-Domain Routing Address allocation Private addresses and NAT IPv6 addressing Routing Routing tables ICMP redirects ARP: The address resolution protocol DHCP: the Dynamic Host Configuration Protocol DHCP software How DHCP works ISC’s DHCP server PPP: the Point-to-Point Protocol Addressing PPP performance issues Connecting to a network with PPP Making your host speak PPP Controlling PPP links Finding a host to talk to Assigning an address Routing Ensuring security Using terminal servers Using chat scripts Security issues IP forwarding ICMP redirects Source routing Broadcast pings and other forms of directed broadcast UNIX-based firewalls Virtual private networks IPSEC: secure IP Addition of machines to a network Assigning hostnames and IP addresses ifconfig: configure network interfaces route: configure static routes Default routes Configuring DNS Vendor-specific network configuration Solaris network configuration Basic network configuration for Solaris Configuration examples for Solaris DHCP configuration for Solaris Dynamic reconfiguration and tuning for Solaris Security, firewalls, filtering, and NAT for Solaris PPP configuration for Solaris Networking quirks for Solaris HP-UX network configuration Basic network configuration for HP-UX Configuration examples for HP-UX DHCP configuration for HP-UX Dynamic reconfiguration and tuning for HP-UX Security, firewalls, filtering, and NAT for HP-UX PPP configuration for HP-UX Networking quirks for HP-UX Network configuration for Red Hat Basic network configuration for Red Hat Configuration examples for Red Hat DHCP configuration for Red Hat Dynamic reconfiguration and tuning for Red Hat Security, firewalls, filters, and NAT for Red Hat PPP configuration for Red Hat Networking quirks for Red Hat Network configuration for FreeBSD Basic network configuration for FreeBSD Configuration examples for FreeBSD DHCP configuration for FreeBSD Dynamic reconfiguration and tuning for FreeBSD Security, firewalls, filters, and NAT for FreeBSD PPP configuration for FreeBSD Networking quirks for FreeBSD Recommended reading
CHAPTER 14   ROUTING
Packet forwarding: a closer look Routing daemons and routing protocols Distance-vector protocols Link-state protocols Cost metrics Interior and exterior protocols Protocols on parade RIP: Routing Information Protocol RIP-2: Routing Information Protocol, version 2 OSPF: Open Shortest Path First IGRP and EIGRP: Interior Gateway Routing Protocol IS-IS: the ISO �standard� MOSPF, DVMRP, and PIM: multicast routing protocols Router Discovery Protocol routed: RIP yourself a new hole gated: a better routing daemon gated startup and control Tracing The gated configuration file Option configuration statements Network interface definitions Other miscellaneous definitions Protocol configuration for RIP Some preliminary background on OSPF Protocol configuration for OSPF Protocol configuration for ICMP redirects Static routes Exported routes A complete gated configuration example Vendor specifics Routing strategy selection criteria Cisco routers Recommended reading
CHAPTER 15   NETWORK HARDWARE
LAN, WAN, or MAN? Ethernet: the common LAN How Ethernet works Ethernet topology Unshielded twisted pair Connecting and expanding Ethernets FDDI: the disappointing and expensive LAN ATM: the promised (but sorely defeated) LAN Frame relay: the sacrificial WAN ISDN: the indigenous WAN DSL: the people’s WAN Where is the network going? Network testing and debugging Building wiring UTP cabling options Connections to offices Wiring standards Network design issues Network architecture vs. building architecture Existing networks Expansion Congestion Maintenance and documentation Management issues Recommended vendors Cables and connectors Test equipment Routers/switches Recommended reading
CHAPTER 16   THE DOMAIN NAME SYSTEM
DNS for the impatient: adding a new machine The history of DNS Who needs DNS? What’s new in DNS The DNS namespace Masters of their domains Selecting a domain name Domain bloat Registering a second-level domain name Creating your own subdomains The BIND software Versions of BIND Finding out what version you have Components of BIND named: the BIND name server Authoritative and caching-only servers Recursive and nonrecursive servers The resolver library Shell interfaces to DNS How DNS works Delegation Caching and efficiency The extended DNS protocol BIND client issues Resolver configuration Resolver testing Impact on the rest of the system BIND server configuration Hardware requirements named startup Configuration files The include statement The options statement The acl statement The server statement The logging statement The zone statement The key statement The trusted-keys statement The controls statement The view statement BIND configuration examples A home Linux box A university department A web hosting company The DNS database Resource records The SOA record NS records A records PTR records MX records CNAME records The CNAME hack LOC records SRV records TXT records IPv6 resource records A6 records DNAME records Commands in zone files The localhost zone Glue records: links between zones Updating zone files Zone transfers Dynamic updates Security issues Access control lists revisited Confining named Secure server-to-server communication with TSIG and TKEY DNSSEC Microsoft bad, UNIX good Testing and debugging Logging Debug levels Debugging with ndc Debugging with nslookup, dig, and host Lame delegations Loose ends The hints file Localhost configuration Host management tools DNS for systems not on the Internet Vendor specifics Specifics for Solaris Specifics for HP-UX Specifics for Red Hat Linux Specifics for FreeBSD Recommended reading Mailing lists and newsgroups Books and other documentation On-line resources The RFCs
CHAPTER 17   THE NETWORK FILE SYSTEM
General information about NFS NFS protocol versions Choice of transport WebNFS File locking Disk quotas Global UIDs and GIDs Root access and the nobody account Cookies and stateless mounting Naming conventions for shared filesystems Security and NFS Server-side NFS The share command and dfstab file (Solaris) The exportfs command and the exports file (HP-UX, Red Hat, FreeBSD) nfsd: serve files Client-side NFS biod and nfsiod: provide client-side caching Mounting remote filesystems Secure port restrictions nfsstat: dump NFS statistics Dedicated NFS file servers Automatic mounting automount: the original automounter Indirect maps Direct maps Master maps Executable maps Replicated filesystems using automount Automatic automounts Specifics for Red Hat Linux amd: a more sophisticated automounter amd maps Starting amd Stopping amd Recommended reading
CHAPTER 18   SHARING SYSTEM FILES
What to share Copying files around rdist: push files rsync: push files more securely expect: pull files NIS: the Network Information Service Netgroups Prioritizing sources of administrative information Advantages and disadvantages of NIS How NIS works Setting up an NIS domain Vendor specifics NIS+: son of NIS LDAP: the Lightweight Directory Access Protocol LDAP documentation and specifications Hands-on LDAP
CHAPTER 19   ELECTRONIC MAIL
Mail systems User agents Transport agents Delivery agents Message stores Access agents Mail submission agents The anatomy of a mail message Mail addressing Reading mail headers Mail philosophy Using mail servers Using mail homes Using IMAP or POP Mail aliases Getting mailing lists from files Mailing to files Mailing to programs Examples of aliases Mail forwarding The hashed alias database Mailing lists and list wrangling software LDAP: the Lightweight Directory Access Protocol sendmail: ringmaster of the electronic mail circus The history of sendmail Vendor-supplied versions of sendmail sendmail installation The switch file Modes of operation The mail queue sendmail configuration Using the m4 preprocessor The sendmail configuration pieces Building a configuration file from a sample .mc file Basic sendmail configuration primitives The VERSIONID macro The OSTYPE macro The DOMAIN macro The MAILER macro Fancier sendmail configuration primitives The FEATURE macro The use_cw_file feature The redirect feature The always_add_domain feature The nocanonify feature Tables and databases The mailertable feature The genericstable feature The virtusertable feature The ldap_routing feature Masquerading and the MASQUERADE_AS macro The MAIL_HUB and SMART_HOST macros Masquerading and routing The nullclient feature The local_lmtp and smrsh features The local_procmail feature The LOCAL_* macros Configuration options Configuration file examples A computer science student’s home machine A small but sendmail -clueful company Another master/client example Spam-related features in sendmail Relaying The access database Blacklisting users or sites Header checking Handling spam Spam examples Security and sendmail Ownerships Permissions Safe mail to files and programs Privacy options Running a chroot ed sendmail (for the truly paranoid) Denial of service attacks Forgeries Message privacy SASL: the Simple Authentication and Security Layer sendmail statistics, testing, and debugging Testing and debugging Verbose delivery Talking in SMTP Logging The Postfix mail system Postfix architecture Configuring Postfix Spam control Postfix examples Recommended reading
CHAPTER 20   NETWORK MANAGEMENT AND DEBUGGING
Troubleshooting a network ping: check to see if a host is alive traceroute: trace IP packets netstat: get tons o’ network statistics Monitoring the status of network connections Inspecting interface configuration information Examining the routing table Viewing operational statistics for various network protocols Packet sniffers snoop: Solaris’s packet sniffer nettl: HP-UX’s packet sniffer tcpdump: king of sniffers Network management protocols SNMP: the Simple Network Management Protocol SNMP organization SNMP protocol operations RMON: remote monitoring MIB SNMP agents SNMP on Solaris SNMP on HP-UX The UCD SNMP agent Network management applications The UCD SNMP tools MRTG: the Multi-Router Traffic Grapher NOCOL: Network Operation Center On-Line Commercial management platforms Recommended reading
CHAPTER 21   SECURITY
Seven common-sense rules of security How security is compromised Security problems in the / etc/passwd file Password checking and selection Shadow passwords Group logins and shared logins Password aging User shells Rootly entries Setuid programs Important file permissions Miscellaneous security issues Remote event logging Secure terminals / etc/hosts.equiv and ~/ .rhosts rexd, rexecd , and tftpd fingerd Security and NIS Security and NFS Security and sendmail Security and backups Trojan horses Security power tools nmap: scan network ports SAINT: check networked systems for vulnerabilities Nessus: next generation network scanner crack: find insecure passwords tcpd: protect Internet services COPS: audit system security tripwire: monitor changes to system files Forensic tools Cryptographic security tools Kerberos: a unified approach to network security PGP: Pretty Good Privacy SSH: the secure shell SRP: Secure Remote Password OPIE: One-time Passwords in Everything Firewalls Packet-filtering firewalls How services are filtered Service proxy firewalls Stateful inspection firewalls Firewalls: how safe are they? Sources of security information CERT: a registered service mark of Carnegie Mellon University SecurityFocus.com and the BugTraq mailing list SANS: the System Administration, Networking, and Security Institute Vendor-specific security resources Other mailing lists and web sites What to do when your site has been attacked Recommended reading
CHAPTER 22   WEB HOSTING AND INTERNET SERVERS
Web hosting Web hosting basics Uniform resource locators How HTTP works CGI scripting: generating content on the fly Load balancing HTTP server installation Choosing a server Compiling and installing Apache Configuring Apache Running Apache Virtual interfaces Configuring virtual interfaces Telling Apache about a virtual interface Caching and proxy servers Setting up Squid Anonymous FTP server setup Usenet news Usenet news feeds Usenet software Whither Usenet news? BUNCH O’ STUFF
CHAPTER 23   PRINTING
Mini-glossary of printing terms Types of printers Serial and parallel printers Network printers Life without PostScript BSD printing An overview of the printing process Controlling the printing environment lpd: the BSD print spooler lpr: submit print jobs lpq: view the printing queue lprm: remove print jobs lpc: make administrative changes The / etc/printcap file printcap variables printcap variables for serial devices printcap extensions Printing to something besides a printer System V printing Overview Destinations and classes A brief description of lp lpsched and lpshut: start and stop printing lpadmin: configure the printing environment lpstat: get status information cancel: remove print jobs accept and reject: control spooling enable and disable: control printing lpmove: transfer jobs Interface programs What to do when the lp system is completely hosed Adding a printer Adding printers to Solaris Adding printers to HP-UX Adding printers to Red Hat Linux Adding printers to FreeBSD LPRng The LPRng commands Obtaining and installing LPRng /etc/lpd.conf: configure lpd /etc/lpd.perms: configure access control Setting up the printcap file Filters Accounting Debugging printing problems Common printing software rlpr ghostscript mpage enscript Printer philosophy Use printer accounting Use banner pages only when necessary Provide recycling bins Provide previewers Buy cheap printers Keep extra toner cartridges on hand Secure your printer
CHAPTER 24   MAINTENANCE AND ENVIRONMENT
Maintenance basics Maintenance contracts On-site maintenance Board swap maintenance Warranties Board-handling lore Static electricity Reseating boards Monitors Memory modules Preventive maintenance Environment Temperature Humidity Office cooling Machine room cooling Temperature monitoring Power Remote power control Racks Tools
CHAPTER 25   PERFORMANCE ANALYSIS
What you can do to improve performance Factors that affect performance System performance checkup Analyzing CPU usage How UNIX manages memory Analyzing memory usage Analyzing disk I/O Virtual Adrian procinfo: display Red Hat performance data pstat: print random FreeBSD statistics Help! My system just got really slow! Recommended reading
CHAPTER 26   COOPERATING WITH WINDOWS
File and print sharing NFS: the Network File System CIFS: the Common Internet File System Samba: CIFS for UNIX Installing and configuring Samba Debugging Samba Secure terminal emulation with SSH X Windows emulators PC mail clients PC backups Dual booting Running Windows applications under UNIX PC hardware tips
CHAPTER 27   POLICY AND POLITICS
Policy and procedure Security policies User policy agreements Sysadmin policy agreements Policy and procedures for emergency situations Disaster planning Miscellaneous tidbits Legal issues Liability Encryption Copyright Privacy Policy enforcement Software licenses Spam: unsolicited commercial email Sysadmin surveys SAGE salary survey SANS salary survey Scope of service Trouble-reporting systems Managing management Hiring, firing, and training Attitude adjustment Operator wars Iterative refinement War stories and ethics Boss’s mistake #1 Boss’s mistake #2 Dan, your new name is Lester Which ones to fire Horndog Joe Wedding invitations Pornographic GIF images Migrating data Bill must die! Localization and upgrades Managing software across systems Upgrades Useful third-party software Local documentation Procurement Decommissioning hardware Software patents Organizations, conferences, and other resources SAGE: the System Administrators� Guild Mailing lists and web resources Printed resources Standards Sample documents Recommended reading
CHAPTER 28   DAEMONS
init: the primordial process cron: schedule commands inetd: manage daemons Configuring inetd The services file Restarting inetd Securing inetd portmap/rpcbind: map RPC services to TCP and UDP ports System daemons The paging daemon The swapping daemon The filesystem synchronization daemon Printing daemons lpd: manage BSD-style printing lpsched: manage ATT printing rlpdaemon: print from BSD to HP-UX NFS daemons nfsd: serve files mountd: respond to mount requests amd and automount: mount filesystems on demand lockd and statd: manage NFS locks biod: cache NFS blocks NIS daemons ypbind: locate NIS servers ypserv: NIS server ypxfrd: transfer NIS databases rpc.nisd: NIS+ server Internet daemons talkd: network chat service comsat: notify users of new mail sendmail: transport electronic mail snmpd: provide remote network management service rwhod: maintain remote user list ftpd: file transfer server popper: basic mailbox server imapd: deluxe mailbox server rlogind: remote login server telnetd: yet another remote login server sshd: secure remote login server rshd: remote command execution server rexecd: yet another command execution server rpc.rexd: yet a third command execution server routed: maintain routing tables gated: maintain complicated routing tables named: DNS server syslogd: process log messages fingerd: look up users httpd: World Wide Web server Time synchronization daemons timed: synchronize clocks xntpd: synchronize clocks even better Booting and configuration daemons bootpd: boot server tftpd: trivial file transfer server rarpd: map Ethernet addresses to IP addresses bootparamd: advanced diskless life support dhcpd: dynamic address assignment
COLOPHON INDEX
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion