UNIX and Linux system administration handbook:
Gespeichert in:
| Hauptverfasser: | , , , , |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Boston
Addison-Wesley
[2018]
|
| Ausgabe: | Fifth edition |
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Beschreibung: | xlvi, 1180 Seiten Illustrationen |
| ISBN: | 9780134277554 0134277554 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV044559564 | ||
| 003 | DE-604 | ||
| 005 | 20241127 | ||
| 007 | t| | ||
| 008 | 171027s2018 xx a||| |||| 00||| eng d | ||
| 020 | |a 9780134277554 |c pbk. |9 978-0-13-427755-4 | ||
| 020 | |a 0134277554 |c pbk. |9 0-13-427755-4 | ||
| 035 | |a (OCoLC)1006711223 | ||
| 035 | |a (DE-599)BSZ493578315 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-11 |a DE-384 |a DE-29T |a DE-M158 |a DE-523 |a DE-19 |a DE-20 |a DE-355 |a DE-1050 |a DE-703 | ||
| 082 | 0 | |a 005.43 | |
| 084 | |a ST 261 |0 (DE-625)143633: |2 rvk | ||
| 100 | 1 | |a Nemeth, Evi |e Verfasser |0 (DE-588)102354850X |4 aut | |
| 240 | 1 | 0 | |a UNIX system administration handbook |
| 245 | 1 | 0 | |a UNIX and Linux system administration handbook |c Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat |
| 246 | 1 | 3 | |a UNIX and Linux system administration handbook |
| 250 | |a Fifth edition | ||
| 264 | 1 | |a Boston |b Addison-Wesley |c [2018] | |
| 264 | 4 | |c © 2018 | |
| 300 | |a xlvi, 1180 Seiten |b Illustrationen | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 650 | 0 | 7 | |a UNIX |0 (DE-588)4061835-3 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a LINUX |0 (DE-588)4337730-0 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Systemverwaltung |0 (DE-588)4257084-0 |2 gnd |9 rswk-swf |
| 653 | |a UNIX (Computer file) | ||
| 653 | |a Linux | ||
| 653 | 0 | |a Operating systems (Computers) | |
| 689 | 0 | 0 | |a LINUX |0 (DE-588)4337730-0 |D s |
| 689 | 0 | |5 DE-604 | |
| 689 | 1 | 0 | |a UNIX |0 (DE-588)4061835-3 |D s |
| 689 | 1 | 1 | |a Systemverwaltung |0 (DE-588)4257084-0 |D s |
| 689 | 1 | |8 1\p |5 DE-604 | |
| 700 | 1 | |a Snyder, Garth |e Verfasser |4 aut | |
| 700 | 1 | |a Hein, Trent R. |e Verfasser |4 aut | |
| 700 | 1 | |a Whaley, Ben |e Verfasser |0 (DE-588)108114226X |4 aut | |
| 700 | 1 | |a Mackin, Dan |e Verfasser |0 (DE-588)1142541452 |4 aut | |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe |z 978-0-13-427830-8 |
| 780 | 0 | 0 | |i Vorangegangen ist |b 4. ed., 1. print., 20th anniversary ed. |d 2011 |z 978-0-13-148005-6 |w (DE-604)BV036796305 |
| 856 | 4 | 2 | |m HEBIS Datenaustausch |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029958214&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 883 | 1 | |8 1\p |a cgwrk |d 20201028 |q DE-101 |u https://d-nb.info/provenance/plan#cgwrk | |
| 943 | 1 | |a oai:aleph.bib-bvb.de:BVB01-029958214 | |
Datensatz im Suchindex
| _version_ | 1816895756184846336 |
|---|---|
| adam_text |
Table of Contents
Tribute to Evi xl
Preface xlii
Foreword xliv
Acknowledgments xlvi
SECTION ONE: BASIC ADMINISTRATION
Chapter 1 Where to Start 3
Essential duties of a system administrator 4
Controlling access 4
Adding hardware 4
Automating tasks 4
Overseeing backups 4
Installing and upgrading software 5
Monitoring 5
Troubleshooting 5
Maintaining local documentation 5
Vigilantly monitoring security 6
Tuning performance 6
Developing site policies 6
Working with vendors 6
Fire fighting 6
IIN1X and Linux System Administration Handbook_
Suggested background 7
Linux distributions 8
Example systems used in this book 9
Example Linux distributions 10
Example UNIX distribution 11
Notation and typographical conventions 12
Units ^
Man pages and other on-line documentation 14
Organization of the man pages 14
man: read man pages 15
Storage of man pages 15
Other authoritative documentation 16
System-specific guides 16
Package-specific documentation 16
Books I7
RFC publications 17
Other sources of information 18
Keeping current 18
HowTos and reference sites 19
Conferences 19
Ways to find and install software 19
Determining if software is already installed 21
Adding new software 22
Building software from source code 23
Installing from a web script 24
Where to host 25
Specialization and adjacent disciplines 26
DevOps 26
Site reliability engineers 27
Security operations engineers 27
Network administrators 27
Database administrators 27
Network operations center (NOC) engineers 27
Data center technicians 28
Architects 28
Recommended reading 28
System administration and DevOps 28
Essential tools 29
Table of Contents_yii
Chapter 2 Booting and System Management Daemons 30
Boot process overview 30
System firmware 32
BIOS vs UEFI 32
Legacy BIOS 33
UEFI 33
Boot loaders 35
GRUB: the GRand Unified Boot loader 35
GRUB configuration 36
The GRUB command line 37
Linux kernel options 38
The FreeBSD boot process 39
The BIOS path: bootO 39
The UEFI path 39
loader configuration 40
loader commands 40
System management daemons 41
Responsibilities of init 41
Implementations of init 42
Traditional init 43
systemd vs the world 43
inits judged and assigned their proper punishments 44
systemd in detail 44
Units and unit files 45
systemctl: manage systemd 46
Unit statuses 47
Targets 49
Dependencies among units 50
Execution order 51
A more complex unit file example 52
Local services and customizations 53
Service and startup control caveats 54
systemd logging 56
FreeBSD init and startup scripts 57
Reboot and shutdown procedures 59
Shutting down physical systems 59
Shutting down cloud systems 59
Stratagems for a nonbooting system 60
Single-user mode 61
Single-user mode on FreeBSD 62
Single-user mode with GRUB 62
Recovery of cloud systems 62
, r IV I in,IX System Administration Handbook
Standard UNIX access control 66
Filesystem access control 66
Process ownership 67
The root account 67
Setuid and setgid execution 68
Management of the root account 69
Root account login 69
su: substitute user identity 70
sudo: limited su 70
Example configuration 71
sudo pros and cons 72
sudo vs advanced access control 73
Typical setup 74
Environment management 74
sudo without passwords 75
Precedence 75
sudo without a control terminal 76
Site-wide sudo configuration 76
Disabling the root account 78
System accounts other than root 78
Extensions to the standard access control model 79
Drawbacks of the standard model 80
PAM: Pluggable Authentication Modules 80
Kerberos: network cryptographic authentication 81
Filesystem access control lists 81
Linux capabilities 82
Linux namespaces 82
Modern access control 83
Separate ecosystems 84
Mandatory access control 84
Role-based access control 85
SELinux: Security-Enhanced Linux 85
AppArmor 87
Recommended reading 89
Chapter 4 Process Control 90
Components of a process 90
PID: process ID number 91
PPID: parent PID 91
UID and EUID: real and effective user ID 92
GID and EGID: real and effective group ID 92
Niceness 93
Control terminal 93
Table of Contents_ix
The life cycle of a process 93
Signals 94
kill: send signals 97
Process and thread states 97
ps: monitor processes 98
Interactive monitoring with top 101
nice and renice: influence scheduling priority 102
The /proc filesystem 104
strace and truss: trace signals and system calls 105
Runaway processes 107
Periodic processes 109
cron: schedule commands 109
The format of crontab files 110
Crontab management 112
Other crontabs 112
cron access control 113
systemd timers 113
Structure of systemd timers 114
systemd timer example 114
systemd time expressions 116
Transient timers 117
Common uses for scheduled tasks 118
Sending mail 118
Cleaning up a filesystem 118
Rotating a log file 118
Running batch jobs 118
Backing up and mirroring 119
Chapter 5 The Filesystem 120
Pathnames 122
Filesystem mounting and unmounting 122
Organization of the file tree 125
File types 126
Regular files 129
Directories 129
Hard links 129
Character and block device files 130
Local domain sockets 131
Named pipes 131
Symbolic links 131
I imiy and I inux System Administration Handbook
File attributes
The permission bits
Hie setuid and setgid bits
The sticky bit
Is: list and inspect files
chmod: change permissions
chown and chgrp: change ownership and group
umask: assign default permissions
Linux bonus flags
Access control lists
A cautionary note
ACL types
Implementation of ACLs
Linux ACL support
FreeBSD ACL support
POS1X ACLs
Interaction between traditional modes and ACLs
POSIX access determination
POSIX ACL inheritance
NFSv4 ACLs
NFSv4 entities for which permissions can be specified
NFSv4 access determination
ACL inheritance in NFSv4
NFSv4 ACL viewing
Interactions between ACLs and modes
NFSv4 ACL setup
132
132
133
134
134
136
137
138
139
140
141
141
142
142
143
143
144
146
146
147
148
149
149
150
151
151
Chapter 6 Software Installation and Management 153
Operating system installation 154
Installing from the network 154
Settingup PXE 155
Using kickstart, the automated installer for Red Hat and CentOS 156
Setting up a kickstart configuration file 156
Building a kickstart server 158
Pointing kickstart at your config file 158
Automating installation for Debian and Ubuntu 159
Netbooting with Cobbler, the open source Linux provisioning server 161
Automating FreeBSD installation 161
Managing packages
Linux package management systems 164
rpm: manage RPM packages 164
dpkg: manage deb packages Ig5
Table of Contents_xi
High-level Linux package management systems 166
Package repositories 167
RHN: the Red Hat Network 169
APT: the Advanced Package Tool 169
Repository configuration 170
An example /etc/apt/sources list file 171
Creation of a local repository mirror 172
APT automation 173
yum: release management for RPM 174
FreeBSD software management 175
The base system 175
pkg: the FreeBSD package manager 176
The ports collection 177
Software localization and configuration 178
Organizing your localization 179
Structuring updates 179
Limiting the field of play 180
Testing 180
Recommended reading 181
Chapter 7 Scripting and the Shell 182
Scripting philosophy 183
Write microscripts 183
Learn a few tools well 184
Automate all the things 184
Don’t optimize prematurely 185
Pick the right scripting language 186
Follow best practices 187
Shell basics 189
Command editing 190
Pipes and redirection 190
Variables and quoting 192
Environment variables 193
Common filter commands 194
cut: separate lines into fields 194
sort: sort lines 194
uniq: print unique lines 195
wc: count lines, words, and characters 196
tee: copy input to two places 196
head and tail: read the beginning or end of a file 196
grep: search text 197
xii
IINIX and Linux System Administration Handbook
sh scripting
Execution
From commands to scripts
Input and output
Spaces in filenames
Command-line arguments and functions
Control flow
Loops
Arithmetic
Regular expressions
The matching process
Literal characters
Special characters
Example regular expressions
Captures
Greediness, laziness, and catastrophic backtracking
Python programming
The passion of Python 3
Python 2 or Python 3?
Python quick start
Objects, strings, numbers, lists, dictionaries, tuples, and files
Input validation example
Loops
Ruby programming
Installation
Ruby quick start
Blocks
Symbols and option hashes
Regular expressions in Ruby
Ruby as a filter
Library and environment management for Python and Ruby_
Finding and installing packages
Creating reproducible environments
Multiple environments
virtualenv: virtual environments for Python
RVM: the Ruby environment Manager
Revision control with Git
A simple Git example
Git caveats
Social coding with Git
Recommended reading
Shells and shell scripting
Regular expressions
Python
Ruby
198
198
199
201
202
203
205
207
209
209
210
210
210
211
213
213
215
215
216
216
218
220
221
223
223
224
225
227
227
229
229
229
230
231
232
232
235
236
239
239
241
241
241
242
242
Table of Contents_xiii
Chapter 8 User Management 243
Account mechanics 244
The /etc/passwd file 245
Login name 245
Encrypted password 246
UID (user ID) number 248
Default GID (group ID) number 249
GECOS field 249
Home directory 250
Login shell 250
The Linux /etc/shadow file 250
FreeBSD's /etc/master passwd and /etc/login conf files 252
The /etc/master passwd file 252
The /etc/login conf file 253
The /etc/group file 254
Manual steps for adding users 255
Editing the passwd and group files 256
Setting a password 257
Creating the home directory and installing startup files 257
Setting home directory permissions and ownerships 259
Configuring roles and administrative privileges 259
Finishing up 260
Scripts for adding users: useradd, adduser, and newusers 260
useradd on Linux 261
adduser on Debian and Ubuntu 262
adduser on FreeBSD 262
newusers on Linux: adding in bulk 263
Safe removal of a users account and files 264
User login lockout 265
Risk reduction with PAM 266
Centralized account management 266
LDAP and Active Directory 267
Application-level single sign-on systems 267
Identity management systems 268
Chapter 9 Cloud Computing 270
The cloud in context 271
Cloud platform choices 273
Public, private, and hybrid clouds 273
Amazon Web Services 274
Google Cloud Platform 275
DigitalOcean 275
xiv
IINIX and Linux System Administration Handbook
Cloud service fundamentals 276
Access to the cloud 277
Regions and availability zones 278
Virtual private servers 279
Networking 280
Storage 281
Identity and authorization 281
Automation 282
Serverless functions 282
Clouds: VPS quick start by platform 283
Amazon Web Services 283
aws: control AWS subsystems 2S4
Creating an EC2 instance 284
Viewing the console log 286
Stopping and terminating instances 287
Google Cloud Platform 288
Setting up gdoud 288
Running an instance on GCE 288
DigitalOcean 289
Cost control 291
Recommended Reading 293
Chapter 10 Logging 294
Log locations 296
Files not to manage 298
How to view logs in the systemd journal 298
The systemd journal 299
Configuring the systemd journal 300
Adding more filtering options for joumalctl 301
Coexisting with syslog 301
Syslog 302
Reading syslog messages 303
Rsyslog architecture 304
Rsyslog versions 304
Rsyslog configuration 305
Modules 306
sysklogd syntax 307
Legacy directives 311
RainerScript 312
Config file examples 314
Basic rsyslog configuration 314
Network logging client 315
Central logging host 316
Syslog message security 317
Syslog configuration debugging 318
Table of Contents
xv
Kernel and boot-time logging 318
Management and rotation of log files 319
logrotate: cross-platform log management 319
newsyslog: log management on FreeBSD 321
Management of logs at scale 321
The ELK stack 321
Graylog 322
Logging as a service 323
Logging policies 323
Chapter 11 Drivers and the Kernel 325
Kernel chores for system administrators 326
Kernel version numbering 327
Linux kernel versions 327
FreeBSD kernel versions 328
Devices and their drivers 328
Device files and device numbers 329
Challenges of device file management 330
Manual creation of device files 331
Modern device file management 331
Linux device management 331
Sysfs: a window into the souls of devices 332
udevadm: explore devices 333
Rules and persistent names 334
FreeBSD device management 337
Devfs: automatic device file configuration 337
devd: higher-level device management 338
Linux kernel configuration 339
Tuning Linux kernel parameters 339
Building a custom kernel 341
If it ain’t broke, don’t fix it 341
Setting up to build the Linux kernel 341
Configuring kernel options 342
Building the kernel binary 343
Adding a Linux device driver 344
FreeBSD kernel configuration 344
Tuning FreeBSD kernel parameters 344
Building a FreeBSD kernel 345
Loadable kernel modules 346
Loadable kernel modules in Linux 346
Loadable kernel modules in FreeBSD 348
Booting 348
Linux boot messages 349
FreeBSD boot messages 353
xvi
1INIIX and Linux System Administration Handbook
Booting alternate kernels in the cloud
Kernel errors
Linux kernel errors
FreeBSD kernel panics
Recommended reading
355
356
356
359
359
Chapter 12 Printing
CUPS printing
Interfaces to the printing system
The print queue 362
Multiple printers and queues 363
Printer instances 363
Network printer browsing 363
Filters 364
CUPS server administration 365
Network print server setup 365
Printer autoconfiguration 366
Network printer configuration 367
Printer configuration examples 367
Service shutoff 368
Other configuration tasks 368
Troubleshooting tips 369
Print daemon restart 369
Log files 369
Direct printing connections 370
Network printing problems 370
Recommended reading 371
SECTION TWO: NETWORKING
Chapter 13 TCP/IP Networking 375
TCP/IP and its relationship to the Internet 375
Who runs the Internet? 376
Network standards and documentation 376
Networking basics 378
IPv4 and IPv6 379
Packets and encapsulation 381
Ethernet framing 382
Maximum transfer unit 382
Table of Contents_ _xvii
Packet addressing 384
Hardware (MAC) addressing 384
IP addressing 385
Hostname “addressing” 385
Ports 385
Address types 386
IP addresses: the gory details 387
IPv4 address classes 387
IPv4 subnetting 388
Tricks and tools for subnet arithmetic 390
CIDR: Classless Inter-Domain Routing 391
Address allocation 392
Private addresses and network address translation (NAT) 392
IPv6 addressing 394
IPv6 address notation 395
IPv6 prefixes 396
Automatic host numbering 397
Stateless address autoconfiguration 397
IPv6 tunneling 398
IPv6 information sources 398
Routing 398
Routing tables 399
ICMP redirects 401
IPv4 ARP and IPv6 neighbor discovery 401
DHCP: the Dynamic Host Configuration Protocol 402
DHCP software 403
DHCP behavior 404
ISC's DHCP software 404
Security issues 406
IP forwarding 406
ICMP redirects 407
Source routing 407
Broadcast pings and other directed broadcasts 407
IP spoofing 408
Host-based firewalls 408
Virtual private networks 409
Basic network configuration 410
Hostname and IP address assignment 411
Network interface and IP configuration 412
Routing configuration 414
DNS configuration 415
System-specific network configuration 416
xviii
1IMIY and I inux System Administration Handbook
Linux networking 41'
NetworkManager 417
ip: manually configure a network 418
Debian and Ubuntu network configuration 419
Red Hat and CentOS network configuration 419
Linux network hardware options 421
Linux TCP/IP options 422
Security-related kernel variables 424
FreeBSD networking 425
ifconfig: configure network interfaces 425
FreeBSD network hardware configuration 426
FreeBSD boot-time network configuration 426
FreeBSD TCP/IP configuration 427
Network troubleshooting 428
ping: check to see if a host is alive 429
traceroute: trace IP packets 431
Packet sniffers 434
tcpdump: command-line packet sniffer 435
Wireshark and TShark: tcpdump on steroids 436
Network monitoring 437
SmokePing: gather ping statistics over time 437
iPerf: track network performance 437
Cacti: collect and graph data 438
Firewalls and NAT 440
Linux iptables: rules, chains, and tables 440
iptables rule targets 441
iptables firewall setup 442
A complete example 442
Linux NAT and packet filtering 444
IPFilter for UNIX systems 445
Cloud networking 448
AWS’s virtual private cloud (VPC) 448
Subnets and routing tables 449
Security groups and NACLs 450
A sample VPC architecture 451
Creating a VPC with Terraform 452
Google Cloud Platform networking 455
DigitalOcean networking 456
Recommended reading 457
History 457
Classics and bibles 458
Protocols
Table of Contents_ _ xix
Chapter 14 Physical Networking 459
Ethernet: the Swiss Army knife of networking 460
Ethernet signaling 460
Ethernet topology 461
Unshielded twisted-pair cabling 462
Optical fiber 464
Ethernet connection and expansion 465
Hubs 465
Switches 465
VLAN-capable switches 466
Routers 467
Autonegotiation 467
Power over Ethernet 468
Jumbo frames 468
Wireless: Ethernet for nomads 469
Wireless standards 469
Wireless client access 470
Wireless infrastructure and WAPs 470
Wireless topology 471
Small money wireless 472
Big money wireless 472
Wireless security 473
SDN: software-defined networking 473
Network testing and debugging 474
Building wiring 475
UTP cabling options 475
Connections to offices 475
Wiring standards 475
Network design issues 476
Network architecture vs building architecture 477
Expansion 477
Congestion 478
Maintenance and documentation 478
Management issues 478
Recommended vendors 479
Cables and connectors 479
Test equipment 480
Routers/switches 480
Recommended reading 480
XX
i iMiv and I inux System Administration Handbook
Chapter 15 IP Routing 481
Packet forwarding: a closer look 482
Routing daemons and routing protocols 485
Distance-vector protocols 486
Link-state protocols 487
Cost metrics 487
Interior and exterior protocols 488
Protocols on parade 488
RIP and RIPng: Routing Information Protocol 488
OSPF: Open Shortest Path First 489
EIGRP: Enhanced Interior Gateway Routing Protocol 490
BGP: Border Gateway Protocol 490
Routing protocol multicast coordination 490
Routing strategy selection criteria 490
Routing daemons 492
routed: obsolete RIP implementation 492
Quagga: mainstream routing daemon 493
XORP: router in a box 494
Cisco routers 494
Recommended reading 496
Chapter 16 DNS: The Domain Name System 498
DNS architecture 499
Queries and responses 499
DNS service providers 500
DNS for lookups 500
resolv conf: client resolver configuration 500
nsswitch conf: who do I ask for a name? 501
The DNS namespace 502
Registering a domain name 503
Creating your own subdomains 503
How DNS works 503
Name servers 504
Authoritative and caching-only servers 505
Recursive and nonrecursive servers 505
Resource records 506
Delegation 506
Caching and efficiency 508
Multiple answers and round robin DNS load balancing 508
Debugging with query tools 509
The DNS database 512
Parser commands in zone files 512
Resource records 513
The SOA record 516
Table of Contents_xxi
NS records 518
A records 519
A AAA records 519
PTR records 520
MX records 521
CNAME records 522
SRV records 523
TXT records 524
SPF, DKIM, and DMARC records 525
DNSSEC records 525
The BIND software 525
Components of BIND 525
Configuration files 526
The include statement 527
The options statement 528
The acl statement 534
The (TSIG) key statement 534
The server statement 535
The masters statement 535
The logging statement 536
The statistics-channels statement 536
The zone statement 536
Configuring the master server for a zone 537
Configuring a slave server for a zone 538
Setting up the root server hints 539
Setting up a forwarding zone 539
The controls statement for rndc 540
Split DNS and the view statement 541
BIND configuration examples 543
The localhost zone 543
A small security company 544
Zone file updating 547
Zone transfers 548
Dynamic updates 549
DNS security issues 551
Access control lists in BIND, revisited 552
Open resolvers 553
Running in a chrooted jail 554
Secure server-to-server communication with TSIG and TKEY 554
Setting up TSIG for BIND 555
DNSSEC 557
DNSSEC policy 558
DNSSEC resource records 558
Turning on DNSSEC 560
Key pair generation 560
xxii
1INIX and Linux System Administration Handbook
Zone signing
The DNSSEC chain of trust 564
DNSSEC key rollover 565
DNSSEC tools 566
ldns tools, nlnetlabs nl/projects/ldns 566
dnssec-tools org 566
RIPE tools, ripe net 567
OpenDNSSEC, opendnssec org 567
Debugging DNSSEC 567
BIND debugging 568
Logging in BIND 568
Channels 569
Categories 570
Log messages 570
Sample BIND logging configuration 573
Debug levels in BIND 573
Name server control with rndc 574
Command-line querying for lame delegations 575
Recommended reading 576
Books and other documentation 577
On-line resources 577
The RFCs 577
Chapter 17 Single Sign-On 578
Core SSO elements 579
LDAP: “lightweight” directory services 580
Uses for LDAP 580
The structure of LDAP data 581
OpenLDAP: the traditional open source LDAP server 582
389 Directory Server: alternative open source LDAP server 583
LDAP Querying 584
Conversion of passwd and group files to LDAP 585
Using directory services for login 586
Kerberos 586
Linux Kerberos configuration for AD integration 587
FreeBSD Kerberos configuration for AD integration 587
sssd: the System Security Services Daemon 589
nsswitch conf: the name service switch 590
PAM: cooking spray or authentication wonder? 590
PAM configuration 591
PAM example 592
Alternative approaches 594
N1S: the Network Information Service 594
rsync: transfer files securely 594
Recommended reading 595
Table of Contents
xxiii
Chapter 18 Electronic Mail 596
Mail system architecture 597
User agents 597
Submission agents 598
Transport agents 598
Local delivery agents 599
Message stores 599
Access agents 599
Anatomy of a mail message 600
The SMTP protocol 603
You had me at EHLO 604
SMTP error codes 604
SMTP authentication 604
Spam and malware 605
Forgeries 606
SPF and Sender ID 606
DKIM 607
Message privacy and encryption 607
Mail aliases 608
Getting aliases from files 610
Mailing to files 611
Mailing to programs 611
Building the hashed alias database 612
Email configuration 612
sendmail 613
The switch file 614
Starting sendmail 615
Mail queues 616
sendmail configuration 617
The m4 preprocessor 617
The sendmail configuration pieces 618
A configuration file built from a sample me file 619
Configuration primitives 620
Tables and databases 620
Generic macros and features 621
0STYPE macro 621
DOMAIN macro 621
MAILER macro 622
FEATURE macro 622
use_cw_file feature 622
redirect feature 623
always_add_domain feature 623
access_db feature 623
virtusertable feature 624
iv
1INIX and Linux System Administration Handbook
ldap_routing feature 624
Masquerading features 625
MAIL_HUB and SMART_HOST macros 626
Client configuration 626
m4 configuration options 627
Spam-related features in sendmail 628
Relay control 62^
User or site blacklisting 630
Throttles, rates, and connection limits 631
Security and sendmail 632
Ownerships 633
Permissions 634
Safer mail to files and programs 634
Privacy options 635
Running a chrooted sendmail (for the truly paranoid) 636
Denial of service attacks 636
TLS- Transport Layer Security 637
sendmail testing and debugging 638
Queue monitoring 638
Logging 639
Exim 640
Exim installation 640
Exim startup 642
Exim utilities 642
Exim configuration language 643
Exim configuration file 644
Global options 645
Options 645
Lists 646
Macros 647
Access control lists (ACLs) 647
Content scanning at ACL time 650
Authenticators 651
Routers 652
The accept router 653
The dnslookup router 653
The manualroute router 653
The redirect router 654
Per-user filtering through forward files 655
Transports 655
The appendfile transport 655
The smtp transport 656
Retry configuration 656
Rewriting configuration 657
Local scan function 657
Table of Contents
XXV
Logging 657
Debugging 658
Postfix 658
Postfix architecture 659
Receiving mail 659
Managing mail-waiting queues 660
Sending mail 660
Security 661
Postfix commands and documentation 661
Postfix configuration 661
What to put in main cf 662
Basic settings 662
Null client 662
Use of postconf 663
Lookup tables 663
Local delivery 664
Virtual domains 665
Virtual alias domains 666
Virtual mailbox domains 667
Access control 667
Access tables 669
Authentication of clients and encryption 670
Debugging 670
Looking at the queue 671
Soft-bouncing 671
Recommended reading 672
sendmail references 672
Exim references 672
Postfix references 672
RFCs 673
Chapter 19 Web Hosting 674
HTTP: the Hypertext Transfer Protocol 674
Uniform Resource Locators (URLs) 675
Structure of an HTTP transaction 676
HTTP requests 677
HTTP responses 677
Headers and the message body 678
curl: HTTP from the command line 679
TCP connection reuse 680
HTTP over TLS 681
Virtual hosts 681
xxvi
\ anH I imix System Administration Handbook
Web software basics
Web servers and HTTP proxy software
Load balancers
Caches
Browser caches
Proxy cache
Reverse proxy cache
Cache problems
Cache software
Content delivery networks
Languages of the web
Ruby
Python
Java
Node js
PHP
Go
Application programming interfaces (APIs)
Web hosting in the cloud
Build versus buy
Platform-as-a-Service
Static content hosting
Serverless web applications
Apache httpd
httpd in use
httpd configuration logistics
Virtual host configuration
HTTP basic authentication
Configuring TLS
Running web applications within Apache
Logging
NGINX
Installing and running NGINX
Configuring NGINX
Configuring TLS for NGINX
Load balancing with NGINX
HAProxy
Health checks
Server statistics
Sticky sessions
TLS termination
Recommended reading
682
683
684
686
687
688
688
688
689
689
691
691
691
691
691
692
692
692
694
694
695
695
696
696
697
698
699
701
702
702
703
704
704
705
708
708
710
711
712
712
713
714
Table of Contents
xxvii
SECTION THREE: STORAGE
Chapter 20 Storage 717
I just want to add a disk! 718
Linux recipe 719
FreeBSD recipe 720
Storage hardware 721
Hard disks 722
Hard disk reliability 723
Failure modes and metrics 723
Drive types 724
Warranties and retirement 725
Solid state disks 725
Rewritability limits 726
Flash memory and controller types 726
Page clusters and pre-erasing 727
SSD reliability 727
Hybrid drives 728
Advanced Format and 4KiB blocks 729
Storage hardware interfaces 730
The SATA interface 730
The PCI Express interface 730
The SAS interface 731
USB 732
Attachment and low-level management of drives 733
Installation verification at the hardware level 733
Disk device files 734
Ephemeral device names 735
Formatting and bad block management 735
ATA secure erase 737
hdparm and camcontrol: set disk and interface parameters 738
Hard disk monitoring with SMART 738
The software side of storage: peeling the onion 739
Elements of a storage system 740
The Linux device mapper 742
Disk partitioning 742
Traditional partitioning 744
MBR partitioning 745
GPT: GUID partition tables 746
Linux partitioning 746
FreeBSD partitioning 747
xxviii
1 inix and Linux System Administration Handbook
Logical volume management 747
Linux logical volume management 748
Volume snapshots 750
Filesystem resizing 751
FreeBSD logical volume management 753
RAID: redundant arrays of inexpensive disks 753
Software vs hardware RAID 753
RAID levels 754
Disk failure recovery 756
Drawbacks of RAID 5 757
mdadm: Linux software RAID 758
Creating an array 758
mdadm conf: document array configuration 760
Simulating a failure 761
Filesystems 762
Traditional filesystems: UFS, ext4, and XFS 763
Filesystem terminology 764
Filesystem polymorphism 765
Filesystem formatting 766
fsck: check and repair filesystems 766
Filesystem mounting 767
Setup for automatic mounting 768
USB drive mounting 770
Swapping recommendations 770
Next-generation filesystems: ZFS and Btrfs 772
Copy-on-write 772
Error detection 772
Performance 773
ZFS: all your storage problems solved 773
ZFS on Linux 774
ZFS architecture 774
Example: disk addition 775
Filesystems and properties 776
Property inheritance 777
One filesystem per user 778
Snapshots and clones 779
Raw volumes 780
Storage pool management 781
Btrfs: “ZFS lite” for Linux 783
Btrfs vs ZFS 783
Setup and storage conversion 784
Volumes and subvolumes 786
Volume snapshots 787
Shallow copies 788
Table of Contents_xxix
Data backup strategy 788
Recommended reading 790
Chapter 21 The Network File System 791
Meet network file services 791
The competition 792
Issues of state 792
Performance concerns 793
Security 793
The NFS approach 794
Protocol versions and history 794
Remote procedure calls 795
Transport protocols 795
State 796
Filesystem exports 796
File locking 797
Security concerns 798
Identity mapping in version 4 799
Root access and the nobody account 800
Performance considerations in version 4 801
Server-side NFS 801
Linux exports 802
FreeBSD exports 804
nfsd: serve files 806
Client-side NFS 807
Mounting remote filesystems at boot time 810
Restricting exports to privileged ports 810
Identity mapping for NFS version 4 810
nfsstat: dump NFS statistics 811
Dedicated NFS file servers 812
Automatic mounting 812
Indirect maps 814
Direct maps 814
Master maps 815
Executable maps 815
Automount visibility 816
Replicated filesystems and automount 816
Automatic automounts (V3; all but Linux) 817
Specifics for Linux 817
Recommended reading 818
UNIX and Linux System Administration Handbook
Chapter 22 SMB
Samba: SMB server for UNIX 820
Installing and configuring Samba 821
File sharing with local authentication 822
File sharing with accounts authenticated by Active Directory 822
° Q9-3
Configuring shares 0ZJ
Sharing home directories 828
Sharing project directories 824
Mounting SMB file shares 825
Browsing SMB file shares 826
Ensuring Samba security 826
Debugging Samba 822
Querying Samba’s state with smbstatus 827
Configuring Samba logging 828
Managing character sets 829
Recommended reading 829
SECTION FOUR: OPERATIONS
Chapter 23 Configuration Management 833
Configuration management in a nutshell 834
Dangers of configuration management 834
Elements of configuration management 835
Operations and parameters 835
Variables 837
Facts 838
Change handlers 838
Bindings 838
Bundles and bundle repositories 839
Environments 839
Client inventory and registration 840
Popular CM systems compared 841
Terminology 842
Business models 842
Architectural options 843
Language options 845
Dependency management options 846
General comments on Chef 848
General comments on Puppet 849
General comments on Ansible and Salt 850
YAML: a rant 850
Table of Contents_xxxi
Introduction to Ansible 852
Ansible example 853
Client setup 855
Client groups 857
Variable assignments 858
Dynamic and computed client groups 859
Task lists 860
state parameters 862
Iteration 862
Interaction with Jinja 863
Template rendering 863
Bindings: plays and playbooks 864
Roles 866
Recommendations for structuring the configuration base 868
Ansible access options 869
Introduction to Salt 871
Minion setup 873
Variable value binding for minions 874
Minion matching 876
Salt states 877
Salt and Jinja 878
State IDs and dependencies 880
State and execution functions 882
Parameters and names 883
State binding to minions 886 |
| any_adam_object | 1 |
| author | Nemeth, Evi Snyder, Garth Hein, Trent R. Whaley, Ben Mackin, Dan |
| author_GND | (DE-588)102354850X (DE-588)108114226X (DE-588)1142541452 |
| author_facet | Nemeth, Evi Snyder, Garth Hein, Trent R. Whaley, Ben Mackin, Dan |
| author_role | aut aut aut aut aut |
| author_sort | Nemeth, Evi |
| author_variant | e n en g s gs t r h tr trh b w bw d m dm |
| building | Verbundindex |
| bvnumber | BV044559564 |
| classification_rvk | ST 261 |
| ctrlnum | (OCoLC)1006711223 (DE-599)BSZ493578315 |
| dewey-full | 005.43 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.43 |
| dewey-search | 005.43 |
| dewey-sort | 15.43 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| edition | Fifth edition |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nam a2200000 c 4500</leader><controlfield tag="001">BV044559564</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20241127</controlfield><controlfield tag="007">t|</controlfield><controlfield tag="008">171027s2018 xx a||| |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780134277554</subfield><subfield code="c">pbk.</subfield><subfield code="9">978-0-13-427755-4</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0134277554</subfield><subfield code="c">pbk.</subfield><subfield code="9">0-13-427755-4</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1006711223</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BSZ493578315</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-11</subfield><subfield code="a">DE-384</subfield><subfield code="a">DE-29T</subfield><subfield code="a">DE-M158</subfield><subfield code="a">DE-523</subfield><subfield code="a">DE-19</subfield><subfield code="a">DE-20</subfield><subfield code="a">DE-355</subfield><subfield code="a">DE-1050</subfield><subfield code="a">DE-703</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.43</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 261</subfield><subfield code="0">(DE-625)143633:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Nemeth, Evi</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)102354850X</subfield><subfield code="4">aut</subfield></datafield><datafield tag="240" ind1="1" ind2="0"><subfield code="a">UNIX system administration handbook</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">UNIX and Linux system administration handbook</subfield><subfield code="c">Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat</subfield></datafield><datafield tag="246" ind1="1" ind2="3"><subfield code="a">UNIX and Linux system administration handbook</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Fifth edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boston</subfield><subfield code="b">Addison-Wesley</subfield><subfield code="c">[2018]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">© 2018</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">xlvi, 1180 Seiten</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">UNIX</subfield><subfield code="0">(DE-588)4061835-3</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">LINUX</subfield><subfield code="0">(DE-588)4337730-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Systemverwaltung</subfield><subfield code="0">(DE-588)4257084-0</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">UNIX (Computer file)</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Linux</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Operating systems (Computers)</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">LINUX</subfield><subfield code="0">(DE-588)4337730-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">UNIX</subfield><subfield code="0">(DE-588)4061835-3</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Systemverwaltung</subfield><subfield code="0">(DE-588)4257084-0</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Snyder, Garth</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Hein, Trent R.</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Whaley, Ben</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)108114226X</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Mackin, Dan</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1142541452</subfield><subfield code="4">aut</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="z">978-0-13-427830-8</subfield></datafield><datafield tag="780" ind1="0" ind2="0"><subfield code="i">Vorangegangen ist</subfield><subfield code="b">4. ed., 1. print., 20th anniversary ed.</subfield><subfield code="d">2011</subfield><subfield code="z">978-0-13-148005-6</subfield><subfield code="w">(DE-604)BV036796305</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HEBIS Datenaustausch</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029958214&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="883" ind1="1" ind2=" "><subfield code="8">1\p</subfield><subfield code="a">cgwrk</subfield><subfield code="d">20201028</subfield><subfield code="q">DE-101</subfield><subfield code="u">https://d-nb.info/provenance/plan#cgwrk</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-029958214</subfield></datafield></record></collection> |
| id | DE-604.BV044559564 |
| illustrated | Illustrated |
| indexdate | 2024-11-27T17:00:17Z |
| institution | BVB |
| isbn | 9780134277554 0134277554 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-029958214 |
| oclc_num | 1006711223 |
| open_access_boolean | |
| owner | DE-11 DE-384 DE-29T DE-M158 DE-523 DE-19 DE-BY-UBM DE-20 DE-355 DE-BY-UBR DE-1050 DE-703 |
| owner_facet | DE-11 DE-384 DE-29T DE-M158 DE-523 DE-19 DE-BY-UBM DE-20 DE-355 DE-BY-UBR DE-1050 DE-703 |
| physical | xlvi, 1180 Seiten Illustrationen |
| publishDate | 2018 |
| publishDateSearch | 2018 |
| publishDateSort | 2018 |
| publisher | Addison-Wesley |
| record_format | marc |
| spelling | Nemeth, Evi Verfasser (DE-588)102354850X aut UNIX system administration handbook UNIX and Linux system administration handbook Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat UNIX and Linux system administration handbook Fifth edition Boston Addison-Wesley [2018] © 2018 xlvi, 1180 Seiten Illustrationen txt rdacontent n rdamedia nc rdacarrier UNIX (DE-588)4061835-3 gnd rswk-swf LINUX (DE-588)4337730-0 gnd rswk-swf Systemverwaltung (DE-588)4257084-0 gnd rswk-swf UNIX (Computer file) Linux Operating systems (Computers) LINUX (DE-588)4337730-0 s DE-604 UNIX (DE-588)4061835-3 s Systemverwaltung (DE-588)4257084-0 s 1\p DE-604 Snyder, Garth Verfasser aut Hein, Trent R. Verfasser aut Whaley, Ben Verfasser (DE-588)108114226X aut Mackin, Dan Verfasser (DE-588)1142541452 aut Erscheint auch als Online-Ausgabe 978-0-13-427830-8 Vorangegangen ist 4. ed., 1. print., 20th anniversary ed. 2011 978-0-13-148005-6 (DE-604)BV036796305 HEBIS Datenaustausch application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029958214&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis 1\p cgwrk 20201028 DE-101 https://d-nb.info/provenance/plan#cgwrk |
| spellingShingle | Nemeth, Evi Snyder, Garth Hein, Trent R. Whaley, Ben Mackin, Dan UNIX and Linux system administration handbook UNIX (DE-588)4061835-3 gnd LINUX (DE-588)4337730-0 gnd Systemverwaltung (DE-588)4257084-0 gnd |
| subject_GND | (DE-588)4061835-3 (DE-588)4337730-0 (DE-588)4257084-0 |
| title | UNIX and Linux system administration handbook |
| title_alt | UNIX system administration handbook UNIX and Linux system administration handbook |
| title_auth | UNIX and Linux system administration handbook |
| title_exact_search | UNIX and Linux system administration handbook |
| title_full | UNIX and Linux system administration handbook Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat |
| title_fullStr | UNIX and Linux system administration handbook Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat |
| title_full_unstemmed | UNIX and Linux system administration handbook Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin ; with James Garnett, Fabrizio Branca, and Adrian Mouat |
| title_short | UNIX and Linux system administration handbook |
| title_sort | unix and linux system administration handbook |
| topic | UNIX (DE-588)4061835-3 gnd LINUX (DE-588)4337730-0 gnd Systemverwaltung (DE-588)4257084-0 gnd |
| topic_facet | UNIX LINUX Systemverwaltung |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=029958214&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT nemethevi unixsystemadministrationhandbook AT snydergarth unixsystemadministrationhandbook AT heintrentr unixsystemadministrationhandbook AT whaleyben unixsystemadministrationhandbook AT mackindan unixsystemadministrationhandbook AT nemethevi unixandlinuxsystemadministrationhandbook AT snydergarth unixandlinuxsystemadministrationhandbook AT heintrentr unixandlinuxsystemadministrationhandbook AT whaleyben unixandlinuxsystemadministrationhandbook AT mackindan unixandlinuxsystemadministrationhandbook |