ebook img

Linux in Action PDF

386 Pages·2018·17.04 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Linux in Action

David Clinton M A N N I N G Linux in Action topics Chapter Skill domains Tools 1 Welcome to Linux Shells, partitions, and file Bash, man systems 2 Linux virtualization: Building a Virtualization, file systems VirtualBox, LXC, apt, yum/dnf safe and simple Linux working environment 3 Remote connectivity: Safely Security, remote connectivity ssh, scp, systemctl, ps, grep accessing networked machines 4 Archive management: Backing Partitions and file systems, text tar, dd, redirects, rsync, locate, split, up or copying entire file systems streams chmod, chown 5 Automated administration: Scripts, system process Scripts, cron, anacron, systemd Configuring automated offsite management, security timers backups 6 Emergency tools: Building Partitions and file systems, device parted, GRUB, mount, chroot a system recovery device management 7 Web servers: Building a Databases, networking, package PHP, MySQL (MariaDB), Apache web MediaWiki server management server, package dependencies 8 Networked file sharing: Building Package management, snapd, file systems, encryption a Nextcloud file-sharing server networking, security 9 Securing your web server Networking, security, system Apache, Iptables, /etc/group, monitoring SELinux, apt, yum/dnf, chmod, chown, Let’s Encrypt 10 Secure your network connections: Networking, security Firewalls, ssh, Apache, OpenVPN, Creating a VPN or DMZ sysctl, easy rsa 11 System monitoring: Working System monitoring, text streams, grep, sed, journal ctl, rsyslogd, with log files security /var/log/, Tripwire 12 Sharing data over a private Networking, partitions, file nfs, smb, ln, /etc/fstab network systems 13 Troubleshooting system System monitoring, system top, free, nice, nmon, tc, iftop, df, performance issues process management, networking kill, killall, uptime 14 Troubleshooting network issues Networking ip, dhclient, dmesg, ping, nmap, traceroute, netstat, netcat(nc) 15 Troubleshooting peripheral devices Device management lshw, lspci, lsusb, modprobe, CUPS 16 DevOps tools: Deploying a scripted Scripts, virtualization Ansible, YAML, apt server environment using Ansible Linux in Action DAVID CLINTON MANNING SHELTER ISLAND For online information and ordering of this and other Manning books, please visit www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact Special Sales Department Manning Publications Co. 20 Baldwin Road PO Box 761 Shelter Island, NY 11964 Email: [email protected] ©2018 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine. Manning Publications Co. Development editor: Frances Lefkowitz 20 Baldwin Road Review editor: Ivan Martinovic´ PO Box 761 Technical development editor: John Guthrie Shelter Island, NY 11964 Project manager: Deirdre Hiam Copyeditor: Frances Buran Proofreader: Tiffany Taylor Technical proofreader: Reka Horvath Typesetter: Gordan Salinovic Cover designer: Marija Tudor ISBN 9781617294938 Printed in the United States of America 1 2 3 4 5 6 7 8 9 10 – DP – 23 22 21 20 19 18 brief contents 1 ■ Welcome to Linux 1 2 ■ Linux virtualization: Building a Linux working environment 22 3 ■ Remote connectivity: Safely accessing networked machines 49 4 ■ Archive management: Backing up or copying entire file systems 68 5 ■ Automated administration: Configuring automated offsite backups 90 6 ■ Emergency tools: Building a system recovery device 109 7 ■ Web servers: Building a MediaWiki server 130 8 ■ Networked file sharing: Building a Nextcloud file-sharing server 155 9 ■ Securing your web server 174 10 ■ Securing network connections: Creating a VPN or DMZ 203 11 ■ System monitoring: Working with log files 229 12 ■ Sharing data over a private network 251 13 ■ Troubleshooting system performance issues 268 iii iv BRIEF CONTENTS 14 ■ Troubleshooting network issues 289 15 ■ Troubleshooting peripheral devices 308 16 ■ DevOps tools: Deploying a scripted server environment using Ansible 322 contents preface xi acknowledgments xii about this book xiv about the author xviii about the cover illustration xix 1 Welcome to Linux 1 1.1 What makes Linux different from other operating systems 2 1.2 Basic survival skills 3 The Linux file system 4 ■ Getting around: Linux navigation tools 5 ■ Getting things done: Linux file management tools 9 Keyboard tricks 13 ■ Pseudo file systems 14 ■ Showing ’em who’s boss: sudo 15 1.3 Getting help 16 Man files 16 ■ Info 16 ■ The internet 17 2 Linux virtualization: Building a Linux working environment 22 2.1 What is virtualization? 23 2.2 Working with VirtualBox 26 Working with Linux package managers 26 ■ Defining a virtual machine (VM) 33 ■ Installing an operating system (OS) 36 Cloning and sharing a VirtualBox VM 39 v vi CONTENTS 2.3 Working with Linux containers (LXC) 41 Getting started with LXC 41 ■ Creating your first container 42 3 Remote connectivity: Safely accessing networked machines 49 3.1 The importance of encryption 50 3.2 Getting started with OpenSSH 51 3.3 Logging in to a remote server with SSH 53 3.4 Password-free SSH access 55 Generating a new key pair 56 ■ Copying the public key over a network 57 ■ Working with multiple encryption keys 59 3.5 Safely copying files with SCP 59 3.6 Using remote graphic programs over SSH connections 60 3.7 Linux process management 61 Viewing processes with the ps command 62 ■ Working with systemd 64 4 Archive management: Backing up or copying entire file systems 68 4.1 Why archive? 69 Compression 69 ■ Archives: Some important considerations 70 4.2 What to archive 71 4.3 Where to back up 73 4.4 Archiving files and file systems using tar 74 Simple archive and compression examples 74 ■ Streaming file system archives 76 ■ Aggregating files with find 78 ■ Preserving permissions and ownership…and extracting archives 79 4.5 Archiving partitions with dd 83 dd operations 83 ■ Wiping disks with dd 84 4.6 Synchronizing archives with rsync 85 4.7 Planning considerations 86 5 Automated administration: Configuring automated offsite backups 90 5.1 Scripting with Bash 91 A sample script for backing up system files 91 ■ A sample script for changing filenames 95 CONTENTS vii 5.2 Backing up data to AWS S3 97 Installing the AWS command-line interface (CLI) 97 Configuring your AWS account 98 ■ Creating your first bucket 99 5.3 Scheduling regular backups with cron 100 5.4 Scheduling irregular backups with anacron 103 Running the S3 sync job 103 5.5 Scheduling regular backups with systemd timers 104 6 Emergency tools: Building a system recovery device 109 6.1 Working in recovery/rescue mode 111 The GRUB bootloader 111 ■ Using recovery mode on Ubuntu 112 ■ Using rescue mode on CentOS 113 ■ Finding command-line rescue tools 113 6.2 Building a live-boot recovery drive 114 System rescue images 115 ■ Writing live-boot images to USB drives 116 6.3 Putting your live-boot drive to work 120 Testing system memory 120 ■ Damaged partitions 122 Recovering files from a damaged file system 124 6.4 Password recovery: Mounting a file system using chroot 126 7 Web servers: Building a MediaWiki server 130 7.1 Building a LAMP server 131 7.2 Manually setting up an Apache web server 133 Installing the Apache web server on Ubuntu 133 ■ Populating your website document root 134 7.3 Installing an SQL database 134 Hardening SQL 136 ■ SQL administration 137 7.4 Installing PHP 140 Installing PHP on Ubuntu 140 ■ Testing your PHP installation 140 7.5 Installing and configuring MediaWiki 141 Troubleshooting missing extensions 142 ■ Connecting MediaWiki to the database 145 7.6 Installing the Apache web server on CentOS 146 Understanding network ports 147 ■ Controlling network traffic 148 ■ Installing MariaDB on CentOS 149 Installing PHP on CentOS 149 viii CONTENTS 8 Networked file sharing: Building a Nextcloud file-sharing server 155 8.1 Enterprise file sharing and Nextcloud 156 8.2 Installing Nextcloud using snaps 157 8.3 Installing Nextcloud manually 159 Hardware prerequisites 159 ■ Building a LAMP server 161 Configuring Apache 161 ■ Downloading and unpacking Nextcloud 163 8.4 Nextcloud administration 166 8.5 Using AWS S3 as the primary Nextcloud storage 169 9 Securing your web server 174 9.1 The obvious stuff 175 9.2 Controlling network access 177 Configuring a firewall 177 ■ Using nonstandard ports 183 9.3 Encrypting data in transit 185 Preparing your website domain 187 ■ Generating certificates using Let’s Encrypt 187 9.4 Hardening the authentication process 189 Controlling file system objects with SELinux 189 ■ Installing and activating SELinux 191 ■ Applying SELinux policies 193 System groups and the principle of least privilege 194 Isolating processes within containers 196 ■ Scanning for dangerous user ID values 197 9.5 Auditing system resources 197 Scanning for open ports 198 ■ Scanning for active services 198 Searching for installed software 199 10 Securing network connections: Creating a VPN or DMZ 203 10.1 Building an OpenVPN tunnel 204 Configuring an OpenVPN server 205 ■ Configuring an OpenVPN client 212 ■ Testing your VPN 214 10.2 Building intrusion-resistant networks 215 Demilitarized zones (DMZs) 216 ■ Using iptables 218 Creating a DMZ using iptables 218 ■ Creating a DMZ using Shorewall 221 10.3 Building a virtual network for infrastructure testing 224

Description:
Linux in Action is a task-based tutorial that will give you the skills and deep understanding you need to administer a Linux-based system. This hands-on book guides you through 12 real-world projects so you can practice as you learn. Each chapter ends with a review of best practices, new terms, and
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.