ebook img

Linux System Admin- istration PDF

856 Pages·2008·52.65 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Linux System Admin- istration

Contents at a Glance Introduction I LinuxDeploymentand Installation 1 IssuesinLinuxInstallation 7 2 AutomatedInstallation 21 II GeneralSystemAdministration 3 UserandGroupAdministration 33 4 BootingUpandShuttingDown 53 5 UsingxdmtoCreateanXWindowsApplication Server 71 6 AuthenticatingUsersandNetworkResources 83 Using 7 SchedulingTasks 103 8 LinuxProcessManagementandDaemons 117 9 InstallingandUsingRAID 143 10 BackUpandRestore 157 Linux 11 BuildingtheLinuxKernel 193 12 CapacityPlanning 213 III NetworkManagement 13 LinuxNetworkConfigurationandTCP/IP 229 System 14 PrinterandFileSharingwithNFSandSamba 267 15 RoutingwithLinux 289 16 LinuxMailServiceswithsendmail 309 17 FaxServers 343 Admin- IV Securityand Stability 18 GeneralSecurityIssues 387 19 LinuxandFirewalls 399 20 LogManagementandAnalysis 433 istration V TheInternetand theIntranet 21 UsingLinuxAsanIntranetServer 447 22 DNS 455 23 ApacheandtheWorldWideWeb 481 ArmanDanesh 24 LinuxDatabaseServers 517 25 Dynamic,Data-DrivenWebSites 545 Gautam Das 26 NewsServices 569 Ram Samudrala 27 FTPServers 591 VI Appendixes A LinuxCommandReference 625 B LinuxHardwareSupport 717 Index 809 201W.103rdStreet Indianapolis,Indiana46290 ii Special Edition Using Linux System Associate Publisher Administration Tracy Dunkelberger Copyright# 2000byQue Acquisitions Editor Gretchen Ganser Allrightsreserved. No partofthis bookshallbe reproduced,stored ina retrievalsystem, ortransmittedby Development Editor anymeans, electronic,mechanical,photocopying,record- Maureen A. McDaniel ing,orotherwise,withoutwritten permissionfromthe TechnicalEditor publisher.Nopatentliabilityisassumedwithrespecttothe BrianWalters useofthe informationcontainedherein.Althoughevery ManagingEditor precautionhasbeen takeninthepreparationofthis book, MattPurcell thepublisherandauthorassumenoresponsibilityforerrors oromissions.Nor isany liabilityassumedfor damages ProjectEditor NatalieF. Harris resultingfromtheuseoftheinformationcontainedherein. CopyEditor InternationalStandardBook Number:0-7897-2352-2 CynthiaFields LibraryofCongress CatalogCard Number:00-100144 Indexer TinaTrettin Printedin theUnited StatesofAmerica Proofreaders FirstPrinting:June 2000 JuliCook MaribethEchard 02 01 00 4 3 2 1 TeamCoordinator Trademarks CindyTeeters Alltermsmentionedin thisbookthatareknowntobe InteriorDesigner trademarksorservice markshavebeen appropriately RuthHarvey capitalized.Quecannotattesttothe accuracyofthis CoverDesigners information.Useofa termin thisbookshouldnotbe DanArmstrong regardedasaffecting thevalidity ofany trademarkor RuthHarvey servicemark. Production ThispublicationwasproducedusingtheAdvent 3B2 BrandonAllen PublishingSystem. SusanGeiselman CherylLynch Warning and Disclaimer Everyefforthasbeen madetomakethis bookascomplete andasaccurateaspossible,but no warrantyorfitness is implied.Theinformation providedis onan‘‘as is’’basis. Theauthorsandthepublisher shallhaveneitherliability norresponsibilitytoanypersonorentitywithrespecttoany lossordamagesarising fromtheinformationcontainedin thisbook. Contents iii Table of Contents Deletingand DisablingUsers 45 Disabling Users 46 DeletingUserAccounts 47 PasswordSecurityandShadow I Linux Deployment and Passwords 48 Installation 5 UsingMD5 Encryption 48 Usingthe ShadowPasswordSuite 49 1 Issues in Linux Installation 7 Troubleshooting 50 Installationand theDistributions 8 4 Booting Up and Shutting Down 53 HardwareConcerns 8 BootingUp 54 Linux DeviceNaming 10 LoadingLinux intoMemory 54 Kernel Initialization andHardware Linux PartitioningSchemes 14 Configuration 56 SwapPartitions 16 Startup ofSpecialKernel Using fdisk 16 Threads 60 Linux Run Levels 60 2 Automated Installation 21 Running InitializationScriptsin Issuesin AutomatedInstallation 22 /etc/rc.d Directory 62 Single-User Mode 64 Automated InstallationwithRedHat’s MultiuserOperating Mode 65 Kickstart 22 ShuttingDown 65 TheKickstartConcept 22 Buildinga KickstartConfiguration shutdown 65 File 22 telinit andinit 66 KickstartUsingaBootFloppyDisk 27 halt 66 KickstartUsingaDHCPServer 27 reboot 67 Ctrl+Alt+Del 67 Troubleshooting 29 Troubleshooting 67 HardwareProblems 68 File SystemCorruption 68 II General System Administration 31 NewlyBuiltKernel Won’tBoot 68 Errors inStartup Scripts 69 3 User and Group Administration 33 Usersand Groups inLinux 34 5 Using xdm to Create an X Windows The /etc/passwd File 34 Application Server 71 The /etc/group File 37 WhatIsanXApplication Server? 72 CreatingUsers 38 UnderstandingtheRelationship CreatingUsersManually 38 Between Clientand Serverinthe CreatingUserswith aSystem X WindowsSystem 72 Utility 40 ChangingUserInformation(Name, DefaultShell,andSo Forth) 42 iv Special EditionUsingLinux SystemAdministration Using xdm toCreate Linux-BasedLogins TransferingtheNew NIS Mapsfrom for XWorkstations andTerminals 73 theNewMaster ServertotheOld CustomizingthexdmLoginPrompt 78 MasterServer 94 ConfiguringaLinuxClienttoObtainIts PushingtheNewMapsfrom theOld LoginPromptfrom aRemote xdm MasterServerto AllSlaveServers 95 Server 79 RetiringtheOld MasterServer 95 Troubleshooting 80 RemovinganNISSlave Server 95 AnAlternateApproachtoEditing 6 Authenticating Users and Network ypservers 96 Resources 83 MaintainingNIS Maps 96 EditingNIS Maps 96 NetworkAuthentication inUNIXand Linux 84 SynchronizingNIS Mapsona Schedule 97 NIS NetworkConfigurations 84 OtherNISPrograms 97 RoutedNetwork 85 Understandingthe NameServer NIS Maps 86 Switch 98 SettingUpanNIS MasterServer 87 UsefulScripts 99 SettinganNIS DomainName 87 add-rm-ypservers 100 Populating ConfigurationFiles Troubleshooting 101 for theNIS Maps 88 Running ypinit 88 MakingSureEverything Is 7 Scheduling Tasks 103 Running 88 SchedulingTasksinLinux 104 SettingUpanNIS Client 89 SettingtheNIS DomainName inthe Usingthe crond Daemon 104 /etc/yp.conf File 89 The crontab ConfigurationFile 105 Running ypbind 90 EditingUsers’ crontab Files 107 Editingthe /etc/passwd File 90 ControllingUseof crontab with cron.allow and cron.deny 108 Adding anNISSlaveServer 91 SettingtheNIS DomainName 91 Usingthe at Daemon 109 Running ypinit 91 TimeFormatsforthe at Command 110 Moving NISMaster FunctionstoAnother Checkingthe atd Machine 91 Queue 110 CreatingtheNew MasterServer Asa RemovingaJob fromthe atd Queue SlaveServer 92 110 Adding theNewMaster Servertothe RestrictingAccessto atwith at.allow ypservers Database 92 andat.deny 111 Copyingthe /etc Configuration Files 93 UsefulScripts 111 DeletingTimeStampFilesfrom fschecker 111 /var/yp on theNew Master 94 syscheck 113 Running make withthe NOPUSH=1 Troubleshooting 115 Option 94 Contents v 8 Linux Process Management and DifferentRAIDArchitectures 145 Daemons 117 RAID Implementations 147 Linux Processesand Daemons 118 InstallingandConfiguringRAIDin Linux 148 UnderstandingProcesses 118 Supported Controllers 148 What HardwareShouldBe Used? 149 PropertiesandAttributesofProcesses 119 Installation 150 Configuringand TestingYour ProcessPriority 120 Array 152 Features intheEATADMA ProcessCreation 120 Driver 153 MonitoringProcesseswiththe ps Troubleshooting 155 Command 121 Upon Bootup,No SCSIHostsAre ProcessStates 121 Detected 155 Sample ps Output 121 RAID ConfigurationShows UpAs N DifferentDisks 156 MonitoringProcesseswiththe top Machine orControllerIsShut Downin Command 124 the Middleofa Format 156 TheRoleofDaemons 126 SCSI_ABORT_BUSY Errors Produced DuringInitialFileSystemFormat 156 StoppingProcesseswiththe kill Command 127 10 Back Up and Restore 157 Linux Signals 129 WhyBackupIsImportant 158 ChangingProcessPriorities 131 Planninga BackupStrategy 158 TrackingSystemLoad andPerformance TapeDrives 159 withvmstat 133 TestingYour TapeDrive 160 The Procs Section 134 The Memory Section 134 WhatBackupSoftwaretoUse 162 The Swap Section 135 Backing Upwith tar 162 The Io Section 135 Using dump and restore 164 The System Section 135 Backing UpwithAmanda 166 TheCPUsection 135 Interpreting vmstat Output 135 DisasterRecovery 184 Restoringthe OperatingSystemtoa UsefulScripts 137 New Disk 185 chkdaemon 137 chkload 138 Troubleshooting 189 chkswap 139 Amanda IncorrectlyReportsthe Free Spaceon theHoldingDiskand Troubleshooting 140 /tmp 189 amdump Reports AllDisksHave 9 Installing and Using RAID 143 Failed 190 amcheck ReportsPermissions UnderstandingRAID 144 Problems 190 WhyYou ShouldUseRAID 144 Striping 144 vi Special EditionUsingLinux SystemAdministration Amanda HasProblemsWritingto 12 Capacity Planning 213 Tape 190 Using amstatus 191 Planningfor Growth 214 Reasonsfor CapacityPlanning 215 11 Building the Linux Kernel 193 ServerSizing 215 OverviewoftheKernel 194 EstimatingtheWorkload 216 WhyRebuildtheKernel? 195 UnderstandingPerformance Measurement 216 Obtaining NewVersionsofthe Kernel 196 CaseStudy:Practical Tipson Data CollectionandAnalysis 220 ConfiguringtheKernel 197 UsingMRTGtoSizetheInternet Connection 221 CompilingtheKernel 199 TestingYourNew Kernel 200 III Network Management 227 TestingtheKernel WithoutUsinga BootFloppy 201 13 Linux Network Configuration and InstallingModules 201 TCP/IP 229 Installingthe NewKernel 202 UnderstandingTCP/IPNetworking 230 TheOSIReferenceModel 231 Patchingthe Kernel 203 TCP/IPProtocol Stack 232 CleaningUpAfter Patching 204 IPAddresses 233 Subnetworksand NetworkMasks 235 UnderstandingModules 204 LimitationsofClassfulAddressing 237 ClasslessInter-DomainRouting Understandingthe (CIDR) 237 /procFileSystem 205 Routing 239 TuningKernel Parameterswith /proc 206 ConfiguringLinuxNetworking 240 ConfiguringNetworking RedHat SymmetricMultiprocessing 207 Linux6.2 240 ManualLinux Network Troubleshooting 209 Configuration 247 YourKernel Doesn’tCompile 210 ConfiguringMulti-Homed Hosts 252 YourNew Kernel Doesn’tBoot 210 ImplementingMultiple VirtualIP YourSystemWon’t Boot 210 Addresses 253 YourSystemCan’tFind aCompressed Kernel ImageFile 211 Troubleshooting 254 YouCannotCompile OtherPrograms LinuxNetworkTroubleshooting After aKernel Upgrade 211 Utilities 255 YourKernel IsToo LargeandToo Slow 212 YouHaveProblemswithYour Parallel PortorPrinter 212 YouHaveProblemswithYour CD-ROMDrive 212 Contents vii 14 Printer and File Sharing with NFS and OpenShortestPath FirstRouting Samba 267 Protocol 300 WhatIs Samba? 268 Troubleshooting 306 Local HostCannotAccessRemote Getting SambaUpandRunning 268 Host 307 HostConnectionsFail for Certain The smb.conf File 270 Applications 308 Testingyoursmb.conf File 273 PoorPerformance 308 Hostand RouterSubnetMask SharingLinux Fileswith Samba 273 Mismatch 308 OSPFRouters NotEstablishing SharingLinux Printers withSamba 275 Neighbors 308 UsingLinux Asa SambaClient 276 AccessingSharedPrinters with 16 Linux Mail Services with sendmail 309 Samba 278 EmailSystems 310 WhatIs NFS? 280 Physical ComponentsofaMail Network 310 ConfiguringNFS 281 Software Componentsofa Mail UserPermissions andNFS 282 System 312 Mailboxes 313 AccessingRemoteSharedDirectorieswith Mail Aliases 314 NFS 283 Mail Addresses 315 ConfiguringlpdforRemotePrinting 283 Usingsendmail 315 ConfiguringaLocalPrinter 284 sendmailfilesand directories 317 AllowingRemotePrinter The sendmail.cf Configuration Connections 285 File 320 ConfiguringaRemoteClienttoPrintto Configuringsendmailwith m4 329 aLinux PrintServer 285 Addressing SecurityIssueswith sendmail 331 Troubleshooting 286 sendmailLogs 332 15 Routing with Linux 289 IMAPand POP3Servers 335 BasicRoutingPrinciples 290 Usingprocmail 336 Linux SoftwareforRouting 292 Troubleshooting 337 Kernel Modulesfor Routing 293 Problemswith .forward Files 337 The route Utility 293 Manually ProcessingtheMail PrepackagedRouting Queue 338 Distributions 295 DeterminingtheVersionof sendmail 339 Creatinga LAN-to-LANRouterwith Connectionstothe SMTPPortTaking Linux 296 a LongTime 340 Relaying DeniedErrors 340 DynamicRouting 297 File andDirectory Permissionsfor TypesofRoutingProtocols 297 sendmailVersion8.9 andHigher 340 RoutingInformationProtocol 298 viii Special EditionUsingLinux SystemAdministration UsingWildcardMailExchangers for IV Security and Stability 385 YourDomain 341 OtherMailRelayingProblems 341 18 General Security Issues 387 17 Fax Servers 343 Securityina NetworkedWorld 388 PhysicalSecurity 389 WhatAre FaxServers? 344 Usageand SecurityPolicies 389 SystemSecurity 392 Fax SoftwareforLinux 344 NetworkSecurity 393 InternetSecurity 393 HylaFAX 345 Obtaining HylaFAX 345 SecurityTools 393 InstallingHylaFAX 346 ConfiguringHylaFAXServer 349 KeepingSystems Secure 395 TestingHylaFAX 356 MonitorLogEntries 395 Automating DistributionofReceived ApplySoftwareUpdates 395 Faxes 359 ReacttoSecurityBreaches 396 HylaFAXClient Setup 360 MonitorSourcesofSecurity SettingUpanEmail-FaxGateway 363 Information 396 HylaFAXTransfer Logs 366 HylaFAXcrond Jobs 367 19 Linux and Firewalls 399 TroubleshootingHylaFAX 367 AnExample ofaClient-Side FirewallsandtheInternet 400 Problem 368 AnExample ofaServer-Side TypesofFirewalls 401 Problem 368 Packet-FilteringFirewalls 401 DebuggingCommunication ProxyServer Firewalls 403 Problems 369 IPMasqueradingProxyServers 403 UsingEfax 371 FirewallsandNetworkArchitecture 404 InstallingEfax 371 ConfiguringEfax 372 SettingUpaLinux Firewall 406 Sending FaxeswithEfax 373 IPPacketFilteringandIPMasquerading Receiving FaxeswithEfax 374 UsingIPCHAINS 407 SettingUpa FaxPrintServer 375 PuttingIt AllTogether 418 IPPortForwarding 428 Extending EfaxwithQfax 377 InstallingQfax 377 Troubleshooting 429 Sending FaxesbyEmail 382 ipchains-L Freezes 429 ManagingQfax 383 DNSLookupsFail Partofthe Time 429 TroubleshootingEfaxand Qfax 384 IPMasqueradingDoesNotWork 430 4096MasqueradedTCP andUDP ConnectionsAreInsufficient 430 Contents ix 20 Log Management and Analysis 431 Troubleshooting 476 Domain NamesMissing theTrailing LoggingActivityin Linux 432 Dot 476 ForgettingtoIncrementtheSOA Serial The syslog Daemon 433 Number 477 MakingChanges tothe syslog.conf ForgettingtoSignalnamedAfterMaking File 436 Changes toZoneData 477 ForgettingReverseDNSRecords 478 LogRotation 436 Invalid GlueRecord 478 The logrotate Utility 437 Lack ofCoordination AmongDNS Administrators 478 Case Study:UsefulScripts 441 SourceCodefor su-report 442 Misconfigured resolv.conf File 478 SourceCodefor failed-su 442 Outdated root.hints File 479 23 Apache and the World Wide Web 481 V The Internet and the Intranet 445 LinuxAs aWebServerPlatform 482 21 Using Linux As an Intranet Server 447 Apache’sRole Asa LinuxHTTP Server 482 UnderstandingIntranets 448 Linux Asa WebServer 448 ConfiguringApache 483 Linux Asa DatabaseServer 451 The httpd.conf File 483 Linux Asa NewsServer 452 The srm.conf File 492 Linux Asa MailServer 452 The access.conf File 497 HardwareRequirements 453 ApacheModules 499 22 DNS 455 ManagingApache 501 Starting theServer 501 TheDomain NameSystem 456 StoppingtheServer 502 RestartingtheServer 502 DNSNameResolution 457 Testingthe Server’sStatus and SettingUpNameServers 458 ConfigurationFiles 502 ResolvingNames 468 DNSMaintenance 472 VirtualHostingwithApache 502 Creating DNSEntriesfor Each Load BalancingwithDNS 473 Site 503 Creating aDirectoryHierarchy for the SecuringDNS 474 Sites 504 RestrictingZoneTransfersto ConfiguringApache toServeEach DesignatedSlaveServers Only 474 Site 504 RestrictingZoneTransfersfrom ProvidingBackwardCompatibility 505 SecondaryServers 475 RestrictingQueriestoYour Name MonitoringYourWebSiteThrough the Server 475 Logs 507 The AccessLog file 507 UsefulScripts 476 The ErrorLog File 510 ManagingLogs 511 x Special EditionUsingLinux SystemAdministration BasicWebSite Security 512 25 Dynamic, Data-Driven Web Sites 545 SetYourFileandDirectoryPermissions Correctly 512 UnderstandingDynamic, InteractiveWeb ConsiderYourUseofServer-Side Sites 546 IncludesCarefully 513 CGI-BINProgramming 546 ConsiderAllowingUsersAccessto ServerAPIProgramming 548 CGI-BINScriptsCarefully 513 ExamineYourCGI-BINScripts 514 SoftwareforConnecting WebSitesto DoNotAllowUserstoOverrideGlobal Databases 549 Settings 514 PHP 549 DenyDefaultAccess 515 Zope 549 Web+ 550 Troubleshooting 515 ColdFusion 550 InstallingPHP 551 24 Linux Database Servers 517 PHPInstallationConfiguration Linux Asa DatabaseServer 518 Parameters 552 Creatinga LinuxDatabaseServer 519 AnOverviewofPHPScripting 560 DeterminingYourDatabaseServer’s CreatingaSimpleDynamicWebSite HardwareRequirements 519 withPHP 562 Obtaining andInstallingMySQL 520 Troubleshooting 565 ConfiguringandTestingMySQL 521 PHPStops WorkingAfter Installing DatabaseManagement 528 FrontPageExtensionsfor Apache 566 Startingand StoppingtheServer 528 PHPFiles Are DisplayedAsSource Connectingtothe Server 528 CodebyApache 566 Creatingand DeletingDatabases and PHPFailstoCompile Becauseofa Tables 529 MissingLibrary 566 InteractingwithDatabases Using PHPFailstoConnect toMyDatabase SQL 533 Server 567 Backing UpYourDatabases 538 ManagingUsersand Permissions 539 26 News Services 569 Troubleshooting 542 ABriefHistoryofUsenet 570 Receiving the MySQLserverhasgone away Error 542 NewsGroupHierarchies 570 Receiving the Host<hostname>is HardwareRequirements 571 blocked Error 542 Receiving the Toomanyconnections InstallingINN2.2.1 571 Error 543 ReceivingtheOutofmemoryErrorWhen GeneralOverviewofINN 572 Executinga SQLCommand 543 ReceivingIncomingNewsFeeds 573 ReceivingtheAccessDeniedError 543 ProcessingOutgoingNewsFeeds 574 ServicingNewsReadersandFacilitating theReadingandPostingof Articles 574 ExpiringArticles 574 LoggingAllActivity 574

Description:
12 Capacity Planning 213 13 Linux Network Configuration and TCP/IP 229 27 FTP Servers 591 International Standard Book Number: 0-7897-2352-2 diverse as Adobe, Corel, Sun, Oracle, and Allaire. In fact, it Administrators of Linux systems who need a guide and a reference for their work.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.